Issue link: https://securitytechnologyexecutive.epubxp.com/i/282968
35 SECURITY TECHNOLOGY EXECUTIVE • February/March 2014 www.SecurityInfoWatch.com rising U.S. security threat levels rapidly were changing the way NCI did business, mak- ing it even more difficult—and increasingly important—for the organization to ensure standard practices and protocols at all of its many locations. With the impending move to one centralized location, the NCI secu- rity team began devising plans to eliminate these existing security weaknesses. NCI faced a number of key challenges including: • No single identification credential -- NCI needed a system that would enable them to embrace FIPS 201-2 for the use of one credential for physical access at all facilities. • Disparate technologies and protocols— no two NCI buildings were alike when it came to the myriad security devices and systems in place. Each location had its own security staff and set of stan- dard operating procedures. For instance, although two campuses might each oper- ate video surveillance and motion detec- tion systems, the providers of those sys- tems were independently selected by the local security staff at each site, and could therefore only be operated by person- nel trained on those specific solutions. This hindered cross-location visibility, and made it impossible for a single com- mand center to effectively operate all NCI security technologies. • No standardized metrics— lacking a consistent way to measure security successes and failures across buildings, NCI was finding it increasingly chal- lenging to identify and address problem areas and gaps in security. • High personnel turnover rate—fac- ing steady turnover of its security and operations personnel, NCI regularly needs to train new employees on its security systems, a timely and costly endeavor with low ROI. • Off-campus personnel— often times, off NIH campus facilities lacked adequate security related information. In some instances, remote personnel received emergency notifications from the NIH mass notification system, making it next to impossible to cohesively aggregate a response from local buildings. In order to address these challenges, NCI sought to establish a single, unified command location that could act as a control center with visibility across all of its sites and personnel while also providing a direct link to and standardized identification protocol for staff members working out- side of regular campuses in lab tech and administrative capacities. The Solution In December 2012, NCI began the process of moving approximately 2,400 NCI staff to a new, LEED Certified facility located in Rockville, Md. Aggregating six buildings into one, the 574,000-foot space and accompany- ing 1,950 spot surface-level parking garage boasted a 24-hour guard force, 24-hour com- mand center and enterprise-level access con- trol and video surveillance system. NCI also began the process of rolling out the organization's first personal identity veri- fication (PIV) system consistent with Federal Identity Credential and Access Management (FIC AM) guidelines. T he new system addressed the inconsistencies in employee identification by establishing a common database to log all employee access, thereby increasing accountability and making it easi- er for NCI to keep tabs on who was entering its facilities at any given time. NCI recognized that rolling out compatible technologies across campus locations would not be enough if there still were no common operating system to integrate the feeds and data from those locations, allowing the new command center to view and work with all of those systems simultaneously. To address this concern, the organization, working with integrator Northrup Grumman, decided to purchase a physical security information management (PSIM) solution that could integrate all its subsystems and technolo- gies into one common operating environ- ment. Selecting PSIM provider VidSys for its Shane Hebert, CFM (L), the Facilities Program Manager at NCI and Jonathan Luhman (R), who is the Project Manager for the built out of NCI's new home in Rockville, MD. STE_34-37_0314 Vidsys.indd 35 3/14/14 11:15 AM