Adjoining islands: Security convergence
Adjoining islands: Security convergence
There are obstacles to integrating physical and logical security, but the upshot is a more seamless operation, says Honolulu CIO Gordon Bruce. Dan Kaplan reports.

When Honolulu was preparing for an expected onslaught of protests that typically mark the annual APEC Economic Leaders' Meeting, city and county leaders knew they had one security measure working in their favor which no one could compromise.

“We are on an island and are 2,500 miles away from the other states,” Gordon Bruce, chief information officer of the city and county, says. “So it's not easy to jump on a bus and come here.”

But the government, of course, didn't simply rely on its geographic isolation to ensure the annual forum – attended by dignitaries of 21 Pacific Rim countries and the United States to discuss economics, trade and investment policies – went off without a hitch. The integration of physical and logical security assets, namely bringing some 300 traffic cameras online under Honolulu's integrated physical and access control monitoring system, also played a major role to ensure there was limited disruption to operations.

“We know where all the cameras are,” Bruce says. “If we need to bring them into some event going on, we can now easily fold them in…The whole point was to limit conflict and encourage participation in the process. The Secret Service even said it was one of the tightest events with which they've ever been a part.”

Since it embarked on a project seven years ago to converge physical and logical security, Honolulu, which makes up the entire 600-square-mile island of Oahu, is an entity that finds itself flaunting a rare synergy: Physical and facilities security and data/network/application security all fall under its Department of Information Technology. In other words, both sides of the house – the guards, gates and guns piece as well as the IT component – all work together under one roof.

“That was a conscious decision that was made in 2005 to bring all that together as one set of security complements,” says Bruce, 62, the CIO for seven years. The result is a more holistic, risk-based approach to security, he says.

Security convergence is certainly nothing new – the Sept. 11, 2001 attacks certainly gave it a healthy push forward – but its widespread adoption remains a work in progress. Brian Contos, senior director and customer security strategist at McAfee, defines convergence as a process by which physical and logical protection can be centrally managed and monitored through analytics, policies and procedures – all the while keeping a clear, communication channel between the two disciplines.