By Dr. William Bain, CEO and Founder, ScaleOut Software
The rapidly evolving cyber-physical landscape of large organizations paired with the ongoing COVID-19 pandemic have dramatically increased the need for more responsive and agile security and safety systems. How can organizations gather fast insights and respond in the most intelligent, effective manner possible to maintain a safe and secure work environment for employees?
As millions head back to the office after COVID-19, it’s essential for organizations to navigate how to keep employees safe and maintain both physical and cyber security. For physical security, many organizations have implemented key card access control systems to determine which individuals can access specific areas of a building or campus. Unfortunately, key card access systems typically rely on a back-end database server to control access and log usage. This approach can delay changes in access permissions by minutes as they propagate throughout the system and between buildings. It also does not provide the quick detection and response needed to avoid unwanted access or safety issues.
For example, if an employee is terminated or receives a positive COVID-19 test, they may be granted unauthorized access to work areas due to delayed notification after a change in permission is made to the database. Beyond just running slowly, a card access system typically is unable to track the movement of individuals across buildings in real time.
The ability to track building access in real time could enhance the safety and security of employees. For example, it could aid in contact tracing for COVID-19 by enabling everyone affected by a possible COVID-19 exposure within a building to be immediately notified. It also could track the movement of unauthorized persons across a campus to help pinpoint their location in real time.
Critical Security and Safety Insights in the Moment
How can security systems, such as key card access systems, benefit from new technology to both boost their responsiveness and enable more intelligent, granular responses? An innovative software technique for streaming analytics called “in-memory computing with real-time digital twins (RTDTs)” may provide the answer to addressing these challenges.
Instead of just storing fast-changing data, such as key card swipes and permission changes, in a back-office database server, in memory computing harnesses the power of clusters of commodity servers to host data in memory and analyze that data on the fly. Because in-memory computing can ingest, store, and analyze large volumes of incoming data within milliseconds, it could quickly respond in dynamic situations, for example, by alerting managers and preventing unauthorized access to buildings before they occur.
To manage the complexity of tracking access in organizations with hundreds of thousands of employees and thousands of access points across its buildings, in-memory computing could use software-based RTDTs to track each key card and reader. The digital twin for each key card would track its owner’s access permissions and instantly know whether that employee has been terminated or denied access for other reasons, such as testing positive for COVID-19. Likewise, the digital twin for each access point could quickly instruct the card reader to deny access when permissions change. It also could analyze the pattern of recent accesses to look for unusual situations, such as repeated unauthorized attempts at specific times of day.
RTDTs focus on analyzing data streams for specific data sources, such as key cards and access readers, and they maintain contextual information about their respective data sources to assist in their analysis. These capabilities, combined with the responsiveness and scalability of in-memory computing, enable RTDTs to quickly and intelligently respond in dynamic situations. For example, they could implement highly granular access permissions for card readers and check authorization within a few milliseconds.
Compare the power of RTDTs to the use of database servers for access control. Security systems cannot respond quickly if they just log incoming events and permission changes in a database and need several minutes to propagate changes to access points. Because they require forensic log analysis to reconstruct significant events, they are also blind in dynamic situations, such as the movement of a COVID-19-positive individual between buildings. In contrast, RTDTs could constantly watch the incoming data streams from their corresponding data sources and provide immediate, effective responses.
RTDTs also could be applied to cybersecurity systems to track intrusions at entry points and internal nodes within an organization’s network infrastructure. Security information and event management (SIEM) solutions log activities, such as login attempts and database accesses, to database servers and then apply rules and queries to detect unauthorized access and alert security professionals. This process can create delays that fail to stop kill chains as they develop. RTDTs could track telemetry from an agent at each network node, analyze patterns, and quickly generate alerts. Their contextual knowledge of each network node also could help to eliminate false positives. Working together, multiple RTDTs could build a real-time map of potential kill chains and possibly get ahead of the intruder to block threats.
The threat landscape for the cyber and physical world is rapidly changing even as current technology struggles to respond. In-memory computing with RTDTs may be just the technology that’s needed to accelerate security and safety monitoring and give organizations the real-time intelligence that they need to keep employees safe.
Dr. William L. Bain is founder and CEO of ScaleOut Software, which has been developing software products since 2003 designed to enhance operational intelligence within live systems using scalable, in-memory computing technology. Bill earned a Ph.D. in electrical engineering from Rice University. Over a 40-year career focused on parallel computing, he has contributed to advancements at Bell Labs Research, Intel, and Microsoft, and holds several patents in computer architecture and distributed computing. Bill founded and ran three companies prior to ScaleOut Software. The most recent, Valence Research, developed web load-balancing software and was acquired by Microsoft Corporation to enhance the Windows Server operating system. As an investor and member of the screening committee for the Seattle-based Alliance of Angels, Bill is actively involved in entrepreneurship and the angel community.
Follow Brilliance Security Magazine on Twitter and LinkedIn to ensure you receive alerts for the most up-to-date security and cybersecurity news and information.