PSIM – Can’t we all just get along?
Hi again. Rachel here. For the past few days I’ve been trying to wrap my head around the concept of PSIM – which, as it turns out, is quite the conversation piece. A typical day working for Steve brings several new terms into my vocabulary and, of course, that’s just the beginning. So when he first defined Physical Security Information Management, I tried to understand it the only way I could – directly.
But after sitting in a room with 40 opinionated security professionals, I’ve learned that this trend isn’t always direct. It carries a different meaning and a different set of consequences for each segment of the security market.
The discussion broke PSIM into three major categories: pieces, processes and goals. Pieces, I learned, can be anything one can view from the highest level, for example – credentials, hardware, or people. Processes are then the actions of those pieces – integrating the technology, training the people, and even more fundamental – trusting the people. The goals of combining the right pieces and processes would be to establish a consistent, repeatable solution – something another company could use as a model.
While I realize my understanding remains at a very basic level, I can see a struggle. If some set of standards cannot be agreed on, how will a reliable model ever be made to follow? People must agree on the overall goal of this security challenge. Some say security is the point and others argue that it’s always about the bottom line.
Steve used a pretty simple situation to apply to just about every business decision. He talked about the first ATM machine. It wasn’t installed so that the bank could secure it’s money. It was put in place so they could fire the tellers and make more money. Sure, security was a result, because they had to monitor and control the transactions, but better business was the point.
So does that mean that security is always a result of improving business and not the initial goal? If so, then maybe everyone should agree on that first. Creating standards based on the wrong concept is kind’ve like building a vehicle without knowing the terrain.