Increasing concerns around both physical security and cybersecurity are causing state governments to seek new smart and effective solutions for keeping citizens and their information safe. Phillip Lowery, director of state government, North America at Johnson Controls, and Jason Rosselot, director of global product security at Johnson Controls, answer questions about the challenges of implementing new security measures and how forward-looking state governments are addressing them.
Q: What are some of the biggest security challenges state governments face today?
Phillip Lowery: This year, more attention is being placed on security at government complexes, including re-routing traffic further from key areas and improving the screening of individuals. This stems primarily from concerns around violence erupting due to political divisiveness. In criminal justice facilities, maintaining systems that promote security for officers and inmates continues to be a challenge.
Q: How are clients adhering to specific security regulations or requirements? Are they all driven by federal standards?
PL: In corrections, there are hundreds of safety regulations, UL listings and more – but outside of those, there are also requirements specific to the facility that support how each warden runs their operation.
Jason Rosselot: An integrator, like Johnson Controls, will sit down with the facility personnel to discuss their requirements and develop a custom system that fits their needs. In many government facilities, particularly older buildings, installing new security systems can be difficult due to the Historic Preservation Act. I believe we will start seeing more wireless applications for security and building automation that make installation and commissioning much easier.
Q: What concerns do state governments have about cybersecurity in regard to building automation and smart buildings?
JR: Network breaches are often a concern when discussing smart buildings and automation. It comes down to three “Cs”: control, cameras and communications. Those three elements are in all new facilities, but must be integrated to be effective. It’s important to ensure the network connecting those systems is closed to anyone outside of the facility. This helps stop hackers from jumping into the network.
Q: As cybersecurity and building automation become part of the conversation, what shifts have you seen regarding key stakeholders?
PL: In criminal justice, the shift is minimal since it’s a closed system. However, in all other state facilities, the shift is tremendous. IT is becoming more involved in security through things like stateful packet inspection (SPI), which is basically a firewall that drops all traffic between networks unless specifically authorized.
Q: What are some best practices state governments can use to address physical security concerns and to help prevent a breech or cyber-attack?
JR: Firewalls are still one of the best ways to prevent a breech or cyber-attack, as is making sure IT departments between state facilities are communicating and working together to mitigate cyber-attacks. In terms of physical security, taking a holistic view of the entire facility is key.
PL: The recent merger of Johnson Controls with Tyco allows for bundled, tightly-integrated packages that include security, security integration and other important elements like fire alarms and sprinkler systems. We can bring this bundled package to any state entity, saving time for the state and money for the taxpayer – and ultimately preparing state governments for the future landscape of security needs.