Unless you’ve been living in some far off hinterland for the past couple of decades and more you cannot fail to be au fait with the Microsoft Corporation – the American public multinational headquartered in Redmond, Washington that develops, manufactures, licenses and fully supports a wide range of products and services predominantly devoted to computing.
In fact, without Microsoft’s myriad information platforms and solutions it’s fair to say most businesses and homes in the modern age would be bereft not only of connectivity but, indeed, any chance of what might best be described as ‘information survival’.
Established on 4 April 1975 to develop and sell BASIC interpreters for the Altair 8800, Microsoft rose and then rose again to dominate the home computer operating system market: initially with MS-DOS in the mid-1980s, which was closely followed by the Microsoft Windows line of operating systems now so familiar to us all.
Microsoft would also come to dominate the office suite market with, of course, the ubiquitous and quite superb Microsoft Office suite of solutions.
In recent times, the company has diversified into the video gaming sector with the launch of Xbox and its mighty successor, the Xbox 360 Kinect, as well as dipping a toe in the waters of the consumer electronics and digital services market (with the likes of Zune, MSN and the Windows Phone 7 OS).
For all you fact fans out there, word on the street has it that the ensuing rise of stock in the company’s 1986 initial public offering created an estimated four billionaires and 12,000 millionaires from Microsoft employees.
Suffice it to say that the company’s founders can be very proud of themselves on all counts. In many ways, they’ve made – and continue to make – the world tick.
Focus on integrated security solutions
As you might well expect, implementing and then subsequently monitoring physical security regimes for an enterprise with the sheer scale of Microsoft could be both cumbersome and expensive if traditional approaches were employed and deployed.
In truth, the latter would be nothing if not inefficient and difficult to manage when rolled-out on a global scale.
The monumental nature of the task at hand is defined by the statistics laid before me by technical program manager Mark Abbott at Microsoft’s massively impressive UK campus in the heart of leafy Berkshire.
Think about this… There are over 700 sites worldwide to be monitored (presently 114 of them across the EMEA region alone) along with something in the region of 183,000 active personnel access accounts, 12,000 access card readers, 12,000-plus CCTV cameras connected to 850 IP-addressable DVRs and 330 fire panels. It’s a veritable feast of systems, to be sure.
Those 700-plus sites also play host to more than 5,000 other devices, among them duress alarms, biometric security systems and environmental alarms.
“In reality,” stated Abbott, “Microsoft combines its physical security infrastructure with IT practices using off-the-shelf software applications to create a streamlined, efficient and cost-effective security solution that can be managed from anywhere in the world.”
Global Security Operations Centers (GSOCs)
Abbott’s words would be a neat segue into the realms of why the company has chosen to take the plunge and exhibit at IFSEC for the first time in 2011.
“Microsoft Global Security has launched an initiative to showcase the technologies implemented by Microsoft in a real world operational environment through what are known as Global Security Operations Centers,” explained Abbott, who joined Microsoft nine months ago.
Abbott – who attended the recent ASIS European Security Conference – continued: “The power of our presentation lies in the fact that clients can see how the company manages its own internal security through these industry-leading hubs.”
There are three Global Security Operations Centers, or GSOCs for short: one in Redmond, USA, one in Hyderabad, India and the other at Microsoft’s UK campus deep inside Reading’s Thames Valley Park.
Ultimately, the overriding responsibility for all rests with Microsoft Global Security’s general manager Mike Howard, who’s based in Redmond. On a day-to-day basis, the UK located GSOC is run by manager Peter Nicholson and his team.
Each of the GSOCs is designed to monitor and respond to signal data and event notifications within its own region. Signal data includes intrusion, duress, environment and fire alarm information emanating from all of the equipment related to physical security access control and monitoring.
In addition, the GSOCs facilitate communications and subsequently action the dispatch of on-site security personnel in response to real-time security or fire/Health and Safety episodes.
“Should any of the GSOCs be taken offline due to extenuating circumstances like a power outage, for example,” explained Abbott as he ran through some demonstration files on his laptop, “monitoring loads can then be transferred to one of the other GSOCs within a matter of minutes.”
In practice, monitoring personnel are able to examine building maps and video delivered from any of the cameras located near a reported incident.
“While making an assessment using the GSOC SharePoint site, for example,” continued Abbott, “personnel are able to send instant messages to dispatchers who then relay instructions to local responders by way of radio-over-IP systems.”
This allows a local, precision response to an event monitored, perhaps, from the other side of town – or, indeed, the other side of the world.
Continuing that theme, Abbott went on to state: “The GSOC is, in many ways, a central support agency designed to act as a communications hub for all Microsoft assets worldwide. It’s a model that enables Global Security to respond with immediacy to any incidents that should arise, and ensure that Microsoft’s people, data and assets are fully protected at all times.”
Sharing of knowledge and expertise
This ‘Global Security model’ is now being showcased in a multitude of venues around the world, from major trade shows like IFSEC on the macro scale through to private demonstrations at the micro level.
“From Microsoft’s point of view, IFSEC is seen as a key event which brings together security industry peers and allows us to share our insight,” explained Abbott.
An attraction of the Microsoft Global Security stand at the National Exhibition Centre will, for many, be the absence of slides, proof-of-concepts or what Abbott dubbed ‘vaporware’ (a term used by those in the computer industry to describe a product, typically computer hardware or software, that’s announced to the general public but is never actually released for their digital consumption).
“The company will be sharing its knowledge and demonstrating the products deployed in the Global Security Operations Centers,” said Abbott, who’s sure many of the clients that visit Global Security’s stand and experience the showcase will be “truly amazed at the efficiency and simplicity” of the security solutions on offer.
“Many of the visitors to IFSEC will already have licenses for the Microsoft technology that’ll be on display,” stressed Abbott, who’s employed as a consultant to the company.
“The real draw, though, is that they can learn how to use what systems they already have at their disposal in a new and extraordinary way to effectively manage their physical security operations that bit better.”
All the while, Microsoft’s representatives – more of whom anon – will demonstrate how Microsoft Global Security has really developed the convergence of physical security infrastructure with IT practices.
As stated, this creates a more streamlined, efficient and cost-effective security solution for the end customer that may be managed from virtually anywhere in the world.
Discussing client issues, developing solutions
At IFSEC there will be four technical program managers from the physical security team on hand to discuss clients’ issues and solutions.
Abbott himself as well as Ryan Compton, Mike Levin and Mohan Shanmugasundaram will ably provide visitors to the Microsoft stand with a ‘walk through’ of Microsoft’s technology, demonstrating how the company makes best use of it and answering any questions practitioners might have.
Abbott was quick to point out: “For visitors who express an interest we can offer them tours at our premises or remote demonstrations so that they can visualise our solutions in operation.”
Due to the fact that the Microsoft solution is readily available, configurable and scalable, pretty much any entity – from a small company to a large organisation – is readily able to benefit from its deployment.
In a nutshell, then, the core solution is applicable to all practitioners working either in an advisory, influencing or decision-making role irrespective of their organisation’s scale in the grand scheme of things.
Core components of the Microsoft Global Security model
The Microsoft Global Security model makes best use of leveraging what Abbott described as “a critical cluster” of common Microsoft products right off the shelf – including SharePoint, InfoPath, Bing Maps and Lync Unified Communications – along with partner products such as Visual Fusion courtesy of IDV Solutions and the Mobile Travel Assistant (devised by ConTgo).
SharePoint is an integrated suite of server capabilities that can help improve and enhance a given organisation’s effectiveness by providing comprehensive content management and enterprise search, in turn allowing accelerations of shared business processes and facilitating secure information sharing across boundaries with the aim of better insight.
End users can centrally store, manage and access documents and maintain security of same thanks to detailed and extensible policy management. In terms of the latter, that means being able to define customised document management policies such that access rights might be controlled at a ‘per item’ level. Retention periods and expiration actions may also be defined.
For its part, InfoPath is designed to help the user gather information efficiently and reliably by dint of ‘effective electronic forms solutions’. In essence, it combines the familiar Microsoft Office environment with InfoPath Forms Services to deliver effective business forms solutions.
Lync, meanwhile, streamlines communications by enabling the end user to connect easily with others based in different locations using the communication method that works best.
Thanks to rich presence awareness, software-powered voice capabilities, enterprise class Instant Messaging and multi-party audio and videoconferencing, users might connect and collaborate from any location where there’s reliable Internet access.
Streamlining the management of security operations
As stated, Microsoft GSOCs leverage IDV Solutions’ Visual Fusion business intelligence software.
In practice, data pulled from both internal and external feeds is dynamically displayed together – in the context of geography – over Bing Maps.
The application affords Microsoft Global Security instant access to the key information needed to evaluate risks and take the appropriate action, in turn streamlining the management of security operations.
In respect of the ConTgo application, Abbott told me: “This is great for supporting employees who are travelling across the globe. In the event of an incident, we can determine at the click of a mouse how many members of staff are on the move and where.”
This capability certainly came in handy last January when one of Russia’s busiest airports – Domodedovo – suffered an attack from a suicide bomber.
“We had 27 people travelling ‘in country’,” said Abbott. “Within an hour 24 of them had been able to contact us, the remainder soon after.” That’s impressive stuff.
Indeed, the entirety of Microsoft Global Security’s GSOC set-up is hugely impressive: a blueprint, it might be argued, as to how security could and should be administered in this day and age.
Make sure you visit the company’s stand at IFSEC 2011 and take stock of what Best Practice in security management looks like.
Microsoft Global Security at IFSEC 2011
Hall 4 Stand E160e