From Artifact to State of the Art: Physical and IT Security Band Together to Modernization Systems at the Smithsonian Institution
Piazza, Peter, Security Management
The Smithsonian Institution, based in Washington, D.C., is one of the world's largest museum and research organizations, with operations stretching from Panama and Hawaii to New York City. Its numerous facilities house more than 142 million objects, some dating back millennia. Until recently, one item that could have been part of the historical collection was the access control system.
THE SMITHSONIAN'S proprietary access control system was built by Hughes Aircraft, which long ago stopped supporting it, according to David Sousa, the Institution's supervisor of security administration. "It wasn't marketable for them since we were about the only one that had it, so we were stuck with a system that nobody would support," he says. "We found ourselves literally rebuilding components and things like that to keep on band-aiding the system."
In 1999, management decided to implement a security system modernization project (SSMP), specifically to upgrade the intrusion detection and access control systems with off-the-shelf products that would be easily serviced. But as that project started moving forward, it became clear that the SSMP needed to do more than just add a new access control system. With some buildings being built and others undergoing renovation, the Smithsonian realized that it was "really the time to do a full-fledged modernization of the entire security system," says Sousa.
At the heart of the new system would be the ability to network the security systems for local buildings to a monitoring center; and, says Sousa, "the natural next step was to network all the video back as well." The central monitoring center would redundantly monitor access control, alarm, and video from Smithsonian facilities around the world,
After years of planning and hard work, the project is only now coming to fruition, with the first complex (containing the Freer Gallery of Art, the National Museum of African Art, the Arthur M. Sadder Gallery, and the S. Dillon Ripley Center) coming online in late October. This complex was se lected as the first to be upgraded because it was situated on the National Mall next to the building that houses the central control center, says Sousa. The idea was to start "with the easiest ones first, before we start flying to New York and Panama and everywhere else," Sousa explains. He expects most of the remaining elements of the system to be up and running by February.
From concept to implementation has been along journey. Along the way, the most important lessons learned involved networking--but not the kind that involves the transfer of data among devices. Rather, it was the free movement of ideas among security professionals on the physical and IT sides that made the difference.
Reaching out. The sticking point to achieving the security project's objectives was finding a way to get all the various types of security information back to the central control station in an efficient and cost-effective manner. Before the upgrade, security communications were traveling over leased external fiber circuits, which are expensive to use over long distances and which allow only limited bandwidth (because they are shared), To find a way around this and other technical problems, the physical security department would need to work together with the information security team, which had not previously been done. Sousa reached out to his colleague Bradley Tesh, senior network engineer in the Smithsonian's Office of Information Technology (located within the Office of the Chief Information Officer, or OCIO), for advice.
"The actual collaboration started," says Tesh, "when David came to network infrastructure and said he wanted a piece of fiber that goes from the Mall out to Dulled' (a suburb of Washington, D.C.), where the Smithsonian's newest museum, the National Air and Space Museum's Steven F. Udvar-Hazy Center, is slated to open this month. Tesh told him that was impossible "unless you're going to run a trencher down Route 66" and lay the cable; moreover, he told Sousa, "the cost of leasing a piece of fiber to make that physical connection would be prohibitive. …