As operations expand and organizations deploy teams throughout the globe or across the country, it’s common for them to have several groups of operators, security officers, analysts, and supervisors, each responsible for separate elements of the security response plan. It's also common that these groups are organized geographically and focused on a local set of buildings, creating “operational islands”.
Being able to manage and route traffic to different locations at the right time is a Next-Gen feature that delivers real customer benefit. Customers want high-priority alarms to go directly to senior staff or a central location with the appropriate authority. They also want to be able to operate smaller SOCs remotely (say overnight) in order to save on staff costs when traffic is light.
AT SUREVIEW WE USE AUTOMATED ROUTING TO:
- Blend Local and Centralized Monitoring
Teams set up specific alarms to be routed for local processing by an operator or guard, while others—perhaps high-priority events—are routed directly to a regional/central SOC. If the local operator needs assistance in busy periods, alarms can also be escalated to the central SOC.
- Enforce Internal Alarm Response SLAs
Teams use routing to enforce internal SLAs. For example, alarms are received by first-line operators, if they don’t respond to the alarm in “x” minutes it is automatically escalated to a level 2 operator and so on up the chain of command.
- Fail Over Alarms from one SOC to Another
In the event any SOC needs operational support (overwhelmed with traffic) or, in extreme circumstances, needs to be evacuated, alarms can automatically be routed to a central SOC for processing.
What Kind of an Impact Does it Make?
We have seen better resource allocation deliver substantial cost savings for our customers, while at the same time, escalating priority alarms has resulted in tangible response benefits. One large global customer reduced the staffing in their SOCs by 10%, simply by deploying this single feature.
Progressive security operations teams are developing comprehensive internal SLAs (Service Level Agreements) to define the way in which alarms should be handled and using Next-Gen PSIMs to automate and enforce these policies.
Download the full whitepaper, Next-Gen PSIM: Top 10 Things Leading Command Centers Expect Today, to learn more.
- NEXT-GEN PSIM: Top 10 Things Leading Command Centers Expect Today
- NEXT-GEN PSIM Top 10: #1 - Deploy Immediately Through SaaS
- NEXT-GEN PSIM Top 10: #2 - Scaling
- NEXT-GEN PSIM Top 10: #3 - Breaking the Cycle of Obsolescence
- NEXT-GEN PSIM Top 10: #4 - Remove the Noise
- NEXT-GEN PSIM Top 10: #5 - Design for Agility