Research Content Pipeline
This section provides public visibility into the research topic that we are working on as well as their current status. If you would like to contribute, have ideas to share or make sure that your company is in scope (we never charge for inclusion) please contact us. Find out more about how to access our research here, or contact us.
Upcoming Research Reports & Details
IAM TCO & ROI Modeling Tool (Completed)
Organizations often struggle to understand how the potential implementation of an advanced Identity Assurance and Credentialing program would impact their budgets, resources, operations and achievement against core objectives. From building requirements around compliance, threat models and controls to implementation, workflows and distribution this tool accurately captures and compares various deployment models (cloud, on premise, hybrid) and approaches (methodologies in certification, devices, and configuration) to quickly produce clarity on cost, skills, resource demand, timelines, dependencies, and multiple ways to look at TCO and ROI. Once the data is captured to reflect candidate solutions which can be done very quickly, much of the focus becomes modeling a variety of different potential situations to understand how specific circumstances impact time, cost, resources, return on investment.
Various visual charts are automated and can be used for business case support while meta data is available for supporting deep dive analysis. We built this tool ground up to take the blind spots out of the complex projects, enable accuracy of business cases, and condense the effort. It is not high level, and unlike other tools does not impose assumptions onto clients in order to make it “simple”. Rather, we have built a specific algorithm around a years of experience on these types of projects that automates data entry but correctly abstracts other key values specific to our client speeding up the process to their time can be spent on modeling and finding answers. All of the data, requirements, dependencies, existing and future resources are both customized and accelerated to represent a customized outcome in real time.
Healthcare Provider Workflow Assessment Tool (Completed)
Similar to our IAM TCO and ROI Modeling Tool but build specifically for Healthcare providers. Healthcare is unique in many ways from their customers to their product, how it is delivered and the processes in between. Our approach was to build a tool that captured existing operations and patient engagement against efficiency, workflow, intelligence, and impact on account receivables (time to A/R).
The tool automates the analysis of current state environment and details measured projections for specific improvements across a variety of areas in alignment with common provider goals. The goal of the tool is to gain clarity on how technology may impact patient, doctor and staff engagement activities and identify specific areas that can facilitate projected improvements.
SoC Playbook (updated, February)
The Security Operations Center acts act as real-time monitoring site that provides visual feedback of all systems and networks that are being monitored. The SOC/UOC is the focal point for troubleshooting, software distribution and updating, Access Control Systems and Video Management Systems, performance monitoring, and coordination with the various major corporate entities worldwide. These operations typically contain workstations at which the detailed status of the systems and network can be seen, and reacted to, by operators trained to respond with specialized workflows and instructions. It is fast becoming a hub for unified and measurable enhanced Security, Safety, Communications, Compliance, Business Continuity, Disaster Recovery, and Facility information management.
However, most organizations have only limited functional security operation centers that perform some basic alarm monitoring and security dispatching services. Operators must have the technology, tools, integration, policies and training to properly execute (and measure) a secure and safe environment; particularly in a large and global organization where most things quickly become out of reach. This report studies large global organizational requirements, and walks through the various elements, considerations, methods and policies that are required to either build a program or remediate an existing one to achieve a mature program leveraging a unified control center while still providing a focused cohesive program for the overall organization.
Physical Access Credentials and Readers (February)
Every organization has assets, facilities that contain them and doors to serve as a barrier to protect them. A couple decades ago a mass migration from keyed locks to magnetic stripe then to RFID took place. The objective was not security but to reduce the cost of replacing locks when keys went missing. Due to the pervasive proprietary approach vendors have employed to maintain channel loyalty and lock end users into their supply chain, achieving compatibility in parallel to acquisitions, third party facilities, and migrations to new technology is terribly complex.
This body of research is focused for end users and integrators to understand the variety of technology, trends, differences, and compatibility across the growing technology options from low frequency to high, smart card to and mobile, and other methods to facilitate improved management such as IP, key management and specific protocol standards. The work will explore both common and complex barriers to migration, provide actionable intelligence to build requirements and rank solutions unique to an organizations and their circumstance and outline core methodologies to make the transition. A full vendor and technology landscape will be included.
Smart Card Project Report & Toolkit (updated – March)
This in-depth report is intended for serious enterprises considering a wide-scale functional smart card deployment (as well as other types of devices leveraging PKI). Such projects are often complex not only in deployment, but also in the whole process leading up to and after required to operate and maintain it.
Combined with our expertise, we have gone across the historical large scale base of organizations that have already executed similar deployments and created a body of work that contains reviews of the fundamental technology concepts, use cases and market drivers, requirements assessment methodology, best practices and pitfalls to avoid, and sample architectures for various deployment models along with vendor comparisons (capability and focus).
In addition, we have developed tools purpose-built for executing these insights such as requirements assessment tools that aid in defining the technical and business solution while discovering critical dependencies; sample project plans in Microsoft Project (or Excel); Cost and Budget Calculators that get right down to the budget categories and feature sets while comparing various options; ROI tools to discover what the impact of a solution may have; and business case generation tools to make presenting these findings within a hierarchical organization in a manner in which it is typically reviewed and scrutinized.