Microsoft global system aids worker rescue
- — 23 April, 2009 05:58
It's late November 2008 and anti-government protestors have taken over Bangkok's airport. Thousands of travelers from around the world are literally stranded and fear a violent clash between pro- and anti-government demonstrators.
Just after reports of the problems at the airport surface, Brian Tuskan, senior director of Microsoft Global Security, gets a message on his Windows Mobile phone alerting him that 30 employees who had travelled to Thailand for business are now stuck. It's his job to make sure that Microsoft workers remain safe.
"Our goal was to run incident management in case things went south," Tuskan said of the Bangkok situation.
It sounds far-fetched, like a scene from an action movie, but Microsoft ultimately hired a firm that specializes in whisking people out of such dangerous situations. They managed to fly the workers out of the country from a military airport in Bangkok, within four days. The commercial airport didn't end up opening for a week after the protestors closed it down, and even then it wasn't fully operational, requiring some visitors to stay put even longer.
The quick response from Microsoft was due in part to an integrated global security operations center that Tuskan helped build. Without that system in place, his team might not have realized that company employees were at risk.
The centralized, integrated system uses off-the-shelf technologies, many from Microsoft but some from third parties, and allows security workers to catch thieves, respond to threats of violence on campus, ensure workers are safe after a natural disaster, summon fire fighters or police, and even respond to overheating data centers.
The security system is coordinated out of operations centers located in Redmond, Washington; Reading, England; and Hyderabad, India.
In the center on Microsoft's campus in Redmond, four security workers each sit behind one of about a dozen computers. Each computer has three monitors displaying live video and spreadsheets. On the wall in front of the workers hang three flat screen TVs running the news.
If the workers see a major event happening anywhere in the world on the news, they can very quickly look to see whether Microsoft has any nearby offices or employees. When the recent earthquake hit central Italy, for example, these workers pulled up a map that is overlaid with information about offices and employees.
Locating and zooming in on the epicenter of the quake, they discovered two Microsoft offices near Rome about 50 miles from the earthquake. One office had over 250 people in it. Immediately, security personnel were on the phone accounting for workers, Tuskan said.
The mapping application runs on a combination of products from Microsoft and a company called IDV Solutions. Local security personnel in all of Microsoft's 700 offices worldwide fill in and update an InfoPath form with information about how many people work in the facility, local emergency contacts and other details. Each time they update that form, the new details are automatically sent to SharePoint.
The IDV Solutions product pulls together GIS data and the information from the SharePoint database, overlaying it on Virtual Earth maps. Microsoft security workers simply click on a marker on the map indicating an office and see all the details the local security person has submitted.
Until recently, Microsoft might not have been able to react as quickly either after the earthquake in Italy or the Bangkok airport incident.
"Four years ago, we had VCR tapes. It was kind of embarrassing for Microsoft," Tuskan said.
Before updating its systems, Microsoft's security operations used about 60 proprietary technologies that didn't interoperate. Now, all but two are integrated into a single management and alarm system.
Security personnel in the centers monitor 10,250 card readers, 8,500 cameras and 1,700 voice-over-IP-capable duress intercoms. The card readers unlock doors for authorized access. When someone pushes on a locked door or swipes their card and gets declined, security workers receive an alarm message.
They can then examine video showing who tried the door and look up details connected to the card the person swiped. In addition, each reception desk in every building on the Redmond campus comes equipped with a button under the desk that a receptionist can hit to signal to security that someone is posing a threat.
The security team even monitors hand biometric devices, used to control access to very secure areas where the source code for Microsoft software is stored, Tuskan said.
Since there are so many video cameras, the security workers simply can't sit and watch them all. In one recent incident, two men broke into an office in England. That immediately triggered alarms tied to the doors. After seeing the alarm, security personnel in the U.S. pulled up the live video feed and watched the men who broke in steal a large flat screen monitor. They called the police in the U.K., who responded -- but not quick enough.
After Microsoft shared the video files and other details, the police were able to arrest the men the next day because they were able to connect them to other recent nearby robberies.
Even alarms from Microsoft's giant data centers feed into the centralized system. If the temperature in a data center gets too hot, the security team sends a service request to the organization that runs the data centers, Tuskan said.
The three centers interoperate so that they can handle emergencies remotely in case one goes off line.
In a recent snow storm in Seattle, for example, most of the security workers were unable to get to the Redmond facility. Those who did, got stuck there. The facility has a bunk room and a few days supply of food so they stayed for a couple days, Tuskan said. During that time they were able to shift some of the work load over to the U.K. facility.
Over the last nine months, the company has given probably more than 150 tours of how the Redmond center works, Tuskan said. Large companies, police departments, fire departments and federal security operations are all interested in the technology Microsoft uses, he said.
Recently, the King County, Washington, sheriff took a tour of the center. "We were showing her our work flow procedures and she said, 'We own a lot of your products but we're not using them the way you are'," Tuskan said.
In addition to SharePoint, Virtual Earth, and InfoPath, the center uses Groove collaboration software, Office Communicator and SQL Server. Third party systems include access control and alarm monitoring from Lenel, AlertFind emergency notification, and PPM 2000 incident reporting and management software.
While most of the center appears very high tech, there's at least one very low tech item that's straight out of the movies: a bright red phone. This one doesn't dial direct to the president, or even Bill Gates, though. It's just an old-fashioned wireline phone that can be used in the event that the network fails and the IP phones and radios go down, Tuskan said.