The integration is a first step towards assessing the overall corporate risks that threaten a company. Yet enacting a plan that conceives security as a cohesive, whole means overcoming entrenched resistance to integrating physical and information security, says Jonathan Ross, president and CEO of , a drug and alcohol treatment center that recently finished such an integration.

Austin Recovery rolled out RedCloud's physical access control systems to secure the campus buildings and doors, linking the technology with its internal human resources directories. Austin Recovery employees with the proper authorization can control the RedCloud system through a secure Web interface.

The security lessons Austin Recovery learned during the integration can show corporate enterprises better ways to lock down information and protect employees and customers.

Rehabilitation centers, like other health care organizations, must comply with Health Information Protection and Portability Act (HIPPA) and other regulations intended to protect personal and medical information, and Austin Recovery works hard at this. Yet the general atmosphere there sometimes collides with the sense among security professionals that data, systems and the physical facility can be better battened down, Ross says. "The helping professions are a challenge. There's a sense things should be open."