I have a customer who has an existing accesses control system connected to his business network (large system). We are now wanting to add video and have provided the network (including cable and PoE switch) reporting to a local VMS server. As of now, there is no integration between the two. Each local VMS server was intended to be connected to a second NIC installed in the existing workstations at the security and reception desks splitting the access control and video application between two monitors (some of which are also existing) on the single CPU. The Customer's IT department is pushing back citing security concerns...despite the fact that the video systems is totally isolated in each location. They instead want two separate CPUs. Needless to say, this is a costly proposition, and in some locations the space is at a premium.
So my questions:
1. Is this a legitimate concern?
2. If yes, then how is an attack initiated?
3. How can I address the Owner's concern? I know there are no guarantees, but I am wondering if the IT department is REALLY concerned or is simply avoiding the additional work involved.
Thanks in advance for your help