Access control cards/ tags/ fobs - Expert commentary

A Secured Entrance Is The First Defense Against An Active Shooter
A Secured Entrance Is The First Defense Against An Active Shooter

The statistics are staggering. The death tolls are rising. And those who now fear environments that were once thought to be safe zones like school campuses, factories, commercial businesses and government facilities, find themselves having to add the routine of active-shooter drills into their traditional fire drill protocols. The latest active shooter statistics released by the FBI earlier this year in their annual active-shooter report designated 27 events as active shooter incidents in 2018. The report reveals that 16 of the 27 incidents occurred in areas of commerce, seven incidents occurred in business environments, and five incidents occurred in education environments. Deadly active-shooter events Six of the 12 deadliest shootings in the country have taken place in the past five years Six of the 12 deadliest shootings in the country have taken place in the past five years, including Sutherland Springs church, Marjory Stoneman Douglas High School, the San Bernardino regional center, the Walmart in El Paso and the Tree of Life Synagogue in Pittsburgh, which have all occurred since 2015. Although these incidents occurred in facilities with designated entry points common to churches, schools and businesses, the two most deadly active-shooter events since 2015 were the Route 91 Harvest music festival shooting in Las Vegas that left 58 dead and the Pulse nightclub killings in Orlando where 49 perished. As Christopher Combs, special agent in charge of the FBI field office in San Antonio, Texas, said during a news conference following the August 31 mass shooting in Odessa, Texas that claimed seven lives: “We are now at almost every two weeks seeing an active shooter in this country." Active shooter incidents Between December 2000 and December 2018, the FBI’s distribution of active shooter incidents by location looks like this: Businesses Open to Pedestrian Traffic (74) Businesses Closed to Pedestrian Traffic (43) K-12 Schools (39) Institutions of Higher Learning (16) Non-Military Government Properties (28) Military Properties—Restricted (5) Healthcare Facilities (11) Houses of Worship (10) Private Properties (12) Malls (6) What the majority of these venues have in common is they all have a front entrance or chokepoint for anyone entering the facilities, which is why any active-shooter plan must include a strategy to secure that entry point. Situational awareness in perimeter and door security Preventing people with the wrong intentions from entering the space is the goal" According to Paul Franco, an A&E with more than 28 years of experience as a consultant and systems integrator focusing on schools, healthcare and large public and private facilities, that while active shooter incidents continue to rise, the residual effect has been an increase in situational awareness in perimeter and door security. “Certainly, protecting people and assets is the number one goal of all our clients. There are multiple considerations in facilities like K-12 and Healthcare. Preventing people with the wrong intentions from entering the space is the goal. But a critical consideration to emphasize to your client is getting that person out of your facility and not creating a more dangerous situation by locking the person in your facility,” says Franco. High-security turnstiles “Schools today are creating a space for vetting visitors prior to allowing access into the main facility. Using technology properly like high-security turnstiles offer great benefits in existing schools where space constraints and renovation costs can be impractical.” What steps should they be taken when recommending the proper door security to ensure the building is safe As a consultant/integrator, when discussions are had with a client that has a facility in a public space like a corporate building, government center or industrial facility, what steps should they be taken when recommending the proper door security to ensure the building is safe and can protect its people and assets? For Frank Pisciotta, President and CEO of Business Protection Specialists, Inc. in Raleigh, North Carolina, a fundamental element of his security strategy is making appropriate recommendations that are broad-based and proactive. Properly identifying the adversaries “As a consultant, my recommendations must include properly identifying the adversaries who may show up at a client’s door, the likelihood of that event occurring, the consequences of that event occurring, determining if there are tripwires that can be set so an organization can move their line of defense away from the door, educating employees to report potential threats and creating real-time actionable plans to respond to threats. A more reactionary posture might include such thing as target hardening such as ballistic resistant materials at entry access points to a facility,” Pisciotta says. Veteran consultant David Aggleton of Aggleton & Associates of Mission Viejo, California recommends that clients compartmentalize their higher security areas for limited access by adding multiple credential controls (card + keypad + biometric), along with ‘positive’ access systems that inhibit tailgating/piggybacking such as secure turnstiles, revolving door and mantrap if your entrances and security needs meet the required space and access throughput rates. Integrated solution of electronic access control Defining a single point of entry in some public facilities is becoming the new standard of care according to many A&Es and security consultants, especially in a school environment. This approach allows a concerted effort when it comes to staffing, visitor monitoring and an integrated technology solution. The bottom line remains: most buildings are vulnerable to a security breach A proactive stance to securing a door entryway will use an integrated solution of electronic access control, turnstiles, revolving doors and mantraps that can substantially improve a facility’s security profile. The bottom line remains: most buildings are vulnerable to a security breach, so it’s not a matter of if there will be a next active shooter tragedy, it’s only a matter of where. Enhancing access control assurance “There is no easy answer to this question,” says Pisciotta referring to how a secured entrance can deter an active shooter. “There have been at least two high-profile incidents of adversaries shooting their way into a facility through access control barriers. So, if the threat so dictates, a ballistic resistant might be required.” He concludes: “There is obviously no question that turnstiles, revolving doors and man traps enhance access control assurance. Electronic access control is easy to integrate with these devices and providing that credentials are secure, approval processes are in place, change management is properly managed and the appropriate auditing measures in place, access control objectives can be met.”

Why Integrated Access Control Is About More Than Security?
Why Integrated Access Control Is About More Than Security?

Rodrigue Zbinden, CEO at Morphean, discusses the business benefits from merging video surveillance and access control technologies as demand for ACaaS grows. The big question facing businesses today is how they will use the data that they possess to unlock new forms of value using emerging technologies such as the cloud, predictive analytics and artificial intelligence. Some data is better utilized than others: financial services were quick to recognize the competitive advantages in exploiting technology to improve customer service, detect fraud and improve risk assessment. In the world of physical security, however, we’re only just beginning to understand the potential of the data that our systems gather as a part of their core function. Benefits of ‘Integrated access control’ The first thing to look for is how multiple sources of data can be used to improve physical security functionsWhat many businesses have yet to realize is that many emerging technologies come into their own when used across multiple sources of data. In physical security, for example, we’re moving from discussions about access control and CCTV as siloed functions, to platforms that combine information for analysis from any source, and applying machine learning algorithms to deliver intelligent insights back to the business. ‘Integrated access control’ then looks not just to images or building management, but to images, building management, HR databases and calendar information, all at the same time. And some of the benefits are only now starting to become clear. The first thing to look for, of course, is how multiple sources of data can be used to improve physical security functions. For example, by combining traditional access control data, such as when a swipe card is used, with a video processing platform capable of facial recognition, a second factor of authentication is provided without the need to install separate biometric sensors. CCTV cameras are already deployed in most sensitive areas, so if a card doesn’t match the user based on HR records, staff can be quickly alerted. Making the tools cost-Effective In a similar vein, if an access card is used by an employee, who is supposed to be on holiday according to the HR record, then video data can be used to ensure the individual’s identity and that the card has not been stolen – all before a human operator becomes involved. This is driving growth in ‘access control as a service’ (ACaaS), and the end-to-end digitalization of a vital business functionThese capabilities are not new. What is, however, is the way in which cloud-based computing platforms for security analytics, which absorb information from IP-connected cameras, make the tools much more cost effective, accessible and easier to manage than traditional on-site server applications. In turn, this is driving growth in ‘access control as a service’ (ACaaS), and the end-to-end digitalization of a vital business function. With this system set up, only access control hardware systems are deployed on premise while the software and access control data are shifted to a remote location and provided as a service to users on a recurring monthly subscription. The benefits of such an arrangement are numerous but include avoiding large capital investments, greater flexibility to scale up and down, and shifting the onus of cybersecurity and firmware updates to the vendor. Simple installation and removal of endpoints What’s more, because modern video and access control systems transmit data via the IP network, installation and removal of endpoints are simple, requiring nothing more than PoE and Wi-Fi. Of all the advantages of the ‘as a service’ model, it’s the rich data acquired from ACaaS that makes it so valuable, and capable of delivering business benefits beyond physical security. Managers are constantly looking for better quality of information to inform decision making, and integrated access control systems know more about operations than you might think. Integrating lighting systems with video feeds and access control creates the ability to control the lightsRight now, many firms are experimenting with ways to find efficiencies and reduce costs. For example, lights that automatically turn off to save energy are common in offices today, but can be a distraction if employees have to constantly move around to trigger motion detectors. Integrating lighting systems with video feeds and access control creates the ability to control the lights depending on exactly who is in the room and where they are sitting. Tracking the movement of employees Camera data has been used in retail to track the movement of customers in stores, helping managers to optimize displays and position stocks. The same technology can be used to map out how employees move around a workspace, finding out where productivity gains can be made by moving furniture around or how many desks should be provisioned. Other potential uses of the same data could be to look for correlations between staff movement – say to a store room – and sales spikes, to better predict stock ordering. What makes ACaaS truly exciting is it is still a very new field, and we’re only just scratching the surface of the number of ways that it can be used to create new sources of value. As smart buildings and smart city technology evolves, more and more open systems will become available, offering more ways to combine, analyze and draw insights from data. Within a few years, it will become the rule, rather than the exception, and only grow in utility as it does.

Open Supervised Data Protocol (OSDP): The Gold Standard For Access Control Installations
Open Supervised Data Protocol (OSDP): The Gold Standard For Access Control Installations

Today’s security industry technology standards create a common framework for achieving predictable performance. Systems are made more secure and easier to install, use and integrate with other devices. Standards are also intended to be living documents, open to continual refinements to benefit manufacturers, integrators and end users. An excellent example is the Open Supervised Data Protocol (OSDP), which is now the industry’s gold standard for physical access control installations. It was designed to offer a higher level of security with more flexible options than the aging defacto Weigand wiring standard. Updating OSDP-Readers Simultaneously One recent addition enables end users to push firmware and software updates to thousands of OSDP-enabled card readers simultaneouslyOSDP, first introduced in 2011 by the Security Industry Association (SIA), continues to evolve with significant manufacturer input. One recent addition enables end users to push firmware and/or software updates to a few or thousands of OSDP-enabled card readers simultaneously. Weigand technology requires updates to be made one at a time at each reader. Regularly changing reader encryption keys is an excellent way to enhance facility security. It’s easy using the OSDP file transfer capability and the latest DESFire EV2 credentials containing multiple encryption keys. You can transfer the next code on the card to all readers and the job is done. And there’s no need to create a new card for each user or reprogram each individual reader. AES-128 Encryption Ensures Cybersecurity It’s time to migrate entirely away from Weigand technology. If greater security, convenience and reduced labor from the latest OSDP updates isn’t reason enough, here are a few more things to consider. The 40-year-old Weigand protocol provides no signal encryption, making it easy for hackers to capture the raw data transmitted between cards and readers. OSDP readers support AES-128 encryption while providing continuous monitoring of wires to guard against cybercriminals. Weigand reader installations require homerun cable pulls from the control panel to each peripheral device. OSDP readers can be daisy chained, providing additional savings on cabling and installation time. Weigand technology is simply too slow to work with today’s most versatile and secure card technologies. OSDP readers work with virtually all modern access control cards. The OSDP standard also works with biometric devices; Weigand does not. Meeting Requirements Of FICAM Guidelines SIA is pushing to make the latest OSDP version a standard recognized by the ANSI, a move to enhance the global competitiveness of U.S. security businessesAlso, OSDP is becoming a must-have standard for organizations demanding the highest security levels. The standard meets requirements of the Federal Identity, Credential and Access Management (FICAM) guidelines that affect how the access control industry does business with the federal government. SIA is pushing to make the latest OSDP version a standard recognized by the American National Standard Institute (ANSI), a move to enhance the global competitiveness of U.S. security businesses. There’s still a large worldwide reader installation base that works solely with the Weigand protocol. Admittedly, changing them all at one time may be prohibitively expensive; however, standards should be viewed as a journey, not a destination. That’s why a measured migration is the right choice for many organizations. Begin by securing the perimeter. Replace only the outside-facing Weigand readers. As long as the walls are secured, the inside can remain a softer target until OSDP-compatible readers can be added indoors. The case for moving to OSDP as a standard is compelling. It offers our industry the opportunity to design access control software and products that provide what end users want most – greater security, flexibility and convenience.

Latest HID Global news

AMAG Safeguards Valdosta Regional Airport With Its Symmetry SR Access Control System
AMAG Safeguards Valdosta Regional Airport With Its Symmetry SR Access Control System

Valdosta Regional Airport in Valdosta, Georgia offers three daily commercial flights to and from Atlanta Hartsfield-Jackson International Airport, along with general aviation. The airport contains three runways, two of which are used by commercial aircraft. The airport offers ground transportation, free parking, a Subway restaurant, and many other services such as hangar space and flight training to name a few. Previously, Valdosta Regional Airport operated a legacy Matrix access control system. The proprietary system, including the readers, panels and software, was outdated, making it difficult and expensive to obtain replacement parts. Building automation systems Looking for an open solution, Valdosta Regional Airport turned to Allcom Global Services for their expertise and upgraded to AMAG Technology’s Symmetry SR Retrofit Access Control system with HID readers. “Symmetry integrates into various video, intrusion and building automation systems,” said Kevin Cioffi, vice president, Allcom Global Services. Valdosta has more freedom to research competitive pricing and alternative options" “By choosing an open system, Valdosta has more freedom to research competitive pricing and alternative options. We are thrilled they have chosen Allcom. We gutted all the circuit boards and changed them to the Symmetry panels,” said Tim Register, operations manager/airport security coordinator, Valdosta Regional Airport. “We kept the antennas and how the data was transmitted. All the mounts stayed the same; we just swapped in Symmetry and it worked.” Integrating different technologies Symmetry controls access to the perimeter of the airport including the vehicle access gates and all outside doors facing the Security Identification Display Area (SIDA). The SIDA includes all areas that have access to the commercial apron and tarmac. The SIDA also requires a reader with a PIN-plus-card swipe to open, which make up 75% of the airport’s readers. The remaining Airport Operations Areas (AOA) require only a proximity card swipe to open, which are mostly internal doors and the main entrance. Thirty-two new HID proximity card readers were installed in total. To get the open system the airport required, Valdosta Regional Airport replaced older panels with Symmetry SR panels. As the Symmetry system changes or expands, integrating different technologies or adding more readers will be easy and less expensive. More economical approach The simple job of creating a badge for a user was cumbersome and time consuming with their old system The security operators found Symmetry much easier to learn and use, saving money and hours in training time. The simple job of creating a badge for a user was cumbersome and time consuming with their old system. With Symmetry, badges are created on demand, onsite, with no hassle or extra charge. “Symmetry provided us a more economical approach to facilitate the same thing we used to do with a more expensive, proprietary system,” said Register. “It is much easier to create a badge with Symmetry.” Life flight helicopter Airport authority employees, TSA, airline employees, fixed based operators, life flight helicopter and fixed wing aircraft are all protected by Symmetry. In addition to the perimeter, Symmetry controls access to all work areas within the airport and to the hangars located inside the perimeter fence. “An incident happened one Sunday morning where a car hit a pole and brought the power down,” said Tim Register. “If we were operating the Matrix system, it would have been down for hours. Our Symmetry system was only down minutes.”

Adder Technology Launches The ADDERView Secure Range Of KVM Switches And Accessories To Minimize Cyber Attacks
Adder Technology Launches The ADDERView Secure Range Of KVM Switches And Accessories To Minimize Cyber Attacks

Adder Technology, a global provider of connectivity solutions and high performance IP KVM, has announced the launch of the new ADDERView Secure Range of KVM switches and accessories. The NIAP Protection Profile 4.0 compliant range is designed to minimize hacking and cyber-attack risks without compromising real-time data visualization and secure collaboration in mission-critical environments. Made in America, the range of secure switches combine features such as channel separation, uni-directional data paths and tamper-proof labeling to maintain high levels of security required in command and control centers. Users can control classified and non-classified network sources simultaneously and in real-time, while benefitting from pixel-perfect data visualization at video resolutions up to 4K at 60 frames per second (fps). E-Paper display The ADDERView Secure range has been designed with simplicity and usability in mind without sacrificing functionality. An E-Paper display shows user-defined status information for the selected target computer and classification level, while fully color-configurable LED buttons have been designed to give users instant and clear channel confirmation, essential in busy control room environments. ADDERView Secure range is compatible with Adder’s existing portfolio of matrix and extension product To increase efficiencies in control rooms, the ADDERView Secure range is compatible with Adder’s existing portfolio of matrix and extension products, allowing secure IT personnel to protect their initial infrastructure investment, improve scalability and IT agility. Backwards compatibility allows users to take advantage of access to a wider portfolio of connectivity solutions to improve data visualization and collaboration. ADDERView Secure range The ADDERView Secure range comprises: ADDERView Secure Desktop KVM Switches: a powerful range designed to improved usability with an intuitive E-Paper display and color-configurable LEDs. ADDERView Secure Flexi-Switch: an innovative solution designed to offer ultimate flexibility with support for video resolutions up to UHD 4K at 60 fps on single and dual-head computers. ADDERView Secure Multi-Viewer: designed to deliver instant and simultaneous access to multiple data sources in mission-critical control rooms. ADDER Secure Card Reader: a robust accessory that allows users to simultaneously authenticate with up to four isolated computers. ADDER Secure Remote Control Unit: a compact unit that provides secure push button access to any channel on the target PC directly from the user desktop. ADDER Secure Port Expander: a secure accessory used to provide an additional port for USB HID devices including touch screens. Adrian Dickens, CEO, Adder Technology, commented, “We understand that organizations accessing, processing or controlling sensitive data require numerous security features as standard, and compliance with the latest NIAP protection profile is just one of them. It was important to us that our new secure KVM products offered enhanced functionality above and beyond what is expected. I believe the ADDERView Secure range does just that, and will significantly improve user workflows in mission-critical applications. ” The new ADDERView Secure range forms part of Adder’s extensive connectivity portfolio, which is renowned for technical excellence, reliable performance and specification. Users can book a demo to experience the ADDERView Secure range for the first time on the Adder Technology booth at AUSA 2020, March 17th-March 19th at the Von Braun Center, Huntsville, AL.

New HID Signo Readers Are Open, Connected and ‘Future-Proof’
New HID Signo Readers Are Open, Connected and ‘Future-Proof’

HID Global is introducing a new “flagship” line of access control readers as successors to the iCLASS line. The new HID Signo readers will support 15 different credentialing formats and communicate using the latest NFC (near field communication), BLE (Bluetooth Low Energy) and OSDP (Open Supervised Device Protocol) standards. HID Global says the new readers will simplify integration to more secure and mobile credentials.  HID Global has invested in a “future-proof” approach that both accommodates a variety of current market needs and can adapt to embrace new technologies as they come onto the market. The new line incorporates “all the hardware you need,” combining the capabilities of older generations of readers into a single product. Simplifying the choice of readers The new reader line seeks to simplify the choice of readers in a time when a variety of trends is complicating the access control market, from cloud systems to mobile access to identity management. “We are simplifying the way we bring our products to market, and baking it all into our readers,” says Harm Radstaak, HID Global Vice President and Managing Director. “If an installer takes a reader out of the box and mounts it on the wall, it just works.” We are simplifying the way we bring our products to market" In designing the product, HID sought feedback from channel partners, installers, consultants and end users on how the new readers would function. In addition, the company sought advice from architects on the design of the product. Aesthetics and industrial design elements were a priority because they ideally reflect the quality and “promise” of how the product will perform. Cybersecurity Cybersecurity is another emphasis. The readers store cryptographic keys and process cryptographic operations on certified EAL6+ secure element hardware, and custom authentication keys can be used for organizations who prefer that level of control. EAL6+ certification is a designation of the Evaluation Assurance Level of an IT product or system (the highest score is EAL7). Signo also includes a velocity checking feature designed to mitigate and thwart brute force attacks. “The new Signo line is a continuation of the journey we have been on,” says Radstaak. “It is the natural succession of what we have been doing for years, and it underlines our position in the market.”  By natively supporting mobile credentials, the new product line reinforces HID’s commitment to mobile systems, which the company first brought to market in 2014. Signo readers also include Enhanced Contactless polling to support mobile credentials in Apple Wallet. Addressing standards Embracing the OSDP standard, which was created in 2008, also addresses the growing customer need for bi-directional, secure communications. There is built-in support for OSDP Secure Channel as well as legacy Wiegand communication for organizations seeking to transition. Signo incorporates support for most credential technologies globally, including Seos, credentials with HID’s Secure Identity Object, and a variety of 125kHz legacy technologies such as Indala and Prox. The flexibility and openness of Signo is a response to the acceleration of new technologies entering the access control market. “If you look at new technologies in general, our market has been slow in adopting them,” says Radstaak. “However, with new entrants in the market, new technologies, new device manufacturers and artificial intelligence (AI), I believe the market is adopting new technologies much faster than before. Users are much savvier.” The consumer Administrators will be able to remotely configure and diagnose readers Radstaak says he expects market adoption of the new readers will be fast. “Customers have been waiting for this platform,” he says. “This has been a tremendous investment for HID Global, and it underlines our position in the market with its open platform, simplicity and future-proofing. We are prepared for whatever comes next technology-wise.” With Signo readers, administrators will be able to remotely configure and diagnose readers as well as monitor status through a centrally managed and connected reader ecosystem. As a member of the FiRA Consortium, HID Global has advocated bringing new technology to market based on the “fine ranging” capabilities of ultra-wideband (UWB) technology, which has applications in detection of the precise location or presence of a connected device or object. It’s the kind of technology that Signo platform’s “future-proofing” approach is geared to accommodate. “As the capability unfolds, we will be there to adapt,” says Radstaak.

Related white papers

Mobile Access- What You Need To Know (Part 1)

OSDP Is The Strongest Access Control For Your Business

Is Your Access Control As Effective As You Think?