Access control software - Expert commentary

Why Visualization Platforms Are Vital For An Effective Security Operation Center (SOC)
Why Visualization Platforms Are Vital For An Effective Security Operation Center (SOC)

Display solutions play a key role in SOCs in providing the screens needed for individuals and teams to visualize and share the multiple data sources needed in an SOC today. Security Operation Center (SOC) Every SOC has multiple sources and inputs, both physical and virtual, all of which provide numerous data points to operators, in order to provide the highest levels of physical and cyber security, including surveillance camera feeds, access control and alarm systems for physical security, as well as dashboards and web apps for cyber security applications. Today’s advancements in technology and computing power not only have increasingly made security systems much more scalable, by adding hundreds, if not thousands, of more data points to an SOC, but the rate at which the data comes in has significantly increased as well. Accurate monitoring and surveillance This has made monitoring and surveillance much more accurate and effective, but also more challenging for operators, as they can’t realistically monitor the hundreds, even thousands of cameras, dashboards, calls, etc. in a reactive manner. Lacking situational awareness is often one of the primary factors in poor decision making In order for operators in SOC’s to be able to mitigate incidents in a less reactive way and take meaningful action, streamlined actionable data is needed. This is what will ensure operators in SOC truly have situational awareness. Situational awareness is a key foundation of effective decision making. In its simplest form, ‘It is knowing what is going on’. Lacking situational awareness is often one of the primary factors in poor decision making and in accidents attributed to human error. Achieving ‘true’ situational awareness Situational awareness isn’t just what has already happened, but what is likely to happen next and to achieve ‘true’ situational awareness, a combination of actionable data and the ability to deliver that information or data to the right people, at the right time. This is where visualization platforms (known as visual networking platforms) that provide both the situational real estate, as well as support for computer vision and AI, can help SOCs achieve true situational awareness Role of computer vision and AI technologies Proactive situational awareness is when the data coming into the SOC is analyzed in real time and then, brought forward to operators who are decision makers and key stakeholders in near real time for actionable visualization. Computer vision is a field of Artificial Intelligence that trains computers to interpret and understand digital images and videos. It is a way to automate tasks that the human visual system can also carry out, the automatic extraction, analysis and understanding of useful information from a single image or a sequence of images. There are numerous potential value adds that computer vision can provide to operation centers of different kinds. Here are some examples: Face Recognition: Face detection algorithms can be applied to filter and identify an individual. Biometric Systems: AI can be applied to biometric descriptions such as fingerprint, iris, and face matching. Surveillance: Computer vision supports IoT cameras used to monitor activities and movements of just about any kind that might be related to security and safety, whether that's on the job safety or physical security. Smart Cities: AI and computer vision can be used to improve mobility through quantitative, objective and automated management of resource use (car parks, roads, public squares, etc.) based on the analysis of CCTV data. Event Recognition: Improve the visualization and the decision-making process of human operators or existing video surveillance solutions, by integrating real-time video data analysis algorithms to understand the content of the filmed scene and to extract the relevant information from it. Monitoring: Responding to specific tasks in terms of continuous monitoring and surveillance in many different application frameworks: improved management of logistics in storage warehouses, counting of people during event gatherings, monitoring of subway stations, coastal areas, etc. Computer Vision applications When considering a Computer Vision application, it’s important to ensure that the rest of the infrastructure in the Operation Center, for example the solution that drives the displays and video walls, will connect and work well with the computer vision application. The best way to do this of course is to use a software-driven approach to displaying information and data, rather than a traditional AV hardware approach, which may present incompatibilities. Software-defined and open technology solutions Software-defined and open technology solutions provide a wider support for any type of application the SOC may need Software-defined and open technology solutions provide a wider support for any type of application the SOC may need, including computer vision. In the modern world, with everything going digital, all security services and applications have become networked, and as such, they belong to IT. AV applications and services have increasingly become an integral part of an organization’s IT infrastructure. Software-defined approach to AV IT teams responsible for data protection are more in favor of a software-defined approach to AV that allow virtualised, open technologies as opposed to traditional hardware-based solutions. Software’s flexibility allows for more efficient refreshment cycles, expansions and upgrades. The rise of AV-over-IP technologies have enabled IT teams in SOC’s to effectively integrate AV solutions into their existing stack, greatly reducing overhead costs, when it comes to technology investments, staff training, maintenance, and even physical infrastructure. AV-over-IP software platforms Moreover, with AV-over-IP, software-defined AV platforms, IT teams can more easily integrate AI and Computer Vision applications within the SOC, and have better control of the data coming in, while achieving true situational awareness. Situational awareness is all about actionable data delivered to the right people, at the right time, in order to address security incidents and challenges. Situational awareness is all about actionable data delivered to the right people Often, the people who need to know about security risks or breaches are not physically present in the operation centers, so having the data and information locked up within the four walls of the SOC does not provide true situational awareness. hyper-scalable visual platforms Instead there is a need to be able to deliver the video stream, the dashboard of the data and information to any screen anywhere, at any time — including desktops, tablets phones — for the right people to see, whether that is an executive in a different office or working from home, or security guards walking the halls or streets. New technologies are continuing to extend the reach and the benefits of security operation centers. However, interoperability plays a key role in bringing together AI, machine learning and computer vision technologies, in order to ensure data is turned into actionable data, which is delivered to the right people to provide ‘true’ situational awareness. Software-defined, AV-over-IP platforms are the perfect medium to facilitate this for any organizations with physical and cyber security needs.

How AI Is Revolutionizing Fraud Detection
How AI Is Revolutionizing Fraud Detection

The Annual Fraud Indicator estimates that fraud costs the United Kingdom approximately £190 billion every year. The private sector is hit the hardest and loses around £140 billion a year, while the public sector loses more than £40 billion, and individuals lose roughly £7 billion. The effects of fraud can be devastating on both individuals and organizations. Companies can suffer irreversible damage to reputation and be forced to close, and individuals can experience significant personal losses. Everyone should be aware of the risks and take steps to protect themselves against fraudulent activity. Fraud detection technology Fraud detection technology has advanced rapidly, over the years and made it easier for security professionals to detect and prevent fraud. Here are some of the key ways that Artificial Intelligence (AI) is revolutionising fraud detection - with insight from Tessema Tesfachew, the Head of Product at Avora. An anomaly can be described as a behavior that deviates from the expected An anomaly can be described as a behavior that deviates from the expected. According to Tessema Tesfachew, “Autonomous monitoring and anomaly detection specifically, have made detecting fraudulent activity faster and more accurate. Machines can monitor data 24/7 as it comes in, build patterns of behavior that take into account seasonality and shifting trends, and identify events that don’t fit the norm.” For example, banks can use AI software to gain an overview of a customer’s spending habits online. Having this level of insight allows an anomaly detection system to determine whether a transaction is normal or not. Suspicious transactions can be flagged for further investigation and verified by the customer. If the transaction is not fraudulent, then the information can be put into the anomaly detection system to learn more about the customer’s spending behavior online. Accurate root cause analysis Root cause analysis goes one step further than anomaly detection, by allowing security professionals to pinpoint what caused the anomaly. Tessema explains how an example of this would be if a system detects that the rate of fraudulent transactions has increased. Root cause analysis would pinpoint the specific ATM or point of sale, where this increase is occurring. Swift action can then be taken to prevent fraudulent activity at that location in the future. Fewer false positives As mentioned, false positives can occur if a fraud detection system identifies behavior that goes against the norm, for instance, if a customer makes a transaction in a new location. In many cases, customers are required to complete identity verification to prove that a transaction is not fraudulent. Digital customer identity verification can help brands build a strong and reputable image. That said, forcing users to complete identify certifications regularly can cause frustration and harm the customer experience. AI anomaly detection AI fraud detection systems can carry out accurate data analysis in milliseconds and identify complex patterns in data AI anomaly detection is far more accurate and results in fewer false positives. Increasing the accuracy of anomaly detection helps companies improve customer relationships and build a strong reputation. This will have a positive impact on brand image and sales revenue. AI fraud detection systems can carry out accurate data analysis in milliseconds and identify complex patterns in data. Machines are more efficient than even the most skilled fraud analysts and make fewer errors. This is why AI fraud detection software is the preferred option in larger organizations. Importance of fraud analysts However, fraud analysts still play an important role in fraud prevention. Using a combination of human intervention and AI is usually the most effective approach when it comes to fraud detection. According to pymnts.com, innovative organizations now use a variety of AI and supervised and unsupervised machine learning to identify and protect against fraud. AI systems can complete time-consuming and repetitive tasks, such as data collection and analysis. This means that fraud analysts can focus their time and attention on critical tasks that require human intervention, e.g. monitoring risk scores. AI can automate processes and enhance the quality of the fraud analysts’ work. Conclusion In to Tessema Tesfachew’s opinion, “Fraud detection has become vastly more efficient and effective with the introduction of Artificial Intelligence (AI). Previously, methods for detecting fraudulent activities were still data-rich, but relied more on human intervention and expert bias, and were thus, more time consuming and prone to error.” AI technology, particular anomaly detection, has streamlined fraud detection and created a more efficient, and accurate system for detecting and preventing fraud. Covid-19 has increased the number of online transactions, which creates more opportunities for fraudulent activity. However, it also allows businesses to gain more information on their customers and enhance the capabilities of AI security software. It is more important than ever for organizations to utilize AI technology in fraud detection strategies.

Tackling The Challenge Of The Growing Cybersecurity Gap
Tackling The Challenge Of The Growing Cybersecurity Gap

The SolarWinds cyberattack of 2020 was cited by security experts as “one of the potentially largest penetrations of Western governments” since the Cold War. This attack put cybersecurity front and center on people’s minds again. Hacking communication protocol The attack targeted the US government and reportedly compromised the treasury and commerce departments and Homeland Security. What’s interesting about the SolarWinds attack is that it was caused by the exploitation of a hacker who injected a backdoor communications protocol.  This means that months ahead of the attack, hackers broke into SolarWinds systems and added malicious code into the company’s software development system. Later on, updates being pushed out included the malicious code, creating a backdoor communication for the hackers to use. Once a body is hacked, access can be gained to many. An explosion of network devices What has made the threat of cyberattacks much more prominent these days has been IT's growth in the last 20 years, notably cheaper and cheaper IoT devices. This has led to an explosion of network devices. IT spending has never really matched the pace of hardware and software growth Compounding this issue is that IT spending has never really matched the pace of hardware and software growth. Inevitably, leading to vulnerabilities, limited IT resources, and an increase in IoT devices get more attention from would-be hackers. Bridging the cybersecurity gap In the author’s view, this is the main reason why the cybersecurity gap is growing. This is because it inevitably boils down to counter-strike versus counter-strike. IT teams plug holes, and hackers find new ones, that is never going to stop. The companies must continue fighting cyber threats by developing new ways of protecting through in-house testing, security best practice sources, and both market and customer leads. End-user awareness One of the key battlegrounds here is the education of end-users. This is an area where the battle is being won at present, in the author’s opinion. End-users awareness of cybersecurity is increasing. It is crucial to educate end-users on what IoT devices are available, how they are configured, how to enable it effectively, and critically, how to use it correctly and safely. Physical security network A valuable product that tackles cybersecurity is, of course, Razberi Monitor™, which is new to ComNet’s portfolio. Monitor™ is a software platform that provides a top-down view of the physical security network and ecosystem. Monitor™ is a software platform that provides a top-down view of the physical security network and ecosystem It monitors and manages all the system components for cybersecurity and system health, providing secure visibility into the availability, performance, and cyber posture of servers, storage, cameras, and networked security devices. Proactive maintenance By intelligently utilizing system properties and sensor data, Razberi’s award-winning cybersecurity software prevents problems while providing a centralized location for asset and alert management. Monitor™ enables proactive maintenance by offering problem resolutions before they become more significant problems. Identifying issues before they fail and become an outage is key to system availability and, moreover, is a considerable cost saving.

Latest ASSA ABLOY EMEA news

Meet International Locking Standards Without Compliance Headaches With ASSA ABLOY’s CY110 Locking System
Meet International Locking Standards Without Compliance Headaches With ASSA ABLOY’s CY110 Locking System

Standards and compliance perform a critical, if underappreciated, role for security and facility managers. They set a quality baseline for locking and security hardware. They help customers quickly compare attributes across products. An insurance provider probably requires security to meet relevant standards. Taking a short-cut could prove an expensive mistake, should the worst happen and one needs to claim. Importance of meeting standards “Not all affordable mechanical locking meets even the minimum standards. Unfortunately, such information will not always be clearly advertised on the package. Even if a standard is ‘met’, not every product which meets it is equal.” said Kirsi Solehmainen, Product Manager of Mechanical Cylinders at ASSA ABLOY Opening Solutions EMEA. Kirsi adds, “Take the most relevant standard for mechanical locking, EN 1303:2015, for example. Cylinders are assessed on up to six different measures, generating an alphanumeric grade which summarizes a lock’s performance on such metrics as fire, corrosion and attack resistance. A high-quality cylinder lock may read something like ‘1 6 – B – C 5 D’.” Durability, key security, and attack resistance For security, the second, sixth, seventh and eighth digits are especially important For security, the second, sixth, seventh, and eighth digits are especially important. These indicate a lock’s likely performance when faced with common threats. Durability (digit 2) is graded on a 4 - 6 scale, corrosion (digit 6) is assessed A - C, key security (digit 7) 1 - 6, and attack resistance (final digit) 0 - D. Kirsi further stated, “A cylinder may jump the bar to receive EN 1303:2015 certification, achieving the lowest grade in all these categories. But simply ‘passing’ this standard, meeting this minimum, is unlikely to provide protection that your premises require. You can aim higher, while staying within your security budget.” CY110 locking system The CY110 locking system from ASSA ABLOY is designed for uncompromising security and usability, and for anyone who does not want to spend too much time thinking about standards. CY110 cylinders outperform basic EN 1303 standards, offering high performance at an affordable price. In fact, the example above, 1 6 – B – C 5 D, is the official EN 1303 certification for CY110 cylinders. CY110 padlocks exceed the minimum for similar, but separate, standards for such devices (EN 12320) and conforms to SKG. Safeguarding against key duplication CY110 achieves close to the maximum rating for cylinder-type locking. Keys are robust, with a complex dimple design, which enhances duplication protection. Additionally, a patent, valid through 2036, safeguards against unauthorized key copying. Locks are resistant to picking and to multiple types of brute force attacks. Inbuilt self-lubrication technology and corrosion durability ensure a long product lifetime. The CY110 system makes no trade-off between affordability and security standards. This next generation of mechanical locking offers both, alongside an intelligent 21st-century design that makes CY110 locking easy to install and convenient to use. Deploying EN 1303:2015 locking The CY110 locking system is proven in both domestic and commercial settings The CY110 locking system is proven in both domestic and commercial settings. Customers can select from a broad range of EN 1303 certified cylinders, including double, thumb turn, and rim cylinders for interior and exterior doors, cam cylinders for cabinets, gates, and lockers, and single cylinders for lifts and other interior doors. CY110 padlocks, made from hardened boron steel, are adapted for use outdoors or inside. Many locking points have a CY110 solution. For domestic convenience, home owners can order CY110 keyed alike, every resident carries a single key to open all relevant locks, including exterior and interior doors, storage spaces, and padlocks. CY110 cylinders may lock front and back doors, cabinets, and gates. The key-holder wastes no time in hunting for the right key because their single CY110 opens them all. Because CY110 keys are reversible, they turn in the lock the first time, every time. Simplifies master-key system design At commercial premises, CY110’s adaptability simplifies master-key system design. A locksmith or facility manager can quickly configure a master key system chart, which gives the CEO an ‘access all areas’ key, IT staff a key to the server room, cleaners the rights to unlock offices and supplies storage, employees with meeting room and office permissions, and everyone the ability to unlock the main entrance door and use the lift. Nobody carries weighty key bunches. No one goes where they are not authorized. And users no longer have to waste time searching for the right key or guessing which way to insert it. Enhanced performance and lock durability The CY110’s EN 1670:2007 certification ensures lock durability is not a worry. Providing performance on every level, CY110 has almost the highest possible grading for the important European locking standard - EN 1303:2015. This simplifies security and takes the headache out of locking compliance. CY110 is genuine, trusted ‘fit and forget’ locking solution, where convenience, cost-efficiency, and compliance come together.

ASSA ABLOY’s Aperio Wireless Locks And AXIS Entry Manager Access Control Software Integration Offers A Cost-Efficient System For End Users
ASSA ABLOY’s Aperio Wireless Locks And AXIS Entry Manager Access Control Software Integration Offers A Cost-Efficient System For End Users

Businesses are always looking for cost-efficient solutions to upgrade their security level. AXIS Entry Manager’s customers can now extend access control efficiently and affordably with Aperio battery-powered locks from ASSA ABLOY. Online integration of the AXIS A1001 Network Door Controller with Aperio cylinders, escutcheons, and locks give facility managers real-time control over more doors. Administrators continue to manage every locking point from one AXIS Entry Manager interface, thereby saving time and removing the need to complete extra training. AXIS A1001 Network Door Controller AXIS A1001 Network Door Controller operates on a flexible platform, built to adapt as a site’s security needs change AXIS A1001 Network Door Controller operates on a flexible platform, built to adapt as a site’s security needs change. With this integration, battery-powered Aperio locks are controlled from the same web interface as wired door devices. Because the integration is online, it enables real-time control plus door and user audits on demand. “This integration is the first we have ever done with our access controllers,” explains Ernst Westerhoff, Business Development Manager for Access Control in Europe at Axis Communications, adding “At the end of the day, it costs less for the end-user.” Aperio RS-485 Hub Once installed, an Aperio RS-485 Hub coordinates up to 8 Aperio devices within a 15- to 25-meter range, communicating with the central system via the AXIS A1001. One AXIS A1001 can manage one wired door and one Aperio hub, for a total of 9 doors maximum per controller. AES 128-bit encryption secures all communication between locks and security systems. Aperio locks are wireless, so they require no expensive cabling to install. The AXIS A1001 uses Power over Ethernet (PoE), which eliminates any need for power cabling to controllers. Aperio is cost-efficient during the use phase, too. Wireless Aperio locks Because they run on standard batteries, Aperio locks are much more energy-efficient than equivalent wired door locks. Unlike wired locking, Aperio devices are not connected to mains electricity and use no power when inactive. According to recent ASSA ABLOY benchmarking analysis, choosing wireless over wired locking could bring a large reduction in access control energy use, more than 70% or thousands of euros over a typical installation’s life-cycle. Greater flexibility to expand system coverage Aperio offers Axis end users much greater flexibility to affordably expand or modify their system coverage" “Aperio offers Axis end users much greater flexibility to affordably expand or modify their system coverage. If needs change at a facility, for example, managers want to filter access through more doors, it’s quick and easy for an installer to fit Aperio locks and integrate them online with the AXIS Entry Manager control panel.”, says Lars Angelin, Aperio Business Development Manager at AAOS. The integration allows users to open all wired doors and Aperio wireless controlled doors with the same credential, via almost any standard RFID technology including iCLASS, MIFARE, HID Prox/EM410, and Seos. “We offer to our customers the benefit of easy set-up for wireless access control. They just mount a wireless lock or wireless cylinder to a door and they have full access control,” adds Westerhoff. Streamlining access management The new integration has already been deployed at H-Farm, a business education and innovation hub in Italy. They sought a solution to streamline access management at a geographically dispersed portfolio of buildings. H-Farm experiences rapid user turnover, both because new businesses join regularly and because they organize up to 300 events every year. New locks had to extend the existing Axis system without adding admin workload. Aperio handles, security locks and escutcheons To meet their needs, H-Farm selected Aperio handles, security locks and escutcheons, each easy to retrofit To meet their needs, H-Farm selected Aperio handles, security locks, and escutcheons, each easy to retrofit, so as to ensure that day-to-day work at their offices would not be disrupted. So far, 40 Aperio H100 wireless door handles, plus the Aperio wireless locks and wireless escutcheons, have been installed across multiple H-Farm locations in northern Italy. Most of H-Farm’s interior doors are secured with the award-winning Aperio H100 wireless handle, a former Intersec Access Control Product of the Year. The H100 wireless handle packs the flexibility and affordability of wireless access control into a slim door handle. Wireless access control hardware A standard battery slots inside and powers the handle, ensuring a minimal footprint. ASSA ABLOY’s device design team incorporated electronics into the handle lever on the outside of the door, without compromising security. “Aperio wireless access control hardware is solid, nice looking and perfectly fits our environment, solving our access problem,” stated Alberto Aldrigo at H-Farm. H-Farm has a strong track record supporting innovation and creativity in European start-ups. The company focuses on skills development, new approaches to education and digital transformation. With the help of seamless integration from Aperio and Axis, the latest transformation upgrades their own access and security management.

What Are the Physical Security Challenges of Smart Cities?
What Are the Physical Security Challenges of Smart Cities?

The emergence of smart cities provides real-world evidence of the vast capabilities of the Internet of Things (IoT). Urban areas today can deploy a variety of IoT sensors to collect data that is then analyzed to provide insights to drive better decision-making and ultimately to make modern cities more livable. Safety and security are an important aspect of smart cities, and the capabilities that drive smarter cities also enable technologies that make them safer. We asked this week’s Expert Panel Roundtable: What are the physical security challenges of smart cities?

Related white papers

Delivering a Smart, Secure and Healthy Workplace with Cloud

Facing the Ever-evolving Hacker Head-on

Four Areas to Consider in Frictionless Access Control