Access control software - Expert commentary

Home Monitoring At The Edge: Advanced Security In The Hands Of Consumers
Home Monitoring At The Edge: Advanced Security In The Hands Of Consumers

Imagine a home surveillance camera monitoring an elderly parent and anticipating potential concerns while respecting their privacy. Imagine another camera predicting a home burglary based on suspicious behaviors, allowing time to notify the homeowner who can in turn notify the police before the event occurs—or an entire network of cameras working together to keep an eye on neighborhood safety. Artificial Intelligence vision chips A new gen of AI vision chips are pushing advanced capabilities such as behavior analysis and higher-level security There's a new generation of artificial intelligence (AI) vision chips that are pushing advanced capabilities such as behavior analysis and higher-level security to the edge (directly on devices) for a customizable user experience—one that rivals the abilities of the consumer electronics devices we use every day. Once considered nothing more than “the eyes” of a security system, home monitoring cameras of 2020 will leverage AI-vision processors for high-performance computer vision at low power consumption and affordable cost—at the edge—for greater privacy and ease of use as well as to enable behavior analysis for predictive and preemptive monitoring. Advanced home monitoring cameras With this shift, camera makers and home monitoring service providers alike will be able to develop new edge-based use cases for home monitoring and enable consumers to customize devices to meet their individual needs. The result will be increased user engagement with home monitoring devices—mirroring that of cellphones and smart watches and creating an overlap between the home monitoring and consumer electronics markets. A quick step back reminds us that accomplishing these goals would have been cost prohibitive just a couple of years ago. Face recognition, behavior analysis, intelligent analytics, and decision-making at this level were extremely expensive to perform in the cloud. Additionally, the lag time associated with sending data to faraway servers for decoding and then processing made it impossible to achieve real-time results. Cloud-based home security devices The constraints of cloud processing certainly have not held the industry back, however. Home monitoring, a market just seven years young, has become a ubiquitous category of home security and home monitoring devices. Consumers can choose to install a single camera or doorbell that sends alerts to their phone, a family of devices and a monthly manufacturer’s plan, or a high-end professional monitoring solution. While the majority of these devices do indeed rely on the cloud for processing, camera makers have been pushing for edge-based processing since around 2016. For them, the benefit has always been clear: the opportunity to perform intelligent analytics processing in real-time on the device. But until now, the balance between computer vision performance and power consumption was lacking and camera companies weren’t able to make the leap. So instead, they have focused on improving designs and the cloud-centric model has prevailed. Hybrid security systems Even with improvements, false alerts result in unnecessary notifications and video recording Even with improvements, false alerts (like tree branches swaying in the wind or cats walking past a front door) result in unnecessary notifications and video recording— cameras remain active which, in the case of battery powered cameras, means using up valuable battery life. Hybrid models do exist. Typically, they provide rudimentary motion detection on the camera itself and then send video to the cloud for decoding and analysis to suppress false alerts. Hybrids provide higher-level results for things like people and cars, but their approach comes at a cost for both the consumer and the manufacturer. Advanced cloud analytics Advanced cloud analytics are more expensive than newly possible edge-based alternatives, and consumers have to pay for subscriptions. In addition, because of processing delays and other issues, things like rain or lighting changes (or even bugs on the camera) can still trigger unnecessary alerts. And the more alerts a user receives, the more they tend to ignore them—there are simply too many. In fact, it is estimated that users only pay attention to 5% of their notifications. This means that when a package is stolen or a car is burglarized, users often miss the real-time notification—only to find out about the incident after the fact. All of this will soon change with AI-based behavior analysis, predictive security, and real-time meaningful alerts. Predictive monitoring while safeguarding user privacy These days, consumers are putting more emphasis on privacy and have legitimate concerns about being recorded while in their homes. Soon, with AI advancements at the chip level, families will be able to select user apps that provide monitoring without the need to stream video to a company server, or they’ll have access to apps that record activity but obscure faces. Devices will have the ability to only send alerts according to specific criteria. If, for example, an elderly parent being monitored seems particularly unsteady one day or seems especially inactive, an application could alert the responsible family member and suggest that they check in. By analyzing the elderly parent’s behavior, the application could also predict a potential fall and trigger an audio alert for the person and also the family. AI-based behavior analysis Ability to analyze massive amounts of data locally and identify trends is a key advantage of AI at the edge The ability to analyze massive amounts of data locally and identify trends or perform searches is a key advantage of AI at the edge, for both individuals and neighborhoods. For example, an individual might be curious as to what animal is wreaking havoc in their backyard every night. In this case, they could download a “small animal detector” app to their camera which would trigger an alert when a critter enters their yard. The animal could be scared off via an alarm and—armed with video proof—animal control would have useful data for setting a trap. Edge cameras A newly emerging category of “neighborhood watch” applications is already connecting neighbors for significantly improved monitoring and safety. As edge cameras become more commonplace, this category will become increasingly effective. The idea is that if, for example, one neighbor captures a package thief, and then the entire network of neighbors will receive a notification and a synopsis video showing the theft. Or if, say, there is a rash of car break-ins and one neighbor captures video of a red sedan casing their home around the time of a recent incident, an AI vision-based camera could be queried for helpful information: Residential monitoring and security The camera could be asked for a summary of the dates and times that it has recorded that particular red car. A case could be made if incident times match those of the vehicle’s recent appearances in the neighborhood. Even better, if that particular red car was to reappear and seems (by AI behavior analysis) to be suspicious, alerts could be sent proactively to networked residents and police could be notified immediately. Home monitoring in 2020 will bring positive change for users when it comes to monitoring and security, but it will also bring some fun. Consumers will, for example, be able to download apps that do things like monitor pet activity. They might query their device for a summary of their pet’s “unusual activity” and then use those clips to create cute, shareable videos. Who doesn’t love a video of a dog dragging a toilet paper roll around the house? AI at the Edge for home access control Home access control via biometrics is one of many new edge-based use cases that will bring convenience to home monitoring Home access control via biometrics is one of many new edge-based use cases that will bring convenience to home monitoring, and it’s an application that is expected to take off soon. With smart biometrics, cameras will be able to recognize residents and then unlock their smart front door locks automatically if desired, eliminating the need for keys. And if, for example, an unauthorized person tries to trick the system by presenting a photograph of a registered family member’s face, the camera could use “3D liveness detection” to spot the fake and deny access. With these and other advances, professional monitoring service providers will have the opportunity to bring a new generation of access control panels to market. Leveraging computer vision and deep neural networks Ultimately, what camera makers strive for is customer engagement and customer loyalty. These new use cases—thanks to AI at the edge—will make home monitoring devices more useful and more engaging to consumers. Leveraging computer vision and deep neural networks, new cameras will be able to filter out and block false alerts, predict incidents, and send real-time notifications only when there is something that the consumer is truly interested in seeing. AI and computer vision at the edge will enable a new generation of cameras that provide not only a higher level of security but that will fundamentally change the way consumers rely on and interact with their home monitoring devices.

Top Things You Need To Include In Your Construction Site Security Checklist
Top Things You Need To Include In Your Construction Site Security Checklist

One of the responsibilities of construction project managers is to account for risks during the initial planning for a project and mitigate them. With all the tools, construction materials, and heavy machinery during the initial stages of a project, the construction site is a dangerous place to be at. However, this is not the only risk that project managers need to protect a site from. With plenty of valuables both physical and virtual within a construction site, it is also a prime target for theft and arson. Improving the security of construction sites It is important now more than ever that construction business owners and project managers invest in improving the security of construction sites. After all, security on construction sites is for the protection not only of valuable assets but also of workers and members of the public. Investing in adequate resources for construction site security can prevent several issues, including: Theft of expensive tools and construction equipment Cybersecurity breaches leading to loss of sensitive information such as invoice data Arson resulting in loss of life and property Vandalism of construction site property Trespassing by unauthorized parties and exposure to construction site dangers Risks of injuries that can result in litigation and legal claims Identifying security issues Having a dedicated security team in place is a good first step in bolstering a construction site’s security. They will be able to prevent theft, vandalism, and deter unauthorized personnel from entering the site. They can also identify security issues that can potentially arise and even respond quickly to accidents and other calamities should they occur. Having a dedicated security team in place is a good first step in bolstering a construction site’s security For a better implementation of construction site security measures, it is critical that business owners and managers assess an assessment of the site itself. This will help identify both internal and external risks that can affect the site’s security and guide project managers in putting systems in place to address them. Construction site security checklist To guide you, here is a sample template that you can use to form your own construction site security checklist.  SECURITY COORDINATION  YES   NO  1. Does the site have designated security coordinators?     2. Are the security coordinators available for contact during non-business hours?     3.  Does the construction site provide a means to contact the police, fire department, and other relevant authorities in case of emergencies?     4. Does the construction site have a written security plan, including procedures for specific scenarios?     5. If so, are construction site employees aware of the security plan?       GENERAL MACHINERY  YES   NO  1. Are all machinery adequately marked? (Identification number, corporate logo, tags, etc.)     2. Have all the machinery been inventoried? (Serial number, brand, model, value, etc.)     3. Does the project have a list of the names of operators handling the machinery?     4. Are all the machinery fitted with immobilizers and tracking devices when appropriate?     5. Are all the machinery stored in a secure area with a proper surveillance system?     6. Are the keys to the machinery stored in a separate, secure area?      TOOLS AND OTHER EQUIPMENT  YES   NO  1. Are all power tools and hand equipment marked? (Identification number, corporate logo, tags, etc.)     2. Have all power tools and hand equipment been inventoried? (Serial number, brand, model, value, etc.)     3. Are tools and equipment fitted with tags and tracking devices when appropriate?     4. Are tools and equipment stored in a secure place?      INVENTORY CONTROL  YES   NO  1. Is there a system in place to check material inventory to ensure they are not misplaced or stolen?     2. Are there procedures in place for checking materials that go in and out of the construction site?     3. Is there a set schedule for checking materials and equipment?     4. If so, do the records show that the schedule is followed strictly?     5. Are all material suppliers arriving for delivery properly identified? (e.g license plates, driver’s license, etc)      CONSTRUCTION SITE PERIMETER  YES   NO  1. Is there a physical barrier in place to secure the site?     2. Is the number of gates kept to a minimum?     3. Are there uniformed guards at every gate to check personnel and vehicles entering and leaving the site?     4. Are security warnings displayed prominently at all entry points?     5. Are entry points adequately secured? (With  industry-grade padlocks, steel chains, etc.)     6. Is there an alarm system?     7. Is the locking system integrated with the alarm?     8. Is the site perimeter regularly inspected?     9. Are “NO TRESPASSING” signs displayed prominently along the perimeter?      LIGHTING AND SURVEILLANCE  YES   NO  1. Is there sufficient lighting on the construction site?     2. Is there a dedicated staff member assigned to check if the lighting is working properly?     3. Is the site protected by CCTV cameras?     4. Are there signs posted on site indicating the presence of security cameras?     5. Are there motion detection lights installed on-site?      INTERNAL CONTROLS  YES   NO  1. Is there a policy on employee theft?     2. Are employees aware of the policy?     3. Are employees required to check in and check out company properties when using them?     4. Are staff members encouraged to report suspicious activity?     5. Is there a hotline employees can call to report security lapses and breaches?      SITE VISITORS  YES   NO  1. Are visitors checking in and out?     2. Are vehicles entering and exiting the site recorded?      CYBERSECURITY  YES   NO  1. Are the construction site’s documents and other sensitive data stored in the cloud securely?     2. Does the company have a strong password policy?     3. Are asset-tracking data accessible online?     4. Are confidential documents and data regularly backed up?     5. Are employees well-informed about current cyberattack methods such as phishing?     Security is a serious business in construction. Because of the dangers already present on your construction site, a lapse in security can have devastating effects on your business’s operations. Not only do you risk losing money in a security breach, but more importantly, you also risk endangering the lives of your site’s personnel and third parties.  Business owners and project managers need to make a concerted effort to educate employees about security and double down on their best practices for protecting their sites.

How To Build An Insider Threat Program
How To Build An Insider Threat Program

Insider threat programs started with counter-espionage cases in the government. Today, insider threat programs have become a more common practice in all industries, as companies understand the risks associated with not having one. To build a program, you must first understand what an insider threat is. An insider threat is an employee, contractor, visitor or other insider who have been granted physical or logical access to a company that can cause extensive damage. Damage ranges from emotional or physical injury, to personnel, financial and reputational loss to data loss/manipulation or destruction of assets. Financial and confidential information While malicious insiders only make up 22% of the threats, they have the most impact on an organization Most threats are derived from the accidental insider. For example, it’s the person who is working on a competitive sales pitch on an airplane and is plugging in financial and confidential information. They are working hard, yet their company’s information is exposed to everyone around them. Another type of insider, the compromised insider, is the person who accidentally downloaded malware when clicking on a fake, urgent email, exposing their information. Malicious insiders cause the greatest concerns. These are the rogue employees who may feel threatened. They may turn violent or take action to damage the company. Or you have the criminal actor employees who are truly malicious and have been hired or bribed by another company to gather intel. Their goal is to gather data and assets to cause damage for a specific purpose. While malicious insiders only make up 22% of the threats, they have the most impact on an organization. They can cause brand and financial damage, along with physical and mental damage. Insider threat program Once you determine you need an insider threat program, you need to build a business case and support it with requirements. Depending on your industry, you can start with regulatory requirements such as HIPAA, NERC CIP, PCI, etc. Talk to your regulator and get their input. Everyone needs to be onboard, understand the intricacies of enacting a program Next, get a top to bottom risk assessment to learn your organization’s risks. A risk assessment will help you prioritize your risks and provide recommendations about what you need to include in your program. Begin by meeting with senior leadership, including your CEO to discuss expectations. Creating an insider threat program will change the company culture, and the CEO must understand the gravity of his/her decision before moving forward. Everyone needs to be onboard, understand the intricacies of enacting a program and support it before its implemented. Determining the level of monitoring The size and complexity of your company will determine the type of program needed. One size does not fit all. It will determine what technologies are required and how much personnel is needed to execute the program. The company must determine what level of monitoring is needed to meet their goals. After the leadership team decides, form a steering committee that includes someone from legal, HR and IT. Other departments can join as necessary. This team sets up the structure, lays out the plan, determines the budget and what type of technologies are needed. For small companies, the best value is education. Educate your employees about the program, build the culture and promote awareness. Teach employees about the behaviors you are looking for and how to report them. Behavioral analysis software Every company is different and you need to determine what will gain employee support The steering committee will need to decide what is out of scope. Every company is different and you need to determine what will gain employee support. The tools put in place cannot monitor employee productivity (web surfing). That is out of scope and will disrupt the company culture. What technology does your organization need to detect insider threats? Organizations need software solutions that monitor, aggregate and analyze data to identify potential threats. Behavioral analysis software looks at patterns of behavior and identifies anomalies. Use business intelligence/data analytics solutions to solve this challenge. This solution learns the normal behavior of people and notifies security staff when behavior changes. This is done by setting a set risk score. Once the score crosses a determined threshold, an alert is triggered. Case and incident management tools Predictive analytics technology reviews behaviors and identifies sensitive areas of companies (pharmacies, server rooms) or files (HR, finance, development). If it sees anomalous behavior, it can predict behaviours. It can determine if someone is going to take data. It helps companies take steps to get ahead of bad behavior. If an employee sends hostile emails, they are picked up and an alert is triggered User sentiment detection software can work in real time. If an employee sends hostile emails, they are picked up and an alert is triggered. The SOC and HR are notified and security dispatched. Depending on how a company has this process set-up, it could potentially save lives. Now that your organization has all this data, how do you pull it together? Case and incident management tools can pool data points and create threat dashboards. Cyber detection system with access control An integrated security system is recommended to be successful. It will eliminate bubbles and share data to see real-time patterns. If HR, security and compliance departments are doing investigations, they can consolidate systems into the same tool to have better data aggregation. Companies can link their IT/cyber detection system with access control. Deploying a true, integrated, open system provides a better insider threat program. Big companies should invest in trained counterintelligence investigators to operate the program. They can help identify the sensitive areas, identify who the people are that have the most access to them, or are in a position to do the greatest amount of harm to the company and who to put mitigation plans around to protect them. They also run the investigations. Potential risky behavior Using the right technology along with thorough processes will result in a successful program You need to detect which individuals are interacting with information systems that pose the greatest potential risk. You need to rapidly and thoroughly understand the user’s potential risky behavior and the context around it. Context is important. You need to decide what to investigate and make it clear to employees. Otherwise you will create a negative culture at your company. Develop a security-aware culture. Involve the crowd. Get an app so if someone sees something they can say something. IT should not run the insider threat program. IT is the most privileged department in an organization. If something goes wrong with an IT person, they have the most ability to do harm and cover their tracks. They need to be an important partner, but don’t let them have ownership and don’t let their administrators have access. Educating your employees and creating a positive culture around an insider threat program takes time and patience. Using the right technology along with thorough processes will result in a successful program. It’s okay to start small and build.

Latest Vanderbilt Industries news

What Is The Biggest Change In The Security Industry Since 2010?
What Is The Biggest Change In The Security Industry Since 2010?

Ten years is a long time, but it seems to pass in an instant in the world of security. In terms of technology, 2010 is ages ago. Changes in the market have been transformative during that decade, and we called on our Expert Panel Roundtable to highlight some of those changes. We asked this week’s panelists: What was the biggest change in the security industry in the 2010-2019 decade?  

Vanderbilt Launches SPC Connect 3.0 Intrusion Detection Solution That Focuses On Greater Visibility For Installers
Vanderbilt Launches SPC Connect 3.0 Intrusion Detection Solution That Focuses On Greater Visibility For Installers

Vanderbilt, a global provider of state-of-the-art security systems, has released the latest version of SPC Connect, the remotely managed, cloud-based, intrusion detection solution. This latest version, 3.0, includes an entirely reworked user interface and focuses on more intuitive user operations. “With this release, we believe that the evolution of SPC Connect has reached a new level,” said Alexander Scheffold, Product Manager, Vanderbilt. “One of Vanderbilt’s targets is to provide state-of-the-art intrusion systems to our customers with a wide range of advantages. In our view, SPC Connect 3.0 ticks all of these boxes.” Through this release, collected information is now visible to the installer and enables them to have an overview of the installed SPC systems out in the field. Dashboard widgets like a geographical site map with status information from individual panels or a multisite Status widget showing the overall status information from all connected SPC panels enhancing the usability and the decision-making workflow from installers. Centralized operations menu This greater visibility for installers includes an intuitive operations menu with all available operations on different levels A new centralized operations menu allows the installer to more intuitively navigate a specific operation much quicker. “SPC Connect 3.0 has a completely reworked user interface that allows installers to get a faster overview of the installed SPC base,” said Ross Wilks, Head of Vanderbilt’s Marketing Communications. “Through our research and received customer feedback, we have learned from our customer-base that greater visibility of their installed SPC systems is a priority for them.” “So now, with this new release, typical questions that installers might ask themselves, such as, which SPC firmware versions do my customers have? Where can I find a specific operation? Or where can I find the latest maintenance report from a specific panel? are now only two or three clicks away.” Interactive widgets This greater visibility for installers includes an intuitive operations menu with all available operations on different levels, such as site level, multi-site level, and company administrator level. “This release was designed to be a customer-first experience,” said Scheffold. “The dashboard now contains interactive widgets that allows installers to create customized views, so for example, now you can quickly and clearly see the information you personally want most to execute your daily needs more efficiently.” Scheffold summarized, “In addition, SPC Connect 3.0 comes with a new installer manual. This approach means the existing static, manual approach will be enhanced with an embedded FAQ functionality. This will allow the installer to find an explanation for a feature, or how to perform a specific action much quicker.” SPC Connect 3.0 launched on Feb. 6, 2020.

What Technology Buzz Will Dominate The Security Industry In 2020?
What Technology Buzz Will Dominate The Security Industry In 2020?

The new year comes with new opportunities for the security industry, but what technologies will dominate our discussions in 2020? Topics such as artificial intelligence (AI) and HCI (hyperconverged infrastructure) became familiar in conversations during 2019, and they are likely to dominate our thoughts again in the new year. But other buzzwords are also gaining steam, such as “blockchain” and “frictionless access control.” Connectivity and the cloud will also be timely technology topics as the industry evolves. We asked this week’s Expert Panel Roundtable: What technology buzz will dominate the security industry in 2020?