Cloud services can deliver scalable capabilities quickly without the need to purchase, install, or configure any new on-site physical assets
Cloud connectivity can provide a linkage between the mobile users
and the facilities and systems they want to interact with

From enterprise applications to small businesses, schools, health care facilities and beyond, investments in physical security systems provide valuable resources to help protect people, property and assets – and ultimately the financial security and well-being of the organization. As need and demand for better security has dramatically increased over the years, today’s technology is more software and computer driven, enabling systems to be networked internally or managed externally through cloud computing platforms.

Increased Connectivity

 In today’s mobile, connected world, end users expect the ability to view and manage their systems from anywhere at any time, making hosted access control an attractive and economical proposition. Cloud connectivity can provide a linkage between the mobile users and the facilities and systems they want to interact with, whether those systems are in one place or distributed over several locations. And, cloud services can deliver scalable capabilities quickly – often on demand – without the need to purchase, install, or configure any new on-site physical assets, such as servers or work stations.

However, these benefits are not without their drawbacks and potential risks, most notably cybersecurity and the availability of the system and its data. Any system outage, whether the result of a network breach, server failure or other factor, compromises security and could leave an organization vulnerable. The resulting risks could be catastrophic, making it vital that organizations ensure that their access control, video surveillance and other security systems are always up and running. Management concerns over the cybersecurity risks of cloud-based solutions grow with each high-profile data breach that is reported, and with good reason.

Incorporating the cloud services into your operation will continue to take time and resources that will need to be included in your plans
Risks could be catastrophic, making it vital that organizations
ensure that their security systems are always up and running

Maintaining Critical Functions

As companies move forward with IT and physical security planning, here are some factors to consider and incorporate appropriately into the process.

Step 1: Consider the benefits and risks of cloud-based services objectively

Be honest about how your company functions today, how you want it to function in the future, and how cloud-based services might help get you from here to there. But don’t think that cloud services will solve problems magically – when it comes down to it, cloud services are really just renting hardware and software in somebody else’s facility. There are definitely benefits to renting versus owning, but there are also significant risks. And, incorporating the cloud services into your operation, and/or maintaining them, will continue to take time and resources that will need to be included in your plans.

Step 2: Determine which functions must continue, even in the event of cloud system failure.

This should be an extension of your current business strategy, which already evaluated your essential functions, personnel, etc. Remember that the risks are compounded if the cloud is used to store or process important business data – in the event of a failure, that data may not be accessible or under your control. Be very clear about the procedures and steps you will take if your cloud services go down so you can keep your operations up and running.

Step 3: Implement backup processes to ensure critical business continuity.

Once the intended benefits of cloud services are evaluated in the light of foreseeable risks and critical functions are clearly identified, it is time to put the changes into effect, along with backup and contingency plans that will be triggered in the event of service disruptions. For access control, it is essential to quickly be able to re-load your list of authorized users and permissions so that normal operations can resume as soon as possible after an outage or failure.

Both hardware and software technical advancements continue to provide new options for security management across every vertical market application
Data backup and contingency plans are crucial in the event of service disruptions

Security Applications Of Cloud-Based Services

Most firms are realising that physical security systems, including access control and video surveillance, are critical facility functions that need to be maintained 24/7 under any circumstances. Even so, both of these security applications are current offerings from cloud-based service providers that companies can consider to supplement or outsource their internal functions.

Choosing An Approach

As an example, let’s see how the suggestions in the steps above might affect a firm’s planning for access control. Before we start, we should note that different organizations will have varying risk tolerances which will contribute to what type of access control solution they choose, on premise or cloud. There is no single “right” or “wrong” answer for the general question of how to choose the right approach or services; the right answer depends on the specifics of the situation for each firm.

1. Considering Cloud Service Benefits

We would consider the potential benefits of a cloud service for access control, sometimes called ACaaS, for Access Control as a Service. Offerings vary, but might include the provision of a server and software to process access requests, which would interact with the local access controllers via IP connectivity. Thus, it would generally be required for the controllers to support not only IP communications, but also encryption and digital certifications. Older controllers would have to be upgraded if they could not support these functions. Managed access control is a service where the firm pays a third party to administer the access control platform, including such tasks as adding and deleting access rights, printing badges and other credentials, monitoring for doors that are propped open or forced open.

On the upside, up-front capital costs could be reduced by limiting the amount of purchased hardware, and the ongoing management and maintenance of that hardware is done by the supplier. Depending on the supplier, the ongoing service costs might be based on the number of controlled doors, the number of users or credentials, the number of transactions, or some combination thereof.

On the downside, the list of credentialed users will now reside at the supplier’s location, where it could be subject to tampering, loss and/or theft. And, if the host server must be contacted in order to process a transaction (that is, open a door), then the operation of the system now depends on active and successful communication with the supplier’s off-site server at all times. A complete tradeoff can now be evaluated that compares the cost of owning hardware and software, along with necessary maintenance, and expected usage patterns, to the proposed cost from the cloud supplier and various related contract terms.

 2. Potential Risks

It goes without saying that in the event of a cloud-based or premises based access control failure, people within your facility will still need to be able to exit without the risk of being trapped inside. The question is, how important will it be for people to be granted or denied access based upon the configuration in the database prior to the failure? And, how urgent is adding/deleting authorized users, permissions and the other functions that require access to the host access control software? How much impact would there be on the company if the list of authorized users was altered or stolen by hackers?

3. Contingency Plan

An implementation and backup plan is developed and put into action. For the purpose of this example, let’s assume that ACaaS was approved and put into place. One part of the plan might be to capture complete back-ups of the user database periodically and to store them both on-site and off-site. Another part of the solution might be to select access controllers that have the ability to be battery backed up and hold a copy of the user database and device configuration locally so they can continue to function even in the event of a communication breakdown with the cloud supplier’s server or power outage. By taking this approach, the affected facility would be able to continue operating normally in the event of a communication breakdown or power outage, and update authorized changes after network communications were restored.

Implementing The Best Cloud-Based Plan

Both hardware and software technical advancements continue to provide new options for security management across every vertical market application. When changes are being considered that affect organizational physical and IT security, it is important to evaluate the options carefully.

Choosing an equipment supplier that has designed their products for maximum uptime is critical. This criteria will enable more effective and cost-efficient contingency planning, so you can implement the best plans possible for all your operations.

Want to learn more? Read SourceSecurity.com's Cybersecurity White Paper here

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version

Author profile

Karen Evans President & Chief Executive Officer, Sielox LLC

In case you missed it

How ISC West Has Changed The Game In Security Over The Years
How ISC West Has Changed The Game In Security Over The Years

Being in the physical security industry for almost two decades has been an exciting journey, with significant changes that have impacted the world of security. Companies today must be proactive when it comes to securing their facility and are lucky to have so many choices when it comes to security technology. From the beginning, the ISC West show was always at the forefront of new technology and brought together the very best technology and industry professionals in the “City of Lights”. Back in 2001 when I first entered the security world, video surveillance was the key driver, and transitioning from analog cameras to IP video cameras was the talk of the town. In the early 2000s, the ISC West show was filled with video manufacturers showcasing their new IP cameras and the IT folks were just starting to get involved with the security decisions.  Back then the ISC West show consisted of a myriad of video manufacturers exhibiting their camera lines. Where now in 2020 the high-profile enterprise-level camera manufacturers dominate the show floor. Over the last two decades, keeping up with the technology advancements of IP cameras was a difficult feat for most camera manufacturers and the high-profile manufacturers who had the funds to invest in R & D were the only ones that survived. Changing the game in video surveillance and access control  In the early 2000s, the ISC West show was filled with video manufacturers showcasing their new IP cameras Another huge change that our industry has seen over the years was the increase in the number of acquisitions. Smaller security manufacturers started being acquired by the larger ones, which changed the game in video surveillance and access control. In addition to manufacturers, large security integrators like Convergint Technologies & Anixter were also buying smaller commercial integrators and dominating the market. At ISC West today, you will see predominately high profile – big name manufacturers and integrators where the smaller companies were either acquired or went out of business.    Revolutions in the industry The security industry also faced a huge revolution with three major technologies driving growth in the security market – Network-based technologies (IoT enabled solutions), Access Control as a Service (ACaaS) and Mobile Credentials. ISC West saw this evolution coming and created specific educational seminars dedicated to these topics. Another big push that came into play in the last few years was being able to integrate a host of technologies like video and access control by using an open architecture platform. Many partnerships were formed in the security industry due to this massive push for integration. At ISC West, we now see many companies having their partners sharing booth space. This helps reduce costs for exhibitors in addition to giving smaller companies credibility by being recognized with the bigger players in the industry. In addition, ISC West makes it easy for attendees to plan out their show schedule in advance with the mobile app; creating a convenient way to access show information from mobile devices.  From the beginning, the ISC West show was always at the forefront of new technology Emerging excitement  Today, ISC West continues to be an exciting show that is jammed packed with educational sessions, networking events, and new pavilions that help segment the security industry into different sectors. An example of some new technology pavilions includes drones & robotics, loss prevention & supply chains, and emerging tech. All new start-up companies that are 5 years old or less can be part of the emerging tech section of the show. Here entrepreneurs can unveil new and upcoming security technologies; creating a win win situation for any size business looking to make its name known in the industry. New technology, innovations and rising trends Another huge focus at the ISC West show is public safety. A full range of solutions are offered at the Public Safety Pavilion including barriers/bollards/gates/perimeter security, surveillance, access control, and alarms - along with innovative technologies for gunshot and drug detection, license plate recognition, acoustics, facial recognition and AI, connected vehicles, communication systems and devices, alerts and monitoring, and active shooter solutions Today, ISC West continues to be an exciting show that is jammed packed with educational sessions, networking events, and new pavilions and training. Virtual reality demonstrations have also been available at the show to help attendees with preventative measures when it comes to school and public safety. Some new vape and metal detection technology built on the IoT concept will be featured at ISC West 2020 to help combat the vaping epidemic in our country. With active shooter incidents on the rise, metal detection and perimeter protection at schools will be an important part of the show. Awards and showcases When it comes to show press, we have also seen an influx of awards for security manufacturers that are exhibiting at the show. The major security publications have been offering manufacturers the opportunity to submit a product in distinct categories and win a prestigious award at the show. This creates “buzz” about your product and great for social media postings. Live video interviews at an exhibitors’ booth has also become a very popular tool to increase brand awareness and thought leadership for exhibitors. The ISC West show offers numerous ways to drive traffic to your booth and promote new product launches seamlessly. Over the years, the show has created a conduit The ISC West show offers numerous ways to drive traffic to your booth and promote new product launches seamlesslyfor manufactures and integrators to showcase new products and technologies to end users across multiple vertical markets.      At the top of the game  While the security industry continues to evolve, the one thing that stays constant is the wealth of information that ISC West offers to its attendees.  The show always brings together the latest technologies and thought leaders that will continue to change the game in security for years to come.

New VMS Features Worth Your Time and Attention at ISC West 2020
New VMS Features Worth Your Time and Attention at ISC West 2020

ISC West, the world's largest security industry trade show, is just around the corner. This in-person show gathered more than 1,000 manufacturers and over 30,000 visitors from all over the world in 2019. On top of that, more than 200 brands exhibited at ISC West for the first time. This year's event promises to be just as exciting, if not more so. Let’s overview some leading security trends in video management systems development, and what's worth your time and attention at ISC West 2020. AI analytics Emerging two or three years ago, the AI-based video analytics market is experiencing a boom in growth. The prototypes and ideas displayed at ISC West 2019 could This year's event promises to be just as exciting, if not more soalready be part of a functioning system today. There's a lot of hype around this new trend. So, if you're looking for solutions for your needs, it is important to be able to tell the difference between technologies that work and marketing bluster. To do that, you have to understand what today's AI-based analytics (also often referred to as a neural network, deep learning, or machine learning) can and can't do. Let's start with what AI can't do in video surveillance. It can't analyze the sequence in which events occur or understand the 'logic' of what's happening in the scene. In other words, there's no such thing as a 'suspicious behavior detection tool'. Nevertheless, neural networks are really good at recognizing and classifying objects. For instance, they can distinguish humans from vehicles, vehicles from other moving objects, and cyclists from pedestrians. Neural network trackers This technology is primarily used as a neural network tracker or object tracker that can identify and track objects of a specific type. Usually, it's applied to complex scenes with a large amount of non-relevant details where a classic tracker would drown in false alarms. The neural tracker can be used to detect people in dangerous areas at production facilities, cyclists riding on pedestrian lanes, or poachers trying to sneak into a nature preserve. Neural networks are really good at recognizing and classifying objectsObject identification function can be used for other site-specific tasks, such as detecting people without a helmet or a high-visibility vest at facilities where those are required by safety regulations. It can also be used to detect fire and smoke in open spaces, or at big premises with high ceilings or active air circulation, where common fire alarm systems can't be used or may go off too late. Behavior analytics  Behavior analytics is another field of analytics based on artificial neural networks. Even if recognizing suspicious or inappropriate behavior is nearly impossible, it can detect risky situations based on human postures, such as an active shooter pose, raised arms, crouching, or man down. In addition to that, AI has been successfully used to perform facial and license plate recognition for quite some time now. Although these systems aren't new, their recognition quality improves each year. Looking for solutions? You'll definitely find some interesting and new options from developers specializing in VMS and modular AI analytics at ISC West 2020. Even if recognizing suspicious or inappropriate behavior is nearly impossible, AI can detect risky situations based on human postures Smart search The ability to perform a quick, flexible search in a video archive is one of the most important features of a video surveillance system. In many ways, it's even more AI has been successfully used to perform facial and licence plate recognition for quite some time nowimportant than real-time monitoring itself. Constantly keeping an eye out for what's happening onsite is the security service's job. Medium- to large-sized companies usually have that kind of department. Meanwhile, lots of small businesses and households use video footage to investigate accidents, resolve conflicts, or analyze employee's work. They generally don't need real-time monitoring, but video search is a crucial element. The most basic search tools offer an interface that enables easy access to recorded video and event-based search (from video analytics, detectors, etc.). Smart systems with forensic search features that allow the user to set criteria enhance the system's search capabilities even more. How it works  VMS analyzes the video as it is recorded and saves the resulting metadata to a database. In the most basic case, the metadata contains information about motion in the scene as well as the moving object's coordinates. When searching, you can select an area of interest within the frame and take a quick look at all video segments containing motion in this area. More advanced systems save the parameters of moving objects, such as their size, color, motion speed and direction. TThe ability to perform a quick, flexible search in a video archive is one of the most important features of a video surveillance systemYou'll quickly find what you're looking for by setting more precise criteria. The first VMS with forensic search features appeared in the early 2010s. Since then, a growing number of users and VMS developers have recognized the importance of these tools. More and more manufacturers enrich their products with forensic search features, starting from basic search by motion detection. Integrating search functions with AI Recently, search technologies have gone even further by integrating search functions with AI analytics. Some systems are capable to recognize all faces and number plates captured by cameras and save them to the database. You can quickly find all videos containing an image of a person or a car just by searching a photo or a number plate across multiple camera archives at a time. One usage scenario for these systems can be seen in law enforcement deploying them to find suspects using CCTV cameras around the city. Another option for integrating smart search and AI is searching by criteria based on a neural network tracker. When you use it, you can set object's size, color, motion speed and direction in the scene, as well as object's type (such as a human or a vehicle). So, if you need to find out when a red car appeared in the surveillance area, the system will show you only red cars while ignoring other objects like people in red clothes. This technology lets you find what you're looking for even faster. If you or your clients use VMS primarily to record video, be sure to ask the manufacturers you'll talk to at the show what search capabilities they offer. More advanced systems save the parameters of moving objects, such as their size, color, motion speed and direction Hardware AI acceleration High CPU resource consumption is one of the hardest challenges that stem from implementing a neural network–based video analytics system. This significantly decreases the number of cameras that can be connected to a server that hosts AI analytics. It also makes the system much more expensive. AI technology lets you find what you're looking for even fasterThe solution is to use AI accelerators. GPUs and dedicated accelerator cards are used on servers to provide hardware acceleration for the neural networks' workload. These devices are mostly manufactured by Intel and NVIDIA. Intel also offers the OpenVINO™ toolkit, a software package for developers that helps distribute workload between CPU, GPU, and accelerators as effectively as possible using all available resources. New solutions Due to AI's growing popularity, lots of minor microchip manufacturers became interested in developing neural accelerator chips. The healthy competition will work in the market's favor, serving to stimulate tech development and cut prices. New solutions in the field were on display at ISC West 2019; they'll definitely be present at ISC West again in 2020. Developers specializing in VMS and modular AI video analytics should absolutely check these out. But users should understand that it's impossible to build a cost-effective video surveillance system with significant number (10–20 and more) of AI analytics channels without using neural accelerators. That said, various accelerator models may significantly differ in price and power consumption. So, when you talk to developers specializing in VMS and AI analytics modules, ask what accelerator makes and models they support. In conclusion Whether you're an integrator looking for interesting VMS offers for clients or an end-user searching for solutions to your own tasks, check out what AI analytics can do. This sector is developing very fast and is continuously introducing new features that may be just what you're looking for. Incorporating forensic search in recorded video footage is key to building an effective video surveillance system for users, and important to creating a unique product offering for integrators. Needless to say, you can't build a cost-effective video surveillance system without using CPU resources wisely. If a system's functionality completely aligns with what you're looking for, ask what neural accelerator hardware it supports to correctly estimate the cost of your video servers.

ISC West 2020's Education Conference Program: What Not To Miss
ISC West 2020's Education Conference Program: What Not To Miss

ISC West has been on a strong momentum path over the last 3 years, and has evolved to a comprehensive and converged security event – covering the spectrum of physical security, public safety, cyber-physical convergence, IoT/connected security, emerging technologies such as AI and Lidar, and advanced detection technology. Its notion of 'comprehensive security for a safer, connected world' encompasses both the integration of key technologies along with the need for cross-functional teams collaboration – and themes of workforce development and diversity in security.  Along with its premier sponsor SIA (Security Industry Association), a highlight of ISC West is the SIA Education @ ISC West conference program. With over 80 sessions (via a paid conference pass) and high-profile keynotes (open to all badge types), the event provides a strong combination of education/training along with a large expo floor (over 300,000 of exhibit space) and a total of 30,000 expected attendees. Here are some examples: Day 1 Keynote: Wednesday, March 18, 8:30-9:30 a.m. Scaling Enterprise Risk Management at the Speed of Global Transportation Charles Burns, head of security – new mobility, Uber, will explain how Uber navigates a challenging landscape by using technology to enable their business, secure company assets and ensure the safety of riders and drivers globally. Day 2 Keynote: Thursday, March 19, 8:30-9:30 a.m. On the Edge of Transformation: Securing a Connected Future With IoTBrought to you by: Amazon Web Services (AWS) Michael MacKenzie, general manager, Amazon IoT Connectivity & Control, AWS, will explain how AWS IoT enables organizations to protect the evolving security-focused Internet of Things ecosystem, built on the rapidly progressing marketplace underscored by the convergence of our digital and physical worlds, in order to secure the connected world of tomorrow. March 18, 2020, 9:45 AM - 10:45 AM "I Dreamed a Dream": Leading in the Smart/Safe/Connected City Revolution: There are millions of devices already deployed in cities across the country and around the world. With billions more coming, those devices have a significant impact on the delivery of a range of services including safety and security. In this session, there will be a discussion of how to form a smart/safe/connected city strike force to create a positive business environment and mitigate public safety threats. March 18, 2020, 9:45 AM - 10:45 AM Security on The Ledge: Transforming Willis Tower, an American Icon: As a DHS SAFETY Act designated site, balancing the demands of the building’s distinction with the competitive leasing market and trends toward open, collaborative workspaces is a challenging feat. This session will explore how the design team weaves physical security and technologies into the renovation, embracing a five-star operational experience in this high-population, high-throughput symbol of Chicago. March 19, 2020, 1:00 PM - 2:00 PM How Robotics Enables Cybersecurity With a Human Touch: Access control is a vital element of any cybersecurity program. It can tell you who has badged into the system, but not who is actually on the premises. By integrating robots into a security team, it can capitalize on robotics technology with a human factor to help security managers know who is in the facility after hours, and to protect an organization from cyber breaches. March 19, 2020, 11:00 AM - 12:00 PM Diversity & Inclusion in the Security Industry – Your Questions Answered!: Do you know the meaning of (and the difference between) “diversity” and “inclusion”? Do you know how diversity and inclusion (D&I) can contribute to your business goals and help achieve competitive advantage? This session will explore the importance of D&I to the success of the security industry now and in the future. March 19, 2020, 3:30 PM - 5:00 PM DHS Town Hall Meeting @ ISC West: Enhancing Security and Doing Business at the Speed of Life: DHS is changing the way they do business in areas of contracting, tech-scouting, and experimentation. They are seeking new ideas and partners to enhance security and accelerate technology solutions. This meeting will explore what DHS is doing to ensure things like passenger checkpoints, cargo container screening, and first responder operations. (note: OPEN TO ALL BADGE TYPES) “SIA and ISC West deliver the most robust and compelling educational programming possible through the SIA Education@ISC West conference program,” said Dr. Elli Voorhees, director of education and training at SIA. “Each year, SIA volunteers review many expert conference proposals to determine the most cutting-edge sessions and topics that will drive success for the industry.”   See the full list of education sessions.