Education security applications

I have been thinking a lot about the U.S. government’s ban on video surveillance technologies by Hikvision and Dahua. In general, I question the wisdom and logic of the ban and am frankly puzzled as to how it came to be. Allow me to elaborate. Chinese Camera Manufacturers Reality check: The government ban is based on concerns about the potential misuse of cameras, not actual misuse. Before the government ban, you occasionally heard about some government entities deciding not to use cameras manufactured by Chinese companies, although the reasons were mostly “in an abundance of caution.”  Even so, I find the targeting of two Chinese companies – three if you count Hytera Communications, a mobile radio manufacturer – in a huge government military spending bill to be a little puzzling. I can’t quite picture how these specific companies got on Congress’s radar. The government ban is based on concerns about the potential misuse of cameras, not actual misuse What level of lobbying or backroom dealing was involved in getting the ban introduced (by a Missouri congresswoman) into the House version of the bill? And after the ban was left out of the Senate version, was there a new wave of discussions to ensure it was included in the joint House-Senate version (with some minor changes, and who negotiated those?). It all seems a little random. Concerns For The U.S. Furthermore, the U.S. ban solves neither of the two main concerns that are generally used as its justification: Concern: Cybersecurity. The U.S. ban “solves” the issue of cybersecurity only if both of the following statements are true. No security system that uses a Hikvision or Dahua camera or other component is cybersecure. Any system that does not use a Hikvision or Dahua camera or other component is cybersecure. What level of lobbying or backroom dealing was involved in getting the ban introduced into the House version of the bill? The ban ignores the breadth and complexity of cybersecurity and instead offers up two companies as scapegoats. Our industry has sought to address cybersecurity, and the one principle that has guided that effort is that cybersecurity is an issue that must be addressed by manufacturers, consultants, integrators and end users – in effect, everyone in the industry. Cybersecurity does not begin and end with the manufacturer and banning any manufacturers from the market does not ensure better cybersecurity. Concern: “Untrustworthy” Chinese companies. Hikvision and Dahua are only two Chinese companies. Any response to concerns about whether Chinese companies are trustworthy would need to cover many more companies that manufacture their products in China. Australian TV recently claimed that “All Chinese companies pose a risk. Because of Chinese laws, there is a requirement for companies to be engaged in espionage on behalf of the state.” Even if one embraces that extreme view, the logic fails when only two companies are targeted. One source told me that 60 to 65 percent of the global supply of commercial video cameras are manufactured in China, so it’s a much bigger issue than two companies.The Chinese government has much more effective ways of conducting espionage than exploiting security cameras And is U.S. security at risk unless or until it is cut off from more than half of the world’s supply of video cameras? Even Western camera companies manufacture some of their cameras and/or components in China. Why name only two (or three) companies, only one of which has ties to the Chinese government? If the goal of the U.S. ban was to address the possibility of cybersecurity and/or espionage by the Chinese government, shouldn’t there be other companies and product categories included? Clearly, video surveillance is not the only category that has the potential for abuse. The Chinese government has much more effective ways of conducting espionage than exploiting security cameras. Global Response To U.S. Ban And now that the U.S. ban has been passed, how is the ban being misused to justify a new level of alarm about Chinese companies? Australian television effortlessly made the leap from “software backdoors” to a concerted and organized effort by the Chinese government to use cameras to be the “number one country for espionage.” And it’s not just about government facilities: “Even on the street, [cameras] have the potential to inadvertently contribute toward Chinese espionage activity by providing real-time information about the situation on the ground,” says the Australian TV report. If all Chinese companies pose a risk, why is the U.S. government targeting specific companies rather than all Chinese companies? If all Chinese companies pose a risk, why is the U.S. government targeting specific companies rather than all Chinese companies, or at least those with electronics or computer products that could be used for espionage? What about the espionage potential of the 70% of mobile phones that are made in China? What about other consumer electronics such as PCs or smart TVs? How many government facilities that are eliminating Dahua and Hikvision cameras have employees who use iPhones or use other electronic equipment from China? Artificial Intelligence & IP-Over-Coax Also, consider the impact of the ban on business. Hikvision and Dahua have had many successes in the video surveillance market, including in the U.S. market. They have added value to many integrators and end user customers. They have been on the forefront of important trends such as artificial intelligence and IP-over-coax. And, yes, they have made technologies available at lower prices.Cybersecurity issues have plagued several companies in the industry, not just Hikvision and Dahua Cybersecurity issues have plagued several companies in the industry, not just these two, and both Hikvision and Dahua have worked to fix past problems, and to raise awareness of cybersecurity concerns in general. Is a U.S. ban on two companies an appropriate response to a series of geo-political concerns that are much bigger than those two companies (and bigger than our entire market)? Should two companies take the brunt of the anti-Chinese backlash? Video Surveillance Cameras Is the video surveillance market as a whole better or worse for the presence of Hikvision and Dahua? Is it up to the U.S. government to make that call? In some ways, thoughts of Chinese espionage are a sign of these uncertain political times. Fear of video surveillance is perfectly congruent with long-standing anxieties about “Big Brother;” suspicion about China taking over our video cameras just rings true at a time when Russia is (supposedly) controlling our elections. But should two companies be targeted while broader concerns are shrugged off?

Governments and corporations face crisis events every day. An active shooter terrorizes a campus. A cyber extortionist holds a city for ransom. A hurricane washes away a key manufacturing facility. Not all critical events rise to the level of these catastrophic emergencies, but a late or inadequate response to even a minor incident can put people, operations and reputations at risk. Effective Response Plan In 2015, for example, the City of Boston experienced several record-breaking snowstorms that forced the city to close the subway system for three days. The extreme decision cost the state $265 million per day and was largely attributed to a lack of preparation and an inadequate response plan by the transportation department. The reputation of the head of the transportation department was so damaged by the decision she was forced to resign. Being able to better predict how the storms would impact the subway system’s aging infrastructure – and having a more effective response plan in place – could have saved the state hundreds of millions of dollars (not to mention the transit chief’s job). A comprehensive critical event management strategy begins before the impact of an event is felt and continues after the immediate crisis has ended. This full lifecycle strategy can be broken into four distinct phases – Assess, Locate, Act and Analyze. Assessing Threats For Prevention Security teams might have complained about not having enough intelligence data to make accurate predictionsIdentifying a threat before it reaches critical mass and understanding how it might impact vital assets is the most difficult challenge facing security professionals. In the past, security teams might have complained about not having enough intelligence data to make accurate predictions. Today, the exact opposite might be true – there is too much data! With crime and incident data coming from law enforcement agencies, photos and videos coming from people on the front line, topics trending on social media and logistical information originating from internal systems it can be almost impossible to locate a real signal among all the noise and chatter. Being able to easily visualize all this intelligence data within the context of an organization’s assets is vital to understand the relationship between threat data and the individuals or facilities in harm’s way. Social Media Monitoring Free tools like Google Maps or satellite imagery from organizations like AccuWeather, for example, can help understand how fast a storm is closing in on a manufacturing facility, or how close an active shooter is to a school. Their usefulness, however, is limited to a few event types and they provide only a very macro view of the crisis. Data from building access systems, wifi hotspots, corporate travel systems, among others, can be used to create a profile Critical event management (CEM) platforms, however, are designed specifically to manage critical events of all types and provide much greater visibility. Internal and external data sources (weather, local and national emergency management, social media monitoring software, security cameras, etc.) are integrated into these platforms and their data is visualised on a threat map. Security teams can quickly see if there are actual threats to the organizations or communities they are protecting and don’t lose time trying to make sense of intelligence reports. The more they can see on a ‘single pane of glass,’ the faster they can initiate the appropriate response. Locating A Threat Once a threat has been deemed a critical event, the next step is to find the people who might be impacted – employees/residents in danger, first responders and key stakeholders (e.g., senior executives or elected officials who need status updates). Often, this requires someone on the security team to access an HR contact database and initiate a call tree to contact each person individually, in a specific hierarchical order. This can be a time-consuming and opaque process. There is no information on the proximity of that person to the critical event, or if a person has skills such as CPR that could aid in the response. Ensuring ahead of time that certifications, skill sets, or on-call availability is included with contact information can save valuable time in the middle of a crisis response. Going even further, data from building access systems, wifi hotspots, corporate travel systems, among others, can be used to create a profile of where a person just was and where he or she might be going in a CEM platform. This information can be visualized on the threat map and help determine who is actually in danger and who can respond the fastest. The emergency response then becomes targeted and more effective. Security teams can quickly see if there are actual threats to the organizations or communities they are protecting Acting And Automating The third step is to act and automate processes. If there is a tornado closing in on a town, for example, residents should not have to wait for manual intervention before a siren is activated or a message sent out. Organizations can build and execute their standing operating procedures (SOPs) fully within a CEM platform. Sirens, alarms, digital signs and messages can all be automatically activated based on event type, severity and location. Using the tornado example, an integration with a weather forecasting service could trigger the command to issue a tornado warning for a specific community if it is in the path of the storm. Summon Security Guards Warning messages can be prepared in advance based on event type so there is no chance of issuing a misleading or unclear alert Warning messages can be prepared in advance based on event type so there is no chance of issuing a misleading or unclear alert. All communications with impacted individuals can be centralized within the platform and automated based on SOP protocols. This also includes inbound communications from first responders and impacted individuals. An employee confronted by an assailant in a parking garage could initiate an SOS alert from his or her mobile phone that would automatically summon security guards to the scene. Conference lines can also be instantly created to enable collaboration and speed response time. Additionally, escalation policies are automatically engaged if a protocol is broken. For example, during an IT outage, if the primary network engineer does not respond in two minutes, a designated backup is automatically summoned. Eliminating manual steps from SOPs reduces the chance for human error and increases the speed and effectiveness of critical event responses. Analysis Of A Threat Looking for ways to better prepare and respond to critical events will not only improve performance when similar events occur again It’s not uncommon for security and response teams to think that a critical event is over once the immediate crisis has ended. After all, they are often the ones pushing themselves to exhaustion and sometimes risking life and limb to protect their neighbours, colleagues, community reputations and company brands. They need and deserve a rest. In the aftermath of a critical event, however, it’s important to review the effectiveness of the response and look for ways to drive improvements. Which tasks took too long? What resources were missing? How many times did people respond quickly? With a CEM platform, team performance, operational response, benchmarking data and notification analysis are all captured within the system and are available in a configurable dashboard or in after-action reports for analysis. Continuously looking for ways to better prepare and respond to critical events will not only improve performance when similar events occur again, but it will also improve response effectiveness when unforeseen events strike. Coordinate Emergency Response Virtually every organization has some form of response plan to triage a critical event and restore community order or business operations. While many of these plans are highly effective in providing a structure to command and coordinate emergency response, they are reactive in nature and don’t account for the full lifecycle of a critical event – Assess, Locate, Act and Analyze. Whether it’s a large-scale regional emergency or a daily operational issue such as an IT outage, a comprehensive critical event management strategy will minimize the impact by improving visibility, collaboration and response.

Using a smart phone as an access control credential is an idea whose time has come – or has it? The flexible uses of smart phones are transforming our lives in multiple ways, and the devices are replacing everything from our alarm clocks to our wallets to our televisions. However, the transformation from using a card to using a mobile credential for access control is far from a no-brainer for many organizations, which obstacles to a fast or easy transition. We asked this week’s Expert Panel Roundtable: When will mobile credentials dominate access control, and what are the obstacles to greater adoption?

In 1973, a brilliant economist named E.F. Schumacher wrote a seminal book titled ‘Small Is Beautiful:’ taking an opposing stance to the emergence of globalization and “bigger is better” industrialism. He described the advantages of smaller companies and smaller scales of production, highlighting the benefits of building our economies around the needs of communities, not corporations. In almost every industry or market that exists in the world today, you're likely to find a difference in size between companies. Whether it’s a global retail chain versus a small family-owned store, a corporate restaurant chain versus a mom-and-pop diner or a small bed and breakfast versus a large hotel chain — each side of the coin presents unique characteristics and advantages in a number of areas. Disparity In Physical Security Industry Customers are drawn to products and services from large enterprises as the big names typically imply stability This disparity very clearly exists in the physical security industry, and differences in the sizes of product manufacturers and service providers could have important implications for the quality and type of the products and services offered. All too often, customers are drawn to products and services from large enterprises, as the big names typically imply stability, extensive product offerings and global reach. And that's not to say that these considerations are unwarranted; one could argue that larger companies have more resources for product development and likely possess the combined expertise and experience to provide a wide range of products and services. But the value that a company’s products and services can bring isn’t necessarily directly related to or dependent on its size. In an age where the common wisdom is to scale up to be more efficient and profitable, it’s interesting to pause and think about some of the possible advantages of small- and medium-sized businesses (SMBs). Typically, “small” companies are defined as those with less than 100 employees and “medium” with less than 500. Providing Social Mobility  Schumacher argued that smaller companies are important engines of economic growth. Indeed, according to the Organization for Economic Cooperation and Development (OECD), a group of 36 member countries that promotes policies for economic and social well-being, SMBs account for 60 to 70 percent of jobs in most OECD countries. Importantly, SMBs provide resilience in that there are often large economic and social impacts when big companies fail. Smaller companies are better for regional economies in general, as earnings stay more local compared to big businesses, which in turn generates additional economic activity. SMBs are also better at providing social mobility for disadvantaged groups by giving them opportunities and enabling them to realize their potential. Smaller companies are often more innovative, bringing to the market novel technologies and solutions such as Cloud, analytics, AI, and IoT New Companies Introduce New Technologies There's no denying the role of start-ups when it comes to innovation. In the security industry, many new technologies (e.g. Cloud, analytics, AI, IoT) are first brought to the market by newer companies. In general, smaller companies’ products and services often have to be as good or better than others to be competitive in the marketplace. They are therefore often more innovative, bringing to the market novel technologies and solutions. And these companies are also more willing to try out other new B2B solutions, while larger companies tend to be more risk-averse. Customer Service Aside from the quality of products and services, arguably one of the most important components of a security company’s success is its ability to interact with and provide customers the support that they deserve. Smaller companies are able to excel and stand out to their customers in a number of ways: Customer service. Customers’ perceptions of a product’s quality are influenced by the quality of support, and smaller manufacturers often possess a strong, motivated customer service team that can be relatively more responsive to customers of all sizes, not just the large ones. A superior level of support generally translates into high marks on customer satisfaction, since customers’ issues with products can be resolved promptly. Flexibility. SMBs have a greater capacity to detect and satisfy small market niches. While large companies generally create products and services for large markets, smaller companies deal more directly with their customers, enabling them to meet their needs and offer customized products and services. And this translates to adaptability, as SMBs become responsive to new market trends. By having a pulse on the market, smaller companies have much more flexibility in their supply chain and can adjust much faster in response to changing demand. Decision-making. Smaller companies are much more agile in decision-making, while larger enterprises often suffer from complex, tedious and lengthy decision-making processes. Communication is easier throughout SMBs, as smaller teams enable new ideas to flow and can solve problems faster. Job Satisfaction Employees working for SMBs connect more directly with the company's goals and objectives, which in turn increases motivation and job satisfaction Employees working for SMBs connect more directly with the company's goals and objectives, which in turn increases motivation and job satisfaction. SMBs are also generally more connected to local communities and participation in community activities leads to a greater sense of purpose. Additionally, SMBs have a much smaller impact on the environment, which is increasingly becoming an important consideration for today’s employees and customers. Though Schumacher's book takes a much deeper dive into the large global effects of scale on people and profitability, the general impact of a company’s size on its products and services is clear. It’s important for all players in the security industry to remember that the commitment and dedication to product quality can be found in businesses of all sizes. Ensuring Safety Of People, Property And Assets Large manufacturers may catch your eye, but small business shouldn’t be forgotten, as they can offer end users a robust set of attributes and benefits. While all security companies are aiming to achieve a common goal of providing safety for people, property and assets, smaller businesses can provide extensive value when it comes to driving the economy, innovating in the industry, providing quality employment and offering superior customer service.

Repercussions are rippling through the physical security industry since President Trump signed into law the ban on government uses of surveillance equipment by Chinese manufacturers Hikvision and Dahua. In addition to the direct and indirect consequences of the new law, there have also been other developments likely to impact the future of Chinese companies in the video surveillance market. The ban has raised awareness of Chinese companies’ role in video surveillance, and other developments are related to tariffs and possible sanctions, all playing out amid the backdrop of an escalating trade war. One Chinese manufacturer previously dismissed security concerns about its role in video surveillance as “Cold War rhetoric.” There has been an almost nostalgic tone recently to the escalating concerns about video cameras being used for spying. Hikvision and Dahua have both stated emphatically that they have not conducted any espionage-related activities. Even so, the U.S. government ban has emboldened the concerns. However, to be clear: No one has alleged that technologies from either of the companies have been used for espionage. Rather, the concerns are about the potential for misuse, not actual misuse. Also aggravating the situation are Chinese companies’ previous, actual problems with cybersecurity, which the companies say they have addressed. Here are some recent developments related to the U.S. government ban and Chinese manufacturers in general: Tariffs And Trade Concerns Additional rounds of U.S. tariffs have targeted an expanding array of Chinese goods, including data storage and processing components such as printed circuit boards, as well as video camera lenses. The escalating trade war has kept generalized concerns about China and its trade practices in the public eye and fomented a level of uncertainty in many markets, including physical security. Additional rounds of U.S. tariffs have targeted an expanding array of Chinese goods Involvement Of Surveillance In Chinese Human Rights Violations Concerns have surfaced in a Congressional hearing recently about the Chinese government’s surveillance activities targeting the Uyghurs and other Muslim ethnic minorities in the Zinjiang Urghur Autonomous Region (XUAR). Specific attention is being directed at the region’s surveillance system including “thousands of surveillance cameras, including in mosques,” and Hikvision and Dahua were mentioned in the Congressional hearing as profiting from security spending in the area. Increased Global Media Attention The ban has not been widely publicized in the U.S. mainstream media, but the topic has attracted global attention. For example, the Australian Broadcasting Corporation broadcast a 10-minute expose on the use of Chinese-made cameras in Australian government facilities, including “sensitive military facilities.” The report, which mentioned the U.S. ban, noted that “Both [Hikvision and Dahua] have had security flaws be exposed leading to fears that some of the flaws were placed there to help the Chinese government spy.” The report continues: “China is trying to set itself up as the number-one country for cyber-espionage, and this is part of that platform.” How broadly should one interpret the inclusion of "critical infrastructure" mentioned in the bill? Broader Interpretation Of The Bill Beyond The Federal Government The language in the bill leaves a level of ambiguity in terms of the scope of its application, and the security marketplace as a whole has been struggling to understand its full impact. Does the ban only restrict an integrator’s use of Chinese technology on a specific government job, or does it eliminate an integrator who installs the technology (even in non-government projects) from consideration for government jobs? How broadly should one interpret the inclusion of “critical infrastructure” mentioned in the bill, for example, non-governmental facilities? Will other governments and private entities assume they should ban Hikvision and Dahua in order to be compliant? For example, Suffolk, VA., has announced it will not to use Dahua or Hikvision cameras because the federal ban applies to “U.S. government-funded contracts and for critical infrastructure and national security usage.” The result of these developments is a kind of snowball effect, simultaneously drawing attention to the issues and adding new elements to an overall narrative. Taken together, these developments suggest the U.S. ban has set off a level of concern about Chinese companies that will have an industry-transforming impact in the months to come.

Newly modernized halls with lots of daylight will house hundreds of exhibitions and conference events at the upcoming Security Essen 2018 at Messe Essen, Germany. A new layout and hall numbering system will be unfamiliar to past attendees but promises to simplify the experience as it brings together attendees and exhibitors. European Physical Security Market Security Essen is an international trade fair, but the emphasis is more on German, Austrian and Swiss companies. In all, Security Essen will feature 1,000 exhibitors from 40 nations. The trade fair has more of a continental European “flavor” compared to IFSEC, which focuses more on the U.K market. At the last Security Essen in 2016, organizers reported about 40,000 visitors including conference participants, VIP guests, members of various delegations and journalists. Security Essen 2018 has more of a continental European “flavor” compared to IFSEC, which focuses more on the U.K market  “This year, we have sharpened the profile of Security Essen,” says Oliver P. Kuhrt, CEO of Messe Essen, a trade fair, congress and event organiser with its own exhibition grounds. “The trade fair has become considerably more digital, more modern and more interactive. Due to the optimized hall layout, we are offering our exhibitors and visitors the best possible experience with short paths and direct communication.” Newly Modernized Messe Essen The newly modernised site of Security Essen will encompass eight halls, newly renumbered and with the subject areas reorganised, too. Visitors will find Services in Hall 1; Access, Mechanatronics, Mechanics and Systems in Halls 2 and 3 and the Galeria; Perimeter Protection in Hall 3; Video in Halls 5 and 7; and Fire, Intrusion and Systems in Halls 6 and 7. A helpful smart phone app, downloadable free from the Google Play Store (Android) or the Apple App Store (iOS), will be available two weeks before the event and include a show floor plan; the exhibitor list with booth numbers and contact information; and an overview of the supporting program. A separate hall – Hall 8 – will house new Cyber Security and Economic Security categories. Cyber Security Conference At the new Cyber Security Conference, located prominently at the new East Entrance, experts will share their knowledge about the more pressing challenges and potential of cybersecurity. The program opens and closes on 25 and 28 September with the main topic “Opportunities and Risks of Cyber Security”. On 26 September, discussions and lectures will center on “Entry, Admission, Access: Identification Options”.A helpful smart phone app, downloadable free will be available two weeks before the event and include a show floor plan On 27 September, the topic will be smart homes and focus on “Connected Building, Security in the Buildings of the Future”. Speakers will include the president of Germany’s Federal Office for Information Security, who will address cybersecurity as a challenge for politics, business and society. The fair organises the conference in cooperation with the BHE Federal Association of Security Technology and the technical support of the Federal Office for Information Security. In Hall 8, a new Public Security Forum will enable visitors to experience digital security technologies for public spaces from the areas of sensors/IoT, cyber security and surveillance. The products and solutions will be installed in four different building scenarios (town hall, school, hospital and library) and it will be possible to test them extensively. The forum, including lectures and discussions, will target municipal decision makers and planners of public spaces. Comprehensive Program A Security Expert Forum in Hall 2 will present a continuous program with more than 90 presentations during the period of the fair. Visitors will obtain information and solution ideas about all six subject areas covered at the fair, and the program will begin with a keynote lecture each morning and finish with a live demonstration in the evening. On the first day of the fair (25 September), Security Essen’s Career Forum will introduce retrainees, students, trainees and graduates to companies from the security industry. Targeted and professional communication will be established between companies and job applicants to facilitate making contacts, developing networks, and filling actual vacancies. Thursday (27 September) will be observed as Fire Prevention Day, and a Drone Course will be provided each day in Hall 7. One day admission to Security Essen is €41; a four-day ticket is €105. Advance sale tickets are discounted.

In summer 2013, The University of Colorado at Boulder, commonly referred to as CU-Boulder, completed its project to install 5,700 SALTO RFID locks, replacing their previous magnetic stripe locks throughout all of the University’s residence halls. SALTO Systems’ use of RFID technology (Mifare, NFC, Desfire EV1), its robust architecture, and its ease of use all combined to make SALTO the clear choice for the future of CU-Boulder’s residence halls. Increased security awareness, aging infrastructure and pressure to cut operating costs are just some of the many reasons why schools, colleges and universities look to find new ways to enhance campus security. Multi-purpose access control system Student housing in particular is often a key area for upgrade. While each campus housing program is tailored to its individual location, many of the tasks it is required to perform are common across the country. These include assigning rooms, distributing keys, retrieving old keys and issuing new ones, and this can be a time consuming task that can involve large numbers of staff and lengthy waits for students. Then, there is the matter of lost keys and their associated costs which only adds to the workload. Add to this, that older systems used a card that was just a standard key. Today that same card is now almost certainly going to be a student ID card as well as a room key, campus key, and be used for managing in-room energy usage, purchasing food, study supplies, bookstore supplies and riding the bus to class. Being required to handle all this, plus providing facility management (remote lock/unlock, scheduling, access rights) requires a more modern approach to security. It needs an increasingly multi-layered approach that can maximize overall security now, while providing flexible future proof technology that will deliver lasting dollar value for the years ahead. An example of such a multi-purpose access control system installation can now be seen at the University of Colorado Boulder, which has just completed installation of some 3,900 SALTO RFID XS4 keypad locks and 1,800 non- keypad locks. Time to upgrade technology CU-Boulder is the flagship of the four-campus University of Colorado System, which also includes the University of Colorado Denver, University of Colorado Anschutz Medical Campus and University of Colorado Springs. Situated on one of the most spectacular campuses in the country, it offers approximately 3,600 courses in 150 fields of study in arts and sciences, business, education, engineering, environmental design, journalism, law and music. There are currently 26 residence halls on campus at CU- Boulder. The residence hall room types range from singles to four person rooms and others with apartment style amenities. Along with that, there are some rooms that have more amenities than others, including a full bathroom and/or a kitchen. The majority of the students living in the residence halls are freshmen, but any year student can live on campus. There are several communities of residence halls located throughout the campus and in a separate area called Williams Village, which is connected to the main campus via the local bus transit service. SALTO Systems were selected for its use of RFID technology, robust architecture, and ease of use With this in mind, CU-Boulder’s existing magnetic stripe door access system used in the student residence halls was aging and the university wanted to move their locking systems to newer, more secure RFID card technology. A program was initiated by HDS Information Technology Department to evaluate alternative solutions that could offer them both the higher levels of security that they wanted as well as the encrypted RFID technology that could be leveraged for their transit system and other uses on campus. Challenges Larry Drees, Assistant Director HDS Information Technology at CU-Boulder says, “Having used a mix of magnetic stripe door access systems as well as keypad and PIN enabled locks as a part of our residence room standard for many years; we wanted to upgrade our technology, but still have something that was easy to manage.   “Our residence halls are busy places with high traffic areas, so any replacement locking system would have to be robust. Encrypted RFID technology was an important requirement for us, but we also wanted something that was reliable and easy to install. Also, we wanted our new system to be capable of integration with our Ecopass transit system and our campus Software House's C-Cure 9000 access control system within the next 12-24 months. In addition, we were impressed with the variety of locking hardware options giving us additional levels of security on a case by case basis while still being capable of management within a single system. After many months of reviewing the options currently on the market, we settled on SALTO’s XS4 solution as the locking system that could give us the functionality and technology options we wanted, at a standalone off-line locking system price point. The ability to transfer information to and from the lock via an RFID card is also something we think will be helpful in managing these locks over the long term.” Planning and installation “Ensuring the safety of students and their assets in residence accommodation is always a high priority,” confirms Tim Moreno, Western Region Sales Manager for SALTO Systems. “Looking at the layout of the campus and the position of the various residence halls, we assessed usage and the level of security required and then worked with Larry and his team to design and subsequently install a highly secure and flexible networked access control system to meet all the needs of the university.” The solution chosen was the SALTO XS4 keypad lock which is designed to provide increased levels of security and control for doors where extra security may be required. It offers users a choice of multiple security authentication methods to control access including RFID smart cards (DESFire EV1 smart cards at CU-Boulder), combined use of a PIN (Personal Identification Number) code + smart card or a separate keypad code. The lock can be operated in 3 modes; smart card only, pin code + smart card or keypad code only. With standard smart card mode, the lock is locked at all times until opened with the student’s key card that has access rights to that room. "Controlling access and securing our residence buildings is crucial. We now have 26 residence halls and 3 administrative support buildings using SALTO locks", says Larry Drees, Assistant Director HDS Information Technology at CU-Boulder When using pin code + card mode, each student has their own personal code. Typically, this is used where extra security and dual authentication (presenting both a card and typing in the pin code) are needed, and students can have up to an 8-digit pin code. In keypad code only mode, the lock itself has an access code that is used for student authentication. Every student that goes through that door knows the keypad code. When two students share the same residence room, they are the only ones that know the keypad code of that room, and again, students can have up to an 8-digit keypad code. “The university also plans to install the SALTO solution into the lobbies controlling the private secure areas of the halls,” Moreno says, “and from a management point of view the XS4 keypad locks can handle up to 64,000 doors and 4,000,000 users on a single system, with each individual lock recording the last 1,000 audit trail events at that door in its memory.” Benefits Larry Drees summarizes, “Controlling access and securing our residence buildings is crucial. We now have 26 residence halls and 3 administrative support buildings using SALTO locks. At this point, we are keeping our system setup pretty simple. Most doors are student rooms which are locked 24/7, and we do not use the calendar features of the system to any great extent at this time. We also plan to work with SALTO to improve the user interface so we can restrict functionality at a more granular level. Now that the system has been implemented, we’re pretty satisfied with the quality and efficiency of the product. Besides helping us move closer to the university’s vision for utilizing RFID technology, the new system also leverages this technology while helping us meet our goal to provide a safe and secure environment for our students.”

Customer: George Mason University is one of Virginia's fastest growing higher education institutions with four campuses and 35,000 students. Located in the heart of Northern Virginia's technology corridor near Washington, D.C., George Mason University offers strong undergraduate and graduate degree programs in engineering, information technology, biotechnology and health care. The George Mason University School of Law has been recognized by U.S. News and World Report as one of the top 40 law schools in the United States. Challenge: The previous video system at George Mason University suffered from poor video quality and a lack of standardization. The legacy system could not provide the needed levels of video surveillance, either related to the area being viewed or the quality of images needed to identify events and/or individuals. A new construction project included the required funds for an initial investment in an IP-based surveillance system. The University needed a system that could provide better video quality to capture facial recognition and to offer a wider range of options. Megapixel Solution: A need for better image quality led George Mason University directly to IP-based megapixel camera technology. The University evaluated several well-known camera suppliers before deciding on Arecont Vision, which leads competitors related to processing power, breadth of the product line, and use of H.264 compression technology to minimize bandwidth and storage needs. "We have installed almost every variety of megapixel camera made by Arecont Vision, from the 1.3 megapixel MegaDome® to the 8 megapixel 360-degree SurroundVideo® panoramic camera," said James L. McCarthy Jr., Director of Physical Security, George Mason University, Fairfax, Virginia. The capabilities of various cameras are matched to the areas they need to cover. Cameras have been installed in athletic facilities, including an Olympic-sized pool; in academic buildings; and in parking garages, according to Brian Piccolo, Senior Account Executive, S3 Integration, Baltimore, Maryland. The system was designed jointly by George Mason University and S3 Integration. Future installations will include the University's residence halls. Two panoramic 360-degree cameras are positioned over a broad plaza area to enable surveillance of activity on the plaza while also covering doors leading into an adjacent building. Each camera's 8 megapixel images (from four 2 megapixel sensors) provide 360-degree coverage from inside a 6-inch dome. The camera is used to view large areas while capturing megapixel detail. Each camera provides up to 6400 x 1200-pixel images at 5.5 frames per second (fps), or can be set for lower resolutions at higher frame speeds, such as 1600x1200-pixel images at 22 fps. The cameras use Arecont Vision's MegaVideo® image processing at billions of operations per second. The cameras also provide image cropping and up to four regions of interest. Several 180-degree cameras cover the pools and gym floors in George Mason's athletic facilities. The 8 megapixel, 180-degree panoramic camera also incorporates four 2 megapixel CMOS image sensors to provide 6400 x 1200-pixel panoramic images at 5.5 fps. Covering long and narrow runs (such as hallways and drives) are 3 and 5 megapixel cameras from Arecont Vision. Arecont Vision's 5 megapixel camera uses a 1/2-in. CMOS sensor to provide 2,592 x 1,944-pixel images at 9 frames-per-second. Light sensitivity is 0.3 lux at F1.4. The camera can output multiple image formats, allowing the simultaneous viewing of the full-resolution field-of-view and regions of interest for high-definition forensic zooming. Arecont Vision's 3 megapixel camera provides 2048 x 1536-pixel images at 15 frames per second. Light sensitivity is 0.2 lux at F1.4. The images from Arecont Vision's IP megapixel cameras are fed to a local ExacqVision network video recorder, which is monitored by a Central Security Operations Centre The images from Arecont Vision's IP megapixel cameras are fed to a local ExacqVision network video recorder, which is monitored by a Central Security Operations Center. Signals from some of the cameras are also fed to a central server that have been downloaded with Exacq software. All video data is transmitted over a secured, firewalled, standalone security network within the George Mason University intranet system. The majority of the Arecont Vision cameras are placed in areas where there is sufficient light at all times. Parking garages are currently monitored with Arecont Vision day/night cameras, which use a motorized infrared (IR) cut filter. These cameras can monitor license plate numbers and increase the productivity of garage personnel by monitoring daily tasks like: credit card transactions, remotely. Now, any George Mason University department that wants to add video surveillance can call on S3 Integration to upgrade and expand the system using funds provided through departmental budgets. Megapixel Benefits: "Advantages of Arecont Vision cameras over competitive products include performance, versatility, price and ease-of-use," said Mr. Piccolo. The end-user customer especially likes the ease-of-use and the sharp pictures available from the various Arecont Vision models. "The price point was better and [the cameras] helped eliminate some costs," said Mr. Piccolo. "We now have better forensic capabilities and more flexibility in the recovery of data," added Mr. McCarthy. The main attribute of the Arecont Vision camera line is the ability to install fewer cameras while capturing video from a larger area. Fixed megapixel cameras providing virtual pan-tilt-zoom (PTZ) within captured images translates into fewer moving parts than traditional PTZ systems, which reduces overall maintenance cost and the potential for system failure. The picture quality and digital zoom capabilities of Arecont Vision cameras far exceed analog technology and allow George Mason University to retrieve usable video. Combined with recent cost reductions in NVR storage and network switches, the use of fewer cameras allows George Mason University to transition to higher-quality video at a minimum increase in cost. Megapixel imaging represents a significant upgrade in system functionality compared to standard-resolution cameras. In addition to lower bandwidth and storage requirements, using fewer megapixel cameras to cover larger areas can dramatically decrease costs related to other elements of a system, such as fewer software licenses, fewer lenses, and a decrease in man-hours needed to install the system.

The Muhammad Ali Center is a cultural attraction / international education center inspired by the ideals of its visionary founder, Muhammad Ali. Featuring two-and-a-half levels of interactive exhibits and captivating multimedia presentations, the Ali Center carries on Ali's legacy and inspires the exploration of the greatness within ourselves. It includes a five-screen orientation theater, timeline of Ali's life, historical Civil Rights era and fight footage, exhibit galleries, and hands-on boxing fun. It also includes an Ali Center retail store and lunch café. The Ali Center has over 30 cameras protecting the museum and its 3-level underground parking garage. The existing surveillance system transmitted analog video 800 to 1200 ft over traditional coax cable to the control room. To improve image resolution and flexibility, the museum decided to upgrade to a new IP-based system. The project was not as straightforward as initially thought. Budgets had to be met and facility disruptions kept to a minimum. To perform the upgrade the Ali Center turned to Tyco Integrated Security. After a careful site plan review, Tyco Integrated Security recommended the NVT Ethernet over Coax (EoC) solution based on past successes at other customer sites because: Re-deployed coax eliminates the expense for pulling out old cable and the installation of new network wiring; There would be zero facility disruption; Power-over-Ethernet signals are easily delivered at extended distances without the need for mid-span repeaters or IDF wiring closets. Successful deployment experiences at other Tyco customers’ sites. In selecting the NVT Ethernet over Coax solution, the Ali Center was able to install a cost-effective state of the art surveillance upgrade, using existing cable at extended distances with no disruption to visitor enjoyment of the facility.

The contactless readers on the front of the dorms remain the same, but instead of being issued keys for access to specific rooms students will now taptheir card and enter a PIN for access, says Keith Tuccillo, system administrator for life safety and security systems at Princeton. Deployment At Princeton’s Housing Facilities Using technology from SALTO Systems, the massive deployment includes 53 residence halls and 3,700 individual locks. It impacts about 9,000 undergraduate and graduate students living in Princeton’s housing facilities. Previously students would tap their HID iCLASS 32K card at the main entrance and then use a key for access to their rooms, Tuccillo explains. Starting in the fall, after students are through the main entrance they tap the card on a reader and enter a PIN to access their room. “The housing department wanted something more robust,” says Trucillo, explaining the choice to require both contactless read and PIN entry. They wanted two-factor authentication so that if a student lost an ID card someone could not gain access to their room, he explains. To meet this need, Princeton chose SALTO’s XS4 lock with keypad. For added security, the campus is assigning PINs rather than allowing students to self-select their own. “This is to avoid students choosing 1-2-3-4 as their PIN,” Tuccillo says. Students have been notified of their PIN and the changes to the physical access control system through email, physical mail and other print materials. The Data On Card Concept “In a SALTO system, all data required to make an access decision is held on the card,” explains Mike Mahon, Senior VP Commercial Sales, SALTO Systems. The lock and card communicate with each other to determine if access should be approved or declined. This eliminates the need for online connectivity to a central database during access transactions. In addition, Mahon explains that the cards themselves can act as transport, carrying system data throughout the network of readers. Cards pickup data from readers in the normal course of entries and exits and spread this data to other readers in a viral manner during subsequent transactions. This Data on Card concept is a key part of what SALTO calls the SALTO Virtual Network. Another key component is the series of online readers known as hotspots. At a hotspot, cards can be revalidated, PINs changed and access rights adjusted. Additionally, important system data can be loaded for viral dissemination. Hotspots can be normal online exterior door readers or they can be dedicated stations, conveniently located within a building. Revalidation of card privileges at hotspots is crucial to the SALTO Virtual Network architecture. In traditional online access control systems, cards and privileges are revoked. Access rights for a terminated employee or student are turned off in the central system and all subsequent access requests are declined during the online transaction. But this presents a challenge in offline environments, as the removal of rights for a terminated cardholder cannot be communicated immediately to the deployed readers. SALTO solved this challenge by reversing the traditional access control model. “Rather than granting privileges with no expiration or extremely long life spans, we grant short term privileges and use the power of our hotspots to facilitate rapid, seamless revalidation,”explains Mahon. "Princeton opted to connect the interior XSR locks via Wi-Fi to enable real-time audit tracking for access transactions" Imagine a building with two exterior doors and two hundred interior doors controlled with SALTO locks. Cardholder privileges are set to expire every 24 hours and all interior locks operate completely offline. Each time a cardholders enters the building, the students’ privileges are revalidated and rewritten to the card granting access for the next 24-hour period. This enables the student to pass through any approved interior door readers. If the individual is fired or expelled, the card will no longer be revalidated at an exterior door and the current privileges on the card will expire at the end of the 24-hour window. Furthermore, as other cardholders enter through the exterior doors and are revalidated, the terminated cardholder data is written to the card for viral distribution. As these valid cards are presented to offline door locks through the normal course of operations, the terminated card is added to the lock’s blacklist. If the terminated card is presented to that lock during the few hours it still has remaining on from its prior validation, access is denied and the card rendered inactive.  Benefits From Both Online And Offline Functionality Because SALTO makes all access decisions offline between the card and the reader, the system is not impacted by network or power disruptions. But while the system can function in a fully offline mode, online operation via wireless enables additional functionality. “Princeton opted to connect the interior XSR locks via Wi-Fi to enable real-time audit tracking for access transactions, instantaneous lock down and remote door scheduling,”says Mahon. This also reduces the reliance on revalidation of credentials as terminated cardholders can be removed from the deployed readers via online notification. The university chose to revalidate at different intervals based on group, for example staff once per week, students and faculty once per semester and certain staff every 48 hours, explains Mahon. The new system offers Princeton more flexibility and potentially saves money. In the past, if a key was lost the lock had to be re-keyed. With the new system, however, changes can be made to the physical access control system removing the lost card and issuing a new credential for the student.  It also streamlines the process for granting contractors access to residence hall rooms. Physical master keys were assigned or temporarily issued to contractors. The problem with master key-based systems is that lost keys create extreme vulnerabilities and costs. In traditional environments, a lost master key would entail mass rekeying at significant expense. In the new environment, the contractor is issued a card with only the appropriate privileges. If lost, the card is simply canceled and the risk mitigated. The new system also keeps an audit trail of who accessed what locations and when. The new system was two-years in the making, Tuccillo explains. With the start of the Fall semester, students and campus administrators should start reaping the benefits of these efforts to better secure Princeton’s residential facilities.

Learn how the Georgia Tech Police Department deployed a web-based physical access control system (PACS) to manage facility access from any web browser, partition role-based access privileges by building, synchronize with campus-wide identity management systems and reduce total cost of ownership. Managing Campus Facility Access Within A Virtual Server Environment The Georgia Institute of Technology campus occupies 400 acres in the heart of Atlanta, Georgia, with 900 full-time instructional faculty and more than 20,000 undergraduate and graduate students. The Georgia Tech Police Department (GTPD) is responsible for ensuring campus safety and building security 24/7 and is responsible for managing access to more than 1,800 doors across multiple campuses, buildings and parking garages using the Georgia Tech BuzzCard access control system. Download this free case study to learn how the Georgia Tech Police Department implemented a web-based Physical Access Control System (PACS) which provided the following benefits: Manage facility access from any web browser Partition role-based access control privileges by building Synchronize with campus-wide identity management systems Eliminate the cost and complexity of legacy security systems Leverage it investments in hardware virtualization Install non-proprietary door hardware and controllers  

Reykjavik University (RU) is a vibrant international university located at the heart of Reykjavik, the capital of Iceland. Reykjavik University is Iceland's largest private university and focuses on research, excellence in teaching, entrepreneurship, technology development and co-operation with the active business community. RU has been happily using HID proximity technology to secure its buildings for many years. About three years ago the university decided to build a larger, more modern and first-rate facility to accommodate all of the university's five-degree courses in the future. Designing this new facility for RU was not an overnight task. Many hours of planning and research were put in to ensure the best possible building for RU. The university's technical manager Ellert Igni Hararson spent almost a year researching the applications and products that may be suitable for RU and in the course of his research, he also met with HID Global at their EMEA offices in Haverhill, UK. To make the new building a success, RU worked closely with Securitas Iceland who, together with the University's building consultant Eiríkur K. Þorbjörnsson, designed a solution to fit the university's vision. RU's vision was to have an almost "key-free" building, not only to increase the convenience and security for students and staff but also to reduce costs and increase efficiency. Whatever solution was to be chosen today needed to also be able to grow and fulfil our future requirements of a high-tech system and building. "Our vision is to have a true multi-application s art card that in the future can be enabled for cashless vending, canteen, on-de and printing, photo ID, library, use of lockers and maybe even more! We are also working with the wider community to extend the use of student cards for public services, such as for buses, the museum and swimming pools. We really would like to see the use of smart cards adopted even beyond the boundaries of the university and make the advantages of multi-application ID cards available to everyone," explains Ellert. Eiríkur adds, "by planning for a true multi-application future from the start, with this project we were able to ensure a quick return on investment for the university." Content with the existing HID PROX® solution and after much research, the university decided to transition to HID iCLASS®, using both multi-technology cards and readers. iCLASS was considered a cost-effective and convenient choice as it made migration to smart cards simple. "From the outset it was important for us that students who were issued access cards for the old building would be able to use their cards and gain access also in the new building", Ellert explains. The university charges students a nominal fee for their cards, which according to Ellert has helped to reduce card loss to almost zero, as students associate value to their cards instantly. The overall system now installed at the university extends the boundaries of access control and has also seamlessly integrated lighting, electrics and room allocation control. "We are trying not only to provide a secure and high-tech facility for our students and staff but to also be green and conscious of our environment around us. Such integrated solutions helps us to learn about how rooms and areas within the university are used, allowing us to become ever more intelligent and efficient",says Ellert. "We are trying not only to provide a secure and high-tech facility but to also be green and conscious of our environment" Today, HID Global's multi-technology's art cards provide about 4000 students access to all the university buildings and by students uploading a photograph to the university's intranet, their card will be issued to the on their very first day of school with all their details and photo already printed on it. "We use a FARGO® HDP5000, which is handled by our receptionists who are able to deliver cards to new students even during the busy periods at the beginning of term", explains Ellert. The cards are used throughout the old and the new buildings to gain access to classrooms, lab rooms and study areas 365 days a year and 24 hours a day. The new ca pus is not yet complete and the current facility is still being extended by another 7000m2, which is planned for completion in August 2010. "Iceland itself is a very-forward thinking country and most of our local and international students have been in touch with s art cards and access control cards before, therefore the adoption of s art cards was very quick and we have received very good feedback from our students and staff so far", says Eiríkur. Ellert and Eiríkur conclude that they are excited about the possible future use and applications of their s art cards, hoping that one day in the not so distant future, the university cards can be used on the local bus, the public library and even at the theatre. "RU has the determination to think big, to always improve the university's ability, and to decisively carry out our plans. We are all responsible for our continued success. The future of RU is in our hands", says technical manager Ellert. "With HID Global solutions, we are set to make our ambitious vision for the future a successful reality today and build on it for the future". For more information on how HID helped Reykjavik University , watch the case study video:  Watch the video to see how HID helped upgrade Reykjavik University's security system