Application security
Technological Innovations Group (TIG), the technology sales agency in the EMEA region offering integrated automation and control solutions for smart spaces, is pleased to announce that it is now able to offer Power Distribution Units (PDU) from GUDE that integrate with Crestron Home systems. This means users can now remotely control and monitor smart space devices in residential settings. As an official partner of Crestron, GUDE has developed and now offers drivers that allow their IP power str...
HENSOLDT UK are pleased to announce the launch of SPEXER 600 multi-mission, X-Band ground-based surveillance radar utilizing SharpEye solid-state transceiver technology. Building upon the excellent pedigree of well-established HENSOLDT products and technologies, SPEXER 600 complements the SPEXER family of Active Electronically Scanned Array or AESA radars, offering a cost-effective and truly crew portable field deployable solution. Design and function Designed to meet user requirements to det...
Urban populations are expanding rapidly around the globe, with an expected growth of 1.56 billion by 2040. As the number of people living and working in cities continues to grow, the ability to keep everyone safe is an increasing challenge. However, technology companies are developing products and solutions with these futuristic cities in mind, as the reality is closer than you may think. Solutions that can help to watch over public places and share data insights with city workers and officials...
Green Hills Software, the pioneer in embedded safety and security, announces the release of µ-visor™, its safe and secure embedded virtualization hypervisor, for the Renesas RH850/U2A microcontroller (MCU). Designed to support the emerging automotive cybersecurity requirements of ISO/SAE 21434 and UNECE WP.29 and to meet ISO 26262 ASIL D functional safety, µ-visor for MCUs expands Green Hills leadership in safe and secure virtualization technology and its product line. µ...
TechAssure, the global network for insurance brokers specializing in technology risks, is partnering with CyberCube to roll out its Broking Manager product to the network’s members worldwide. Formed in 2000, TechAssure is a not-for-profit association headquartered in Davidson, North Carolina. TechAssure’s network consists of 30 retail brokerages servicing over 5,000 technology and life science clients globally. Software service application Broking Manager is the first software-as-...
Alarm.com has developed the first cellular sensor with virtually no range limitations for monitoring valuable property and assets. The Alarm.com Flex IO™, a battery-powered device that is weatherproofed for outdoor durability, uses the latest LTE-M technology to operate anywhere there is LTE coverage and without a panel, hub or even Wi-Fi. The one-of-a-kind sensor works as a standalone solution or as an expansion of a person’s existing Alarm.com-powered system. The Flex IO™ se...
News
Silicon Labs, a provider of silicon, software and solutions, announces Z-Wave Long Range (LR) support for existing Z-Wave 700 Series products. With ten-year coin cell battery operation, backward compatibility and the addition of Z-Wave LR features, Silicon Labs Z-Wave 700 Series SoCs and modules extend seamless wireless connectivity beyond the smart home. The unique benefits of Z-Wave LR make it a perfect fit for Internet of Things (IoT) applications in commercial, multi-dwelling unit (MDU), and hospitality markets. Z-Wave LR is a new specification by the Z-Wave Alliance offering point-to-point wireless connectivity at ranges up to several miles and support for thousands of nodes. External power amplifier Z-Wave LR eliminates the need for mesh repeaters, saving time and money for developers and end customers. “The addition of Z-Wave Long Range support is a significant expansion of our Z-Wave 700 Series product offering, bringing Z-Wave beyond the home into IoT markets requiring substantially greater range and penetration,” said Jake Alamat, vice president and general manager of IoT home and consumer products at Silicon Labs. Z-Wave 700 products will be launched in 2021, further extending range with an increased +20dBm output Field testing of Z-Wave LR on Silicon Labs Z-Wave 700 Series products demonstrated one-mile point-to-point range (line-of-sight) at +14dBm output power, and new Z-Wave 700 products will be launched in 2021, further extending range with an increased +20dBm output. Several mile range can be achieved with an external power amplifier to meet the maximum Z-Wave LR specification limit of +30dBm. Optimizing power settings Additionally, the 700 Series supports dynamic output control to optimize power settings and enables up to ten years operation on a coin cell battery. “Silicon Labs’ Z-Wave 700 solutions with Z-Wave Long Range will allow us to provide energy-efficient, scalable IoT connectivity to our smart apartment communities,” said Felicite Moorman, Co-Founder of STRATIS, an IoT platform for connected buildings. “With ease of installation and extended range capabilities, these Z-Wave solutions enable connected products that deliver an excellent experience for installers, staff and residents.” New development kits supporting Z-Wave LR are available for purchase. Software support for Z-Wave Long Range on Z-Wave 700 devices is available via Simplicity Studio 5, Silicon Labs’ free IoT developer environment. Z-Wave Alliance certification for Z-Wave LR devices will be added by end of Q1 2021, with customer products to follow.
The Security Industry Association (SIA) has released version 2.2 of SIA Open Supervised Device Protocol (OSDP), an access control communications standard developed by SIA to improve interoperability among access control and security products. SIA OSDP version 2.2 features the messages and formatting that were included in the International Electrotechnical Commission (IEC) 60839-11-5 standard released earlier in 2020 and addresses some of the minor errata within that document. SIA OSDP version 2.2 replaces version 2.1.7 of the specification, released in 2015. Facilitating encrypted communications Chief among the updates are an enhanced method for file transfer, which allows for the transfer of large data sets for firmware updates or graphics from an access control unit to a reader, clearer instructions for the implementation of SecureChannel to facilitate encrypted communications and updated messages for handling smartcard applications within the protocol. SIA OSDP version 2.2 is a bridge that allows for easier updates of the OSDP specification and the subsequent publishing of these enhancements as an international standard. SIA OSDP allows devices, such as card readers, control panels or other security management systems to work together, providing the security industry with a solution that moves far beyond the widely-used Wiegand standard in terms of security and functionality. Advanced security applications The SIA OSDP standard is recommended for access control installations that require advanced security A two-way channel and encryption pave the way for advanced security applications such as the handling of smart cards, biometrics and government applications that require Public Key Infrastructure or Federal Identity, Credential and Access Management requirements. “SIA OSDP version 2.2 is a culmination of all of the work done over the past five years to prepare the protocol for international standardization and fixes the majority of common implementation challenges faced by implementers of version 2.1.7,” said Steve Rogers, co-chair of the SIA OSDP Working Group and president at IQ Devices. Already in use by many manufacturers, the SIA OSDP standard is recommended for access control installations that require advanced security or will be used in government and other higher-security settings. Comprehensive testing program In April 2020, SIA introduced SIA OSDP Verified, a comprehensive testing program that validates a device’s conformance to the SIA OSDP standard and related performance protocols. Maintained and developed by the SIA OSDP Working Group since 2011, the SIA OSDP standard was approved by the IEC technical committee on alarm and electronic security systems as an international standard in June 2020. SIA OSDP v2.2 aims to duplicate the contents and terminology that were required in the IEC standardization process, harmonizing the SIA published protocol series and the IEC standard. Future versions of OSDP will continue to follow the IEC formatting conventions, enabling the always-evolving work of the SIA SODP Working Group to be more easily adopted through the IEC standards process.
LenelS2 has announced a global distribution agreement to resell Invixium’s contactless biometric solutions through the LenelS2 OnGuard and NetBox value-added reseller (VAR) channels. The agreement also includes a new interface with the OnGuard and NetBox systems to enhance access control and proactive screening to help protect people and optimize building health and efficiency. The solutions are offered as part of Carrier’s Healthy Buildings Program, an expanded suite of advanced solutions to help deliver healthier, safer, more efficient and productive indoor environments. LenelS2, an internationally renowned company in advanced security systems and services, is a part of Carrier Corporation, a global provider of healthy, safe and sustainable building and cold chain solutions. IXM TITAN solution with Enhancement Kit LenelS2 will now offer the IXM TITAN solution with Enhancement Kit: an intelligent dual-camera biometric solution LenelS2 will now offer the IXM TITAN solution with Enhancement Kit: an intelligent dual-camera biometric solution that performs contactless facial recognition authentication with no mask removal required, and mask detection and elevated body temperature detection measured at the tear duct. The Invixium TITAN solution offers an API interface with the NetBox access control system and an interface with the OnGuard security management system through a certification in the LenelS2 OpenAccess Alliance Program (OAAP). Flexible configuration of workflows The interface enables flexible configuration of workflows utilizing any permutation combination of card, biometric fingerprint, facial recognition, temperature screening and mask detection access parameters. “The collaboration with Invixium provides our users with a versatile access control and proactive screening solution that can help them navigate today’s complex safety and security requirements,” said Jeff Stanek, President, LenelS2, adding “The advanced biometrics and built-in mask detection add new functionality to our Healthy Buildings portfolio.” TITAN solution and LenelS2 access integration “The powerful interface between the TITAN solution and LenelS2 access control systems provides very relevant biometric solutions that meet the world’s most pressing demands,” said Shiraz Kapadia, the Chief Executive Officer (CEO) and President of Invixium. Shiraz adds, “Our health-focused portfolio combines temperature screening with mask detection for contactless access control and workforce management in one elegant device, allowing businesses in key industries to easily create healthy business environments.” Touchless biometric security and access control TITAN solution delivers touchless biometric security through face recognition via a 21-megapixel camera The TITAN solution delivers touchless biometric security through face recognition via a 21-megapixel camera and adding the Enhancement Kit transforms the TITAN solution into a health kiosk capable of measuring temperature for biometric access control. Not only can the TITAN solution authenticate 12 to 18 users’ faces in one minute with high accuracy, but it can also screen each of those users’ temperatures at the tear duct in the same amount of time. Bolstering entrance controls The TITAN solution features an easy, one-piece installation and installs just like a traditional reader. In addition to its touchless access and proactive screening capabilities, the TITAN solution can be easily used to bolster entrance controls. These readers, purchased through LenelS2, do not require any additional licensing fees. TITAN readers and Enhancement Kits must be purchased individually or as part of a kit from LenelS2.
Hanwha Techwin, a supplier of IP and analog video surveillance solutions, announces their top five key trend predictions for the security industry in 2021. They include: AI moving to the edge, open platforms, cloud, cybersecurity and privacy. Improved AI algorithms Artificial Intelligence is moving to the edge - Increased computing power along with improved AI algorithms are driving the trend towards AI and machine learning to be run on IoT devices instead of expensive and resource hungry on-premises data servers. Next-generation security edge devices will be able to serve as sensors for detecting video data, radar, thermal imaging and more. Processing much of the data on the edge and sending refined data to the server will improve the efficiency of resources and reduce processing time. Hanwha expects that the edge will become an open platform to create a new ecosystem through partnerships, connected devices, functions and solutions to provide high scalability and availability that can meet customer demands in a timely manner. Core software infrastructure Hanwha Techwin aims to build a standardized and accessible framework along with the OSSA Open platforms enable customer-tailored solutions - Due to rapidly changing environments and swiftly shifting consumer demands, software development cannot remain a siloed process led by a single in-house development team. Instead, open platforms can support the collaborative development required to add new features based on user requirements and needs. Open APIs (Application Programming Interface) are enabling specialized analytics to be integrated into core software infrastructure, empowering users to collect, analyze and report on data for specific applications. In 2021, Hanwha Techwin aims to build a standardized and accessible framework along with the OSSA (Open Security & Safety Alliance) to offer more options to its customers that address specific regional market demands, and unique vertical market requirements. Managing security devices Cloud is a tool to grow business and gain insights - As edge devices become more ‘intelligent’, cloud technology is playing an increasingly crucial role in safely managing these devices, analyzing large amounts of data and deriving useful insights. The cloud is integral to quickly installing security patches, updating new features and managing and maintaining all edge devices as one. The need to integrate and manage data collected from different devices has been increasing. Hanwha Techwin plans to introduce a cloud solution that manages security devices and monitors real-time status, as well as a cloud solution that publishes reports and derives insights based on the results analyzed at each edge. Obtaining cybersecurity certification Cybersecurity continues to be a focus - In an environment where intelligent infrastructures such as smart cities, smart factories and smart retail are expanding and data is being secured at the edge level, the exposure to cyberattack is also increasing. Hanwha Techwin has aspired to establish a system that customers can trust Verifying trusted edge devices through mutual authentication at the point of data transmission to the server or while circulating the edge's open platform has become an essential feature. As an effort to go beyond the company's own security verification standards, Hanwha Techwin has aspired to establish a system that customers can trust by obtaining a cybersecurity certification from a reputable third-party certification authority. Protecting personal data Privacy protection - The protection of personal data should be at the foundation of the business ethics of any security organization. As privacy protection regulations are being introduced around the world such as the General Data Protection Regulation (GDPR) in Europe, and the California Consumer Privacy Act (CCPA), the video surveillance industry is increasingly adopting ‘privacy by design’ best practices and increasing its efforts to protect personal data from misuse and abuse. Organizations are increasingly aware of the dangers of private data breaches and are becoming more discerning when evaluating security products and solutions they can trust. By adopting privacy by design methodologies, manufacturers can ensure that security technology can be used to its fullest without compromising the privacy of personal data.
Ping Identity, the Intelligent Identity solution for the enterprise, announced PingOne for Customers was named Best in Enterprise APIs by the API World Awards. This Ping Identity SaaS solution was also awarded Best Identity and Access Management Platform by The Cybersecurity Breakthrough Awards and The IT World Awards. Additionally, the Future Security Awards recognized Ping as the Best Security IAM Integration Software. These industry recognitions celebrate companies at the top of their field with product and service offerings that demonstrate excellence, innovation and leadership in the security industry. Advanced machine learning “Our cloud solutions give enterprises the flexibility to thrive in any environment and continuously evolve to respond to the modern security landscape,” said Andre Durand, CEO and founder, Ping Identity. “These awards underscore our commitment to giving our customers the best identity solutions during a time when security and user experience have never been more important.” The API World Awards celebrates innovation, adoption and reception in the API microservices and developer communities. Judged on innovation, adoption and reception, Ping Identity’s consumer Cloud solution, PingOne for Customers was recognized for its easy embedding of customer IAM services into applications and advanced machine learning and AI technology. Identity management platform Ping Identity was recognized for delivering solutions purpose-built for the enterprise that support all cloud Ping Identity was one of the first companies to use AI technology to detect and automatically stop threats that use APIs to gain control of systems and data. The Cybersecurity Breakthrough Awards offers a comprehensive evaluation of cybersecurity companies and solutions on the market. The panel of judges, which represents a mix of technical, business, academic and marketing expertise, named Ping Identity as the Overall Identity Management Platform of the Year. Ping Identity was recognized for delivering solutions purpose-built for the enterprise that support all cloud, on-premise, and hybrid environments. Securing digital enterprises The Network Product Guide’s IT World Awards honours achievements in the information technology industry. Ping Identity placed first in the Identity and Access Management as a Service Category and was recognized for being a complete IAM solution for enterprise hybrid IT environments covering authentication, federation, authorization, auditing and account management. The Future Security Awards acclaims the best security minds and projects in the Middle East whose technologies, products or solutions are deemed to have a great potential in meeting the needs of new business normal. Winners were selected based on their exemplary leadership and innovative approaches in securing digital enterprises.
Nymi, Inc. announces a technology partnership with ELATEC, a provider of RFID readers and NFC/BLE mobile device readers. The partnership enables users of Nymi’s Workplace Wearables™ to seamlessly open doors and authenticate to systems, devices and machines that utilize ELATEC’s readers. The Nymi Band™ is the world’s only workplace wearable wristband that, once authenticated, offers the convenience of continuously authenticating the identity of the user until it is removed from the wrist. Seeking touchless authentication This delivers zero-trust security principles and access control using convenient fingerprint and heartbeat biometrics to users seeking touchless authentication. With their flexible architecture, customizable open API and remote programmability, ELATEC RFID readers are ubiquitous in Europe and increasingly utilized in organizational ecosystem applications in North America, from vending and dispensing to secure printing, and from computer single sign-on to door access. ELATEC reader compatibility will facilitate penetration of these and other industries and global regions" “This partnership with ELATEC provides important market reach and compatibility for our Workplace Wearables,” said Andrew Foxcroft, Vice President of Nymi. “The Nymi Band is being rapidly adopted in industries like pharma and medical device manufacturing with an emphasis on privacy, security, and a natural user experience. ELATEC reader compatibility will facilitate penetration of these and other industries and global regions.” Positive user experience The Nymi Band enables organizations to incorporate Nymi's passwordless technology with applications that ensure the health, safety, and security of connected workers, enabling a range of use cases that includes COVID-19 social distancing and contact tracing, among others. “We’re delighted to be working with Nymi in providing a frictionless and hands-free authentication, authorization, and access control solution for our customers across numerous industries,” said Paul Massey, CEO of ELATEC Inc. “Wearable technology enables a very positive user experience and exciting new applications for our reader solutions.”


Expert commentary
Indoor positioning is, in many ways, an inside version of the satellite-navigation apps we rely on for outdoor navigation, but with an added twist – it can also be used to help locate people and things. Let’s say you’re at home and misplaced your car keys, or you’re in a grocery store and can’t find your favorite brand of coffee. Or maybe you’re working in a factory and need a particular tool from a storage bin, or you’re a site manager dealing with an emergency and need to make sure everyone’s exited the building. Indoor positioning helps in all these situations, because it can locate items and guide you to where they are. The importance of “where” Knowing where an asset is located in real time is useful in many ways. In industrial settings, it improves item utilization rates and saves time spent searching for things. It opens the door for a new level of “just in time” efficiency on factory floors, and for inventory management in warehouses and retail environments. Safety is another benefit of accurate location, because knowing where people, automatic guided vehicles, and robots are in real time can help prevent accidents and keep people out of harm’s way. Accurate location in real time also enables contextual decision-making, so your smart house adjusts your stereo automatically as you move from to room or lets you control objects by simply pointing at them. Lets you control objects by simply pointing at them Security authorisations based on location is another possibility. Precise real-time location is something that can be hard to fake, so it can be used to restrict access to an area or used to add protections based on where an asset sits, where a piece of data resides, or the origination point of a communication. Getting the technology right Developing an effective technology for indoor positioning requires several things. To begin with, location readings needs to be very precise, with accuracy down to as small an area as possible. The technology has to be secure, because location often needs to be kept private. The technology has to be reliable, even in harsh environments, and easily scalable, too, so it can address the thousands of people and assets in large venues. It has to be low power and affordable, so it can be embedded in everything from high-end, complex devices like smartphones to low-end, simple devices like asset tags. And, of course, the technology has to have latency low enough that it can track movement in real time. Various wireless technologies, including Bluetooth and Wi-Fi, are already used for indoor positioning, but they don’t deliver on the full set of requirements, especially in terms of accuracy. A different kind of wireless, called Ultra-Wideband (UWB) checks all the boxes. It has the potential to change the way we do all kinds of everyday tasks. What is UWB? UWB is based on the IEEE standard 802.15.4a/z, which has been optimized for micro-location and secure communication. UWB is highly accurate. It can pinpoint people and things to within just a few centimeters, making it 100 times more accurate than the current implementations of Bluetooth Low Energy (BLE) and Wi-Fi. UWB is reliable because it has high immunity to various types of interference, including multipath, which is when a wave from a transmitter traveling to a receiver by two or more paths causes interference. UWB also offers very low latency, with update rates of up to 1000 times per second and readings that are as much as 50 times faster than satellite navigation. UWB is also implemented using mainstream technology, so it’s both affordable and optimized for low power. Lastly, UWB leverages distance-bounding techniques defined by the IEEE to provide a level of security that makes it extremely difficult to hack. Ultra-Wideband (UWB) checks all the boxes How is all this possible? Physics! UWB out-performs other location technology because, unlike Bluetooth and Wi-Fi, which transmit narrowband signals and use Received Signal Strength Indicator (RSSI) to determine location, UWB transmits wideband signals (500 MHz) and uses Time-of-Flight to determine location. Already in 40+ verticals UWB is already bringing value to products and services in more than forty verticals covering the consumer, automotive, industrial, and commercial market segments. For example, it brings operational visibility to manufacturing and logistics, helps businesses protect workers, and reduces safety-management costs. UWB also lets robots and drones self-navigate, and enables secure, hands-free access to cars, front doors, and other secure locations. It even helps with contact tracing and social distancing in the fight against COVID-19. Now in smartphones Recent adoption in smartphones means UWB is ready to grow quickly. Developers are using UWB as part of new services, with an eye toward making various everyday activities more convenient and safer. With UWB as part of smartphone apps, purchases will be more secure, accessing your car will be possible without a key fob, and misplaced items won’t stay hidden for long. Retail outlets will use location for targeted marketing, and finding things on store shelves will be easier than ever. Home automation will become seamless, and friends and family will be easy to find even if they’re in a crowd. The question of interoperability Having UWB in smartphones is an important first step Having UWB in smartphones is an important first step toward making UWB an everyday part of life, but interoperability is another key factor, since smartphones have to interact with a wide range of other devices and services. That’s where the FiRa Consortium comes in. Launched just over a year ago, the FiRa Consortium is a member-driven organization of market leaders from the consumer, mobile, industrial, enterprise, and semiconductor industries. FiRa members work collectively to define the future standards that will make interoperability across UWB products a reality. With FiRa making it possible for developers to use UWB in all kinds of new ways, the future of indoor location is really only limited by the developer’s imagination.
Companies are following government guidance and getting as many people as possible working from home. Some companies will have resisted home working in the past, but I’m certain that the sceptics will find that people can be productive with the right tools no matter where they are. A temporary solution will become permanent. But getting it right means managing risk. Access is king In a typical office with an on-premise data center, the IT department has complete control over network access, internal networks, data, and applications. The remote worker, on the other hand, is mobile. He or she can work from anywhere using a VPN. Until just recently this will have been from somewhere like a local coffee shop, possibly using a wireless network to access the company network and essential applications. CV-19 means that huge numbers of people are getting access to the same desktop and files, and collaborative communication toolsBut as we know, CV-19 means that huge numbers of people are getting access to the same desktop and files, applications and collaborative communication tools that they do on a regular basis from the office or on the train. Indeed, the new generation of video conferencing technologies come very close to providing an “almost there” feeling. Hackers lie in wait Hackers are waiting for a wrong move amongst the panic, and they will look for ways to compromise critical servers. Less than a month ago, we emerged from a period of chaos. For months hackers had been exploiting a vulnerability in VPN products from Pulse Secure, Fortinet, Palo Alto Networks, and Citrix. Patches were provided by vendors, and either companies applied the patch or withdrew remote access. As a result, the problem of attacks died back. But as companies race to get people working from home, they must ensure special care is taken to ensure the patches are done before switching VPNs on. That’s because remote desktop protocol (RDP) has been for the most part of 2019, and continues to be, the most important attack vector for ransomware. Managing a ransomware attack on top of everything else would certainly give you sleepless nights. As companies race to get people working from home, they must ensure special care is taken to ensure the patches are done before switching VPNs on Hackers are waiting for a wrong move amongst the panic, and they will look for ways to compromise critical serversExposing new services makes them also susceptible to denial of service attacks. Such attacks create large volumes of fake traffic to saturate the available capacity of the internet connection. They can also be used to attack the intricacies of the VPN protocol. A flow as little as 1Mbps can perturbate the VPN service and knock it offline. CIOs, therefore, need to acknowledge that introducing or extending home working broadens the attack surface. So now more than ever it’s vital to adapt risk models. You can’t roll out new services with an emphasis on access and usability and not consider security. You simply won’t survive otherwise. Social engineering Aside from securing VPNs, what else should CIO and CTOs be doing to ensure security? The first thing to do is to look at employee behavior, starting with passwords. It’s highly recommended that strong password hygiene or some form of multi-factor authentication (MFA) is imposed. Best practice would be to get all employees to reset their passwords as they connect remotely and force them to choose a new password that complies with strong password complexity guidelines. As we know, people have a habit of reusing their passwords for one or more online services – services that might have fallen victim to a breach. Hackers will happily It’s highly recommended that strong password hygiene or some form of multi-factor authentication (MFA) is imposedleverage these breaches because it is such easy and rich pickings. Secondly, the inherent fear of the virus makes for perfect conditions for hackers. Sadly, a lot of phishing campaigns are already luring people in with the promise of important or breaking information on COVID-19. In the UK alone, coronavirus scams cost victims over £800,000 in February 2020. A staggering number that can only go up. That’s why CIOs need to remind everyone in the company of the risks of clickbait and comment spamming - the most popular and obvious bot techniques for infiltrating a network. Notorious hacking attempts And as any security specialist will tell you, some people have no ethics and will exploit the horrendous repercussions of CV-19. In January we saw just how unscrupulous hackers are when they started leveraging public fear of the virus to spread the notorious Emotet malware. Emotet, first detected in 2014, is a banking trojan that primarily spreads through ‘malspam’ and attempts to sneak into computers to steal sensitive and private information. In addition, in early February the Maze ransomware crippled more than 230 workstations of the New Jersey Medical Diagnostics Lab and when they refused to pay, the vicious attackers leaked 9.5GB or research data in an attempt to force negotiations. And in March, an elite hacking group tried to breach the World Health Organization (WHO). It was just one of the many attempts on WHO and healthcare organizations in general since the pandemic broke. We’ll see lots more opportunist attacks like this in the coming months. More speed less haste In March, an elite hacking group tried to breach the World Health Organization (WHO). It was just one of the many attempts on WHOFinally, we also have bots to contend with. We’ve yet to see reports of fake news content generated by machines, but we know there’s a high probability it will happen. Spambots are already creating pharmaceutical spam campaigns thriving on the buying behavior of people in times of fear from infection. Using comment spamming – where comments are tactically placed in the comments following an update or news story - the bots take advantage of the popularity of the Google search term ‘Coronavirus’ to increase the visibility and ranking of sites and products in search results. There is clearly much for CIOs to think about, but it is possible to secure a network by applying some well thought through tactics. I believe it comes down to having a ‘more speed, less haste’ approach to rolling out, scaling up and integrating technologies for home working, but above all, it should be mixed with an employee education program. As in reality, great technology and a coherent security strategy will never work if it is undermined by the poor practices
Insider threat programs started with counter-espionage cases in the government. Today, insider threat programs have become a more common practice in all industries, as companies understand the risks associated with not having one. To build a program, you must first understand what an insider threat is. An insider threat is an employee, contractor, visitor or other insider who have been granted physical or logical access to a company that can cause extensive damage. Damage ranges from emotional or physical injury, to personnel, financial and reputational loss to data loss/manipulation or destruction of assets. Financial and confidential information While malicious insiders only make up 22% of the threats, they have the most impact on an organization Most threats are derived from the accidental insider. For example, it’s the person who is working on a competitive sales pitch on an airplane and is plugging in financial and confidential information. They are working hard, yet their company’s information is exposed to everyone around them. Another type of insider, the compromised insider, is the person who accidentally downloaded malware when clicking on a fake, urgent email, exposing their information. Malicious insiders cause the greatest concerns. These are the rogue employees who may feel threatened. They may turn violent or take action to damage the company. Or you have the criminal actor employees who are truly malicious and have been hired or bribed by another company to gather intel. Their goal is to gather data and assets to cause damage for a specific purpose. While malicious insiders only make up 22% of the threats, they have the most impact on an organization. They can cause brand and financial damage, along with physical and mental damage. Insider threat program Once you determine you need an insider threat program, you need to build a business case and support it with requirements. Depending on your industry, you can start with regulatory requirements such as HIPAA, NERC CIP, PCI, etc. Talk to your regulator and get their input. Everyone needs to be onboard, understand the intricacies of enacting a program Next, get a top to bottom risk assessment to learn your organization’s risks. A risk assessment will help you prioritize your risks and provide recommendations about what you need to include in your program. Begin by meeting with senior leadership, including your CEO to discuss expectations. Creating an insider threat program will change the company culture, and the CEO must understand the gravity of his/her decision before moving forward. Everyone needs to be onboard, understand the intricacies of enacting a program and support it before its implemented. Determining the level of monitoring The size and complexity of your company will determine the type of program needed. One size does not fit all. It will determine what technologies are required and how much personnel is needed to execute the program. The company must determine what level of monitoring is needed to meet their goals. After the leadership team decides, form a steering committee that includes someone from legal, HR and IT. Other departments can join as necessary. This team sets up the structure, lays out the plan, determines the budget and what type of technologies are needed. For small companies, the best value is education. Educate your employees about the program, build the culture and promote awareness. Teach employees about the behaviors you are looking for and how to report them. Behavioral analysis software Every company is different and you need to determine what will gain employee support The steering committee will need to decide what is out of scope. Every company is different and you need to determine what will gain employee support. The tools put in place cannot monitor employee productivity (web surfing). That is out of scope and will disrupt the company culture. What technology does your organization need to detect insider threats? Organizations need software solutions that monitor, aggregate and analyze data to identify potential threats. Behavioral analysis software looks at patterns of behavior and identifies anomalies. Use business intelligence/data analytics solutions to solve this challenge. This solution learns the normal behavior of people and notifies security staff when behavior changes. This is done by setting a set risk score. Once the score crosses a determined threshold, an alert is triggered. Case and incident management tools Predictive analytics technology reviews behaviors and identifies sensitive areas of companies (pharmacies, server rooms) or files (HR, finance, development). If it sees anomalous behavior, it can predict behaviours. It can determine if someone is going to take data. It helps companies take steps to get ahead of bad behavior. If an employee sends hostile emails, they are picked up and an alert is triggered User sentiment detection software can work in real time. If an employee sends hostile emails, they are picked up and an alert is triggered. The SOC and HR are notified and security dispatched. Depending on how a company has this process set-up, it could potentially save lives. Now that your organization has all this data, how do you pull it together? Case and incident management tools can pool data points and create threat dashboards. Cyber detection system with access control An integrated security system is recommended to be successful. It will eliminate bubbles and share data to see real-time patterns. If HR, security and compliance departments are doing investigations, they can consolidate systems into the same tool to have better data aggregation. Companies can link their IT/cyber detection system with access control. Deploying a true, integrated, open system provides a better insider threat program. Big companies should invest in trained counterintelligence investigators to operate the program. They can help identify the sensitive areas, identify who the people are that have the most access to them, or are in a position to do the greatest amount of harm to the company and who to put mitigation plans around to protect them. They also run the investigations. Potential risky behavior Using the right technology along with thorough processes will result in a successful program You need to detect which individuals are interacting with information systems that pose the greatest potential risk. You need to rapidly and thoroughly understand the user’s potential risky behavior and the context around it. Context is important. You need to decide what to investigate and make it clear to employees. Otherwise you will create a negative culture at your company. Develop a security-aware culture. Involve the crowd. Get an app so if someone sees something they can say something. IT should not run the insider threat program. IT is the most privileged department in an organization. If something goes wrong with an IT person, they have the most ability to do harm and cover their tracks. They need to be an important partner, but don’t let them have ownership and don’t let their administrators have access. Educating your employees and creating a positive culture around an insider threat program takes time and patience. Using the right technology along with thorough processes will result in a successful program. It’s okay to start small and build.
Security beat
An impact of the COVID-19 pandemic has been to accelerate change. In 2020, the security industry was among many others that sought to adapt to shifting norms. In the process, we grabbed onto new opportunities for change and, in many cases, re-evaluated how we have done business for decades. If necessity is the mother of invention, perhaps crisis is the mother of acceleration. This article will reflect on how these themes impacted the physical security industry in 2020, based on content we published throughout the year, and with links back to the original articles. Sensitive data leakage Since the lockdown came into effect, organizations globally have undergone years' worth of transformations in a matter of months. Whether it has been to transition their operations online or moving their IT infrastructure to the cloud, there’s no denying that the face of business has changed permanently, experiencing a seismic shift, both operationally and culturally. As we enter the ‘next normal’ there remains a great deal of uncertainty around what the next 12 months holds and how organizations can navigate turbulence in the face of a possible recession. One of the most notable and widely reported trends has been the switch to remote methods of work, or home working. With so many employees logging on from residential networks, through personal devices that may be more easily compromised, the overall attack surface has greatly increased, raising the risk of potential corporate and sensitive data leakage in their new home office settings. Security and data protection are larger issues than ever. Good cybersecurity hygiene Criminals will use the crisis to scam people for money, account information and more" With a majority of the world working from home, businesses had to respond to this changing landscape. While it used to be that in-person networking events and sales pitches secured new projects or opportunities, the current landscape pushes businesses to be more creative in how they reach their customers. For example, with ISC West being postponed, many companies have turned to online resources to share new product demonstrations and other company news. Others are hosting webinars as a way to discuss the current climate and what it means for the industry. Without the proper precautions, working from home could become a cybersecurity nightmare, says Purdue University professor Marcus Rogers. “Criminals will use the crisis to scam people for money, account information and more,” he says. “With more people working from home, people need to make sure they are practicing good cybersecurity hygiene, just like they would at work. There is also a big risk that infrastructures will become overwhelmed, resulting in communication outages, both internet and cell.” Work-Life balance In a typical office with an on-premise data center, the IT department has complete control over network access, internal networks, data, and applications. The remote worker, on the other hand, is mobile. He or she can work from anywhere using a VPN. Until just recently this will have been from somewhere like a local coffee shop, possibly using a wireless network to access the company network and essential applications. There are many benefits of working remotely with productivity right up the top of the list There are many benefits of working remotely with productivity right up the top of the list. By reducing the unproductive time spent commuting and traveling to meetings, we are able to get much more done in a day. Add to this the reduction in stress and improved work-life balance and it makes for an impressive formula of happier, healthier and more motivated colleagues. And it’s still easy to measure results no matter where someone is working. Video conferencing platforms Trade shows have always been a basic element of how the security industry does business - until the year 2020, that is. This year has seen the total collapse of the trade show model as a means of bringing buyers and sellers face to face. The COVID-19 pandemic has effectively made the idea of a large trade show out of the question. The good news is that the industry has adapted well without the shows. A series of ‘on-line shows’ has emerged, driven by the business world’s increasing dependence on Zoom and other video conferencing platforms. The fact is, 2020 has provided plenty of opportunities for sellers to connect with buyers. Some of these sessions have been incredibly informative – and conveniently accessible from the comfort of a home office. Online training courses Online training has grown in popularity this year, and the change may become permanent Online training has grown in popularity this year, and the change may become permanent. “We have seen unprecedented international demand for our portfolio of online training courses ranging from small installation companies to the largest organizations, across a wide range of sectors,” says Jerry Alfandari, Group Marketing Manager of Linx International Group, a UK training firm. “More than ever, businesses are looking to ensure they have the skills in-house to coordinate their response to the changing situation. Individuals are also taking this time to upskill themselves for when we return to ‘normal’ by bringing something with them they didn’t have before. Perhaps unsurprisingly, people are still seeking to better themselves for what will be, eventually, a competitive market.” Virtual trade show ‘Crisis and the Everyday’ was part of Genetec’s Connect’DX virtual trade show last spring. The virtual conversation – emphasizing both in form and content the topsy-turvy state of the world – included interesting insights on the current pandemic and its near- and long-term impact on the industry. In the middle of this pandemic, there is an opportunity to help security reinvent itself “In the middle of this pandemic, there is an opportunity to help security reinvent itself,” said Brad Brekke, Principal, The Brekke Group, one of the panelists. “Amid the business disruption, we should ask ‘what’s the new playbook?’ It’s an opportunity for security to look at ourselves now and look at a business plan of what the future might look like. We need to align with the business model of the corporation and define our role more around business and not so much around security.” Cloud-Based platform As a cloud-based platform for service providers in the security, smart home and smart business markets, Alarm.com adapted quickly to changing conditions during the coronavirus pandemic. In the recent dynamic environment, Alarm.com has kept focus on supporting their service provider partners so they can keep local communities protected. “We moved quickly to establish work-from-home protocols to protect our employees and minimize impact on our partners,” says Anne Ferguson, VP of Marketing at Alarm.com. The Customer Operations and Reseller Education (CORE) team has operated without interruption to provide support to partners. Sales teams are utilizing webinars and training resources to inform and educate partners about the latest products, tools, and solutions. Alarm.com’s partner tools are essential for remote installations and support of partner accounts.
Video, access control and visitor management are among the technologies that are enabling greater safety and security at hospitals and other healthcare facilities. Video surveillance systems enable hospital management and security professionals to know what goes on in and around a medical facility. Recording images in high resolutions (megapixels and gigapixels) is becoming more and more important in healthcare, says Jason Ouellette, Product Line Director – Access Control, Tyco Security Products. Video event management software Video analytics are now being leveraged for patient tracking, asset tracking, and operational purposes If an incident occurs in a medical facility, the security staff has to be able to identify faces easily and accurately. Storage and costs have to be considered, of course. With technology improving and prices decreasing, video solutions can even be used for purposes beyond traditional security. For example, video analytics are now being leveraged for patient tracking, asset tracking, and operational purposes, and captured video can be used to defend against liability claims. What’s next? Video analytics will continue to be a valuable addition to any surveillance infrastructure due to its ability to address patient needs, operational efficiencies and early risk detection, says Brandon Reich, Senior Director of Surveillance Solutions, Pivot3. Through video event management software (VEMS), hospitals can customize the statistics that are relevant to their individual buildings or campuses without having to spend extra time or money on rigorous employee training. Data capture form to appear here! Real-Time access control security updates Furthermore, once healthcare facilities are able to digitize all of their patient records, secure any of their ingress and egress points with real-time access control security updates, and fully transition from analog to IP video surveillance cameras, VEMS systems that house analytical software will be able to multiply the benefits offered to hospitals, not just in real time, but in planning ahead for future risk, expansion and safety protocols. It is vital to implement integrated and innovative access control solutions With large, complex facilities, directors of security at hospitals struggle with controlling access to various levels of the facility, according to Eric Widlitz of Vanderbilt Industries. To manage the risks that hospitals face and ensure a comprehensively protected atmosphere for patients and staff, it is vital to implement integrated and innovative access control solutions. For example, ease of access with controlled entrances is vital to medical crash teams, as is the need for a zonal access control lockdown in the event of a contagious disease outbreak. Strict access limitations Different hallways, rooms, floors and waiting areas within a hospital require different amounts of restriction, and sensitive materials, such as medical files, controlled substances and sterile environments (such as operating and procedure rooms) all necessitate an additional layer of protection. Access control in particular has advanced significantly to offer healthcare facilities the ability to control access remotely, through mobile applications, confirm identity quickly and easily and program varying levels of access for visitors, patients, doctors and staff. One area that is recently experiencing rapid growth – and drastic change –is the securing of narcotics within healthcare facilities, says Robert Laughlin, CEO and Chairman, Galaxy Control Systems. In the past, all medicine was controlled in a central pharmacy located somewhere in the hospital or health facility. These pharmacies were highly secured areas, with strict access limitations; only authorized staff could get near the medicine stocks. Fiber optic communication lines For vehicle access control, medical centers and hospitals prefer beam barricades and shallow foundation barriers To improve the speed of delivery, and to have the necessary medicines ready at hand for in-patients without retaining a large delivery staff, the current trend is to have distributed pharmaceutical closets or carts that hold medicines much closer to the intended patients. For vehicle access control, medical centers and hospitals prefer beam barricades and shallow foundation barriers, according to Gregg Hamm of Delta Scientific. Manual beam barricades are installed at the Fort Bragg Veterans Administration Hospital in North Carolina to shut down certain areas of the facility when a higher alert is sounded. They will stop a 15,000-pound vehicle traveling 50 mph. The Navy Hospital in San Diego uses high speed, high security and very shallow foundation barricades to control all vehicles going in and out of the facility. With their extremely shallow foundation, they obviate the concerns of interference with buried pipes, power lines and fiber optic communication lines. They will stop a 15,000-pound vehicle traveling 50 mph. At the National Institute of Health in Bethesda, Maryland, even stronger shallow foundation barriers are used for traffic control and protection. These barriers will destroy a 65,000-pound (5.4 million foot-pounds) dump truck traveling 50 mph and continue to stand. Physical access control systems Controlling visitors to hospitals and healthcare facilities can directly impact security Controlling visitors to hospitals and healthcare facilities can directly impact security. Traditional methods of visitor management, such as paper visitor logs and handwritten badges are insufficient given today’s variety of security challenges. A hospital using paper-based systems cannot easily cross-check information, confirm patient information, check visitor names against up-to-date watch lists, or visually confirm identity. An increasingly popular and important application is secure and simplified visitor management, integrated with the physical access control systems (PACS). Today’s visitor management systems enable the screening, badging and tracking all visitors or, at a minimum, those visiting critical areas or during ‘after hours’ periods, Quickly identify inappropriate visitors One other growing technology is the ability to link to internal or governmental watch lists, to quickly identify inappropriate visitors before they gain access to the facilities. For example, Visitor Management systems can be configured to perform a Sex Offender search in both Children’s Hospitals and Pediatric areas, further decreasing the likelihood that someone of the list could gain access. Wayfinding is indoor navigation to guide a person step-by-step on the way to a desired destination HID Global and Phunware Inc. are addressing the need of healthcare institutions to deploy standardized technology to provide a better wayfinding and visitor engagement experience inside the hospital, across campus and even in parking lots. The companies are collaborating to improve the experience for hospital patients and visitors to find their way within medical facilities, using wayfinding on their mobile phones. Wayfinding is indoor navigation to guide a person step-by-step on the way to a desired destination. Enterprise-Level mobile wayfinding “It’s easy for visitors and patients to get lost in hospitals, and every time they do it puts appointment times and patient satisfaction at risk,” says Rom Eizenberg, Vice President of Sales, Bluvision, part of HID Global “With our location-aware app on a mobile device, we equip the visitor to get instant, turn-by-turn navigation that creates a better experience than that which is currently available on the market.” HID’s healthcare IoT solution-enablement platform simplifies the delivery of real-time location of clinicians, patients and devices. The platform is enabled by Bluvision (part of HID Global). Phunware’s Multiscreen-as-a-Service (MaaS) platform also provides enterprise-level mobile wayfinding, engagement, data and more for other vertical markets, including retail, residential, hospitality, media and entertainment and more .Missed the rest our healthcare mini series? Read part one here and part two here.
A video analytics system that provides ‘behavioral understanding’ can yield more meaningful and actionable data for a range of applications. In public safety and security, such a system can alert on violent or suspicious behaviors, such as people fighting, vandalism, people with weapons, etc. In advanced traffic surveillance and monitoring, it can provide alerts to vehicle collisions (accidents), traffic hazards or vehicle that aren’t using the road properly, such as a car that stops in the middle of the junction. For enterprise and campus security, it can provide advanced anti-tailgating and detect unauthorized activity. Video surveillance infrastructure viisights was founded by a group of entrepreneurs with track records in developing technology businesses These uses are among the benefits of viisights’ video analytics technology based on behavioral understanding of video content. “It means we can extract more meaningful data from the huge amount of video content that is captured, and we can transform that data to actionable insights that eventually justify the massive investment in video surveillance infrastructure,” says Asaf Birenzvieg, CEO of viisights. Their behavioral understanding systems for real-time video intelligence leverage artificial intelligence technology. viisights was founded by a group of serial entrepreneurs with track records in developing technology businesses. The Israeli company’s founders recognized a growing global need for intelligence to make physical and virtual public areas safer – and realized the role that smart video understanding technology can play. Developing artificial intelligence technologies viisights is committed to developing artificial intelligence technologies that facilitate human-like video understanding, which in turn serves as the basis for fully autonomous video intelligence systems powered by pattern prediction technology. “Behavioral recognition is the future of video analytics and the next generation of the object classification analytics systems that hold the majority of the market today,” says Birenzvieg. viisights has developed a video understanding technology for real-time video processing “To date most video analytics systems still base their product features on static analysis of objects from images using image recognition, even the ones that use ‘AI analytics.’ Products built using such object classification technology are extremely limited.” For example, object classification analytics cannot recognize behavioral events in a video such as people fighting or a car collision because such behaviors can’t accurately be concluded in large scale from analyzing a single static image/frame. Video understanding technology viisights has developed a video understanding technology for real-time video processing. The technology can process live video feeds. In addition to recognizing a particular object (e.g., person) and its attributes (e.g., red shirt), the system can understand an object’s actions, interactions with other objects (events), the scene being viewed (i.e., crowd is gathering, riots) and the context (a car is driving on the road or on the sidewalk). The main verticals are smart cities, enterprises and campuses, banks and ATM security“Basically, we are able to extract more meaningful data from a live video feed and therefore create actionable insights and greater ROI,” says Birenzvieg. The company focuses mostly on security and safety use-cases. The main verticals are smart cities, enterprises and campuses, banks and ATM security, security guard companies and transportation hubs. The company is working on a new product for in-vehicle monitoring mostly for security, safety, vehicle protection and proper vehicle use; it monitors passengers’ behavior inside a bus, train, or taxi. The product will come to market next year. Video management system viisights’ video analytics offering is currently optimized for server-side deployment, and the integration architecture is similar to most video analytics systems. From one side it is integrated with the video management system (VMS). They are a Milestone verified partner and soon will be part of Milestone's marketplace. From the other end, it is connected to a command-and-control system for processing the data and presenting the alerts to the end-user. The analytics company makes most sales through system integrators. They have partnerships with big system integrators like Motorola Solutions and NEC and are also working with smaller ones. They are looking to expand their system integrator network, mostly in the USA and Europe. Behaviors can have many variations and they can be very diverse Cloud video surveillance “We will continue to invest in performance and accuracy, meaning higher recall and lower false positive rate,” says Birenzvieg. “Since our major value proposition is in behavior recognition, behavior events many times are not clearly defined, which is very different from object classification. Behaviors can have many variations and they can be very diverse.” An example is a simple behavior like a person falling on the floor. A person can fall on the floor in many ways, but the challenge is to ignore similar behaviors that are not a person falling and that confuse the system, such as a person bending over to tie his shoelaces. With cloud video surveillance becoming a trend, viisights is also looking into offering some of their advanced functionalities in a video-analytics-as-a-service-model.
Case studies
Specialist property developer and investor, Kajima Properties’ new project development at 77 Coleman Street in the City of London is a luxury multi-tenant office set over seven floors. BNP Paribas acts as the managing agent, while the redevelopment was designed by architect, Buckley Gray Yeoman. The prominent London location is a minute’s walk from Moorgate Tube station and the Elizabeth Line. The redevelopment included installing elegant external facades as well as creating floors of new office space, and 16,000 sq. feet of retail, leisure and restaurant space. The site offers exceptional internet reliability and speed for tenants, and is one of just 22 buildings in the UK to achieve a platinum connectivity rating by WiredScore, the Mayor of London’s digital connectivity rating scheme. Seamless access control system BNP Paribas and Kajima Properties wanted a seamless and highly efficient access system BNP Paribas and Kajima Properties wanted a seamless and highly efficient access system to allow bona fide users and visitors easy access through reception and lifts to their desired location. This needed to be underpinned, but not impinged by, a robust security management system including CCTV to keep people and the building safe. They wanted to keep any waiting time in reception to an absolute minimum to avoid crowding, including good access for disabled users, and for all entry to be touchless. Tenants and reception staff would need an efficient, secure and easy to use system for managing visitors. While an entry phone and door automation would be required for anyone arriving out-of-hours, or at the rear of the property, such as for deliveries and trades people with equipment. Bespoke security solutions Finally, a key part of the brief was for any installed equipment, such as turnstiles and lifts, to be in keeping with the sophisticated, minimal look and feel of the building. The Team Antron Security project managed the design, supply and installation of the access control and security system for 77 Coleman Street and acted as the ‘go to’ contact for client, Kajima Properties and BNP Paribas. Antron Security is a globally renowned installer of bespoke security solutions and has been providing security installations for the past 29 years. Taking care of the supply, design, installation and maintenance of security systems, Antron Security is NSI approved, meaning all staff and systems installed comply with the latest industry standards and are regularly inspected. Integriti access and security management system Inner Range provided the core access and security management system, Integriti, which enabled Antron Security to build the bespoke solutions needed for 77 Coleman Street in London, UK. Inner Range is a globally renowned company in the design and manufacture of intelligent security solutions since 1988. More than 150,000 Inner Range systems have been installed in over 30 countries till date. The company’s flagship product, Integriti, offers enterprise-level intelligent security and integrated smart building controls for single sites through to global estate portfolios. Seamless, touchless entry for tenants Cards are presented to readers embedded in bespoke Integrated Design Limited (IDL) entry turnstiles The building’s 2000+ regular users are issued secure proximity cards, carrying encrypted information about when and where the user is allowed to go. Cards are presented to readers embedded in bespoke Integrated Design Limited (IDL) entry turnstiles, which also allows them to be read by the KONE lift integration. The high level lift integration with ‘destination control’ means the lift software takes into account where each of the building’s four lifts are, where the user’s ‘home floor’ is, as well as where other users are going/due to go, and instantly calculates the quickest lift for the new user. Antron Security and IDL collaboration The user is immediately directed to the most efficient lift via a display screen on the turnstile. If users are able to go to more than one floor, they can update their preference in the lift itself. For the turnstiles in the reception area, Antron Security and IDL worked closely with the vision set out by the architect to create a high-performing system that was in keeping with the sleek, minimalist design of the building. A bespoke set up of slim ‘speed lane’ turnstile pedestals, together with a separate glass gate were an ideal solution for a reception area where space is limited but security provisions and good disabled access are needed. IDL’s Glassgate 200 opens away from the user, and closes behind, preventing tailgaters and all IDL items are manufactured in the United Kingdom. Readers for proximity cards and QR codes were set into the speed lanes to create a seamless flow through the reception area. Fully integrated visitor management system Inner Range’s Integriti also allowed Forge’s Bluepoint visitor management system to integrate with IDL’s turnstiles and the KONE lifts. For visitors to access tenanted floors within the building, the following has to take place: A tenant creates the meeting via Bluepoint. An email is generated and sent to the visitor’s inbox where they can create a mobile QR code pass and save it to their smart phone wallet. When the visitor arrives, they scan their QR code on their smart phone at the reception desk, at which point their QR code becomes valid on the Integriti access control system. The visitor is then able to enter via IDL’s speed lane turnstiles, and they are directed by the KONE lift display (which is set into the speed lane) to which lift car they need. To leave, the visitor presents their QR code at the speed lane turnstile, which tells the system they’re leaving. The QR codes are only valid for one entry and one exit, and only on the appointment date and at the planned appointment time. Afterwards, the QR code becomes invalid and is deleted from the system. The QR code gives the visitor the ability to access everything they will need, from the entry turnstile and lift through to any locked doors en route. The integration between Integriti and Forge’s Bluepoint visitor management system was achieved with an XML read/write interface, as well as API integration between a SQL database and a cloud-hosted VMS database based on Microsoft Azure cloud services platform. BTP XIP intercom system A BTP XIP intercom system was installed to allow visitors out-of-hours to contact the security team A BTP XIP intercom system was installed to allow visitors out-of-hours to contact the security team, or for deliveries and trades people to use in order to access doors at the rear of the building. The XIP system uses an ethernet distribution network, which means the system can be expanded easily, and it’s possible to install long-distance connections that data networks can’t reach. Hikvision CCTV cameras installed CCTV cameras from Hikvision’s ‘superior’ range have been installed throughout the site to create a hard-wired IP closed circuit television system. They are integrated with the Integriti access control system, which allows for intelligent ‘cause and effect’ monitoring. System protocols automatically bring up specific camera feeds for security managers to view in response to alerts, and footage can be viewed holistically along with other information on from Integriti, such as if a door has been left open. Intelligent access control Inner Range’s Enterprise product, Integriti, provides seamless integration with a multitude of other smart building management systems, underpinned by robust security. This includes encrypting all communications through every device and interface, and providing intruder detection to European standard EN50131. Integriti helps building managers create greener, more energy efficient sites by tracking how tenants use the building, and amending heating and lighting settings as a result. Integriti also provides trace reporting, that can identify a user’s movements if they have become unwell and identify who else has been near them. System benefits for users Touch-free entry to the building via the speed lanes and lifts. No unnecessary stops for users and visitors on their way into the building. Less crowding in the lift areas. Easy to use visitor management system. Robust security that doesn’t impinge on access. Sleek and minimal design in keeping with the building design. Jamie Crane, Commercial Director at Antron Security, stated “The flexibility of Inner Range’s Integriti access control system and Forge’s Bluepoint visitor management allowed us to incorporate high-level lift integration (known as ‘destination control’).” He adds, “Together, they create a future-proof solution as we can continue to meet the ever-changing requirements of the landlord and tenants via our ability to integrate with third party systems and devices such as lifts, intercoms, lighting and building management devices.”
nmcn Asset Security has been awarded a contract to provide capital security upgrades prior to planned and reactive security maintenance to the Exeter based Headquarters of the Met Office. The agreement will see nmcn provide a turnkey design and build security upgrade to implement the latest technology and systems across the Met Office Exeter HQ estate which houses the majority of their circa 2000 workforce. Critical weather services Following key upgrade works across the Met Office HQ estate, nmcn will then take responsibility for planned and reactive maintenance of security systems and associated technology. The relationship with the Met Office strengthens nmcn’s regional focus in the South West, who are a tier one partner to South West Water, as well as numerous other regional clients. The Met Office is the national meteorological service for the UK, providing critical weather services and climate science for domestic and overseas use. Since their foundation in 1854, the Met Office has pioneered the science of meteorology and its application. To this day, they continue to push the boundaries of science and technology, to meet the demands of today and the future. Formal business ownership The Met Office is a British institution with a strong heritage for leading public service" Adam Smith, Managing Director of Asset Security at nmcn, said: “The Met Office is a British institution with a strong heritage for leading public service, military and commercial forecasting around the world. The security of their operations is paramount and I’m delighted we’re able to support them through this contract. We look forward to working closely with the Met Office over the coming years to bring value, collaboration and quality.” The ultimate responsibility and accountability for the work of the Met Office is with the Secretary of State for Business, Energy and Industrial Strategy. Day-to-day ministerial oversight and the formal business ownership role are delegated to the Minister of State for Universities, Science, Research and Innovation. Security framework positions Met Office Security Manager, Richard Kevern, said: “As we continue to deliver critical weather forecasting and climate science services, the security of our people and assets is of paramount importance. We look forward to working collaboratively with nmcn on both the capital and maintenance program over the coming years.” nmcn also recently secured a Framework position with the NHS Shared Business Services to provide security solutions to the NHS, across the UK and hold Security Framework positions with the Crown Commercial Services, Defra and multiple Regulated Utility providers.
Contracts for two additional COSMO-SKyMed Second Generation (CSG) satellites have been signed with the Italian Space Agency (ASI) and the Italian Ministry of Defense. Satellites 3 and 4 will complete the second generation of the Italian earth observation program, ensuring continuity and high performance of the planet's monitoring services. Continuous technological research Alessandro Profumo, Leonardo CEO commented: “COSMO-SkyMed is one of Italy’s great success stories, a driver of technological research, new applications, industrial competitiveness and employment, as well as fundamental infrastructure for the protection and security of Italy and Europe.” As Leonardo, we are proud of the contribution provided in all phases of the COSMO-SkyMed program" “Thanks to the capabilities demonstrated in the management of emergency situations linked to sudden events, the systems potential in terms of reliability, precision and flexibility are known internationally. In addition, its capabilities are now further enhanced by the second generation, with continuous technological research. As Leonardo, we are proud of the contribution provided in all phases of the COSMO-SkyMed program, a role that gives us credibility and prestige with our customers all over the world.” SAR satellite system COSMO-SkyMed is an Earth observation satellite system of ASI and the Ministry of Defense, a flagship of Italian technology and innovation, built by Leonardo and its joint ventures Thales Alenia Space and Telespazio. It is a dual-use constellation, with SAR ‘eyes’ (Synthetic Aperture Radar) capable of monitoring the phenomena of the Earth in any weather condition. COSMO-SkyMed has changed the way of observing the planet, ensuring fundamental information for the security and the understanding of phenomena that affect everyday life. With the innovative updates built into the second generation COSMO-SkyMed is the first SAR satellite system in the world capable of simultaneously acquiring two images of two areas hundreds of kilometers apart and thus serving two requests that would have been in conflict for any other satellite system. Medium-Sized enterprises COSMO-SkyMed images are used to support populations affected by natural disasters such as earthquakes and fires, but also for the control of cultural and artistic heritage, of critical infrastructures, for monitoring the receding of glaciers, that of oil spills in the seas and for the optimization of agricultural techniques. The constellation will be completed with the additional two satellites just announced which will join the first two The first Second Generation satellite was launched a year ago. The second satellite will be launched on a VEGA-C launcher. The constellation will be completed with the additional two satellites just announced which will join the first two. The COSMO-SkyMed system, of the Italian Space Agency and the Ministry of Defense, is the result and expression of the best skills of the Italian space industry, with Leonardo and its joint ventures Thales Alenia Space and Telespazio, assisted by a significant number of small and medium-sized enterprises. Providing star trackers In particular, Thales Alenia Space, a joint venture between Thales (67%) and Leonardo (33%), is responsible for the entire radar system and satellites, while Telespazio, a joint venture between Leonardo (67%) and Thales (33%), is responsible of the ground segment and hosts the command and control center of the constellation at the Fucino Space Center. Leonardo also contributes to the program by providing the star trackers (A-STR) for the orientation of the satellite, photovoltaic panels (PVA) and electronic units for the management of the electrical power. The first generation has four satellites launched between 2007 and 2010, while the first satellite of the new generation was launched in December 2019. The COSMO-SkyMed constellation is able to acquire up to 1800 images per day that Leonardo, through e-GEOS (Telespazio 80%, ASI 20%) receives, processes and markets all over the world.
Supra, a provider of mobile credentialing and entry management systems for automotive and real estate sectors, announces that its TRAC-Box key management solution has been selected by Oregon-based Guaranty RV Super Centers to help secure and track keys while keeping pace with a growing demand for recreational vehicle (RV) travel. Supra is a part of Carrier Global Corporation, a global provider of healthy, safe and sustainable building and cold chain solutions. Located in Junction City, Oregon, Guaranty is the state’s largest dealer of recreational vehicles, from entry-level tent campers to luxurious diesel-powered RVs that sell for more than $400,000. Gaining valuable sales An industry publication, RV Business, has named Guaranty one of North America’s top 50 dealers for six consecutive years and a top 10 dealership based on customer reviews. “With our large footprint of 25 acres and long dark winters, it is difficult to have visibility of activity,” said Marty Nill, managing partner, Guaranty. “With the Supra TRAC-Box, we’ve improved security and gained valuable sales and marketing insights, and assigning permissions is simple. We’re confident we have authorized access to our vehicles with tracking controls in place. Our vehicles are retail-ready using the Supra TRAC-Box.” Providing greater visibility Supra’s TRAC-Box solution offers a convenient method for tracking the keys and fobs used to open vehicles Supra’s TRAC-Box solution offers a convenient method for tracking the keys and fobs used to open vehicles. Each TRAC-Box uses Bluetooth to communicate with Supra’s eKEY® mobile app on smartphones carried by Guaranty sales associates. They enter a PIN code into the app to unlock the keybox and acquire the keys from a built-in container. “Each time an authorized user opens a keybox, a record of the activity is stored in both the TRAC-Box and eKEY app, so managers and users can see the history of openings without having to return to the office,” said André Lalande, vice president – sales, Supra. “The app also transmits activity to the TRACcess Manager software to create an audit trail providing greater visibility to lock-up activities.” Removing access permissions TRACcess Manager also provides prompt visibility to the activity and frequency of RV showings, enabling management to see which RVs are most popular and reposition vehicles more efficiently. Notifications can also be set to alert management of keybox activity on specific inventory they want to monitor, for example, each time the 10 most expensive RVs are accessed. The TRAC-Box system also promotes accountability among associates and saves time looking for misplaced keys needed to show vehicles. When salespeople leave the company, managers can remove access permissions in easy, streamlined steps via any internet-connected computer or mobile device within a few minutes. Supra is featuring the TRAC-Box system in its virtual exhibit at the RV Dealers Virtual Convention & Expo, Nov. 9-20, 2020.
Empire House, the luxury business members' club due to launch in West Yorkshire in a few weeks, has invested a five-figure sum in state-of-the-art, automated security systems to create a slick customer experience, intensify site security and help protect clients from COVID-19. In readiness for opening in a few weeks’ time, the Slaithwaite-based business center – which will incorporate offices, a ‘lounge’ area with stocked bar and corporate and event facilities – is set to attract businesspeople from all over West Yorkshire and offer 24-hour access to tenants. CCTV and intruder system Recognizing a need to heighten client experience and reduce the manpower required, Empire House has invested in CCTV, access control, fire and intruder alarm support from Huddersfield-based specialists, Centurion Fire & Security Ltd. The automated system has been designed to make the management of the building simple. The access control, which can screen visitors via a camera, also offers the option of COVID-19 functionality Able to be programmed to allow and deny access around the building, the system ensures that no unauthorized individuals can gain entry. It is wholly integrated with the CCTV and intruder system, permitting ‘triggers’ and push-notifications to key holders when an area has been ‘breached’. The access control, which can screen visitors via a camera, also offers the option of COVID-19 functionality, allowing or denying entry based on whether they are wearing a mask or not. Manned onsite teams Amy Byram is the founder of Empire House. Commenting on the investment, she said: “We wanted to provide the utmost security for our clients, whilst ensuring that their experience is slick and uninterrupted – the last thing that people want is to feel that their privacy is being intruded, and we have got that balance just right.” “I am impressed with the functionality of the software, which will allow the management team to ensure security is maximal at all times, without the costly need for manned onsite teams. We can lock and unlock doors directly from an app, whilst enabling us to mark people as safe or missing in an emergency. We hope our clients will be as equally as impressed by the technology as we are.”
Genetec Inc., a technology provider of unified security, public safety, operations, and business intelligence solutions, announces that the Santa Cruz Beach Boardwalk, an iconic amusement park in California, has recently upgraded its security infrastructure with the Security Center platform. By unifying video and access control park-wide, the park’s security team is able to speed up investigations and emergency response. Touted as the ‘Coney Island of the West’, the seaside park features about 40 rides, 30 restaurants, 15 retail shops, arcades, miniature golf, bowling, and conference and banquet facilities. Video surveillance technology As an admission-free park, guests can enter through multiple entrances to buy food, purchase ride tickets, or simply walk around and enjoy the surroundings. Unlike gated parks which typically have a main security checkpoint, the park’s security team must be hyper-vigilant to spot potential security threats before they can develop. Security operators constantly monitor video cameras and work directly with field officers to handle issues. While video surveillance technology helped security teams watch over the large park, aging equipment began compromising their efficiency. As the search for a new video management system began, the team prioritized openness, reliability, and a vendor’s reputation in the market. Moreover, their aging access control system would soon need replacing too. Actively monitoring cameras The team at Santa Cruz Beach Boardwalk uses the Security Center platform to manage over 400 cameras and 220 doors The Santa Cruz Beach Boardwalk team chose the Genetec Security Center platform because of its unique ability to unify video surveillance, access control, and other systems and sensors. The flexibility of the platform was a key selling point and enabled them to choose their preferred cameras and door hardware. Today, the team at Santa Cruz Beach Boardwalk uses the Security Center platform to manage over 400 cameras and 220 doors across the entire amusement park. From one single interface, operators actively monitor cameras and doors, respond to alarms, handle investigations, and export and share video evidence. This ensures that every security incident is effectively resolved without having to switch applications. Video surveillance system “Like any busy amusement park, our guests sometimes become separated from their groups. When this happens, we are now able to use the Security Center Omnicast™ video surveillance system, along with assistance from our field officers, to quickly reunite guests with their parties,” said Will Graham, Security Technology Administrator at Santa Cruz Beach Boardwalk. If motion is detected near a perimeter after opening hours, the platform will trigger an alarm and display live video and a 10-second replay of the event on a dispatcher’s monitor. This allows them to quickly identify if it’s an actual threat. Unique access privileges The team has also expedited investigations by sharing system access with other departments. This includes food service, loss prevention and ticket sales who can handle their own preliminary investigations, if needed. The team has set up different door schedules and rules and created over 200 cardholder groups “Using the Security Center platform, all door events are linked to video which means our team can quickly gather the information needed and solve cases faster,” said Graham. With Security Center, operators get an instant view of an event as it’s unfolding. So before sending an officer to check on the area, they can quickly identify if it’s a threat or a false alarm. Using the Synergis system, the team has set up different door schedules and rules and created over 200 cardholder groups with unique access privileges for various roles and responsibilities. Managed software maintenance For added peace-of-mind, the Santa Cruz Boardwalk team receives fully managed software maintenance and monitoring via the Genetec Advantage maintenance package to help ensure their systems always available and up to date. “Using Security Center has definitely heightened our response efficiency at Santa Cruz Beach Boardwalk. Everything from video surveillance and access control to alarm management has been consolidated into one solution—it’s just a better, more effective way to work. And we’re confident that with this unified platform, we’ll be keeping our guests happy and safe well into the future,” concluded Graham.


Round table discussion
Ten years is a long time, but it seems to pass in an instant in the world of security. In terms of technology, 2010 is ages ago. Changes in the market have been transformative during that decade, and we called on our Expert Panel Roundtable to highlight some of those changes. We asked this week’s panelists: What was the biggest change in the security industry in the 2010-2019 decade?
Ethical hackers are familiar to the world of cybersecurity. As cybersecurity awareness increases in physical security, they are also playing a larger role to ensure the safety of networked and information technologies used in our market. We asked this week’s Expert Panel Roundtable: What is the role of ‘ethical hackers’ to ensure cybersecurity of networked products in the physical security market?
The new year 2019 is brimming with possibilities for the physical security industry, but will those possibilities prove to be good news or bad news for our market? Inevitably, it will be a combination of good and bad, but how much good and how bad? We wanted to check the temperature of the industry as it relates to expectations for the new year, so we asked this week’s Expert Panel Roundtable: How optimistic is your outlook for the physical security industry in 2019? Why?