There will be more artificial intelligence, more machine learning, video systems with more capabilities, and all of it will add greater value to our solutions. Those are among the expectations of our Expert Panel Roundtable as they collectively look ahead to the remainder of 2019. One unexpected prediction is that AI will not prove to be a game changer – at least not yet. We asked this week’s Expert Panel Roundtable: What will be the biggest surprise for security in the second half o...
Keyfactor, a provider of secure digital identity management solutions, announced the acquisition of Spain-based Redtrust, a digital identity solutions company providing centralized certificate and digital signature management. “Like Keyfactor, Redtrust is fiercely committed to offering best-in-class identity management innovation to customers in industries where trust and reputation are a top priority,” said Jordan Rackie, CEO at Keyfactor. “This acquisition supports Keyfacto...
Ping Identity, global provider of identity defined security solutions, has announced updates to its data governance solution, PingDataGovernance, to better manage data security and privacy requirements for APIs and user profiles. Today’s enterprises manage many different APIs on average, meaning sensitive consumer data like banking information and healthcare records are increasingly vulnerable. This rapid growth of APIs and third-party API traffic necessitates fine-grained data protection...
Consumers are managing their financial services in more digital and diverse ways than ever before. But as card-not-present (CNP) transactions across e-commerce, m-commerce and remote commerce rise across the globe, so does fraud. Adding security without simply creating more points of friction is a real challenge, but one that the EMV 3-D Secure protocol – EMV 3DS for short – is trying to combat. The protocols are generating real interest across the industry, but what exactly is EMV...
Johnson Controls has launched the Pro 2MP Micro camera for installations where a low-profile, high-performance surveillance camera is required. The Pro 2MP Micro includes a lens that can be placed up to 20 feet away from the power supply as well as wide dynamic range to balance scenes where bright backlighting can be a challenge. The Micro also operates at a minimum illumination of 0.01 Lux and thus facilitates excellent low light performance without the need for IR illumination. The discrete...
Coming off a successful ISC West show, Honeywell is sharply focused on product development, with an emphasis on advanced software. “We have a strong new product pipeline this year – more than two times the number of products than we’ve released in the past several years,” says Luis Rodriguez, Director of Product Marketing, Honeywell Commercial Security. “At ISC West, we received a lot of interest in how AI and new security systems are changing the market.” A...
March Networks, a global video security and video-based business intelligence pioneer, is proud to announce that it has been designated as a cybersecure business by Cyber Essentials Canada for a second consecutive year. March Networks was the first company in the country to achieve the certification in 2018, and is the first to re-certify through the program this year. Developed as part of the United Kingdom’s (U.K.’s) National Cyber Security Programme, Cyber Essentials certification is awarded to organizations able to demonstrate good cybersecurity practices and an ability to mitigate risks from Internet-based threats in areas including: boundary firewalls and Internet gateways; network configuration; software management; access control; and malware protection. The toolset is also a valuable asset for end user organizations seeking to verify the security of their supply chain. Adhering To Best Security Practices Our participation in the Cyber Essentials program enables us to confirm that we are adhering to the current security practices"“March Networks works with many Fortune 500 customers, including some of the world’s largest banks, so strong corporate security practices have always been a priority,” said Peter Strom, President and CEO, March Networks. “Our participation in the Cyber Essentials program enables us to confirm that we are adhering to the most current security best practices. It also provides our customers with yet another assurance of our high cybersecurity standards.” March Networks’ holistic approach to security involves a 360° view of all areas of its business – from product development and source code management, to operational processes and customer data privacy. The company’s Network Operations Center, for example, operates with extensive physical access and networking controls and restrictions to ensure the security of customer data. The company also participates in comprehensive security audits initiated by large enterprise customers seeking to confirm the security of their video solution provider. Identifying Potential Vulnerabilities Proactive resilience strategies help strengthen organizations’ ability to avoid disruption"In addition, March Networks takes a proactive approach to identifying potential vulnerabilities in its products. The company’s Security Updates and Advisories program involves regularly tracking US-CERT reports on identified vulnerabilities, conducting in-depth investigations when required, and alerting customers and partners to any necessary software updates via email alerts and information posted directly on the March Networks website. Endorsed by the U.K. government, Cyber Essentials was originally created in collaboration with industry partners such as the Information Security Forum (ISF) and the British Standards Institution (BSI). CyberNB, a special operating agency of Opportunities New Brunswick, administers the program in Canada, where it is gaining momentum as a requirement to win business in both public and private sectors. “The team at CyberNB is proud of the commitment to security and continuous improvement that we’ve seen from March Networks,” said Josh Waite, Head of Cyber Essentials Canada. “Proactive resilience strategies help strengthen organizations’ ability to avoid disruption and demonstrate responsible practice. We congratulate March Networks for having made Cyber Essentials Canada certification part of their strategy.”
Pulse Secure, global provider of secure access solutions to both enterprises and service providers, has been recognized as a technology leader and among the top three performers in Network Access Control (NAC) according to research by Quadrant Knowledge Solutions. The NAC market, estimated at nearly $1.3 billion and growing by 27.6 percent per year, is driven by workforce mobility and Bring Your Own Device (BYOD), global regulations, automated threat response and Internet of Things (IoT) security risks. 2019 NAC Market Outlook According to the '2019 NAC Market Outlook' report by Quadrant Knowledge Solutions, NAC manages and controls access of devices and users to corporate networks based on policies, including endpoint configuration, authentication and user’s identity. NAC technologies have evolved significantly from device access authorization, BYOD and guest management functions to more granular endpoint visibility, access and security capabilities that support robust policies driven by mobility, cloud and virtualization trends. Modern NAC technology includes functionality to support granular network segmentation, user behavior monitoring, enhanced visibility, and security automation and orchestration capability for automated threat detection and response. The published report provides an overview of the market including NAC capabilities, technology, drivers, adoption trends and competitive insights. IoT Proliferation IoT proliferation and the convergence of IT/OT networks is expanding the enterprise attack surface"“IoT proliferation and the convergence of IT/OT networks is expanding the enterprise attack surface. With endpoint, BYOD and IoT security risks, organizations are taking advantage of the operational visibility and threat mitigation capabilities of next generation NAC solutions,” said Piyush Dewangan, industry research manager at Quadrant Knowledge Solutions. “Pulse Secure has received strong ratings for its sophisticated technology platform, competitive differentiation, scalability, technology vision and overall customer impact.” The report cites that Cisco, ForeScout Technologies, and Pulse Secure are the top performers and technology leaders in the global NAC market. These companies provide comprehensive NAC solutions targeting large enterprise organizations, improving their network visibility and granular policy implementation. Pulse Policy Secure Among the capabilities highlighted in the report that earned Pulse Policy Secure (NAC) a technical leadership ranking, the most distinguished are: Integrated visibility, BYOD and IoT security and Zero Trust enforcement capabilities Easy path to NAC, starting with rich network device profiling, inventory and guest management Dynamic identification, classification, monitoring and reporting of managed and unmanaged endpoint and IoT devices Agent and agentless options for pre- and post-admission control, supporting an existing 802.1x supplicant/agent, or by employing agentless multi-factor device discovery and verification Automated or self-service provisioning of guest, BYOD and IoT devices Advanced User Enhanced Behavior Analytics (UEBA) further detects anomalous user, endpoint and IoT device activity Integration with leading networking and security tools, and automated threat response Data center or cloud administration of multiple distributed PPS appliances; each appliance can control up to 50,000 devices to scale to over a million devices per network Integration with leading networking and security tools, and automated threat response Common NAC/VPN Client, policy engine and system management for streamlined deployment, unified visibility and consistent access control for data center and hybrid IT Expanding Enterprise NAC Platform Pulse Secure continues to experience growth in its enterprise NAC platform with sales through partners to existing customers" “Pulse Secure continues to experience growth in its enterprise NAC platform with sales through partners to existing customers, as well as to organizations investing in first-time NAC deployments and those replacing their current solutions,” said Scott Gordon, vice president of marketing at Pulse Secure. “With our unique means to offer a simple, unified NAC and VPN solution, we allow enterprises to gain essential intelligence, compliance and protection for remote, cloud and data center access. We are honored to receive this NAC market distinction as technology leader.” The 'NAC Market Outlook' report earmarks that the global NAC market is expected to increase significantly in the next five to six years. NAC is increasingly becoming mature and accepted as a key technology to improve an organization's overall security defenses. Both large and mid-sized organizations are looking at full-scale deployments and extending NAC security to a greater number of devices and endpoints. Adopting Security Technologies Traditionally, the adoption of security technologies is primarily driven by compliance to broader global regulations. In the global market, banking & financial services, education, government and healthcare sectors are the primary users of NAC solutions. However, organizations from several industry verticals are increasingly focusing on improving their security measures to enhance overall security. IT/OT convergence has resulted in increased exposure to cyberthreats to the industrial environment, and NAC vendors are expanding their capabilities to support IT/OT convergence.
Sargent and Greenleaf (S&G), renowned manufacturer of high-quality mechanical and electronic locks, has announced the release of its Digital Vault Lock solution. Through a secure online interface and user-friendly software, this static code, electronic time lock allows for increased flexibility and security for convenient vault access. Digital Vault Lock Combining an attack-resistant lock case and enhanced features to protect against a variety of threats – vibration, bouncing and punching attacks – the Digital Vault Lock provides durable security for financial institutions. With the ability to assign four independent time lock schedules for up to 100 users and retrieve up to 1,000 time- and date-stamped audit events with a simple USB connection from the lock, the Digital Vault Lock increases shift coverage without overriding security and can be customized for a single user, dual user or manager. “With S&G’s Digital Platform features and benefits continuing to evolve, the Digital Vault Lock will provide our customers with additional flexibility and security for a smarter and faster vault access lock,” stated Keith Deaton, COO of Sargent and Greenleaf. “The auditing capabilities along with the scheduling and management features of this lock, make it possible for banks to have a digital vault security option,” said Deaton. S&G’s Digital Vault Lock’s main features include: User-friendly programming via website interface or keypad for secure programming. Audio and visual signals, including a display screen and three keypad LEDs for lock status indication. 1,000 time- and date-stamped events for precisely managing audit trails. Offers dual control, automatic daylight savings, a management reset code, time delay up to 99 minutes and a penalty lockout. S&G 3029-3XX Lock S&G’s Digital Vault Lock is powered by the S&G 3029-3XX lock with a motor-driven lock bolt. With same mounting footprints as the S&G 6400 and 6500 series mechanical vault locks, retrofits are quick and easy.
ADT, a provider of monitored security and interactive home and business automation solutions in the United States and Canada, unveils its new ADT Commercial brand and positioning video, as part of its multi-year expansion plans. Since the merger with Protection 1, ADT has built upon its commercial capabilities and customer focused approach combining more than ten strategic acquisitions, bringing decades of experience to commercial and national account customers. ADT’s announcement is part of its participation in ISC West, North America’s largest security industry trade show with more than 30,000 industry professionals and 1,000 exhibitors. Significant Expansion Plans “Today marks the official start of significant expansion plans for the ADT Commercial brand as we bring together numerous strategic acquisitions and alliances we’ve recently achieved, including industry leader, Red Hawk,” said Dan Bresingham, Executive Vice President, ADT Commercial. The ADT Commercial vision is to offer a unified approach to its customers’ security and life safety needs “We are delivering an expanded product portfolio and geographic reach to our enterprise customers, combined with an obsession for customer service, high quality and commitment to excellence.” Led by Bresingham, the ADT Commercial leadership team has a single-minded focus on security and life safety—having spent the majority of their careers in the industry. The ADT Commercial vision is to offer a unified approach to its customers’ security and life safety needs. Enterprise Risk Management Services ADT Commercial brings together the experience, capabilities and offerings from acquisitions, made since merging with Protection 1, with the goal of creating a best in class security and life safety provider. Most recently, these acquisitions include Red Hawk Fire & Security, Aronson Security Group, MSE Security, Advanced Cabling and Commercial Protection Systems, Inc. ADT Commercial will serve customers with a broad portfolio of solutions such as enterprise risk management services, IP-based video and access control technologies; intrusion detection; fire/life safety; sprinkler installation and maintenance; banking and ATM sales and services; managed services; remote monitoring via its owned and operated monitoring centers; security only networks design, management and monitoring.
RS2 Technologies, globally renowned security and access control systems provider firm, has been named as a new Strategic Alliance Partner in the United States by Zenitel Group, the global provider of Intelligent Communication solutions. Integrated Systems “Zenitel’s continued innovative approach to simple but powerful integrated systems provides a complete unified solution to customers of all sizes”, said Dave Barnard, Director of Dealer Development for RS2. “Zenitel has been established as the industry leader in integrated intelligent communications. Our companies have had a long-standing relationship where integration was valued, but we believe it is now time to go beyond simple integration to providing a full-service solution.” According to Barnard, RS2 Technologies has a reputation as a “one-stop” solution for the access management needs of customers in a wide variety of applications. RS2 delivers cost-effective access management solutions to customers in industries as diverse as shipbuilding, energy, hospitals, education, defense, banking, government (federal, state and municipal), museums, and a variety of diverse manufacturing companies. From small office buildings to large industrial facilities, RS2 has the products to meet the needs of business and industry. RS2 is known for having a rich feature set, continuous integrations, and the lowest total cost of ownership Intelligent Communication “The Intelligent Communication market is targeted to exceed $150 billion by 2021”, said Jim Hoffpauir, President, Zenitel Americas. “To continue to provide innovative solutions that exceed our customers’ expectations, we are creating new strategic partnerships with complimentary technology leaders in the security industry. With our recent release of the new IC-Edge system, partnering with RS2 provides Zenitel with sales channel alignment to emphasize smaller system sales, providing organizations of all sizes an easily accessible and cost-effective solution for highly intelligible audio.”
Identiv, Inc. announces that it will present its recently expanded Internet of Things (IoT) product portfolio at ISC West 2019, encompassing a wide range of physical and logical access control, video and data analytics, door readers, identity cards, visitor management, mobile security, telephone entry, and radio-frequency identification (RFID) and near-field communication (NFC) solutions for physical and IT-secured businesses. Identiv will be showcasing demos of its complete portfolio of high-performance IoT solutions for government, banking, healthcare, critical infrastructure, retail, and other industries at ISC West 2019, booth L13. Newly Acquired And Developed Solutions The company will have some of its newly acquired and developed solutions on display, including: Enterphone integrates with Freedom and Liberty and will be introduced to the U.S. market for the first time at ISC West Web/Cloud and IoT-Based Architecture - Newly acquired Freedom and Liberty Access Control product lines provide cloud-based, frictionless, cyber-secure access control. Freedom’s software-defined platform and new mobile app enable IoT-driven access control for enterprises and governments. Liberty provides an entry-level, web-based scalable solution for small-to-medium businesses (SMBs). Video and Data Analytics - 3VR by Identiv’s video intelligence solutions provide a single platform for real-time security, analytics, and consumer insights, allowing organizations to protect their employees, customers, and assets, as well as enhance store operations and shopping experiences. 3VR is now fully integrated with Hirsch Velocity. Mobile Security - Thursby by Identiv software solutions provide strong government-grade security for government agency, enterprise, and personal mobility, supporting bring-your-own-device (BYOD) and two-factor authentication (2FA) on mobile devices. Access Control - Identiv’s new Hirsch Mx-1-ME (Metal Enclosure) Controller manages a single fully supervised door for controlled entry and exit at the edge and is protected by a metal enclosure with battery backup and power supply. Phone Entry - Over two million tenants in 35,000 installations within residential and mixed-use properties depend on the Enterphone by Identiv telephone entry system for secure visitor access. Enterphone integrates with Freedom and Liberty and will be introduced to the U.S. market for the first time at ISC West. Secure IoT Tags - Identiv’s high-frequency (HF) and ultra high-frequency (UHF) transponders bring smart identities and security to the IoT, digitising and enabling high-growth applications, like medical devices, athletic apparel, and pharmaceuticals. Identiv’s new Tamper Detection NTAG 424 DNA Tag strengthens IoT security for anti-counterfeiting, document authentication, supply chain traceability, data access, and customer engagement. Physical Security Industry This year, join Mark Allen, General Manager, Physical Access Systems at Identiv, Mark Duato, Executive Vice President of Aftermarket Solutions at ASSA ABLOY Door Security Solutions (DSS), and Joe White, President at A-1 Lock, as they present “In Between the Lock and Controller: Why Wireless Locks Are Changing the Game in Access Control” during ISC West on 11th April, 2019, 11:00 AM – 12 PM (IST). The International Security Conference and Exposition — also known as ISC West — is the largest event in the U.S. for the physical security industry, covering access control, alarms and monitoring, biometrics, IP security, video surveillance/CCTV, networked security products, and more.
In the age of massive data breaches, phishing attacks and password hacks, user credentials are increasingly unsafe. So how can organizations secure accounts without making life more difficult for users? Marc Vanmaele, CEO of TrustBuilder, explains. User credentials give us a sense of security. Users select their password, it's personal and memorable to them, and it's likely that it includes special characters and numbers for added security. Sadly, this sense is most likely false. If it's anything like the 5.4 billion user IDs on haveibeenpwned.com, their login has already been compromised. If it's not listed, it could be soon. Recent estimates state that 8 million more credentials are compromised every day. Ensuring Safe Access Data breaches, ransomware and phishing campaigns are increasingly easy to pull off. Cyber criminals can easily find the tools they need on Google with little to no technical knowledge. Breached passwords are readily available to cyber criminals on the internet. Those that haven’t been breached can also be guessed, phished or cracked using one of the many “brute-force” tools available on the internet. It's becoming clear that login credentials are no longer enough to secure your users' accounts. Meanwhile, organizations have a responsibility and an ever-stricter legal obligation to protect their users’ sensitive data. This makes ensuring safe access to the services they need challenging, particularly when trying to provide a user experience that won’t cause frustration – or worse, lose your customers’ interest. After GDPR was implemented across the European Union, organizations could face a fine of up to €20 million, or 4% annual global turnover Importance Of Data Protection So how can businesses ensure their users can safely and simply access the services they need while keeping intruders out, and why is it so important to strike that balance? After GDPR was implemented across the European Union, organizations could face a fine of up to €20 million, or 4% annual global turnover – whichever is higher, should they seriously fail to comply with their data protection obligations. This alone was enough to prompt many organizations to get serious about their user’s security. Still, not every business followed suit. Cloud Security Risks Breaches were most commonly identified in organizations using cloud computing or where staff use personal devices According to a recent survey conducted at Infosecurity Europe, more than a quarter of organizations did not feel ready to comply with GDPR in August 2018 – three months after the compliance deadline. Meanwhile, according to the UK Government’s 2018 Cyber Security Breaches survey, 45% of businesses reported breaches or attacks in the last 12 months. According to the report, logins are less secure when accessing services in the cloud where they aren't protected by enterprise firewalls and security systems. Moreover, breaches were most commonly identified in organizations using cloud computing or where staff use personal devices (known as BYOD). According to the survey, 61% of UK organizations use cloud-based services. The figure is higher in banking and finance (74%), IT and communications (81%) and education (75%). Additionally, 45% of businesses have BYOD. This indicates a precarious situation. The majority of businesses hold personal data on users electronically and may be placing users at risk if their IT environments are not adequately protected. Hackers have developed a wide range of tools to crack passwords, and these are readily available within a couple of clicks on a search engine Hacking Methodology In a recent exposé on LifeHacker, Internet standards expert John Pozadzides revealed multiple methods hackers use to bypass even the most secure passwords. According to John’s revelations, 20% of passwords are simple enough to guess using easily accessible information. But that doesn’t leave the remaining 80% safe. Hackers have developed a wide range of tools to crack passwords, and these are readily available within a couple of clicks on a search engine. Brute force attacks are one of the easiest methods, but criminals also use increasingly sophisticated phishing campaigns to fool users into handing over their passwords. Users expect organizations to protect their passwords and keep intruders out of their accounts Once a threat actor has access to one password, they can easily gain access to multiple accounts. This is because, according to Mashable, 87% of users aged 18-30 and 81% of users aged 31+ reuse the same passwords across multiple accounts. It’s becoming clear that passwords are no longer enough to keep online accounts secure. Securing Data With Simplicity Users expect organizations to protect their passwords and keep intruders out of their accounts. As a result of a data breach, companies will of course suffer financial losses through fines and remediation costs. Beyond the immediate financial repercussions, however, the reputational damage can be seriously costly. A recent Gemalto study showed that 44% of consumers would leave their bank in the event of a security breach, and 38% would switch to a competitor offering a better service. Simplicity is equally important, however. For example, if it’s not delivered in ecommerce, one in three customers will abandon their purchase – as a recent report by Magnetic North revealed. If a login process is confusing, staff may be tempted to help themselves access the information they need by slipping out of secure habits. They may write their passwords down, share them with other members of staff, and may be more susceptible to social engineering attacks. So how do organizations strike the right balance? For many, Identity and Access Management solutions help to deliver secure access across the entire estate. It’s important though that these enable simplicity for the organization, as well as users. Organizations need an IAM solution that will adapt to both of these factors, providing them with the ability to apply tough access policies when and where they are needed and prioritising swift access where it’s safe to do so Flexible IAM While IAM is highly recommended, organizations should seek solutions that offer the flexibility to define their own balance between a seamless end-user journey and the need for a high level of identity assurance. organizations’ identity management requirements will change over time. So too will their IT environments. organizations need an IAM solution that will adapt to both of these factors, providing them with the ability to apply tough access policies when and where they are needed and prioritising swift access where it’s safe to do so. Importantly, the best solutions will be those that enable this flexibility without spending significant time and resource each time adaptations need to be made. Those that do will provide the best return on investment for organizations looking to keep intruders at bay, while enabling users to log in safely and simply.
Timely and important issues in the security marketplace dominated our list of most-clicked-upon articles in 2018. Looking back at the top articles of the year provides a decent summary of how our industry evolved this year, and even offers clues to where we’re headed in 2019. In the world of digital publishing, it’s easy to know what content resonates with the security market: Our readers tell us with their actions; i.e., where they click. Let’s look back at the Top 10 articles we posted in 2018 that generated the most page views. They are listed in order here with a brief excerpt. 1. U.S. President Signs Government Ban On Hikvision and Dahua Video Surveillance The ban on government uses, which takes effect ‘not later than one year after … enactment,’ applies not only to future uses of Dahua and Hikvision equipment but also to legacy installations. The bill calls for an assessment of the current presence of the banned technologies and development of a ‘phase-out plan’ to eliminate the equipment from government uses. 2. Motorola Makes A Splash With Avigilon Video Surveillance Acquisition Early clues point to Motorola positioning Avigilon as part of a broader solution, especially in the municipal/safe cities market. The company says the acquisition will enable more safe cities projects and more public-private partnerships between local communities and law enforcement. Motorola sees Avigilon as ‘a natural extension to global public safety and U.S. federal and military’ applications, according to the company. 3. Impact Of Data-Driven Smart Cities On Video Surveillance One of the major areas of technology that is going to shift how we interact with our cities is the Internet of Things (IoT). One benefit will be the ability to use video surveillance to analyze data on large crowds at sporting events The IoT already accounts for swaths of technology and devices operating in the background. However, we’re increasingly seeing these come to the forefront of everyday life, as data becomes increasingly critical. Bosch is highlighting its “Simply. Connected” portfolio of smart city technology to transform security as well as urban mobility, air quality and energy efficiency 4. CES 2018: Security Technologies Influencing The Consumer Electronics Market Familiar players at security shows also have a presence at the Consumer Electronics Show (CES). For example, Bosch is highlighting its “Simply. Connected” portfolio of smart city technology to transform security as well as urban mobility, air quality and energy efficiency. Many consumer technologies on display offer a glimpse of what’s ahead for security. Are Panasonic’s 4K OLEDs with HDR10+ format or Sony’s A8F OLED televisions a preview of the future of security control room monitors? 5. SIA Predicts Top Physical Security Trends For 2018 Traditional security providers will focus more on deepening the customer experience and enhancing convenience and service. The rise of IoT also places an emphasis on cybersecurity, and security dealers will react by seeking manufacturers and technology partners with cyber-hardened network-connected devices. 6. High-Speed Visitor Screening Systems Will Improve Soft Target Security The system is more expensive than a metal detector, but about a third the cost of familiar airport body scanners. Labor reduction (because of faster throughput) can help offset the system costs, but “it’s difficult to quantify the improvement in the visitor experience,” says Mike Ellenbogen, CEO of Evolv Technology. 7. How To Prevent ATM Jackpotting With Physical And Cyber Security A new crime wave is hitting automated teller machines (ATMs); the common banking appliances are being rigged to spit out their entire cash supplies into a criminal’s waiting hands. The crime is called “ATM jackpotting” and has targeted banking machines located in grocery shops, pharmacies and other locations in Taiwan, Europe, Latin America and, in the last several months, the United States. Rough estimates place the total amount of global losses at up to $60 million. The safety and security world bring a complex problem to solve how to pick out a face in a moving and changing environment and compare it to several faces of interest 8. Why We Need To Look Beyond Technology For Smart City Security Solutions Although technology is necessary for an urban area to transition in to a safe and smart city, technology alone isn’t sufficient. Truly smart cities are savvy cities and that includes how they employ software, sensing, communications and other technologies to meet their needs. 9. How New Video Surveillance Technology Boosts Airport Security and Operations Employing airport security solutions is a complex situation with myriad government, state and local rules and regulations that need to be addressed while ensuring the comfort needs of passengers. Airport security is further challenged with improving and increasing operational efficiencies, as budgets are always an issue. As an example, security and operational data must be easily shared with other airport departments and local agencies such as police, customs, emergency response and airport operations to drive a more proactive approach across the organization. 10. The Evolution Of Facial Recognition From Body-Cams To Video Surveillance The safety and security world bring a complex problem to solve how to pick out a face in a moving and changing environment and compare it to several faces of interest. “One-to-many” facial recognition is a much harder problem to solve.
There’s no denying that cyber-crime is one of the biggest threats facing any organization with the devastating results they can cause painfully explicit. Highly publicized cases stretching from the US government to digital giant Facebook has made tackling cyber security a necessity for all major organizations. The consequences of breaches have just become more severe, with new GDPR rules meaning any security breach, and resultant data loss, could cost your organization a fine of up to four per cent of global revenue or up to 20 million euros. Cyber-crime potentially affects every connected network device. In the biggest cyber-crime to date, hackers stole $1 billion from banks around the world, by gaining access to security systems. It’s more important than ever for organizations to be vigilant when it comes to their cyber security strategy. To help avoid becoming the next victim, I’ve put together a five-point cyber plan to protect your video surveillance system. 1. Elimination Of Default Passwords A small change to a memorable, complex password could have huge consequences for your business It is estimated that over 73,000 security cameras are available to view online right now due to default passwords. ‘Password’ and ‘123456’ are among the top five most popular passwords with a staggering 9,000,000 login details matching this description. Guessable passwords create an unsecure security system which can result in an easy way for hackers to gain access to your organization’s data, making you vulnerable to a breach. A small change to a memorable, complex password could have huge consequences for your business. Removing default passwords from products and software forces individuals to think of their own to keep their data safe. If a password system is not provided by your organization we recommend that your password uses two or more types of characters (letters, numbers, symbols) and it is changed periodically. 2. Encrypted Firmware Encrypting firmware is an important part of any organizations overall security system. Firmware can leave an open door, allowing hackers to access your data. All firmware should be encrypted to reduce the possibilities of it being downloaded from the manufacturers website and deconstructed. If the firmware posted is not encrypted, there is a risk of it being analyzed by persons with malicious intent, vulnerabilities being detected, and attacks being made. With i-PRO cameras and recorders, all firmware is securely encrypted to mitigate analysis There have been cases where a device is attacked by firmware vulnerabilities even if there are no problems with the user's settings, rendering it inoperable, and DDoS attacks being made on other servers via the device. With i-PRO cameras and recorders, all firmware is securely encrypted to mitigate analysis. There is also a possibility of being attracted to spoofing sites by targeted attack email and firmware being updated with a version that includes a virus, so firmware must always be downloaded from the vendor's page. It may also be advantageous to combine this with an imbedded Linux operating system which removes all unused features of the device, it can help to reduce the chances of malicious entities searching for backdoor entities and inserting codes. 3. Removing Vulnerabilities Within The Operating Systems Vulnerability is the name given for a functional behavior of a product or online service that violates an implicit or explicit security policy. Vulnerabilities can occur for a number of reasons for example, due to an omission in logic, coding errors or a process failure. Network attacks exploit vulnerabilities in software coding that maybe unknown to you and the equipment provider. The vulnerability can be exploited by hackers before the vendor becomes aware. You should seek to minimize these issues by looking for a secure operating system which is regularly updated. Panasonic has developed Secure Communications, a platform and package to protect against video tampering, altering, spoofing and snooping As a provider of security solutions, Panasonic is taking a number of steps to ensure its consumers remain safe and secure. We have developed Secure Communications, a platform and package to protect against video tampering, altering, spoofing and snooping. We have combined with a leading provider of highly reliable certificates and technology for detecting and analyzing cyber-attacks with its own in-house embedded cryptography technology, to provide a highly secure and robust protection layer for its embedded surveillance products. 4. Avoiding Remote Login Using Telnet Or FTP Telnet and FTP are a very outdated source of software which as a result means they lack built-in security measures Telnet and FTP are a very outdated source of software which as a result means they lack built-in security measures. File transfer protocol or transfer through cloud-based services means the files and passwords are not encrypted and can therefore be easily intercepted by hackers. An encrypted software removes the risk of files being sent to the wrong person or forwarded on without your knowledge. Telnet predates FTP and as a result is even less secure. Hyper Transfer Protocol Secure is a protocol to make secure communications by HTTP, and it makes HTTP communications on secure connections provided by SSL/TLS protocols. The major benefits of using this system is that HTTPS and VPN encrypt the communications path, so data after communications is decrypted and recorded. If recorded data is leaked, it will be in a state where it can be viewed. With data encryption, however, it remains secure and can even be recoded to storage. Thus, even if the hard drive or SD card is stolen or data on the cloud is leaked, data cannot be viewed. 5. Use Of Digital Certificates Private and public keys are generated at manufacture in the factory and certificates installed at the factory Digital certificates are intended to safely store the public key and the owner information of the private key it is paired with. It provides assurance that the accredited data from a third party is true and that the data is not falsified. It is beneficial for all data to be encrypted with digital certificates. Digital certificates are far safer when issued by a third party rather than creating a self-signed version unless you are 100 percent sure of the receiver identity. From April 2016, some models of Panasonic series iPro cameras come with preinstalled certificates to reduce the risk of interception and the hassle of having to create one. With i-PRO cameras with Secure function, private and public keys are generated at manufacture in the factory and certificates installed at the factory. As there is no way to obtain the private key from the camera externally, there is no risk of the private key being leaked. Also, certificates are signed by a trusted third party, and the private key used for signing is managed strictly by the authority. In addition, encryption has been cleverly implemented to reduce the usual overhead on the IP stream from 20% to 2%.
Effective access control can be achieved without the use of cards using a new generation of secure facial authentication enabled by artificial intelligence and machine learning. Alcatraz AI is introducing a system that deploys a sensing device, about the size of a badge reader, with multiple color and infrared cameras that can detect facial features and confirm an identity. Real-time 3-D facial mapping avoids anyone using a photograph, video or mask to spoof the system and confirms there is a real person that matches the stored facial image. System Helps In Tailgating Mitigation Deep neural networks, powered by NVIDIA, enable the system to achieve new levels of frictionless access control, says Vince Gaydarzhiev, CEO of Alcatraz AI. Computer processing is achieved at the edge to ensure speedy and secure access control. We saw an opportunity to create a system that solves issues of tailgating and addresses the need for security without increasing friction"“We saw an opportunity to create a system that solves issues of tailgating and addresses the need for security without increasing friction,” says Gaydarzhiev. The accuracy of the system lessens the need for security guards, he says. The Silicon Valley startup, currently with 20 employees, was founded in early 2016 by a team from Apple, NVIDIA and Lily Robotics with a goal of targeting mid- to large-sized corporations that currently have deployed badging systems. The company has raised close to $6M from venture capital firms and individuals, and Johnson Controls/Tyco has invested in the startup. Alcatraz AI’s sensor device, mounted near a door, confirms a user’s identity and communicates the user’s badge number to the existing access control infrastructure. “The system improves the facial profile every time, using the neural network to be even more accurate in the future,” says Gaydarzhiev. He says it is the industry’s first “instant one-factor authentication for multi-person in-the-flow sensing.” The system is less expensive than previous facial authentication systems and does not require users to be very close to the reader Easy Enrollment And Deployment Enrollment in the system is easy. Companies can deploy a separate enrollment station, or any reader can be used for enrollment. After badging in a couple of times, the face matching system “enrols” the face with the associated badge number, thus allowing the user to dispense with the badge altogether. In the future, the frictionless system simply recognises the user and opens the door. A user company can quickly deploy the system at locations where thousands of employees have access, without requiring employees to go to HR for enrollment. Gaydarzhiev says accuracy of the system is no less than that of iris scanning, and the accuracy is configurable for specific needs. He says the system is less expensive than previous facial authentication systems and does not require users to be very close to the reader. Facial authentication is also more flexible than iris scanning or fingerprinting. Detecting Intent From Positioning Of Eyes The system detects intent from the positioning of the eyes and body to avoid opening a door unintentionallyIn contrast to near field communication (NFC) or Bluetooth systems, the technology does not require a compatible smart phone or have issues of communication range. There is no need for users to stop and perform an action or gesture to signal intent. The system detects intent from the positioning of the eyes and body to avoid opening a door unintentionally, says Gaydarzhiev. Alcatraz AI is targeting high-tech enterprises, including healthcare, government and eventually banks. Currently they have three pilot installations among large global software companies and are undergoing trials with some government agencies. Today, they sell direct to end users, but the intent is to develop a dealer channel that will account for most of the sales.
Recent technology advances – from the cloud to artificial intelligence, from mobile credentials to robotics – will have a high profile at the upcoming ISC West exhibition hall. Several of these technologies were recently designated by the Security Industry Association as the Top 8 Security Technologies for Security and Public Safety. Some of them will also be a focus at the ISC West conference program, SIA Education@ISC, April 9-11 at the Sands Expo Center. This article will highlight some of those conference sessions. Topic: Cloud Systems And Video Surveillance As A Service (VSaaS) Managed Video Services are saving TD Bank $500K annually, April 9, 2:45 to 3:45 p.m. Why TD Bank decided to roll out a managed services solution, what it took to deploy and how the bank is saving an astounding $500,000 annually. IT 4.0 and Video Surveillance: A Guide to the New Terminology and What It Means to You and Your Customers, April 11, 1:15 to 2:15 p.m. How IT 4.0 can enhance or change video surveillance, and consequently deliver additional value to customers, including explanations of terms such as cloud data centers, personal clouds, the edge, IoT sensors and data analytics. One of the sessions to cover how IT 4.0 can enhance or change video surveillance, and consequently deliver additional value to customers Topic: Artificial Intelligence (AI) In Video And Other Systems The Challenges and Opportunities of AI in Physical Security, April 10, 3:45 to 4:45 p.m. Looking toward what the future may hold for AI in physical security; the challenges and opportunities the technology has created; and how participants can leverage AI and machine learning with existing customers to grow their business. Deep Learning Demystified: Next-Generation AI Applied to Video, April 11, 9:45 to 10:45 a.m. Dispelling the myths of the terms “deep learning” and “artificial intelligence,” and what the technologies can do in practical terms. Modern cameras find and identify faces and vehicles, analyse behavior and organize and control assets Neural Processing and Smart Cameras, April 9, 8:30 to 10 a.m. Deep learning-capable hardware is evolving at a frantic pace, and GPU and NPU (neural processing unit) co-processors are commonly embedded in cameras and video management systems. Modern cameras find and identify faces and vehicles, analyse behavior and organize and control assets. Analytics in the Video Central Station: Proper Deployment, Programming and Configuration to optimize operational and cost efficiencies, April 11, 3:45 to 4:45 p.m. How analytics plays a critical role in reducing alarm traffic in a central station environment, allowing them to save money and realize other operational and performance efficiencies. Topic: Robotics And Autonomous Devices Robotic Aerial Security – Growth Trends and Best Practices, April 10, 11 a.m. to noon The lion’s share of growth in the robotic aerial security sector will come from autonomous systems and changing FAA regulations will soon allow companies to monitor and secure remote facilities with no human guards present. Racing drones are difficult to detect as they do not use GPS or radio frequency signals to identify the location of other devices How to Adapt to Address Drone Security, April 11, 1:15 to 2:15 p.m. Drone industry professionals and a physical security design engineer will cover the realistic applications of drone systems and counter-drone solutions that can protect organizations and facilities. Next Generation Threat: Racing Drones, April 11, 2:30 to 3:30 p.m. Racing drones are difficult to detect as they do not use GPS or radio frequency signals to identify the location of other devices. This session will identify the potential risks these drones can pose to facilities, special events, and critical infrastructure. Establishing a Corporate Drone Program, April 10, 9:45 to 10:45 p.m. Is a corporate drone program an appropriate addition to an existing security program? How to understand and navigate the regulatory challenges and processes associated with starting up a commercial-use drone program. The Rise of Intelligence in Physical Security, April 11, 9:45 to 10:45 a.m. “Intelligence” incorporates a variety of subdomains from artificial intelligence to machine learning and contextual analysis. It is rapidly becoming a focus in the realm of IT security – and increasingly in the realm of physical security, too. Changing FAA regulations will soon allow companies to monitor and secure remote facilities with no human guards present Topic: Mobile Credentials Finding Their Place In Access Control How Biometrics Are Enabling the Convergence of Physical and Information Security, April 10, 1:45 to 2:45 p.m. At the center of convergence is one crucial building block: strong irrefutable identity powered by biometrics. Driving the Future: How Interoperability Standards in Access Control Can Enable Smart Building Success, April 9, 1:30 to 2:30 p.m. Growing user demand is driving new open platform approaches and the adoption of interoperability standards Growing user demand for unfettered and unlimited third-party integrations is now driving new open platform approaches and the adoption of interoperability standards. They are changing the dynamic of access control and its role within the smart building environment. Topic: Facial Biometrics In Professional Solutions How Biometrics Are Enabling the Convergence of Physical and Information Security, April 10, 1:45 to 2:45 p.m. Securing workstations, virtual desktops, turnstiles, front doors, mobile devices and more, biometric authentication is helping enterprises and governments worldwide to realize a more secure future. Topic: Voice Control In The Smart Home Environment Delivering the Smart Home of the Future, April 11, 3:45 to 4:45 p.m. With the proliferation of connected smart devices, including voice control devices, consumers have a growing array of options for defining what their Smart Home experience could be.
Cybersecurity talk currently dominates many events in the physical security industry. And it’s about time, given that we are all playing catch-up in a scary cybersecurity environment where threats are constant and constantly evolving. I heard an interesting discussion about cybersecurity recently among consultants attending MercTech4, a conference in Miami hosted by Mercury Security and its OEM partners. The broad-ranging discussion touched on multiple aspects of cybersecurity, including the various roles of end user IT departments, consultants, and integrators. Factors such as training, standardisation and pricing were also addressed as they relate to cybersecurity. Following are some edited excerpts from that discussion. The Role Of The IT Department Pierre Bourgeix of ESI Convergent: Most enterprises usually have the information technology (IT) department at the table [for physical security discussions], and cybersecurity is a component of IT. The main concern for them is how any security product will impact the network environment. The first thing they will say, is “we have to ensure that there is network segmentation to prevent any potential viruses or threats or breaches from coming in.” The main concern for IT departments is how any security product will impact the network environment” They want to make sure that any devices in the environment are secure. Segmentation is good, but it isn’t an end-all. There is no buffer that can be created; these air gaps don’t exist. Cyber is involved in a defensive matter, in terms of what they have to do to protect that environment. IT is more worried about the infrastructure. The Role Of Consultants And Specifiers Phil Santore of DVS, division of Ross & Baruzzini: As consultants and engineers, we work with some major banks. They tell us if you bring a new product to the table, it will take two to three months before they will onboard the product, because they will run it through [cybersecurity testing] in their own IT departments. If it’s a large bank, they have an IT team, and there will never be anything we [as consultants] can tell them that they don’t already know. But we all have clients that are not large; they’re museums, or small corporations, or mom-and-pop shops. They may not be as vulnerable from the international threat, but there are still local things they have to be concerned about. It falls on us as consultants to let them know what their problems are. Their IT departments may not be that savvy. We need to at least make them aware and start there. Wael Lahoud of Goldmark Security Consulting: We are seeing more and more organisations having cybersecurity programs in place, at different maturity levels. At the procurement stage, we as consultants must select and specify products that have technology to enable cybersecurity, and not choose products that are outdated or incompatible with cybersecurity controls. We also see, from an access control perspective, a need to address weaknesses in databases. Specifying and having integrators that can harden the databases, not just the network itself, can help. The impact of physical security products on the network environment was a dominant topic at the MercTech4 consultants roundtable discussion The Need For Standards On Cybersecurity Jim Elder of Secured Design: I’d like to know what standards we as specifiers can invoke that will help us ensure that the integrator of record has the credentials, knows what standards apply, and knows how to make sure those standards are maintained in the system. I’m a generalist, and cybersecurity scares the hell out of me.We’re not just talking about access to cameras, we are talking about access to the corporate network and all the bad things that can happen with that. My emphasis would be on standards and compliance with standards in the equipment and technology that is used, and the way it is put in. It can be easier for me, looking at some key points, to be able to determine if the system has been installed in accordance. We are seeing more and more organizations having cybersecurity programs in place, at different maturity levels"I’m taking the position of the enforcement officer, rather than the dictator. It would be much better if there were focused standards that I could put into the specification— I know there are some – that would dictate the processes, not just of manufacturing, but of installation of the product, and the tests you should run accordingly. Pierre Bourgeix: With the Security Industry Association (SIA), we are working right now on a standard that includes analyzed scoring on the IT and physical side to identify a technology score, a compliance score, a methodology, and best-of-breed recommendation. Vendor validation would be used to ensure they follow the same process. We have created the model, and we will see what we can do to make it work. Terry Robinette of Sextant: If a standard can be written and it’s a reasonable process, I like the idea of the equipment meeting some standardized format or be able to show that it can withstand the same type of cyber-attack a network switch can withstand. We may not be reinventing the wheel. IT is the most standardized industry you will ever see, and security is the least standardized. But they’re merging. And that will drive standardization. Jim Elder: I look to Underwriters Laboratory (UL) for a lot of standards. Does the product get that label? I am interested in being able to look at a box on the wall and say, “That meets the standard.” Or some kind of list with check-boxes; if all the boxes are checked I can walk out and know I have good cybersecurity threat management.IT is the most standardised industry you will ever see, and security is the least standardised" The Role Of Training Phil Santore: Before you do any cybersecurity training, you would need to set the level of cybersecurity you are trying to achieve. There are multiple levels from zero to a completely closed network. Wael Lahoud: From an integrator’s perspective, cybersecurity training by the manufacturer of product features would be the place to start – understanding how to partner the database, and the encryption features. We see integrators that know these features are available – they tick the boxes – but they don’t understand what they mean. Cybersecurity is a complex topic, and the risk aspects and maturity levels vary by organization. That would be a good starting point. The Role Of Integrators Wael Lahoud: Integrators like convenience; less time means more money. So, we see some integrators cut corners. I think it is our role (as consultants) to make sure corners are not cut. If you rely solely on integrators, it will always be the weak password, the bypass. We have seen it from small projects to large government installations. It’s the same again and again. Even having an internal standard within an organization, there may be no one overseeing that and double-checking. Tools will help, but we are not there at this point. I will leave it up to manufacturers to provide the tools to make it easy for consultants to check, and easier for integrators to use the controls. Cybersecurity is a complex topic, and the risk aspects and maturity levels vary by organization - so training is very important The Impact of Pricing Pierre Bourgeix: The race to the cheapest price is a big problem. We have well-intended designs and assessments that define best-of-breed and evaluate what would be necessary to do what the client needs. But once we get to the final point of that being implemented, the customer typically goes to the lowest price – the lowest bidder. That’s the biggest issue. You get what you pay for at the end of the day. With standards, we are trying to get to the point that people realise that not all products are made the same, not all integrators do the same work. We hope that through education of the end user, they can realise that if they change the design, they have to accept the liability.It’s not just the product that’s the weakest link, it’s the whole process from design to securing that product and launching it" The big picture Wael Lahoud: The Windows platform has a lot of vulnerabilities, but we’re still using it, even in banks. So, it’s not just the product that’s the weakest link, it’s the whole process from design to securing that product and launching it. That’s where the cybersecurity program comes into play. There are many vulnerable products in the market, and it’s up to professionals to properly secure these products and to design systems and reduce the risk. Pierre Bourgeix: The access port to get to data is what hackers are looking for. The weakest link is where they go. They want to penetrate through access control to get to databases. The golden ring is the data source, so they can get credentialing, so they can gain access to your active directory, which then gives them permissions to get into your “admin.” Once we get into “admin,” we get to the source of the information. It has nothing to do with gaining access to a door, it has everything to do with data. And that’s happening all the time.
Columbia Bank, a Northwest community bank headquartered in Tacoma, Washington, sought to upgrade their video surveillance solution to improve image quality and retention time. They also wanted to maximize field of view to deliver a more forceful and expansive – yet, less intrusive – solution. Working with Cook Security Group, Inc., Ross Armstrong, vice president of physical security at Columbia Bank, chose to overhaul video surveillance in their 150-plus branches across the Northwest, many of which included older analog cameras. They chose to install a mix of Hanwha Techwin models including Wisenet P series PNM-9000VQ multi-sensor / multi-directional outdoor vandal-proof dome cameras with 5 megapixel lens modules and Wisenet X series XND-8020F 5 megapixel indoor flush mount dome cameras. Surveillance cameras managed by Omnicast VMS The project, which started in June of 2018, has already deployed over 1,200 Hanwha Techwin cameras across 80 locationsColumbia Bank is in the process of the multi-phase upgrade that converts their existing branches to Hanwha Techwin video surveillance cameras managed by Genetec’s Security Center Omnicast Video Management System (VMS). The project, which started in June of 2018, has already deployed over 1,200 Hanwha Techwin cameras across 80 locations. They will complete another 60 sites in 2019, and 30 more in 2020. The video cameras serve as part of an overall physical security plan and are positioned to provide expansive coverage of bank interiors including teller lines, exteriors including parking lots and surrounding areas and ATM machines. Cameras bundled with analytics Armstrong said Columbia Bank tested out a of variety of models before deciding on Hanwha Techwin. “I didn't know which camera vendors would give us the biggest bang for the buck,” he said. “But I settled on Hanwha Techwin for a couple of reasons. One, is the price competitiveness and, two, the fact that the cameras come bundled with so many analytics that many companies want to charge extra for those licenses.” One of the analytics features the Columbia Bank security team uses with regularity is the loitering feature, specifically at their ATM machines One of the analytics features the Columbia Bank security team uses with regularity is the loitering feature, specifically at their ATM machines. “If an individual is loitering around one of our ATMs beyond the set time limit, then we have it programmed into Genetec’s Security Center to send an alert." "Omnicast snaps a photo of the loiterer and emails it to everyone designated on our security team. We then can take a quick look at that photo and quickly determine whether or not somebody is utilizing the ATM as a customer or if they're doing something they're not supposed to, such as trying to break into the ATM or installing a skimmer.” Health monitoring of the cameras Armstrong said, as he tested cameras from other vendors, he noticed a consistent drop rate which he was concerned would get worse. Even though 98 percent availability seems acceptable, any downtime creates a risk of missing critical events" “Security Center provides health monitoring of the cameras, and what I looked for was if the availability started dropping below 98 percent. Even though 98 percent availability seems acceptable, any downtime creates a risk of missing critical events. One camera model we were testing was experiencing regular outages, where we would lose 30 seconds off and on throughout the day. These short loses added up quickly and we were seeing availability times dropping somewhere around 93 to 94 percent. That wasn't acceptable. “When I reviewed the data on the Hanwha Techwin model, the average availability was consistently above 99 percent, which was so impressive. It might just be a two percent difference, but it's inevitable that the one time you need it is the one time that camera is not working as expected. Columbia Bank was unwilling to accept the risk of utilizing equipment that failed to meet our standards, and decided to partner with Hanwha Techwin, who provided a much more reliable end user experience.” Utilizing H.265 and WiseStream compression Impact on network infrastructure and bandwidth were also determining factors for Columbia Bank as they chose to upgrade their video surveillance system. Armstrong said he was disappointed to find many camera manufacturers were not quickly integrating usage of H.265 compression technology into their products. He said he is impressed that Hanwha Techwin utilizes H.265 in so many of its camera models, as well as the fact that Hanwha has incorporated its own WiseStream technology into its cameras, making them even more efficient. Hanwha Techwin Wisenet P and X series cameras use H.265/H.264/MJPEG with Hanwha’s exclusive WiseStream II compression technology Hanwha Techwin Wisenet P and X series cameras use H.265/H.264/MJPEG with Hanwha’s exclusive WiseStream II compression technology. WiseStream dynamically controls encoding, balancing quality and compression according to movement in the image. Combined with H.265 compression, the bandwidth efficiency can be improved by up to 75 percent compared to current H.264 technology. Installing non-Intrusive cameras Community banks are charged with keeping employees, customers, and assets safe, but also need to present a warm and inviting environment since they are often a hub of civic activity. In-your-face video surveillance cameras in a bank can be threatening to any would-be criminal, but they are also off-putting to customers that visit banks on a day-to-day basis. This allows us to get higher quality images – and a wider field of view – while not intruding into people’s personal space"When Armstrong and his team were evaluating camera solutions across its branches, they wanted to find a way to let customers know they were providing the latest in video security without the potentially intrusive analog cameras that often can be found just inches away from customers during transactions at the teller counter. Higher resolution 5 megapixel cameras “It’s a balance – you want customers to feel secure, but you don’t want them to feel like they are in a prison or a fishbowl,” said Armstrong. He said they removed the older analog cameras on the teller line and replaced them with the higher resolution 5 megapixel Hanwha Techwin models, which were placed off the teller line. “This allows us to get higher quality images – and a wider field of view – while not intruding into people’s personal space,” he said. SPD-150 49 Channel Decoder for connectivity One way to convey that Columbia Bank is all business when it comes to security was with an innovative decoder offered by Hanwha Techwin. Armstrong said they wanted to have video monitors showing surveillance camera feeds in certain higher-risk locations so that customers would know they are being recorded, and that would serve as a deterrent to any would be criminals. However, with the change in hardware, they were unable to connect monitors directly to a DVR. Armstrong said Hanwha’s SPD-150 49 Channel Decoder has allowed them to connect analog, HDMI, and VGA. Columbia Bank has provided video evidence to help law enforcement investigate a variety of incidents including drive-by shootings, traffic accidents, and arson “Being able to put one Hanwha decoder unit in a branch and run three monitors off of it – as well as the ability to hook monitors up to some cameras directly – has saved us tremendous amounts of money while adding a visual security feature.” Adding cameras outdoor to assist community Columbia Bank has long emphasized that they are a community bank that’s community minded. When Armstrong and his team decided to upgrade their video surveillance solution, they made the decision to add video surveillance cameras to the exterior of all bank locations not only to protect their customers as they come and go, but also to assist the community and law enforcement when incidents occur in areas surrounding their branches. We’re very pleased with the solution from Cook Security Group, Hanwha Techwin, and Genetec" “We look at it as the opportunity to give back to the community and provide assistance in a variety of ways,” said Armstrong. So far, Columbia Bank has provided video evidence to help law enforcement investigate a variety of incidents including drive-by shootings, traffic accidents, and arson. Satisfied with the system’s performance Columbia Bank has been well served by the Hanwha Techwin-Genetec security solution and Armstrong said they are very satisfied with the performance of the system. “Hanwha Techwin has been a phenomenal partner for us,” he said. “And that’s what I look for in a security provider – a long-term partnership. We’re very pleased with the solution from Cook Security Group, Hanwha Techwin, and Genetec and we look forward to completing all phases of the project.”
Ahli United Bank (AUB) is a leading financial institution providing banking, investment, and wealth management services from 147 branches in eight countries. Utilizing Gallagher’s business and security solutions in Bahrain since 2008, Ahli United Bank decided in 2017 to undertake a full upgrade of the systems at its headquarters. Installing controlled doors As part of upgrading the full product suite at its Bahrain Headquarters – which included all controlled doors and software – Ahli United Bank (AUB) also took the opportunity for a complete re-design of the set-up and locations of its security system. The bank was committed to finding a product that was cost effective and had a long life expectancy. While researching their options, AUB management saw a demonstration of Gallagher’s Mobile Connect technology and were immediately convinced that this was the ideal product for the bank’s upgrade. Gallagher Mobile Connect uses Bluetooth wireless technology to enable users to badge at a reader using a smartphone Gallagher Mobile Connect In late 2018, AUB began testing the new mobile solution on site then to be rolled out to most of its staff at headquarters. Gallagher Mobile Connect uses Bluetooth wireless technology to enable users to badge at a reader using a smartphone instead of an access card. A huge benefit for AUB is the solution’s capability to add additional layers of security where needed. Gallagher’s Mobile Connect solution provides the option to apply two-factor authentication via the smartphone – either fingerprint, PIN, or facial recognition – delivering heightened security over access to restricted areas. According to AUB’s management, the two-factor capability was very appealing to them. “Using mobile with facial recognition is far more secure than card and PIN, and it’s immensely more cost-effective than buying biometric readers,” they said. Temporary remote access control From an administrative and site management perspective, Gallagher Mobile Connect provides AUB with significant flexibility. Easy provisioning means that authorized staff can remotely allocate temporary access in advance and can also schedule when a user’s access can begin and end – ideal for visitors and contractors who come to the bank’s headquarters. Beyond Mobile Connect, readers and controllers, AUB uses Gallagher’s security software platform, Command Center, to manage alarms and access for its headquarters and all branches, all from a centralized location. “The power of Command Center is enormous,” said AUB’s Management. “It integrates with our CCTV equipment and gives excellent oversight of our operations.”
Brian Ishikawa has always kept tight control over his video surveillance system, allowing only authorized personnel within his corporate security division to access video footage. So it was a change for Ishikawa, Senior Vice President and Director of Corporate Security for the Bank of Hawaii, to get used to the idea of authorized staff from the bank’s branch division being able to review video for operational, compliance and marketing-related purposes. The insights collected from the video are helping the bank make more strategic decisions about staffing, customer service and even future branch design. Business Intelligence Our March Networks surveillance platform is providing us with some significant business and non-security-related uses" “Our March Networks surveillance platform is providing us with some significant business and non-security-related uses,” Ishikawa explained. Bank of Hawaii, which operates 69 branches and 373 ATMs across Hawaii, American Samoa and the West Pacific, is currently using March Networks Searchlight for Banking software to gather business intelligence at its branches. Searchlight’s mix of surveillance video, teller/ATM transaction data and analytics delivers valuable insights into the bank’s operations, as well as helping to enhance security and uncover fraud. “Our branch division folks look at the data to get ideas on how we should do our branch operations or staffing differently,” he said. People counting data — collected by FLIR Brickstream3D sensors integrated with the Searchlight software — tells them which entrances and exits are most used so they can place marketing materials in high-traffic areas. Video Surveillance Products The information is also being used to help determine future branch layouts. Queue length and dwell time data, meanwhile, help them understand their busiest time of day, and day of the week, so they can staff branches appropriately. “It’s a huge plus for us,” said Ishikawa. “Our executive management team can see the benefits of the video solution, and the future possibilities for this data.” A forward-thinking bank that’s keen to try new technology, Bank of Hawaii began exploring Searchlight after its success with March Networks’ other video surveillance products. The bank first started using March Networks systems in 2015, when it was time to upgrade its legacy DVRs. At the time, Bank of Hawaii was relying on two different video platforms, and it wasn’t happy with their performance. After enlisting the help of a consultant, and doing his own research at security tradeshows, Ishikawa says the decision to go with March Networks was clear. Network Video Recorders 'March Networks’ products are really engineered for the banking environment" “I remember asking some of my banking counterparts, ‘Hey what are you guys using?’ And they strongly recommended March Networks,” he recalled. The consultant came to a similar conclusion. He said, "March Networks’ products are really engineered for the banking environment,’ so that helped us make the decision.” Bank of Hawaii is currently using March Networks 8000 Series Hybrid Network Video Recorders (NVRs) in about half of its banking branches. The Linux-based devices provide reliable video surveillance recording and management, and are also easy to service, which is a huge bonus for Ishikawa and his team. In addition, the 8000 Series rack mount units feature an innovative ‘dock and lock’ station that allows technicians to easily remove and service the recorder while leaving all rear connections clean and organized in place. Existing Analog Cameras “With other companies, you have to power down the recorder for several minutes to service it, and that means unplugging and re-plugging all the inputs. You miss a number of minutes of recording during that time. With March Networks, we’re able to just pull out the hard drive and pop in another one without taking the NVR offline,” he said. “That’s huge for us.” According to Ishikawa, Bank of Hawaii also appreciates the 8000 Series’ hybrid support, which allowed the bank to continue using its existing analog cameras, and the motion histograms in March Networks Command video management software, which show Ishikawa and his team where motion occurred and helps them rapidly locate video evidence. “Command’s modern interface is really user-friendly, and it’s very easy to find video,” said Ishikawa. Dynamic Range Technology Bank of Hawaii has installed MegaPX ATM Cameras, which are purpose-built for ATMs “When someone is telling you, ‘Hey we had a problem at this branch this morning, I don’t know what happened, but it must have been around this time’, we’re able to find that video much more quickly on a March Networks platform.” The bank’s high resolution cameras also make it easy to discern important details. In its newer branches, Bank of Hawaii is using March Networks ME4 Series IP cameras, which capture 4MP images and feature high dynamic range technology to optimize image quality in both low and bright light. The bank is also using Oncam 360° cameras for high-resolution panoramic views. For security at its bank machines, Bank of Hawaii has installed MegaPX ATM Cameras, which are purpose-built for ATMs. Video is integrated with the bank’s ATM transaction data in the Searchlight software for rapid investigations into customer complaints and potential fraud. More Comprehensive Oversight “It’s so easy to search,” said Ishikawa. “It takes us exactly to that transaction and the associated video so we can figure out what transpired.” The bank is also integrating its teller transaction data with video in Searchlight for more comprehensive oversight of its branches. The combination of video, transactions and analytics helps it get a more holistic view of its services. “Transaction data is not always indicative of how busy a branch is,” Ishikawa said, noting that lengthier conversations at the teller counter often create value because the customer returns later to access another bank product or service. Having video and analytics is an added layer of information. Being able to remotely access video also helps Ishikawa’s security team conduct virtual patrols. This saves them both time and money. Uniformed Security Member Capturing video of the incident helped underscore the serious nature of the situation “In the past, whenever there was an issue, we had a uniformed security member head out and physically check the branch. But with virtual patrols, we can do fewer physical visits and, when we do visit, it’s a more meaningful visit.” The security team, for example, can keep an eye on issues with vagrancy and loitering by simply logging into the Command software. March Networks video has helped the bank successfully address some of these issues. In one case, a person was routinely visiting a branch and causing disruptions by yelling and throwing deposit slips on the floor. “We don’t always know the situation, but if a person is yelling or displaying erratic behavior, they pose a risk,” said Ishikawa. Capturing video of the incident helped underscore the serious nature of the situation. Investigating A Fraud “We were able to show police that this was not a minor disruptive party. It was a very concerning issue for us. And it wasn’t just our bank, it was occurring in other banks, too.” Going forward, Bank of Hawaii is planning to migrate its remaining retail branches to March Networks. Given the widespread benefits of intelligent video, Ishikawa predicts that, like him, more bank security managers will receive requests to share their video surveillance securely with other departments. “In the future, it won’t just be security that’s asking for a video upgrade,” he said. “It’s going to be other parts of the business saying, ‘We want a piece of the pie too.’ Because surveillance is more than just investigating a fraud or robbery incident. Now, video surveillance is a lot more than that.”
Saudi Arabia’s National Commercial Bank (NCB) is using IDIS technology for one of the biggest financial surveillance system upgrades ever seen in the region, involving at least 1000 NVRs and over 2500 IP cameras. The bank, which serves over 5.4 million customers and is the second largest in the Arab world, chose an IDIS solution to modernise its security and comply with the latest standards introduced by the Saudi Arabian Monetary Authority (SAMA) and Ministry of Interior. Analog Infrastructure IDIS, which is the largest manufacturer of surveillance technology in South Korea, confirmed that the project involves an upgrade to full HD IP technology across 400 branches and more than 2580 ATMs, to be completed ahead of the 2021 deadline. Solutions provider Almajal G4S was appointed and following a competitive tender process IDIS technology was identified as performing better NCB, also known as AlAhli Bank, needed NVRs that would provide RAID 1 and RAID 5 support, and a solution that would allow integration of both IP and existing analog infrastructure, and the capability to cost-effectively store video footage for a full year. Solutions provider Almajal G4S was appointed and following a competitive tender process IDIS technology was identified as performing better than alternatives in detailed and rigorous proof-of-concept testing. High Level Protection The IDIS solution operational benefits at the installation stage as well as in daily operations over the lifetime of the system. “Keys advantages for NCB in choosing an IDIS solution is the technology’s robustness, its resilience against data loss, and high level protection against cyber threats. Using IDIS technology is also ensuring a frictionless migration from existing analog,” says Ahmad Said, ESS Director at Almajal G4S. Thanks to its hybrid capability, IDIS technology allows analog and IP cameras to be used together, making the upgrade project easily manageable, with a seamless, staged switch-over. For this mission-critical project, IDIS’s Linux based servers and proprietory protocols also offered the highest level of resistance to hacking, while zero-configuration elminates the need to manage IP addresses for every device, all of which gave NCB the network security assurances they were looking for. Allow Efficient Maintenance NCB and the associated IDIS solution will be the first to achieve full compliance with the new SAMA standards An important consideration for NCB was IDIS Intelligent Codec which, together with dual H.264/H.265 performance, delivers up to 90% reduction in bandwidth and storage. This gives the bank significant, on-going savings allowing compliance with video data storage rules. It also speeds up recording retrieval and helps to make NCB’s new security system easier and more economical to run, says Harry Kwon, General Manager, IDIS Middle East and Africa. “With the upgrade already proving its value the bank’s central monitoring teams now work more efficiently, with their system providing event forwarding, acknowledgements, notifications and live pop-ups.” Providing the lowest total cost of ownership, the IDIS solution will allow efficient maintenance and simultaneous remote upgrades for multiple devices and gives NCB the assurance of IDIS Ultimate Warranty. The project is due for completion in 2019, NCB and the associated IDIS solution will be the first to achieve full compliance with the new SAMA standards.
MOBOTIX has announced a raised focus on cyber security by implementing the “MOBOTIX Cactus Concept.” The concept aims to deliver a comprehensive approach to protecting MOBOTIX products against the threat of cyber-attacks along with education and tools to help customers and partners build and maintain secure video surveillance and access control environments. Multimedia Cybersecurity Campaign The objective of the Cactus Concept is to implement a multimedia cyber security campaign in order to raise awareness among potential and existing MOBOTIX customers of the importance of data security in network-based video security systems and how organizations can protect themselves through cost-efficient and intelligent solutions.The Cactus Concept protects every element of the design, manufacture and operation of each device End-to-end encryption with no blind spots is required, from the image source via the data cables and the data storage through to the video management system on the user’s computer. Like a cactus, whose every limb is covered in thorns, all of the modules (camera, storage, cables, VMS) in the MOBOTIX system have digital thorns that protect them from unauthorized access. Protecting People, Places And Property “Modern video surveillance and access control technologies help protect people, places and property across the world but they are increasingly targeted by criminals aiming to infiltrate, take-over or disable these vital systems,” says Thomas Lausten, Chief Executive Officer of MOBOTIX. “With the Internet of Things trend adding billions of IP connected devices each year, our industry must lead the way in creating secure platforms that can reduce the risk posed by these damaging attacks.”MOBOTIX uses the services of SySS, a third-party security-testing company that examines the security of both software and hardware elements As an important company within digital video surveillance, MOBOTIX believes in its “Cactus Concept” that protects every element of the design, manufacture and operation of each device along with end-to-end encryption across the entire usage and management cycle. SySS Third Party Security Testing To ensure the highest levels of security, MOBOTIX uses the services of SySS, a highly-regarded and independent third-party security-testing company that examines the security of both software and hardware elements. SySS customers include Basler Versicherungen, Bundeswehr, CreditPlus Bank AG, Daimler, Deutsche Bank, Deutsche Flugsicherung, Festo, Hewlett Packard, Innenministerium/LKA Niedersachsen, SAP, Schaeffler, Schufa, T-Systems and Union Investment. Sebastian Schreiber, SySS CEO said: “MOBOTIX has a contract with us to provide further penetration testing of its technology elements. The initial platform testing on a current camera model revealed very positive results and we will continue security testing as an ongoing process.” “Cyber security has been and will continue to be a core focus for MOBOTIX,” adds Lausten, “and we look forward to working with our peers in the industry, customers and government agencies to protect the very technologies and systems that help make society safer for all.”
March Networks, a global provider of video security and video-based business intelligence, is pleased to announce that one of Qatar’s top banks is deploying the company’s business intelligence software and integrated analytics to improve customer service and operations. The customer is one of six Qatari financial institutions currently using March Networks systems for advanced video surveillance and fraud prevention. The bank is already using an end-to-end March Networks video recording and management solution in all of its Qatari retail banking branches, hundreds of ATMs, and multiple corporate facilities. It is expanding that solution with Searchlight for Banking software to deliver an enhanced customer experience and strengthen its fraud investigation capabilities. Detecting Suspicious Transactions The software helps banks evaluate and improve customer service using dwell time, queue length and people counting analyticsMarch Networks Searchlight for Banking combines surveillance video with ATM/teller transaction data and analytics to deliver powerful fraud-fighting tools, such as the ability to rapidly detect suspicious transactions and potential cases of ATM skimming. The software also helps banks evaluate and improve customer service using dwell time, queue length and people counting analytics. The bank started using March Networks several years ago to ensure compliance with CCTV legislation first introduced by the Qatari Ministry of Interior (MOI) in 2011. The law mandates that all banks equip their locations with IP video surveillance, record at a minimum 3-megapixel resolution and 20 frames per second, and ensure 120 days of video storage. The bank, which was using an analog video surveillance system at the time, needed an enterprise-class video solution that could meet the MOI regulation. It was also looking for a solution that offered remote video management, system health monitoring, and the ability to scale easily to accommodate future growth. Command Enterprise Video Management Software March Networks products have proven highly reliable and are able to meet the parameters set by the Qatar Ministry of Interior regulations"When the project went to tender, only the March Networks solution performed to all of the bank’s criteria, said its group safety and security manager. “With the March Networks system, we are able to fully comply with the law. The usability and health monitoring features of the Command Enterprise video management software are also excellent, enabling us to investigate and resolve potential system issues before they become critical.” According to ISC Group Gulf, a systems integrator in Qatar with a specialized focus and expertise in the banking sector, the March Networks solution is the best choice for banks in the region. “March Networks products have proven highly reliable and are able to meet – and often exceed – the parameters set by the Qatar Ministry of Interior regulations, as our organization has seen in our work with most of the country’s major financial brands,” said Cristian Ivan Nicolae, Project Manager, ISC Group Gulf. CCTV Products For Banking Environments We are fortunate to be working with ISC Group Gulf, a systems integrator with a deep understanding of the video requirements of Qatari banks"“In addition, March Networks offers the sole CCTV products in Qatar purpose-built for banking environments, which means you are getting a secure, highly-professional solution that is easy to scale in complexity.” “We are proud of our long-standing partnership with this Qatari bank. It is a leader in the use of innovative video technologies, and clearly understands the value intelligent video offers to its organization,” said Trevor Sinden, Director, Middle East and Africa Sales, March Networks. “We are also fortunate to be working with ISC Group Gulf, a systems integrator with a deep understanding of the video requirements of Qatari banks.” March Networks will showcase its security and business intelligence solution for banks, as well as its complete enterprise video portfolio, in Stand S1-J42 at Intersec 2019, January 20-22 in Dubai, UAE.
Round table discussion
There’s a huge cloud hanging over the physical security market, but in a good way. Cloud-based systems, whether for video, access control or another category, are on the verge of taking the industry by storm. The benefits of that mythical “cloud” are well-known, or certainly well-touted, in the market. It’s almost as if the word “cloud” has become a buzzword that can mean different things, or at least whatever the customer wants it to mean (as long as they buy!). We asked this week’s Expert Panel Roundtable to define the term more specifically, and to comment on the industry’s understanding of the terminology. Specifically, we asked: Define what we mean by “the cloud.” Is the definition universally understood in the market?
One of the things all security systems have in common is that they depend on human operators, to one extent or another. But how often is the human factor overlooked in product design? Sometimes, more focus is aimed at increasing the functionality of a system, even at the expense of usability. That’s how we get systems that have more capabilities, although accessing that functionality may be hopelessly complex. Creating effective graphical user interfaces (GUIs) is an ongoing challenge for the security market, and the consumer market, with its iPads and smart phones, has raised the expectations bar. We asked this week’s Expert Panel Roundtable: What elements are required to make an effective video system user interface?
One of the benefits of newer IP systems is the ability to store video inside the camera or in a nearby digital video recorder (DVR) at the edge of the network. Edge-based storage is unlikely to take the place of centralized storage, but it is complementary and provides some interesting new options related to system design. We asked this week’s Expert Panel Roundtable: What is the value of edge-based storage and in what specific applications?