It’s the first quarter of a New Year and businesses are already busy reviewing budgets for ways to save money. One line item that can impact business the most – loss. Employee theft alone is a crime that costs U.S. businesses $50 billion annually*, according to Statistic Brain. So if you aren’t sure who is keeping watch over your property and assets, and how they reduce preventable loss, it might be time for a security audit. According to GuardOne, the security patrol and remo...
March Networks, a global video security and video-based business intelligence solutions provider, is pleased to announce that one of Qatar’s top banks is deploying the company’s business intelligence software and integrated analytics to improve customer service and operations. The customer is one of six Qatari financial institutions currently using March Networks systems for advanced video surveillance and fraud prevention. March Networks will showcase its security and busines...
In the age of massive data breaches, phishing attacks and password hacks, user credentials are increasingly unsafe. So how can organizations secure accounts without making life more difficult for users? Marc Vanmaele, CEO of TrustBuilder, explains. User credentials give us a sense of security. Users select their password, it's personal and memorable to them, and it's likely that it includes special characters and numbers for added security. Sadly, this sense is most likely false. If it's anythi...
The Middle East is proving to be a hot bed of business for global suppliers of security, safety, and fire protection, with the world’s top industry players all set to converge at Intersec 2019 in Dubai to drive more double digit growth. From video surveillance technologies with Artificial Intelligence and deep learning capabilities, to cloud-based access control solutions and flame retardant protective clothing, Intersec 2019 will shine the spotlight on game changing solutions solving cha...
Identiv, Inc., a global provider of physical security and secure identification, has secured new agreements with two major customers in the banking vertical. The first new agreement is a three-year software and services agreement with an existing customer that has been using Identiv’s 3VR video and analytics solution for bank branch security, fraud detection and ATM skimming prevention. Expanding Recurring Revenue Base This top 5 U.S. bank customer has contracted with Identiv to provide...
Timely and important issues in the security marketplace dominated our list of most-clicked-upon articles in 2018. Looking back at the top articles of the year provides a decent summary of how our industry evolved this year, and even offers clues to where we’re headed in 2019. In the world of digital publishing, it’s easy to know what content resonates with the security market: Our readers tell us with their actions; i.e., where they click. Let’s look back at the Top 10 article...
Pulse Secure, the provider of secure access solutions to both enterprises and service providers, announced a Technical Alliance Partnership with BNTPRO to jointly sell and support a solution that offers SecTrail, an Identity Control and Management Platform developed by BNTPRO, as part of an integrated solution with Pulse Secure Connect Secure VPN appliances. The agreement will ensure that joint customers benefit from seamless compatibility, enhanced features and simplified support and upgrades. The SecTrail suite includes a One-Time-Password (OTP) and Two-Factor-Authentication (2FA) solution with support for mobile devices, sending single use passwords by SMS and email along with captcha support. In addition, the SecTrail HotSpot module provides ID verification necessary for wired and wireless network guest access with full audit trail to comply with Turkish legal requirements under Law #5651. Most Widely Used OTP And 2FA Solution SecTrail is the most widely used OTP and 2FA solution across Turkey and our customers include the 40 largest banks and financial institutions"“SecTrail is the most widely used OTP and 2FA solution across Turkey and our customers include the 40 largest banks and financial institutions along with other regional customers,” explains Kenan Bilgiç, corporate communications and marketing specialist for BNTPRO. BNTPRO, a Pulse Secure Premier partner and winner of support partner of the year in 2017, has built a reputation across Turkey for its technical expertise and deep understanding of security best practice. Local customers include HSBC, Finansbank, Borusan Telekom, Turkcell and IBM amongst a growing list of national and international clients. “We have worked closely, first with Juniper Networks, and then Pulse Secure for over a decade and are now the single largest partner for Pulse Secure across Turkey,” says Bilgiç. “With this new Technical Alliance Partnership, we strengthen our relationship so our development teams can work closely together to deliver the highest levels of compatibility between our products, ensuring security and ongoing support for customers of our jointly marketed solution.” Authentication Support For SAML 2.0 Pulse Connect Secure is available as both hardware and virtualized appliances and includes key features such as clientless accessPulse Secure Connect Secure is a pioneer in the VPN space and is used by 40 of the Fortune 50 companies with over 18 million endpoints secured. Pulse Connect Secure is available as both hardware and virtualized appliances and includes key features such as clientless access, group policy for seamless integration with directory services and strong authentication support for SAML 2.0, PKI, IAM and digital certificates. “Pulse Secure and BNTPRO have enjoyed a successful long-term relationship along with many joint customers across the region,” says Paul Donovan, VP EMEA for Pulse Secure. “At a technical level, we continue to jointly test and certify our products with each other and there is constant communication between our respective developers to ensure that our combined solutions provide the reliability and features that our customers expect. With this new agreement, we will ensure that this partnership continues to grow to serve Turkey and new customers across the region.” Pulse Secure and BNTPRO will be running several joint marketing initiatives including events and seminars during Q1 of 2019 to educate customers about the benefits of the combined solution.
Created more than 20 years ago, the French firm COSSILYS21 offers intelligent video-protection solutions. It equips major national banks, numerous regional banks, as well as shops. The COSSILYS21 firm is nowadays a reference in the banking sector. COSSILYS21 and FOXSTREAM have established a strong partnership for several years. When Mister Alain Ghaye, CEO and main shareholder of COSSILYS21, decided to hand over its firm to retire, the idea of bringing closer the two firms naturally made its way. This project was carried out in cooperation with the Managing Director of COSSILYS21, Mister François Bureau, entirely associated in this take-over project. Dealing With Technological Challenges The skills of these two teams represent a powerful asset to deal with tomorrow’s technological challenges, the Cloud, deep learning, cybersecurity"“COSSILYS21 offers a know-how in video manipulation and in the management of server farms. Their offer is strongly complementary to FOXSTREAM’s offer, as our know-how is oriented towards video analysis,” states Jean-Baptiste Ducatez, FOXSTREAM’s CEO. “The skills of these two teams represent a powerful asset to deal with tomorrow’s technological challenges in our market, the Cloud, deep learning, cybersecurity... It is a beautiful human adventure that begins.” “It is a strategic and industrial alliance of two growing companies, both recognized in their sectors,” adds François Bureau, Managing Director of COSSILYS21. “The synergy of both our technologies and our skills will allow our two firms to enhance our clients’ satisfaction. Starting 2019, an ambitious investment plan will reinforce our innovation capacities.” After the purchase of the firm BLUE EYE VIDEO at the end of 2014, FOXSTREAM now acquires COSSILYS21 and confirms its ambition to be a leading actor, strongly present in cutting-edge technologies, on the French and international security and flow management markets.
Genetec Inc., a technology provider of unified security, public safety, operations, and business intelligence solutions announced a new line of off-the-shelf analytics appliances within its Streamvault portfolio. Designed to analyze more camera streams per unit than traditional security appliances, the new devices come pre-loaded with Genetec Security Center and unified analytics modules, reducing the cost and time required to deploy video analytics in new and existing systems. Available immediately through Genetec certified distribution and channel partners, the new Streamvault analytics appliances come in two versions: Model SVA-100, a compact unit ideally suited for retail and banking customers who are looking to anonymize patron/clients identities in service environments, and model SVA-1000E, a rackmount unit designed for customers with high camera counts looking to automate the detection of potential threats or monitor large public spaces while respecting individual privacy. KiwiVision Privacy Protector The new appliances include KiwiVision Intrusion Detector, which detects individuals and objects in sensitive areasTo protect the privacy of people in public spaces, both models come pre-loaded with KiwiVision Privacy Protector, a real-time video anonymization module that dynamically pixelates individuals within a camera’s field of view. This also maintains an operator’s ability to monitor actions, something that is impossible with static masking. The new appliances also include KiwiVision Intrusion Detector, which detects individuals and objects in sensitive areas, reducing reliance on visual monitoring and helping operators detect threats faster. Specifying a server for video analytics can quickly become a complex process; scene activity, composition, and lighting directly impact how many streams can be analyzed by an appliance or a server. Previously, system integrators had to design servers themselves, test performance, and assume any risk associated with underspecifying a solution. Genetec Streamvault analytics appliances remove the uncertainties that come with deploying video analytics on a new or existing system and reduce the cost-per-video stream analyzed by optimizing appliance components. Not Compromising Video Monitoring The Streamvault SVA-100 and SVA-1000E are designed to handle more streams than a typical video server with an analytics add-onThe Streamvault SVA-100 and SVA-1000E are designed to handle more streams than a typical video server with an analytics add-on. In the latter scenario, the server is not streamlined for analytics processing, but rather for video archiving. The new analytics appliance can be deployed alongside existing servers, ensuring surges in analytics activity do not compromise video monitoring or archiving operations. Once analyzed, video and analytics data are then directed to other products in the Streamvault family. “Traditional servers are not adapted to video analytics requirements. When analytics add-ons are installed, they are limited in the number of streams they can analyze and require extensive customization and configuration before deployment, resulting in higher equipment costs,” said David Grey, Streamvault Product Line Manager. “Streamvault analytics appliances are designed to complement them, allowing each device to focus on tasks they are best suited for. This allows us to deliver a more cost-effective, turnkey solution and decrease the total number of appliances needed for a project,” added Grey.
LifeSafety Power Inc., global manufacturer and creator of a new category of intelligent power solutions, brings critical resiliency, redundancy and networking capabilities with the release of Helix Armour. Designed for seamless failover protection with automatic backup switchover of AC or DC circuitry to reduce the risk of system downtime or outage, Helix Armour sets a bold new standard in reliability and network power management for mission critical physical security and life safety applications. Helix Armour Helix Armour minimizes the risk of failures that could compromise system integrity by providing both AC and DC redundancy Helix Armour minimizes the risk of failures that could compromise system integrity by providing both AC and DC redundancy in the event of problems with the power supply or incoming AC power. Featuring network management, it provides predictive network reporting that optimizes and maintains the highest levels of performance and connectivity to critical applications and devices. Standout Features Of Helix Armour Include: Monitors separate AC branch circuits reporting trouble with a primary branch immediately and instantly transferring power to backup for uninterrupted system operations in critical access control or security systems, as well as banking, gaming, pharmaceutical, Sensitive Compartmented Information Facility (SCIF) and data room servers. Redundant and mirrored power supplies also monitor and report DC integrity. In the event of a power system failure, the solution transfers to the secondary power supply without dropouts or voltage spikes. With LifeSafety Power’s patented NetLink networking technology at its core, Helix Armour detects and reports system wide anomalies or power trouble across the enterprise so critical infrastructures stay properly secured. With multiple Underwriters Laboratories listings and certifications, Helix architecture is especially designed for mission critical applications in government, finance, medical and high-tech industry vertical markets. Network Power Management Helix Armour brings the highest levels of redundancy, reliability and networking management to power services" “Helix Armour brings the highest levels of redundancy, reliability and networking management to power services across even the most highly regulated and mission critical enterprises,” said Guang Liu, Co-Founder and Chief Technology Officer of LifeSafety Power. He adds, “The ability to provide both AC and DC redundancy, in a proactive, real-time manner and with zero latency and automatic switchover in the event of a power anomaly establishes Helix Armour as a true total assurance solution for end-users in the most challenging markets and environments.” Helix Armour is part of LifeSafety Power’s expanding patented, modularly designed technologies made in the USA and is available in wall or rack mount configurations.
ADT Inc., a provider of security and automation solutions for homes and businesses, announced Digital Security by ADT, a new cybersecurity service that will offer peace of mind at home and on-the-go by helping protect a customer’s personal identity, digital data, home network and financial information. Identity Protection will be exclusively available on ADT’s enhanced e-Commerce platform, providing convenience and clarity for customers to shop for their security needs when and how they want. Cyber Threat Prevention “Since ADT began in 1874, our mission has been to help keep families and homes safe,” said Jim DeVries, current President and incoming Chief Executive Officer of ADT. “With online threats occurring more often than ever before, our mission evolved to not only help protect the premises, but also people on the go and their network and digital identity. On average, cyber-attacks are happening every 39 seconds, and Digital Security by ADT is an opportunity to extend the breadth and scale of our security monitoring to our customers’ personally identifiable information and network.” Digital Security by ADT provides cybersecurity options for every consumerWith nearly eight in ten people experiencing, or knowing someone who has experienced, cybercrime, digital protection has never been more important. Digital Security by ADT provides cybersecurity options for every consumer, including different levels of identity theft monitoring and protection, a personal secure virtual network (VPN) for easy and secure app-based Wi-Fi privacy outside of the home, and home network security using the secure Wi-Fi router, which can be installed by a trained ADT technician in minutes. Digital Security Services And Products Identity Protection: Provides monitoring and support to help customers minimize their risk of identity theft and loss exposure. In addition to enabling customers to track their credit report activity and score so they can keep tabs on potentially fraudulent use of their credit, the service also includes: change of address notifications, public courts and criminal records monitoring, and 24/7 fraud incident resolution with up to one million dollars in Identity Theft Expense Reimbursement. Dark Web Defense: This service will help protect customers by continually monitoring the public and private internet, notifying customers of possible suspicious activities associated with their personally identifiable information, including SSN, DOB, Passport, Driver’s License, Medical ID number, credit/debit cards, bank accounts, telephone numbers and email addresses. Once alerted, customers can take proactive steps, such as calling ADT experts available 24/7 to begin fraud incident resolution services. As with all ADT services, Digital Security by ADT is supported by 24/7 live agent support Secure VPN: A powerful, yet easy-to-use, app for Windows, Mac, Android, and iOS devices that helps shield user’s information from cybercriminals attempting to hack into a user’s public Wi-Fi connection and intercept the data being sent to and received from computers or mobile devices. The app also enables anonymous browsing and access to users’ favorite apps and content anywhere they go, as if they were at home. Home Network Protection: Encompasses multiple digital security offerings, including an ADT-installed secure Wi-Fi router that helps protect customers’ home networks and an unlimited number of connected devices from cyber threats, as well as Secure VPN services, Sex Offender monitoring, Dark Web Defense, and 24/7 fraud incident resolution with up to $25k in Identity Theft Expense Reimbursement. 24/7 Security Support As with all ADT services, Digital Security by ADT is supported by 24/7 live agent support. ADT’s comprehensive set of products offer customers peace of mind at home and on the go, helping them stay safe from cybercrime – and instead focus on their families and homes.
Ping Identity, the pioneer in Identity Defined Security, announced findings from its most recent CISO Advisory Council meeting. The Council is aimed at better understanding the challenges and opportunities impacting the modern CISO. Members have access to strategic guidance and support as they develop and grow their enterprise-wide security initiatives. This includes leveraging valuable insights and best practices related to infosecurity, privacy and compliance. Members of the 2018 council represent organizations, including American Red Cross, Cisco Systems, Allegiant Travel Co., BlueCross BlueShield of Tennessee, PowerSchool, GCI, Cvent, Gates Corporation, Vertafore Inc., CoBank, and Greenway Health. These companies span industries including healthcare, banking, travel and leisure, fashion, technology, consulting, education and construction. Our customers are the catalysts of change in the creation of products and services at Ping Identity, so we take their feedback on innovation seriously" Giving Importance To Customers’ Feedback In addition to providing strategic direction and value to the CISOs of these leading organizations, their contributions are equally important to the development of Ping’s identity security solutions. With a view into the company’s vision, strategy and roadmap, these champions inform on product priorities, go-to-market strategies and advocate for the modern enterprise. “Our customers are the catalysts of change in the creation of products and services at Ping Identity, so we take their feedback on innovation seriously,” said Andre Durand, CEO of Ping Identity. “These CISOs from leading organizations view identity as a strategic imperative for succeeding as a digital company. Our priority is to help ensure our offerings continue to align with customer objectives, providing them with the business advantage they need to succeed.”
There’s no denying that cyber-crime is one of the biggest threats facing any organization with the devastating results they can cause painfully explicit. Highly publicized cases stretching from the US government to digital giant Facebook has made tackling cyber security a necessity for all major organizations. The consequences of breaches have just become more severe, with new GDPR rules meaning any security breach, and resultant data loss, could cost your organization a fine of up to four per cent of global revenue or up to 20 million euros. Cyber-crime potentially affects every connected network device. In the biggest cyber-crime to date, hackers stole $1 billion from banks around the world, by gaining access to security systems. It’s more important than ever for organizations to be vigilant when it comes to their cyber security strategy. To help avoid becoming the next victim, I’ve put together a five-point cyber plan to protect your video surveillance system. 1. Elimination Of Default Passwords A small change to a memorable, complex password could have huge consequences for your business It is estimated that over 73,000 security cameras are available to view online right now due to default passwords. ‘Password’ and ‘123456’ are among the top five most popular passwords with a staggering 9,000,000 login details matching this description. Guessable passwords create an unsecure security system which can result in an easy way for hackers to gain access to your organization’s data, making you vulnerable to a breach. A small change to a memorable, complex password could have huge consequences for your business. Removing default passwords from products and software forces individuals to think of their own to keep their data safe. If a password system is not provided by your organization we recommend that your password uses two or more types of characters (letters, numbers, symbols) and it is changed periodically. 2. Encrypted Firmware Encrypting firmware is an important part of any organizations overall security system. Firmware can leave an open door, allowing hackers to access your data. All firmware should be encrypted to reduce the possibilities of it being downloaded from the manufacturers website and deconstructed. If the firmware posted is not encrypted, there is a risk of it being analyzed by persons with malicious intent, vulnerabilities being detected, and attacks being made. With i-PRO cameras and recorders, all firmware is securely encrypted to mitigate analysis There have been cases where a device is attacked by firmware vulnerabilities even if there are no problems with the user's settings, rendering it inoperable, and DDoS attacks being made on other servers via the device. With i-PRO cameras and recorders, all firmware is securely encrypted to mitigate analysis. There is also a possibility of being attracted to spoofing sites by targeted attack email and firmware being updated with a version that includes a virus, so firmware must always be downloaded from the vendor's page. It may also be advantageous to combine this with an imbedded Linux operating system which removes all unused features of the device, it can help to reduce the chances of malicious entities searching for backdoor entities and inserting codes. 3. Removing Vulnerabilities Within The Operating Systems Vulnerability is the name given for a functional behavior of a product or online service that violates an implicit or explicit security policy. Vulnerabilities can occur for a number of reasons for example, due to an omission in logic, coding errors or a process failure. Network attacks exploit vulnerabilities in software coding that maybe unknown to you and the equipment provider. The vulnerability can be exploited by hackers before the vendor becomes aware. You should seek to minimize these issues by looking for a secure operating system which is regularly updated. Panasonic has developed Secure Communications, a platform and package to protect against video tampering, altering, spoofing and snooping As a provider of security solutions, Panasonic is taking a number of steps to ensure its consumers remain safe and secure. We have developed Secure Communications, a platform and package to protect against video tampering, altering, spoofing and snooping. We have combined with a leading provider of highly reliable certificates and technology for detecting and analyzing cyber-attacks with its own in-house embedded cryptography technology, to provide a highly secure and robust protection layer for its embedded surveillance products. 4. Avoiding Remote Login Using Telnet Or FTP Telnet and FTP are a very outdated source of software which as a result means they lack built-in security measures Telnet and FTP are a very outdated source of software which as a result means they lack built-in security measures. File transfer protocol or transfer through cloud-based services means the files and passwords are not encrypted and can therefore be easily intercepted by hackers. An encrypted software removes the risk of files being sent to the wrong person or forwarded on without your knowledge. Telnet predates FTP and as a result is even less secure. Hyper Transfer Protocol Secure is a protocol to make secure communications by HTTP, and it makes HTTP communications on secure connections provided by SSL/TLS protocols. The major benefits of using this system is that HTTPS and VPN encrypt the communications path, so data after communications is decrypted and recorded. If recorded data is leaked, it will be in a state where it can be viewed. With data encryption, however, it remains secure and can even be recoded to storage. Thus, even if the hard drive or SD card is stolen or data on the cloud is leaked, data cannot be viewed. 5. Use Of Digital Certificates Private and public keys are generated at manufacture in the factory and certificates installed at the factory Digital certificates are intended to safely store the public key and the owner information of the private key it is paired with. It provides assurance that the accredited data from a third party is true and that the data is not falsified. It is beneficial for all data to be encrypted with digital certificates. Digital certificates are far safer when issued by a third party rather than creating a self-signed version unless you are 100 percent sure of the receiver identity. From April 2016, some models of Panasonic series iPro cameras come with preinstalled certificates to reduce the risk of interception and the hassle of having to create one. With i-PRO cameras with Secure function, private and public keys are generated at manufacture in the factory and certificates installed at the factory. As there is no way to obtain the private key from the camera externally, there is no risk of the private key being leaked. Also, certificates are signed by a trusted third party, and the private key used for signing is managed strictly by the authority. In addition, encryption has been cleverly implemented to reduce the usual overhead on the IP stream from 20% to 2%.
Small business owners work hard. They are often the first ones there in the morning and the last to leave at night. Even then, they likely bring their work home with them. During that time, everything they do is aimed at making their business as successful as possible. Because of this, many business owners don’t take vacations, and if they do, they spend a lot of time worrying about their business while they’re away. In both cases, the potential for burnout is tremendously high. The primary concern for these individuals is loss, whether from theft, waste, vandalism or other causes. Depending on the degree of the loss, it can have a devastating effect on small business. Therefore, professional security solutions must be top of mind for these businesses. Small business owners can take advantage of advanced technology that can help them work smarter, not harder Video Surveillance For Small Businesses One technology that can address loss, the feeling of helplessness that comes from not being on site and more is video surveillance. Sadly, it’s not always on the radar for small business owners, many of whom think video surveillance is very expensive and out of reach. But that couldn’t be farther from the truth. There are high-quality, relatively inexpensive solutions that don’t require much, if any, configuration, allowing an installer to place cameras, run cable, plug cameras into the recorder and use software to get end users up to speed on remote access. Best of all, almost all of these solutions come with a mobile app or other means of accessing video—both live and recorded—remotely from a smartphone or tablet. In a world where our phones have become our lifeline to a lot of information, including email, banking, inventory management and more, a security system simply has to provide this type of access. Given the availability of cost-effective video surveillance solutions and their ease of use, small business owners can take advantage of advanced technology that can help them work smarter, not harder in a few key areas. Video surveillance solutions come with a mobile app for accessing video remotely from a smartphone or tablet Efficient Incident Monitoring Having a high-quality video surveillance system with proper coverage means that any time an incident or loss occurs, a small business owner can go back and find it on the video and identify exactly what happened. For example, if something goes missing from a retail store, reviewing the video will reveal exactly what happened, when it happened, how it happened and—depending on lighting, camera resolution and field of view—possibly who took it. Video systems can also be valuable from a liability perspective. Slip-and-fall claims are not uncommon, but in many cases they turn out to be false. Thankfully, cameras can provide video that will support or refute a claim. Without video, such incidents could be costly for small businesses. A simple review of recorded videos will solve any mystery and eliminate the potential for a long argument with no evidence Video Recording For Incident Verification Another example would be a customer who claims they were shorted on the change they received from a cashier. Rather than taking the time to count the money in the drawer and reconcile that with receipts, a small business owner could simply review video from a camera placed above the point of sale to determine if the customer’s claim is correct or if they may have been mistaken. This feature can also help alleviate or avoid a potentially awkward or difficult situation when there’s a difference of opinion with a supplier. Say for instance a delivery driver claims he or she brought three cases of product to the back door, but there are only two cases in the stockroom. A simple review of the video that’s been recorded will solve the mystery once and for all and eliminate the potential for a long, drawn-out argument with no evidence one way or the other. Smartphones For Remote Monitoring It’s natural for small business owners to feel stressed when they’re not at their physical location. After all, they’re the ones who have invested in the business and are responsible for making sure it runs smoothly and profitably from day to day. For small business owners with surveillance systems, vacations can become not only a reality but also the relaxing time they are supposed to be. For small business owners with surveillance systems, vacations can become not only a reality but also the relaxing time Rather than sitting on a beach and worrying about whether the store opened on time or if employees are doing what they’re supposed to be doing, an owner can pull out his or her smartphone, log in to remotely to the video system and know for sure. That peace of mind is invaluable for small business owners. This is also helpful for business owners with multiple locations. Because no one can be in two—or more—places at once, a video surveillance system can provide eyes and in some cases ears at a location, which can be accessed at the click of a button. Video Surveillance For Training For a small business, it’s imperative that employees follow established policies and that staffing levels are maintained at the most efficient level possible. These are two other areas where video surveillance can help. If a small business owner sees that something isn’t being done properly, whether by a single employee or if the problem is more widespread, he or she can use video for training purposes. They can sit down with the employee or employees to review the video and explain the proper policies and procedures. Conversely, video can be used to demonstrate proper techniques or even to recognize employees for a job well done. From a staffing standpoint, reviewing video could reveal unexpectedly busy or down times Maintaining Staffing Levels From a staffing standpoint, reviewing video could reveal unexpectedly busy or down times. A business owner can review video from 3 p.m. on a Saturday to see how many customers are in a location and determine the ratio of employees to customers. Looking at a variety of times over a period of weeks or months could help determine optimal staffing levels, which may lead to the decision to increase staffing on Saturday afternoons when a store is busy. This will help improve customer experience and potentially increase sales. Motion Detection For Accurate Access Control Cameras can be deployed with motion-detection sensors to alert business owners when someone enters a certain area, whether during or after business hours. In many cases, detected motion can trigger an alert and/or a video clip to be sent to the business owner’s smartphone so they can review and verify whether something is out of the ordinary. These deployments could be set up to monitor a variety of locations, such as an office, safe, doors and other sensitive areas at all times or just during specific hours. If motion is detected during off hours, the business owner can view video and alert police that an unauthorized individual is at their business. Surveillance videos can be used to demonstrate proper techniques or even to recognise employees for a job well done Cybersecure Video Surveillance Systems From a cybersecurity perspective, manufacturers are constantly releasing firmware updates to protect cameras from malware and/or unauthorized intrusion. Once someone has accessed any device, all systems and devices connected to the same network become vulnerable. Updating these devices tends to be an afterthought for small business owners, who may either forget or simply not have the time to do it. So it should come as no surprise that these important updates often go uninstalled. Today’s advanced video systems overcome this obstacle with easy updating, which can be performed by small business owners or installers to ensure constant protection. Other systems are available with auto-updating capabilities, which remove the onus from small business owners completely. Today’s advanced video systems overcome cyberthreats with easy updating Cost-Effective Surveillance Solutions These are just a few of the many benefits video surveillance systems offer small business owners. What’s important to note is that for each to be successful requires having to have the right camera for the right environment. For instance, a camera positioned at the back door of a business has to have wide dynamic range to deal with changing light levels throughout the day. A camera used to monitor transactions must offer high enough resolution to identify bill denominations. Today’s solutions are cost-effective, easy to use and offer the flexibility to monitor operations from anywhere at any time – giving small business owners the power to work smarter, not harder to grow their bottom line.
Organizations across the world face a new risk paradigm: one that encompasses cyber and physical threats. We’ve heard the stories associated with ATM skimming, identity theft, data breaches, scams, and phishing. Large financial services organizations are often the victim of hackers looking to steal corporate information and transactional data or funds, and criminals continue to become more sophisticated in their approach. Growth In Cyber-Attacks Additionally, cyber-threats have taken a front seat in the line-up of primary risks facing financial institutions today. And it is no surprise why: according to Cybersecurity Ventures, the amount of money taken in cyber heists, both in banking and elsewhere, was estimated at $3 trillion overall for 2015, and this substantial amount is expected to double by 2021. Cyber-attacks are becoming more prevalent, more complex and harder to address The fact that cyber-attacks are becoming more prevalent isn't the only issue; they're also becoming more complex and therefore harder to address. And although the convenient interconnectivity of the Internet of Things (IoT) creates many advantages for financial institutions, with that also comes an increased risk to dangerous threats. In today’s environment, banks, credit unions, and financial organizations of all types are primary targets for hackers. But it’s not just the monetary loss that these businesses need to be concerned about — there is also a threat to the brand, customer trust, and employee safety. All of these challenges and complexities open the door to new conversations and risks. Here are the top five critical questions today’s bank leaders need to be ready to answer. Should We Collaborate To Mitigate These Threats Effectively? Over the last decade, the emergence of the Internet of Things (IoT) and a demand for more mobile capabilities has changed the way people and businesses connect. But as the need for connectivity increases, so too does the need for increased security for physical assets, networks, and valuable corporate data. As a result, a dialog between IT and physical security is necessary to help leaders gain a greater knowledge of how to best collaborate to ensure complete protection. Leaders must communicate closely to drive strategies that help identify vulnerabilities in a more proactive manner. The result of these conversations: a truly comprehensive approach to security intelligence. It’s not just the monetary loss that banks need to be concerned about – there is also a threat to customer trust and employee safety How Can I Pinpoint The Important Data For Addressing Cyber Threats? To maintain a high level of security and ensure business continuity around the globe, companies seek solutions that help predict and identify threats in real time. But often, there are too many alerts generated by too many systems, and none of this raw data is actionable. Linking cyber and physical security together transforms alerts into actionable intelligence, which helps users connect the pieces of any situation and present a unified risk scenario to the appropriate analysts and operators. By capturing and analyzing data in real time, enterprise organizations gain a visual representation of risks across the business while accessing information related to the most critical events happening at any given time. Not only does this unified process enable a higher and more proactive level of protection, but it also helps facilitate a plan of action based within a common, unified security operations center. How Can I Inform Of The Importance Of Cybersecurity? Security leaders in banks need to feel prepared by staying updated, looking at common vulnerabilities, understanding the malware and challenges, and testing the environment. And collaboration is key to mitigation: Traditional security and fraud teams must work in conjunction with cyber teams to effectively handle all aspects of a cyber-attack. Additionally, CISOs need to “sell” cybersecurity to CEOs and the board by outlining the importance of protection through emphasising the impact of a potential cyber-attack on the business. Ensure you can verbally address the most critical risks to your senior leadership, including recent botnets, scams, and cyber gangs, to receive the support, and budget you need to address these threats head on. Is My System Secure? It is critical that you are knowledgeable about the steps you can take to protect your security and network infrastructure from cyber-attacks. A firewall is useful to prevent hackers from accessing critical data on internal networks and computers Changing default passwords should be a first step, as some scams target devices with hard-coded factory defaults. Ensure software and firmware is up to date because updates often include fixes for potential vulnerabilities. These updates keep your devices and network more secure and increase overall system uptime. A firewall is useful to prevent hackers and unauthorized programs from accessing the critical business information and resources on internal networks and computers. Also, minimize potential risk by closing network ports and disabling services you don’t need. With all of these instances, it is best to work closely with your integrator partner and chosen vendor to ensure that your system is as secure as it can possibly be. What Solutions Are Best To Help Mitigate Risks? Technology is a great force multiplier. Security — both cyber and physical solutions — helps secure an entire branch footprint, alleviates risk, ensures operational compliance, and improves fraud investigations. Video surveillance systems, analytics, threat management platforms and more can provide organizations with intelligence and unprecedented protection from fraud, all while enhancing the customer experience. Overall, there are significant benefits to collaborating to gain comprehensive risk intelligence. By bringing various leaders, departments, technologies and strategies together, we can more effectively identify threats, develop trends and quickly access important data to ensure security and safety goals are realized.
Cybersecurity talk currently dominates many events in the physical security industry. And it’s about time, given that we are all playing catch-up in a scary cybersecurity environment where threats are constant and constantly evolving. I heard an interesting discussion about cybersecurity recently among consultants attending MercTech4, a conference in Miami hosted by Mercury Security and its OEM partners. The broad-ranging discussion touched on multiple aspects of cybersecurity, including the various roles of end user IT departments, consultants, and integrators. Factors such as training, standardisation and pricing were also addressed as they relate to cybersecurity. Following are some edited excerpts from that discussion. The Role Of The IT Department Pierre Bourgeix of ESI Convergent: Most enterprises usually have the information technology (IT) department at the table [for physical security discussions], and cybersecurity is a component of IT. The main concern for them is how any security product will impact the network environment. The first thing they will say, is “we have to ensure that there is network segmentation to prevent any potential viruses or threats or breaches from coming in.” The main concern for IT departments is how any security product will impact the network environment” They want to make sure that any devices in the environment are secure. Segmentation is good, but it isn’t an end-all. There is no buffer that can be created; these air gaps don’t exist. Cyber is involved in a defensive matter, in terms of what they have to do to protect that environment. IT is more worried about the infrastructure. The Role Of Consultants And Specifiers Phil Santore of DVS, division of Ross & Baruzzini: As consultants and engineers, we work with some major banks. They tell us if you bring a new product to the table, it will take two to three months before they will onboard the product, because they will run it through [cybersecurity testing] in their own IT departments. If it’s a large bank, they have an IT team, and there will never be anything we [as consultants] can tell them that they don’t already know. But we all have clients that are not large; they’re museums, or small corporations, or mom-and-pop shops. They may not be as vulnerable from the international threat, but there are still local things they have to be concerned about. It falls on us as consultants to let them know what their problems are. Their IT departments may not be that savvy. We need to at least make them aware and start there. Wael Lahoud of Goldmark Security Consulting: We are seeing more and more organisations having cybersecurity programs in place, at different maturity levels. At the procurement stage, we as consultants must select and specify products that have technology to enable cybersecurity, and not choose products that are outdated or incompatible with cybersecurity controls. We also see, from an access control perspective, a need to address weaknesses in databases. Specifying and having integrators that can harden the databases, not just the network itself, can help. The impact of physical security products on the network environment was a dominant topic at the MercTech4 consultants roundtable discussion The Need For Standards On Cybersecurity Jim Elder of Secured Design: I’d like to know what standards we as specifiers can invoke that will help us ensure that the integrator of record has the credentials, knows what standards apply, and knows how to make sure those standards are maintained in the system. I’m a generalist, and cybersecurity scares the hell out of me.We’re not just talking about access to cameras, we are talking about access to the corporate network and all the bad things that can happen with that. My emphasis would be on standards and compliance with standards in the equipment and technology that is used, and the way it is put in. It can be easier for me, looking at some key points, to be able to determine if the system has been installed in accordance. We are seeing more and more organizations having cybersecurity programs in place, at different maturity levels"I’m taking the position of the enforcement officer, rather than the dictator. It would be much better if there were focused standards that I could put into the specification— I know there are some – that would dictate the processes, not just of manufacturing, but of installation of the product, and the tests you should run accordingly. Pierre Bourgeix: With the Security Industry Association (SIA), we are working right now on a standard that includes analyzed scoring on the IT and physical side to identify a technology score, a compliance score, a methodology, and best-of-breed recommendation. Vendor validation would be used to ensure they follow the same process. We have created the model, and we will see what we can do to make it work. Terry Robinette of Sextant: If a standard can be written and it’s a reasonable process, I like the idea of the equipment meeting some standardized format or be able to show that it can withstand the same type of cyber-attack a network switch can withstand. We may not be reinventing the wheel. IT is the most standardized industry you will ever see, and security is the least standardized. But they’re merging. And that will drive standardization. Jim Elder: I look to Underwriters Laboratory (UL) for a lot of standards. Does the product get that label? I am interested in being able to look at a box on the wall and say, “That meets the standard.” Or some kind of list with check-boxes; if all the boxes are checked I can walk out and know I have good cybersecurity threat management.IT is the most standardised industry you will ever see, and security is the least standardised" The Role Of Training Phil Santore: Before you do any cybersecurity training, you would need to set the level of cybersecurity you are trying to achieve. There are multiple levels from zero to a completely closed network. Wael Lahoud: From an integrator’s perspective, cybersecurity training by the manufacturer of product features would be the place to start – understanding how to partner the database, and the encryption features. We see integrators that know these features are available – they tick the boxes – but they don’t understand what they mean. Cybersecurity is a complex topic, and the risk aspects and maturity levels vary by organization. That would be a good starting point. The Role Of Integrators Wael Lahoud: Integrators like convenience; less time means more money. So, we see some integrators cut corners. I think it is our role (as consultants) to make sure corners are not cut. If you rely solely on integrators, it will always be the weak password, the bypass. We have seen it from small projects to large government installations. It’s the same again and again. Even having an internal standard within an organization, there may be no one overseeing that and double-checking. Tools will help, but we are not there at this point. I will leave it up to manufacturers to provide the tools to make it easy for consultants to check, and easier for integrators to use the controls. Cybersecurity is a complex topic, and the risk aspects and maturity levels vary by organization - so training is very important The Impact of Pricing Pierre Bourgeix: The race to the cheapest price is a big problem. We have well-intended designs and assessments that define best-of-breed and evaluate what would be necessary to do what the client needs. But once we get to the final point of that being implemented, the customer typically goes to the lowest price – the lowest bidder. That’s the biggest issue. You get what you pay for at the end of the day. With standards, we are trying to get to the point that people realise that not all products are made the same, not all integrators do the same work. We hope that through education of the end user, they can realise that if they change the design, they have to accept the liability.It’s not just the product that’s the weakest link, it’s the whole process from design to securing that product and launching it" The big picture Wael Lahoud: The Windows platform has a lot of vulnerabilities, but we’re still using it, even in banks. So, it’s not just the product that’s the weakest link, it’s the whole process from design to securing that product and launching it. That’s where the cybersecurity program comes into play. There are many vulnerable products in the market, and it’s up to professionals to properly secure these products and to design systems and reduce the risk. Pierre Bourgeix: The access port to get to data is what hackers are looking for. The weakest link is where they go. They want to penetrate through access control to get to databases. The golden ring is the data source, so they can get credentialing, so they can gain access to your active directory, which then gives them permissions to get into your “admin.” Once we get into “admin,” we get to the source of the information. It has nothing to do with gaining access to a door, it has everything to do with data. And that’s happening all the time.
ISC West in Las Vegas kicked off with a bang on Wednesday, reflecting a healthy physical security industry with an overall upbeat outlook on the future. Driving the optimism is a pending new wave of product innovation, propelled largely by developments in artificial intelligence (AI) and deep learning. Some of that new wave is evident at ISC West, but much of the talk still centers on what’s to come. Attendees flocked to the first day of the show to check out the newest technologies, and they were rewarded with a wide range of innovations. Tempering the optimism are ongoing concerns about ensuring the cybersecurity of IP-based physical security systems. Cybersecurity Standards For Physical Security At least one news announcement is related to cybersecurity at the show: Johnson Controls is the first company to achieve UL (Underwriters Laboratories) certification 2900-2-3 for cybersecurity of life safety and security products and systems for their VideoEdge network video recording platform from American Dynamics. The UL brand ensures that the certification involves a standards-based and scientific approach to evaluating cybersecurity, and that JCI’s certified products meet the requirements. “We were able to be first because we understand issues of cybersecurity, and the UL standard matches very closely to what we have been doing in cybersecurity,” says Will Brown, Senior Engineering Manager, Cyber Protection at Johnson Controls. Tempering the optimism are ongoing concerns about ensuring the cybersecurity of IP-based physical security systems Neil Lakomiak, Director of Business Development and Innovation at Underwriters Laboratories, says relatively few companies have invested sufficiently in cybersecurity, and much of UL’s work in the physical security market is to help manufacturers develop a roadmap to meet cybersecurity goals. “A lot of companies have not invested, but Johnson Controls has,” said Lakomiak. He speculated that it could be some time before another security company achieves the certification; there certainly won’t be a rush of additional companies to do so in the near term, based on the progress he has seen to date, says Lakomiak. “Cybersecurity is a topic that has hit the Board of Directors level,” says Lakomiak. “They are definitely inquiring about it and trying to understand what their posture should be. The leadership teams of companies will be asking a lot of questions.” In terms of cyber-consciousness among the integrator community, Brown estimates about 10 percent are “on board” with the issue. Among the manufacturing community, more than half of the companies are pursuing cybersecurity goals, although the levels of those efforts run a full gamut, says Lakomiak. Vertical markets that are especially cyber-aware are enterprise, government, and critical infrastructure. Financial and retail companies are also coming on board, as well as companies — even small companies — in regulated industries such as utilities Cybersecurity is a topic that has hit the Board of Directors level Cybersecurity In The Cloud Another company emphasizing cybersecurity at ISC West is access control company Isonas. “What’s really new at the show for us is that we are being very transparent about the levels of cybersecurity we are applying to our cloud software platform and our IP network hardware,” says Rob Lydic, Isonas Global Vice President of Sales. “The levels of complexity we are putting into our cybersecurity, including the fact that we host our software on Amazon web services, ensures a really high level of security. We are taking painstaking efforts to subject ourselves to third-party penetration testing to give us the visibility of what is going on with our cybersecurity — are we actually as cybersecure as we believe?” The answer: “They have come back to us to say we have an amazing strategy for cybersecurity; the surface that is attackable is minuscule, and the complex layers underneath really prevent anybody from hacking the product.”We are being very transparent about the levels of cybersecurity we are applying to our cloud software platform" Lydic says he sees higher levels of awareness about cybersecurity at the show, especially among end users. Several other exhibitors agree. Because edge devices have often been targeted in cybersecurity attacks, they are especially an area of concern. “We’re raising that conversation, saying we are a cloud service provider that uses edge devices, and it is core to us to make sure we have a great cybersecurity profile, so the customer can be assured we are doing what we say we are doing and delivering on those promises,” says Lydic. Awareness is filtering through channel: Isonas is seeing many customers who want to have that cybersecurity conversation at the show. “We have had probably 20 or 30 conversations with end users at the show who want to understand what it means to be in the cloud, to understand how the level of communication is encrypted between devices,” says Lydic. Many end users at ISC West want to understand what it means to be in the cloud Ambitions For Growth Successful companies often increase their ISC West booth size as a reflection of their ambition to grow as a company and their success in sales so far. One such company is Paxton Access Inc., which has increased its booth size from a 20x40-foot booth last year to a 30x50-foot space this year. Beyond the show, another reflection of Paxton’s growth is addition of personnel to cover 11 U.S. sales territories that have been newly restructured. New regional sales managers will work with dealers locally. At the show, Paxton is introducing its Net2 Entry Premium monitor, the latest addition to the company’s Net2 Entry line of door entry products. “The show is definitely a great way to promote who we are and what we offer,” says Linda Soriano, Paxton Marketing Communications Coordinator. “It’s great to meet new customers and interact with existing customers, to build new relationships. It’s an opportunity to promote the new things we have going on.” Paxton measures success at ISC West in terms of how many people they interact with at the show. In addition to welcoming booth visitors, the company is signing up attendance at free training through a show promotion. Anyone who signs up for training at the show is entered into a drawing for a $500 Visa gift card and a $1,000 discount off MSRP of Paxton products. Tim Shen, Director of Marketing at Dahua Technology USA, one of the larger exhibitors, says the company is emphasising solutions at ISC West, just one element of the successful international business model they are bringing to the United States.With AI and business analytics in transportation and retail markets, we are letting the market know that we can build solutions" Another topic for Dahua is artificial intelligence. “With AI and business analytics in transportation and retail markets, we are letting the market know that we can build solutions,” he says. Dahua sponsored a keynote address Wednesday on AI, including a presentation from Intel about AI trends. “AI is the future, but what can we use it for now?” asks Shen. “We need to give a very clear strategy of what we think about AI.” Dahua will bring AI cameras and an AI network video recorder to the U.S. market in the second quarter; in effect, they will be testing the water to see how well the AI concept is embraced here. Other new products from Dahua include multi-image and thermal cameras. In the thermal category, Dahua has developed their own chipset to help bring the price down and provide affordable thermal cameras to the U.S. market. Another focus will be e-POE (extended Power over Ethernet), which Dahua sees as a big differentiator. [Main photo credit: Abbey Masciarotte | Larry Anderson]
A new crime wave is hitting automated teller machines (ATMs); the common banking appliances are being rigged to spit out their entire cash supplies into a criminal’s waiting hands. The crime is called “ATM jackpotting” and has targeted banking machines located in grocery shops, pharmacies and other locations in Taiwan, Europe, Latin America and, in the last several months, the United States. Rough estimates place the total amount of global losses at up to $60 million. What Is Jackpotting? ATM jackpotting is a combination of a physical crime and a cyberattack. Typically, a criminal with a fake ID enters a grocery shop or pharmacy posing as an ATM technician, then uses a crowbar to open the top of the ATM – the “top hat” – to gain access to the personal computer that operates the machine. If a legitimate customer approaches the machine in the meantime, it can operate as usual until activated otherwise by the malware Once he or she has access to the PC, they remove the hard drive, disable any anti-virus software, install a malware program, replace the hard drive and then reboot the computer. The whole operation takes about 30 seconds. The malware then enables the thief to remotely control the ATM and direct it to dispense all its cash on command. An accomplice – the “mule” – later approaches the ATM to collect the bounty, as the “technician” remotely directs the machine to dispense all its cash. If a legitimate customer approaches the machine in the meantime, it can operate as usual until activated otherwise by the malware. ATMs in supermarkets and pharmacies tend to be targeted because they may not be as well-protected, and store personnel likely would not know who is authorized to work on the ATM. In contrast, anyone approaching an ATM at a bank location would be more likely to be challenged. Emergence Of Criminal Activity The crime first emerged in the United States several months ago, and the U.S. Secret Service, financial institutions and ATM manufacturers have been scrambling to find a solution. Older ATMs are particularly vulnerable. In some cases, financial institutions have not embraced the highest levels of security offered by ATM manufacturers because of costs, and because previously the crime was not common in the U.S. One estimate is that losses north of $10 million have occurred in the U.S. just in the last couple of months. “There are solutions, and then there are ways to get around the solutions,” says Samir Agarwal, Accelerite’s general manager for security. Hackers remove the hard drive, disable any anti-virus software, install a malware program, replace the hard drive and then reboot the computer ATM Protection Technology Accelerite is a Santa Clara, CA, software company that focuses on the digital enterprise, including hybrid cloud infrastructure, endpoint security, Big Data analytics, and the Internet of Things. Accelerite’s solution to the ATM jackpotting problem is built on the company’s Sentient security framework. Accelerite’s approach to ATM jackpotting is to immediately stop the dispensing of cash when any sign of trouble is detected. The system can track alarms, such as when a “top hat” is opened, when a hard disk is removed, if the antivirus software has been tampered with, and so on. The system can send a notification within 20 seconds that the ATM is being hacked and then automatically shut down the machine. If the bad guy reboots the machine, the system can confirm there was a previous alert and shut it down over and over. “We create multiple lines of defense,” says Agarwal. “The criminal would decide it’s not worth his while and walk away.” The consequences of jackpotting impact every level of the industry, including ATM manufacturers and financial institutions Origins Of ATM Jackpotting ATM jackpotting originated back in 2010 when Barnaby Jack, a New Zealand hacker and computer expert, demonstrated how he could exploit two ATMs and make them dispense cash on the stage at the Black Hat computer security conference in Las Vegas. Since then, malware has been created and made available on the “Dark Web” that can instruct an ATM to dispense all its cash on demand. Previously ATM jackpotting attacks have focused on more cost-conscious global markets and those likely to use older-model ATMs with fewer security features. Strong U.S. law enforcement also likely prevented criminals from taking the risk – until now. Attacks in the United States have raised awareness. “There is more cognisance of the possibility of bad things happening,” says Agarwal. “This came out of nowhere and had not happened in the past in the United States. This crime is unlike what you hear about hacks or when data is stolen – there’s just money being stolen.” Best Practices To Prevent An Attack However, the consequences impact every level of the industry, including ATM manufacturers and financial institutions. Also, the supermarket and grocery shops that are targeted face additional security challenges, and even consumers could lose confidence in ATMs if they think their personal information could be at risk. There are best practices that can also prevent an attack. For example, an ATM computer could have a “white list” of approved applications and not allow anything to be installed that is not on the list; for instance, no malware. Another approach is to encrypt the disk drive so that a key or certificate is needed in order to install new software. Agarwal notes that solving the challenge of ATM jackpotting illustrates the need to combine both physical and cybersecurity approaches to protect modern companies. “It’s the reality as we move into a more digital world,” he says. “Physical security at that level will be difficult to protect, and you will be depending more on cyber solutions. It’s the direction the world is moving into.”
Saudi Arabia’s National Commercial Bank (NCB) is using IDIS technology for one of the biggest financial surveillance system upgrades ever seen in the region, involving at least 1000 NVRs and over 2500 IP cameras. The bank, which serves over 5.4 million customers and is the second largest in the Arab world, chose an IDIS solution to modernise its security and comply with the latest standards introduced by the Saudi Arabian Monetary Authority (SAMA) and Ministry of Interior. Analog Infrastructure IDIS, which is the largest manufacturer of surveillance technology in South Korea, confirmed that the project involves an upgrade to full HD IP technology across 400 branches and more than 2580 ATMs, to be completed ahead of the 2021 deadline. Solutions provider Almajal G4S was appointed and following a competitive tender process IDIS technology was identified as performing better NCB, also known as AlAhli Bank, needed NVRs that would provide RAID 1 and RAID 5 support, and a solution that would allow integration of both IP and existing analog infrastructure, and the capability to cost-effectively store video footage for a full year. Solutions provider Almajal G4S was appointed and following a competitive tender process IDIS technology was identified as performing better than alternatives in detailed and rigorous proof-of-concept testing. High Level Protection The IDIS solution operational benefits at the installation stage as well as in daily operations over the lifetime of the system. “Keys advantages for NCB in choosing an IDIS solution is the technology’s robustness, its resilience against data loss, and high level protection against cyber threats. Using IDIS technology is also ensuring a frictionless migration from existing analog,” says Ahmad Said, ESS Director at Almajal G4S. Thanks to its hybrid capability, IDIS technology allows analog and IP cameras to be used together, making the upgrade project easily manageable, with a seamless, staged switch-over. For this mission-critical project, IDIS’s Linux based servers and proprietory protocols also offered the highest level of resistance to hacking, while zero-configuration elminates the need to manage IP addresses for every device, all of which gave NCB the network security assurances they were looking for. Allow Efficient Maintenance NCB and the associated IDIS solution will be the first to achieve full compliance with the new SAMA standards An important consideration for NCB was IDIS Intelligent Codec which, together with dual H.264/H.265 performance, delivers up to 90% reduction in bandwidth and storage. This gives the bank significant, on-going savings allowing compliance with video data storage rules. It also speeds up recording retrieval and helps to make NCB’s new security system easier and more economical to run, says Harry Kwon, General Manager, IDIS Middle East and Africa. “With the upgrade already proving its value the bank’s central monitoring teams now work more efficiently, with their system providing event forwarding, acknowledgements, notifications and live pop-ups.” Providing the lowest total cost of ownership, the IDIS solution will allow efficient maintenance and simultaneous remote upgrades for multiple devices and gives NCB the assurance of IDIS Ultimate Warranty. The project is due for completion in 2019, NCB and the associated IDIS solution will be the first to achieve full compliance with the new SAMA standards.
March Networks, a global provider of video security and video-based business intelligence, is pleased to announce that one of Qatar’s top banks is deploying the company’s business intelligence software and integrated analytics to improve customer service and operations. The customer is one of six Qatari financial institutions currently using March Networks systems for advanced video surveillance and fraud prevention. The bank is already using an end-to-end March Networks video recording and management solution in all of its Qatari retail banking branches, hundreds of ATMs, and multiple corporate facilities. It is expanding that solution with Searchlight for Banking software to deliver an enhanced customer experience and strengthen its fraud investigation capabilities. Detecting Suspicious Transactions The software helps banks evaluate and improve customer service using dwell time, queue length and people counting analyticsMarch Networks Searchlight for Banking combines surveillance video with ATM/teller transaction data and analytics to deliver powerful fraud-fighting tools, such as the ability to rapidly detect suspicious transactions and potential cases of ATM skimming. The software also helps banks evaluate and improve customer service using dwell time, queue length and people counting analytics. The bank started using March Networks several years ago to ensure compliance with CCTV legislation first introduced by the Qatari Ministry of Interior (MOI) in 2011. The law mandates that all banks equip their locations with IP video surveillance, record at a minimum 3-megapixel resolution and 20 frames per second, and ensure 120 days of video storage. The bank, which was using an analog video surveillance system at the time, needed an enterprise-class video solution that could meet the MOI regulation. It was also looking for a solution that offered remote video management, system health monitoring, and the ability to scale easily to accommodate future growth. Command Enterprise Video Management Software March Networks products have proven highly reliable and are able to meet the parameters set by the Qatar Ministry of Interior regulations"When the project went to tender, only the March Networks solution performed to all of the bank’s criteria, said its group safety and security manager. “With the March Networks system, we are able to fully comply with the law. The usability and health monitoring features of the Command Enterprise video management software are also excellent, enabling us to investigate and resolve potential system issues before they become critical.” According to ISC Group Gulf, a systems integrator in Qatar with a specialized focus and expertise in the banking sector, the March Networks solution is the best choice for banks in the region. “March Networks products have proven highly reliable and are able to meet – and often exceed – the parameters set by the Qatar Ministry of Interior regulations, as our organization has seen in our work with most of the country’s major financial brands,” said Cristian Ivan Nicolae, Project Manager, ISC Group Gulf. CCTV Products For Banking Environments We are fortunate to be working with ISC Group Gulf, a systems integrator with a deep understanding of the video requirements of Qatari banks"“In addition, March Networks offers the sole CCTV products in Qatar purpose-built for banking environments, which means you are getting a secure, highly-professional solution that is easy to scale in complexity.” “We are proud of our long-standing partnership with this Qatari bank. It is a leader in the use of innovative video technologies, and clearly understands the value intelligent video offers to its organization,” said Trevor Sinden, Director, Middle East and Africa Sales, March Networks. “We are also fortunate to be working with ISC Group Gulf, a systems integrator with a deep understanding of the video requirements of Qatari banks.” March Networks will showcase its security and business intelligence solution for banks, as well as its complete enterprise video portfolio, in Stand S1-J42 at Intersec 2019, January 20-22 in Dubai, UAE.
Retail banking combines a demand for high security with complex workflows. Staff need efficient access. Facility managers need the flexibility to design access permissions around individual needs, so not everyone can access every area whenever they choose. Nobody wants to carry or track large numbers of keys. These were the requirements, managers of Creval — a regional bank in Italy — faced when seeking an alternative to a mechanical master-key system. Creval needed new access control devices to become an integral part of a security system for assets and people with the highest level of protection. They sought locks to offer a durable, secure and flexible alternative to standard mechanical security. They found an easy, electronic way to administer a powerful, user-friendly system based on battery-powered physical keys and secure, advanced microelectronics. Flexible High-Security Locking Staff carry a single, battery-powered eCLIQ key, programmed with only the right preauthorized access permissionsCreval chose eCLIQ key-based wireless access control for its banking premises. Bank doors across the Lombardy region are guarded by more than 30 durable eCLIQ cylinders, putting Creval managers in complete control of entrance security. eCLIQ is a scalable electronic extension of the CLIQ access control system deployed in critical infrastructure sites across Europe. Cylinders are fully electronic, protected against manipulation and with 128-bit AES encryption built into both lock and key microelectronics. Staff carry a single, battery-powered eCLIQ key, programmed with only the right preauthorized access permissions. Time-Limited Access Rights Creval’s security manager is now able to grant access based on scheduled times and specific doors, and right down to the level of the individual site user. It is also straightforward to set time-limited access rights for a user key, increasing security if a key is lost. Audit trails and event logs are collected to the same, fine-grained degree. Key management is easy with software operated from a local PC or securely on the web via a standard browser. In the unlikely event a key is misplaced, Creval administrators simply delete its validity from the system. “We are satisfied with the results of the new access control system,” says Claudio Brisia, Logical Security Manager at Creval headquarters in Sondrio.
Surveon Technology, the complete megapixel solutions provider, announces that one of the banks in Bangladesh has adopted Surveon end-to-end solutions. With Surveon Avatar Failover, which supports the system to continuously record through collaborative NVRs, the bank can easily secure the assets of its clients and ensure the safety for all people in every aspect. To avoid any confidential video loss, the bank needed dual copies of recording videos for all time, even if one of NVRs fails. Surveon provides total 14 CAM4471HEV, including two spare cameras and 12 cameras for recording, its videos will be saved in 2 NVR7316A1 simultaneously, providing dual video copies for the bank, ensuring 0% loss with valuable data. Non-Stop Recording To prevent any dispute between bank and customers, the bank required the solution provides sufficient reliability for 24/7 recording, once the conflicts happened, the evidences like videos can assist the investigation. The bank has adopted Surveon Avatar Failover, which supports mutual failover among NVRs and is composed by 2 sets of NVR7316A1 + JBOD, each NVR7316A1 is with 12 recording licenses and 12 failover licenses.When disaster happened, the failover NVR can not only take over the recording work of protected NVR but also clone the original settings of it When disaster happened, the failover NVR can not only take over the recording work of protected NVR but also clone the original settings of it, making itself become an avatar of protected NVR, realizing non-stop recording for 24/7. Any parts fail will make the system to stop recording, especially hard disks. Different Protection Levels The bank asked the system to well operate even if hard disks fail. Surveon RAID + Spare volume gives the bank a hot-spare that is ready to synchronize data immediately should a hard disk fail. If a hard disk fails, the data will start to synchronize with the spare, giving the bank enough time to replace the failed hard disk after being notified. NVR7300 Series provides different protection levels with RAID1, 5, 6, 1+Spare, 5+Spare, 6+Spare options, and the bank choose to backup its valuable videos with RAID6+Spare mode whether in normal or failover recording. "From camera, NVR, JBOD to VMS, Surveon total solutions always support Navana to win clients' heart. The unique Avatar Failover keeps bank's confidential videos and data in safe, making our customer very satisfied with the result." said Navana InterLinks, the major partner of Surveon in Bangladesh.
We all assume, in fact expect, a bank to be secure. The major challenge: the customers should not notice the actually highly complex security equipment. As they definitely should not have the feeling of being watched. Apart from Regiobank Solothurn being our house bank, the collaboration between the bank and Siaxma has already extended over ten years. With the new building in Zuchwil, there was the opportunity for the first time to plan and install a totally digital system All the branches have the video surveillance equipment which is controlled at a computer workstation at the Solothurn headquarters, where the data is analyzed too. The access control was added gradually and is initially being used in Biberist and Zuchwil. With the new building in Zuchwil, there was the opportunity for the first time to plan and install a totally digital system. This includes access control, door management, video surveillance, a burglar alarm system and alarm management – all from one source. This was one of the requirements the Regiobank specified. Authorization Using One Badge Digital access control has one major advantage for all users: they can enter all the buildings and rooms they have authorization for with just one badge. These badges are issued and managed at the Solothurn headquarters. Mechanical keys have largely disappeared from everyday business at the Zuchwil and Biberist branches. The administrator can change or extend the access rights in comfort at their PC workstation. Saves Cost For Additional Licenses Using their personal badge, customers can now use the lift to the basement, on their own or accompanied, and open their boxHow do customers get to their deposit boxes now? Keys are also a thing of the past here. Customers report to the desk where the bank employee then authorises them with access to the vault for one whole day. Using their personal badge, they can now use the lift to the basement, on their own or accompanied, and open their box. So that the Regionbank does not have to release and pay for hundreds of additional licences, we manage the vault in the system like a client. This means: one license with as many users as you like. Advantages for the end user: Centralized administration with customized issuing of rights by user, building, day and time frame One system for all locations Clear responsibilities Traceability
Located in Moscow, the International Investment Bank (IIB) is an inter-state organization which promotes economic and social development among members, including Hungary, the Republic of Bulgaria, the Socialist Republic of Vietnam, the Republic of Cuba, Mongolia, the Russian Federation, Romania, the Slovak Republic and the Czech Republic. Following a review of security in 2015 the bank’s senior management identified a need to rationalise and expand their video surveillance capability. A staged solution was sought that would allow them to manage the process in easy steps. AVIX recommended a seamless, integrated solution using IDIS technology, including cameras, peripheral switching devices and recorders. The IDIS solution would be easy and cost effective to install and would allow efficient, staged replacement of all existing video infrastructure. Corresponding Passwords At the heart of the new system is IDIS DirectIP which makes set-up and launch incredibly simple by utilising zero configuration technology for the implicit pairing of devices. This eliminates the need for installers to manage multiple IP addresses that can often lead to human factors leading to weaknesses in network security, such as saved IP device names and corresponding passwords in spreadsheets. Robust network security is also assured through embedded IDIS proprietary protocols not familiar to hackers Robust network security is also assured through embedded IDIS proprietary protocols not familiar to hackers. IDIS NVRs also force installers to implement an encrypted password as well as recommending two-factor authentication. Importantly, for IIB at no point thereafter can IDIS access any NVR, dispelling the bank’s concern of any ‘back doors’ that could present a potential network security breach. Various Bank Premises A range of specialist IDIS cameras now protects the various bank premises, including DC-T1833WHR 8MP external bullet cameras and full HD DC-T3233HRX units giving crisp real-time views of immediate street surroundings. These cameras come with built in IR LEDs, making them ideal for covering extensive perimeter areas in all lighting conditions. The external cameras feature IDIS Intelligent Codec, which can save up to 90% of disk space and network bandwidth. Crucially, they are also fitted with a 2TB memory card so that should a camera be disconnected from its NVR, the camera’s SD card instantly begins recording and automatically transfers the data to the NVR after recovery, leaving no incident unrecorded. The bank’s existing video system had been built up gradually over time and now included equipment and software from various manufacturers. Integrated Solution This piecemeal approach had resulted in problems of compatibility, which hampered further expansion, and had also brought with it the disadvantage of costly license update requirements with different suppliers. To solve this problem, Russian security solutions distributor AVIX, was asked to deliver a robust, high quality integrated solution using IP technology from a single manufacturer than would allow the bank to scale and adapt the system to meet its future security needs. Internal areas are fitted with a range of IDIS 2MP motorized IR dome cameras connected to an DR-6232P NVR In addition, for efficient operation in winter weather conditions, these vandal proof units incorporate energy-saving heaters that do not require an additional external power supply. Internal areas are fitted with a range of IDIS 2MP motorized IR dome cameras connected to an DR-6232P NVR that allows the connection of up to 32 12MP cameras to perform simultaneous recording and play back. Trouble Free Operation The system also utilizes IDIS rack mounted eSATA storage and PoE switches to ensure real-time monitoring from remote sites during peak loads across the network. The International Development Bank’s new surveillance system is now less complex, less costly and much more powerful than the old technology it replaces. The system is managed through the cost and license free IDIS Center video management software providing a simple and effective interface for operators. “It was definitely the right decision to move away from a complex system, based on equipment from multiple manufacturers. Our security operation now benefits from the latest advances in video technology and the assurance of affordable, trouble free operation into the future as well as robust network security that is absolutely paramount in the banking sector.” Aleksandr Funk, Head of Technical Protection Department, The Investment Development Bank. Now, as the bank’s security needs change, the surveillance system will be easy to adapt and expand, taking advantage of continual video advances from IDIS.
Round table discussion
There’s a huge cloud hanging over the physical security market, but in a good way. Cloud-based systems, whether for video, access control or another category, are on the verge of taking the industry by storm. The benefits of that mythical “cloud” are well-known, or certainly well-touted, in the market. It’s almost as if the word “cloud” has become a buzzword that can mean different things, or at least whatever the customer wants it to mean (as long as they buy!). We asked this week’s Expert Panel Roundtable to define the term more specifically, and to comment on the industry’s understanding of the terminology. Specifically, we asked: Define what we mean by “the cloud.” Is the definition universally understood in the market?
One of the things all security systems have in common is that they depend on human operators, to one extent or another. But how often is the human factor overlooked in product design? Sometimes, more focus is aimed at increasing the functionality of a system, even at the expense of usability. That’s how we get systems that have more capabilities, although accessing that functionality may be hopelessly complex. Creating effective graphical user interfaces (GUIs) is an ongoing challenge for the security market, and the consumer market, with its iPads and smart phones, has raised the expectations bar. We asked this week’s Expert Panel Roundtable: What elements are required to make an effective video system user interface?
One of the benefits of newer IP systems is the ability to store video inside the camera or in a nearby digital video recorder (DVR) at the edge of the network. Edge-based storage is unlikely to take the place of centralized storage, but it is complementary and provides some interesting new options related to system design. We asked this week’s Expert Panel Roundtable: What is the value of edge-based storage and in what specific applications?