Business security systems
STANLEY Security, one of the security providers, launches a new Dealer Program aimed at independent installers looking to expand their businesses without the risks associated with rapid growth. The new STANLEY Security Dealer Program provides installers with the considerable competitive benefits that come from being associated with a major global brand, backed up by national security infrastructure and expertise, whilst maintaining their independence. The Program will enable partners to capture...
ADT Inc., a provider of monitored security and interactive home and business automation solutions in the United States and Canada, announces that it has acquired LifeShield, LLC, a pioneer in advanced wireless home security systems, in a transaction valued at approximately $25 million. John Owens will continue in his current capacity leading the LifeShield team. Founded in 2004, LifeShield was the first to bring a wireless DIY home security offering to the residential market. Over the past 15 y...
Matrix Comsec, a manufacturer and provider of security and telecom solutions, is participating in ISC WEST 2019, Las Vegas, USA on 10th April 2019. Matrix will be showcasing its comprehensive range of IP video surveillance, people mobility management - an innovative range of access control and time-attendance solutions at the event. Both these solutions are specifically designed for large and multi-location enterprises, SME and SMB organizations. Matrix is known for offering technology driven,...
Arcules, innovators in integrated video cloud as a service, announces that it has named Cody Flood as Senior Director of Sales for the United States and Canada. In this role, Flood will focus on amplifying the momentum of the regional sales team, and play a significant role in accelerating adoption of the Arcules cloud-based service. “The security industry is experiencing a period of disruption fueled by rapid advancements in technology, and Arcules is at the forefront of offering modern...
ADT Inc., a provider of monitored security and interactive home and business automation solutions in the United States and Canada, announces that P. Gray Finney, Senior Vice President and Chief Legal Officer, will be retiring. As his successor, David Smail has been named Executive Vice President and Chief Legal Officer, reporting to ADT President and Chief Executive Officer Jim DeVries, based in Boca Raton, FL. His appointment is effective immediately. Business Strategy “David’s p...
Sargent and Greenleaf (S&G), a manufacturer of high-quality mechanical and electronic locks, announces that OpenGate Capital, a global private equity firm, has entered into an agreement to acquire S&G from Stanley Black & Decker. The transaction is anticipated to be completed in Q1 2019. Financial terms were not disclosed. Established in 2005, OpenGate Capital specializes in the acquisition and operation of businesses to create new value through operational improvement, innovation a...
iluminar is proud to announce that January 2019 signifies a decade in business. Ten years ago, Eddie Reynolds and Joni Hamasaki came together to launch iluminar with a mission to supply high-quality and reliable lighting and license plate recognition products to the video surveillance market, backed by unsurpassed customer service. According to the Bureau of Labor and Statistics’ Business Employment Dynamics report, less than one third of all small businesses make it to the 10-year mark. As such, it is an immense accomplishment for iluminar to reach this milestone thriving with products deployed on every continent. City Surveillance Applications “iluminar is beyond grateful for all of our partners and clients who have continued to support us for the last decade,” said Eddie Reynolds, iluminar CEO and co-founder. “In 1966, Marie Van Brittan Brown designed the CCTV system that we know today. It is wonderful to be able to continue the legacy as a black woman owned manufacturer, since a black woman invented the CCTV business.” As a global specialty manufacturer and supplier of infrared and white light illuminators, iluminar has come into its own as a voice in the security industry. From deploying award-winning products that have been part of major city surveillance applications in Abu Dhabi, Macau and Australia, to forging partnerships with Altronix, Arecont Vision, Pelco and Milestone– to name a few– iluminar continues to pave its path to success for the future.
ADT Inc., a provider of monitored security and interactive home and business automation solutions in the United States and Canada, announces its intent to lead a new consumer privacy initiative with a coalition of organizations committed to driving the adoption of privacy standards and best practices across the home security industry. The initiative will focus on ensuring the security and home automation industry take a leadership role in protecting consumer privacy. Launched on Data Privacy Day, these efforts build on ADT’s promise to protect what matters most. Implement High Standards Every day millions of our customers trust us with what they love and cherish the most, including their privacy" According to data released in November by market-research firm Harris Poll and public relations firm Finn Partners, data privacy is the most pressing issue for those surveyed, and consumers are looking for companies to be proactive in protecting their data. With considerable growth and technology innovation in the security industry, the prioritisation of privacy is higher than ever before. “Every day millions of our customers trust us with what they love and cherish the most, including their privacy. That is why our privacy practices are purposefully designed to ensure we continue earning their well-placed trust,” said Jim DeVries, President and CEO, ADT. “This initiative is part of our ongoing commitment, as the market leader in home security, to implement high standards for our industry, and as we look at the future of technology and access, align our industry around standards and practices that better protect consumers.” Customer-Centric In the coming months, the initiative will focus on three key objectives: Adopting a set of industry-wide best practices that are customer-centric and drive transparency. Working with dealers, partners and other industry organizations on the enhanced privacy and ethical standards for our industry. Programs focused on privacy, ethics, and transparency. Protecting Data Privacy Partners in this initiative currently include: Security Industry Association (SIA), the trade association for global security solution providers, with nearly 900 innovative member companies representing thousands of security leaders and experts who shape the future of the security industry. The Monitoring Association, an internationally-recognized, non-profit trade association representing professional monitoring companies. Electronic Security Association, the largest trade association in the U.S. representing the electronic security and life safety industry. The Internet Society’s Online Trust Alliance, an organization that identifies and promotes security and privacy best practices that build consumer confidence in the Internet, in part through its IoT Trust Framework. TrustArc, who provides solutions to manage privacy compliance for the GDPR, CCPA and other global privacy regulations. The Security Industry Association is pleased to support this important broad-based effort led by ADT to ensure the privacy of consumers" “The Security Industry Association is pleased to support this important broad-based effort led by ADT to ensure the privacy of consumers,” SIA CEO Don Erickson said. “SIA has taken a leading role on privacy issues through its Data Privacy Advisory Board, and we look forward to working with our partners on this project to demonstrate that members of the industry are as committed to protecting data privacy as they are to securing people and property.” Managed Commercial Solutions ADT is soliciting participation from all other organizations who wish to help drive these objectives. For over 144 years, ADT has been committed to keeping families and homes safe. ADT evolved this mission by extending physical security to cybersecurity for residential customers with Identity Theft Protection, which provides monitoring and support to help customers minimize their risk of identity theft and loss exposure. ADT also offers cybersecurity solutions for enterprise and small businesses, providing monitored and managed commercial solutions that protect customers from multiple vectors of attack, including network, endpoints, servers, and email communications.
March Networks, a global video security and video-based business intelligence solutions provider, is pleased to announce that one of Qatar’s top banks is deploying the company’s business intelligence software and integrated analytics to improve customer service and operations. The customer is one of six Qatari financial institutions currently using March Networks systems for advanced video surveillance and fraud prevention. March Networks will showcase its security and business intelligence solution for banks, as well as its complete enterprise video portfolio, in Stand S1-J42 at Intersec 2019, January 20-22 in Dubai, UAE. Video Recording And Management Solution The bank is already using an end-to-end March Networks video recording and management solution in all of its Qatari retail banking branches, hundreds of ATMs, and multiple corporate facilities. It is expanding that solution with Searchlight for Banking software to deliver an enhanced customer experience and strengthen its fraud investigation capabilities. The bank is already using an end-to-end March Networks video recording and management solution in all of its Qatari retail banking branches The bank started using March Networks several years ago to ensure compliance with CCTV legislation first introduced by the Qatari Ministry of Interior (MOI) in 2011. The law mandates that all banks equip their locations with IP video surveillance, record at a minimum 3 MP resolution and 20 frames per second and ensure 120 days of video storage. The bank, which was using an analog video surveillance system at the time, needed an enterprise-class video solution that could meet the MOI regulation. It was also looking for a solution that offered remote video management, system health monitoring, and the ability to scale easily to accommodate future growth. March Networks Searchlight For Banking March Networks Searchlight for Banking combines surveillance video with ATM/teller transaction data and analytics to deliver powerful fraud-fighting tools, such as the ability to rapidly detect suspicious transactions and potential cases of ATM skimming. The software also helps banks evaluate and improve customer service using dwell time, queue length and people counting analytics. When the project went to tender, only the March Networks solution performed to all of the bank’s criteria, said its group safety and security manager. Command Enterprise VMS With the March Networks system, we are able to fully comply with the law" “With the March Networks system, we are able to fully comply with the law. The usability and health monitoring features of the Command Enterprise video management software are also excellent, enabling us to investigate and resolve potential system issues before they become critical.” According to ISC Group Gulf, a leading systems integrator in Qatar with a specialized focus and expertise in the banking sector, the March Networks solution is the best choice for banks in the region. Security And Business Intelligence Solutions “March Networks products have proven highly reliable and are able to meet – and often exceed – the parameters set by the Qatar Ministry of Interior regulations, as our organization has seen in our work with most of the country’s major financial brands,” said Cristian Ivan Nicolae, Project Manager, ISC Group Gulf. “In addition, March Networks offers the sole CCTV products in Qatar purpose-built for banking environments, which means you are getting a secure, highly-professional solution that is easy to scale in complexity.” “We are proud of our long-standing partnership with this Qatari bank. It is a leader in the use of innovative video technologies, and clearly understands the value intelligent video offers to its organization,” said Trevor Sinden, Director, Middle East and Africa Sales, March Networks. “We are also fortunate to be working with ISC Group Gulf, a systems integrator with a deep understanding of the video requirements of Qatari banks.”
With the need for security guard services growing worldwide, Montreal-based tech startup TrackTik Software Inc., an integrated security workforce management cloud-based software solutions provider, has announced US$ 45 million in financing from Toronto-based Georgian Partners and Montreal-based Caisse de dépôt et placement du Québec (la Caisse). Disruptive AI And Machine Learning Funds will be used to drive new product development — including disruptive artificial intelligence (AI) and machine learning (ML) technologies Funds will be used to drive new product development — including disruptive artificial intelligence (AI) and machine learning (ML) technologies — that will enable security guard firms or in-house security teams to simplify their operations and maximize profitability. TrackTik will also nearly double its staff of 120 in the next year to help bring to market the new state-of-the-art tools and increase support and provide best practices for customers as the company expands its operations internationally. “This investment is in effect good news for the security workforce management industry as a whole as it is enabling us to reimagine every aspect of the industry, helping users of our technology to perform at unprecedented levels of intelligence and efficiency as they obtain their key business objectives,” said TrackTik Founder and CEO Simon Ferragne in making the announcement. “These unique tools will not only add value to our users but will in turn enable our clients to add value to their own customers,” he said, revealing that the new products are planned to start rolling out in early 2019. TrackTik Security Workforce Management Software Applauding the investors for their vision, Ferragne explained that both Georgian Partners and la Caisse are aligned with TrackTik’s commitment to transform the security workforce management market. In particular, Georgian Partners — a firm that invests in growth stage companies using AI and ML to solve real business problems, with a roster that includes players such as Shopify, Cority, Flashpoint and True Fit — has dedicated a group of technical experts to help TrackTik accelerate the development of its new products. “TrackTik's unique end-to-end security workforce management software is advancing the security industry to improve services and make smarter, data-driven decisions,” said Steve Leightell, Partner at Georgian Partners. “They've built a powerful solution that is solving their customers’ greatest business needs and are truly leading the industry. We are thrilled to be working with the TrackTik team to develop their software’s cutting-edge artificial intelligence capabilities. Georgian’s core philosophy is that businesses utilizing applied AI will enable superior service levels in terms of capability, delivery, availability, accuracy and convenience, and so we look forward to be a part of this phase of their growth.”TrackTik's unique end-to-end security workforce management software is advancing the security industry to improve services and make smarter, data-driven decisions" Applied Artificial Intelligence Citing a good cultural fit between the two companies, Leightell added that the timing was right to engage with TrackTik because there is a strong market pull for TrackTik’s first-of-its-kind, all-in-one enterprise software solution that delivers all of the mission-critical components required to run a professional security service firm on a single integrated platform, including real-time guard management and incident reporting, back office administrative functions, and business intelligence. In addition to Applied AI, Georgian Partners’ thesis-led approach to investing also focuses on Conversational AI – including the use of text-based messaging, chatbots and voice assistants – and Digital Security, two areas that TrackTik is well positioned to capitalize on, he added. Based on TrackTik’s substantial growth in 2018, Thomas Birch, Managing Director Venture Capital and Technologies at la Caisse stated that “this new investment will enable TrackTik to continue its international development and reaffirms la Caisse’s support for technology companies, which represent a promising sector of Québec’s economy. One of the fastest growing technology companies in Canada, TrackTik will use the proceeds of this transaction to pursue its strategic expansion plan, which includes developing more machine learning technology.” Automated Scheduling This is an exciting time for the security guard workforce management space as the industry grows and evolves" Among some of the advanced AI capabilities to be featured in TrackTik’s new software are an automated scheduling tool that uses predictive analysis and ML to streamline the scheduling of large, diverse and mobile security workforces, reducing the number of human interactions and simplifying day-to-day business, Ferragne said. TrackTik’s innovations have helped propel the company’s exponential growth since its inception in 2013, with the company receiving multiple recognitions for its solutions. Last year alone, TrackTik ranked No. 11 on the Deloitte Technology Fast 50 list, was included on the LinkedIn list of Top 25 Startups in Canada, placed 36th on the Canadian Business 2018 Startup 50 ranking of Canada’s Top New Growth Companies, and received a 2018 SaaS Award for Customer Success by San Diego-based APPEALIE. “This is an exciting time for the security guard workforce management space as the industry grows and evolves,” Ferragne said. “We at TrackTik are proud to support its advancement by providing the best products possible in the hopes of helping those in the industry propel their business forward. We want to thank both Georgian Partners and la Caisse for believing in our vision and mission, and we look forward to working together on achieving our goals.”
PSA has announced a partnership with Solutions360, Inc., global provider of business management software for professional systems integrators in the security and audio-visual markets, as a part of the PSA Business Solutions Providers program. PSA members will be able to streamline their business procedures and workflow through the Q360 software, which includes full accounting, project management, job costing, service and dispatch, inventory and sales functions. PSA Business Solutions Program “This is a very exciting partnership for Solutions360, Inc. We have several influential clients that are PSA Members and they have been encouraging us to pursue this relationship for some time. Our software is in alignment with PSA’s mission to help member companies become more successful; managing their businesses more efficiently, driving more profit into their processes and giving them better line of site into key business information” said John Graham, executive vice president for Solutions360, Inc. For 30 years, Solutions360, Inc. has been working with companies improving their profitability and business processes. The foundation of the Q360 Software hinges around flexibility and having the ability to be customized to fit individual needs using the numerous features that can help support every department, from front office to back office. Q360 combines the functionality of a highly-sophisticated CRM, PSA, ERP and accounting tool in a single solution. This centralizes business processes and information, providing one common database to access accurate, real-time information. PSA-Solutions360, Inc. Partnership “With every partnership that PSA enters into, our main objective it to benefit our members and owners,” said Anthony Berticelli, director of education for PSA. “Solutions360, Inc. is an ideal partner for us, and we are very excited to make the introduction to our members of what they can offer.” The PSA Business Solutions program is a suite of value-added resources and services to help enhance systems integrators’ business models, reduce operating costs and keep them competitive in the marketplace.
Home-grown technology firm Connexin has been announced winners of the IoT Breakthrough Award for Smart City Deployment of the Year, for the Newcastle Smart Road pilot. This year’s awards program attracted more than 3,500 global nominations covering a range of categories, including industrial and enterprise IoT, smart city, connected home, home automation and connected car. Connexin fought off stiff competition to join an impressive array of companies winning awards from other categories including, Samsung, Toshiba, Vodafone, Philips, Sony and Fitbit. Technologically Advanced Products The program recognises pioneering technologies and exemplary companies that are driving innovation in the Internet of Things (IoT) market. Nominations were evaluated by an independent panel of experts within the IoT industry, with winners selected based on a variety of criteria, including most innovative and technologically advanced products and services, evaluated nominations. This award demonstrates our leadership in this space and shows we can compete and win on a global level Furqan Alamgir, CEO & Founder at Connexin says: “This award demonstrates our leadership in this space and shows we can compete and win on a global level. I’d like to acknowledge and thank the partners we collaborated with on this project, without whom it would not have been possible.” Independent Organization “Smart technologies have now come of age, but the truth is no single organization can make smart cities happen on its own. Governments, businesses, the education sector and citizens need to work together to grasp the opportunity. The sum is way greater than the individual parts. This project is a perfect demonstrator of all the parts working together.” IoT Breakthrough is an independent organization recognizing the top companies, technologies and products in the global Internet of Things (IoT) market, that drive innovation and exemplify the best in IoT technology across the globe.
With the coming of a New Year, we know these things to be certain: death, taxes, and… security breaches. No doubt, some of you are making personal resolutions to improve your physical and financial health. But what about your organization’s web and mobile application security? Any set of New Year’s resolutions is incomplete without plans for protecting some of the most important customer touch points you have — web and mobile apps. Every year, data breaches grow in scope and impact. Security professionals have largely accepted the inevitability of a breach and are shifting their defense-in-depth strategy by including a goal to reduce their time-to-detect and time-to-respond to an attack. Despite these efforts, we haven’t seen the end of headline-grabbing data breaches like recent ones affecting brands such as Marriott, Air Canada, British Airways and Ticketmaster. App-Level Threats The apps that control or drive these new innovations have become today’s endpoint The truth of the matter is that the complexity of an organization’s IT environment is dynamic and growing. As new technologies and products go from production into the real world, there will invariably be some areas that are less protected than others. The apps that control or drive these new innovations have become today’s endpoint — they are the first customer touch point for many organizations. Bad actors have realized that apps contain a treasure trove of information, and because they are often left unprotected, offer attackers easier access to data directly from the app or via attacks directed at back office systems. That’s why it’s imperative that security organizations protect their apps and ensure they are capable of detecting and responding to app-level threats as quickly as they arise. It’s imperative that security organizations protect their apps and ensure they are capable of detecting and responding to app-level threats as quickly as they arise In-Progress Attack Detection Unfortunately, the capability to detect in-progress attacks at the app level is an area that IT and security teams have yet to address. This became painfully obvious in light of the recent Magecart attacks leveraged against British Airways and Ticketmaster, among others. Thanks to research by RiskIQ and Volexity, we know that the Magecart attacks target the web app client-side. During a Magecart attack, the transaction processes are otherwise undisturbed Attackers gained write access to app code, either by compromising or using stolen credentials, and then inserted a digital card skimmer into the web app. When customers visited the infected web sites and completed a payment form, the digital card skimmer was activated where it intercepted payment card data and transmitted it to the attacker(s). Data Exfiltration Detection During a Magecart attack, the transaction processes are otherwise undisturbed. The target companies receive payment, and customers receive the services or goods they purchased. As a result, no one is wise to a breach — until some 380,000 customers are impacted, as in the case of the attack against British Airways. The target companies’ web application firewalls and data loss prevention systems didn’t detect the data exfiltration because those controls don’t monitor or protect front-end code. Instead, they watch traffic going to and from servers. In the case of the Magecart attacks, the organization was compromised and data was stolen before it even got to the network or servers. Today’s proven obfuscation techniques can help prevent application reverse engineering, deter tampering, and protect personal identifiable information and API communications Best Practice Resolutions The Magecart attacks highlight the need to apply the same vigilance and best practices to web and mobile application source code that organizations apply to their networks—which brings us to this year’s New Year’s resolutions for protecting your app source code in 2019: Alert The key to success is quickly understanding when and how an app is being attacked First, organizations must obtain real-time visibility into their application threat landscape given they are operating in a zero-trust environment. Similar to how your organization monitors the network and the systems connected to it, you must be able to monitor your apps. This will allow you to see what users are doing with your code so that you can customize protection to counter attacks your app faces. Throughout the app’s lifecycle, you can respond to malicious behavior early, quarantine suspicious accounts, and make continuous code modifications to stay a step ahead of new attacks. Protect Next, informed by threat analytics, adapt your application source code protection. Deter attackers from analyzing or reverse engineering application code through obfuscation. Today’s proven obfuscation techniques can help prevent application reverse engineering, deter tampering, and protect personal identifiable information and API communications. If an attacker tries to understand app operation though the use of a debugger or in the unlikely event an attacker manages to get past obfuscation, threat analytics will alert you to the malicious activity while your app begins to self-repair attacked source code or disable portions of the affected web app. The key to success is quickly understanding when and how an app is being attacked and taking rapid action to limit the risk of data theft and exfiltration. Protecting encryption keys is often overlooked but should be considered a best practice as you forge into the new year with a renewed commitment to app security to ensure your organization’s health and well-being in 2019 Encrypt Finally, access to local digital content and data, as well as communications with back office systems, should be protected by encryption as a second line of defense, after implementing app protection to guard against piracy and theft. However, the single point of failure remains the instance at which the decryption key is used. Effective encryption requires a sophisticated implementation of White-Box Cryptography This point is easily identifiable through signature patterns and cryptographic routines. Once found, an attacker can easily navigate to where the keys are constructed in memory and exploit them. Effective encryption requires a sophisticated implementation of White-Box Cryptography. One that combines a mathematical algorithm with data and code obfuscation techniques transforming cryptographic keys and related operations into indecipherable text strings. Protecting encryption keys is often overlooked but should be considered a best practice as you forge into the new year with a renewed commitment to app security to ensure your organization’s health and well-being in 2019. Protecting Applications Against Data Breach According to the most recent Cost of a Data Breach Study by the Ponemon Institute, a single breach costs an average of $3.86 million, not to mention the disruption to productivity across the organization. In 2019, we can count on seeing more breaches and ever-escalating costs. It seems that setting—and fulfilling—New Year’s resolutions to protect your applications has the potential to impact more than just your risk of a data breach. It can protect your company’s financial and corporate health as well. So, what are you waiting for?
In the age of massive data breaches, phishing attacks and password hacks, user credentials are increasingly unsafe. So how can organizations secure accounts without making life more difficult for users? Marc Vanmaele, CEO of TrustBuilder, explains. User credentials give us a sense of security. Users select their password, it's personal and memorable to them, and it's likely that it includes special characters and numbers for added security. Sadly, this sense is most likely false. If it's anything like the 5.4 billion user IDs on haveibeenpwned.com, their login has already been compromised. If it's not listed, it could be soon. Recent estimates state that 8 million more credentials are compromised every day. Ensuring Safe Access Data breaches, ransomware and phishing campaigns are increasingly easy to pull off. Cyber criminals can easily find the tools they need on Google with little to no technical knowledge. Breached passwords are readily available to cyber criminals on the internet. Those that haven’t been breached can also be guessed, phished or cracked using one of the many “brute-force” tools available on the internet. It's becoming clear that login credentials are no longer enough to secure your users' accounts. Meanwhile, organizations have a responsibility and an ever-stricter legal obligation to protect their users’ sensitive data. This makes ensuring safe access to the services they need challenging, particularly when trying to provide a user experience that won’t cause frustration – or worse, lose your customers’ interest. After GDPR was implemented across the European Union, organizations could face a fine of up to €20 million, or 4% annual global turnover Importance Of Data Protection So how can businesses ensure their users can safely and simply access the services they need while keeping intruders out, and why is it so important to strike that balance? After GDPR was implemented across the European Union, organizations could face a fine of up to €20 million, or 4% annual global turnover – whichever is higher, should they seriously fail to comply with their data protection obligations. This alone was enough to prompt many organizations to get serious about their user’s security. Still, not every business followed suit. Cloud Security Risks Breaches were most commonly identified in organizations using cloud computing or where staff use personal devices According to a recent survey conducted at Infosecurity Europe, more than a quarter of organizations did not feel ready to comply with GDPR in August 2018 – three months after the compliance deadline. Meanwhile, according to the UK Government’s 2018 Cyber Security Breaches survey, 45% of businesses reported breaches or attacks in the last 12 months. According to the report, logins are less secure when accessing services in the cloud where they aren't protected by enterprise firewalls and security systems. Moreover, breaches were most commonly identified in organizations using cloud computing or where staff use personal devices (known as BYOD). According to the survey, 61% of UK organizations use cloud-based services. The figure is higher in banking and finance (74%), IT and communications (81%) and education (75%). Additionally, 45% of businesses have BYOD. This indicates a precarious situation. The majority of businesses hold personal data on users electronically and may be placing users at risk if their IT environments are not adequately protected. Hackers have developed a wide range of tools to crack passwords, and these are readily available within a couple of clicks on a search engine Hacking Methodology In a recent exposé on LifeHacker, Internet standards expert John Pozadzides revealed multiple methods hackers use to bypass even the most secure passwords. According to John’s revelations, 20% of passwords are simple enough to guess using easily accessible information. But that doesn’t leave the remaining 80% safe. Hackers have developed a wide range of tools to crack passwords, and these are readily available within a couple of clicks on a search engine. Brute force attacks are one of the easiest methods, but criminals also use increasingly sophisticated phishing campaigns to fool users into handing over their passwords. Users expect organizations to protect their passwords and keep intruders out of their accounts Once a threat actor has access to one password, they can easily gain access to multiple accounts. This is because, according to Mashable, 87% of users aged 18-30 and 81% of users aged 31+ reuse the same passwords across multiple accounts. It’s becoming clear that passwords are no longer enough to keep online accounts secure. Securing Data With Simplicity Users expect organizations to protect their passwords and keep intruders out of their accounts. As a result of a data breach, companies will of course suffer financial losses through fines and remediation costs. Beyond the immediate financial repercussions, however, the reputational damage can be seriously costly. A recent Gemalto study showed that 44% of consumers would leave their bank in the event of a security breach, and 38% would switch to a competitor offering a better service. Simplicity is equally important, however. For example, if it’s not delivered in ecommerce, one in three customers will abandon their purchase – as a recent report by Magnetic North revealed. If a login process is confusing, staff may be tempted to help themselves access the information they need by slipping out of secure habits. They may write their passwords down, share them with other members of staff, and may be more susceptible to social engineering attacks. So how do organizations strike the right balance? For many, Identity and Access Management solutions help to deliver secure access across the entire estate. It’s important though that these enable simplicity for the organization, as well as users. Organizations need an IAM solution that will adapt to both of these factors, providing them with the ability to apply tough access policies when and where they are needed and prioritising swift access where it’s safe to do so Flexible IAM While IAM is highly recommended, organizations should seek solutions that offer the flexibility to define their own balance between a seamless end-user journey and the need for a high level of identity assurance. organizations’ identity management requirements will change over time. So too will their IT environments. organizations need an IAM solution that will adapt to both of these factors, providing them with the ability to apply tough access policies when and where they are needed and prioritising swift access where it’s safe to do so. Importantly, the best solutions will be those that enable this flexibility without spending significant time and resource each time adaptations need to be made. Those that do will provide the best return on investment for organizations looking to keep intruders at bay, while enabling users to log in safely and simply.
Edward Snowden’s name entered the cultural lexicon in 2013, after he leaked thousands of classified National Security Agency documents to journalists. He’s been variously called a traitor, a patriot, a revolutionary, a dissident and a whistleblower, but however you personally feel about him, there’s one way to categorize him that no one can dispute: He’s a thief. There’s no doubt about it: Snowden’s information didn’t belong to him, and the scary truth is that he is neither the first nor the last employee to attempt to smuggle secrets out of a building – and we need to learn from his success to try to prevent it from happening again. Since the dawn of the digital age, we’ve fought cyber pirates with tools like firewalls, encryption, strong passwords, antivirus software and white-hat hackers. But with so much attention on protecting against cyber risks, we sometimes forget about the other side of the coin: the risk that data will be physically removed from the building. Douglas Miorandi, director of federal programs, counter-terrorism and physical data security for Metrasens, recently discussed the major risks to physical data security with SecurityInformed.com. Q: What Do You Believe Are The Main Physical Threats To Data? The biggest threats I have seen in the physical data security space have varied over the years, but there are four specific risks that remain the same across the board for any organization, which are: Every organization is at risk of having data walk out the building with that employee The Insider Threat The Outsider Threat The Seemingly Innocent Personal Item Poor or Nonexistent Screening To beginning with, every company or government agency has at least one disgruntled employee working for them, whether they know it or not, and that means every organization is at risk of having data walk out the building with that employee. That is what security experts call the insider threat. Q: What Do You Think Influences Employees To Steal Data From Their Own Organization? People steal data from their workplaces because they see some means to an end, whether it’s to expose something embarrassing or damaging due to a personal vendetta, or because they can sell it to a competitor or the media and benefit financially – meaning they don’t even need to be disgruntled; they might just want a quick way to make a buck. Financial data, too, is attractive, both for insider trading and selling to the competition. People steal data from their workplaces because they see some means to an end, whether it’s to expose something embarrassing or damaging due to a personal vendetta, or because they can sell it to a competitor or the media and benefit financially This can happen to both private companies as well as government agencies. Take Natalie Mayflower Sours Edwards for example, a Treasury Department employee who was caught in the act just last month, when she disclosed sensitive government information about figures connected to the Russia investigation to a reporter. She didn’t hack the system, she simply used a flash drive. And let’s not forget that Snowden was a contractor working for the NSA. Q: Many Of Us Think Of Security Threats Coming From An Outsider, Do Companies Still Face These Type Of Threats? Yes. Unfortunately, organizations do not only need to worry about their own employees – companies and government agencies need to be wary of threats from outsiders. COTS devices include SD cards, external hard drives, audio recorders and even smart phones They can come in the form of the corporate spy – someone specifically hired to pose as a legitimate employee or private contractor in order to extract information – or the opportunistic thief – a contractor hired to work on a server or in sensitive areas who sees an opening and seizes it. Either one is equally damaging to sensitive data because of the physical access they have. Q: Whether It Be An Insider Threat Or An Outsider Threat, What Are Ways These Individuals Can Steal Sensitive Data? There are two types of personal items that can be used to steal data: the commercially available off-the-shelf (COTS) variety, and the intentionally disguised variety. This is considered risk number three – the seemingly innocent personal item. COTS devices include SD cards, external hard drives, audio recorders and even smart phones, any of which can be used to transport audio, video and computer data in and out of a building. Intentionally disguised devices are straight out of the spy novel; they could be a recording device that looks like a car key fob, or a coffee mug with a USB drive hidden in a false bottom. Intentionally disguised devices are straight out of the spy novel; they could be a recording device that looks like a car key fob, or a coffee mug with a USB drive hidden in a false bottom Q: What Is The Difference Between COTS And Disguised Devices? The difference between COTS and disguised devices is that if someone gets caught with a COTS device, security will know what it is and can confiscate it. The disguised device looks like a security-approved item anyone could be carrying into the workplace, making it especially devious. Sometimes these devices don’t just function to bring information out of a building; they are used to damage a server or hard drive once it’s plugged in to a computer or the network. Some are both – a recording device that extracts data and then destroys the hard drive. Companies with airtight cyber security protocols can sometimes fall down when it comes to physically screening peopleQ: With These Types Of Discrete Items, Can Security Personnel Still Catch Individuals In The Act? For Example, Through Security Screenings? Poor or nonexistent screening is the most substantial security threat to any organization when it comes to sensitive data. Whether it’s an employee, an outside contractor or a device, the physical security risks are real, and everyone and everything entering and leaving a building needs to be screened. Unfortunately, screening often isn’t occurring at all, or is ineffective or inconsistent when it does occur. Even companies with airtight cyber security protocols can sometimes fall down when it comes to physically screening people and stopping them from stealing data through recording devices. Q: It’s Surprising That So Many Organizations Would Neglect Physical Security When Protecting Their Data. It’s a huge mistake, and the consequences can be dire. They range from loss of customer trust, exorbitant lawsuits and tanking stock prices in the private sector; and risks to national security in the public sector. Costs and resource allocation increase as well during efforts to reactively fix or mitigate the effects of physically stolen data. For both the private and public sectors, the risk for data to be physically removed from a building has never been greater. Years ago, it was much harder for the average Joe to figure out where they could sell stolen data. Now, with the Deep Web, anyone with Tor can access forums requesting specific information from competing spy agencies, with instructions on how to deliver it, greatly reducing the risk of getting caught – and increasing the likelihood people will try it. Although it’s getting easier to sell data, the good news is that all of these threats are avoidable with the right measures. Physical data security and cybersecurity must be considered the yin and yang of an airtight policy that effectively protects sensitive or confidential assets from a malicious attack Q: So How Can An Organization Protect Against These Risks? There are a number of ways – and the first one requires a change of mindset. Not long ago, the building/physical security department and the IT/cybersecurity department were considered two different entities within an organization, with little overlap or communication. organizations now are realizing that, because of the level of risk they face from both internal and external threats, they must take a holistic approach to data security. Physical data security and cybersecurity must be considered the yin and yang of an airtight policy that effectively protects sensitive or confidential assets from a malicious attack. Q: How Can Companies And Government Agencies Combine Both Physical Data Security And Cybersecurity Initiatives? Physical security managers can advise cybersecurity managers on ways to reinforce their protocols – perhaps by implementing the newest surveillance cameras in sensitive areas, or removing ports on servers so that external drives cannot be used. Organizations need to create an effective program and ensure it stays effective so people know it’s not worth the hassle to try In turn, the cybersecurity team can let the physical security team know that they have outside contractors coming in to work on the server, and the physical security team can escort the contractors in and stand guard as they work. Constant communication and a symbiotic relationship between the two departments are crucial to creating an effective holistic security protocol and, once you’ve got the momentum going, don’t let it slow down. Sometimes efforts start off strong and then peter out if priorities change. When guards are down, it’s an excellent time for a malicious actor to strike. organizations need to create an effective program and ensure it stays effective so people know it’s not worth the hassle to try. It’s not just about the mentality, though. Using the right technology is just as important. Q: What Type Of Technology Can You Use To Protect Physical Data? Many problems can be avoided by simply using the right technology to detect devices that bring threats in and carry proprietary information out. Electronics such as hard drives, cell phones, smart watches, SD cards and recording devices have a magnetic signature because of the ferrous metals inside them. Using a ferromagnetic detection system (FMDS) as people enter and exit a building or restricted area means that anything down to a small microSD card triggers an alert, allowing confiscation or further action as needed. Electronics such as hard drives, cell phones, smart watches, SD cards and recording devices have a magnetic signature because of the ferrous metals inside them Q: How Does FMDS Work? In the most basic terms, FMDS uses passive sensors that evaluate disturbances in the earth’s magnetic field made by something magnetic moving through its detection zone. Nothing can be used to shield the threat, because FMDS doesn’t detect metallic mass; it detects the magnetic signature, down to a millionth of the earth’s magnetic field. FMDS is the most reliable method of finding small electronics items and should be part of the “trust, but verify” model Although it is a passive technology, it is more effective and reliable than using hand wands or the walk-through metal detectors typically seen in an airport, which cannot detect very small ferrous metal objects. FMDS can see through body tissue and liquids, so items cannot be concealed anywhere on a person or with their belongings. Whether or not the items are turned on doesn’t matter; FMDS doesn’t work by detecting a signal, but rather by spotting the magnetic signature that electronics contain. This is ideal, because most recording devices do not emit any signal whatsoever. In my experience, FMDS is the most reliable method of finding small electronics items (as well as other ferrous metal objects, like weapons), and should be part of the “trust, but verify” model, in which companies assume the best of their employees and anyone else entering the building, but still take necessary precautions. Q: What Are The Key Takeaways For Organizations Looking To Enhance Data Security? The toughest challenge in the security sector – whether it’s cyber or physical – is remembering that the bad guys are constantly looking for ways to slip in through the cracks, and security departments need to stay one step ahead to ward off both internal and external threats. Recognizing the existing threats, putting together a holistic security strategy, and using the right technology to detect illicit devices comprises an effective three-pronged approach to protecting an organization’s data. Organizations cannot afford to be passive about security and assume employees won’t steal data and spies won’t sneak in. Strong countermeasures are necessary because data loss can come from both inside and outside, in both private and public sectors, from places not everyone thinks of – and with technology like FMDS acting as a backup to the human element, organizations can lock down their data and keep the wolves in sheep’s clothing from getting through the door.
ADT Inc.’s acquisition of Red Hawk Fire & Security, Boca Raton, Fla., is the latest move in ADT Commercial’s strategy to buy up security integrator firms around the country and grow their footprint. In addition to the Red Hawk acquisition, announced in mid-October, ADT has acquired more than a half-dozen security system integration firms in the last year or so. Here’s a quick rundown of integrator companies acquired by ADT: Protec, a Pacific Northwest commercial integrator (Aug. 2017); MSE Security, the USA’s 27th largest commercial integrator (Sept 2017); Gaston Security, founded in 1994 as a video surveillance integration company and whose services have since expanded to include intrusion, access control, and perimeter protection (Oct. 2017); Aronson Security Group (ASG), which delivers risk and security program consultants and offers advanced integration services, consulting and design engineers and a National Program Management team (March 2018); Acme Security Systems, among the largest privately held security systems integrators in the Bay Area, focusing on electronic security systems, access control, video networks and more (March 2018); Access Security Integration, a regional systems integrator specializing in design, delivery, installation and servicing of electronic security systems including enterprise-level access control, video and visitor management solutions, perimeter security and security operation command centers (Aug. 2018); In addition to their moves in the commercial integrator space, ADT has also sought to expand their presence in cybersecurity with the following two acquisitions: Datashield, specializing in Managed Detection and Response Services (Nov 2017); Secure Designs, Inc., specializing in design, implementation, monitoring, and managing network defense systems, including firewall services and intrusion prevention, to protect small business networks from a diverse and challenging set of global cyber threats (Aug. 2018). ADT has acquired more than a half-dozen security system integration firms in the last year or so For additional insights into ADT’s game plan and the strategy behind these acquisitions, we presented the following questions to Chris BenVau, ADT’s Senior Vice President of Enterprise Solutions. Q: ADT has been actively acquiring regional integrators this year – more than a half a dozen to date. Please describe the history of how ADT came to embrace a strategy of acquiring regional integrators as a route to growth? ADT's acquisition of Red Hawk is set to close in December, and brings premiere fire and life/safety solutions BenVau: Our acquisition strategy started at Protection 1 when we embarked on our journey to build out our commercial and national account business and add enhanced integration capabilities to our portfolio. The merger of Protection 1 and ADT brought that foundation to ADT which up to that point was primarily a residentially and SMB-focused company. After the merger, we set out to identify and acquire additional regional integrators that would continue to build on that foundation and deliver enhanced technical solutions, advanced technologies and an expanded service, install and support footprint. Through our acquisitions we now operate two Network Operations Centers and three Centers of Excellence. We are also unique in the industry with the number and variety of certifications, like Cisco and Meraki, our engineers hold which ultimately allows us to offer Managed Security as a Service. They have also enhanced our operational capabilities. Q: What criteria do you use to evaluate whether an integrator is a good “fit” for ADT? BenVau: First and foremost, we look at the culture of the companies. The companies that we target for acquisition must be metrics- and customer service-driven. Secondly, we look at the leadership teams. ADT view their acquisitions more like mergers and take a patient approach to integrating them into their business We have been fortunate in the fact the leadership of the companies we acquired remain with us today in key management and executive positions helping to drive continued growth within their organizations. We also evaluate their current customer base, unique solutions and their ability to complement and enhance our portfolio with the goal of becoming a leading full-service, enterprise commercial provider. Our acquisitions have bolstered our network capabilities, brought enterprise risk management services, and a broader solution set in high-end video and access control solutions. Our most recent acquisition – Red Hawk, set to close in December – brings us premiere fire and life/safety solutions. Q: What changes are typically needed after an integrator is acquired in order to adapt it to the ADT corporate model? BenVau: We view our acquisitions more like mergers and take a patient approach to integrating them into ADT while taking into account their culture. We want to ensure that we find the right positions for their people, embrace the right messaging and put the right processes in place. We acquire these companies because they are the best in their respective businesses and geographies and bring their knowledge and experience in markets or with solutions that we may not have had previous access to. ADT can support clients with their own in-house technicians which helps to ensure a consistent security program Q: How can regional integrators benefit from the ADT brand? Have your newly acquired integrators realised additional growth? BenVau: The companies we have acquired, generally, have exceeded expectations and surpassed initial goals. ADT brings expanded opportunities for these companies as well with our national footprint. Our National Account Sales Team has seen impressive growth over the years and are only limited by our ability to deliver. These integrators help to deliver on that. In the past, the regional players may have had to rely on sub-contractors to service their larger clients. With ADT, we can now support those clients with our own in-house technicians which helps to ensure a consistent security program across multiple locations.Our National Account Sales Team has seen impressive growth over the years and are only limited by our ability to deliver" Q: Are additional integrator acquisitions planned this year and into 2019? How much is enough and when will it end (or slow down significantly)? BenVau: We expect to close on our latest acquisition, Red Hawk, before the end of 2018. Red Hawk brings a national footprint focused on fire/life safety and security to ADT. While ADT already had a robust security offering, Red Hawk will contribute significantly to the fire side of the business. In addition, we will continue to evaluate the companies in the industry to determine if additional acquisitions make sense. Q: Do you expect greater consolidation of the integrator channel in the industry as a whole? Why is this a good time for consolidation? Is it a good M&A market for buyers like ADT? BenVau: We will continue to evaluate companies in the industry to determine if further acquisitions make sense. As for the industry, we can only speak for ourselves. Q: What other trend(s) do you see in the industry that will impact ADT (on the commercial side) in the next year or so, and how?Our focus is on investing in our field organization, in particular our service technicians, engineers and project management teams" BenVau: Networking is a big one. As we continue to drive integration of devices and services, from AI, “the cloud,” machine learning and even analytics, there will be more focus on the network they ride on. A deeper knowledge of network design, bandwidth impact, and system integration will be critical. As part of our acquisition strategy, we focused on talent to add to the team and have been able to add to our bench strength in this area. Q: Any other comments/insights you wish to share about ADT’s strategy, future, and role in the larger physical security marketplace? BenVau: Our focus is on investing in our field organization, in particular our service technicians, engineers and project management teams. The cornerstone of our success lies in our ability to deliver outstanding customer support and service. It starts with sales and the ability to deliver security and life safety technologies, but it ends with a delighted customer who partners with us to help secure the things that matter most to them. Our recent acquisitions have more than doubled our commercial field operations teams and are key to establishing the ADT Commercial brand as a leading full-service provider of enterprise solutions to the marketplace.
The Global Security Exchange (GSX) seems smaller this year, which is not surprising given the absence on the show floor of several big companies such as Hikvision and Assa Abloy (although their subsidiary HID Global has a big booth). A trend affecting the number of companies exhibiting at GSX 2018, and other trade shows, is industry consolidation, which is impacting the show even beyond the fewer exhibitors this year in Las Vegas. GSX is the new branding for the trade show formerly known as ASIS. There was an impressive crowd of visitors waiting for the show floor to open Tuesday morning; the conference part of the program began on Monday. After the attendees filed through the doors, the foot traffic seemed brisk throughout the morning, and was somewhat steady until the end of the first day. Exhibitors as a whole seemed pleased with the first day and cautiously optimistic about the rest of the show. Acquisitions And Consolidation HID Global announced on the first day that they will acquire Crossmatch - emphasizing the impact of consolidationEmphasising the impact of consolidation on the industry as a whole, and on this show, was an announcement from HID Global on the first day that they will acquire Crossmatch, a biometric identify management and secure authentication solutions provider. It’s a comparatively large acquisition for the company specializing in trusted identity solutions. Just days earlier, another acquisition also seemed to confirm the trend when UTC Climate, Controls and Security — the owner of Lenel — announced an agreement to acquire S2 Security. The fruits of another recent acquisition was on display at the GSX 2018 hall, where Isonas took its place near the front entrance as part of the Allegion booth, just three months after the global security provider acquired the ‘pure IP access control company.’ Isonas is well positioned in two of the three fastest growing segments of the access control market — IP hardware, which is growing 41 percent per year globally, and access control as a service, or ‘cloud’ technology, which is also outpacing the overall access control market. Allegion also has the third fast-growing segment, wireless locks, covered with its Schlage brand. "New Avenues Of Growth" The early days of new ownership is opening fresh opportunities for both organizations as Allegion seeks to leverage Isonas’ intellectual property and the smaller company finds new avenues of growth in the larger organization, says Rob Lydic, Isonas Global Vice President of Sales. Motorola joined Avigilon in a higher profile role at their booth, emphasizing consolidation in the industry Lydic sees a likelihood of additional acquisitions in the near future in the security space, given the large amount of capital currently available to be deployed, and the large number of entrepreneurial companies looking to make the leap, as Isonas did, from a small booth at the back of the hall to front-and-center as part of a big industry player. Another reflection of consolidation: Motorola Solutions is taking a much higher-profile role in the Avigilon booth. In addition to signage, ownership by Motorola is also impacting the Avigilon product offerings. For example, the Motorola Ally security incident management and communications system has been integrated with Avigilon’s analytics-based event detection, and is being positioned to serve the enterprise market. The system simplifies security operations with a single platform that allows access to critical data, including video and access control systems, directly from any web-enabled device. Another reflection of consolidation: Motorola Solutions is taking a much higher-profile role in the Avigilon booth Avigilon is displaying Motorola Solutions’ CommandCenter Aware integrated with Avigilon’s systems for use with public safety applications to provide dispatchers and intelligence analysts with video feeds, incident details, alerts, data mapping and responder location. Avigilon has also integrated its AI-driven Appearance Search technology with its Access Control Manager system, so video searches can be performed based on a badge credential. The system can automatically pull up any information, whether video or events in the access control system, based on the badge information. It can also be used to search for lost badges, or to view where a person is located in the building. Avigilon introduced an AI appliance that allows existing cameras to be integrated with Appearance SearchThe company introduced an AI appliance that allows existing (non-Avigilon) cameras (up to 20 two-megapixel cameras) to be integrated with Appearance Search. Also, the next generation of analytics allows detection of more things, such objects a person may be holding, or detection based on what they are wearing. The Growth Of The Cannabis Market Although attendees at GSX are generally understood to be more end users than integrators, Joe Grillo, CEO of ACRE, the parent company of Vanderbilt Industries and ComNet, says he sees little difference in attendees at GSX compared to the ISC West show in the spring. “We see all our resellers here,” he says. Grillo noticed that Day One booth traffic was “not consistently busy, but steady.” Grillo says ACRE expects to be active again soon in the mergers and acquisitions market. The company has grown through six acquisitions since its founding, and has had one divestiture (when it sold Mercury Security to HID last fall). Since selling Mercury, ACRE has been ‘back in the buying mode,’ just looking for the right opportunity, says Grillo. New markets are a theme at GSX, and one of the biggest new opportunities is the cannabis industry. Marijuana has been legalized in dozens of U.S. states, and Canada is on the verge of legalizing the drug. March Networks works with multiple cannabis operators to provide video solutions, point-of-sale transaction data, and customer analytics March Networks is among the companies targeting the cannabis industry in a big way. Already across the U.S., March Networks works with multiple cannabis operators to provide video solutions, point-of-sale transaction data, and customer analytics. The business intelligence solutions also aid compliance in the highly-regulated industry. March Networks provides radio frequency identification (RFID) tag to track plants throughout the channel, and tracking is integrated with video systems to provide correlated video views. A couple of exhibitors mentioned to me the need for commercial companies to deploy a comparable level of automation as their employees are accustomed to in the smart home environment. That suggests a need for things such as smartphone integration and voice commands. One exhibitor putting its toe in the water is Hanwha Techwin, which showed an Amazon Echo device used to control a video management system (VMS) with voice commands. Could the simple integration be a preview of the future of control rooms, where security officers merely talk to their equipment rather than operating controls? We’ll be talking to more companies (and maybe a few machines) on Day Two of the show, and will be reporting what we hear.
When an active assailant strikes, it’s over fast, and most of the damage happens before help arrives. Responding appropriately can save lives, and it takes training and practice to know what to do as a tragedy unfolds: Where can I hide? Can I get out? Where do I run? If you hear shots or see someone with a knife, your training empowers the best response, and thorough and repetitive training avoids being paralyzed by panic. Standards On Workplace Violence ASIS International is a member of ANSI and an accredited standards developer ASIS International has been working for more than a year on a document to enable security professionals to develop an effective approach for prevention, intervention, response and recovery to an active assailant, whether he or she is acting alone or as part of a group. The Active Assailant Supplement is an annex to the ANSI Standard on Workplace Violence and Intervention; it is being developed as part of the current revision to the standard. ASIS International is a member of ANSI (American National Standards Institute) and an accredited standards developer. Security practitioners use the ANSI standard to develop their own processes, procedures and documentation related to workplace violence. The ANSI standard on workplace violence was created 10 years ago and already has been revised once. In that time, the standard has been quoted extensively and adopted and utilized by many corporations and security practitioners. Leading creation of the Active Assailant Supplement is Michael Crane, Security Consultant and Attorney at Securisks, and chair of the ASIS International Active Assailant Working Group. There are 17 individuals on the drafting committee on active assailants, each with their own specific areas of expertise, from big corporations, to psychologists, to the government. The committee will create a draft, which will be submitted to the technical committee (150 or so people) for review and comment. The ANSI standard on workplace violence has been quoted extensively and adopted and utilised by many corporations and security practitioners Active Assailant Supplement Elements Prevention - A key to preventing active assailant incidents is awareness, such as identifying behaviors that suggest a potential for violence. In addition to recognizing troubled behaviors, companies should have policies and procedures in place to report concerns to supervisors, and then policies to follow up. Intervention - Training equips companies to react effectively in the case of an active assailant attack. Repetition and practice ensure an appropriate reaction, and inform decisions about where to hide, the nearest exits, etc. Employees might hide in a washroom or a conference room that locks, or they might use furniture to block the door. Response - It also takes training for employees to understand what happens when first responders arrive. Private security and employees have specific roles when first responders show up. Recovery - After the incident, other issues include cleanup, providing a gathering place for employees and family members, and counseling. Addressing School Violence The workplace violence prevention plans in the Federal government are right in sync with private industry"Crane was an assistant state’s attorney in Chicago before going into private practice. He has also served as general counsel and vice president for security companies and combines law and security expertise to protect companies from liability. Crane has written and provided training on the topic of workplace violence prevention for many years for ASIS International and was among the first members of the Standards and Guidelines Commission in 2000. Although school violence is not addressed specifically in the Active Assailant Supplement, the protocols covered in the document apply to schools as well as other sites such as governments. “The workplace violence prevention plans in the Federal government are right in sync with private industry,” says Crane. “They are almost identical.” Workplace Violence At GSX 2018 Workplace violence, including active assailants, will be among the issues addressed at the upcoming GSX 2018 in Las Vegas. Global Security Exchange (GSX) is the new branding for ASIS International’s annual conference and trade show, attended by more than 22,000 security professionals from 100-plus countries. There will be sessions addressing workplace violence and interest group discussions on a range of topics.
Genetec Inc., a technology provider of unified security, public safety, operations, and business intelligence solutions announces that the South Grand Community Improvement District (CID) in St. Louis, Missouri is using the Genetec Stratocast cloud-based video monitoring system to deter license plate theft in its parking lot and provide video access to the local police department to help reinforce security. License Plate Theft One of the services offered by the South Grand CID is free parking. At any time of the day, drivers can park in a central parking lot to visit businesses or residents. While this lot has always been convenient and safe, license plate theft was troubling nearby areas. Video recordings are sent over a wireless network which connects to the South Grand CID main office To deter license plate theft in their own community, the South Grand CID board decided to add video surveillance to the lot. Currently, three cameras monitor the entire 90-space parking lot. Video recordings are sent over a wireless network which connects to the South Grand CID main office, just a few blocks away from the lot. With this cloud-based video monitoring system, Rachel Witt, Executive Director at South Grand CID, can quickly and easily view video from anywhere, at any time. Cloud Video System “Using the cloud video system, I am able to find and view the video in seconds. I can narrow down my search based on dates and time and watch the event unfold with all camera feeds up on the monitor. It’s really that simple,” commented Witt. Only two weeks after installing the Stratocast video monitoring system, a visitor reported that their license plates had been stolen. “The visitor provided a description of the car, and a timeframe in which the incident likely happened. Using the Stratocast system, I was able to find and view the video in seconds. I could clearly see the suspect enter the lot, remove the plates and leave in his own car. Since the police are very busy here, I was able to bookmark the video recording and then notify them that the video was ready,” said Witt. View Video Recordings Stratocast has made it easy for the South Grand CID to give video access to local police so that when a crime is reported in the district, officers can immediately begin to conduct investigations without leaving their desks. While the South Grand CID manages and owns the Stratocast solution, officers can log into the system and view video recordings when required While the South Grand CID manages and owns the Stratocast solution, officers can log into the system and view video recordings when required. This is enabled by the Genetec Federation feature, which gives an organization access to manage multiple independent Genetec systems as one. A memorandum of understanding was signed so each parties’ responsibilities are clear. Better Sense Of Safety “Instead of driving over and picking up a DVD, officers can directly access video from our cameras to see what happened. Not only does it help speed up investigations, it saves officers’ valuable time,” continued Witt. The installation of Stratocast is not only helping to reduce license plate theft but it is also helping residents and visitors feel safer than ever. “Business owners, residents, and visitors have a better sense of safety when they know cameras are up. But they also need to know that we’re equipped to respond quickly to any disturbance. And that’s what Stratocast helps us achieve. With the addition of Stratocast, we’re able to show everyone that we have strengthened the security in our community,” concluded Witt.
Exabeam, the next-gen SIEM company, announces that NTT DATA Corporation (NTT DATA), its partner and one of the providers of technology and services for government and business, has chosen to secure its global operations using Exabeam’s Security Management Platform (SMP), which provides unlimited data collection, machine learning and analytics for modern cyber threat detection and response. NTT DATA’s internal system is used throughout more than 50 countries and regions, 210 cities and by 34,500 employees in Japan and 75,500 employees overseas. It is a fast-moving company that has acquired many businesses over the last five to 10 years, resulting in the inheritance of a number of different legacy SIEM platforms. However, these solutions were lacking, and NTT Data wasn’t obtaining the visibility it needed to keep pace with modern cyberthreats. Disparate Legacy Systems Exabeam was already our valued partner, and we were so confident in the company’s security solution" “Exabeam was already our valued partner, and we were so confident in the company’s security solution, we decided to use it ourselves, to remove complexity and unify our disparate legacy systems that were ineffective at protecting against modern threats,” said Hiroshi Honjo, head of Cyber Security and Governance at NTT DATA. “Having Exabeam’s unlimited data lake and attractive pricing model made the difference for our large organization.” Exabeam’s SMP provides NTT DATA with scalable, behavioral modeling, machine learning, and advanced analytics for comprehensive insider and entity threat detection throughout Japan, APAC, North America, and Europe. This functionality was vital to the NTT DATA team because they required greater visibility into potential cyberthreats throughout the organization and in all locations around the world. Automated Incident Response “NTT DATA’s journey was a unique one, since they had multiple legacy logging platforms in use globally. Exabeam was able to replace or consolidate each system using our next generation platform, and we accomplished the initial rollout in a matter of months,” said Nir Polak, CEO, Exabeam. “The swiftness of that transition is critical to maintaining secure operations, especially when dealing with such a geographically dispersed enterprise.” Automated incident response allows teams to respond to security incidents rapidly and with less effort Automated incident response allows teams to respond to security incidents rapidly and with less effort. At the SMP’s foundation is the Exabeam security data lake, designed to store all event logs at a predictable and flat price. This frees the NTT DATA security team from manually analyzing data logs – and instead they can focus on quickly identifying and responding to security threats. SIEM Solution According to Honjo, “The second phase of our project will be to look at use cases and fine tune the SIEM solution to work for our business needs. Overall, we are very happy with how well Exabeam met our stated deadlines and how quickly we are able to realize value from the product. We look forward to introducing Exabeam to our global customers.” Recently, Exabeam was identified by Gartner, Inc. in the 2018 Magic Quadrant for Security Information and Event Management. The company was positioned as a Leader based on completeness of vision and ability to execute.
STANLEY Security, one of the most trusted names in the world of security, has installed an intruder alarm system at Wraps & Tints’ new premises, which houses high value vehicles. The system not only protects the contents but also meets the insurance company’s needs, keeping everyone happy! Based in Leyland, Lancashire, Wraps & Tints is the North West’s Paint Protection Film, Vehicle Wrapping and Window Tinting installers. The company has gone from strength to strength and recently moved into larger premises to meet customer demand and to better represent the quality of the service with a smarter, more professional working environment. Provide Certification With supercars and high-end vehicles occasionally stored, and to meet insurance requirements, an intruder alarm system was requisite within the new premises. After initially employing a small, local security company to undertake the job who were unable to provide the certification needed by Wraps & Tints’ insurance company, Jonathan Burke, Director of Wraps & Tints, approached STANLEY Security. The system incorporates dual technology detectors, door contacts and roller shutter contacts, interconnected and fed back to a control panel Following a risk assessment of the building content and the building’s fabric and structure, STANLEY Security installed a hard wired Texecom intruder alarm system to Grade 2 (low to medium risk). The system incorporates dual technology detectors, door contacts and roller shutter contacts, interconnected and fed back to a control panel. A maintenance contract is in place with STANLEY Security to ensure the system remains fully functional. Highly Skilled Technicians Jonathan is pleased with the outcome, finding the system easy to use. He’s also happy with the service he received, which was ‘straight forward and efficient’. Ultimately, the new intruder alarm system has enabled him to cost-effectively meet his insurer’s requirements and to focus on his business with the peace of mind that comes from knowing his property and its contents are well protected. STANLEY Security provides security services to a wide range of organizations. Its SME division offers high-quality business security systems regardless of the size of office, building, store or facility. All installation work is handled by a team of highly skilled technicians, each of whom is locally based across offices located across the UK.
Wilson James has appointed SmartTask as preferred technology partner and awarded it a deal for the supply of a mobile patrol and electronic smart form solution for a new security contract with National Museums. Under the agreement, the company will now roll out the SmartTask workforce management software to 10 sites including the Natural History Museum, V&A and Science & Industry Museum. This follows a successful trial that achieved significant time savings by removing paperwork and streamlining operational processes. The new partnership between Wilson James and SmartTask will replace an incumbent supplier agreement that no longer met the business and operational requirements of the security, construction logistics and business services provider. Identify Potential Benefits In particular, the retender process for the security contract with Natural Museums required a single provider of a highly-configurable mobile patrol and electronic smart form solution. An initial trial at the Natural History Museum focused on use of electronic forms via SmartTask-enabled smartphones to reduce administration and increase productivity of operational staff. The trial highlighted the clear benefits of using the SmartForms, most notably around confiscated items and vehicle forms It was designed to identify potential benefits based on the precise requirements of the customer as well as create a suite of seven SmartForms and reports that could deliver standardized data capture and analysis. This included confiscated items and vehicle check SmartForms, scenario testing and incident reporting. The trial highlighted the clear benefits of using the SmartForms, most notably around confiscated items and vehicle forms. Required Monthly Reports Confiscated items, following bag searches carried out at point of entry, historically required between 10-15 minutes to complete and during that time the security officer was away from the floor resulting in lost productivity. Following the adoption of SmartTask, reports can now be created automatically using highly-accurate data, while paper usage and printing requirements have been dramatically reduced. The time savings achieved at the National History Museum by the Wilson James team have led to higher productivity, greater capacity to carry out bag searches and increased visibility of security staff. Management time saving have also been realised in production of required monthly reports, as well as administration savings of 12-hours per week for the Security Duty Managers. Ease Of Deployment Don McCann, Technology Systems Consultant at Wilson James commented: “SmartTask provided significant support throughout the contract bid and contributed to the successful re-signing for a further five years.” SmartTask has also handled a separate project for Bradford Science Festival, which further demonstrated the flexibility of the system" “The solution is now fully operational at five locations – Natural History Museum, National Science & Media Museum, National Railway Museum, Science & Industry Museum and a Wandsworth storage site – with the Science Museum and V&A to follow shortly. SmartTask has also handled a separate project for Bradford Science Festival, which further demonstrated the flexibility of the system, ease of deployment and its suitability for the security sector.” Enhance Customer Satisfaction Paul Ridden, CEO of SmartTask said: “This latest agreement demonstrates our ability to work closely with our customers to develop advanced workforce management solutions that support business development, customer retention and quality service delivery. We are now partner of choice for a growing number of security organizations based on our proven track record helping to tackle some of the most common and difficult operational challenges they face.” SmartTask is an advanced and simple-to-use employee scheduling and mobile workforce management solution that enables security companies to better plan and manage their workers, so they are at the right place, at the right time. The cloud-based software solution combines intelligent rostering, live monitoring and integrated proof of attendance across both static and mobile teams, making it the ideal tool to improve operational control, enhance customer satisfaction, and support duty of care to staff.
Cosmo Music was established in Richmond Hill, Ontario, Canada in 1968. Its current 56,000 sq ft store opened in 2008, making it the largest music instrument store in North America. It is also home to the Cosmopolitan Music Hall venue. Needing to replace a 20-year-old analog video system, Cosmo Music Vice President and COO Rudi Brouwers, started researching modern video management software (VMS). Initially he intended to purchase IP cameras and a basic VMS with the ability to record and playback. But Brouwers soon learned of the vast capabilities of modern systems. He turned his focus to finding one that went beyond basic video management to offer business intelligence. Identify Suspicious Customers Brouwers ultimately decided on Axis cameras and Senstar’s Symphony VMS with its Face Recognition analytic In particular, he was interested in face recognition, which would enable Cosmo Music to identify suspicious customers to prevent shoplifting. Working with integrator Northern Alarm Protection Ltd. (NAP), Brouwers looked at a number of different systems, and ultimately decided on Axis cameras and Senstar’s Symphony VMS with its Face Recognition analytic. “I was sold on Symphony when I got to actually use it,” said Brouwers. “It floored me how easy it is to work, how straightforward it is. It is so user friendly it is unbelievable.” Brouwers likes several of Symphony’s core features, including: the ability to save video for up to six months (he had been hoping for 90 days) customization options (for example, recording only when motion is detected) ability to bookmark video the mobile app, which lets users connect to Symphony via a smartphone or tablet to view and playback video, control pan-tilt-zoom (PTZ) cameras, manage I/O devices, receive alarm notifications, and more. Face Recognition Analytic Before implementing Senstar’s Face Recognition video analytic, when a suspicious customer was identified through video surveillance, Brouwers would screen capture an image, email it to staff, and ask them to keep an eye out for that person. With Senstar’s Face Recognition video analytic, Brouwers can flag suspicious customers in Symphony. When that person enters the store again, Brouwers is automatically notified. One of our staff had a full beard one day and it was shaved off the next day and the system still picked him up" Brouwers tested the analytic thoroughly and was amazed by its capabilities. “One of our staff had a full beard one day and it was shaved off the next day and the system still picked him up,” said Mr. Brouwers. “That’s what sold me on it.” Symphony and the Face Recognition analytic, deployed on Senstar’s R-Series network video recorder (NVR) hardware, have been running at Cosmo Music since April 2018 and Brouwers couldn’t be happier. Business Intelligence Applications “It’s everything I dreamed of and more,” he said. From an integrator perspective, NAP, who had significant VMS experience but never used Symphony, thinks the product is a great option for business intelligence applications. “Symphony is the right fit for any application that requires enhanced security such as analytics. It’s superior to many other systems out there,” said NAP President and CEO Dave Koziel. “From a deliver what is promised standpoint, it’s 12 out of 10 on the scale.” Senstar’s Face Recognition analytic adds an additional layer of security to any video surveillance deployment Identify known and unknown individuals Create allow and deny lists, and be alerted when someone on that list is identified Save time and resources with a robust search functionality that lets users look for registered and unknown people in video Search across multiple cameras, and filter search results by match score or date and time Two-factor authentication processes for access control applications
National Security, a global safety and security products manufacturing company, has delivered some advanced security solutions equipped with the latest technology. The company has been known to meet every business challenge that enterprises face with its solutions. Their global reach and unparalleled range of products and services assisted customers in ensuring safety, security and business with the right solutions. Security Access Challenge Since this manufacturer of safety and security products was spread across India, it required a reliable time-attendance and access control system. However, the major issue lay with the implementation of such a system across different locations in India. Another issue that the company needed to deal with was to assign different attendance policies and shifts to its employees. The manufacturer also required a centralized management for their time-attendance and access control system. Solution Connected all locations with their central location for time-attendance Integration with HRMS software Centralized monitoring and control of all devices Auto Data Push to a central server Configured flexible attendance policies Products COSEC DOOR FOP: Fingerprint based Door Controller with Touch-Sense Keypad COSEC CPM MIFARE SMART: Card Personality Module for Mifare Smart Card COSEC PANEL LITE: Site Controller for Controlling Multiple Door Controllers COSEC ENROLL FINGER: Enrollment Station for Enrolling Finger COSEC CENTRA LE: Application Software for 1000 Users, Expandable up to One Million Users COSEC LE TAM: Time-Attendance Module for COSEC CENTRA LE COSEC LE ACM: Access Control Module for COSEC CENTRA LE COSEC USER1000: User License for 1000 Users Results Enhanced time-attendance solution with flexibility Fast fingerprint recognition Reduced costs and time savings on maintenance Excellent after-sales support Centralized monitoring Direct salary generation using HRMS integration