Allied Universal, renowned security and facility services company in North America, has announced the acquisition of Cypress Private Security, LP - a San Francisco-based company offering comprehensive security services. Terms of the deal were not disclosed. Manned guarding and security personnel “Cypress Private Security is a company that we have long admired and always wanted to partner with,” said Steve Jones, CEO of Allied Universal. “This security company has built...
Check Point Research, the threat intelligence arm of Check Point Systems Inc., has announced the creation of a new online vulnerability repository, CPR-Zero. Going forward, Check Point will publicly list all vulnerabilities its research teams find, even if they are not featured in a publication on the Check Point Research blog. The move makes Check Point the industry’s largest cyber security vendor to openly share such vital information online. CPR-Zero vulnerability repository "Not ever...
Ping Identity, global provider of identity defined security solutions, has announced updates to its data governance solution, PingDataGovernance, to better manage data security and privacy requirements for APIs and user profiles. Today’s enterprises manage many different APIs on average, meaning sensitive consumer data like banking information and healthcare records are increasingly vulnerable. This rapid growth of APIs and third-party API traffic necessitates fine-grained data protection...
Digital Defense, Inc. has announced the availability of its Frontline.Cloud integration with Attivo Networks, the award-winning leader in deception for cybersecurity threat detection. Digital Defense’s Frontline.Cloud vulnerability management and threat assessment platform identifies high-risk/critical assets with business context that are highly vulnerable to exploits, remain unpatched, are unpatchable or have already been infected in real-time. Integration with Attivo Networks Frontlin...
Ping Identity, global provider of identity-defined security solutions, has announced its capabilities framework and practical guidance for adopting a Zero Trust security strategy. This framework provides reliable direction to companies in any stage of the Zero Trust maturity process to help enable a broad range of use cases and technology integrations. It also includes innovative ways to support secure access to anything, by anyone, from anywhere on any device. Zero Trust security strategy The...
Qognify, the trusted advisor and technology solution provider for physical security and enterprise incident management solution, has announced the appointment of Jeremy Howard as Vice President of Physical Security Sales for the Americas. Jeremy has more than 20 years’ experience working with security hardware and software infrastructure, in use by Qognify customers throughout the Americas. He will be working with the team to grow Qognify’s partner and key account channels, u...
Sepio Systems, which is disrupting the cyber-security industry by uncovering hidden hardware attacks, is gaining momentum in the U.S. after adding an important new customer and channel partner – the Integrated Security Solutions business unit of Johnson Controls, and strengthening its advisory board. Mitigating hardware-based attacks Sepio offers the world's first end-to-end solution that detects and mitigates hardware-based attacks, including rogue peripherals, invisible network devices, and manipulated firmware. The company’s Sepio Prime, which is a software-only solution, has been successfully deployed in over 20 mid-sized to large banks, insurance, and telecom companies in the U.S., Singapore, Brazil and Israel. The deal with Johnson Controls is bringing the technology to additional sectors. Sepio offers the world's first end-to-end solution that detects and mitigates hardware-based attacks Over the past months Tyco Integrated Security, now part of Johnson Controls, has been installing Sepio’s Rogue Device Mitigation solution on the premises of its customers. Sepio Prime helps Johnson Controls’ customers utilize sophisticated intelligence and hardware fingerprinting technology that is capable of rapidly and accurately detecting manipulated peripherals, transparent network devices and firmware vulnerabilities. Importance of cyber and data security The growing interest in Sepio’s product is the result of an unprecedented rise in cyber-attacks and data breaches caused by the ease of obtaining attacks tools that were until recently only available to governments. “Johnson Controls is a leading systems integrator in the security field and our connection with them will open up a new market for us,” predicts Yossi Appleboum, CEO of Sepio Systems Inc. Until recently Sepio had mainly focused on the finance and telecom sectors, but Appleboum notes that the “partnership with Johnson Controls and their network now exposes Sepio’s technology to hundreds of new clients in the North American market.” Intelligent solutions major Tyco Integrated Security was acquired and integrated into Johnson Controls Tyco Integrated Security was acquired and integrated into Johnson Controls, a global leader in the field of intelligent buildings, efficient energy solutions and integrated infrastructure. As part of Sepio’s effort to expand its U.S. presence, Suzan Zimmerman has joined the company’s advisory board. Zimmerman has worked in senior positions for numerous companies in the IT field including CACI International Inc., QinetiO North America Inc. and Science Applications International. “It is an honor to be part of an organization whose focus is protecting our mission critical systems. As our cyber threats become more complex, we must become more vigilant in evaluating the severity of the consequences, should we not be able to detect the intrusion at the source.” said Zimmerman. “With Sepio's technology implemented into corporate and governmental cyber tool kits, the protection of the agencies’ information will increase exponentially.” Suzan Zimmerman is the President and CEO of Strategic Capture Group, which focuses on helping companies to market, capture and win business in the government sector.
KnowBe4, a provider of security awareness training (SAT) and simulated phishing platform, has announced the acquisition of CLTRe - pronounced “Culture”- a Norwegian company focused on helping organizations assess, build, maintain and measure a strong security posture. CLTRe will continue to operate as an independent subsidiary of KnowBe4, and service customers globally. CLTRe’s Toolkit and Security Culture Framework will be available to all KnowBe4 customers later this year. Cybersecurity And Cyber Threat Mitigation The finance industry demonstrated an overall healthy improvement in culture from 2017 According to the 2018 Cybersecurity Culture Report, 95 percent of organizations see a gap between their current and desired organizational cybersecurity culture. With 94 percent of malware being delivered via email (2019 DBIR), it’s clear that working with users to minimize cyber risk and improve security culture is key. The 2018 Security Culture Report shows the value of being able to measure culture, helping organizations to demonstrate the effectiveness of their organizational security controls, as required by GDPR, CCPA and other regulations. Interestingly, the finance industry demonstrated an overall healthy improvement in culture from 2017 while the real estate industry showed a decline. CLTRe Toolkit And The Security Culture Framework CLTRe created the CLTRe Toolkit and the Security Culture Framework, which work in tandem to help organizations gather evidence about their current security culture and how it changes over time. The acquisition of CLTRe is advantageous for both KnowBe4 and CLTRe clients; KnowBe4 users will gain access to a research-driven measurement platform to show how their security culture program matures over time. And CLTRe clients will be introduced to the industry’s most progressive and easiest-to-use SAT and simulated phishing platform to help educate users and change their behavior. CLTRe measures the seven dimensions of security culture: behavior, responsibilities, cognition, norms, compliance, communication and attitudes. Quotes By Industry Experts: Stu Sjouwerman, CEO, KnowBe4 “Today’s announcement brings KnowBe4 very valuable tools to help our customers measure what matters – their security culture – so they can make decisions about how to improve. We’re excited to welcome Kai and the CLTRe team to the KnowBe4 family and to enhance our European presence while supporting more global customers.” Kai Roer, CEO, CLTRe “KnowBe4 is a leader in innovation and has a wonderful track record for growing quickly but with a very specific focus on improving security at the human-level. This is a natural fit for our evidence-based analytics and measurement tools, as KnowBe4 customers will now be able to measure their security cultures, benchmark against their industry sectors, and pinpoint exactly what kind of security culture they have. With KnowBe4 and CLTRe, organizations can gain true insight into their security culture, improve their security with pinpoint accuracy, report their progress to their board of directors, and educate their users to make smarter security decisions.” Perry Carpenter, Chief Evangelist & Strategy Officer, KnowBe4 “From my former life as a Gartner analyst, I have a strong appreciation for evidence over opinion, which is what CLTRe gives to its clients in the form of a data-driven examination of their security culture. To change user behavior and address awareness, we have to understand and change security culture. CLTRe gives organizations the tools to understand where they are today so they can get to where they want to go tomorrow.” Espen Otterstad, CISO at Abax (CLTRe customer) “Our work with CLTRe has been important to helping us gauge the maturity of our security culture over time. Now that CLTRe is part of KnowBe4, we have a very real way to advance the maturity of our program and test the knowledge of our user’s understanding via KnowBe4’s fresh content, engaging trainings and simulated phishing tests. The combination of CLTRe and KnowBe4 means that we can improve security within our organization through training and phishing tests and manage our security culture program while proving ROI.”
Cloud Security Alliance (CSA), globally renowned organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, and AlgoSec, global provider of business-driven network and cloud security management solutions, has announced the results of a new study titled, ‘Cloud Security Complexity: Challenges in Managing Security in Native Cloud, Hybrid and Multi-Cloud Environments.’ Complexities Of Cloud SecurityThe survey of security professionals aims to analyze the state of security in current hybrid and multi-cloud security environments The survey of 700 IT and security professionals aims to analyze and better understand the state of adoption and security in current hybrid cloud and multi-cloud security environments, including public cloud, private cloud, or use of more than one public cloud platform. Key findings of the study include: Cloud creates configuration and visibility problems: When asked to rank on a scale of 1 to 4 the aspects of managing security in public clouds they found challenging, respondents cited proactively detecting misconfigurations and security risks as the biggest challenge (3.35), closely followed by a lack of visibility into the entire cloud estate (3.21). Audit preparation and compliance (3.16), holistic management of cloud and on-prem environments (3.1) and managing multiple clouds (3.09) rounded out the top five. Human error and configuration mistakes the biggest causes of outages: 11.4% of respondents reported a cloud security incident in the past year, and 42.5% had a network or application outage. The two leading causes were operational / human errors in management of devices (20%), device configuration changes (15%) and device faults (12%). Cloud compliance and legal concerns: Compliance and legal challenges were cited as major concerns when moving into the cloud (57% regulatory compliance; 44% legal concerns). Security is the major concern in cloud projects: 81% of cloud users said they encountered significant security concerns. Concerns over risks of data losses and leakage were also high with users when deploying in the cloud (cited by 62%), followed by regulatory compliance concerns (57%), and integration with the rest of the organizations’ IT environment (49%). Integrating Multiple Cloud Services “As companies of all sizes are taking advantage of the value of the cloud with its improved agility and flexibility, they are also facing unique new security concerns, especially when integrating multiple cloud services and platforms into an already complex IT environment,” said John Yeoh, Global Vice President of Research, Cloud Security Alliance. “The study findings demonstrate how important it is for enterprises to have holistic cloud visibility and management across their increasingly complex hybrid network environments in order to maintain security, reduce the risk of outages and misconfigurations, and fulfill audit and compliance demands.” Multi-Cloud And Hybrid Networks This survey makes clear that there is no one-size-fits-all cloud deployment model" “This survey makes clear that there is no one-size-fits-all cloud deployment model: organizations are choosing to adopt and use cloud resources in the way that suits their business needs. But this cloud flexibility also creates many security challenges for today's enterprise. Irrespective of how they choose to use cloud resources, end-to-end visibility across the networks is critical to meet security and compliance obligations,” said Jeffrey Starr, CMO of AlgoSec. “Robust network security management and automation become increasingly mission critical. We see organizations moving to automate security management across native cloud, multi-cloud, and hybrid network estates, driving agility while ensuring continuous security for next-generation enterprise environments.” Commissioned by AlgoSec and conducted by the CSA, the survey also looked to uncover insights on topics such as workloads being used in or moved to the cloud and how they are being deployed/migrated; types of cloud platform(s) being used by companies; common security challenges faced by companies when deploying workloads in the cloud; methods of managing risk and vulnerabilities in the cloud environment; and causes of network or application outages and the amount of time it took to remediate.
Aqua Security, global platform provider for securing container-based and cloud native applications, has announced that Aqua Cloud Native Security Platform (CSP) has attained VMware Partner Ready status for PKS. The validation of Aqua’s CSP validates that the solution has been tested and verified to interoperate with VMware Enterprise PKS, and can fully manage and secure workloads running on VMware Enterprise PKS. Cloud Native Security Platform We are pleased that Aqua Security has validated its Cloud Native Security Platform for VMware Enterprise PKS" “We are pleased that Aqua Security has validated its Cloud Native Security Platform for VMware Enterprise PKS. This signifies to customers that Aqua Security can be deployed with the knowledge and reassurance that Aqua fully supports the specified versions and configurations on VMware Enterprise PKS,” said Pat Lee, vice president, Emerging ISVs & Solutions, VMware. VMware Enterprise PKS enables organizations to easily deploy, run and manage Kubernetes for production with productivity and efficiency. Using Aqua’s Cloud Native Security Platform with VMware Enterprise PKS, businesses can secure their cloud native applications across the entire lifecycle at scale, getting granular visibility into security issues, and detecting and blocking attacks in real-time. Aqua’s support for PKS is an extension of the company’s existing product line, providing enterprises with multi-cloud and hybrid cloud environments with the same level of auditability, accountability and protection across the full spectrum of their cloud native infrastructure. VMware Enterprise PKS “We are excited to continue our collaboration with VMware and to be validated for VMware Enterprise PKS," noted Upesh Patel, vice president, Business Development, Aqua Security. “Enterprise adoption of Kubernetes is exploding, and with it the need for a scalable enterprise security platform. The combined strength of VMware Enterprise PKS and Aqua’s CSP delivers a secure, enterprise-ready solution to deploy cloud-native applications.” VMware Enterprise PKS Partner Application Program allows partners to test and validate their solutions that interoperate with VMware Enterprise PKS platforms. By completing the Partner Ready process and achieving the Partner Ready PKS logo, partners validate their products interoperability with VMware technologies, and agree to solely manage customer support requests for the combined solution. Aqua’s CSP can be found within the online VMware Solution Exchange (VSX) here. The VMware Solution Exchange is an online marketplace where VMware partners and developers can publish rich marketing content and downloadable software for our customers.
Miotta, formerly Mivatek, has unveiled its newest “Smarter Premises as a Service,” allowing global service providers to offer turnkey, RMR-based, smart home, enterprise, and care protection services. Miotta SPaaS Multi-Cloud Software The new Miotta Smarter Premises as a Service, or SPaaS, relies on Miotta’s advanced mobile-cloud software The new Miotta Smarter Premises as a Service, or SPaaS, relies on Miotta’s advanced mobile-cloud software. Using this specialized software, service providers can offer their customers turnkey, automated, expandable video-IoT systems with integrated multipurpose and multi-location capabilities. These systems ultimately provide homeowners with collaborative video-verified security, safety, and care service, giving them the utmost peace of mind by ensuring that all respective authorized mobile users are alerted in the event of a security- or health-related event. Competing with ADT, Vivint, Comcast, and AT&T, Miotta’s SPaaS requires no professional installers, a significant cost savings. Miotta’s mobile-cloud allows service providers to offer interactive/collaborative, high-roof-count monitoring services, while dramatically reducing the providers’ capital and operating expenses and enabling them to expand their geographic range and scope of service. This translates to increased ARPU (average revenue per user) and allows Miotta’s B2B customers to collect valuable premises data, increase brand awareness, and strengthen customer loyalty. These security services are not only available to residential users but to enterprises of all sizes as well. Video-IoT Security System Consumers will see considerable benefits from Miotta’s SPaaS offering. Starting with a simple video-IoT security system, consumers can easily expand their system to cover multi-location smarter homes, and business security systems covering video-verified security, safety, and care protection services in one single mobile-app. The addition of professional monitoring services provides consumers with an additional security safety net. Further, the video verification feature of the system will help to significantly reduce false alarm rates. The user collaboration app allows the system owner to manage video access privileges with video privacy and supervisory control The user collaboration app allows the system owner to manage video access privileges with video privacy and supervisory control. Owners and family members can be functionally separated from neighbors, friends, and concierge oversight while all are alerted simultaneously in the event of an emergency. The video-verified app also connects to professional monitoring call centers. The event video recording and verification prevents false alarms, and the recorded-event video evidence ensures prioritized emergency response from first responders. Smart Home Solution “We are excited to unveil our newest Smarter Premises partnership program not only to security dealers but to global service providers,” said Joe Liu, Miotta CEO. “Our turnkey, video-integrated security, safety, and care mobile-cloud has made smart home and enterprise protection easy and affordable for service providers and consumers.”
ExtraHop, provider of enterprise cyber analytics from the inside out, has announced the new ExtraHop Panorama Partner Program. The Panorama Program is designed to enable global channel partners to accelerate the adoption and integration of network traffic analysis (NTA) to help enterprise customers modernize their security operations. Panorama Partner Program Fueled by 10x growth in cybersecurity, ExtraHop is expanding its global channel program by working with global resellers, distributers, managed services, and integration partners with deep domain expertise in the international security market. The new Panorama Partner Program supports these channel partners with industry-leading accreditation that provides the foundational knowledge and tools to accelerate integration of NTA into security operations. The accreditation program also offers partner sales engineers a deeper technical view of the ExtraHop solutions, including demos, key use cases and competitive differentiation. Through the program, partners can leverage the robust integrations offered by ExtraHop In addition to partner accreditation, the new partner portal provides easy access to just-in-time (JIT) sales and training materials that help ExtraHop partners rapidly identify use cases and fast-track solutions specially tailormade for their customers. The Panorama Partner Program also makes it easier than ever for channel partners to pair ExtraHop with industry leading technology solutions. Through the program, partners can leverage the robust integrations offered by ExtraHop with products including ServiceNow, IBM QRadar, and Splunk to provide their enterprise customers with full detection, investigation, and remediation capabilities. AWS CPPO Program Through the Panorama Program, partners also have the ability to deliver full cloud solutions using the AWS Consulting Partner Private Offer (CPPO) program. Through the AWS Consulting Partner Private Offer program, ExtraHop brings together sophisticated analytics, machine learning and threat investigation capabilities from Reveal(x), world-class security services and program development from channel partners to deliver best of breed cybersecurity for AWS customers. ExtraHop partners with leading organizations around the globe including Allentis, AppCentrix, Epicon, GuidePoint Security, KedronUK, Kite, Macnica, Miel, Optiv Security, Presidio and Trace3. “As the demand for ExtraHop Reveal(x) continues to expand, we look to the leading channel partners to support our rapid growth around the world,” said Mark Fitzmaurice, Vice President of Global Channel Sales, ExtraHop. “We depend on our partners to deliver the visibility, speed, and scale enterprise security teams need to rise above the noise of the endless traffic required for digital business. The Panorama Partner Program is designed to make our partners highly effective and more profitable based on their investments in ExtraHop.” What Partners Are Saying: The ExtraHop Panorama Partner Program offers an enterprise-class approach to help our customers gain more visibility" "At Kedron, we take pride in offering our customers a seamless experience with the best technology for their environment," said Roland Stigwood, Managing Director and Owner, Kedron UK. "The ExtraHop Panorama Partner Program offers an enterprise-class approach to help our customers gain more visibility across the complex, hybrid IT environments of today.” “Kite Distribution specializes in bringing disruptive technologies to the UK channel, with the goal of driving incremental value for our customers,” said Kip Tumber, Director for Kite Distribution. “As one of the fastest growing distributors in the UK, we look for vendors that align to our own growth ambitions. ExtraHop is a leader in the real-time data analytics sector and provides valuable insights to IT security teams. Their Panorama Partner Program also demonstrates ExtraHop are fully committed to working collaboratively with the channel. Our joint early successes, reseller recruitment, and pipeline generation point to a strong successful partnership.” ExtraHop also offers partners a Sales Academy and an Accreditation Program to provide advanced knowledge and tools.
Edward Snowden’s name entered the cultural lexicon in 2013, after he leaked thousands of classified National Security Agency documents to journalists. He’s been variously called a traitor, a patriot, a revolutionary, a dissident and a whistleblower, but however you personally feel about him, there’s one way to categorize him that no one can dispute: He’s a thief. There’s no doubt about it: Snowden’s information didn’t belong to him, and the scary truth is that he is neither the first nor the last employee to attempt to smuggle secrets out of a building – and we need to learn from his success to try to prevent it from happening again. Since the dawn of the digital age, we’ve fought cyber pirates with tools like firewalls, encryption, strong passwords, antivirus software and white-hat hackers. But with so much attention on protecting against cyber risks, we sometimes forget about the other side of the coin: the risk that data will be physically removed from the building. Douglas Miorandi, director of federal programs, counter-terrorism and physical data security for Metrasens, recently discussed the major risks to physical data security with SecurityInformed.com. Q: What Do You Believe Are The Main Physical Threats To Data? The biggest threats I have seen in the physical data security space have varied over the years, but there are four specific risks that remain the same across the board for any organization, which are: Every organization is at risk of having data walk out the building with that employee The Insider Threat The Outsider Threat The Seemingly Innocent Personal Item Poor or Nonexistent Screening To beginning with, every company or government agency has at least one disgruntled employee working for them, whether they know it or not, and that means every organization is at risk of having data walk out the building with that employee. That is what security experts call the insider threat. Q: What Do You Think Influences Employees To Steal Data From Their Own Organization? People steal data from their workplaces because they see some means to an end, whether it’s to expose something embarrassing or damaging due to a personal vendetta, or because they can sell it to a competitor or the media and benefit financially – meaning they don’t even need to be disgruntled; they might just want a quick way to make a buck. Financial data, too, is attractive, both for insider trading and selling to the competition. People steal data from their workplaces because they see some means to an end, whether it’s to expose something embarrassing or damaging due to a personal vendetta, or because they can sell it to a competitor or the media and benefit financially This can happen to both private companies as well as government agencies. Take Natalie Mayflower Sours Edwards for example, a Treasury Department employee who was caught in the act just last month, when she disclosed sensitive government information about figures connected to the Russia investigation to a reporter. She didn’t hack the system, she simply used a flash drive. And let’s not forget that Snowden was a contractor working for the NSA. Q: Many Of Us Think Of Security Threats Coming From An Outsider, Do Companies Still Face These Type Of Threats? Yes. Unfortunately, organizations do not only need to worry about their own employees – companies and government agencies need to be wary of threats from outsiders. COTS devices include SD cards, external hard drives, audio recorders and even smart phones They can come in the form of the corporate spy – someone specifically hired to pose as a legitimate employee or private contractor in order to extract information – or the opportunistic thief – a contractor hired to work on a server or in sensitive areas who sees an opening and seizes it. Either one is equally damaging to sensitive data because of the physical access they have. Q: Whether It Be An Insider Threat Or An Outsider Threat, What Are Ways These Individuals Can Steal Sensitive Data? There are two types of personal items that can be used to steal data: the commercially available off-the-shelf (COTS) variety, and the intentionally disguised variety. This is considered risk number three – the seemingly innocent personal item. COTS devices include SD cards, external hard drives, audio recorders and even smart phones, any of which can be used to transport audio, video and computer data in and out of a building. Intentionally disguised devices are straight out of the spy novel; they could be a recording device that looks like a car key fob, or a coffee mug with a USB drive hidden in a false bottom. Intentionally disguised devices are straight out of the spy novel; they could be a recording device that looks like a car key fob, or a coffee mug with a USB drive hidden in a false bottom Q: What Is The Difference Between COTS And Disguised Devices? The difference between COTS and disguised devices is that if someone gets caught with a COTS device, security will know what it is and can confiscate it. The disguised device looks like a security-approved item anyone could be carrying into the workplace, making it especially devious. Sometimes these devices don’t just function to bring information out of a building; they are used to damage a server or hard drive once it’s plugged in to a computer or the network. Some are both – a recording device that extracts data and then destroys the hard drive. Companies with airtight cyber security protocols can sometimes fall down when it comes to physically screening peopleQ: With These Types Of Discrete Items, Can Security Personnel Still Catch Individuals In The Act? For Example, Through Security Screenings? Poor or nonexistent screening is the most substantial security threat to any organization when it comes to sensitive data. Whether it’s an employee, an outside contractor or a device, the physical security risks are real, and everyone and everything entering and leaving a building needs to be screened. Unfortunately, screening often isn’t occurring at all, or is ineffective or inconsistent when it does occur. Even companies with airtight cyber security protocols can sometimes fall down when it comes to physically screening people and stopping them from stealing data through recording devices. Q: It’s Surprising That So Many Organizations Would Neglect Physical Security When Protecting Their Data. It’s a huge mistake, and the consequences can be dire. They range from loss of customer trust, exorbitant lawsuits and tanking stock prices in the private sector; and risks to national security in the public sector. Costs and resource allocation increase as well during efforts to reactively fix or mitigate the effects of physically stolen data. For both the private and public sectors, the risk for data to be physically removed from a building has never been greater. Years ago, it was much harder for the average Joe to figure out where they could sell stolen data. Now, with the Deep Web, anyone with Tor can access forums requesting specific information from competing spy agencies, with instructions on how to deliver it, greatly reducing the risk of getting caught – and increasing the likelihood people will try it. Although it’s getting easier to sell data, the good news is that all of these threats are avoidable with the right measures. Physical data security and cybersecurity must be considered the yin and yang of an airtight policy that effectively protects sensitive or confidential assets from a malicious attack Q: So How Can An Organization Protect Against These Risks? There are a number of ways – and the first one requires a change of mindset. Not long ago, the building/physical security department and the IT/cybersecurity department were considered two different entities within an organization, with little overlap or communication. organizations now are realizing that, because of the level of risk they face from both internal and external threats, they must take a holistic approach to data security. Physical data security and cybersecurity must be considered the yin and yang of an airtight policy that effectively protects sensitive or confidential assets from a malicious attack. Q: How Can Companies And Government Agencies Combine Both Physical Data Security And Cybersecurity Initiatives? Physical security managers can advise cybersecurity managers on ways to reinforce their protocols – perhaps by implementing the newest surveillance cameras in sensitive areas, or removing ports on servers so that external drives cannot be used. Organizations need to create an effective program and ensure it stays effective so people know it’s not worth the hassle to try In turn, the cybersecurity team can let the physical security team know that they have outside contractors coming in to work on the server, and the physical security team can escort the contractors in and stand guard as they work. Constant communication and a symbiotic relationship between the two departments are crucial to creating an effective holistic security protocol and, once you’ve got the momentum going, don’t let it slow down. Sometimes efforts start off strong and then peter out if priorities change. When guards are down, it’s an excellent time for a malicious actor to strike. organizations need to create an effective program and ensure it stays effective so people know it’s not worth the hassle to try. It’s not just about the mentality, though. Using the right technology is just as important. Q: What Type Of Technology Can You Use To Protect Physical Data? Many problems can be avoided by simply using the right technology to detect devices that bring threats in and carry proprietary information out. Electronics such as hard drives, cell phones, smart watches, SD cards and recording devices have a magnetic signature because of the ferrous metals inside them. Using a ferromagnetic detection system (FMDS) as people enter and exit a building or restricted area means that anything down to a small microSD card triggers an alert, allowing confiscation or further action as needed. Electronics such as hard drives, cell phones, smart watches, SD cards and recording devices have a magnetic signature because of the ferrous metals inside them Q: How Does FMDS Work? In the most basic terms, FMDS uses passive sensors that evaluate disturbances in the earth’s magnetic field made by something magnetic moving through its detection zone. Nothing can be used to shield the threat, because FMDS doesn’t detect metallic mass; it detects the magnetic signature, down to a millionth of the earth’s magnetic field. FMDS is the most reliable method of finding small electronics items and should be part of the “trust, but verify” model Although it is a passive technology, it is more effective and reliable than using hand wands or the walk-through metal detectors typically seen in an airport, which cannot detect very small ferrous metal objects. FMDS can see through body tissue and liquids, so items cannot be concealed anywhere on a person or with their belongings. Whether or not the items are turned on doesn’t matter; FMDS doesn’t work by detecting a signal, but rather by spotting the magnetic signature that electronics contain. This is ideal, because most recording devices do not emit any signal whatsoever. In my experience, FMDS is the most reliable method of finding small electronics items (as well as other ferrous metal objects, like weapons), and should be part of the “trust, but verify” model, in which companies assume the best of their employees and anyone else entering the building, but still take necessary precautions. Q: What Are The Key Takeaways For Organizations Looking To Enhance Data Security? The toughest challenge in the security sector – whether it’s cyber or physical – is remembering that the bad guys are constantly looking for ways to slip in through the cracks, and security departments need to stay one step ahead to ward off both internal and external threats. Recognizing the existing threats, putting together a holistic security strategy, and using the right technology to detect illicit devices comprises an effective three-pronged approach to protecting an organization’s data. Organizations cannot afford to be passive about security and assume employees won’t steal data and spies won’t sneak in. Strong countermeasures are necessary because data loss can come from both inside and outside, in both private and public sectors, from places not everyone thinks of – and with technology like FMDS acting as a backup to the human element, organizations can lock down their data and keep the wolves in sheep’s clothing from getting through the door.
There’s only so much a corporation can do to counteract the threat of a major incident. You can ask everyone to be vigilant and to report anything suspicious, but you cannot stop someone intent on deliberately starting a fire, threatening a work colleague with a knife or something much worse. And of course, most businesses recognize that even routine events – such as burst pipes, IT system failures, extreme weather event or power outages – can have significant consequences unless they are quickly brought under control. Training Security Officers Governments and organizations across the world are increasingly encouraging businesses to re-assess risks and to plan for and conduct drills for major emergencies. This is driving different agencies and companies to invest in new skills, resources and systems, and encouraging businesses to routinely re-evaluate their emergency response strategies. UK police forces are increasingly training security officers in the public and private sectors on how best to react to potential terrorist incidents For example: UK police forces are increasingly training security officers in the public and private sectors on how best to react to potential terrorist incidents, as part of the UK government’s Action Counter Terrorism program. And organizations including the Association of University Chief Security Officers (AUCSO) and Higher Education Business Continuity Network (HEBCoN) are developing customized training for their members to improve their own response and business continuity plans. Mass Notifications Systems Whether an organization is facing a terrorist attack or a severe weather event, follow up reports consistently identify that the same types of challenges are common to all crisis situations, with similar errors often occurring again and again. Typically, these are centered on three key areas: poor communications, fractured command and control structures, and delayed deployment of resources. Communications skills and technologies clearly play a pivotal role in how effective an organization is in responding to major incidents, particularly when it comes to assessing the situation and its implications, moving people towards safety and providing updates as an incident unfolds. However, when an organization is considering its technology options, emergency response and mass notification systems (MNS) are often touted as the ideal platform to deliver all the required critical communications and ongoing updates. UK police forces are increasingly training security officers in the public and private sectors on how best to react to potential terrorist incidents Emergency Notification System All the incident reporting, command and control, and communications functions have been brought together on a single platform But, if an organization does not know exactly where all its staff or students are, and it cannot see the location and availability of its first responders and other emergency coordinators relative to them and the incident, then how useful is it to send a top-down alert to everyone? And what about fast moving or multi-centre incidents, where previously agreed evacuation procedures, recommended actions or mustering points may need to change if an incident takes an unexpected turn? Many organizations may have been lulled into believing that an emergency notification system will allow them to confidently handle all the communications aspects of virtually any crisis. In reality, too many businesses are still unaware that there are now much more sophisticated and proven technologies where all the incident reporting, command and control, and communications functions have been brought together on a single platform. Using Live Map Tracking The benefit of using these advanced and more integrated approaches – often categorized as mobile distributed command and control systems – is that they enable faster and better decision making in a crisis using real-time feedback and two-way dialogue with those closest to the emergency. And they avoid the risks of any potential delays, miscommunications or mistakes that can happen when an organization is under pressure to respond and often switching between multiple systems. Leading universities and multi-national corporations are already using new mobile/web-enabled platforms to improve their incident response These next generation emergency management platforms have been specifically designed to enable real-time mapping of an organization’s security assets and its users on a single screen and to fully integrate it with a highly targeted geo-fenced notification capability. The mass notification aspect of the system can then be used to advise specific groups on the best actions to take at their location as an incident develops. The use of live map tracking enables real time mapping of an organisation's security assets Segmented Messaging Many leading universities and multi-national corporations are already using these new mobile/web-enabled platforms to plan, manage and improve their incident response, leading to 50% faster reactions and more positive outcomes.During a crisis, users can receive push notifications so the security centre can immediately see their exact location and advise them accordingly The systems have been widely adopted within the higher-education sector, but they are equally applicable to any large company with multiple international sites or those situated in research or corporate campuses where the bulk of assets and people are based in one or more key locations. Typically, systems provide users with a smartphone app that they can use to call for immediate emergency or first aid support when at work, or to report something suspicious which could prevent an apparently minor incident from escalating into a full-scale emergency. During a crisis, users can receive push notifications, SMS and E-mails asking them to open the app if they are not already logged in, so the security center can immediately see their exact location and advise them accordingly. Supporting Dispersed Mustering Now that communications can be more nimble, responsive and flexible this can support the increasing numbers of planners are recognizing the advantages of dispersed mustering. This is a strategy that has been developed to reduce the risk of secondary attacks on unprotected people complying with instructions to evacuate from premises and gather in what are, effectively, exposed locations. It is now acknowledged that evacuees waiting outside for any length of time are more vulnerable to targeted attacks or to injury, from flying glass for example. With dispersed mustering – a strategy made more effective by these new mobile distributed command and control systems - a building’s occupants can be advised not to go outside, but to move to known safe internal locations. People in each specific area can then be kept regularly updated. Many corporations are now using new mobile/web-enabled platforms to improve their incident response Coordination Between Response Agencies The software platforms can be integrated with an organization’s fixed security infrastructure to take real-time sharing of information First responders are permanently logged in, so the emergency operations center can see their exact locations in real-time and can advise what actions to take in mustering people or in setting up and protecting security cordons. Bringing everything together on one platform, with real-time feedback and in a fully integrated system also removes what is often seen as the weakest communication link in managing any major incident: the need to rely on conventional two-way radio as the sole means of communication between the command and control center and its first responders and other team members on the ground. The software platforms can be integrated with an organization’s fixed security infrastructure to take real-time sharing of information to a new level for improved collaboration, coordination and communications between users, the incident management team and external agencies. Improving Emergency Response Strategies One of the most powerful features of some of these new systems is the ability to record and view all alerts, responses and the detailed conversations between first responders, emergency coordinators and other parties. This allows the systems to be used to simulate major incidents involving inputs from the emergency services and other key agencies and to ensure the organization’s crisis management plans have been fully tested against a range of possible incident scenarios.
Video surveillance across the world is growing exponentially and its major application is in both public safety and law enforcement. Traditionally, it has been fixed surveillance where cameras provide live streams from fixed cameras situated in what is considered strategic locations. But they are limited in what they can see given by their very definition of being “fixed”. The future of video surveillance includes the deployment of more mobile video surveillance with the benefits it offers. Instead of fixed cameras, this is the ability to live stream from mobile devices on the move such as body-worn cams, drones, motorbikes, cars, helicopters and in some cases, even dogs!Sending drones into the air, for example for missing people or rescue missions, is much more cost-effective than deploying helicopters Advantages Of Mobile Surveillance The advantage of mobile surveillance is that the camera can go to where the action is, rather than relying on the action going to where the camera is. Also, sending drones into the air, for example for missing people or rescue missions, is much more cost-effective than deploying helicopters. The ability to live stream video from cars and helicopters in high-speed pursuits can be used to take some of the operational issues from the first responders on the ground and share that “life and death” responsibility with the operational team leaders back in the command center. This allows the first responders in the pursuit vehicle to focus on minimizing risk while staying in close proximity of the fleeing vehicle, with direction from a higher authority who can see for themselves in real time the issues that are being experienced, and direct accordingly. In addition to showing video live stream from a pursuit car or motorcycle, by using inbuilt GPS tracking, the video can be displayed on a map in real time, allowing a command chief to better utilize additional resource and where to deploy them, through the use of displaying mapping information with real time video feed. It allows police chiefs to make better informed decisions in highly-charged environments. The 4G phone network can now be used with compressed video to live stream cost effectively Application in emergency situations The same is true of first responders in many different emergency situations. Mobile surveillance opens up a new area of efficiencies that previously was impossible to achieve. For example, special operations can wear action body-worn cameras when doing raids, fire departments can live stream from emergency situations with both thermal and daylight cameras, and paramedics can send video streams back to hospitals allowing doctors to remotely diagnose and prepare themselves for when patients arrive at the hospital. How can special operations and emergency first responders live stream video from a mobile camera with the issues of weight, reliability and picture-quality being considered? H265 Mobile Video Compression Law enforcement insists on secure transmissions, and it is possible to encrypt video to the highest level of security available in the public domain The 4G phone network can now be used with compressed video to live stream cost effectively. The issue of course is that 4G is not always reliable. Soliton Systems has mitigated this risk of low mobile quality in certain areas, by building an H265 mobile video compression device that can use multiple SIM cards from different cellular providers simultaneously. H265 is the latest compression technique for video, that is 50% more effective than conventional H264, and coupling this with using multiple “bonded” SIM cards provides a highly reliable connection for live-streaming high-quality HD video. The 400-gram device with an internal battery can be connected to a small action cam, and can live-stream simultaneously over at least three different cellular providers, back to a command center. Latency is typically less than a second, and new advance improvements are looking to reduce that latency further. Encrypted Video Transmission What about security? Law enforcement insists on secure transmissions, and it is possible to encrypt video to the highest level of security available in the public domain, i.e. AES256.What about integration into existing video infrastructure at the command center? It is not untypical for a police force to have an existing video management system (VMS) at their command center such as Milestone System’s Xprotect. The Soliton range of products are ONVIF-compliant, a standard used by video surveillance cameras for interoperability, allowing cameras and video devices that are ONVIF-compliant to simply “plug&play” into existing video management systems. These mobile transmitters are deployed with law enforcement and first responders across the globe. Their ability to provide secure, full HD quality and highly-reliable video streaming within a small unit, and to enable it to be integrated into the current eco-system that is already installed at the receiving end, has made them a favorite choice with many companies and government agencies.
While most security teams are focused on preventing malicious outsider attacks, recent data suggests that close to 30 percent of confirmed breaches today involve insiders. Today’s increasingly complex networks across physical, information technology (IT) and operational technology (OT) systems make it difficult for security teams to detect and prevent insider threats. This is compounded by the proliferation of data, devices, applications, and users accessing networked resources. Rising insider malicious attacks threat As the threat landscape evolves rapidly, CISOs need to step up their game According to the 2017 U.S. State of Cybercrime Survey, 50 percent of organizations experience at least one malicious insider incident per year. And the Verizon 2018 Data Breach Report found that close to 30 percent of confirmed breaches today involve insiders. In August 2018, a tragic crash involving a Seattle airplane stolen by an employee raised awareness for the need for physical insider threat awareness (as well as more psychological screening before employment). As the threat landscape evolves rapidly, CISOs need to step up their game, says Aamir Ghaffar, Director of Solutions Engineering at AlertEnterprise. They should implement security controls that protect their company’s people, physical assets, data, intellectual property, and reputation both inside and out. And they need to do it while simultaneously satisfying industry compliance requirements. In response to our questions, Aamir Ghaffar offered some additional insights on the timely topic of insider threats. Q: We are hearing discussion about the emergence of cyber-physical security systems. What are they and how do they help organizations address insider threats? Threats now originate not only in the physical space but also in cyber environments Ghaffar: The concept of convergence has evolved in response to risk and the overall threat landscape. Threats now originate not only in the physical space but also in cyber environments – this is what is commonly referred to as blended risk. These blended risks require a converged approach and a converged view of security as a whole; connecting data, building new capabilities and gaining new insights to allow security teams to better defend against attacks. Q: How are organizations responding? Ghaffar: They are shifting towards centralization – from the security operations center all the way to the executive level, where one C-Suite executive manages all security across physical, IT and OT domains. According to Gartner by 2023, 75% of organizations will restructure risk and security governance to address new cyber-physical systems (CPS) and converged IT, OT, Internet of Things (IoT) and physical security needs, which is an increase from fewer than 15% today. Q: How does the shift impact insider threats? Ghaffar: Unifying cyber and physical unlocks powerful new capabilities. For example, cyber-physical teams faced with a threat such as an intrusive device planted within their network environment, can quickly connect the cyber footprint to a physical location – understanding where the threats originate and identify those responsible for bringing it in. Converging physical and cyber identity through platforms that connect physical access control, IT and OT systems is an example of how organizations can better prepare for blended security threats An AI-enabled automated system is the most practical and human error-proof solution today Q: How is AI being used to protect against insider threats? Ghaffar: With increased security convergence we are now collecting such a large volume of data that relying on manual detection of insider or external threats is no longer a viable solution. An automated system, powered by artificial intelligence used with digital identities, is now the most practical and human error-proof solution today. AI and machine learning (ML) technology helps organizations map complex patterns of user behavior, process tens of millions of events within seconds to detect threats in near-real-time and respond swiftly. This benefits security operations personnel to go from distraction to action, allowing them to focus on what really matters, which are their most critical security events. Q: Sometimes the threat is about human error. Oftentimes we think the most harmful insider threats are intentionalGhaffar: Oftentimes we think the most harmful insider threats are intentional; however, unintentional user behavior and negligence could have serious ramifications for an organization. Organizations should deploy technology that delivers automation and active policy enforcement to prevent employees from making inadvertent yet critical errors. Organizations should also do regular risk assessments – not one and done. Don’t implement a process and think you’re secure. Automated identity and access management technology can provide scheduled access reviews to help detect high-risk user profiles with accumulated or a toxic combination of access, as well as segregation of duties violations due to department change or job transfers. Q: What are the biggest misconceptions about insider threats? Ghaffar: First, that the biggest threats originate outside my company. Or that insider threats are a problem for government agencies and highly sensitive organizations, not “regular” companies like us. A company may also mistakenly think that they have limited assets that could be exposed, or that the assets are of little value; therefore, a large-scale breach is less likely to happen. And even if it does, it probably won’t have a big impact. Risk management leaders should start by developing a compelling visionQ: So, they think “it can’t happen here.”? Ghaffar: Yes, and they think their employees are inherently trustworthy, and that with basic security measures in place, the risk is small. They think that insider threats are always intentional. Or they think “it’s not my job.” Q: What next steps should security leaders take in addressing insider threats in their organization? Ghaffar: Security and risk management leaders should start by developing a compelling vision and strategy that will resonate with key company stakeholders. They can expand the visibility they have into user activity beyond things that happen on the network. Go beyond a data-centric approach to a people-centric approach through identity behavior analysis. Improving visibility into user activity and taking a more preventive approach are the best ways to manage risk of an incident. Develop an inside-out approach to security. By converging physical, cyber and OT security you’ll gain a holistic view of your enterprise-wide security landscape.
Among the cloud’s many impacts on the physical security market is a democratization of access control. Less expensive cloud systems are making electronic access control affordable even to smaller companies. cloud-based access control With the growing cloud-based access control market, integrators can find more opportunities in small businesses and vertical markets that typically wouldn’t be on the radar of their sales team. Large upfront costs for a server, software and annual licensing previously made a typical electronic card access system cost-prohibitive. With cloud access, integrators can offer less expensive upfront costs with low monthly subscription fees that cover all software updates, database backups, security patches and more. The benefit for the integrator is recurring revenue that increases their profitability The benefit for the integrator is recurring revenue. While helping clients save money on server, software and IT infrastructure costs, integrators secure recurring revenue that increases their profitability. Building recurring revenue not only provides cash flow but also keeps a manufacturer’s name on the top of the minds of customers and leads to additional sales. Mobile Access Continued investment in mobile access and cloud technology is essential to meet the access control needs of the booming multi-family housing and shared office-space markets. Managing access control for end users and residents in these verticals is challenging. Use of mechanical keys in these environments is too expensive and time consuming; it’s necessary to deploy wireless, technologically-advanced solutions. Managing access control for end users in different verticals is challenging, thus it’s necessary to deploy wireless, technologically-advanced solutions While the security industry has traditionally been slow to adopt IT technologies, the cloud is the exception. Large IT industry cloud players such as Amazon Web Services, Microsoft, and Google are being used by security industry professionals to provide systems that are easier to install, maintain, and administer and are far more secure and less expensive than a customer can provide on their own. Advancing cloud technology Cloud technologies give people access through their mobile phones and other devices Enterprise customers increasingly want to be able to use smartphone apps to open doors, authenticate to enterprise data resources or access a building’s applications and services. They seek to create trusted environments within which they can deliver valuable new user experiences; in effect, there is a demand for “digital cohesion.” Cloud technologies are a key piece of the solution. They give people access through their mobile phones and other devices to many new, high-value experiences. At the same time, they help fuel smarter, more data-driven workplace environments. With the arrival of today’s identity- and location-aware building systems that recognize people and use deep learning analytics to customize their office environment, the workplace is undergoing dramatic change. Application programming interfaces Cloud-based platforms and application programming interfaces (APIs) will help bridge biometrics and access control in the enterprise, overcoming previous integration hurdles while providing a trusted platform that meets the concerns of accessibility and data protection in a connected environment. Cloud-based platforms, APIs will help bridge biometrics and access control in the enterprise “A big growth driver for the cloud is demand from enterprises that no longer look at access control simply for securing doors, data and other assets,” says Hilding Arrehed, Vice President of Cloud Services, HID Global, one of our Expert Panelists. “They want to create trusted environments within which they can deliver valuable new experiences to users. Cloud technologies make this possible by enabling people to use mobile devices for new applications and capabilities.”Cloud-based platforms and application programming interfaces (APIs) will help bridge biometrics and access control in the enterprise Cloud-based platforms For example, cloud-based platforms will provide the backbone for quickly adding complementary applications like biometrics, secure print, virtual photo IDs, and vending as well as other access control use cases and emerging permission-based capabilities yet to be developed. “Cloud-based platforms facilitate new managed service models for mobile IDs and secure issuance and will fuel simplified development environments and easy integration into vertical solutions,” says Arrehed. “They have the potential to give organizations greater flexibility to upgrade and scale security infrastructure, improve maintenance and efficiency, and accelerate ROI.”
Deploying security robots at a company is about more than providing and programming the hardware. There is also an element of “change management” involved in smoothing the way for robots to play a security role working side-by-side with human counterparts. Rising Popularity Of Security Robots As security robots increase in popularity, more companies are adapting to such cultural challenges "As security robots increase in popularity, more companies are adapting to such cultural challenges. Many Fortune 100, technology, finance and defense companies have begun using security robots, and some are asking to expand their implementation", says Travis Deyle, CEO and co-founder of Cobalt Robotics. "It is a complex solution that involves merging technology with people." “More people are looking at how they can deploy and test this technology, dipping their toes in the water,” says Deyle. “Financially the risk is low, but culturally it is pretty acute. It is a very visible piece of technology moving through your most sensitive spaces and interacting with employees.” Change Management “Doing change management and addressing the cultural implications inside the company are the biggest challenges we face,” Deyle adds. “We have to make sure that people know what the robot is there for, what it does and how it helps them. There is a social contract between companies and employees about what information is being collected and how is it being used.” The technical onboarding of a robot is the easy part, says Deyle. “The robot goes in, maps out the space; it takes about an hour. The bigger part is the cultural onboarding.” The process involves working closely with the company’s communications team to manage how the use of robots is messaged throughout the company. Deyle suggests doing a Q&A event where employees can touch and feel the robot and get comfortable. “We tailor the interaction to the individual company,” he says. Importance Of Communication Communication with employees, tenants, clients, law enforcement, etc. is very important Communication with employees, tenants, clients, law enforcement, etc. is very important and, if done well, all goes smoothly, agrees William Santana Li, Knightscope Chairman and CEO. “Showing up with a 400-pound, 5-foot-tall autonomous robot, deploying it and not telling anyone what is happening is ill advised!” Knightscope also advises potential end users to identify clearly the areas of improvement needed in a security program to guide the deployment of robots. Beware of “Science Fiction Disease,” whose symptoms include unrealistic expectations or fears emanating from Hollywood depictions of robots over the years. Expectations should be spelled out: Keep ongoing and clear communications between the provider and the client, continuing to make improvements together. Future Of Robotics And AI Users should also think clearly through their source of funding, including the second and future years of an implementation. Communication is key, involving stakeholders from the CSO to facilities, purchasing to human resources, finance to the CEO. The future of robotics in corporate America is more than the development of the technology. Given advances in artificial intelligence (AI), sensors and software, the technology is the easy part. Thinking more broadly about how robotics can excel in the corporate environment – and make companies safer – is the next big obstacle on the path to effectively using the powerful technology.
People’s Choice Credit Union is one of Australia’s largest Credit Unions, with 365,000 members and 44 locations across South Australia, Northern Territory, Victoria, Western Australia, and Australian Capital Territory. People’s Choice Credit Union (People’s Choice) has earned a reputation as a forward-thinking and highly innovative company that is radically changing the banking experience for its members and employees. From their head-office to their branches throughout Australia, People’s Choice is utilizing new technology to improve service to members, be more efficient, reduce costs, and decrease their environmental footprint. Smarter workspaces Operating an innovative, modern working environment that utilizes flexible workspaces in place of traditional desks, People’s Choice staff are not allocated a specific desk but instead choose where they wish to sit each day. They can even choose whether they wish to sit or stand, by having desks that can be raised or lowered to suit personal preference. Flexible work environments are proving popular for large corporate companies due to the ability to increase company-wide communication, support project work, improve productivity, reduce clutter, and save costs. “With a large staff, there is always a number of people out of the office, whether it’s on sick or annual leave, or working on business outside of the office.” said Mike Humphrey, Manager of Property Services at People’s Choice Credit Union. “By implementing a flexible workspace model, we have been able to save approximately 3,000 square meters of office space which equates to thousands of dollars each year in building costs” said Mike. Multi-technology smartcard T20 and T10 readers Using Gallagher’s smartcard T20 and T10 readers on each locker bank, staff badge their access card to open their allocated locker To facilitate the operation of a flexible work environment and provide employees with storage for their personal effects (work-related material is stored elsewhere), People’s Choice uses banks of brightly colored lockers that are managed by electronic access control. Using Gallagher’s smartcard, multi-technology T20 and T10 readers on each locker bank, staff badge their access card to open their allocated locker. With the readers communicating with Gallagher’s Command Center software management platform, People’s Choice has a simple to operate, customizable system that enables staff to carry just one card on site. “We’re all about putting people first. As an organization we’re not afraid to try new ways of doing things, and as a result we’re seeing significant improvements for our members and staff.” Mike Humphrey, Manager of Property Services, People’s Choice Credit Union. Command Center Mobile App Utilizing Gallagher’s innovative Command Center Mobile App, key facilities management personnel are able to manage access remotely using their mobile phone. “Occasionally staff forget their access card and I’ll get a phone call to open their locker for them. Being able to access the platform and administer overrides using my phone, from wherever I am at the time, is huge for me” said Mike “and it speeds things up considerably for the employee”. With people working in different areas at different times, People’s Choice needed a printing solution that simply and easily enabled staff to retrieve printed documents from the nearest printer. People’s Choice was also looking for a solution that helped to cut down on unnecessary waste. Follow-Me Printing solution To meet both of these needs, People’s Choice installed Follow-Me Printing. This printing solution stores print jobs electronically until a user badges their Gallagher access card at a printer to retrieve their files. At this point, the user can terminate any print jobs they no longer need, cutting down on waste. The solution further reduces waste through a configuration that deletes any printing jobs that haven’t been actioned within a 24 hour period. “One of the truly efficient things about our set-up is that our printing integrates with our access control solution.” said Mike. “It means that staff only have one card for all of their access needs on site; they can access the various office floors, lockers, and printers all with a single card, instead of also having keys and pin numbers to manage.” Temperature management solution Any change in temperature beyond the set limits, triggers an alarm notification Through a Gallagher Bacnet integration, People’s Choice has implemented an automated, continuous temperature management solution for the large data center located at their head office. With temperature sensors communicating directly with Command Center, any change in temperature beyond the set limits, triggers an alarm notification to be sent directly to Mike’s phone. According to Mike “The capability for Gallagher’s platform to send critical information, like the potential overheating of a server room, straight to my phone was a big selling point for us. It provides a simple mobile solution to mitigate a considerable business risk.” Visitor management To support efficiency at their head office reception area, People’s Choice chose Gallagher’s Visitor Management Client and Self-Registration Kiosk. The self-registration kiosk serves as an ideal “extra lane” during particularly busy periods, ensuring that visitors are able to register their arrival quickly and effortlessly without delay. The integration between Gallagher’s visitor management solution and Command Center, ensures that a comprehensive audit trail of all visitor management events, including visitor pre-registration, escort, host, and visitor actions, is securely stored and can be easily retrieved to produce reports.
Two years ago, LABS opened up its new co-working facilities in Camden Market and has a number of locations centered around this iconic area of London. LABS isn’t just popping up in random locations but creating a co-working ecosystem of interconnected buildings and communities. Many companies who hire space are high tech, therefore they expect the facilities they work in to include the latest technology. The challenge LABS faced when developing a co-working environment was to offer a safe and secure working environment that is easy to use by both the clients and staff and uses the latest technology features and provides flexibility and future proofing. Gallagher Command Center The Gallagher solution was specified for the project because of the central hub it provides The Gallagher solution was specified for the project because of the central hub it provides as well as its ability to integrate with a number of products, such as visitor management software (VMS) and CCTV. The Gallagher Channel Partner was able to offer a tailored security package that ensured LABS premises are safely monitored, guaranteeing smooth day-to-day operation. The buildings are managed by Community Managers, whose role is to understand all the companies and people who work within the LABS buildings. With this understanding the managers can bring the community together and help create beneficial relationships. Community Manager at Camden, Fran, is able to use Gallagher Command Center for a number of tasks such as monitoring who enters the building including visitors, checking which meeting rooms are reserved, what hospitality is required etc. Bluepoint Real-Time Access Management LABS also use Bluepoint Real-Time Access Management (RAM), which integrates with the Gallagher Visitor Management system to create and modify cardholders and groups. Commands sent from the integration provide muster functionality and enables Community Managers, like Fran, full visitor and staff journey awareness. In order to attract new clients, the building runs open events and also allows people to book a tour. Guests will receive a QR code on their mobile phone so they can enter the building. Fran will receive a notification to say her guest has arrived so she can meet them and show them round. People within the building can also use the same functionality for visitors. Mobile access control Leases can be short, medium or long term and range from the occupation of offices to desks Everyone who works within a LABS building has access to an app so they can book meeting rooms seamlessly, find talent, swap skills, and engage with the community. This is the customer facing tool which links to Command Center to ensure when someone books a room the relevant people are notified, and the system is updated. Leases can be short, medium or long term and range from the occupation of offices to desks. This means there are lots of leases starting and ending at different times making it difficult to keep track. By integrating with Command Center access can be instantly revoked should a lease lapse, saving Community Managers time by not having to manually deny access.
Boon Edam Inc., globally renowned security entrances and architectural revolving doors manufacturer, has announced that a multi-story office building in London was recently refurbished to upgrade its existing Boon Edam revolving doors and optical turnstiles. Now adorning the entrance are two all-glass Crystal TQ revolving doors, accompanied by an array of slim Lifeline Speedlane Swing optical turnstiles in the lobby. Revolving doors, optical turnstiles Originally opened in 1980, Riverscape is a 63,000 square foot, multi-story office space located at 10 Queen Street Place. The modern development sits on the sought-after area of the River Thames, just minutes from the bustling area of Cannon Street Station. Recently, the building owners decided to upgrade the look and feel of Riverscape, incorporating the current trends of open atriums, flexible floor space and usable rooftop space. Project also included the replacement of legacy Boon Edam revolving doors and optical turnstiles with updated solutions The refurbishment project also included the replacement of legacy Boon Edam revolving doors and optical turnstiles with updated solutions. Leading the design of the renovation were architect Aukett Swanke; interior designer Barr Gazetas; and Overbury as main contractors. High-tech security entrances As is common with older entrance installations, Riverscape decided to renew its revolving doors and optical turnstiles to achieve a more modern look and feel, and to upgrade the associated technology. The client returned to Boon Edam when selecting their new entrance solutions. At the main entrance to the office space, the existing TQM manual doors were replaced with two, tall Crystal TQ revolving doors. Constructed virtually completely from glass with minimal stainless steel accents, the Crystal TQ accentuates Riverscape’s all-glass façade, providing an elegant and timeless entry experience for all employees and guests. Lifeline Speedlane Swing In the main atrium space, the original Speedlane 900 optical turnstiles were upgraded to the new Lifeline Speedlane Swings. The Speedlane Swing combines security with aesthetics and is particularly popular because it features the slimmest cabinets in the industry – only four inches wide. To enhance security at the facility, Riverscape wanted a solution for monitoring and managing visitors to the office space. To enhance security at the facility, Riverscape wanted a solution for monitoring and managing visitors to the office space To achieve this, they decided to integrate the Lifeline Boost access control pedestal with their Speedlane Swing optical turnstiles. The Boost attaches to the end of the Swing and allows for integration with a variety of access control technologies, such as biometric devices, card collectors and barcode scanners. Integrated technology Employees enter the work area by scanning their credentials at the turnstile itself, while guests are issued a temporary access card with a special barcode that is scanned at the Boost pedestal. The Boost retains the card, enabling the reception staff to eventually reuse that card for future guests. “Using our barcode scanners, visitors can book in with reception, receive an entrance card and badge in and out conveniently through the lanes,” says Boon Edam Limited’s Field service Sales Executive, Graham Coulter.
W Group is one of the foremost developers of premier office buildings in Manila, the capital of the Philippines. In the financial district of Bonifacio Global City, W Group recently completed two state-of-the art office buildings: The 25-story Citibank Plaza building offers 50,000 square meters of offices spaces, while the 29-story W City Center boasts 55,000 square meters of offices plus three stories of retail space. Citibank occupies the entire Citibank Plaza building, while W City Center is home to a range of local and internationals enterprises. Every tenant has different needs in terms of floor plans: Call centers require open spaces while other businesses divide entire floors into individual offices. Centrally-managed fire alarm system Bosch experts installed advanced optical smoke detectors – 2,000 units at Citibank Plaza and over 1,300 at W City Center Putting the safety of tenants first, security managers at W Group needed a fire alarm system that allowed for central management of each building in its entirety while accommodating unique tenant safety needs. They commissioned Bosch Philippines to equip Citibank Plaza and W City Center with a seamless interface of fire detection and public address systems in a scalable solution. At both locations, Bosch experts installed advanced optical smoke detectors – 2,000 units at Citibank Plaza and over 1,300 at W City Center – for quick and accurate fire detection, supplemented by heat detectors and manual call points. Connected to the Modular Fire Panel 5000 Series, the number and positioning of detectors can be adjusted and expanded flexibly to meet every tenant’s floorplan. IP-based fire safety system The IP-based system provides full visibility to operators: Each building floor is defined as its own zone, while addressable smoke detectors report the exact location of a fire down to a specific room. For ease of maintenance, the advanced detectors perform constant self-monitoring and send cleaning or replacement alerts to the Modular Fire Panel 5000 Series. At Citibank Plaza, the solution is part of the Building Integration System (BIS) from Bosch, allowing operators to use the BIS Automation Engine as the graphical user interface for monitoring and control of alarms on a single platform. The system features Smart Safety Link – a superior interface between the fire alarm system and the Plena Voice Alarm System (VAS) from Bosch. This secure interface can be set up and configured in a matter of minutes through the RS232 connection (serial interface standard). By comparison, creating a point-to-point connection for ten evacuation zones would require up to two hours. Smart Safety Link Combination of fire alarm and voice instructions achieves time for emergency responders The Smart Safety Link achieves an added level of security: In case of fire or emergency, operators can conduct an evacuation by zones in order of priority. Evacuation starts with occupants closest to the threat – building occupants are addressed over separate loudspeaker zones – then moving on to adjacent floors for a highly effective approach to an emergency. Plena Voice Alarm System (VAS) The Plena VAS provides clear pre-recorded voice instructions supported by coordinated horn and strobe alarms. This combination of fire alarm and voice instructions achieves time for emergency responders. Meeting the requirements of the developer, the interfaced Bosch system has proven an asset at Citibank Plaza and W City Center. The flexible and modular system is easy to expand and adjusts to changing tenant needs, while the seamless interface between fire alarm and public address creates a complete safety chain from earliest detection to orderly evacuation.
With roots dating back to the year 1948, Italian pharmaceutical company Alfasigma is dedicated to advancing the state of healthcare under the company motto, ‘Pharmaceuticals with Passion’. Headquartered in Bologna, the multinational corporation was created in 2017 by the merger between Alfa Wassermann and Sigma-Tau. As a result, Alfasigma now employs about 3,000 people and markets a wide range of therapeutic drugs in 18 countries including the US, China, Russia and several European countries with annual revenues of EUR 1.06 billion. In order to keep up with the company’s ongoing evolution while emphasizing building protection, Alfasigma decided to update the infrastructure of its corporate offices in Milan and Bologna. This large-scale remodeling project also required updating the fire alarm, intrusion detection and video security systems at both facilities to the highest standards. Security Cameras For Outdoor Surveillance On the exterior of the buildings, FLEXIDOME IP starlight 7000 VR cameras were installed to provide 24/7 securityAssuming a long-term perspective, Alfasigma management headed into the project with three key requirements: First, saving cost by refurbishing already installed system components such as intrusion and fire alarm detectors. Second, accommodating for future building expansions and saving additional costs by installing a future-proof and scalable system. And third, adding around-the-clock security to the building’s exterior through modern security cameras built for outdoor use. For this reason, Alfasigma commissioned Bosch as the one-stop provider to equip the Milan office – home to the International Division – as well as corporate headquarters in Bologna with an IP-based solution. The video security set-up includes high-definition DINION IP 5000 HD cameras connected to recording stations and offering 1080p resolution images at 30 fps. On the exterior of the buildings, FLEXIDOME IP starlight 7000 VR cameras were installed to provide 24/7 security. Recording at 1080p and 60fps, the cameras incorporate starlight technology to deliver relevant images even in challenging light conditions. Extremely weather-resistant, water-tight and able to withstand high impacts, the cameras are highly suited for outdoor use, confirmed by IP66, NEMA type 4X and IK10 rating and installation in mission-critical environments such as airports and government buildings worldwide. MAP 5000 Installed With LSN Detectors The new fire alarm system is interfaced with the voice alarm system Plena via Smart Safety Link“The video surveillance products are excellent and have impressed me the most. We are very satisfied, above all, with the high quality of the products,” said Stefano Borsarini, Facility, Maintenance and EHS Manager at Alfasigma facilities in Bologna and Milan. The cameras are supplemented by the intrusion panel Modular Alarm Platform MAP 5000 installed with LSN detectors – a large portion refurbished from the legacy system – to safeguard Alfasigma’s offices at night. Fire alarm is provided by the Modular Fire Panel 5000 Series with four loops, processing signals from 190 fire alarm detectors and 28 manual call points. The new fire alarm system is interfaced with the voice alarm system Plena via Smart Safety Link thus optimizing the operational security via a monitored connection. Successfully installed and customized according to client specifications, the Bosch fire alarm, intrusion detection and video security solution maintains the safety of Alfasigma’s employees and property at both sites. It also fulfills the key customer requirement of accommodating for future expansions in a modular, IP-based system that is able to keep pace with Alfasigma’s rapid evolution as an innovative multinational company.
IndiaNivesh is one of the leading financial services conglomerate in India. IndiaNivesh is into various aspects of investment banking and consulting business. It plans to emerge as a dynamic, customer-centric, and progressive financial group in the country with PAN India presence. Having its head office in Mumbai, IndiaNivesh is growing with eight regional offices and 29 branch offices across India. Project Specifics Application: Time-Attendance and Access Control Locations: 32 (PAN India) Users: 500 Units Installed: 60 Readers: Fingerprint and RFID Card IndiaNivesh being widely involved in financial services business with 29 branch offices and 8 regional offices across India, required eradication of forged attendance data and manual attendance process, as security is a crucial aspect for them. To streamline and manage attendance data of all employees accurately and perform calculation of error-free salary has been a tedious task. It has been challenging to integrate their existing payroll software with the time-attendance software. COSEC Time-Attendance Solution Matrix offered COSEC time-attendance solution helped in connecting all its regional and branch offices to their head office in Mumbai Matrix offered COSEC time-attendance solution which has web-based architecture and helped in connecting all its regional and branch offices to their head office in Mumbai. Implemented automatic salary calculation as Matrix COSEC time-attendance software got easily integrated with existing payroll software. Result Real-time attendance of all employees at a centralized location Integration with its existing payroll software Ease of Implementation using the existing infrastructure Fraudulent timekeeping is completely eliminated Accurate In/Out time of each employee recorded Live monitoring of In/Out timing Generation of time-attendance and access control reports and charts for all branches Improved overall productivity of the organization Continuous operations with excellent service support Biometric Access Control Solutions COSEC DOOR FOP - Optical fingerprint-based door controller for access control and time-attendance COSEC DOOR CAS – Card-based door controller for access control and time-attendance COSEC PANEL - Site controller to manage multiple door controllers and advanced access control Features COSEC LE PLATFORM - Application server platform for 1000 users and expandable up to one million users COSEC LE TAM - Comprehensive time-attendance and leave management module for COSEC LE platform COSEC LE ACM - Comprehensive access control module for COSEC LE platform
Round table discussion
Statistically speaking, incidents of terrorism are unlikely to impact most businesses and institutions. However, the mere possibility of worst-case-scenario attacks is enough to keep security professionals awake at night. Compounding the collective anxiety is the minute-by-minute media coverage when an attack does occur. The immediacy of the shared experience of global tragedy impacts us all – including security system decision-makers. We asked this week’s Expert Panel Roundtable: How is the rise in terrorism impacting the physical security market?
Employee turnover is a problem for many companies, especially among younger employees who have not developed the philosophy of employer loyalty that was common in previous generations. Nowadays, changing jobs is the norm. The idea of spending decades working for a single employer seems almost quaint in today’s economy. However, excessive employee turnover can be expensive for employers, who are looking for ways to keep their brightest and best employees happily toiling away as long as possible. We asked this week’s Expert Panel Roundtable: How can the physical security market promote better employee retention in a competitive employment environment?
In today’s global economy, goods are manufactured all over the world and shipped to customers thousands of miles away. Where goods are manufactured thus becomes a mere detail. However, in the case of “Made in China”, the location of a manufacturer has become more high-profile and possibly more urgent. The U.S. government recently banned the use in government installations of video system components from two Chinese manufacturers, presumably because of cybersecurity concerns. A simmering trade war between China and the United States also emphasizes other concerns related to Chinese manufacturing. We asked this week’s Expert Panel Roundtable: Should "Made in China" be seen as a negative in the video surveillance marketplace? Why or why not?