Cyber security

Pivot3, global provider of security, Internet of Things (IoT) and hybrid cloud infrastructure solutions, has announced the introduction of the Pivot3 Architect and Engineer (A&E) Program. This initiative will provide architects, engineers and consultants with the resources and support needed to make intelligent decisions when specifying infrastructure platforms at the core of enterprise-class IoT, video surveillance and security solutions for their clients. Pivot3 A&E Program The Pivot3 A&E Program is intended to help specifiers and their clients address the complexities of planning, designing, deploying and managing compute and storage infrastructure for today’s sophisticated security applications including video surveillance, analytics, access control, building management and all other integrated systems. Pivot3 understands the specific needs of both the security and IT markets" A&E firms will gain access to a wide variety of resources that can be used to facilitate projects based on Pivot3's high-performance, ultra-dense, highly resilient solutions that reduce risk, eliminate downtime and data loss, and simplify scale and management. With Pivot3, A&E firms can specify one common infrastructure to consolidate multiple applications and solutions — all manageable through a single pane of glass. Advanced Tools And Support “Pivot3’s A&E program seeks to provide the advanced tools and enhanced support necessary to specify infrastructure solutions that serve as the backbone of intelligent environments,” said Ray Bernard, president and principal consultant, Ray Bernard Consulting Services. “Pivot3 understands the specific needs of both the security and IT markets, as well as the design and deployment challenges in each domain." "The company has the in-depth deployment experience needed in both to effectively support system designers and specifiers in all stages of design and deployment work. The team also understands the client perspectives and issues, and the IT-physical security collaboration dynamics. This new program demonstrates Pivot3’s commitment to helping system designers access the expertise and tools needed to design enterprise-class, IT-proven solutions.” Pivot3 A&E Program members will have access to:  Document development and review assistance with specifications, proposals, and commissioning and acceptance plans. A&E resources including CSI MasterFormat 2018 specification documents, 3D BIM Modules for AutoDesk Revit, MS Visio stencils and templates, and CAD drawings. Solution development and design support including review of system architecture, sizing and workload/throughput calculations, and application validation. Dedicated A&E support contact and local support from Pivot3’s Solution Architects and Regional Sales Directors. Design guides, best practices and white papers. Training, webinars and newsletters. Mission-Critical Infrastructure Solutions “The availability of dedicated Pivot3 contacts and resources will help the A&E community consider, design and ultimately, deliver infrastructure solutions that ensure the performance resiliency, and scalability that their customers’ mission-critical environments demand,” said Mike Maddox, director of A&E programs, Pivot3. “The Pivot3 A&E Program will provide the tools, insight and support necessary to achieve the successful design of enterprise-grade, IT-ready infrastructure solutions for a variety of applications and markets.”

BeyondTrust, the pioneer in privilege-centric security, announced that the company has been named as McAfee’s Security Innovation Alliance (SIA) Partner of the Year winner. This news comes on the heels of last year’s award as Runner Up for McAfee’s SIA Most Innovative Partner of the Year. The award was announced at the McAfee MPOWER Cybersecurity Summit in Las Vegas on October 16. “We’re honored to be recognized for our continued work with the Security Innovation Alliance for the benefit of our joint customers,” said Morey Haber, Chief Technology Officer at BeyondTrust. “This award is a testament to the success our joint customers are experiencing as we reduce complexity and make it easier for organizations to control privileged accounts and mitigate potential endpoint threats.” Resolving Threats Faster The McAfee SIA program provides customers with integrated security solutions that enable them to resolve more threats fasterThe McAfee SIA program provides customers with integrated security solutions that enable them to resolve more threats faster with fewer resources. Partners are screened for innovation, strategic value, and market leadership in their respective market segments that complement the McAfee solution portfolio. “BeyondTrust was selected as our Most Valuable Partner of the Year based on the review of more than 150 SIA partners and their multiple integrations and engagement with McAfee,” said D.J Long, vice president, strategic business development at McAfee. “BeyondTrust took top honors because of their ability to seamlessly integrate and provide management solutions that allow users to better understand and take actions against privilege-based risks.” Enabling Customers To Protect Endpoints The certified integration between BeyondTrust’s Avecto DefendPoint solution and McAfee ePO enables customers to protect endpointsThe certified integration between PowerBroker Password Safe and McAfee ePolicy Orchestrator (ePO) provides a flexible and convenient way to manage privileged passwords and privileged sessions through the McAfee ePO console. In addition, the certified integration between BeyondTrust’s Avecto DefendPoint solution and McAfee ePO enables customers to protect endpoints and implement least privilege policy across any organization – all through the centralized ePO platform. In addition, BeyondTrust also integrates with McAfee Enterprise Security Manager (ESM) and McAfee DXL to provide a real-time view of potential security threats and speed customers’ ability to proactively respond to these threats.

ProdataKey (PDK), an innovator of cloud-based networked and wireless access control products and services, has released a whitepaper addressing the cybersecurity benefits of cloud-based access control solutions. The confluence of cyber and physical security is driving dealers and integrators, along with their customers, to question the best ways to address security vulnerabilities in the systems they install. Juniper Research estimates that by 2019, the annual cost of cyber-attacks will cost business over $2 trillion. Cybersecurity And Cloud-Based Access Control A majority of access control solutions are now comprised of IP devices, each with the potential to provide bad actors with access to the data and operational systems on their connected networks. This whitepaper, “Safely Invisible: The Powerful Security of Cloud-Based Access Control,” compares the exposure inherent in traditional IP systems with those in 100% cloud-based solutions, providing extensive rationale for why access control applications are best run externally from customer’s in-house servers, by trusted cloud solution providers. “IT Professionals often express concern about the safety of running security solutions from servers that are out their control. This whitepaper addresses many misconceptions about presumed vulnerabilities from the cloud and gives credence to the counterintuitive fact that cloud solutions are more secure and preferable, from an IT perspective. We hope the information we’ve shared here can help security integrators lead more educated discussions about cybersecurity with their customers,” said Josh Perry, PDK’s Chief Technology Officer.

Rave Mobile Safety (Rave), a trusted partner for safety software protecting millions of individuals, released key findings from its 2018 survey, Emergency Preparedness and Security Trends in Healthcare after polling hundreds of healthcare safety leaders across the United States. The survey results, which will be revealed in a webinar on Thursday, October 25, examined the current and most pressing emergency concerns for hospitals and healthcare facilities. Specific building emergencies, such as fire drills, are priorities, but the responses from these professionals unearthed discrepancies about what emergencies and adverse events actually occur and the preparedness plans healthcare facilities have in place. Safety Issues Faced By Healthcare Facilities The three most pressing safety issues cited are severe weather (36 percent), active shooter incidents (34 percent), and cyberattacks (32 percent)"Hospitals and healthcare organizations greatly contribute to the well-being of others and emergency communications and preparedness are a very important part of their operations," said Todd Miller, COO of Rave Mobile Safety. "The healthcare industry is undergoing many changes. Mergers and acquisitions, as well as the decentralization of hospitals and healthcare facilities into smaller outpatient and acute-care facilities, are changing how the healthcare industry operates. Healthcare professionals must think about how this will affect security and emergency preparedness across their organizations."  The Emergency Preparedness and Security Trends in Healthcare survey found that the daily emergency incidents healthcare organizations experience doesn't correspond to the biggest safety concerns respondents reported. The three most pressing safety issues cited are severe weather (36 percent), active shooter incidents (34 percent), and cyberattacks (32 percent). However, 93 percent did not experience an active shooter incident in the last two years. In fact, the most common day-to-day incidents they experience are system outages (54 percent), closely followed by weather-related events (53 percent). Communication Methods During Emergencies When it comes to fire drills, 60 percent of respondents conduct them every quarter, even though only 18 percent had a serious fire-related incident within the last two years. These drills are especially helpful to ensure a smooth approach to any actual emergency. The survey reveals that email is the most commonly used channel for communication during a variety of situations  "During the times of crisis, patients, employees and the larger community expect hospitals to maintain operations without any interruption," said Kevin McGinty, safety and emergency management coordinator at Middlesex Hospital in Middlesex, Conn. "An emergency communications process that operates smoothly, quickly and with minimal intervention is key. Maintaining a common operating picture, especially with geographically separate facilities, is critical during events." Hospitals and healthcare facilities depend on fast and efficient communication methods during emergencies to keep their staff informed, as well as to communicate with patients, contractors and other visitors on-site. The survey reveals that email is the most commonly used channel for communication during a variety of situations, from workplace emergencies to finding shift coverage. Hospitals and healthcare facilities also use different methods of communication, including mass text messaging and phone tree/automated voicemail, when they connect with on-site employees. Growth Of Healthcare Facilities However, communication methods vary widely when respondents share information with hospital visitors and traveling employees. Organizations mostly communicate with visitors using digital signage (64 percent), intercom communication systems/building alarms (29 percent), and email (19 percent). For traveling employees, such as those in a satellite clinic or a patient's home, only 51 percent of organizations are sharing information with them through text message and 49 percent through automated voicemails or phone trees. Rave Mobile Safety's Miller will be joined by industry experts, McGinty and Turek, for a webinar to review the survey results"Healthcare systems are growing at an unprecedented rate and are expanding beyond hospital settings to include clinics, specialty facilities and administrative offices – something we haven't dealt with previously," said Patrick Turek, system director of emergency management at Hartford HealthCare in Hartford, Conn. "We now have hundreds of different departments and a mobile workforce that is moving to various sites throughout our system. They expect that their emergency communications are uniform and on their device of choice, regardless of where they are located." Lack Of Weather-Related Emergency Testing As serious weather-related incidents, such as hurricanes, tornados, flooding and wildfires, continue to rise, hospitals and healthcare facilities must have procedures in place to keep their communities safe. More than half of respondents said they experienced a serious weather incident within the last two years, yet 51 percent reported their facilities have gone over a year without testing their weather-related emergency plans. This is contrary to the recommended twice-a-year testing by the Joint Commission on the Accreditation of Healthcare Organizations.   Rave Mobile Safety's Miller will be joined by industry experts, McGinty and Turek, for a webinar to review the survey results on Thursday, October 25. The discussion will also address why safety requirements in hospitals and healthcare facilities are unique compared to other industries, as well as the importance of implementing and testing security procedures throughout the year.

Ping Identity, the pioneer in Identity Defined Security, announced that its Ping Intelligent Identity Platform powers the engine behind HP Identity (HP ID), an enterprise-wide unified identity management ecosystem. The HP ID initiative is designed to up level customer and partner experiences by providing them with a single identity across all of their HP applications, whether in the cloud or on-premises.  With a focus on driving customer experiences, HP selected the Ping Identity platform deployed in Amazon Web Services (AWS). This achieved its goal of instituting a single and highly secure identity and access management (IAM) platform across its entire global customer and partner-facing platform. Single Sign-on For 150 Million Customers Ping’s customer IAM platform provides performance and scalability that can keep pace with HP’s continued innovation and growth"The HP ID platform is used by more than 100 business applications and enables single sign-on for over 150 million customer and partner identities across the world, plus thousands more being added each day. Before HP ID, the company was managing more than a dozen separate legacy IAM and authentication systems. User identities were previously housed across disparate data silos, creating a disjointed customer experience. Reinventing Customer Experiences HP Product Manager Jared Meier sums up the success of HP ID, “Ping’s customer IAM platform provides performance and scalability that can keep pace with HP’s continued innovation and growth. Now, customers have a seamless experience when they authenticate across our digital properties.” “Ping and HP share a common vision of innovation, great customer experiences and technology that makes life better for everyone, everywhere,” added Andre Durand, CEO, Ping Identity. “We’re proud to support HP in reinventing customer experiences through identity.”

Premier League football club Everton FC has deployed SureCloud’s GDPR suite to manage and monitor its data and GDPR compliance, enabling the club to work towards GDPR compliance, optimize internal processes and position it strategically for the future. The solution replaced Everton FC’s manual data mapping and processing methods. Manual Data Mapping And Processing Everton FC’s databases are extensive, containing details on over 32,000 season ticket holders and over 600,000 registered fans, with details on around 360 employees, players, agents, suppliers, and individuals associated with the club’s community charity and partner school. Much of this information is sensitive. This data and all of the processes associated with it were being manually managed and tracked in a series of Excel spreadsheets. With multiple requests and queries to respond to every day, the club’s Data Protection Officer was struggling to record and manage smaller ad hoc queries, incidents, and tasks. With GDPR due to place much tighter restrictions on how the club processed, managed and shared its data – as well as on the reporting of any incidents that did occur – the club needed a more comprehensive and reliable tool in place before 25th May 2018. SureCloud Platform The club approached its long-standing IT support provider NCC to find a solution. NCC recommended the SureCloud GDPR Suite, delivered on the SureCloud platform. After SureCloud had successfully demonstrated the ability to provide full visibility for management and automation of GDPR processes across the organization, Everton FC selected its cloud-based suite of solutions. Two dashboards were created according to Everton FC’s specific needs Two dashboards were created according to Everton FC’s specific needs: one to show all data mapping and transfers, including where data is being held and who it is being shared with; and one showing incidents and requests, including a subject request register and incident tracker path. This gives an immediate overview of which requests are still outstanding, such as a request for an individual’s personal information to be erased from the database. SureCloud GDPR Suite The five applications Everton FC chose to deploy from the SureCloud GDPR Suite were: GDPR Program Tracker - to enable the club to map all its disparate data and workflows using intelligent risk-based questions GDPR Management – to provide all mandatory GDPR business-as-usual processes Information Asset Management - to record and maintain the club’s entire data inventory Compliance Management for GDPR - to help Everton FC speed up their process of attaining compliance and on-going real-time risk remediation Incident Management for GDPR – to meet the GDPR requirement to log, track and notify the ICO of any data breaches, should an incident arise Ian Garratt, Data Protection Officer at Everton FC said: “The penalties for not achieving GDPR compliance are severe – up to 4% of our revenues, or €20 million. It was imperative that we got a solution in place that could not only help us achieve GDPR compliance but would also make it quick and easy for us to demonstrate that compliance at any point, on request. SureCloud’s GDPR Suite fit the bill.” Centralized Data Management Now, all of Everton FC’s disparate data are mapped, risk-assessed and tracked in a single centralized system “We are now tracking and recording every single data request in a centralized way. With NCC’s support, SureCloud’s solution has brought a comprehensive clarity to our data processing that was impossible to achieve with manual spreadsheets. The system is so intuitive; it has helped us streamline multiple processes and undertake impact assessments that we couldn’t handle before.” Now, all of Everton FC’s disparate data are mapped, risk-assessed and tracked in a single centralized system. All changes and requests are automatically tracked so that activity records and data audits can be produced at the click of a button. Should an incident like a suspected data breach occur, it is identified and reported immediately and automatically. The club’s data protection team can select which asset has been affected and immediately determine the severity of the incident and whether it needs to be reported to the ICO. Should it need to be escalated, the report is available instantly. Data Processing, Documentation And Risk Management Ian Garratt added: “The SureCloud GDPR Suite isn’t just a compliance tool; it’s a comprehensive management tool. We now have a continuous, real-time status of where we are and what we need to be doing in terms of data processing, documentation and risk management. It would have simply been impossible to achieve this manually. SureCloud has not only helped us to work towards GDPR compliance they have optimized our internal processes and positioned us strategically for the future.” In addition to deploying five applications within the GDPR suite, SureCloud is currently adapting its Incident Assessment tool to meet Everton FC’s specific requirements.

Living in the era of global village, everything is rapid change. To keep up with the pace, the large-scale enterprises need to take every movement of branches in control, ensuring every policy has delivered well. HQ-Branch management, including central control, alarm synchronization, data retention and protection is becoming a great important challenge to enterprises nowadays. Without integrating lots of systems and management tools, Surveon HQ-Branch security solutions provide VMS with easy remote deployment, advanced VA for alerts and post events search, storage with large capacities for 365-day recording, and local /remote replication through NAS or ISCSI, supporting headquarters (HQ) to easily manage all branches. Surveon Control Center And Enterprise NVRs Surveon Control Center provides enterprises with an easy remote deploymentUnlimited number of cameras, users, NVRs, and monitors are supported in one domain architecture, Surveon Control Center (SCC), which provides enterprises with an easy remote deployment. Its monitor wall can be set up with any combination of camera views, making HQ can be easier awarded every branch's movements. Surveon NVR embedded 12 Video Analytics which can identify and initiate alerts for various user-defined events, offering effective monitoring, detections, alerts, and responses to events for enterprises. For example, intrusion detection can prevent uninvited people from entering the sensitive areas. Moreover, the advanced Post VA Search provides enterprises an efficient tool to quickly identify useful information and relative footage from hundreds of hours of video recording, reducing the time and efforts of HQ security manager, making HQ-branch surveillance system more efficient. Data Retention And Storage Surveon Enterprise NVRs provide large capacities for 365-day non-stopping recordingThe data retention of recorded videos and the system which can support hundreds of camera records are of great importance to the planning of enterprise surveillance. Surveon Enterprise NVRs provide large capacities for 365-day non-stopping recording, fulfilling the long-time storage requirements from enterprises. Surveon NVR supports remote replication through NAS or ISCSI. Enterprise can keep 1st copy in local branch and 2nd copy in remote HQ. If the source data fails due to system malfunctions or disasters, enterprise can leverage the remote copy to restart services in a few minutes. Software Integration Agribank, the largest commercial bank in Vietnam, and House Green, a home improvement retail chain in Taiwan, has adopted Surveon HQ-branch solutions. “Different from PC-based NVR solutions, Surveon adopts a system design fully customized for surveillance applications. This offers higher value for SIs, including advanced levels of integration and stability.” said the Sales Director of Surveon partner in Vietnam.

Hoverfly Technologies Inc., global supplier of tether-powered aerial drone systems, is pleased to announce it has engaged retired Deputy Chief of Los Angeles Police Department Mike Hillmann to consult and provide expertise to Hoverfly and public safety officials of cities, counties and special law enforcement agencies who are considering the use of Small Unmanned Aerial Systems (sUAS) to assist in keeping their cities safe. Small Unmanned Aerial Systems (sUAS) When incidents and/or events happen, having ‘real-time, situational awareness’ from above the scene is critical to managing risk and upholding public safety “With 24-hour news cycles, a never-ending stream of social media posts, mid-term elections and potential threats to the public at large, getting fast, accurate situational awareness from the air during an incident has never been more important when it comes to keeping the public safe. We are thrilled to have Chief Hillmann advising on use cases and how best to implement and integrate this new technology,” says Hoverfly SVP of Systems, Lew Pincus.  When incidents and/or events happen, having ‘real-time, situational awareness’ from above the scene is critical to managing risk and upholding public safety and the safety of those who serve our communities. Aerial/Drone Surveillance He adds, “We typically have relied on manned aircraft to provide aerial coverage over a variety of incidents. On occasion, those assets have not always been available, deemed too disruptive or too expensive to deploy in certain situations where an aerial view clearly could have helped an incident commander better understand the situation. Deploying small tether-powered, highly portable, unobtrusive persistent cameras positioned high above the scene can now be used as either a standalone capability or integrated system with existing networks, security infrastructure and even manned aircraft.” Hoverfly tether-powered sUAV (Small Unmanned Aerial Vehicles) systems solve short battery-life problems associated with free-flying dronesToday, Mr. Hillmann is helping chiefs of police, local city and county officials and other public safety personnel understand how Hoverfly’s tether-powered LiveSky systems can be deployed from police or EMS vehicles providing incident commanders with actionable intelligence from high above the scene within minutes of arrival. “Tactically, having the ability to stay in the air monitoring the situation from above for hours, days, even weeks at a time represents an amazing capability we never had before. During my career, I can think of hundreds of situations where having a drone in the air to provide real-time intelligence, surveillance and reconnaissance would have helped keep my officers and the community much safer. It’s a force multiplier that should be exploited by public safety,” says Hillmann. Hoverfly’s LiveSky Systems Hoverfly tether-powered sUAV (Small Unmanned Aerial Vehicles) systems solve short battery-life problems associated with free-flying drones because they operate using a standard 120VAC power source or vehicle inverter. The power, command and control information and video are transmitted over the tether making the entire system completely secure from jamming, hacking or spoofing, ensuring the privacy of the data and improving safety. Perhaps the biggest benefit of Hoverfly systems is they are autonomous and require no piloting skills. The CEO of Hoverfly likes to say, “if you can operate an elevator, you can operate our LiveSky system.” 

Hospitality businesses work to provide a safe and pleasant customer experience for their guests. Hotels offer a “home away from home” for millions of guests every day around the world. These are businesses of many sizes and types, providing services ranging from luxury accommodations to simple lodging for business travelers to family vacation experiences. Hospitality businesses also include restaurants, bars, movie theaters and other venues. Security needs are varied and require technologies that span a wide spectrum. We asked this week’s Expert Panel Roundtable: What are the security challenges of the hospitality market?

Finding the exact right technology to solve an end user’s problem is challenging, but the rewards are great when an integrator gets it right. A wide range of available product types, price levels and added features increases the likelihood of identifying a technology to solve any problem. But with so many technology and product choices in the marketplace, identifying that one solution can be akin to finding a needle in a haystack. We wondered whether a vast range of product choices is always a good thing. We asked this week’s Expert Panel Roundtable: Are security integrators and end users overwhelmed by “too many choices” related to security equipment and systems? How can they make sense of it all?

Consolidation – a decrease in the number of companies in a market achieved through mergers and acquisitions (M&A) – has been an important trend among manufacturers in the physical security market for many years. More recently, the trend has also appeared to extend to the integrator market. Larger integrators have been buying up other large integrators; in some cases, they have also been buying up smaller, regional integrators to expand their geographic coverage area. We wondered if this week’s Expert Panel Roundtable has noticed the trend. We asked: Has consolidation among security companies shifted to the integrator/installer market? What is the impact?