Security researchers at Check Point identified a critical vulnerability in Instagram, the popular photo and video sharing app with over 1 billion users worldwide. The vulnerability would have given an attacker the ability to take over a victim’s Instagram account and turn their phone into a spying tool, simply by sending them a malicious image file. When the image is saved and opened in the target’s Instagram app, the exploit would give the hacker full access to the victim’s In...
Honeywell is launching a new 60 Series line of 5MP IP cameras that offer greater detail than traditional camera and recorder solutions; and are well suited for users who want fast notification and verification of potential threats and responses. The 5MP video delivers a clearer picture and can be zoomed in from greater distances, allowing for fewer cameras to cover a larger area of view. The Honeywell 60 Series IP cameras are designed for use as part of video systems which comply with the John...
Allied Universal, a globally renowned security and facility services company in North America, has announced that Forbes’ ‘America’s Best Employers by State Survey’, partnered with market research company, Statista, has ranked the company as the best employer in the US states of Georgia, New Jersey and Tennessee. Forbes list The Forbes’ list is divided into 51 rankings, one for each of the 50 states, plus the District of Columbia and was compiled by surveying 80,0...
Steve Riley has been appointed as the new Vice President of Sales for Europe region for PAC GDX and 3xLOGIC brands. Business intelligence expert Formerly with Risco for over 7 years, industry stalwart, Steve has joined the organization with an ambition to grow market share across all brands, by adding value to security solutions in the form of business intelligence. “It’s a very exciting time to be joining this organization because we have several exciting product launches planned...
Honeywell announced the release of Pro-Watch® Integrated Security Suite, a software platform designed to help protect people and property, optimize productivity and ensure compliance with industry regulations. The platform provides complete visibility of all connected systems and the scalability of the software makes it easy to grow with the changing needs of a business. Pro-Watch Intelligent Command is a web-based user interface that provides organizations complete situational awareness of...
Pulse Secure, the provider of Zero Trust Secure Access solutions, announces successful integration and joint compatibility testing with McAfee ePolicy Orchestrator (ePO). Through this integration, customers of Pulse Secure Pulse Policy Secure (PPS) Network Access Control solutions can now ensure only compliant endpoints gain access to corporate resources. In addition, Pulse Secure PPS is fully integrated with McAfee ePO, enabling customers to retrieve valuable endpoint insight such as security...
ConnectWise, the provider of intelligent software and expert services for technology solution providers (TSPs), announced it has launched a bug bounty program to supplement its own internal vulnerability management strategy boosting efforts to quickly identify and remediate bugs and security vulnerabilities in its software. ConnectWise is partnering with HackerOne, the industry’s trusted hacker-powered security platform, to host the program. A bug bounty program incentivises security research by offering monetary rewards for security vulnerabilities submitted. Accepting vulnerability reports from third parties helps organizations surface and resolve issues quickly, minimizing the chance for exploitation. ConnectWise Bug Bounty program ConnectWise is committed to addressing all confirmed vulnerabilities discovered The ConnectWise Bug Bounty program is private, meaning that it is open to invited hackers via the HackerOne platform. ConnectWise is committed to addressing all confirmed vulnerabilities discovered through the Bug Bounty program and will remediate and disclose issues commensurate with severity. Responsible disclosures will continue to be delivered through the ConnectWise Trust Site, which is the primary source of information on a number of security, compliance and privacy topics. It also houses ConnectWise’s security bulletins and alerts, critical patches, and updates, with the ability to subscribe to proactive notifications via an RSS Feed. Strengthen security standing The launch of this Bug Bounty program is yet another important addition to our security arsenal" “Cyber criminals move fast, so we have to move faster. Employing a bug bounty program with the help of HackerOne, the industry leader in this space, will allow us to do just that by finding issues before bad actors get a chance to exploit them,” said Tom Greco, Director of Information Security, ConnectWise. “Crowdsourcing in this way represents a solid additional layer of security, and we clearly value the community’s expertise and participation in helping us keep our products secure. As we said earlier this year, the launch of this Bug Bounty program is yet another important addition to our security arsenal – and it’s the latest piece of our overall strategy to strengthen our own security standing so that we can better protect our partners and their SMB customers.” Improving transparency and communication The ConnectWise Bug Bounty program is an integral part of the company’s commitment and ongoing efforts to strengthen its own security posture as well that of its TSP partners, and to improve transparency and communication with its partners when it comes to cybersecurity. To date, this has included an internal focus on “shift-left” product development, an expansion of cybersecurity training programs for TSP partners, and the creation of the MSP+ Cybersecurity Framework, the industry’s first global cybersecurity framework for MSPs.
Hanwha Techwin’s position as global in video surveillance has been reaffirmed with the announcement that Wisenet7, the company’s next generation proprietary camera chipset, has achieved UL Cybersecurity Assurance Program (UL CAP) certification. With cybersecurity being a top priority for the electronic security industry, the certification enables Hanwha Techwin to validate that its latest generation of Wisenet cameras are equipped with the highest possible levels of protection from the activities of cyber criminals. UL CAP is a certification program run by UL, a company which has been a global in safety science for over 100 years. The program assesses potential cybersecurity issues and the level of risk from hackers in respect of network-connectable hardware devices and software. UL CAP certification With the support of the certification, Hanwha Techwin is able to provide peace of mind to system integrators and end-users Hanwha Techwin is among only a handful of manufacturers within the video surveillance industry that have so far achieved the UL CAP certification for their products and is the only one within Korea to have done so. With the support of the certification, Hanwha Techwin is able to provide peace of mind to system integrators and end-users seeking to comply with GDPR by ensuring confidential data cannot be accessed, copied or tampered with. Although it usually takes in the region of 8 to 10 months, Hanwha Techwin was able to complete the certification process within 3 months as the company’s in-house Security Computer Engineering Response Team (S-CERT) had already been working on addressing any potential security vulnerabilities in Wisenet hardware and software. This ensured that Wisenet7 was able to meet all of UL’s thorough evaluation criteria, such as penetration test, access control and user authentication, encryption and software updates. Wisenet7 chipset Wisenet7 chipset boasts a list of technologies which are designed to improve cybersecurity credentials The ground-breaking Wisenet7 chipset boasts an impressive list of technologies which are designed to significantly improve the cybersecurity credentials of Wisenet cameras. These include: Secure Boot Verification: This provides an extra layer of security by sandboxing different elements of a camera’s operating system, which means they are in a protected space. A full boot is completed before there is communication with any other part of the system. This prevents interruption to the boot process which could be exploited by a hacker. Secure OS: Wisenet7 uses a separate secure operating system (OS) for encryption and decryption, as well as for verifying that apps have not been modified or are not forgeries. A separate Linux based API is needed to access the Secure OS, without which there is no way to make any changes from the outside of a camera. Security features By enforcing restricted and secure access to the UART port, Wisenet7 allows the debugging process to be safely completed Anti-Hardware Clone: This functionality prevents Wisenet7 from being cloned. In addition to protecting intellectual property, this ensures that a Wisenet7 chipset with a Hanwha Techwin label is a genuine copy and removes the risk of a cloned device which may contain malicious software being used to steal sensitive data, such as passwords. Secure JTAG: JTAG ports are hardware interfaces which are used to program, test and debug devices. Cyber criminals can gain low level control of a camera via a JTAG port and perhaps replace firmware with a malicious version. Wisenet7 prevents this from happening as it secures JTAG ports via a key-based authentication mechanism to which only authorized personnel working for Hanwha Techwin have access. Secure UART: UART ports are serial interfaces typically used for debugging cameras. They allow administrator access to a camera and are therefore a target for hackers attempting to access sensitive information, such as password keys. By enforcing restricted and secure access to the UART port, Wisenet7 allows the debugging process to be safely completed without opening the door to cyber criminals. Global provider in cybersecurity Cybersecurity is essential for network video surveillance products as it allows us to provide end-users with confidence" “Cybersecurity is essential for network video surveillance products as it allows us to provide end-users with confidence in knowing that their confidential data will be kept safe from hackers,” said Uri Guterman, Head of Product & Marketing for Hanwha Techwin Europe. “Achieving UL CAP certification for Wisenet7 underscores our commitment to equip our next generation of cameras with innovative features that set a new standard for cybersecurity.” “The certification helps us maintain our position as a global leader in a number of different ways. In Europe, Middle East and US, for example, major projects which are subject to a tender process often stipulate that UL CAP certification is required. In the private sector, it is not unknown for sensitive facilities such as laboratories and banks to insist that a supplier should have the certification.” “As such, Wisenet7’s CAP certification enables us to more actively promote our cybersecurity features as one of Hanwha Techwin’s strengths.”
Allied Universal®, a security and facility services company in North America, launches its new, fully integrated marketing campaign titled ‘There for you’ which delivers on the company’s new purpose statement of ‘serving and safeguarding customers, communities and people in today’s world.’ Important role of safety With this new, bold campaign, Allied Universal displays the important role of safety and security in an individual’s ability to thrive and achieve greatness. Stemming from extensive qualitative and quantitative research from employees, clients, and other stakeholders, Allied Universal’s main goals for the campaign were three-fold: to differentiate Allied Universal from competitors by focusing on the company’s unique purpose and values; build an emotional connection with the brand by demonstrating the company’s daily impact on consumers’ lives, and define the meaning behind the company’s There for you™ tagline. Everyday snippets of family “This campaign illustrates our important role with our clients and communities as our #1 goal is to serve and safeguard so they can have the freedom to love, create, produce and innovate without worrying about their security,” said Barbara Moreno, Vice President of Marketing at Allied Universal. “We wanted to show that we, as a company, are There for you™-- always aware and ready to act as there is nothing more powerful than feeling safe.” The new ad spot brings together a montage showcasing everyday snippets of family, community, clients and relationships while Security Professionals are in the background providing safety in a world of evolving risk.
Sectigo, a provider of automated digital identity management and web security solutions, announced that Baidu, a Chinese search engine with more than one billion daily page views, has chosen Sectigo to provide the back-end services for the company’s all-new Baidu Trust SSL Certificates. Baidu will offer Sectigo Domain Validated (DV), Organization Validated (OV), and Extended Validation (EV) certificates white-labeled under the Baidu Trust product line, greatly expanding Sectigo’s footprint in Asia. “Baidu is committed to making the complicated world simpler through technology. This mission includes providing our customers and users with best-practice security technologies and a seamless experience,” said Roy Zhang, Leader of Enterprise Application Ecology Products, Baidu division. “We have chosen Sectigo to supply the infrastructure for the new Baidu Trust SSL Certificates because the global CA is highly trusted and offers a certificate type for every use case, from authenticating small personal websites to large enterprise domains. Our customers can choose from many trust products, ranging from basic DV SSL certificates to more premium EV SSL certificates, based on their individual needs.” Proven technology Sectigo has issued more than 100 million certificates worldwide and offers the widest selection of white-label-ready SSL product options available from a certificate authority. Baidu’s Trust offering, available to website owners in China, leverages this legacy of trust to enhance the security assurance for millions of internet users across Eastern Asia. “Trust is a key component of Sectigo’s brand. We are not only providing trust through our certificates, but also as a proven technology partner with decades of experience,” explained Michael Fowler, President of Partners and Channels at Sectigo. “Asia and China, specifically, are experiencing an unprecedented shift to conducting business and sharing information online. Baidu and Sectigo have proven successful in their industries and collaborated to bring the best SSL security to greater China.” “Baidu’s choice to use Sectigo for their Baidu Trust SSL certificates underscores the confidence that leading internet brands have in our products and team—and we look forward to a successful partnership serving companies across Asia and China though a shared vision of excellence,” added Fowler.
Johnson Controls will showcase solutions and thought leadership critical to safe building reopening during the virtual Global Security Exchange Plus (GSX+) conference. From Sept. 21 to Sept. 25, 2020, Johnson Controls experts will demonstrate and discuss the latest security innovations that have become integral to intelligent security during the COVID-19 crisis and beyond. Attendees can interact with Johnson Controls leaders during keynote event sessions, technology demos and a thought leader interview to discover the future of safe, healthy and innovative buildings. Global Security Exchange Plus (GSX+) Our experts are excited to share how data-driven digital solutions help them create more intelligent buildings" “The industry leaders who are attending GSX+ are currently faced with not only reacting to the COVID-19 crisis, but also continuing to innovate for a smarter future,” said John Hudson, Vice President and General Manager of Security at Johnson Controls. John adds, “Our experts are excited to share how data-driven digital solutions allow them to do both, protect occupants during a pandemic and create more intelligent buildings. From infection control to employee screening, this technology provides the flexibility they need to create safer, more resilient environments, no matter what.” Digital security solutions on display Johnson Controls experts will be at the virtual marketplace throughout the conference, showcasing digital security solutions that better protect occupants and employees while streamlining daily operations, including: OpenBlue: It is an open digital platform that transforms how occupants interact with their buildings. This comprehensive suite of solutions and services creates dynamic and intelligent spaces. Leveraging AI and data-powered capabilities, OpenBlue accelerates building reopening by maximizing the health and safety of environments through a connected combination of hardware and software. OpenBlue includes solutions to re-enter, reoccupy and reimagine, including contact tracing, social distancing monitoring, thermal cameras, infection control, clean air solutions and more. Smart Elevated Skin Temperature Scanning Solution: Leveraging Tyco Illustra Pro thermal cameras, this contactless and frictionless solution rapidly scans groups of individuals for elevated body temperatures quickly, accurately and reliably. Advanced technology instantly alerts users to an elevated temperature, enabling them to leverage thermal imaging to identify the individual for a swift staff response. This thermal solution can be integrated with additional security systems such as access control and video management systems. Emergency Preparedness and Response: From gunshot and weapons detection, to mass notification systems (MNS), to AI analysis, Johnson Controls emergency preparedness and response portfolio ensures buildings can be safeguarded from the unexpected and help deliver successful emergency outcomes. Insights on biggest security themes and trends As a GSX+ sponsor, Johnson Controls thought leaders will participate and host sessions throughout the conference, to provide insight on the biggest security themes and trends of 2020 and beyond: Thought Leader Interviews, including: Digital Security and Open Blue, presented by Mike Ellis, Executive Vice President, Chief Customer and Digital Officer, Johnson Controls. Tuesday, Sept. 22, 11:30 – 11:50 a.m. EDT. Cyber and Physical Security, presented by Jason Christman, Vice President, Chief Product Security Officer, Johnson Controls. Wednesday, Sept. 23, 11:30 – 11:50 a.m. EDT. Gamer Changer session, HR and Travel Security Issues After COVID-19 Lockdowns, hosted by Hank Monaco, Vice President, Marketing, Johnson Controls, Building Solutions for North America. Tuesday, Sept. 22, 10:15 – 11:05 a.m. EDT. Featuring: Eduard Emde, Head of the health, safety and security section ESA/ESTEC at ESA European Space Agency, ESTEC Radek Havlis, Director CEE and Central Asia at PricewaterhouseCoopers Geert Coremans, Director, corporate safety & security at The Radisson Hotel Group Nicole McDargh, regional security and H&S director at Richemont Product demos, including: Thermal Cameras and Access Control Frictional Solutions, which will be hosted by Jason Ouellette, ACVS technology, Business Development, Global and George Grammer, Strategic Product Manager, access control and integrated systems, Johnson Controls. Wednesday, Sept. 23, 1:30 p.m. EDT. Emergency Preparedness and Response, hosted by Alka Khungar, Senior Portfolio Manager, Johnson Controls Building Solutions. Tuesday, Sept. 22, 11:30 a.m. EDT. Making buildings more secure and intelligent “Our experts have years of experience reimagining buildings to be more secure and intelligent,” said Hank Monaco, Vice President of marketing at Johnson Controls, Building Solutions North America. Hank adds, “Now, we are leveraging that experience to create environments that can not only safely reopen, but also remain resilient for years to come. Our team is excited to share our vision of this future at GSX+, and the solutions that will help us get there. We are more committed than ever to powering our customers’ missions for a safe and healthy world.”
ASIS International, the world's association for security management professionals, opens their annual conference on an entirely new virtual platform to provide maximum value for association members during the unprecedented global pandemic. The new virtual experience, branded GSX+, builds on the annual Global Security Exchange (GSX) event and promises to be a large virtual gathering of global security professionals. GSX+ is delivering a fully virtual experience that includes CPE-eligible education sessions, a robust Marketplace (virtual exhibit hall), and lively peer-to-peer networking. Extensive program with education sessions GSX+ is truly a virtual experience unlike anything the security industry has experienced before" The event will continue through 25 September, featuring an extensive program with 140+ education sessions and daily keynote presentations. The show kicks off with a General Session presentation by Juan Manuel Santos, two-term President of Columbia and recipient of the 2016 Nobel Peace Prize. “GSX+ is truly a virtual experience unlike anything the security industry has experienced before,” says Godfried Hendriks, CPP, 2020 President, ASIS International Global Board of Directors. “The global pandemic challenged us, so we responded by seizing the opportunity to provide new value. For example, every educational session will be recorded and made available for attendees on-demand 24/7. Unlike previous in-person events, this change means that every attendee, no matter their travel restrictions or time zone, will be able to see and learn from every offered session. We are excited about every element of this new virtual event, and we hope that attendees will also seize this opportunity to experience all the possibilities. Only ASIS has the experience, global reach, and expertise of its members to convene a virtual event of this magnitude and quality.” Keynote presentations The following keynote presentations are scheduled for Tuesday, Wednesday, and Thursday at GSX+ in the week: + 22 SeptemberEmbracing the Future: Strategies for Building Resilience and Innovation Presented by Dr. Ilham Kadri, CEO of Solvay, and Werner Cooreman, CPP, PSP, Senior Vice President – Group Security Director of Solvay + 23 SeptemberLeading in Turbulent Times Presented by General Stanley McChrystal, 4-star General and former Commander of U.S. and International forces in Afghanistan + 24 SeptemberThe Future of Cybersecurity Presented by Keren Elazari, CISSP, Security Analyst, Researcher, and Public Speaker GSX+ educational lineup All-Access attendees can earn up to 25 CPEs and will be able to access education sessions through 31 December The GSX+ educational lineup includes 140+ scheduled and on-demand sessions across five tracks: National Security, Physical and Operational Security, Risk Management, Digital Transformation/ Information Security, and Leadership and Managing within Organizations. All-Access attendees can earn up to 25 CPEs and will be able to access education sessions through 31 December. GSX+ also offers numerous opportunities for peer networking, including virtual receptions, awards celebrations, and even the famous ASIS Break Room. Planned events list for GSX+ attendees Here are a few of the planned events: + 21 September, 3:30 pm ET: Join the Welcome Reception, which will feature a Rock & Roll Game Show for GSX+ attendees where music is central. Join the fun with renowned musician-MCs – they’ll keep the entertainment going so one can focus on relaxing and connecting. + 22 September, 3:30 pm ET: ASIS Women in Security and Young Professionals Happy Hour + 23 September, 3:30 pm ET: GSX+ Military and Law Enforcement Appreciation Day + 24 September, 3:30 pm ET: President’s Reception + 25 September, 12:25 pm ET: Awards Celebration + 24/7: The ASIS Break Room
In recent years, multinational corporations such as Cathay Pacific, Facebook, Uber and numerous others have been heavily fined due to security and data protection violations. This period has seen data protection laws increase as more and more information is gathered and shared online. As such, it becomes crucial to account for security capabilities when choosing an embedded device that touches potentially sensitive data. RFID readers very much belong to the ecosystem wherein personal or user identification data is transmitted either to a host system such as a PC or to an endpoint such as a Human Machine Interface (HMI). A passive RFID transponder, soft credential such as a mobile phone app using BLE/NFC or smart cards and other contact-based credentials all can carry sensitive data or personal information. In the case of smart card or contact-based credentials, the storage of personal information such as name, address or date of birth is more prevalent compared to contactless credential where an identification number may be used. Security as a concept RFID media may directly lead to a compromise in your intended application’s security In general, security as a concept is always related to the entire system that includes RFID media (contact/contactless credentials), RFID reader, the host system and any database or cloud server. While accounting for security across a system is needed it is more important to consider the application or use case that is in question. One should carefully evaluate the consequences of any security breaches and if there is any sensitive information being exchanged from the RFID media to the host. As an example, the simple choice of RFID media may directly lead to a compromise in your intended application’s security. There are numerous references on security vulnerabilities related to Low Frequency (125KHz) contactless transponder types. The references focus on using interceptors to access unprotected static card information. The adversaries may then clone this credential that may be used for triggering action such as granting access to a facility or unlocking a computer. Some references also highlight vulnerabilities in the Wiegand interface about intercepting the data signals to capture card value. Therefore, some older RFID transponders and communication interfaces that may be based on the aforementioned technology or have been subject to vulnerability hacks are now considered fundamentally compromised. As mentioned previously, the overall security depends on every component of the system that includes the RFID reader. This article will mainly focus on some of the basic security considerations that need to be accounted for when choosing an RFID reader but also whether or not your application requires these abilities. Some of the key security considerations are as follows: Does your application require encryption capabilities? If so, does the reader have the capability to execute cryptographic algorithms? In every application where RFID technologies are involved, there is a need to first assess whether encryption is required and if so, determine the exact channel where this needs to be enforced. It could be that the host interface requires the exchange of encrypted data or the air interface needs to transfer protected data. Once the requirements are established, one may then evaluate the strength of this security. Furthermore, many types of contactless transponders can store data within their memory segments and encrypt or lock these segments with cryptographic keys. An apt card reader is one that can not only decrypt the memory segments and access the data but also provides an easy means for the end-user to carry out this operation. In many instances, the end-users have their own customized cryptographic keys for their credentials and are unwilling to share these keys with the card reader provider. Therefore, having the capability to load custom keys by someone other than the card reader manufacturer becomes essential. This can be facilitated in multiple ways, such as implementing high-level APIs and allowing the user to write applications for the card reader, or it could be enabling the customer with agraphical user interface to enter keys used to access data sectors. Many types of contactless transponders can store data within their memory segments Do you require encrypted data exchange? If so, where and can the card reader support this? In a typical scenario, the card reader behaves as a medium to facilitate data collection and transfer between the contactless or contact-based transponder and the host system. The host system can either be an endpoint that locally validates the credential presented to it or it can be a microcontroller that sends data over the network to the cloud or a database for validation and authentication. As mentioned previously, assessing whether the need for encryption is between the RFID media and the reader or from the reader to the host is important. If the former, the appropriate credentials are required. Depending on this factor you may then consider choosing an appropriate RFID reader. There are use cases wherein personal information such as name, address, date of birth or biometric data can be stored within the credential, eg: smart cards or passports as credentials. Therefore, encrypting the exchange of such data both between the credential and the reader as well as the reader and the host becomes critical. Moreover, encryption algorithm engines such as AES, DES, 3DES, or the capability to implement custom algorithms, need to be present on the card reader as this enables ease of integration. In cases where smartcards or contact-based credentials are used, the host system typically drives the communication in its entirety. So, the card reader must also have: Software capabilities such as Personal Computer Smart Card (PCSC) or Chip Card Interface Device (CCID) mode of communication. The availability of drivers to facilitate communication with the host also enables easy software integration. Hardware support for communication standards such as ISO7816 and the presence of Secure Access Modules(SAM) slots and other contact-based interfaces. Does your application require MUTUAL authentication with Secure Access Modules (SAM) and RFID media? If so, does the reader support This? A Secure Access Module is a type of smart card that follows a contact-based communication standard to interact with a card reader. These modules ensure the protection of security keys as well as facilitate cryptographic operations. Typically, SAMs are used to generate application keys based on a specific master key or to generate session keys. They also enable secure messaging between the RFID media, the reader and the host system. Many contactless credentials hold memory segments/applications that are encrypted with cryptographic keys. These keys are often stored in SAMs and supplied to card reader manufacturers. This not only ensures the security of the keys but adds a step in the authentication process. The card reader in this case should first perform authentication operations with the SAM and then carry out a series of cryptographic and bit manipulation operations between the contactless card and the SAM. This can be further secured by adding a key diversification step. The card reader must be able to support such a scenario both in the hardware as well as in the software. Many end-users require the card reader to natively support such a scenario and have the ability to provide high-level API’s to help in their implementation. In addition to this, high-security applications demand the transfer of data in an encrypted format. One can ensure end-to-end encryption/security with the help of SAMs. In such an architecture, the reader facilitates mutual authentication with the RFID media and the SAM, thus transferring protected data over a Radio-Link and also ensuring the security of encryption keys. The reader can also transfer data encrypted by the SAM to the host system maintaining a high level of security across the system. Appropriate precautions are to be put in place to improve the overall security Note that the safety of distributing SAMs as well as administering the installation process within the reader should be treated as a separate issue and tackled accordingly. There is also an issue of the readers being stolen or the SAM modules being dismounted from the reader. The security considerations here do not indulge in these topics and appropriate precautions are to be put in place to improve the overall security of the system. Does the card reader have communication interfaces other than Wiegand such as RS485 or RS232? The Wiegand card as well as the Wiegand interface for data transmission is a 40-year old technology that originates from the Wiegand effect discovered by John R. Wiegand in the early 1970s. While the Wiegand cards are still in production, they have been largely replaced by newer and cheaper forms of access cards. However, these cards are still based on the Wiegand data format that is susceptible to interception as the data are available in plain text. Also, the Wiegand interface introduced in the 1980s remains prevalent across the logical access as well as the physical access control industry despite various security vulnerabilities. This technology no longer conforms to the current security standards. It is therefore important for integrators to choose a communication interface that can offer higher security from interception and support encrypted data exchange. Do you require tamper detection technologies? If so, can the reader meet this requirement? The need for tamper detection largely varies from one application to another so it is more important to consider whether this level of security is suitable for your respective use case. As an example, card readers attached to multi-function printers (MFPs) for releasing print jobs in an enterprise environment can be considered less critical since tampering with the reader can ultimately lead to the downtime of the printers but will not compromise the safety of your documents. Typically, in such scenarios, the card reader works hand in hand with the MFP and a print management solution that ensures the release of print jobs. Therefore, if the card reader is sabotaged or tampered with, the MFP or the solution simply prevents the release of any information. On the other hand, high-security environments such as data centers certainly need greater protection. One must thoroughly evaluate the consequences of any attempts directed towards compromising the device integrity or the data associated with the device. These topics need to be considered separately and are outside the scope of this article. In conclusion, depending on the application, the credentials involved as well as the data that is being exchanged with the card reader and eventually the host, tamper detection technologies can improve the security of the device. There are several technologies in the market such as mechanical and optical tamper detectors that can be embedded directly on the card reader for superior protection against threats. Do you require the reader's ronfiguration or firmware to be securely shared or loaded on the card reader? If so, can the reader meet this requirement? We are all aware of system and application software updates as at some point our phones have received security patches or app upgrades over the network. In the case of card readers, the process is quite similar except here the software or configuration updates might require encryption based on your use case. For example, if an end customer is reading static card numbers from an RFID media or isn’t using data protected by encryption keys this does not require the firmware or the configuration to be encryption for a simple reason that these files do not carry any sensitive information. The need to encrypt configuration/firmware files arises if the data that is being read by the reader contains any personal information or is part of a proprietary corporate format that is confidential, or should a customer wish to move to a higher security credential encrypted with keys. This means that either their existing card readers or new card readers must have a configuration that holds these keys. Configuration or firmware must also be encrypted since it holds sensitive information In such a scenario, the configuration or firmware must also be encrypted since it holds sensitive information. If the configuration or the firmware is encrypted, the file will no longer pose a security risk and can be shared with customers to perform updates to the existing readers or with the card reader manufacturers to load new readers with the configuration of firmware updates. This not only secures the sharing process but also the update process since the reader is now receiving an already encrypted file. After all, it is essential to choose a card reader that can carry out the aforementioned security considerations but more importantly the security features that are chosen need to be appropriate to the requirement of the customer. Any integrator first and foremost should thoroughly evaluate the respective application. They should work with subject matter experts in the field and establish requirements and objectives. After developing the concept, system architecture, data flow as well as various secure channels, only then can one begin to account for the security features needed. This process not only helps cement the end system’s overall security view but also elucidates the exact security requirements that correspond to the resulting application. In conclusion, choosing an RFID product that not only has the above security features but also has a flexible system design capable of accommodating future adaptions will prove to be the right choice for OEM’s and system integrators.
In today’s fraught times, business continuity and success hinges on how you manage the visitors to your company. By prioritizing safety and security, and coupling them with top-notch attention and customer service, you win loyalty and gain a reputation that will serve you in years to come. An excellent way to accomplish this is by identifying and implementing the best visitor management system for your company. And visitor management systems go beyond ensuring the safety of your visitors and staff safety from your visitors. A feature-rich VMS will track your guests' activities, so you can better understand their preferences for future visits. That way, you can manage visitor experience and tailor amenities and preferences. Both customer loyalty and brand reputation benefit. Visitor management systems: who uses it, and why is it used? Visitor management refers to all the processes put together by an organization to welcome, process, and keep track Visitor management refers to all the processes put together by an organization to welcome, process, and keep track of all the guests daily. A visitor management system (VMS) is the technology used to manage guests for their convenience, safety, and security. Several features are typical in today’s applications. They include preregistration tools, video intercoms, self-check-in stations, and health screening. In visitor management, the term "visitor" doesn't only refer to guests but also anyone without an authorized access credential. For instance, an employee without their access credential logs in as a visitor. The same applies to a delivery man or a technician carrying out routine maintenance. A VMS helps to account for everyone within the organization at any given time. Who uses visitor management systems? You need a visitor management system to manage a school or hospital, an office, or even a residential building. Here's why: Visitor management system for schools: schools are among society’s most vulnerable facilities. A VMS is almost mandatory in this setting. It helps to identify visitors, detect intruders, and alert security of any unauthorized access. Visitor management system for offices: A VMS accounts for guests at all times. They include clients, maintenance contractors, delivery men, employees without credentials, friends, and family, Visitor management system for hospitals: access control is essential in hospitals, and managing visitors plays a major role. Hospitals offer access to pharmaceuticals, medical records, newborns, and expensive equipment. It is crucial to monitor restricted hallways and sections with video intercoms and track unauthorized persons' movements. Residential visitor management system: tracking people's movement is a key VMS component. In case of a crime, knowing who had access to the building within a specific time frame can help in the investigation. Plus, tracking the activities of visitors can deter future crime. Why is the visitor management system important? A video intercom makes it much more difficult for a visitor to impersonate a known guest. VMS accounts for everyone within the organization in cases of emergency. VMSs can prevent intruders and alert the security department of a breach. A VMS creates a positive visitor experience, which shapes perception of the organization. With a trusted VMS in place, employees can focus on being productive. Health screening gives staff peace of mind. It increases employees' willingness to return to work in the midst of the COVID 19 pandemic. How does a good VMS address occupant and visitor safety? The necessary technology to ensure building safety The best visitor management systems contain the necessary technology to ensure building safety. To maximize occupant and visitor safety, a VMS should have the following features: Job one of a VMS is visitor identification. It also helps deter potential criminals. Some VMSs go beyond identification by running a quick check on the visitor's ID and alerting security of any discrepancies. By identifying and proving a visitor's identity, the VMS ensures the safety of employees and other visitors. VMS helps with compliance A good visitor management system helps the organization follow regulations, such as for occupancy. In the COVID era, some states may require health screening for guests. Health screening helps protect the building's occupants from exposure to health hazards. Information security VMSs also aid in information protection. It takes mere seconds for a rogue visitor to download files into a jump drive, photograph exposed blueprints, or copy customer lists. Visitor management systems restrict visitor access to parts of the building and track the whereabouts of guests. Visitor privacy With pen and paper systems, walking up to the receptionist often gives visitors full view of the visitors list. Visitor management systems seal that vulnerability. Visitors can check in without fear that anyone nearby can see their information. Emergency evacuation With a good VMS, the exact number of people within the building is always known. In the case of an emergency, first responders can use VMS data to identify everyone on site. This is a safety net for both the occupants and visitors to the organization. How to manage building visitors System features depend on the purpose and setting of the VMS. Yet certain features and processes are essential. Preauthorization and health screening The first step is knowing the visitors upfront. Preauthorisation allows everyone to know who is coming and when. Guests specify the time and purpose of their visits. You get to welcome and accommodate your visitors accordingly. Some systems may also be able to upload documents of interest, such as proposals, contracts, presentations, or agendas. Health screening is critical today. It signals that the organization cares about its guests. A visitor is more likely to visit an organization that prioritises health and safety. Health screening is a way to protect your staff and send the right message. Video intercom Along with health screening, video intercom is a key element of VMSs. It enables secure video identification with remote, touchless, and COVID-safe access into buildings. Intercoms are a safe and secure way to communicate with audio and video without physical contact. Video allows you to visually verify the visitor. The audio component enables spoken communication. Some systems even use facial recognition technology and mobile app unlock. When integrated with access control, visitor arrival is seamless. Upgrade to touchless access Touchless access is the safest and most secure VMS option Touchless access is the safest and most secure VMS option. It is more sophisticated because it receives visitors without them having to lift a finger. It's also convenient and effective. In this time of the novel coronavirus, the demand for hands-free systems is surging. VMS has pivoted to met this demand. Many organizations are finding how touchless systems increase safety in the workplace. Visitor logging is essential for managing guests to your building. Besides being a source for verification and data tracing, it also helps in real-time to know who signed into the building and who hasn't signed out yet. Tracking the movement of visitors within the facility makes it clear where they are at all times. This way, there can be an effective emergency action plan for visitors and other occupants. This feature has use in contact tracing, health investigations, and other investigations, such as for theft.
Developing an effective contact tracing system in the UK to monitor the spread of COVID-19 has proved to be problematic. The trials of the app developed by the government and its partners encountered numerous challenges, and despite the reopening of restaurants, pubs and shops, the current approach to contact tracing is inconsistent, with recent reports suggesting not all establishments are following the government guidance. At the same time, businesses are being encouraged to ask employees to return to the workplace as lockdown restrictions ease, and the lack of an effective contact tracing system is only going to become more of an issue. Responsibility now lies with employers to ensure social distancing measures are adhered to in the workplace, trace any contact that a person infected with COVID-19 has had with others, and communicate consistent messaging across their organizations. Considering all of these challenges, it is not surprising that technology is being turned to for the answers. Turning to technology However, it is not just cutting-edge technology that can support measures to address health and safety issues related to COVID-19; the use of existing infrastructure is vital too. Consider the ubiquity of CCTV in workplaces and public spaces, especially in densely populated cities. Recent research has shown that London, for example, has 627,727 cameras for 9.3 million residents - the equivalent of 67.5 cameras per 1,000 people. The data collected from these feeds will play a key role in effectively tracing interactions and monitoring the adherence to social distancing measures. Tracing interactions and monitoring the adherence to social distancing measures As useful as this data is though, the sheer volume of it is enormous. Sifting through hundreds of hours of video footage collected from networks of thousands of cameras will be far too time-consuming and inaccurate to complete manually. This is where more advanced technology such as A.I.V.A. (Artificial Intelligence Video Analytics) is required. A.I.V.A. solutions use existing camera networks and geospatial algorithms to determine an individual’s location in the camera field of view in real-time, automatically learning the perspective of the scene and calculating the GPS coordinates of individuals in real-time based on their location in the camera field of view. Social distancing algorithms For example, with regards to social distancing, an algorithm can detect when two parties are within a meter proximity of each other. This will trigger an alert in the system and log the occurrence in a dashboard report. If government recommendations change and the suggested distance is 2 meters, the algorithm is easily adjusted. This approach will help to reinforce changes in behavior to encourage social distancing and, in the worst case, establish an effective contact tracing system for those who have been infected with COVID-19 and have come into contact with others. An effective contact tracing system for those who have been infected with COVID-19 Firstly, in terms of how this can be used for social distancing, AI powered video analytics can be used to identify particular hotspots where breaches occur. While isolated incidents of a breach in the 1m rule may not be particularly useful, when a series of occurrences is identified from thousands of hours of CCTV footage, vital insights can be gained into localised clusters of COVID-19 infections. The reports generated from this type of analysis can be extremely useful; for example, pinpointing particularly busy areas of a job site, identifying queues at a coffee station at a certain time of the day, or the most frequently used exit of an office building. Breaching the rules Armed with these insights, businesses can implement measures to try and alleviate such bottlenecks. In practice, this may involve implementing one-way systems or moving people from one congested area to a quieter one at particular times of the day, to help reduce the chances of breaching the 1m social distancing rule. There is even the capability of triggering an automatic alert when a breach is observed to remind employees of their responsibility to adhere to the guidelines. If a business is informed that one of its employees or a visitor has contracted COVID-19, the use of A.I.V.A can support in helping to identify areas that the person has visited and whether there were any other people in that area at the same time. Instead of informing others directly, the business can issue a notice to say exactly where that person was and advise employees who may have been present to be tested. This is particularly useful for businesses with large sites, who need to manage each building and facility on a case-by-case basis. Workforces can be protected by decreasing the chance of social distancing breaches Although simple to implement, AI powered video analytics can play a key role in helping businesses implement solutions that allow employees to safely return to work. With such technology in place, workforces can be protected by decreasing the chance of social distancing breaches occurring and effectively tracking those who have it. The technology does not rely on the identification of specific individuals nor their personal information or mobile phones, but rather recognises behavior patterns and uses this approach to provide accurate information to groups of people that need it. AI has long been touted as the technology set to revolutionise life as we know it, and now it has the chance to unlock its potential and protect people in a world significantly affected by COVID-19.
If one employee stands less than six feet away from another employee, a fob attached to a lanyard around his or her neck emits an auditory beep – an immediate reminder to observe social distancing. If an employee were to be diagnosed with COVID-19, a cloud-based database provides a record of who at the company the sick employee had contact with. These capabilities of HID Location Services ensure social distancing and provide contact tracing to enable companies to return to work safely. They have been deployed in a pilot program at HID Global’s Corporate Headquarters in Austin, Texas. Social distancing using a BLE beacon To ensure social distancing, a Bluetooth Low Energy (BLE) beacon is emitted from an employee’s fob (or from a badge that has the same functionality). The beacon communicates peer-to-peer with a beacon emitted by another employee’s fob or badge to alert if the location of the two employees is less than six feet apart. To ensure social distancing, a Bluetooth Low Energy (BLE) beacon is emitted from an employee’s fob For contact tracing, the beacons communicate via a nearby “reader” (a BluFi BLE-to-Wi-Fi gateway) to the Bluzone cloud-based software-as-a-service. The building area covered by each reader constitutes a “zone,” and the system records when two beacons are signaling from the same zone, which indicates contact between employees. In effect, the system records – historically and forensically – who was near whom (and for how long) using the zone-based approach. “In the workplace, we provide organizations with visibility into the location of their workforce,” says Mark Robinton, Vice President, IoT Services Business Unit at HID Global. Pilot program spans variety of environments By documenting where a sick individual moved in the building, the system also can guide any need to close off a certain area for deep cleaning. Instead of quarantining a whole building, a company could quarantine a small subset of employees who were likely exposed. Importantly, the system only reports data, while management makes the actual decisions about how to respond. The site of the pilot program is the 250,000-square-foot HID Global facility in Austin, which includes a variety of environments, including manufacturing areas, an executive suite, cubicles, a training area, a cafeteria, and lobbies. This spectrum of use cases enables the pilot program to evaluate how the system works in various scenarios. The building in Austin has two floors, plenty of natural lighting and emphasises sustainability in its design. HID Location Services ensure social distancing and provide contact tracing Pilot starts small and expands For the pilot program, 80 readers were installed in a wide area in the facility, including a variety of environments. Initially 30 badges and 30 fobs, all BLE-enabled, were issued to employees. If a badge identifies another nearby beacon (suggesting a social distancing failure), it emits a blinking LED light, which can be seen by the offending co-worker. The fobs emit an audible beep, which employees have overwhelmingly said they prefer. Observers overseeing the pilot program have documented employee reaction and comments. It emits a blinking LED light, which can be seen by the offending co-worker There were challenges in setting up the pilot program remotely to ensure fewer employees were on site during the pandemic. The equipment was provisioned in Florida and then shipped to the Austin location. Fine-tuning was required to adjust the signal strength of the BLE beacons. The badges were initially more powerful, but the strength was dialed back to be comparable to the fobs and within the six-foot social distancing range. Signal strength is also a variable in diverse environments – the 2.4 Ghz signal tends to reflect easily off metal, so adjustments in signal strength are needed in a factory setting, for example, versus a collection of cubicles. “This facility is large enough and diverse enough that it provides great test results and quality data to analyze,” says Dean Young, Physical Security Manager at HID Global. “Our employees are eager to be part of the pilot to demonstrate that we use the technologies we provide to our customers, and they want to help us stay in compliance with social distancing and contact tracing.” Ensuring privacy while protecting employees HID Global’s headquarters had approximately 425 employees before the coronavirus pandemic lowered the number drastically to include only essential workers. As more people return to work, additional fobs and badges are being issued to expand the scope of the pilot program. The program is also incorporating contact tracing of suppliers and others who visit the facility. Except when triggered by contact among employees, locations are not recorded. Each employee’s location is always available in real-time (e.g. in case of an emergency), but they are not “tracked.” Through BluFi placement and geofence capabilities, the system closes off private areas where location should not be monitored, such as a rest room. Geofencing also identifies when employees enter and/or exit the area covered by the pilot program. Although each beacon is associated with an employee, the employee’s identity is not part of the data stored in the cloud, so there are no privacy concerns. Data is completely anonymized, and no personally identifiable information (PII) is stored in Bluzone. Other computer systems in a company, such as a human resources (HR) program, can privately and securely store the identities associated with each beacon. Other applications for HID location services In addition to social distancing and contact tracing applications, HID Location Services offer other use cases ranging from asset tracking and employee safety/security to location analytics. For example, the system can analyze room usage for better building management and operational efficiency. It can also quickly find people in emergency situations. These use cases ensure continued value for a system even after concerns about social distancing and contact tracing have faded. The system can analyze room usage for better building management and operational efficiency Another big selling point is the ability of a company to be better prepared in case of a future pandemic, or a second wave of this one, says Robinton. The HID Location Services social distancing and contact tracing applications will be available at the end of Q3 and will be rolled out through HID Global’s existing integrator channel. Vertical markets likely to embrace the technology include healthcare, where hospitals need to track patients as they come in and to know which other patients or staff they may have been exposed to. The financial sector is another likely market, as is manufacturing, which is looking to avoid the prospect of shutting down an entire plant. It’s better to address the three or four people who were near a sick employee than to shut down the plant. In the hospitality industry, fobs can be used to signal duress by the housekeeping staff.
The U.S. Department of Homeland Security (DHS) will be participating at ISC West in a big way. Representatives of the federal department will be taking part in more education sessions this year, and the DHS tech-scouting team will be on hand to view the latest technologies on display at the show. Exhibitors – and anyone else at the show – are invited to the “DHS Town Hall” on March 19 (Thursday) at 3:30 p.m. in meeting room Galileo 1001. The aim is for DHS to engage with the technology community and provide guidance as industry innovation moves forward. In the face of growing operational demands and complex threats, the need for homeland security technology solutions continues to rise. The Department of Homeland (DHS) is seeking new ideas and partners to safeguard public trust, save lives, reduce risks, and protect the flow of commerce and goods for the community. They will share information about the department’s problem sets, capability needs and business opportunities for accelerating technology development to ensure they are keeping pace with the speed of innovation and complex threats. Speaking at ISC West DHS seeks to challenge industry partners to develop technology to enhance security operations across multiple end user missions. The DHS Science and Technology Directorate (S&T) and Cybersecurity and Infrastructure Security Agency (CISA) will jointly speak and exhibit at ISC West. Attendees can meet DHS professionals working in cyber security, critical infrastructure, resilience, aviation security, border and port operations, and first responder capabilities. Attendees are invited to visit the DHS exhibit booth #33040 in the Drones and Robotics Zone. The DHS Town Hall on Thursday, titled “Enhancing Security and Doing Business at the Speed of Life,” will be a “call to action” for show participants to help secure the future. DHS seeks to become more agile and to pursue new pathways to do business in a fast-moving world. Through strategic partnerships, DHS is mobilizing the innovation community to safeguard the public trust. Security sessions DHS will also be participating in these sessions at ISC West, March 17-20 at the Sands Expo, Las Vegas, Nev: You Say It’s Going to Change the World? Tues., March 17, 9:45 a.m., Sands 302. Security relies on anticipating what comes next and staying a step ahead. How will 5G increase secure capabilities and reduce threats from bad actors? How will blockchain secure personal and financial identity and when will quantum computing render all encryption obsolete? How is DHS investing in counter-drones? How does AI change the security landscape? The New Federal Security Landscape – Are You Prepared? Wed., March 18, 1 p.m., Sands 302. The federal security landscape is evolving alongside the private sector. What are the new high-risk areas of concern and how are emerging threats (cyber, UAS) changing the way federal facilities are protected? How are these new risks balanced against traditional ones? How is the Interagency Security Committee (ISC) responding? DHS panelists will discuss. CISA Special Guest Speaker at SIA Interopfest. Wed., March 18, 4 p.m., Sands 701. Daryle Hernandez, Chief, Interagency Security Committee, DHS, Infrastructure Security Division, will provide insights to complement the technology interoperability demonstrations. Enhancing Security Through UAS Technology, A DHS Perspective. Thurs., March 19, 11:30 a.m., Venetian Ballroom. What is DHS doing today to prepare for a future of increased visualization and automation? New questions are emerging around capabilities and vulnerabilities. Emerging technologies like AR, Next Gen Sensors, and UAS, provide the Department of Homeland Security (DHS) with tools to become more responsive and adaptive to new threats.
Facial recognition continues to be a political football and a target of privacy activists in the United States. For example, San Diego has suspended its use of facial recognition scanners by law enforcement after a campaign by civil rights groups. The San Diego Tactical Identification System (TACIDS) program included a database of facial recognition scans shared by 30 local, state and federal agencies. A California law, passed in the fall, puts a three-year moratorium on law enforcement use of face recognition technology. A proposal in Congress would prohibit use of biometric recognition technology in most public and assisted housing units funded by the Department of Housing and Urban Development (HUD), thus protecting the more than two million public housing residents nationwide from being “over-surveilled.” The “No Biometric Barriers to Housing Act” is supported by the NAACP, the National Housing Law Project, National Low-Income Housing Coalition, National Action Network, Color of Change, and the Project on Government Oversight. The problems of Facial Recognition "Studies that show that facial recognition systems may misidentify many individuals including women and people of colour" A letter from seven members of Congress to HUD Secretary Ben Carson questioned the use of facial recognition in federally assisted housing because it “could be used to enable invasive, unnecessary and harmful government surveillance of…residents.” The letter cites studies that show that facial recognition systems may misidentify many individuals including women and people of color, thus “exacerbating vulnerabilities that marginalized groups already face in life.” In June, Somerville, Mass., became the second U.S. city to ban the use of facial recognition technology in public spaces. The first was San Francisco. A coalition of organizations and trade associations has issued a letter to Congress outlining concerns with “blanket prohibitions” or moratoriums on facial recognition technology and listing beneficial uses for public safety, national security and fighting fraud. The Security Industry Association (SIA) is part of the coalition, the Information Technology and Innovation Foundation. A letter from seven members of Congress to HUD Secretary Ben Carson questioned the use of facial recognition in federally assisted housing Facial recognition technology has benefited Americans in many ways, such as helping to thwart identity thieves" The letter says: “While polls consistently show that Americans trust law enforcement to use facial recognition technology responsibly, some groups have called for lawmakers to enact bans on [the] technology. While we agree that it is important to have effective oversight and accountability of these tools to uphold and protect civil liberties, we disagree that a ban is the best option.” Development and guidance As alternatives to outright bans, the letter proposes expanded testing and performance standards, develop of best practices and guidance for law enforcement, and additional training for different uses of the technology. “Facial recognition technology has benefited Americans in many ways, such as helping to fight human trafficking, thwart identity thieves and improve passenger facilitation at airports and enhance aviation security,” says Don Erickson, CEO of SIA. “SIA believes this advanced technology should be used in a safe, accurate and effective way, and look forward to working with Congress to help the U.S. set the example on how to ethically and responsibly govern this technology.” SIA has produced a document called “Face Facts: Dispelling Common Myths Associated with Facial Recognition Technology.”
Gough & Kelly, a provider of security products and services across the north of England, has expanded the use of SmartTask to enhance its patrol monitoring and performance reporting capabilities at a second office in Yorkshire. The company has rolled out the workforce management software to its operation in Leeds, having already achieved significant operational improvements at its York business. “SmartTask has proved to be an invaluable tool across our manned guard, keyholding and alarm response services, especially on our contract with City of York Council, so our aim is to replicate this success at our Leeds operation,” explains Richard Cuff, Senior Operations Manager at Gough & Kelly. “When the roll-out is complete, we will be using the software for a team of 150 static and mobile security officers working across 100s of private and public sector locations. This will enable us to further streamline administrative processes, while enhancing the customer experience.” Simplicity of the software Initially, Gough & Kelly adopted SmartTask following a request from a customer, a boarding school in Yorkshire, for a patrol management system that would provide peace of mind that security activity was taking place. The company previously used a system that was not cloud-based and required the use of heavy and cumbersome data collectors, so they took the decision to explore alternative app-based options. SmartTask was selected because of the simplicity of the software and the breadth of information it provides. The use of the software has since been expanded to cover the entire York operation, providing an essential tool to its main contract with City of York Council. In 2018, Gough & Kelly secured a 10-year extension for the provision of security services covering almost 100 Council sites, made up of a diverse range of locations including offices, commercial buildings, libraries, hostels, museums, recycling centers and vacant properties. SmartTask was an important part of the retender process due to its responsive, evidence-based and KPI reporting functionality. Electronic incident report An electronic incident report can be submitted with additional details of identified damage and photo evidenceUsing a SmartTask-enabled smartphone, static security officers scan a tag at the start and end of each patrol to capture the length and time, while an electronic incident report can be submitted with additional details of identified damage and photo evidence. Meanwhile, mobile supervisors, responsible for alarm response and keyholding services, scan a tag to confirm proof of attendance. This creates a GPS location and timestamp, so Gough & Kelly can monitor response times and ensure they are meeting customer KPIs. Weekly and monthly reports Typically, Gough & Kelly is measured on completion of tasks, attendance and response times, so SmartTask generates weekly and monthly reports that are tailored to individual customer requirements. Incident reports are also supplied by 10 am the next-day, having previously been issued next-day by close of business, representing an improvement of up to eight hours. In addition, the centralized reporting system via SmartTask enables the company to compare performance levels at different sites, identifying operational trends and areas of improvement. Single software platform “SmartTask has certainly made our lives easier because of all the key information that is available within a single software platform. Not only does it give us added visibility and control centrally, but also simplifies operational processes for our remote workforce, removing previous paper-based systems. It has also allowed us to enhance our staff welfare checks, providing an added layer of protection and an effective way of addressing issues,” concludes Cuff. Paul Ridden, CEO of SmartTask commented: “We have developed a highly advanced, configurable and easy-to-use guard management, monitoring and reporting solution that puts our customers in complete control. The software can be tailored to meet individual requirements and achieve a host of efficiency, performance and compliance benefits, generating proven value and creating a point of differentiation.”
March Networks, a globally renowned company in video security and video-based business intelligence solutions, is proud to announce that one of the world’s largest oil companies will deploy its cloud-based Searchlight solution at more than 300 c-store locations. The Fortune 500 Company is currently rolling out March Networks Searchlight for Retail as a Service at all of its U.S. corporate-owned stores. The company’s branded fuel products are sold at nearly 8,000 service stations in the U.S., providing a future platform for March Networks to continue to grow its c-store customer base. Cloud-based Searchlight solution By choosing March Networks’ cloud-based Searchlight, the oil company can deploy a powerful loss prevention and data analytics solution in a shorter timeframe and with less upfront cost than a traditional video surveillance deployment. The subscription-based service, combining high-definition video, transaction data and analytics, is managed by March Networks from its secure Network Operations Center (NOC). This eliminates the need for the company to purchase and maintain servers within its own IT infrastructure, and leaves it free to focus on its business, while March Networks handles all the software upgrades and maintenance of the application. With the addition of the oil company, nearly 15,000 business locations worldwide are now using the March Networks Searchlight solution. Security and transformational business insights “Leading banks, retailers and restaurant chains are choosing March Networks Searchlight for its unique ability to deliver both security and transformational business insights,” said Peter Strom, President and Chief Executive Officer (CEO), March Networks. He adds, “Organizations can not only reduce theft, fraud and shrink, but gather operational and business intelligence to boost performance and profitability. By offering Searchlight’s video insights in a monthly subscription model, March Networks is meeting increased demand for cloud-based video surveillance-as-a-service (VSaaS), and rapidly growing the services part of our business.” Convenient managed services Searchlight for Retail as a Service includes March Networks’ convenient managed services Searchlight for Retail as a Service includes March Networks’ convenient managed services, where trained professionals monitor each customer’s video network system health and performance, ensuring maximum uptime. Using the March Networks Insight platform, customers gain access to their network information, including device health and warranty information, through a secure web browser. Searchlight and Insight are part of the oil company’s complete end-to-end solution. Command Enterprise Software The end-to-end solution also includes March Networks’ highly reliable hybrid recorders, supporting analog and IP cameras, its Command Enterprise Software for advanced system management and administration, and its SE2 and SE4 Series IP Cameras for crystal-clear video capture. March Networks is partnering with NAVCO, a national electronic security systems integrator and long-time March Networks Certified Solution Partner (CSP), to complete the company’s deployment and provide seamless support for the solution moving forward.
Václav Havel Airport Prague (PRG), with its prime location in the Center of Europe, is the largest and most important international airport in the Czech Republic. Prague Airport handled 17.8 million passengers in 2019 and received the Airport Service Quality Award 2019 awarded by ACI1 for the second time in a row. At Prague Airport, there are different types of areas restricted to authorized personnel. These are governed by an access control system fitted with approximately 1,000 readers and over 1,500 secured points (doors, locks, etc.). Mifare Desfire cards are predominantly in use for the time being. Among these, Security Restricted Areas (SRAs) are the highest security areas, with 60 access points of high importance. Contactless biometric technology Due to the critical nature of those areas, Prague Airport needed a very high level of security, and decided to implement a biometric solution, as the card itself (including with the use of a PIN code), would not be deemed as secure enough. The biometric system had to be able to cope with over 20,000 individuals, with the capability to increase to up to 30,000 users in the future. Prague Airport decided to keep the existing access cards but to add a biometric verification level for the SRAs. This means that the biometric solution would have to be used in combination with the existing cards through a two-step process. In order to avoid any physical contact with the devices, for user convenience as well as for hygienic considerations, it was decided to deploy a contactless biometric technology. Access control system The readers were installed at existing control points and are fully integrated into the airport access control system Prague Airport tested two technologies capable of connecting to its access control system, among which IDEMIA’s MorphoWave Compact contactless fingerprint terminal. After a thorough testing period, the choice was to go for IDEMIA’s technology for a number of reasons including: great user experience with an easy and quick hand gesture, as well as a strict GDPR compliance with users’ biometric information stored only in their cards. Prague Airport deployed more than 60 MorphoWave Compact in its SRAs. The readers were installed at existing control points and are fully integrated into the airport access control system. More than 20,000 users now have their biometric data in their access cards and the system is fully operational. Embedded card reader IDEMIA’s seamless biometric technology helps address health and safety issues. Employees appreciate the user experience provided by the solution deployed: it is easy to tap the access card onto the embedded card reader situated at the top of the reader and then to just wave the hand in a quick simple movement to get 4 fingerprint verified in less than 1 second, without the need to touch any part of the device. Airports is a key vertical among the many different ones served by IDEMIA. The biometric devices are used by 35+ of them throughout the world for staff access control, as here in Prague. The company’s biometric solutions are also used for border control and passenger flow facilitation, in more than 30 different airports.
Verkada, the provider in cloud-managed enterprise building security, announced the release of its environmental sensor product line and its initial product, the SV11. The announcement comes on the heels of Verkada’s recent Series C funding and successful launch of its access control line, further establishing the company as the provider of the operating system for modern, integrated buildings. Monitoring “Our customers are responsible for the systems that keep facilities online, and our mission is to give those administrators the best possible tools to do their jobs,” said Filip Kaliszan, CEO and co-founder of Verkada. “Whether it be monitoring the status of a server room, the temperature of a patient room in a hospital, or the air quality of a school, the SV11 gives facilities and staff unprecedented visibility and control over the sites they’re responsible for keeping safe and secure.” The SV11 is a simple-to-deploy, powerful sensing device that provides enhanced visibility into what is happening in a physical space. The cloud-managed device seamlessly integrates with Verkada’s enterprise video security solution, allowing organizations to review context and quickly associate sensor events with relevant video footage. Real-time insights and proactive alerts The interface delivers real-time insights and makes it easy to respond to proactive alerts or conduct investigations into past incidents. Customers across a range of industries, including healthcare, manufacturing, education, retail, and hospitality, have already deployed the SV11 to monitor: Air quality: Protect one's environment from invisible threats like gas and chemical leaks, or detect illicit activities like vaping and smoking. Temperature and humidity: Monitor changes in temperature and humidity that may damage expensive infrastructure, materials, or food and medical supplies. Motion and occupancy: Detect motion or occupancy in bathrooms, locker rooms, and other private areas where cameras are not appropriate. Noise levels: Detect activity or disturbances without violating privacy. Receive and manage alert notifications remotely “The ability to deploy Verkada's sensor in our network closets has provided us with complete visibility into what’s happening in those rooms,” said Rick Palandro, Security and Facilities Operations Engineer at Fox Rothschild LLP. “With Verkada, I'm now able to receive and manage alert notifications remotely the moment temperature rises above a specific threshold. I can instantly mobilize the team to respond to HVAC issues. We’ve shifted from a reactive approach that often resulted in damaged equipment to a proactive one that ensures our equipment is always operating properly.” Monitoring preventative and predictive maintenance Verkada’s SV11 has empowered us to take a data-driven approach to food manufacturing" “Verkada’s SV11 has empowered us to take a data-driven approach to food manufacturing that helps us stay ahead of the curve on environmental improvements across our plant facility,” said Frank McKinney, COO and Plant Manager of Carolina Ingredients. “By pinpointing where we can set up both preventative and predictive maintenance, we can closely monitor and optimize air quality, efficiency of our HVAC units, and behaviors in the plant, which enables us to more effectively manage the business and deliver quality ingredients and superior blending services that support our customers.” Integration with video monitoring solution "We installed the environmental sensor across campuses in areas like bathrooms that are difficult to properly monitor and are therefore likely places for inappropriate activity such as vaping," said Marty Oliver, Director of Technology at Godley Independent School District. "Paired with Verkada's video monitoring solution, the SV11 provides a new level of visibility into what's happening in those spaces without infringing on students' privacy, giving principals, superintendents, and office administrators a more holistic understanding of student activity in school." Environmental sensor The introduction of the environmental sensor follows accelerated business growth in Q2 2020, highlighted by: Sixty-five percent quarter-over-quarter revenue growth (compared to Q1 2020), including new deployments with Holiday Inn Express and Suites, Rubrik, NextGen America International expansion with new Sales operations in Sydney and Latin America and deployments with Heinemann Australia, Lifeview Residential Care, and Transportes Canales A projection to double headcount by year-end 2020 (compared to year-end 2019) Expansion of its global channel partner program to more than 1,500 resellers The launch of its Access Control solution, which oversold in the first quarter of general availability and surpassed projected sales by more than 400 percent The release of the Bullet Series of hybrid cloud cameras as well as new features as part of a COVID-19 Response Suite, including People Heatmaps, Person of Interest Notifications, and Crowd Notifications Smart buildings The launch of the SV11 is the next step towards Verkada delivering on its vision to power the modern, integrated building. With security cameras at its core, Verkada is expanding its product offering with new applications such as access control and sensors to deliver the infrastructure that runs safer, smarter buildings.
Protecting commercial properties is complicated and goes beyond safeguarding people and property. Security professionals respond to the needs of the business, staff, contractors, and visitors and deal with the realities of property damage, theft, and disgruntled employees. Ava helps the team react to anomalies and policy enforcement in real-time. Instead of merely investigating incidents, organizations can take the necessary steps to prevent them. Spotlight brings relevant feeds to the operator’s attention and triggers real-time alerts to address threats before they escalate. Leverage integrated video and audio analytics to give an enhanced understanding of the camera feeds. Respond to loitering challenges, access anomalies, theft incidents, fires, and more. Identifying suspicious people Smart Search allows operators to search by appearance, events, objects, similarity, or image. Recovering lost or stolen objects, identifying suspicious people like unescorted visitors, investigating health incidents or damage to the property, performing cleaning crew inspections now take minutes instead of hours. Combine with access control to identify tailgating or fire or active shooter scenarios To gain occupancy insights, operators can leverage Ava Aware’s unique Map view with Smart Presence. By adding floor plans and maps of premises, people and vehicles appear as dots in their precise on-site locations. Operators can see live footage as they move on the cameras’ fields of view. Combine with access control to identify tailgating or fire or active shooter scenarios. Connect Ava Aware to the cloud to achieve easy and simple deployment and access from anywhere in the world. Share links of recorded video with team members, claim investigators, and law enforcement, regardless of whether they have admin access to Aware or not. Get a secure download of video files in a standard mp4 format with digital watermarking for authenticity. Key benefits delivered are as follows: Integrate with existing cameras Hundreds of hours saved in forensic searches Add access control to extend capabilities Video & metadata storage remain on-premises Full site survivability and local access Increase operational productivity and reduce facility costs Distribute heat and cooling efficiently, optimize cleaning and workplace productivity through hot-desking insights Use people flow insights to manage people and vehicle queues efficiently Automatically decrease storage demands from all the recordings Reduce bandwidth consumption on critical links with AI-based optimization Pay for what is needed, when it is needed, without the hassle of complicated licensing Up to 200 cameras per Ava appliance— small footprint support for larger facilities One-click Ava Dome and Ava 360 camera configuration Encrypted media at rest and in transit Automatic firmware updates Digital watermarking to prevent tampering Simple subscription model without hidden costs or analytics add-ons With a simple licensing model, Vaion always includes services and software upgrades. They no longer have to worry about integration charges, operator charges, API fees, or the complexity between small, medium, large, and enterprise services.
Sonitrol, the globally renowned provider of verified electronic security solutions, has announced that CMS Corporation, an award-winning construction contractor, relies on one of Sonitrol’s newest offerings, Sonitrol Network Protection. CMS Corporation’s scope of services encompasses new construction, renovations, fueling systems, and energy and sustainability projects for a wide range of commercial and federal government clients. The company’s projects are approximately 70% Federal and 30% civilian undertakings. Upgrading network security According to CSO Online, the average small business loss when a network has been breached is US$ 170,000 According to CSO Online, the average small business loss when a network has been breached is US$ 170,000. CMS Corporation’s management knew that they needed to upgrade their network security in an effective, comprehensive and cost-effective manner. Matthew Wilson, Director of Information Technology at CMS Corporation, was impressed with Cisco’s reputation, and he was aware of their Cisco Meraki software. He chose Sonitrol Network Protection as the preferred network security solution because it offered a world-class solution provided by a known and trusted provider, Sonitrol. SB/MBEs more vulnerable to cyber-attacks The company, CMS Corporation’s Bargersville, Indiana Office is a two-story administrative space with a large workshop and fabrication area, and a large detached workshop/storage area. Small Business and Minority-Business Enterprises (SB/MBEs), like CMS Corporation, are particularly vulnerable to cyber-attacks, because their relatively small size means that they have a lower IT budget and resources. Furthermore, with CMS Corporation’s large number of federal government contracts, effective cyber security is essential to the company’s continued growth and success. Cybersecurity Maturity Model Certification compliance Due to upcoming Cybersecurity Maturity Model Certification (CMMC) compliance, federal contractors are required to tighten their network security to protect Controlled Unclassified Information (CUI). “Cisco Meraki products enable us to have proactive insight into our network activity to help ensure compliance with current and new federal regulations,” Matthew Wilson explained. Sonitrol Network Protection Wilson was attracted to Sonitrol Network Protection’s ease of deployment, auto mesh VPN and seamless scalability Wilson was attracted to Sonitrol Network Protection’s ease of deployment, single pane of glass administration, auto mesh VPN, and seamless scalability. These features are powered by the Cisco Meraki products and solutions, installed by CMS Corporation, which include: MX68CW, MS120-8 FP switch, and four MR36 access points. They also have a handful of Z1 and Z3 devices in remote construction trailers that are able to support the software. In addition to topline network protection from potentially daily cyber-attacks and ransom-ware attacks, Wilson and his colleagues are now learning post-deployment that Sonitrol Network Protection offers a host of additional security features and benefits. Cisco Meraki and Sonitrol intregation Wilson noted, “Cisco Meraki and Sonitrol are a winning combination and Sonitrol’s knowledgeable, courteous installation staff made the transition to our powerful, new network protection quick and easy.” Sonitrol Network Protection, powered by Cisco Meraki, can protect any size company’s network, devices, and data from daily cyber-threats and attacks. Firewall and intrusion protection The solution provides firewall protection, intrusion protection and prevention, ransom-ware protection, anti-phishing, malicious file scanning and more, thereby protecting businesses from huge monetary and data losses. It is cloud-based and managed from a single dashboard GUI, making managing ones network easy. Sonitrol Network Protection solution also provides robust business management tools: content/URL filtering, application-aware traffic control, guest WIFI access, analytics and heat mapping, and custom reporting options. The technology stays current with automatic firmware and security patches, and it works within a connected ecosystem, delivering security on Day 1 of implementation.
Round table discussion
Serving customer needs is the goal of most commerce in the physical security market. Understanding those needs requires communication and nuance, and there are sometimes surprises along the way. But in every surprising revelation – and in every customer interaction – there is opportunity to learn something valuable that can help to serve the next customer’s needs more effectively. We asked this week’s Expert Panel Roundtable: What was the best lesson you ever learned from a security end user customer?
New software developments have dominated technology innovation in the physical security industry for years, making more things possible to the benefit of integrators and end users. However, hardware is another important piece of the puzzle. No matter how great your software, the system doesn’t perform unless the hardware works too. In our enthusiasm over software developments, let’s not overlook the latest in the hardware world. We asked this week’s Expert Panel Roundtable: How do hardware improvements drive better physical security?
The general public gets much of its understanding of security industry technology from watching movies and TV. However, there is a gap between reality and the fantasy world. Understanding of security technologies may also be shaped by news coverage, including expression of extreme or even exaggerated concerns about privacy. The first step in addressing any challenge is greater awareness, so we asked this week’s Expert Panel Roundtable: Which security industry technology is most misunderstood by the general public and why?