Radiflow, global provider of industrial cybersecurity solutions for industrial automation networks, has announced that the company has been recognized as the Global Customer Value Leader in IT/OT Security for Smart Buildings by the leading analyst firm, Frost & Sullivan. Cybersecurity protection This award from Frost & Sullivan highlights the growing importance that Radiflow is playing in providing cybersecurity protection for smart building operations as dramatically increasing number...
Marking its European debut, Northrop Grumman Corporation’s Firebird product line will be showcased at the Royal International Air Tattoo at RAF Fairford, in the United Kingdom, July 19-21. The company is also announcing signed agreements with Tenax Aerospace and Grand Sky Development Company, LLC (‘Grand Sky’) for rights to purchase Firebird, the company’s new, optionally piloted intelligence, surveillance, and reconnaissance (ISR) aircraft system. Unmanned aerial vehic...
Using AI to bring focus to security, Avigilon Corporation, a Motorola Solutions company, has announced that it will once again be showcasing some of its latest and most innovative products and technologies at GSX 2019. Avigilon will showcase the next generation of video analytics, artificial intelligence, access control and cloud solutions, as well as some of the integrations with Motorola Solutions. Cutting-edge video analytics and AI Avigilon will be demonstrating how these latest technologi...
Eagle Eye Networks, the provider of cloud video surveillance worldwide, announced a new partnership with Salto Systems, a global provider of access control systems. In the new and improved Salto KS application, the Eagle Eye Cloud VMS Surveillance product has been integrated via cloud to provide Salto KS customers a more cyber-secure video experience connected to access control events. Within the Salto KS mobile app, a user can confirm a person’s identity before remotely granting access t...
GET Group North America, an innovative developer of mobile ID technology with over 20 years of experience in identity management, announced that its GET Mobile ID Digital Identity Solution for iOS can support near-field communication (NFC) for identity transactions at Point of Sale (POS), airports, and even kiosks. GET Mobile ID for Android already supports NFC identity transactions. GET Group NA and global partner Scytáles AB, innovative developers of mobile ID technology, are the...
Workforce management systems gather and analyze information and anomalies from security officers in the field. The information ranges from direct observations entered via mobile or desktop apps by officers on duty to reports from cleaning staff, the maintenance department, and CCTV operators. Taken together, the information yields business intelligence and data analytics at no additional cost. Trackforce is a provider of workforce management solutions specific to the security industry and its...
Aqua Security, global platform provider for securing container-based and cloud native applications, has announced a new Private Offer capability enabling software licensing and procurement directly through Microsoft Azure Marketplace, allowing customers to utilize existing purchasing methods in place for Azure services. Aqua now offers a choice of flexible software acquisition models that allow customers to purchase licenses on Azure the way that works best for them. Software purchased directly from Aqua can easily be installed on Azure while still taking advantage of streamlined deployment through the Azure Marketplace. Aqua Cloud Native Security Platform The Aqua Cloud Native Security Platform (CSP) now offers full support for the widest range of Microsoft cloud native technologies The Aqua Cloud Native Security Platform (CSP) now offers full support for the widest range of Microsoft cloud native technologies including Azure Kubernetes Service (AKS), Azure Container Instances (ACI) and the Azure Functions serverless compute service. Out-of-the-box integration with Azure DevOps development tools, Azure Container Registry (ACR) and Azure Vault for secrets management further simplify and speed deployment. Indicative of the deeper collaboration, Microsoft recently co-sponsored KubeSec Enterprise Summit, an event produced by Aqua and held in conjunction with KubeCon in Barcelona, Spain this past May. In addition, Aqua and Microsoft are jointly conducting a series of regional marketing programs to educate customers on cloud native technologies and providing the opportunity to interact with local technical resources from both companies. Recent events have included: Kubernetes DevSecOps Summits on March 14 in San Francisco and June 4 in New York City Azure Kubernetes / Aqua Security Hands-on Workshop in Atlanta on June 18 Aqua-to-Azure integration “The tight Aqua-to-Azure integration enables us to work closely with Microsoft in co-selling and joint marketing activities that educate enterprises on how they can leverage emerging security technologies like Aqua to mitigate the security concerns of running applications in the public cloud,” said Upesh Patel, Vice President of Business Development for Aqua Security. “The Aqua-Microsoft collaboration in the field optimizes the evaluation and production rollout processes, enabling IT security teams to harden their organizations’ security postures, and DevOps to quickly realize the benefits of working within these powerful Azure environments.” Jeana Jorgenson, GM, Cloud and AI for Microsoft Corp. said, “The availability of Aqua’s enterprise class security solution through the Microsoft Azure Marketplace simplifies the process of building out a secure infrastructure for cloud applications. Customers deploying containers on Azure can utilize the Private Offer process to quickly get a quotation and complete their purchasing cycle.” Aqua CSP integrations The Aqua CSP integrations with Azure Container Services, Azure Functions and Azure DevOps environments are available now. Customers wishing to receive a quote via the Private Offer process should contact their Aqua account manager.
Cobalt Iron Inc., global provider of cloud-based data protection and security solutions, has announced that it has received a patent for its techniques related to electronic discovery (e-discovery) when searching for data in backup storage. Solidifying Cobalt Iron's advanced enterprise-data discipline capabilities and providing further proof of it, this patent represents the company's unique approach to managing backup data sets to facilitate e-discovery requests. As a result, CIOs, data custodians, compliance officers, systems administrators, backup administrators, and other IT professionals who use Cobalt Iron's Adaptive Data Protection platform can fulfill e-discovery requests more quickly and cost-effectively, with verifiable data discipline. Adaptive Data Protection platform Among the largest data targets for e-discovery searches in most enterprises are backup data sets In today's business and regulatory climate, it is essential for enterprises to be able to respond to e-discovery requests in a timely, comprehensive, and cost-efficient manner. Among the largest data targets for e-discovery searches in most enterprises are backup data sets, which typically contain copies and versions of all key corporate data. Performing e-discovery data searches on these enterprise backup data sets can be complex, time-consuming, and very costly. Enterprise data custodians struggle with balancing the demands of legal e-discovery requests against the challenges and costs of performing the searches. e-discovery in backup data This Cobalt Iron patent unveils novel techniques for facilitating electronic discovery in backup data including: - Extracting metadata from a backup data set for e-discovery - Efficiently identifying a subset of data within a backup data set associated with an e-discovery request - Performing data reduction on data targeted by an e-discovery request - Preserving a native file format and a chain of custody for each data item in a backup data set identified by an e-discovery request - Applying e-discovery and backup policies to data identified by an e-discovery request - Automatically copying e-discovery data that is about to be deleted or modified within a backup data storage e-discovery techniques "Cobalt Iron's new electronic discovery techniques bring insights and efficiencies to corporate data custodians, allowing them to manage e-discovery requests more effectively and introduce new levels of data discipline," said Richard Spurlock, CEO and founder of Cobalt Iron. "Preserving native file formats, maintaining a chain of custody, and applying e-discovery policy for each data item identified by an e-discovery request greatly simplifies the arduous tasks associated with regulatory compliance."
TrackTik Software, provider of the No. 1 security workforce management software solutions internationally, has announced that its Vice President, Security Industry Mark Folmer has been selected as the third most influential thought leader on the IFSEC Global Influencers in Security and Fire 2019 list. Driving technology innovations This list, unveiled by the UK-based International Fire and Security Exhibition and Conference, the premier integrated security event — features executives who have significantly influenced the security sector. This includes individuals who have played a key role in driving technological innovation and best practices, shaping debate around industry issues, propelling the success of their organization, and helping to raise the industry’s profile. Folmer made it on to the list after being judged by a leading panel of industry experts - which he will be joining next year. Folmer, who took third spot on the 2019 thought leadership list — up from placing 19th in 2018 — was recognized as a security leader and forward-thinking influencer, committed to shaping the future of the industry as a practitioner, consultant, technology disruptor and university instructor. In his role at TrackTik Software alone, he is a trailblazer in advocating for the professionalisation of the industry Importance of data to drive security In his role at TrackTik Software alone, he is a trailblazer in advocating for the professionalization of the industry and reinforcing the importance of data to drive security organizations forward. By so doing, he has helped security organizations globally transform their operations to unprecedented levels of intelligence and efficiency. Within TrackTik, he also serves as an industry evangelist ensuring that the company stays up-to-date with the industry’s best practices and standards. A business school graduate with Certified Protection Professional (CPP) and The Security Institute (FSyI) certifications, Folmer gained status as a security services specialist through two decades of operations and volunteer experience. A Senior Regional Vice President for ASIS International’s Region 6, Canada, and Chair of the ASIS Security Service Council — an international group focused on security service delivery standards — he is a keen industry speaker and media spokesperson, committed to sharing his knowledge with the next generation of security professionals in his teaching role at Université de Montréal. Data protection expert Folmer’s selection follows a long list of recognitions attained by TrackTik Software. Most recently, the company’s CEO Simon Ferragne was presented an award for the Next Generation Executive Leadership by the Canadian Advanced Technology Alliance (CATAAlliance) and was named a Top 10 under 40 Security Leader by Canadian Security Magazine. In 2018, TrackTik Software was ranked No. 11 on the Deloitte Technology Fast 50 list, was named one of LinkedIn’s Top 25 Startups in Canada, placed 36th on the Canadian Business 2018 Startup 50 ranking of Canada’s Top New Growth Companies, and received a SaaS Award for Customer Success by San Diego-based APPEALIE.
IDIS announces the launch of its IDIS Dynamic Privacy Masking (IDPM) solution, a quick and efficient privacy tool, provided free of charge to its users. Continuing the company’s tradition of delivering specific solutions responsive to market conditions and concerns, IDPM offers a quick and efficient solution to the previously labor-intensive, and at time prohibitively expensive, problem of obscuring or ‘de-identifying’ persons in surveillance footage who are incidental, irrelevant, or protected by law when footage is to be reviewed by, shared with, or provided to a third party (such as for evidence in a legal proceeding). Video surveillance camera Video surveillance is further regularly reviewed in law enforcement, legal and court proceedings Laws and regulations governing privacy throughout North America increasingly allow for various types and levels of access to surveillance footage, and last year, the European Union’s GDPR provisions granted rights to any person captured by video surveillance camera to access a copy of their personal recorded data. Video surveillance is further regularly reviewed in law enforcement, legal and court proceedings; as part of campus investigations and disciplinary actions; or released to the media and public by public and private entities alike to confirm or explain events. This increases the need—and, at times, legal requirement—to ethically protect the identities of unrelated or protected individuals (such as minors) featured in the recorded video. De-identify faces Meeting these requirements, especially for small to medium businesses, can be cumbersome and involve additional expense, unbudgeted and/or better utilized elsewhere. Solving this problem, IDPM’s anonymization and obscuring features are now available from the IDIS Partners Portal as a direct download without cost. Using the software, authorized system users can blur sensitives areas and dynamically de-identify faces, vehicles, etc. Notably, IDPM does this automatically for the duration of the clip, even as the object or person moves around the scene. Recorded video data Users also have options to set passwords and expiration dates Users can then quickly save masked video as clips or project files via the IDIS Clip Player which, crucially, preserves the integrity of the footage. Importantly, masking can be easily removed later by the authorized user, should that become necessary in the course of an investigation or proceeding. Users also have options to set passwords and expiration dates, and to control who can access and play video files. The integrity of recorded video is assured throughout this process with IDIS Chained Fingerprint technology, which extracts distinctive features of recorded video data to create fingerprints for each frame and then embeds each fingerprint into the data of the next frame, connecting each frame together with the next like a blockchain.
TIBCO Software Inc., global provider of integration, API management, and analytics, has announced an official partnership with Ping Identity, a provider of Identity Defined Security. Together, TIBCO Cloud Mashery and the PingIntelligence for APIs solution bring seamless, AI-powered protection against new emerging API threats to customers. TIBCO Cloud Mashery is a complete solution for digital leaders, IT leaders, and chief information security officers to invest in API-led, cloud-native transformation for their organizations, with advanced API security at its heart. TIBCO Cloud Mashery He adds, “API products are the building blocks of an organization’s digital strategy and, as such, cyber-attacks on API programs are more prevalent and sophisticated. Few enterprises, however, take a standardized approach across their company to ensure the security of data and other digital assets, which are exposed via APIs,” said Rajeev Kozhikkattathodi, vice president, product management and strategy, TIBCO. “A number of highly publicized breaches resulted recently. As the API attack surface continues to expand due to the strategic value of APIs, a new generation of threats will similarly continue to emerge. We’re excited to partner with Ping Identity to improve security measures for enterprises with sensitive corporate data.” TIBCO Cloud Mashery offers API security features such as advanced authentication, bot detection, white and blacklisting, and access control to protect APIs from dangerous API consumers. PingIntelligence for APIs complements the solution by enhancing API security with AI-driven threat mitigation, decoy API deception PingIntelligence for APIs PingIntelligence for APIs complements the solution by extending and enhancing API security with AI-driven threat mitigation and decoy API deception. As market leaders in API management and API security respectively, these two solutions work together seamlessly to provide a complete API security offering, especially for businesses that are investing in new digital initiatives, such as banks adopting open banking to deliver a superior customer experience. “Companies' most sensitive digital assets, including their customer data, are increasingly made accessible via APIs, and protecting this infrastructure from abuses and cyber-attacks must be the top priority for CISOs and CIOs everywhere,” said Bernard Harguindeguy, chief technical officer, Ping Identity. “Our partnership with TIBCO brings AI-powered protection to boost the security of API infrastructures and help organizations everywhere secure their data and applications behind APIs.”
Ping Identity, the provider of Identity Defined Security, announces updates to its multi-factor authentication (MFA) solution, PingID, providing new methods to mitigate risk and strengthen security for enterprises. PingID’s new features include ways to evaluate user and device risk before access is granted, as well as support for Fast Identity Online (FIDO) standards to increase resistance to advanced phishing attacks. With phishing resistant and user-friendly authentication methods—including biometric authenticators, such as facial recognition and fingerprint matching—enterprises are able to create policies to enforce MFA only when warranted by an increased level of risk. Risk-Based security Risk-based security is especially critical to maintain employee productivity Verizon’s 2019 Data Breach Investigations Report found that 32% of breaches involved phishing and 29% of breaches involved the use of stolen credentials. For this reason, enterprises can benefit from an MFA solution that evaluates user and device risk to provide an extra layer of protection against phished and stolen credentials. Risk-based security is especially critical to maintain employee productivity and seamless online customer experiences. As a result, MFA has become more highly recommended by security frameworks like Zero Trust, those promoted by the National Institute of Standards and Technology and the International Organization for Standardization, as well as regulations like the PCI Data Security Standard. Leveraging facial recognition PingID further improves the balance of security and convenience provided to end users through multi-factor authentication as follows: Generally available in the next month, PingID support for Windows Hello and Mac Touch ID will support FIDO-compliant authentication methods. This will help users leveraging facial recognition and fingerprint matching on their devices. These capabilities help to securely access web applications that have implemented the FIDO standard. Additionally, PingID integration with FIDO-compliant security keys, such as Yubikeys, can be leveraged for web authentication and Windows login. Becoming generally available in the same time period, hardware OATH compliant tokens will be able to be used as an authentication factor when users are unable to use a mobile device. Virtual private network PingID will have the ability to support a quick and easy way to implement MFA PingID can now configure the number of attempts consumers logging in to a provider’s website have to enter a one-time passcode (delivered by SMS or Email), as well as set the amount of time they are locked out of their accounts if failing to provide the right one-time passcode. Additionally, generally available in the next month, PingID will have the ability to support a quick and easy way to implement MFA for Virtual Private Network access when users are working remotely, simplifying deployment of MFA for enterprise administrators. Corporate Resources PingID is now offering features in private preview that evaluate the location where a user requests access to corporate resources, and compares it to the location of the previous request. If the distance between the two geographies exceeds the threshold of what is possible by human travel, access can be automatically denied. Also in private preview, PingID assesses the reputation of the IP address from which a user requests access. Organizations can mandate specific MFA methods when the malicious activity-based risk score associated with an IP address exceeds a certain benchmark. Multi-Factor authentication Hackers are evolving their tactics to access accounts and steal data every single day" “Hackers are evolving their tactics to access accounts and steal data every single day, and it’s our responsibility as an enterprise security provider to come up with innovative and reliable ways to assess risk before access is granted, and block access when warranted,” said Steve Shoaff, chief product officer, Ping Identity. “PingID is a core product that enterprises have been using for years, and its new features make it stronger and smarter than ever.” Organizations interested in securing their enterprise with multi-factor authentication can sign up for a free trial of PingID. Also, be sure to check out the blog titled ‘Five Preventable Breaches Make the Case for MFA Everywhere’ to learn more about attacks that can be prevented with multi-factor authentication.
We live in an information and data-led world, and cybersecurity must remain top-of-mind for any organization looking to both protect business operation critical assets. Businesses without proper cyber measures allow themselves to be at risk from a huge list of threats - from cybercriminals conducting targeted spear-phishing campaigns - like the 2018 Moscow World Cup vacation rental scam, to nation-state actors looking to collect intelligence for decision makers - no organization is safe from innovative cyber threats. Security solutions enterprises Organizations can then set the groundwork necessary to stop malicious activity and keep their business’ data safe The evolving threat space means organizations need to ensure they have the most innovative prevention and detection frameworks in order to withstand adversaries using complex and persistent threats. When implementing new security solutions enterprises must start by assuming that there is already a bad actor within their IT environment. With this mindset, organizations can then set the groundwork necessary to stop malicious activity and keep their business’ data safe. As there is no one silver bullet that truly stops all cyberattacks, organizations must adopt a multipronged approach to be widely adopted to stop adversaries. This must include tracking, analyzing and pinpointing the motivation of cyber actors to stay one step ahead through global intelligence gathering and proactive threat hunting. In addition, deploying new technologies leveraging the power of the cloud give a holistic view of the continuously evolving threat landscape and thereby secure data more efficiently. Traditional security approach In today’s landscape, the propagation of advanced exploits and easily accessible tools has led to the blurring of tactics between statecraft and tradecraft. Traditional security approaches are no longer viable when it comes to dealing with the latest trends in complex threats. To make defending against these threats even more complicated, adversaries are constantly adapting their tactics, techniques and procedures (TTPs), making use of the best intelligence and tools. CrowdStrike’s latest Global Threat Report tracked the speed of the most notable adversaries including Russian, Chinese, North Korean and Iranian groups. As the adversaries’ TTPs evolve into sophisticated attack vectors defenders need to recognize we are amidst an extreme cyber arms race, where any of the above can become the next creator of a devastating attack. Russian efficiency is particularly high; they can spread through an enterprise network in 18 minutes 48 seconds on average, following the initial cyber-intrusion. Sophisticated cyber weapons Actors tend to use a simple trial and error technique where they test the organization's network So, reacting to threats in real-time is a priority. Bad actors are extremely vigilant and committed to breaking down an organization’s defenses, and speed is essential to finding the threats before they spread. Actors tend to use a simple trial and error technique where they test the organization's network, arm themselves with more sophisticated cyber weapons, and attack again until they find a vulnerability. This has highlighted the need for tools that provide teams with full visibility over the entire technology stack in real-time in order to meet these threats head-on. Traditional solutions are scan-based, which means they don’t scale well and can’t give the security teams context around suspicious activity happening on the network. They lack full visibility when a comprehensive approach is needed. Businesses without proper cyber measures allow themselves to be at risk from a huge list of threats - like the 2018 Moscow World Cup vacation rental scam Malicious Behavior Through leveraging the power of the cloud and crowdsourcing data from multiple use cases, security teams can tap into a wealth of intelligence collated from across a vast community. This also includes incorporating threat graph data. Threat graphs log and map out each activity and how they relate to one another, helping organizations to stay ahead of threats and gain visibility into unknowns. Threat graph data in conjunction with incorporating proactive threat hunting into your security stack creates a formidable 360-degree security package. Managed threat hunting teams are security specialists working behind the scenes facing some of the most sophisticated cyber adversaries through hands on keyboard activity. Threat hunters perform quickly to pinpoint anomalies or malicious behavior on your network and can prioritize threats for SOC teams for faster remediation. In-Depth knowledge Security teams need to beat the clock and condense their responseIt is key for security teams to have an in-depth knowledge of the threat climate and key trends being deployed by adversaries. The TTPs used by adversaries leave are vital clues on how organizations can best defend themselves from real-life threats. Intrusion ‘breakout time’ is a key metric tracked at CrowdStrike. This is the time it takes for an intruder to begin moving laterally outside of the initial breach and head to other parts of the network to do damage. Last year, the global average was four hours and 37 minutes. Security teams need to beat the clock and condense their response and ejection of attackers before real damage is done. Next-Generation solutions When managing an incident clients need to be put at ease by investigations moving quickly and efficiently to source the root of the issue. Teams need to offer insight and suggest a strategy. This can be achieved by following the simple rule of 1-10-60, where organizations should detect malicious intrusions in under a minute, understand the context and scope of the intrusion in ten minutes, and initiate remediation activities in less than an hour. The most efficient security teams working for modern organizations try to adhere to this rule. As the threat landscape continues to evolve in both complexity and scale, adequate budget and resources behind security teams and solutions will be determining factors as how quickly a business can respond to a cyberattack. To avoid becoming headline news, businesses need to arm themselves with next-generation solutions. Behavioral analytics The solution can then know when to remove an adversary before a breakout occurs Behavioral analytics and machine learning capabilities identify known and unknown threats by analyzing unusual behavior within the network. These have the ability to provide an essential first line of defense, giving security teams a clear overview of their environment. With this at hand, the solution can then know when to remove an adversary before a breakout occurs. Attackers hide in the shadows of a network’s environment, making the vast volume and variety of threats organizations face difficult to track manually. The automation of responses and detection in real-time is a lifeline that organization cannot live without as adversaries enhance and alter their strategies. Adversaries continue to develop new ways to disrupt organizations, with cybersecurity industry attempting to keep pace, developing new and innovative products to help organizations protect themselves. These technologies empower security teams, automating processes and equipping security teams with the knowledge to respond quickly. Organizations can set themselves up for success by integrating the 1-10-60 rule into their security measures, giving them an effective strategy against the most malicious adversaries.
In the next three years, software as a service ‘SaaS’ is likely to grow by around 23%. That’s according to reports by Cognizance. It’s growth rests on the adoption of cloud public, private and hybrid. Without the cloud applications can’t truly pervade an organization, nor can operational or customer benefits be derived. But there’s no point in adopting the cloud if it’s not secure - the proliferation of SaaS demands security, none more so in a GDPR world. Large cloud environment But modern applications are difficult to secure. SaaS based, web, mobile, or custom made all work on different platforms and frameworks. It’s a headache managing all the APIs needed to automate and sync tools. This introduces risk. The greater the number of apps the broader the attack surface and therefore the greater the chance there will be blind posts. Keeping up to date with updates and new security policies is never easy There are also added hazards. Applications are always changing. Keeping up to date with updates and new security policies is never easy, but especially hard in a large cloud environment. Failure to adopt changes puts the organization and customers at further risk. But the biggest obstacle is keeping applications and APIs out of harm’s way. It’s a near on impossible task when attack methods and sources are constantly changing. More advanced threats To be specific there are four emerging challenges when it comes to protecting apps. Firstly, managing the good and the bad bots and spotting which is which, secondly securing APIs as IoT adoption intensifies, thirdly the relationship between securing apps and DevOps and ensuring ownership of security, and finally denial of service attacks that use newer tactics such as brute force. Basic security hygiene dictates that security teams refer to the OWASP Top 10. It’s considered the ‘ten commandments’ in security circles, providing a starting point for ensuring the most common threats and vulnerabilities are managed, detected and mitigated. Web Application Firewalls also come into the fray with guidance on testing for the ways hackers exploit vulnerabilities. However, though the basics are good to have in place, there are always more advanced threats to take care of. Bots being a big one. Bot management The more sophisticated bots will go as far as to mimic human behaviorAstonishingly about half of internet traffic is bot generated. Half of it is from bad bots. Discerning the good from the bad isn’t easy though and explains why around 80% of organizations can’t make a clear distinction between the two. Bad bots can do a lot of damage like take over user accounts and payment information, scrape confidential data, or hold up inventory and skew marketing metrics. The more sophisticated bots will go as far as to mimic human behavior and bypass tools like CAPTCHA and even device fingerprinting based protection ineffective. Securing APIs Then there’s the complications derived from machine-to-machine and internet of things (IoT) communications. The more integrated ‘things’, the more data there is, the more events there are report on, and the more activity there is reliant on APIs to make the ‘things’ useful and agile. That’s what makes them a target and the threats to API vulnerabilities include injections, protocol attacks, parameter manipulations, invalidated redirects and bot attacks. There’s the risk that business will grant access to sensitive data, without inspecting nor protecting APIs to detect cyberattacks. There’s the risk that business will grant access to sensitive data, without inspecting nor protecting APIs to detect cyberattacks Denial of service (DoS) You might think there’s little to add to the swathes of denial of service warnings. Yet when businesses are still being targeted and feeling the ill effects it’s worth mentioning again that different forms of application-layer DoS attacks are still very effective at bringing application services down. Even the greatest application protection is worthless if the service itself can be knocked down This includes HTTP/S floods, low and slow attacks (famous examples being Slowloris, LOIC, Torshammer), dynamic IP attacks, buffer overflow, Brute Force attacks and more. The IoT botnets are the culprits and have made application-layer attacks so popular that they have become the preferred DDoS attack vector. Even the greatest application protection is worthless if the service itself can be knocked down. Continuous security It may seem easy to say but for modern DevOps, agility is valued at the expense of security. We see time and again examples of where development and roll-out methodologies, such as continuous delivery, mean applications are exposed to threats each time they are modified. There’s no doubt it is extremely difficult to maintain a valid security policy and protect sensitive data in dynamic conditions without creating a high number of false positives. But we now find that this task has gone way beyond the capability of humans. Organizations now need machine-learning based solutions that map application resources, analyse possible threats, and create and optimise security policies in real time. Reaching this level in security planning should be a big wake-up call that security automation is an essential not a nice to have. Running security plans The board needs to know that investment is critical to protect their profits It’s critical that the security solution your company adopts protects applications on all platforms, against all attacks, through all the channels and at all times. The board needs to know that investment is critical to protect their profits. As such there are six things they need to know: Application security solutions must encompass web and mobile apps, as well as APIs. Bot management solutions need to overcome the most sophisticated bot attacks. DDoS mitigation must be an essential and integrated part of application security solutions. A future-proof solution must protect containerized applications, severless functions, and integrate with automation, provisioning and orchestration tools. To keep up with continuous application delivery, security protections must adapt in real time. A fully managed service should be considered to remove complexity and minimise resources. No amount of human power will beat the bots. That last point is the most critical. Skill is essential in designing and running security plans and policies that work. But the plans can’t be executed without automated tools. There are just too many decisions to make in a split second. Combining both is the path to an effective app protection strategy and a stronger brand to boot.
Edge devices (and edge computing) are the future. Although, this does seem a little cliché, it is the truth. The edge computing industry is growing as quickly as technology can support it and it looks like we will need it to. IoT Global Market The IoT (Internet of Things) industry alone will have put 15 billion new IoT devices into operation by the year 2020 according to a recent Forbes article titled, “10 Charts That Will Challenge Your Perspective of IoT’s growth”. IoT devices are not the only edge devices we have to deal with as the total number of connected edge devices includes the likes of devices like security devices, phones, sensors, retail sales devices, and industrial and home automation devices. The IoT (Internet of Things) industry alone will have put 15 billion new IoT devices into operation by the year 2020 The sheer number of devices begins to bring thoughts of possible security and bandwidth implications into perspective. The amount of data that will need to be passed and processed with all of these devices will be massive. There needs to be consideration taken by all business owners and automation engineers into how this amount of data and processing will be conducted. Ever-Expanding Edge Devices Market As the number of edge devices in the marketplace and their use among consumers and businesses rises, the need to be able to handle the data from all of these devices is no longer going to be suitable for central server architectures. We are talking about hundreds of billions and even trillions of devices. According to IHS Markit researchers’ study, there were 245 million CCTV cameras worldwide. One has to imagine there are at least 25% of that many access control devices (61.25 million devices) based on a $344 million market cap also calculated by IHS Markit’s researchers. If all the other edge devices mentioned earlier are considered then one can see that trying to route them all through servers for processing is going to start to become difficult if it hasn’t already, -which arguably it already has, as is evidenced by the popularity of cloud-based solutions amongst those businesses that already use a lot of edge devices or are processing a lot of information on a constant basis. Cloud Computing The question is whether cloud computing the most effective and efficient solution as the IoT industry grows The question is this; is cloud computing the most effective and efficient solution as the IoT industry grows and the amount of edge devices becomes so numerous? My belief is that it is not. Taking the example of a $399 USD device that is just larger than the size of a pack of cards and runs a CPU benchmarked at the same level as a mid-size desktop. This device has 8GB RAM and 64GB EMMC built-in and a GPU that can comfortably support a 4K signal at 60Hz with support for NVMe SSDs for add-on storage. This would have been unbelievable five years ago. As the price of edge computing goes down, which it has done in a dramatic way over the last 10 years (as can be seen with my recent purchase), the price to maintain a central server that can perform the processing required for all of the new devices being introduced to the world (due to the low cost of entry for edge device manufacturers) becomes more expensive. This introduces the guarantee that there will be a point where it will be less expensive for businesses, and consumers alike, to do the bulk of their processing at the edge as opposed to in central server architectures. Cloud computing is now being overtaken by edge computing, the method of processing data at the edge of the network in the devices themselves Edge Computing There are a plethora of articles discussing and detailing the opposition between the two sides of the computing technology coin, cloud computing and edge computing. The gist of it is that “cloud computing” was the hot new buzzword three years ago and is now being overtaken by “edge computing.” The truth is that cloud computing is a central server architecture hosted at someone else’s location. Edge computing is going to be a necessary development in the technology industry Edge computing is the method of processing data at the edge of the network (in the devices themselves) and allowing for less resources required at a central location. There is certainly a use case for both, however the shift to edge computing amongst the general public and small to mid-sized businesses will not be a surprise to those players, who have been paying attention. One article titled, “Next Big Thing In Cloud Computing Puts Amazon And Its Peers On The Edge” by Investor’s Business Daily takes the stance that edge computing is going to completely displace centralized cloud computing and even coins the phrase, “Cloud computing, decentralized” to explain edge computing. It speaks for the stance that most experts in technology seem to be taking, including Amazon Web Services’ VP of Technology, Marco Argenti according to the same article. We know that edge computing is going to be a necessary development in the technology industry, and it is happening as I write this, and quickly at that. Cost Efficiency Of Edge Processing As time goes on, the intersection between the prices of network bandwidth, edge processing and maintaining super powerful central servers will cause edge processing to be the most efficient and cost-effective way to maintain a scalable network in any environment, including datacenters. Owning a central server or utilizing edge computing become the better options As it currently stands, most residential users can only achieve a 1Gbps WAN (internet) connection, and small to medium-sized business can’t get much more but seem to get much less, based on my personal experience. When more than 1Gbps needs to be processed, cloud computing becomes very expensive at which point, owning a central server or utilizing edge computing become the better options. Then you look a total cost of ownership and when the cost of edge computing is less expensive than the cost of maintaining central server architectures, edge computing becomes the single best option. So, I’ll say it again, edge devices (and edge computing) are the future.
After a period of rapid international expansion, the next step for Ajax Systems is to set deeper roots in each market and become more sustainable. The manufacturer of wireless security equipment will continue to extend the range of Ajax products and capabilities by responding to local requests. Smart home management options and automation scenarios will be a significant focus for the next year. Wireless security equipment The systems are resistant to false alarms, regularly update over the air Established in 2011 in Kyiv, Ukraine, Ajax Systems produces wireless security equipment for end users and small-medium-sized businesses. Ajax is a complete eco-system. The devices are ready to work out of the box. There are 24 devices for protecting residential and commercial properties from intrusion, fire, and floods as well as a set of automation modules. Users treat them as gadgets that make their homes smarter. Ajax wireless systems are easier to maintain, configure, and monitor for installers as well as for security companies, according to Ajax. The systems are resistant to false alarms, regularly update over the air, and can be easily expanded to cover premises of any size. IoT-based security systems “Our IoT-product approach to security systems, gadget-like industrial design, and user-friendly interfaces disrupted the market in 2016,” says Valentine Hrytsenko, Chief Marketing Officer at Ajax Systems. “After receiving global recognition in the security market, the company grew 80-fold.” Today, Ajax IoT-based security systems protect more than 200,000 people in 80 countries around the world from break-ins, fires, leaks and other threats. “Our mission is to reshape security and make it a common attribute of every household,” says Hrytsenko. Ajax wireless systems are easier to maintain, configure, and monitor for installers Ajax smart technology Ajax smart technology features a combination of reliable hardware and intelligent software. A proprietary Jeweler two-way radio protocol allows placing devices at a distance of up to 2000 meters from the hub in an open space. The system is encrypted, resistant to jamming and code grabbing. Ajax detectors feature false alarm-preventing algorithms: Haze Flow, ZOE, LISA, SmartDetect. The hubs run on a real-time operating system, Malevich OS that processes the commands and sends the alarms. Ajax Cloud service helps to control the system from anywhere in the world using native apps. Easy and seamless installation Ajax features system scalability, flexible management of administrative rights" Easy installation facilitates Ajax on-boarding. The company says 67% of Ajax users purchase additional security devices within the first six months. And an average system configuration consists of nine items. “We focus primarily on the residential, small and medium-sized businesses,” says Hrytsenko. “In the residential segment, Ajax covers the needs to detect break-ins, prevent fires and floods. Ajax devices are visually appealing to fit any home and business interior seamlessly. For the small and medium-sized business, Ajax features system scalability, flexible management of administrative rights, informative notifications, professional maintenance software, as well as integration of the security camera streams for centralized monitoring.” Route-to-market approach Ajax Systems’ route-to-market approach is two-fold. First, they develop strategic partnerships with the local professional security equipment distributors in each country. From the distributors, Ajax equipment goes to the installers, system integrators, security companies, etc. In addition, Ajax seeks to build brand recognition and actualize the concept of security by weaving it into the daily routine of a general audience. “We form a good understanding of their security needs,” says Hrytsenko. As with any new technology, there is an adoption curve for both B2B and B2C clients. Thus, the educational challenge is persistent for Ajax from country to country. Ajax Systems’ route-to-market approach is two-fold Wireless security systems “On a professional market, new products are often met with understandable suspicion,” says Hrytsenko. However, a huge misconception is that user-friendly equipment is either hard to customize or unreliable. Not true, he says. After testing in five accredited laboratories, Ajax devices successfully earned Grade 2 certification for compliance with the requirements of the international standard EN50131-1:2006. Grade 2 is the highest reliability grade a wireless security system can get.
Artificial intelligence (AI) is expanding the capabilities of license plate readers and vehicle identification systems. Within a smart/safe city scenario, automatic license plate reader solutions are used to help analyze real-time video streams for site surveillance, inspection and public safety, and to offer actional information through a network of connected camera systems. Outside of law enforcement, this can include other public safety initiatives such as traffic tolls, car counting, and parking security. Vehicle recognition systems Rekor Systems is a provider of vehicle recognition systems in more than 60 countries Using AI to enable video cameras, Rekor Systems is a provider of vehicle recognition systems in more than 60 countries. Applications include security and surveillance, public safety, electronic toll collection, brand loyalty, parking operations, banking and insurance, logistics, and traffic management. AI allows Rekor’s products to recognize and read license plates, while also providing information about each vehicle, including color, make, year, and model. Rekor’s products are powered by OpenALPR software, an AI-based solution that enables any IP (internet protocol) surveillance camera to scan license plates and provide vehicle data including tag number, make, model, and color in real time with 99% accuracy, according to the company. Rekor’s products are powered by OpenALPR software Integrated solutions “Rekor's software started as an open source project, and we have done our best to keep the commercial software as open as possible,” says Rod Hillman, Chief Operating Officer, Rekor Systems. “One of the challenges we see with others in our space is a tendency to ‘close off’ and ‘silo’ their solutions. Our goal is to make it as simple as possible to deploy, integrate, and ultimately use.” Rekor has numerous application programming interfaces (APIs) and ways the solution can be integrated into partners' solutions with a software development kit (SDK). Rekor solutions can be purchased directly or through a worldwide partner network of integrators, wholesalers, and within integrated solutions such as Nokia's smart city platform. Electronic toll collection Rekor’s solutions have viable applications within multiple markets While many systems are hardware-based, Rekor’s software-as-a-solution offering can turn an IP camera into an automatic license plate reader. Rekor’s solutions have viable applications within multiple markets, including law enforcement, security and surveillance, electronic toll collection, parking operations, banking and insurance, logistics, traffic management, and customer experience. “Rekor offers a cost-effective alternative to traditional LPR systems with a much higher accuracy rate at 99% allowing more cameras to be present and active at any given time,” says Hillman. “Traditional LPRs need someone to go through hours of footage to find what they are looking for while Rekor’s technology will send alerts in real time, resulting in much quicker response times.” Move Over Camera mounts onto roadside worker’s vehicles to capture ‘Move Over’ violations Two-Part authentication Rekor’s products include: NUMERUS, a cloud-based solution for high-volume vehicle recognition, designed to reduce costs and increase efficiencies for the electronic toll collecting industry. Two-part authentication instantly identifies the vehicle’s make, model, color and body type along with the license plate read. Machine-learning-enabled software recognizes license plates from all 50 U.S. states, in addition to plates from more than 70 countries on six continents. Edge, an all-in-one camera and vehicle recognition system that instantly reads vehicle license plates, along with the vehicle’s make, model, color and body type. Move Over Camera, which mounts onto roadside worker’s vehicles (police, tow truck, etc.) to capture ‘Move Over’ violations. ‘Move Over’ laws state that vehicles must move over one lane and/or slow down if they cannot move over to avoid incident while roadside workers are in the shoulder lane. The camera can detect what lane vehicles are in and how fast they are moving. Violators are flagged in the system for law enforcement’s review.
A high majority of Americans (83%) are concerned about a criminal attack causing physical harm at large-scale events such as sporting events or concert festivals. More than one in five (22% of) Americans say they have canceled plans or considered cancelling plans to attend large-scale public events due to concerns about physical attacks and the safety of their data. Across the pond, three in 10 Britons think twice about attending large-scale events due to data or physical security issues. Although less than half of U.K. survey respondents have changed their plans to attend large events, some 45% are taking extra security precautions. Brits are as afraid of using public Wi-Fi at an event as of a physical criminal attack. These are some of the insights from the 2019 Unisys Security Index survey of more than 13,000 consumers in 13 countries, including 1,000 in the U.S. and another 1,000 in the United Kingdom. Currently, the U.K. index is at 147 (down from 149 in 2018), which is one of the lowest of the countries surveyed Security index scores of countries Unisys gauged attitudes on a range of security-related issues and created an index based on survey results. The index is a calculated score from zero to 300 based on concern about eight specific issues within the categories of national, financial, Internet and personal security. Currently, the U.K. index is at 147 (down from 149 in 2018), which is one of the lowest of the countries surveyed. In contrast, the U.S. index is now at 165, considered a serious level of concern and the highest among developed countries surveyed. Globally, the index average stands at 175, with the Philippines scoring highest with an index score of 234 and the Netherlands registering the lowest concern ratings with a score of 115. Concerns about misuse of information Privacy is an area where concern is growing. “This year more than half of U.K. citizens expressed concerns about the misuse of their personal information,” says Unisys’ Global Chief Security Architect, Salvatore Sinno. Another 49% expressed serious concerns that intelligence services listen in on them through electronic devices such as mobile phones or smart speakers. The summer calendar of major sporting events, concerts and festivals raises the levels of security concern The summer calendar of major sporting events, concerts and festivals raises the levels of security concern. Nick Aldworth, former National Counter Terrorism Co-Ordinator, tells the BBC that the government is not doing enough to ensure venues are secure. He supports a campaign for more rigorous checks at venues in the U.K., named Martyn’s Law, after Martyn Hett, a victim of the Manchester Arena attack in 2017. safety Pointers while attending event Salvatore Sinno of Unisys provides the following pointers on keeping safe this summer: If planning to attend a crowded event alone, let someone know. Make sure friends or family know where you are going, when you plan to arrive and when you are expected to return. Plan ahead and check local authorities’ alerts; sign up for any travel or news alerts to receive updates on traffic or news of any disturbances. As soon as you get to an event, survey your surroundings. Make sure you know where the exits are and agree on a meeting place with friends in case you should get separated from the group. Know where stewards and information points are so you can speak to someone if you need to. Be vigilant for suspicious activity at an event. Don’t be afraid to report something you think is unusual, such as unattended baggage or people behaving in a suspicious or threatening way. In an emergency, stay calm and move to the edges of crowds. Try to leave the area quickly and calmly. If you need to, follow the standard police advice of ‘Run, Hide and Tell’. Only buy event tickets from official channels or trusted websites. Update your mobile device with the latest, most secure software and avoid unsecured Wi-Fi networks; keep your phone charged and take along a battery charger pack. Don’t make electronic transactions at unofficial event vendors; be careful with contactless cards or making mobile transactions. “Whether it’s your physical security or the security of your data, you can take precautions around major events so you do not make it easy for criminals to take advantage,” says Sinno.
Wintec (The Waikato Institute of Technology), established in 1924 is a major New Zealand Government-funded tertiary institution, which has three Hamilton campuses; a city site overlooking the central business district, Avalon campus on the northern outskirts of the city, and a horticultural campus at Hamilton Gardens. In addition, it has regional operations at Te Kuiti and Thames and also an office in Beijing. The Avalon campus, a ten-minute drive from the city, is home to specialist trades training facilities, a state-of the-art sport and exercise complex and custom designed facilities for the School of International Tourism, Hospitality and Events. The third Hamilton campus, the Horticultural Education Centre, is situated amidst the 58 hectares of Hamilton Gardens. On-Line distance education Wintec’s programs and qualifications are nationally and internationally recognized Wintec is one of the largest institutes of technology in New Zealand, and has more than 35,000 full-time and part-time students, more than 500 full and part time staff and eleven schools within its academic faculty. International enrolments exceed 1000 from 47 countries. A range of student services provide its domestic and international students with a high level of support so they enjoy a positive, safe and secure study experience. Wintec’s programs and qualifications are nationally and internationally recognized and its degrees have equal status to those from universities. The degree programs include Media Arts, Midwifery, Nursing, Occupational Therapy, Early Childhood Education, Business Studies, Engineering, Technology, Information Technology, and Sport and Exercise Science and a wide range of full and part time courses for those already in the workforce. Wintec is also recognized nationally in the delivery of on-line distance education for those unable to attend regular classes for reasons of geographical access or other constraints. Electronically controlled doors Wintec strives for a balance of unobtrusive yet robust control of site activity, essential for maintaining an open campus environment. Shane Goodall, Security Manager at Wintec, describes the approach to security as highly proactive and collaborative: “by focusing on preventing issues arising, we now have a minimal policing role and the crime resolution rate is high”. This environment is underpinned by Gallagher’s security system, a core access control, intruder alarms and integration platform. Wintec first installed the Gallagher system (formerly Cardax FT) in 1999 and has since migrated this legacy system to Gallagher’s latest security technology platform. Security for the entire organization, including satellite sites, is managed and monitored centrally from Wintec’s single Gallagher security system. Since initial installation, Wintec’s Gallagher access control system has grown from 7 to 240 electronically controlled doors in 2009, with another 40 planned - testimony to the scalability and flexibility of the system. Network friendly system communications The organization first installed 6 cameras in 2004 which has increased to 7 DVRs and 85 cameras Wintec has integrated its imaging system to the Gallagher system delivering a visual record which can be matched to the audit trail of events in Gallagher Command Centre software. The organization first installed 6 cameras in 2004 which has increased to 7 DVRs and 85 cameras (both analog and IP). Another compelling aspect of the system for Wintec is the scalability and TCP/IP network friendly system communications. As well as monitoring and controlling staff and student access, equipment including computers, TVs, printers, audio visual resources at Wintec are also monitored through the Gallagher system. The ‘Gallagher Hub’, a new computer laboratory offering comprehensive IT resources is open 24 hours. The Hub contains 125 workstations, and there are plans to extend that number. Active monitoring of equipment though the Gallagher system has significantly reduced theft. Students and staff have scheduled access to shared IT resources, classrooms and lecture theatres. Manage cardholder data ‘Cardholder Import’, an XML Interface, supports the importation of cardholder data including course enrolments from their student record system to Gallagher Command Centre. Shane comments, “Student card issuing is an automated process which is enrollment-driven – a student’s access privileges are assigned according to their enrolled courses.” “To implement this, we defined a rules-based allocation of access groups in the Gallagher system using the XML interface. The interface is ‘live’ so that changes in the student enrolments database are immediately reflected in the Gallagher system. The student’s updated access privileges come into effect without delay.” Staff that interact directly with students are now empowered to manage cardholder data enabling the security team to focus on security. Students and staff utilize Mifare SmartCard functionality extensively, embracing them as an integral multiapplication tool in their modern educational environment – SmartCards are used to issue resources from the library and as pre-stored value cards enabling prepaid printing and photocopying. In the near future they will also be used in Wintec’s Pay and Display car-park and potentially as passes onto city council buses. Electronic access control At Wintec, security is not viewed as a discrete functional activity relegated to security staff only Stewart Brougham, Director of Internationalisation at Wintec, says students have given very positive feedback about their ID cards. In particular, the ability to verify the identity of staff members from their ID access cards provides peace of mind for students. The end result is a people-friendly campus. Future enhancements of Wintec’s security may include the utilization of the CommCard solution from Gallagher to manage and monitor access to student accommodation. CommCard is a unique high level integration between the Gallagher Command Centre software and Salto off-line readers, delivering offline, non-monitored electronic access control for lower security doors. An overriding philosophy of collaboration has seen Wintec take a lateral approach to security, the value of which many organizations have yet to realize. At Wintec, security is not viewed as a discrete functional activity relegated to security staff only. The ongoing management of security is a joint effort between the security services team and the information services team. Increasing operational security The security services team manages the Gallagher system while IT looks after back end functions such as installation on the network and backup. Wintec has leveraged the convergence of security (access control) and other operational business functions recognizing the tremendous potential for reducing risk and increasing operational security, safety, performance and efficiency. Looking beyond simply controlling and monitoring who goes where and when on site, Wintec is harnessing the reporting capabilities of Gallagher Command Centre to meet regulatory requirements. The Gallagher system enables the institution to report on actual space utilization (not just space booking). Decisions are made for best use, and also to substantiate funding, based on these reports. “The key to space utilization reporting are the frequency of reporting and the integrity and reliability of information,” states Stewart Brougham. It’s a national issue for educational institutes in New Zealand. Extending external partnerships “For Wintec, reporting is about ensuring compliance with regulatory requirements and is also a staff time management issue – reducing the administration load on lecturers, who would otherwise have to track student attendance manually.” Brian Fleming, Director of Gallagher Channel Partner, Concord Technologies, sites this lateral application of a security system as key to maximizing the value of Gallagher to Wintec. Wintec has a strong relationship with Gallagher in the ongoing development of its technologies This collaborative philosophy extends to proactive external partnerships with their Gallagher Channel Partner, Concord Technologies, for the installation and maintenance of the Gallagher system, and with system designer and manufacturer, Gallagher. Having signed an agreement to continue in the capacity of a Gallagher field test site, Wintec has a strong relationship with Gallagher in the ongoing development of its technologies. Wintec’s success, in the last 5 years, as a test site reflects the competence of both its IT and security staff and the institute’s commitment to edge student services. Minimal training has been required. Software maintenance agreement There is open communication and information sharing between all internal and external parties involved, which means any issues that arise can be quickly addressed. Wintec has committed to a site maintenance plan with their security partner, Concord Technologies. The plan incorporates both software and hardware maintenance to ensure the system is maintained on the latest operating platforms within a known cost structure. A Software Maintenance Agreement also ensures enhanced ongoing system performance and reliability of the Gallagher system. Acknowledgements Gallagher would like to acknowledge the support of Wintec and security partner, Concord, with the development of this in-site study. Gallagher would also like to particularly acknowledge and thank Shane Goodall for the pivotal role he plays in championing the collaboration of these parties and for his outstanding support of the Northern Region Cardax User Group (NZ) in the capacity of Chairman of the group.
Seven disparate systems, tens of thousands of existing cards in circulation, new buildings requiring new systems, budget constraints - There are two approaches going forward: keep making it work, or work on a plan to centralize the system for some serious long-term efficiencies. University of East Anglia (UEA), located just outside Norwich city center, has more than 14,000 students studying on campus, and over 2,000 employees. The city had donated what was the Earlham municipal golf course for the site of the campus, and traces of the fairways can still be seen around the grounds today. In 1962, Denys Lasdun was appointed as UEA’s founding architect. It was Lasdun who designed the University’s core buildings – the monumental Teaching Wall, the raised walkways, the central Square and the now famous ‘ziggurats’. Installation of Gallagher security system We needed a system that would give us the ability to keep using what we currently have"The striking ziggurats are like none other – the student accommodation, lining the embankment, are pyramidal in shape. While the historical buildings remain, new buildings and residences have also been developed. These developments and the increasing expectation of student accommodation acted as key drivers for a review of access on the campus. Jonathan Richardson, Access Control Project Manager & Senior Systems Specialist for Corporate Information Systems has championed the roll out of a Gallagher security system for the University. From his previous position as an editor for an IT publication, he relished in critiquing a system to see if it was all it was supposed to be. “We needed a system that would give us the ability to keep using what we currently have, and create an infrastructure to be able to develop it over time to how we envisage the system one day operating,” he says. Compatible with third party card formats The import and export facilities have made the system ideal for combining data from a range of student, personnel and accommodation systems. “We already had 42,000 cards in circulation – there was no way we could replace them. Gallagher was chosen for its ability to work with third party card formats.” We rely totally on the automatic imports to add and remove access as required" “Card data is imported/updated using the import export service with data from the Envision card production system. We additionally use data from a student system, accommodation system and a couple of bespoke databases to automatically calculate access groups – changes to access groups are again handled via the import export service. “There is no way we could realistically manage the level of changes with a manual system – we rely totally on the automatic imports to add and remove access as required. The integration is massive, and the impact it is having in terms of pulling different information sources together is huge.” Four times more secure system Jonathan describes the system as being a “catalyst for change on how security, data storage and management across a range of systems and databases are viewed. The implementation has been very transparent – people are unaware of the changeovers that have taken place. The dynamic updates are now happening, and the system is probably at least four times more secure now.” Jonathan mentions the difference is made by the level of technical support available from the manufacturer, from the UK and even head office (based in New Zealand) dialling in when required. Gallagher controls a range of devices including doors, automatic swing and slide doors, car park barriers, turnstilesGallagher controls a full range of devices including doors, automatic swing and slide doors, car park barriers, turnstiles and elevators. The system also facilitates electronic access for disabled flats for residents in wheelchairs. System Division functionality is used to give building owners their own portion of the system for management purposes. Checking tailgating and card enquiries For car parking, times are recorded for charging parking fees. Louis Chisholm, Transport co-ordinator, uses the Gallagher security system on a daily basis. When asked how she finds the system, Louis replies, “I love it. I can check all the things I need to without asking anyone else.” She uses the reporting to check for people tailgating, and checking any enquiries for specific cards. From parking to the library: students enter the library through turnstiles. Reports on usage patterns have been used to justify access funding to promote the resource. The audit trail has been called on for incidents occurring in the library that have put staff safety at risk, and even disputes on the return of books. Research laboratories and chemical stores rely on the system; previously dangerous chemicals have gone missing with no knowledge of who was there at the time. Changing Prox readers to Mifare We have plans to change the existing 125 Prox to Mifare and then roll out dual function cards to all cardholders"The University has around 150 doors (30 Gallagher Controllers) using third party magstripe readers. There are additionally around 20 Gallagher Prox readers (125 kHz) used in secure areas via a dual technology card. “We have plans to change the existing 125 Prox to Mifare and then roll out dual function cards to all cardholders – replacing magstripe readers with Gallagher Prox Mifare readers,” explains Jonathan. Once converted, this would take into consideration different facets – from the cafeterias to involving the local bus companies – in the use of the smart card technology. The success of Gallagher security systems in centralizing access control and reporting has meant the system is being expanded rapidly, and introducing new functionality is ongoing.
The FeeMaster Smart Console from people and vehicle access control specialist Nortech provides a simple and cost-effective way of managing access to car parks and facilities for vehicles and pedestrians. All the access control data is encoded onto a Mifare card using the FeeMaster Smart Console. As a standalone system, there is no wiring between the access control point and the console, making it easy and cost effective to install. Parking management system The console can print customer receipts and/or barcode exit tokens Part of the popular FeeMaster range, the FeeMaster Smart attendant console is a compact, elegant and easy-to-install device that reads barcode tickets issued at an entry station, calculates the fees payable based on pre-programmed tariff details, and encodes reusable Mifare access control cards with validity data. If necessary, the console can print customer receipts and/or barcode exit tokens. It is also able to control a till drawer and can optionally provide a relay output signal which can be used by third equipment i.e. barrier control whenever a card has been encoded or an exit ticket printed. The FeeMaster Smart time-based parking management system is designed to provide information about the initial arrival time of each visitor and uses cards to strictly control customers’ access rights to car parks and facilities as well as the validity period. Fee calculation system Popular applications that have used the FeeMaster attendant’s console to control visitor access include Bristol Aquarium and Edinburgh Castle, where an easy to install and operate and an automatic fee calculation system with tariff and grace period settings included was required. Bristol Aquarium required a cost-effective and efficient product that would not only save money but would also make the constant stream of visitors easy to monitor. The barcode reader connects to a barrier/turnstile/gate at each site and opens once a valid barcode has been scanned by a visitor using easy to program modes of operation. New security products Nortech has supplied products and solutions to the security industry for over 25 years The simple to use design makes the console ideal for reducing queues and keeping the flow of people moving during busy periods, is extremely versatile and can simultaneously support several methods of revenue generation. Edinburgh Castle has been benefiting from the FeeMaster system for a number of years, using it to control and manage the strict parking at its site. The console allows the staff to control any misuse of the car park and ensures that there are enough parking spaces without the need for expensive cabling or disruption. Nortech has supplied products and solutions to the security industry for over 25 years as an independent British company. The company uses extensive experience and expertise to create new security products to fit their clients’ needs and designs everything with the customer in mind.
A supplier of global technology services, Bosch chose to partner with Gallagher and KW Corporation to help streamline its North American security operations. Operational efficiency Bosch required a comprehensive yet flexible security solution that could be tailored to solve their specific requirements and challenges. Presently 22 Bosch locations are on the Gallagher platform with a cardholder database of approximately 6,000. A key area of focus for Bosch was improving operational efficiency. Command Center, Gallagher’s powerful access control solution, offered Bosch a range of reporting functions to help streamline operations. Manager of Bosch’s corporate Security, Frederick Fung, says “The user friendliness of Command Center and the ability to automate reporting means our operations now run more smoothly. Administration time has been reduced, creating significant cost savings.” Having the ability to pick up the phone and call technical support is critical to securing our sites"CenrCentralized System Bosch selected Gallagher as the solution that could best meet its needs, including a centralised system to secure multiple sites. “Having the ability to pick up the phone and call technical support is critical to securing our sites,” explains Fung. “Many of our security staff have multiple responsibilities, so the Gallagher and KW Corporation services are invaluable.” Gallagher also offers customers the same training courses that it conducts for certified channel partners, providing staff with the capability to be first responders and giving them the confidence to handle certain security issues themselves. Command Centre Like many businesses, theft of physical and intellectual property is a big concern. With the support of Gallagher and KW Corporation, Command Center manages access control, Bosch surveillance, and intrusion systems. Selecting Gallagher provided Bosch with: Video management system integration (BVMS), for safety precautions and oversight CCTV integration, image and video event audit trail Peace of mind through the use of the latest continually evolving software technologies and cyber security counter measures, eliminating the fear of hacking and site down-time Integrated intrusion detection system allowing full situational awareness Flexible and scalable solutions Fung explains, “The key differentiator for Gallagher is the company’s unmatched support, system user-friendliness, and cost savings in both short and long-term.” Gallagher solutions are flexible and scalable, creating the potential for future growth across Bosch locations. “Integration with Gallagher Command Center has had a positive impact across our sites, improving safety, security, and operational efficiencies,” says Fung. “Gallagher supports us in providing a safe and secure working environment, improving the quality of life for our associates and visitors.”
Located in the buzzing heart of England’s capital city, University College London is one of the top ranking establishments for higher education in the world. Founded in 1826, London’s first university institution, the College now has an estimated 28,600 enrolled students and 14,600 members of staff. Including agency staff, academic associates, and other visitors, UCL currently has a system of over 48,000 valid cardholders. Based primarily in the Bloomsbury area, UCL’s main campus is situated on Gower Street and includes departments such as biology, chemistry, economics, engineering, geography, history, languages, mathematics, philosophy, politics, physics, architecture and the Slade School of Fine Art, as well as the preclinical facilities of the UCL Medical School and the London Centre for Nanotechnology. Electronic access control UCL has been used as a location for a number of high profile film and television productions While the UCL Cancer Institute and Faculty of Laws are also nearby, notable College buildings include the original Wilkins Building and Gower Street’s Cruciform Building, previously home to University College Hospital. The University has further sites based elsewhere in and around London, such as the UCL Institute of Ophthalmology, the UCL Institute of Orthopaedics and Musculoskeletal Science, The Royal Free Hospital Medical School, and also the UK’s largest university-based space research group, the Mullard Space Science Laboratory, and UCL’s own astronomical observatory at Mill Hill. Due to its position within London and the historical nature of its buildings, UCL has been used as a location for a number of high profile film and television productions, including Gladiator, The Mummy Returns, The Dark Knight and Inception. The sheer scale of the University’s operations, with thousands of occupants fluctuating between its numerous facilities, has dictated the need for a comprehensive electronic access control security system – one which has evolved over many years. Physical locking controls UCL’s Security Systems Manager, Mike Dawe explains that while adhering to the University’s culture of ‘general openness’ on campus, Gallagher systems have been introduced as “a progressive response to the need for more security control on site.” Security throughout the University is managed by the Security Department of the Estates Division, which has responsibility for all the physical locking controls and electronic systems, as well as the provision of the security guarding service. By and large an open campus, a number of university buildings are free to visitors from the general public, while others are controlled by turnstiles accessible by valid cardholders only. Many other research areas are available only to those with specific security passes. Gallagher’s systems have been in place with the University since 1993 and were originally chosen for the Gallagher Commander Hardware’s ability to communicate effectively over long distances between buildings. Key industry challenges Following were the key industry challenges involved: Ensuring appropriate access to students/staff onsite Implementation of lockdown and evacuation procedures Controlling access to key University areas Protecting University property Providing unobtrusive but robust security Control and management of multiple systems Visitor time and access management Central records systems Full data integration was achieved in 2006 when the system was linked to UCL’s central HR Recognized by Mike as the ‘next important direction for the University’, the subsequent introduction of the Gallagher Access Control system (formally Cardax FT) in 2003 enabled Gallagher’s main security system to be integrated with UCL’s other data systems. Additionally, Mike highlights how “Gallagher’s ‘building blocks’ approach to programming the software also provided greater flexibility when using the system, while the network infrastructure enabled us to move away from our own discrete wiring.” Full data integration was achieved in 2006 when the system was linked to UCL’s central HR, student records and visitor records databases. Combining the regular ID card with a single access control card then followed, and validity is kept fully updated by the University’s central records systems. Currently the University has 101 buildings on the Gallagher system, which controls 939 doors, 32 turnstiles and 15 lifts. General perimeter control Typically, Gallagher security is used for the general perimeter control of the buildings, such as those with both turnstile access and a reception at the entrance, as well as additional control within College buildings to divide public and semi-public areas from departmental spaces. Gallagher systems also control UCL’s top security areas such as high risk research space and data centers. Describing UCL’s security operation, Mike explains how the Gallagher solution has been integrated with the inhouse HR, student and visitor records systems and filters duplications to ensure a single identity. This information is then fed through the Gallagher system to update cardholder records using an ‘import/export’ function. The Gallagher technology is also used to automatically send barcode information to the Library systems and update the student records system with student photos. Scheduled email notification reports are also sent regularly which, according to Mike, “has proved very useful for UCL’s high value areas.” Security operations team We routinely use reports and produce these in response to departmental concerns and requests" “We routinely use reports and produce these in response to departmental concerns and requests”, he explains. “Typically this is done by the security operations team, which analyses the information, along with CCTV data to investigate suspected crimes.” UCL is planning to integrate the Gallagher Security system with its existing CCTV system and will use this, in addition to the new Command Centre Premier client, to improve the provision of site information to the Security Control room staff. The University is also currently developing its import/ export process to automatically provide access levels based on person-type information, such as department, course etc. Gallagher would like to thank Mike Dawe, UCL’s Security Systems Manager, for his support with the production of this site profile. We would also like to acknowledge the support of our security partner, Reach Active Limited who has contributed significantly to the successful implementation of the Gallagher system at University College London.
In mid-2009, Melco Resorts & Entertainment Limited opened City of Dreams, Macau – a casino and resort complex that quickly become one of the world’s premier entertainment and leisure destinations. The complex brings together a collection of world-renowned hotel brands, including Crown, Grand Hyatt, and Hard Rock, along with a casino area of approximately 448,000 square-feet and over 20 restaurants and bars. Also comprising an audio-visual multimedia experience, and ‘The House of Dancing Water’ – the world’s largest water-based extravaganza showcased in the purpose-built Dancing Water Theater. These unique and innovative entertainment, shopping, food and beverage offerings realize the company’s vision of bringing world-class integrated resort and entertainment experiences to Macau and Asia. Need of a robust security solution Melco Resorts was looking for a robust security solution capable of protecting high-value assetsHaving thousands of staff moving around the site meant that effective people management needed to be a significant part of the security solution. With a large site encompassing multiple areas and a staff of approximately 13,000, Melco Resorts was looking for a robust security solution capable of protecting high-value assets while providing a reliable and flexible system to support daily operations. In the years leading up to the opening of City of Dreams, Gallagher worked directly alongside Melco Resorts, and security partner Certis Security (Macau) Ltd, during the design and construction phases. The Gallagher team were highly involved in discussions and developments relating to software customizations and the final commissioning of critical security areas. MIFARE Classic card technology Part of the City of Dreams philosophy from day one was to operate a one-card, single service entity per staff member – not only for high-level security but across all system requirements. According to Billups, a lot of decisions around system choice were based on meeting the one-card philosophy. Utilizing MIFARE Classic card technology, 1700 access controlled doors were set up across the complex. Utilizing MIFARE Classic card technology, 1700 access controlled doors were set up across the complex Gallagher’s ability to encode the cards with data from multiple system providers was crucial in delivering the one-card policy. Along with Gallagher access data, third-party ASCII data encoding was also provided on the card for use by other on-site systems to achieve the objective of a single card philosophy. Latest generation data security The original system, comprising MIFARE Classic card technology, is now being upgraded to the latest MIFARE DESFire EV1 across all Melco Resorts properties. MIFARE DESFire EV1 provides the latest generation data security and encryption ensuring Melco Resorts globally stays at the forefront of technology. To further meet their one-card philosophy, Melco Resorts wanted a single card technology utilized across all three of their Macau complexes – City of Dreams, Altria Macau, and Studio City. In addition to enabling access across multiple properties, there was a requirement for a central monitoring system that could manage alarms escalated from any of the properties and register such alarms centrally in a main command structure. Highly integrated and expansive platform Gallagher’s multi-server technology delivers this, with seamless connection between all systems and across all sitesFuture-proofing was an important consideration of the security solution. “City of Dreams needed a system that catered well to growth, particularly in the areas of people management and access control. Gallagher provided us with the highly integrated and expansive platform we were looking for,” said Kelly Billups, Director of Security Technology & Administration for Melco Resorts. Gallagher’s multi-server technology delivers this, with seamless connection between all systems and across all sites. If communication between the facilities should fail due to a network fault or similar incident, each site’s security system will continue to function independently. According to Billups, the multi-server system has resulted in reduced labor costs due to the consolidation of security administration. Efficient movement of people The Gallagher system provides rapid response times to access requests ensuring the efficient movement of people in and out of areas. The instant dissemination of cardholder access and configuration data also ensures people have appropriate access delivered in real time. If cardholder access needs to be denied, this information is communicated and applied instantly across the site. In addition to door access activity, 5300 detection points are also monitored throughout the complexIn order to provide Melco Resorts with an audit trail of security events, all site activity is logged in a secure database. In addition to door access activity, 5300 detection points are also monitored throughout the complex. Reports are generated using a simple wizard-based system which steers the report generator through a step-by-step process ensuring the relevant data is retrieved. The City of Dreams site required integration with a number of external systems and Gallagher’s Command Centre central management software provided the platform to deliver this. Cameras integrated with Command Centre As surveillance is a key requirement for a casino, City of Dreams has thousands of cameras throughout the complex. A number of these cameras monitor critical back of house operations and are integrated with Command Centre to provide additional layers of security and enable further administrative functionality. A number of lower-level security points throughout the complex – which utilize traditional keys – integrate Command Centre with an electronic key management system. Keys are electronically released to personnel depending on their access permissions. Two high-level interfaces provide communication to all elevators connected to Command Centre There are approximately 80 elevator shafts located throughout the City of Dreams complex. Two high-level interfaces (Schindler and Otis) provide communication to all elevators connected to Command Centre where access control groups manage access to each of the floors. This integration is particularly important for heart-of-house elevators where access can be highly restricted to only authorized personnel. HR system integrated with Command Centre An integration between City of Dreams Human Resources (HR) system and Command Centre was established. The active connection between the two ensures that basic personnel information is automatically communicated from the HR system to Command Centre without the need for manual intervention. Because of this, the process of updating cardholder information and assigning access to cardholders is a quick and simple procedure – a must for a database of this size. The Gallagher system provides rapid response times to access requests ensuring the efficient movement of people in and out of areas. Where high-level (software) interfaces are not available, the Gallagher system connects with other services including: boom gates, motorized vehicle and pedestrian doors, and turnstiles, using what is commonly referred to as a low-level interface. A control relay in Gallagher’s Command Centre platform activates the door or gate, and in turn the status of the door or gate (open, closed) is reported back. Salto integrated guest locking system Melco Resorts requirement is to seamlessly integrate hotel guest-room locks with the Command Centre platformThe delivery of a high-level integration with a hotel guest-room locking solution is currently in development and will be a world first. Melco Resorts requirement is to seamlessly integrate hotel guest-room locks with the Command Centre platform in order to deliver high-level security across the entire complex. To deliver this solution, Gallagher is working with long-term partner Salto. The Salto integrated guest locking system is required to operate in conjunction with Melco Resorts high-security card encryption and encoding, while complimenting the hotel décor. Melco Resorts and Gallagher maintain an ongoing relationship which brings together Melco Resorts evolving requirements and Gallagher’s product development road map. “The relationship is key for us” said Billups, “having a team based in the region who meet with us regularly and having a level of engagement over development is very important.”
Round table discussion
There will be more artificial intelligence, more machine learning, video systems with more capabilities, and all of it will add greater value to our solutions. Those are among the expectations of our Expert Panel Roundtable as they collectively look ahead to the remainder of 2019. One unexpected prediction is that AI will not prove to be a game changer – at least not yet. We asked this week’s Expert Panel Roundtable: What will be the biggest surprise for security in the second half of 2019?
The ability to treat patients in a secure environment is a base requirement of hospitals and other healthcare facilities. Whether facilities are large or small, security challenges abound, including perimeter security, access control of sensitive areas, video surveillance, and even a long list of cyber-risks. We asked this week’s Expert Panel Roundtable: What are the security challenges of hospitals and the healthcare industry?
The definition of a standard is “an authoritative principle or rule that usually implies a model or pattern for guidance, by comparison with which the quantity, excellence, correctness, etc., of other things may be determined.” In technology markets, such as physical security, standards are agreed-upon language, specifications or processes that are used across the board by multiple stakeholders to enable easier interconnectivity and smoother operation of systems. We asked this week’s Expert Panel Roundtable: How are standards shaping change in the physical security market?