Key management

Ping Identity, the provider of Identity Defined Security, announces updates to its multi-factor authentication (MFA) solution, PingID, providing new methods to mitigate risk and strengthen security for enterprises. PingID’s new features include ways to evaluate user and device risk before access is granted, as well as support for Fast Identity Online (FIDO) standards to increase resistance to advanced phishing attacks. With phishing resistant and user-friendly authentication methods—including biometric authenticators, such as facial recognition and fingerprint matching—enterprises are able to create policies to enforce MFA only when warranted by an increased level of risk. Risk-Based security Risk-based security is especially critical to maintain employee productivity Verizon’s 2019 Data Breach Investigations Report found that 32% of breaches involved phishing and 29% of breaches involved the use of stolen credentials. For this reason, enterprises can benefit from an MFA solution that evaluates user and device risk to provide an extra layer of protection against phished and stolen credentials. Risk-based security is especially critical to maintain employee productivity and seamless online customer experiences. As a result, MFA has become more highly recommended by security frameworks like Zero Trust, those promoted by the National Institute of Standards and Technology and the International Organization for Standardization, as well as regulations like the PCI Data Security Standard. Leveraging facial recognition PingID further improves the balance of security and convenience provided to end users through multi-factor authentication as follows: Generally available in the next month, PingID support for Windows Hello and Mac Touch ID will support FIDO-compliant authentication methods. This will help users leveraging facial recognition and fingerprint matching on their devices. These capabilities help to securely access web applications that have implemented the FIDO standard. Additionally, PingID integration with FIDO-compliant security keys, such as Yubikeys, can be leveraged for web authentication and Windows login. Becoming generally available in the same time period, hardware OATH compliant tokens will be able to be used as an authentication factor when users are unable to use a mobile device. Virtual private network PingID will have the ability to support a quick and easy way to implement MFA PingID can now configure the number of attempts consumers logging in to a provider’s website have to enter a one-time passcode (delivered by SMS or Email), as well as set the amount of time they are locked out of their accounts if failing to provide the right one-time passcode. Additionally, generally available in the next month, PingID will have the ability to support a quick and easy way to implement MFA for Virtual Private Network access when users are working remotely, simplifying deployment of MFA for enterprise administrators. Corporate Resources PingID is now offering features in private preview that evaluate the location where a user requests access to corporate resources, and compares it to the location of the previous request. If the distance between the two geographies exceeds the threshold of what is possible by human travel, access can be automatically denied. Also in private preview, PingID assesses the reputation of the IP address from which a user requests access. Organizations can mandate specific MFA methods when the malicious activity-based risk score associated with an IP address exceeds a certain benchmark. Multi-Factor authentication Hackers are evolving their tactics to access accounts and steal data every single day" “Hackers are evolving their tactics to access accounts and steal data every single day, and it’s our responsibility as an enterprise security provider to come up with innovative and reliable ways to assess risk before access is granted, and block access when warranted,” said Steve Shoaff, chief product officer, Ping Identity. “PingID is a core product that enterprises have been using for years, and its new features make it stronger and smarter than ever.” Organizations interested in securing their enterprise with multi-factor authentication can sign up for a free trial of PingID. Also, be sure to check out the blog titled ‘Five Preventable Breaches Make the Case for MFA Everywhere’ to learn more about attacks that can be prevented with multi-factor authentication.

HID Global®, a provider of trusted identity solutions, announces it has added FIDO2 authentication to its Crescendo smart cards, enabling them to support the FIDO Alliance industry initiative focused on standards-based ‘password-less’ sign-in. HID Global partnered with Microsoft on this effort. The company also expanded its Crescendo family with the Crescendo Key Series that brings the same FIDO2 authentication capabilities and other features of its advanced smart cards to workstations, laptops, tablets and ultra-books without requiring additional reader and driver software. Strong authentication credentials HID Global will be demonstrating the new cards and keys at Identiverse 2019 HID Global will be demonstrating the new cards and keys at Identiverse 2019, where it will collaborate with Microsoft and others in the identity industry to showcase FIDO2 authentication. “The Crescendo 2300 Series smart cards and Crescendo Key Series are part of HID’s high assurance solution that delivers end-to-end lifecycle management of strong authentication credentials as well as globally trusted digital certificates for email and document signing and encryption,” said Brad Jarvis, Vice President & Managing Director of Identity & Access Management Solutions (IAMS) with HID Global. “Customers now have two form factor options for use with our unified cloud and on-premises authentication and management system. There is more to come as we work with Microsoft and other industry players to improve how secure credentials are used in a way that emphasizes convenience and privacy.” Major industry standards The Crescendo C2300 Series smart cards and Crescendo Key Series use a common HID authentication platform that supports all major industry standards and regulatory guidelines. They create a consistent, all-in-one access and authentication experience for users, and a simplified administrator experience for deploying high-assurance authentication so they can eliminate weak passwords that are their biggest IT vulnerability. “Microsoft has been on a mission to eliminate passwords and help people protect their data and accounts from threats,” said Alex Simons, Corporate Vice President of Program Management, Microsoft Identity Division. “We are pleased to see companies like HID Global support that goal by adding FIDO2 authentication support and joining our security association.” Cloud authentication The Crescendo keys use Near Field Communications (NFC) and USB-A and C ports to deliver the same capabilities HID Global’s expanded Crescendo offering delivers a consistent set of capabilities, regardless of form factor, through its authentication platform for HID Hardware Authenticators. The Crescendo keys use Near Field Communications (NFC) and USB-A and C ports to deliver the same capabilities as the Crescendo smart cards. The cards also support HID’s Seos credential technology to enable unified enterprise badges that combine visual identification, network and cloud authentication and physical access, improving convenience for employees and contractors who can tap to open the door and tap to authenticate to Windows and cloud applications. Digital identity guidelines The cards and keys also: Provide multi-protocol support for public key infrastructure (PKI) digital certificates, Personal Identity Verification (PIV) digital signature and encryption, the Open Authentication (OATH) open reference architecture, and the emerging Fast Identity Online (FIDO) industry standard -- the backbone of Microsoft’s Windows Hello Security Key for protecting access to Windows and Azure Active Directory. Future-proof compliance with widely used finance and healthcare privacy and security regulations by leveraging native platform support for strong authentication options using emerging and broadly adopted industry Align with NIST SP800-63 Digital Identity Guidelines for achieving Authenticator Assurance Level 3 The Crescendo C2300 dual-interface smart cards and Crescendo keys are available in sample quantities now. Volume availability will commence in the third quarter of 2019. See live demonstrations at Identiverse 2019. Visit HID in booth #324 at Identiverse 2019 from June 25-28 at the Washington Hilton in Washington, D.C. for live demonstrations of its latest Crescendo solutions.

PAC & GDX, providers of access control and door entry solutions, are showcasing the range and depth of their innovative technology on Stand IF2930 at IFSEC International 2019. From a single door installation to a fully integrated network based system, the company’s extensive portfolio provides unbeatable reliability and robust functionality, at a price point that enables installation in a diverse range of residential and commercial buildings. In order to provide integrators and end users with the highest level of flexibility and ease of operation, PAC & GDX have joined forces with STid, the principal manufacturer of instinctive, contactless security technologies. NFC based readers By incorporating STid’s Bluetooth and NFC based readers with PAC or GDX controllers, a mobile phone can be used to gain access. To enjoy all the benefits of a handsfree option, all an individual has to do is tap their phone twice and the Bluetooth signal is sent to the reader to unlock a door. By downloading the STid app a virtual credential can be configured in a smartphone wallet By downloading the STid app a virtual credential can be configured in a smartphone wallet, allowing the user to have multiple virtual ‘keys’ for different areas or sites. The system can also be configured to use proximity based near field communication (NFC) instead of Bluetooth, or a combination of the two. Furthermore, it is available with a PAC or PAC 64 output and, when using a PAC 512 or PAC 212 access controller, two readers can be connected to provide true read in/out from a single channel. Access control systems Also on display is the PAC Residential Cloud solution, which leads the way in allowing organizations to remotely manage and monitor their access control systems in a secure, modern and cloud based environment. Users can address technical issues, deal with key fob management, view status, set and unset a system, and gain access to an event log more easily than ever before – all from a remote location. Various site communication options are available including PSTN, GSM and GPRS and it can be configured and managed via a smartphone, tablet or PC. At IFSEC PAC is demonstrating how Residential Cloud can be integrated with 3xLOGIC cameras to provide a fully hosted solution, which is perfect for the residential sector. This system allows designated personnel to be notified if, for example, a door is forced or left open. Network switches By sending an alarm to the camera, it starts to record and transmits images to a mobile device via a push notification. This allows the system to provide vital information that elicits a fast response and immediate action. With an optional camera, a backlight LED to provide clear visitor images in low light levels Sharing the limelight with STid and Residential Cloud is GDX7 – a next generation IP based door entry system that offers integrated access control for up to 1,000 keyholders using a standard two-core cable. With an optional camera, a backlight LED to provide clear visitor images in low light levels, and an inbuilt reader, GDX7 has an incredibly high level of functionality and enables integrators to install an IP system without being skilled in IT or familiar with network switches. Identification devices The GDX7 door entry panel can be provided with multiple button options, including those that meet the requirements of the Equality Act, and its readers and identification devices have also been approved by Secured by Design – a police service initiative that aims to improve the security of buildings. Already a huge success, GDX7 has a new seven-inch apartment station and a new landing card, which enables it to provide up to 96 handset connections. It too has recently been augmented with STid integration providing property owners, engineers or contractors with a flexible way of gaining access to remote properties. “PAC & GDX are driven by constant innovation and the desire to push the boundaries of what’s possible with access control,” commented David Hughes, the company’s global product manager. “We also pride ourselves on our customer service and technical support, which includes the provision of a new online training platform that offers a great way to get the most out our products.”

Delivering another high-value benefit to users, the Maxxess eFusion security management platform now integrates off-the-shelf and seamlessly with the widely used range of deister electronic key management systems. With this latest off-the-shelf integration, eFusion users can now manage all their keys from their centralized security management platform, reducing the risk of security breaches and streamlining their day-to-day operations. Modular and scalable, the deister electronic systems encompass a range of cabinets which can store anything from 8 keys to thousands. They can be used stand-alone or as part of a global corporate solution, in applications ranging from hotels and leisure settings to retail and up-scale residential developments. Reduces criminal activity Knowing who has a particular key at any given moment significantly reduces the risk of losses and criminal activity"“Knowing who has a particular key at any given moment significantly reduces the risk of losses and criminal activity,” says Lee Copland, Managing Director, Maxxess EMEA. “The deister electronic systems make that task much simpler. And with real-time reports logging all system usage, users can be held accountable for any misuse, theft of loss of keys – better protecting buildings and assets.” The integration with deister electronic systems is just the latest example of how the eFusion platform gives users the freedom to integrate, customize and adapt their security systems to meet both current needs and emerging risks. eFusion’s open technology software supports more than 60 off-the-shelf integrations from leading vendors, providing complete freedom to customize solutions combining surveillance, access control, fire and intruder systems with back-office processes.  Making premises more secure Off-the-shelf integration between our key management systems and eFusion will deliver major benefits to customers"Crucially, integration with Maxxess eFusion also reduces complexity for installers and their customers and offers unlimited future scalability at affordable price points. “Off-the-shelf integration between our key management systems and eFusion will deliver major benefits to our customers,” says Darren Harrold, Head of UK Operations at deister electronics. “This means they can now link their essential systems together – including their surveillance, intruder, access and fire detection systems – making a wide range of premises easier to manage and more secure.” Visitors to IFSEC International can see Maxxess eFusion and deister key management in action, where both companies will be exhibiting on stand IF2120 and IF410 respectively from 18th to 20 June at London’s ExCel.

Keyfactor, a provider of secure digital identity management solutions, announces the launch of Keyfactor Control 6. This newest release of the company’s flagship, end-to-end secure identity platform addresses scalability in connected device security. Keyfactor Control secures, authenticates and future-proofs IoT identity at every step of the device lifecycle, providing a scalable IoT security solution. “The threat landscape is changing – trends like IoMT are creating new security risks and attack vectors, particularly when it comes to connected healthcare,” says Ted Shorter, CTO and Co-Founder of Keyfactor. “Any data transmitted across a network represents digital identities of patients and connected hospital equipment. Protecting highly sensitive data like medical records calls for end-to-end encryption and digital signatures to secure and protect it from compromise.” Security Posture Of Devices Keyfactor Control embeds high-assurance secure device identity from manufacturing through deployment and operation According to Gartner Inc., a research and advisory firm, “the IoT brings significant IT capability to a healthcare delivery organization, but brings with it additional risks. These new IoT-based vulnerabilities are outside the normally understood boundaries of information security or cybersecurity when viewed from the IT perspective1.” “In terms of IoT devices, getting security ‘right’ must happen at design time,” says Shorter. “But it’s not all about devices – security has become a part of the larger equation and organizations need to consider the security posture of devices as an aspect of its overall effectiveness when making purchasing decisions.” Keyfactor Control embeds high-assurance secure device identity from manufacturing through deployment and operation. The platform’s capabilities include IoT security scalability, one-step Root of Trust (RoT) management and fully managed private PKI. Innovative Product Teams Key features include: Secure Code Signing – Turnkey firmware signing and verification implementation via Keyfactor Control SDK, which ensures genuine software installations. Centralized PKI Management – Enabling the ability to discover, monitor, issue and replace millions of certificates and keys in real-time. No More Shared Credentials – Allowing every device to generate its own unique cryptographic key securely, which never leave the device that generated them. Global Manufacturing Support – Automatically registering and securing all devices, regardless of where they’re manufactured. Device Encryption – Providing encryption on device and in transit, ensuring continuous device overlay. “As the number of connected devices continues to grow, continuously managing security across those devices becomes a tougher task,” says Kevin von Keyserling, CEO and Co-Founder of Keyfactor. “Keyfactor Control delivers just that – control over every connected device on the network. Critical security tasks that could take weeks can be done with the click of a button. Customers can disconnect compromised or suspicious devices and replace keys and trusted roots instantly, without disruption and in real-time. This is a game changer for innovative product teams needing a competitive edge.”

IdenTrust, (part of HID Global), the provider of digital certificates, and Device Authority, a global leader in Identity and Access Management (IAM) for the Internet of Things (IoT), announces a strategic alliance with a vision to provide trusted identity lifecycle management for enterprises on their digital transformation journey. Device certificates have traditionally been used to secure routers, firewalls, servers, and other devices capable of securely handling private keys and implementing PKI technologies. However, in the new IoT world, device certificates can be used to secure a wide range of networked assets, such as ATM machines, medical devices, surveillance cameras, industrial machines, refrigerators, vehicles and much more. Swift Integration IdenTrust’s comprehensive identity-based digital certificate solutions deliver assured individual and device identity for financial institutions, healthcare providers, government agencies and enterprises around the world. With over 5 million certificates in active production, IdenTrust supports over 18 billion validations per year and is the world’s pioneer digital Certification Authority. Device Authority’s KeyScaler automation engine provides secure IoT device registration and provisioning through an innovative policy-driven credential delivery and management system that ensures certificates can be easily rotated, renewed and managed without human intervention. The platform is designed for swift integration and interoperability in support of today’s rapidly expanding IoT application market. The combination simplifies the process of enhancing device security and its administration for our customers" Combining Device Authority’s KeyScaler platform capabilities with IdenTrust’s trusted digital certificate solutions provides customers with a complete IoT security solution that automates compliance, minimizes costly manual intervention and manages risks in a diverse industrial regulatory marketplace. Enhancing Device Security “The relationship between IdenTrust and Device Authority links our trusted certificate authority with a seamless and scalable means to efficiently manage the lifecycle of issued digital certificates in the rapidly expanding IoT device market,” said Brad Jarvis, Vice President and Managing Director of Identity & Access Management Solutions (IAMS) with HID Global. “The combination simplifies the process of enhancing device security and its administration for our customers.” “We’re delighted to be working with the IdenTrust team to provide device and data trust for their customers embarking on their IoT journey. With a mixed environment of devices emerging in healthcare, industrial, and government sectors, the combined value delivered from both companies has a strong positioning for physical, enterprise and IoT IAM customer solutions,” said Darron Antill, CEO of Device Authority.

The past decade has seen unprecedented growth in data creation and management. The products and services that consumers use every day – and the systems businesses, large and small, rely on – all revolve around data. The increasing frequency of high-profile data breaches and hacks should be alarming to anyone, and there’s a danger data security could worsen in the coming years. According to DataAge 2025, a report by IDC and Seagate, by 2025, almost 90% of all data created in the global datasphere will require some level of security, but less than half of it will actually be secured. Nuanced Approach To Data Security Security is a circle, not a line. Every actor involved in the handling and processing of data has responsibility for ensuring its securityThe rapid proliferation of embedded systems, IoT, real-time data and AI-powered cognitive systems – as well as new legislation like the European Union’s GDPR – means that data security has to be a priority for businesses like never before. With data used, stored and analyzed at both the hardware and software level, we need a new and more nuanced approach to data security. Security is a circle, not a line. Every actor involved in the handling and processing of data has responsibility for ensuring its security. What this means in practice is renewed focus on areas of hardware and software protection that have previously not been top of mind or received large amounts of investment from businesses, with security at the drive level being a prime example. The Importance Of Data-At-Rest Encryption In a world where data is everywhere, businesses need always-on protection. Data-at-rest encryption helps to ensure that data is secure right down to the storage medium in which it is held in a number of ways. Hardware-level encryption, firmware protection for the hard drive, and instant, secure erasing technology allow devices to be retired with minimal risk of data misuse. Data-at-rest encryption helps to ensure that data is secure right down to the storage medium in which it is held in a number of ways A recent report from Thales Data Threat found that data-at-rest security tools can be a great way to help protect your data. However, it’s important to note that this must be used in conjunction with other security measures to ensure that those that fraudulently gain access to your key management system can’t access your data. Ensuring Drives To Be Common Criteria Compliant One straightforward test any business can do to ensure its storage is as secure as possible is to check whether the drives are Common Criteria compliantDespite the clear benefits, this kind of encryption lags behind other areas, such as network and endpoint security, in terms of the investment it currently receives. The same Thales Data Threat report found that data-at-rest security was receiving some of the lowest levels of spending increases in 2016 (44%), versus a 62% increase for network and a 56% increase for endpoint security. One straightforward test any business can do to ensure its storage is as secure as possible is to check whether the drives are Common Criteria compliant. Common Criteria is an international standard for computer security certification, and drives that meet this standard have a foundational level of protection which users can build on. Providing An Additional Layer Of Security The retail industry has seen a spate of security breaches recently, with several major US brands suffering attacks over the busy Easter weekend this year. As frequent handlers of consumer card information, retailers are particularly vulnerable to attack. Data-at-rest encryption could enhance security in these instances, providing an additional layer of security between customer records and the attacker The advanced threats retailers face can often evade security defences without detection. Such a breach could grant attackers unrestricted access to sensitive information for possibly months – some breaches are known to have been detected only after consumer payment details appeared on the dark web. These types of undetected attacks are highly dangerous for retailers, which are relatively helpless to protect consumer information once their defences have been compromised. Data-at-rest encryption could significantly enhance security in these instances, providing an additional layer of security between customer records and the attacker which has the potential to make the stolen data valueless to cyber criminals. Industries In Need Of Data-At-Rest Encryption Healthcare organizations, which hold highly sensitive customer and patient information, have a strong use case for data-at-rest encryption. With the widespread adoption of electronic patient health records, that data is increasingly more vulnerable to attack. Recent research from the American Medical Association and Accenture revealed that 74% of physicians are concerned over future attacks that may compromise patient records. With the widespread adoption of electronic patient health records, that data is increasingly more vulnerable to attack The financial sector would also benefit from further investment in data-at-rest encryption, given 78% of financial services firms globally are planning on increasing their spending on critical data, according to Thales’ Data Threat Report. It’s helpful to view security as a circle in which every piece of hardware and software handling the data plays its partSMEs and enterprises are not immune to security threats either – with growing numbers of people traveling for work or working remotely, the risk of sensitive business data becoming exposed via device theft is heightened. Usernames and passwords have little use if thieves can simply remove unencrypted hard drives and copy data across. Securing Every Hardware And Software Technology vendors often focus on aspects of hardware and application security that are within their control. This is understandable, but it risks proliferating a siloed approach to data security. There is no single line for data security -- rather, it’s helpful to view it as a circle in which every piece of hardware and software handling the data plays its part. There’s a clear need for more industry dialog and collaboration to ensure data security is effectively deployed and connected throughout the security circle and across the value chain.

Considering how much the modern smartphone has become a common everyday tool and cultural icon, it’s hard to believe it has only been with us for a relatively short space of time. The first Apple iPhone was launched in 2007 and yet in a little over a decade the smartphone has become as essential as our keys or wallet. From its conception as a multi-faceted communications device, it has morphed into something far more integrated in our daily lives. Services such as Apple Pay, Android Pay and PayPal have seen the smartphone become a credible replacement for cash and cash cards, but equally, it is possible to replace access cards and keys as well.Smartphones can easily receive authentication credentials remotely and access can be confirmed or denied instantly The ability to accurately authenticate an individual and the applications this offers for security purposes, is something that the security industry needs to continue to embrace and further promote to our customers. Considerable Advantages Most security professionals understand the potential benefits of using mobile device authentication, with flexibility being the key advantage. Smartphones can easily receive authentication credentials remotely and access can be confirmed or denied instantly. Equally, smartphones already contain many secure options to ensure they are only used by the authorized user – fingerprint and face recognition, as well as pattern authentication and PIN, being prime examples. Unfortunately, there is still a lack of awareness amongst some security operators, customers and the public of these exciting benefits. Potentially there may also be some reluctance, in certain quarters, to trusting a mobile device with physical security. A lack of trust in seemingly ‘unproven’ technology is not unusual, but the security industry needs to demonstrate reliability along with the considerable security and convenience benefits of using it. Trusted Part Of Security Network Many smart devices already securely bind the mobile device with the right person by using 2-factor authenticationMobile device security needs to earn its trust, in much the same way as any other new ground-breaking application. In fairness to the doubters, it’s not hard to imagine how much of a risk a badly protected mobile device could be to any secure network! There are two key obstacles that smartphones need to clear before they can become a trusted part of the security network though. Firstly, that they are secure enough to be trusted as part of a security network, and secondly that they can reliably identify an authorized user in a real-world environment. Many smart devices already securely bind the mobile device with the right person by using 2-factor authentication. For example, this could combine a PIN code with the fingerprint or face of the authorized individual. In areas with particularly high security, you could also implement a wall-mounted biometric reader (fingerprint, facial recognition or iris scan) to add a further level of protection and ensure there is no wrongful use of the mobile device. Security tokens or access cards are typically rigid in their programming, only allowing access to certain areas Security By Location With its many and varied functions, undoubtedly one of the most useful systems on any smartphone is its GPS location tracking. It’s also a perfect tool to assist with security systems interaction.A benefit of using smart device authentication is the cost savings over operating traditional tokens Consider any secure facility – it will feature different levels of access. This can vary from a humble canteen and break-out areas, right through to secured doors around potentially dangerous or highly sensitive areas - such as plant rooms, or even a nuclear facility! Security tokens or access cards are typically rigid in their programming, only allowing access to certain areas. A smartphone, however, can be granted or denied access depending on the location of the request by the individual – GPS literally adds a level of extra intelligence to security. Personal Items Using QR codes seem to be a simple but reliable identity and access control authentication optionMobile devices tend to be guarded and protected with the same concern as your money or your keys. Many of us literally carry our mobile device everywhere with us, so they are relatively unlikely to be misplaced or lost – certainly in comparison to a key card for example. Also, think about how often you use or hold your smartphone – some estimates suggest 2,600 times each day! With that level of interaction, you’ll be aware very quickly if it’s been misplaced, not least because of the inconvenience and cost to replace it. This level of personal connection makes it perfect for use with security systems. Cost Savings Another obvious benefit of using smart device authentication is the cost savings over operating traditional tokens. No more plastic badges, access cards, lanyards, printers and consumables used to administer security. This is something the security industry really needs to shout about! It will come as no surprise to hear that smartphones are exceptionally common too. Figures suggest that in 2015 there were nearly 41m in use in the UK and this is predicted to rise to 54m by 2022. With the UK population being just over 65m, that is a very high percentage of people already carrying this technology. Using a resource that people already have, and which is highly secure, makes unquestionable financial as well as practical sense. GPS location tracking is a perfect tool to assist with security systems interaction Integrated Technology Agreeing on common and shared open protocols has unfortunately been one of the stumbling blocks for the security industry in adapting to a predominantly smartphone authentication approach. NFC (Near Field Communications) technology in mobile phones and smart devices has failed to be the universal success it promised.Not everyone has an iPhone, but it is such an important segment of the market for customers Mobile technology trends have dictated to the systems that use it. Apple’s earlier (Pre iOS 11) decision to restrict the use of NFC to Apple Pay on its devices has had a profound effect on the implementation of NFC in other applications too. Not everyone has an iPhone, but it is such an important segment of the market that other manufacturers are wary of how customers will be able to use any new technology. We have seen a much bigger focus on using Bluetooth Low Energy technology on mobile devices instead. With providers such as HID Global, STid in France and Nedap in the Netherlands now concentrating on developing Bluetooth Low Energy readers and mobile credential applications, this seems like a highly credible alternative. Along with NFC and Bluetooth Low Energy options, there also seems to be a lot of interest in using QR codes as simple but reliable identity and access control authentication. These can easily be displayed on a screen or printed if necessary, giving great flexibility over the type of technology that is used in the future. Upgrading Existing Security Systems There are strong arguments for many businesses to continue using MIFARE+ systems if they suit operations well We are steadily seeing the signs of smartphone authentication replacing the cards and tokens we have been familiar with. However, many consumers still want options rather than to just be railroaded down one path. A business that has invested in cards or tokens will want to use that technology investment fully. The changes will come when readers are updated – this is when security specifiers and installers need to promote the advantages of dual-technology readers, which offer options to include smartphone authentication into the mix. There is still considerable diversity amongst smart devices, the operating systems they use, and the security technology employed by each. Android, Apple iOS and Blackberry devices all vary with regards to the biometric authentication available, so security administrators may need to be flexible on the types of authentication they accept. Interestingly, card technology has also progressed at an astonishing speed too – with MIFARE+ proving to be a highly cost-effective, practical and secure system that can easily be integrated. There are strong arguments for many businesses to continue using these systems if they suit operations well. NFC (Near Field Communications) technology in mobile phones and smart devices has failed to be the universal success it promised Hybrid Systems A hybrid approach may be the best answer for many security operators. This means those who choose to enjoy the benefits in terms of flexibility and convenience of smartphone authentication can do so, whilst those who are more hesitant can continue to use more traditional methods. A hybrid approach may be the best answer for many security operators Larger organizations may find that the swap over is a slower and more gradual process, whilst smaller start-up businesses may prefer to jump to a smartphone-based approach straight away. If security systems are well integrated but modular in their approach, then it becomes much simpler to evolve as time goes on. Embracing The Benefits Using their app-based systems architecture, smartphones are ideally placed to evolve with security systems in the future. There are many benefits for the security industry and our customers, but we need to remember that this move will involve a culture change for many security operators and users. The security industry needs to be mindful and respectful of any anxiety, but also be positive and promote the considerable benefits mobile authentication offers.

When asked about what the market should be thinking about in 2018, I am left offering an answer that serves as an urgent call to action: Prepare yourself for change! The security industry is soon likely to see a dramatic shift from the traditional segmentation of commercial and residential security. Smart phones, mobile technologies, cloud computing, and having everything provided ‘as a service’ in peoples’ lives means users of buildings have a new set of expectations. In many ways, the coming crosspollination of residential and commercial security offerings means we will have a better idea of best practices. The convenience of residential spaces will combine with the robust security of commercial facilities, for example. But this also means a higher level of demand will be placed on security integrators, facility managers and owners. Operations groups may need to change drastically to offer new technologies. Security as a service is likely to become more common. And new technologies are emerging that will facilitate this change and require new skillsets and expertise. So, what the market should be thinking about right now is: How do we all, collectively, keep up? More critical is finding ways to offer or utilize new technologies and total solutions that make operations easier Ensuring Security Preparedness As it stands now, in terms of physical security for doors and openings, we are currently in a world where we can secure almost anything. Be it hospital, school, file cabinet, server rack, grain silo or barn that is off the electrical grid, we have a solution for that. So being hyper-aware of your industry, its offerings, and how the products work together is important, as it means every location that needs security can have security. But perhaps more critical is finding ways to offer or utilise new technologies and total solutions that make operations easier, moving security components deeper into a building, facility or campus, and building and leveraging on partnerships where everyone is invested in the other’s success. Here are a few suggestions for addressing these issues. Training In New Security Solutions Perhaps the biggest change in the near term will be emerging technologies that will alter how we currently use security solutions. Be it cloud-based security, intelligent keys, new types of credentials, or simply a better software for management, the need to be well-versed on these offerings is key. To this end, it is important to not only know what offerings exist in the security world, but also be well-trained on them. Seek out a manufacturer that is willing to offer training and education on products, strategies and solutions. While it is important to secure server rooms at the point of entry, it might also make sense to provide a cabinet lock with audit capabilities on the rack or cabinet itself Identifying An End Goal Further, approach the integration and implementation of these technologies with a collaborative mindset. For dealers and integrators this means utilizing new technologies to better secure a facility for a client. As a building owner or manager, it means making tenant and occupant life better while streamlining your own operations. The ultimate goal of any new technology is to meet customer needs in the very best possible way. And that goal should trickle down from manufacturer to integrator to the facility manager and ultimately the end user. Don’t just implement technology for the sake of doing so. Do it with purpose by identifying an end goal and utilising these amazing solutions to achieve that. Identifying an end goal also means seeking out the core requirements a building has to provide users with the expected level of security and service. This is obviously dependent on the building, and it doesn’t always mean physically moving into a building, but rather looking at ways to move further into the operations of a business. Securing Access To Buildings Government facilities are undergoing a transition to security requirements dictated by the FICAM programme For some businesses, keeping server racks or file cabinets secure can be critical. And while it is important to secure these rooms at the point of entry, it might also make sense to provide a cabinet lock with audit capabilities on the rack or cabinet itself. New opportunities also fall into this category. Government facilities are currently undergoing a transition to security requirements dictated by the Federal Government’s Identity, Credential, and Access Management (FICAM) programme. FICAM sets standards for implementation of secure access to all government facilities and mandates the use of FIPS 201 Personal Identity Verification (PIV) for federal employees and contractors. This means that PIV enabled access points will be required on the perimeters, interiors and other openings. Finding ways to retrofit these affordably, efficiently and effectively means offering more secure openings on what is likely to be a tight budget. This can also apply to offsite facilities. Earlier I mentioned barns and grain silos – locations that are often left off electrical grids but can come with the need for auditing capabilities – and a solution exists for that. So, while a corporate headquarters might be under robust lock and key, it is always good to ask about other locations that could use a simple security upgrade. Personal Identity Verification-enabled access points will be required on the perimeters, interiors and other openings Establishing Security Partnerships Again, the best way to achieve readiness with this approach is to be aware of the market and its offerings, and to engage in collaborative partnerships. Collaborative partnerships are critical for everyone who is tasked with protecting the people and places that matter most. Manufacturers rely on the integrators and building supervisors to understand the new and developing needs in the industry. Integrators then must rely on manufacturers to provide these solutions, offer education and training, and be in constant contact about the newest technologies available. Collaborative partnerships are critical for everyone who is tasked with protecting the people and places that matter mostAnd building owners or managers must both be aware of their tenant and end user needs and demands – be it for new technologies or even seeking out sustainability solutions. In turn, they need to know they can rely on a collaborative approach from an integrator and manufacturer who is invested in their success. Industry Collaboration For A Secure Future Again, the biggest thing we must all need to consider now is how to prepare for the future. Treading water is simply not enough in the security market anymore. New technologies and performance expectations are forcing us to consider ways to better serve our clients – whether we are a manufacturer, integrator or in charge of facilities. And the best way to do this is together. We are all invested in the success of one another, and in the people who use the places we strive to keep safe. By seeking out, developing, and cultivating these partnerships in collaboration and innovation, we are able to help one another prepare for the future that is becoming more complex, intriguing and exciting every day.

Nexkey says its mission is to disrupt the access control market and ‘change the way people experience access to physical places’. The startup is embracing the latest buzzword for access control – frictionless – while also enabling electronic access control for doors currently protected by mechanical locks. The system is simple with only three components – a controller, an electronic replacement lock core, and a smart phone app. The ‘controller’, a combined reader and access control panel, is used to connect to existing electric strikes, mag locks, electronic push bars and other hardware components at the door. It also communicates via Bluetooth with a smart phone credential. Users approach a door, choose the door they want to open in the app, and wait for the app to say ‘unlocked’. Replacing Key Cards And Fobs With App Access rights are customized for each user, and doors can be unlocked remotely to allow a delivery guy or guest to enterThe electronic ‘core’ device can be switched out with existing mechanical lock cores to provide electronic access control in locks such as deadbolts, mortise locks, Euro-cylinders, levers and camlocks. It is compatible with 95 percent of mechanical locks, using a changeable tail piece to adapt to various configurations. The core communicates via Bluetooth with a smart phone credential that links to a cloud system. Users approaching a door open the app, tap the core, and wait for the app to say ‘unlocked’. A Nexkey goal is to ‘replace all keys, key cards and fobs with one app’. The Nexkey app recognizes which ‘key’ goes to which door and reveals the right key as you approach. ‘Keys’ are created and access rights are assigned from a smart phone, using email addresses and phone numbers to verify identity. Temporary codes can be texted for one-time entrance for cleaning crews or contractors. Access rights are customized for each user, and doors can be unlocked remotely to allow a delivery guy or guest to enter the building. The Nexkey Portal provides a snapshot of system operation, who enters which door at what time, and logs that can be reviewed and downloaded for audit reports. Affordable Access Control Systems For SMBs Nexkey is targeting the small- and medium-sized business (SMB) market, basically companies with 20 to 500 employees, which are looking for access control systems that are affordable and easier to manage. The Nexkey controller costs $999, and the core is $499. Monthly fees start at $15 to $29 per month per door, but the prices go down as additional doors are added. Nexkey is targeting the SMB market, which are looking for access control systems that are affordable and easier to manage Larger enterprises tend to want out-of-the-box integration with alarm systems and video, which Nexkey does not offer, so SMB is their “sweet spot,” says Eric Trabold, CEO. There is an API (application programming interface) that integrates with third-party applications. According to Nexkey’s customer surveys, 30 percent of customers say they bought Nexkey to have a simpler access control credential (a smart phone instead of a key, card or fob). Another 30 percent favor simplified management and quick access through the app. Some 17 percent like the ‘unified’ experience to manage shared, single and multiple workspaces using smartphone credentialing and a cloud-based system. Involving Security Dealers And Integrators Nexkey announced a ‘dealer program’ at the recent ISC West trade show in Las Vegas, and interest was highIn the early days, Nexkey looked to work directly with businesses to foster communication and to gain understanding of how the product can best be deployed. Having gained that insight, the ‘next level’ is to engage security dealers and systems integrators to install the system, says Trabold. Nexkey announced a ‘dealer program’ at the recent ISC West trade show in Las Vegas, and interest was high. Trabold says 134 integrators/dealers sought to engage. In coming weeks, the company will be finalizing that program, enhancing the dashboard to enable dealers to manage the system on behalf of their customers, for example. “We will be looking at how we can go from that amazing level of interest to being actively engaged with partners in the channel,” says Trabold. Using NPS To Measure Product Quality Nexkey uses the Net Promoter Score (NPS) as a benchmark for how well the product is accepted in the marketplace. NPS measures the quality of a product by analyzing how likely customers are to recommend it to a friend or colleague. As an example, Apple currently has an NPS of 65%. In comparison, Nexkey has achieved a score of 60 percent, and is looking to improve it even more. “A year from now, we want to get the same positive feedback from our dealer/integrator community,” says Trabold. “That’s the challenge, engaging with partners and scaling the business forward. We still have work to do.”

Wireless locks offer specific advantages for access control end users and integrators, and some of their value has yet to be realized in the market. Wireless locks expand the range of applications for electronic locks to complement traditional wired systems. They offer flexibility and scalability. They save on integrators’ labor costs. They even provide opportunities for integrators to earn recurring monthly revenue (RMR). A recent Allegion panel discussion highlighted the value, opportunities and untapped potential of wireless locks. Allegion panellists elaborated on some of the many advantages of wireless locks, including the following: Providing More System Flexibility It’s a time of change in corporate and institutional environments. Customers are trying to manage a smaller operating budget with more people and more multi-use applications. Building applications are changing more frequently. Wireless locks can be used to convert more mechanical applications to electronic, but they are not necessarily real-time and/or monitored applications.Customers are trying to manage a smaller operating budget with more people and more multi-use applications For example, a wireless lock could be installed on a seldom-used door, such as a storage closet, to avoid the need to manage keys. The flexibility of wireless locks also would allow that same door to be transitioned to communicate with a network via WiFi, or it could be used for real-time communication in a monitored system. “It’s much more flexible if one product can do about six different things,” says Brad Aikin, Allegion’s Channel Led Business Leader, Integrator Channel. New product approaches enable intelligence to be added after the fact to existing wireless locks, thus further increasing flexibility. Designing Systems That Are Scalable “We now have products that can start from very basic applications, and then build capabilities through systems and integrations all within one device,” says Mark Jenner, Allegion Market Development Director. Offering A Useful Complement To Wired Systems Once you understand how to deploy the wireless technology, the efficiencies of it from a labor perspective are pretty amazing” Wireless is not a “silver bullet” – not for every application, says Aikin. “I think it is an incremental opportunity,” he says, and more likely to drive conversion of existing mechanical locks than to transition wired electronic systems. “You’re just looking to get a more efficient credential, and to get rid of that master key system, or to dramatically shrink it down,” he adds. “Wireless is an example of how the integrator can do more, not just differently, but have more conversations and help their end users. They are not things the end-users are going to ask for inherently; these are latent needs. They are not going to bring it up.” Allegion panellists elaborated on some of the many advantages of wireless locks Less Labor Involved In Installations “Once you understand how to deploy the wireless technology, the efficiencies of it from a labor perspective are pretty amazing,” says Robert Gaulden, Allegion Project Based Business Leader, Electronic Access Control. “Integrators can deploy two additional jobs in a day because they are on and off jobs more quickly. There are huge benefits, depending on what environment you are in.” Labor is a significant cost for integrators – finding, retaining and training good employees. Any new efficiencies in terms of labor – such as the simplified installation of wireless locking systems – is a saving grace for integrators.Providing remote firmware updates is another way to provide ongoing service without being invasive or disruptive to the end user environment “We see a lot more adoption from our customer base once they become comfortable with how to use the wireless technology,” says Gaulden. New Opportunities For RMR There is a shift among integrators away from one-time installations and toward an recurring monthly revenue (RMR) model in which the integrator manages all aspects of the system over time for a monthly fee. Wireless systems can help to simplify that transition by lowering costs. Managing interior doors and locks can add value and incremental revenue, says Jenner. Providing remote firmware updates is another way to provide ongoing service without being invasive or disruptive to the end user environment. “We support that from the product perspective, but developers and software companies need to take advantage of it,” says Devin Love, Allegion Market Development Manager. “It’s an important feature for the end user, but we are still navigating through the world of wireless adoption.” “No one wakes up in the morning and thinks ‘I am going to buy a lock today,’” says Aikin. “We need to ensure we are having conversations about security needs, but also about how to deploy the technology to make it easier to manage and have more flexibility,” says Aikin.

The concept of door locks means something totally different in our current age of smarter buildings that house data-driven businesses. Hardware locks and keys are still around, but they co-exist with a brave new world of electronic locks, wireless locks, networked systems, and smarter access control. Locks can also increasingly be a part of a smart building’s flow of data. The opportunities of these new technologies and approaches are significant, but there are also pitfalls. I heard an interesting discussion about these topics presented by several business leaders from lock company Allegion at a press event at ISC West earlier this year. Here are some highlights from that discussion. Q: What new developments in emerging technologies do you see in the coming years? There’s opportunity for implementation of the technology to solve real problems" Mark Jenner, Market Development Director: Connected locks, other types of sensors and all the data being aggregated inside buildings provide opportunity for data analytics. The buzzwords around technologies can cause confusion for integrators and end users, such as artificial intelligence, deep learning and machine learning, and what’s the difference among all of them? My opinion is that they are important, but the big theme across them all is opportunities for new business models for the integrator, and opportunities to solve problems for end users. And it’s not just technology for technology’s sake. There’s opportunity for implementation of the technology to solve real problems. Devin Love, Market Development Manager: You can’t just have a solution looking for a problem. You see a lot of people who understand technology in their own lives, and they want to translate that into their businesses. That’s where I think it’s exciting. You now have all this technology, and people understand it to the extent that it improves their daily life. They go through their day with less friction, with more ease, and technology fades to the background. There are two levels of value. One is the longer, bigger, broader scope of what the technology can bring to a company using it, but on an immediate basis, there is the value of tracking how a business is running. These sensors are collecting data. For example, if you are a multi-tenant property, you can look at how amenities are being used. What do my residents really care about? That informs future decisions. Robert Gaulden, Project Based Business Leader, Electronic Access Control: I have been studying the multi-family space for the last couple of months. The customer experience is really driving a lot of that technology adoption. What you’re seeing today, whether it’s a mobile device or some other device, is the ability to move throughout the property, and gain access to the perimeter and to your tenant space. All of this adoption is around that experience. There’s multiple players coming into the space, from Amazon wanting to deliver packages into the tenant space to residents who don’t want the inconvenience of using a key. Technology adoption to solve problems, and also to drive experiences, is where a lot of the balance will play out. It’s important that we look at how integrators can use the technology to do business more effectively and efficiently" Brad Aikin, Channel Led Business Leader, Integrator Channel: From an integrator perspective, there are two things. One is how they can approach end users, and the scope of what integrators consult with them about is wider. I think we as an industry are getting beyond those high-traffic, high-security applications. Those are still critical, but the value we bring around security and convenience is opening a new incremental opportunity. Also, the experience of the integrator and how they conduct their business is important, from generating quotes to communications to proactive servicing. It’s important that we look at how integrators can use the technology to do business more effectively and efficiently. Gaulden: We as an industry, and we as manufacturers, need to understand what data we are generating so we can run our businesses more efficiently from every aspect, whether you’re the property manager, the building owner, the integrator, or whether you’re the manufacturer. These devices and technology are being pushed out everywhere and will generate the data. How we learn from that – especially when you apply security to it to be more proactive – provides huge opportunities. Jenner: What data is important and what’s not? Folks get overwhelmed with too much data at some point. What’s important for an application at the end user level? What do they really need to solve the problem? Love: Privacy gets involved as well, especially with consumer products. The attitude is “stay out of my private business.” But if you’re an employee now, all bets are off. Now you have a professional relationship with the people you work with, so there is a different lens that you look through when tracking data. You use the data to everyone’s benefit, and it’s a different paradigm than in your private life. Aikin: Also, where does that data create a better experience for the person? That’s what drives the money and value: What level of information sharing makes my experience better? The technology is also getting smarter in terms of “how do we sort through the valuable information?” Hardware locks and keys are still around, but they co-exist with a brave new world of electronic locks, wireless locks, networked systems, and smarter access control Q: As facilities connect more devices and sensors, the cybersecurity threats increase. We have already seen Internet of Things (IoT) devices being used as the attack point of cyber breaches. What are the vulnerabilities that make those attacks possible, and how can integrators protect their customers? Love: Certainly, this is an extremely – maybe the most important – piece of our industry. What is the point of everything we do if we can’t instill that trust? But what we need to solve here also comes with opportunity. There’s certainly hope. You’re not seeing a frontal attack on the technology. It’s usually some loophole, or some older device that hasn’t been updated, or wasn’t installed correctly, or it was social-engineered. The opportunity is, not that it can’t be solved, but that it absolutely needs to be solved – and it can. Gaulden: Integrators need the ability to understand that cyber layer and what it means. Nowadays, everything runs on the network, and you won’t even get past the IT department to get on the network if you don’t have the right staff, the right credentials. From an integrator standpoint, you need the ability to add to your staff, to understand everything from the product level to the firmware and the software level, all the way to the deployment of the holistic system. You can’t just say, “That’s not part of our responsibility.” All these devices are now riding on the network. They can be protected from a cyber perspective, or you will have vulnerabilities. As manufacturers and business consultants to integrators, we should facilitate the conversation, that it is one ecosystem" Aikin: Everything is a communication device. With the concern and need comes an opportunity for the integrator. But it’s also in making sure integrators are having that conversation with end users and setting the expectations up front. What I’m providing you on day one is the best in the industry at this time, but tomorrow it may not be. My accountability and service are to maintain that environment and keep it running. I may not physically change the device you see, but the service I’m bringing to you is that security, and that comprehensive dialogue. The IT stakeholders already have that expectation, but there is a chasm in some organisations between the physical security and the IT stakeholders, and the integrator is facilitating that conversation. As manufacturers and business consultants to integrators, we should facilitate that conversation. It is one ecosystem. Q: Aside from cybersecurity, what are some of the other threats that integrators should be aware of as they work with customers to implement the new trends and technologies we have mentioned? Aikin: It is diversifying, all the options and the capabilities. With that comes confusion and misapplication. If I look at the trends around just wireless; I go back 10 years ago, there were even questions of whether wireless was a secure technology. That has progressed and continues to be part of the cyber conversation, just like any hardwired product. It’s something you have to maintain and be aware of. Wireless has really diversified. There is still a need for education within the channel, and most importantly, to the end user. There are still end users that assume a WiFi widget is the same thing as a Bluetooth widget is the same thing as a low-frequency widget. But they are all different. There are reasons there are different technologies. Nothing stifles the adoption of technology more than misapplication. We have different architectures within our lock base and among our software partners to allow a mix of technology" Gaulden: Integrators understand the differences in how various doors are used and how those applications will work. In the K-12 school environment, you want the ability for an instant lockdown, and a WiFi deployment probably isn’t your best option. You need a real-time deployment. However, my office door at headquarters doesn’t necessarily need real-time communication. I can pull audits off it once or twice a day. You have to mix and match technologies. For a high security door, you would proactively monitor it. But for a door where convenience is the goal, we can put electronic security on it but we don’t need to know what’s going on at any moment in time. We have different architectures within our lock base and among our software partners to allow that mix of technology. Jenner: End users want the latest technology, but it may not be for their applications. Those things drive more costs into it, when end users need to be putting money into cybersecurity and some other things. That’s part of the misapplication. Another risk is interoperability. That’s a big piece of the technology and as things change. How do we do a better job of supporting open architecture? It may not be a standards-based protocol, although we use a lot of standards, but we just need to make sure whatever protocols we use are open and easily accessible so we can continue to work with them in the future. We know that when our devices go in, they will support other parts of the ecosystem from an interoperability perspective. That’s important for integrators to know: How is this going to be applied and integrate with something in three, four or five years from now? It’s an expensive investment, and I want to make sure it will work in the future. Main photo: Business leaders from Allegion discussed new trends in electronic and wireless locks at a recent press event: (L-R) Robert Gaulden, Devin Love, Brad Aikin and Mark Jenner.

Mul-T-Lock supplies a high-end jeweler in London with CLIQ® locks in order to help the business manage access to cabinets holding valuable items. Stocking bespoke pieces and precious stones, the jeweler was looking for a high-level security solution that allowed sales personnel access to individual glass cabinets, without the worry that if one of the keys got lost or misplaced that they would have to replace the entire suite. Offering maximum security Over 50 CLIQ® cam locks from Mul-T-Lock were installed at the jewellers on each of the cabinetsOver 50 CLIQ® cam locks from Mul-T-Lock were installed at the jewelers on each of the cabinets, offering maximum security with the added benefit of audit trail capabilities. These capabilities include the ability to schedule individual access permissions for each key, as well as to provide time-limited access. In the case of this particular jewelers, each member of staff was given access to a selection of cabinets at varying times, with individual permissions set by the administrator (those who manage the security system). For example, access could be set for only business hours, meaning that the cabinet could not be accessed at evenings or weekends. Similarly, each time a user opens a lock, it will be recorded in the system, meaning that the administrator can keep an eye on operations electronically. Careful consultation Specialist Mul-T-Lock integrator, Elelock Systems Ltd specified and installed the CLIQ® locks at the jewelers, after weeks of careful consultation with the business owner to better understand the store’s requirements. One of the biggest concerns for this particular jeweler was the threat of compromised security" Chrys Chrysostomou, Managing Director of Elelock said: “One of the biggest concerns for this particular jeweler was the threat of compromised security if cabinet keys were lost. Mul-T-Lock’s CLIQ® technology means you can revoke access in minutes, whereas with a traditional system you would have needed to replace the whole lock – costing time and money.” Hands-On training “With no cabling the system was easy to configure and install, making it suitable for a variety of applications. The store manager also received hands-on training from ourselves and Mul-T-Lock, alongside the jeweler’s head of IT and security representative.” Suresh Peri, Commercial & Technical Manager at Mul-T-Lock added: “Our CLIQ® system is ideal for retail applications where there are a number of members of staff who need access at varying times, or that require individual permissions for access to high security storage rooms, cabinets or drawers. “Being able to revoke access permissions when a member of staff leaves also allows retailers to uphold their security and reduce ongoing maintenance costs.”

The University of Birmingham educates over 30,000 students, with more than 6,000 doors providing access to student accommodation. Gallagher’s integrated access control solution is responsible for providing operational continuity and creating a safe and secure environment for residents. The University recently completed its new state-of-the-art student accommodation development, Chamberlain, which consists of a 19-storey tower and three low-rise blocks. An essential requirement was an integrated access control system, reducing the need for keys. Timothy Owen, General Manager of Student Accommodation at the University says, “We wanted to move away from using keys as students are prone to losing them and trying to manage thousands of locks and associated keys was a constant administration and financial drain.” In order to minimize the complexity of managing a new system, the University required a solution that integrated with, or was an extension of, their existing campus access control and accommodation management systems. “We need to maintain control over access to our buildings, while ensuring a duty of care to our residents and staff so that they can go about their business as required,” says Timothy. “Fundamentally, we needed a system that gives both us and our resident’s confidence in the security of the accommodation.” Gallagher Command Center, together with the Aperio wireless locking technology, was selected as the University’s choice Aperio wireless locking technology A large and complex estate with buildings of different construction and age, the University needed a solution that was flexible enough to accommodate their unique requirements. Gallagher Command Center, together with the Aperio wireless locking technology by ASSA ABLOY Access Control, was selected as the University’s preferred choice, meeting their security needs in a cost effective way while still delivering to the overall specification. Timothy says, “The completion of our new state of the art Chamberlain development was extremely close to the date of the first student arrival, so the team had to be dedicated and work flexibly to ensure it was ready in time – which it was.” Gallagher Command Center integration The Gallagher Command Center integration allows for the access key and student ID to be combined into one card, offering a number of benefits to both students and staff. Previously the accommodation arrival process required students to arrive at the University with their contracts and queue up so that a member of staff could sign them in manually and hand them the keys to their accommodation. From there students could head to their room. “Arrivals is always a busy time but with the help of the Gallagher solution we’ve not only improved the student experience but also the administration process,” says Timothy. “Now the student ID and accommodation key is encoded on to one card so it can be posted out in advance and access to the room automatically granted via the accommodation management system. Students no longer need to queue for keys, can get to their rooms instantly, and spend more time enjoying their arrival experience.” Secure, authorized access control The simple act of swiping an access card automatically checks the student in and an attendance report can be instantly generated The simple act of swiping an access card automatically checks the student in and a report can be generated to show who has arrived and who hasn’t, allowing staff to follow up accordingly. If the room is no longer required it can be quickly and easily re-allocated to another student, resulting in improved occupancy rates. Using Gallagher Command Center together with the University’s accommodation management system allows staff to check on the well-being of students by monitoring the use of their access card. Student security and tracking The University also houses students under the age of 18, and one of the safeguarding requirements is that the University can monitor their whereabouts on a daily basis. Timothy adds, “This can be difficult to achieve with many students to track, but Gallagher Command Center can easily confirm the time and location of our resident’s last door access, providing peace of mind that students who may be uncontactable are in fact on site.” University staff are also seeing positive improvements since the installation of the new system – particularly at the start of the year. The arrivals process is now less congested and more relaxed. The team have far fewer issues than with physical keys, enabling them to spend more time on the overall student experience. Since the installation of the first 800 bedrooms at Chamberlain, the University has already extended the system by a further 900 at Mason, with plans in place for an additional 1500 bedrooms this summer. Combined access and student ID card “Replacing keys with a combined access and student ID card has reduced our operational costs as we now have far fewer keys to purchase and store,” explains Timothy. “The student experience has improved and staff are now free to deal with urgent matters and offer a more personal service. We can easily create reports to help us audit access and have generally provided a much more modern and secure place to live and work.”

One French town just north of Paris faced familiar key management challenges. Each person in their Municipal Technical Centre had to carry approximately forty physical keys. If a single key was lost or stolen, for even one door, all compromised cylinders had to be changed. To prevent unauthorized access, all the keys had to be replaced, too — at great expense. Key duplication costs were mounting. “One lost key cost from €3,000 to €4,000 for changing cylinders and replacing the keys,” explains Fabrice Girard, Territorial Technician at the Villiers-le-Bel Municipal Technical Centre. Administrators can program access rights for every CLIQ key, padlock or cylinder using the Web ManagerTo fix their expensive lost key problem, Villiers-le-Bel city administrators chose to combine ABLOY’s mechanical PROTEC2 and CLIQ electromechanical locking within the same flexible, key-based access control system. Almost 500 CLIQ wireless cylinders, 850 programmable, battery-powered CLIQ keys, plus programming devices and wireless CLIQ padlocks, have been deployed in a multi-year, rolling upgrade program. CLIQ Web Manager software Now, with CLIQ, lost or stolen keys are canceled instantly using the CLIQ Web Manager software. The Web Manager works securely inside a standard browser, with no software installation needed. Administrators can program access rights for every CLIQ key, padlock or cylinder using the Web Manager. They filter access to specific sites and doors according to the precise needs of every city employee. “CLIQ Web Manager is a very easy and pleasant system to use every day,” says Fabrice Girard. CLIQ also saves time for the city’s security team, because staff no longer must return to the Technical Centre to collect the keys for multiple sites. Authorized users carry a single, programmable, battery-powered CLIQ key, where all their individually tailored access rights are stored. Wireless system to enhance safety Using the CLIQ Web Manager, security staff can track exactly who has been granted access to every school site“We wanted a wireless system with reduced maintenance costs and increased safety,” adds Fabrice Girard. “CLIQ met all these requirements.” The city has already rolled out CLIQ beyond their Municipal Technical Centre to 10 local schools. Using the CLIQ Web Manager, security staff can track exactly who has been granted access to every school site — critical for these sensitive premises and to improving overall school safety. Plans are in place to equip Villiers-le-Bel’s 12 remaining schools with CLIQ within 2 to 3 years, including canteens and boiler rooms. Because CLIQ can be deployed and scaled flexibly, the city’s dedicated security budget funds this gradual extension of their CLIQ system.

With a large campus comprising historic and modern buildings and significant research facilities and equipment, the University of Otago has assets in excess of $1.4 billion (NZD). In 2006, an internal security review of campus facilities identified that a number of critical areas – including laboratories where medical research is conducted on animals and human cadavers – could attain an increased level of security and achieve greater cost efficiency through the installation of Gallagher systems. A key priority of the security upgrade was to replace the traditional lock and key system in place in facilities across campus with Gallagher’s electronic access control solution. By moving to an entirely electronic system, the University has mitigated the risks associated with lost keys and unauthorized access. Lost and misplaced cards are reported and immediately deactivated ensuring complete control is maintained over facility access. Comprehensive alarm monitoring The team at the University of Otago needed an auditable system, capable of identifying access by people, place, and timeThe electronic system also allows for comprehensive alarm monitoring per door and per freezer, ensuring campus security is immediately notified if a door or freezer has been left open. Gallagher’s Mobile Client, available with the Command Centre v7.30 security management platform, means these alarm notifications can be communicated directly to security personnel’s Apple iPhone devices providing valuable information in real-time, to those outside of the control room. More than simply managing the access permissions across campus, the team at the University of Otago needed an auditable system, capable of identifying access by people, place, and time. Gallagher’s Command Centre application provides this high-level of traceability and enables the University to quickly and easily extract the exact information required both for internal use and for the regulatory audits required of research facilities. Identifying who accessed which areas “Due to the nature and value of our assets, it’s critical not just to control who has access to facilities but to be able to identify exactly when areas were accessed and to know who was there,” said Deputy Proctor at the University of Otago, Andrew Ferguson. Key industry challenges Eliminate the security threat that comes with lost keys Enhance the level of security for critical areas including Medical Research laboratories Procure a solution capable of producing comprehensive audit trails Introduce a secure, automated facilities management system Gallagher security products installed Command Centre Electronic card readers Syllabus Plus integration Syllabus Plus integration Syllabus Plus enables automation in the scheduling and booking of resources and equipment Founded in 1869, the University of Otago is New Zealand’s oldest university. Ranked in the top 200 universities worldwide, the University of Otago is New Zealand’s primary medical tertiary institute and is considered the top research university in New Zealand. The Gallagher system installed at the University of Otago includes a Syllabus Plus integration. Syllabus Plus enables automation in the scheduling and booking of resources and equipment through Command Centre. The University of Otago team were quick to see value in the opportunity to synchronize their access control system with class time-tables, and subsequently manage room resources by automatically unlocking doors. Easily search and book resources A key benefit for the University was a move away from the manual process of entering room bookings into Command Centre. In addition to removing the labor associated with this manual process, the university also found a reduction in the number of booking inaccuracies caused when people changed their plans, as staff can now quickly and independently reschedule their resource and room bookings if their requirements change. “Smart scheduling gives authorized users in our wider team the ability to quickly and easily search and book resources,” said Ferguson. “It’s a genuine time-saver for us and ensures our facilities are managed efficiently.” The university has implemented an ongoing software maintenance agreement with Gallagher To ensure the University of Otago’s security system remains at the forefront of technology, the university has implemented an ongoing software maintenance agreement with Gallagher to ensure they receive the latest system developments as they are released. “We would never go without software maintenance, it’s imperative that our high-end security be the best it can possibly be,” said Ferguson. Training for system operators In addition to ensuring their security products and systems are up-to-date, the University of Otago also ensures their system operators undergo regular training. According to Ferguson, “We arrange annual training with Gallagher for our Campus Watch security team. The training teaches the team valuable tips and tricks on how to utilize the system to its fullest.” During the years since the initial installation of Gallagher security systems, the University of Otago has experienced significant savings associated with not needing to re-key facilities or replace locks when traditional keys have been lost or not returned – maintenance that the University estimates used to cost tens of thousands of dollars each year.

In mid-2009, Melco Resorts & Entertainment Limited opened City of Dreams, Macau – a casino and resort complex that quickly become one of the world’s premier entertainment and leisure destinations. The complex brings together a collection of world-renowned hotel brands, including Crown, Grand Hyatt, and Hard Rock, along with a casino area of approximately 448,000 square-feet and over 20 restaurants and bars. Also comprising an audio-visual multimedia experience, and ‘The House of Dancing Water’ – the world’s largest water-based extravaganza showcased in the purpose-built Dancing Water Theater. These unique and innovative entertainment, shopping, food and beverage offerings realize the company’s vision of bringing world-class integrated resort and entertainment experiences to Macau and Asia. Need of a robust security solution Melco Resorts was looking for a robust security solution capable of protecting high-value assetsHaving thousands of staff moving around the site meant that effective people management needed to be a significant part of the security solution. With a large site encompassing multiple areas and a staff of approximately 13,000, Melco Resorts was looking for a robust security solution capable of protecting high-value assets while providing a reliable and flexible system to support daily operations. In the years leading up to the opening of City of Dreams, Gallagher worked directly alongside Melco Resorts, and security partner Certis Security (Macau) Ltd, during the design and construction phases. The Gallagher team were highly involved in discussions and developments relating to software customizations and the final commissioning of critical security areas. MIFARE Classic card technology Part of the City of Dreams philosophy from day one was to operate a one-card, single service entity per staff member – not only for high-level security but across all system requirements. According to Billups, a lot of decisions around system choice were based on meeting the one-card philosophy. Utilizing MIFARE Classic card technology, 1700 access controlled doors were set up across the complex. Utilizing MIFARE Classic card technology, 1700 access controlled doors were set up across the complex Gallagher’s ability to encode the cards with data from multiple system providers was crucial in delivering the one-card policy. Along with Gallagher access data, third-party ASCII data encoding was also provided on the card for use by other on-site systems to achieve the objective of a single card philosophy. Latest generation data security The original system, comprising MIFARE Classic card technology, is now being upgraded to the latest MIFARE DESFire EV1 across all Melco Resorts properties. MIFARE DESFire EV1 provides the latest generation data security and encryption ensuring Melco Resorts globally stays at the forefront of technology. To further meet their one-card philosophy, Melco Resorts wanted a single card technology utilized across all three of their Macau complexes – City of Dreams, Altria Macau, and Studio City. In addition to enabling access across multiple properties, there was a requirement for a central monitoring system that could manage alarms escalated from any of the properties and register such alarms centrally in a main command structure. Highly integrated and expansive platform Gallagher’s multi-server technology delivers this, with seamless connection between all systems and across all sitesFuture-proofing was an important consideration of the security solution. “City of Dreams needed a system that catered well to growth, particularly in the areas of people management and access control. Gallagher provided us with the highly integrated and expansive platform we were looking for,” said Kelly Billups, Director of Security Technology & Administration for Melco Resorts. Gallagher’s multi-server technology delivers this, with seamless connection between all systems and across all sites. If communication between the facilities should fail due to a network fault or similar incident, each site’s security system will continue to function independently. According to Billups, the multi-server system has resulted in reduced labor costs due to the consolidation of security administration. Efficient movement of people The Gallagher system provides rapid response times to access requests ensuring the efficient movement of people in and out of areas. The instant dissemination of cardholder access and configuration data also ensures people have appropriate access delivered in real time. If cardholder access needs to be denied, this information is communicated and applied instantly across the site. In addition to door access activity, 5300 detection points are also monitored throughout the complexIn order to provide Melco Resorts with an audit trail of security events, all site activity is logged in a secure database. In addition to door access activity, 5300 detection points are also monitored throughout the complex. Reports are generated using a simple wizard-based system which steers the report generator through a step-by-step process ensuring the relevant data is retrieved. The City of Dreams site required integration with a number of external systems and Gallagher’s Command Centre central management software provided the platform to deliver this. Cameras integrated with Command Centre As surveillance is a key requirement for a casino, City of Dreams has thousands of cameras throughout the complex. A number of these cameras monitor critical back of house operations and are integrated with Command Centre to provide additional layers of security and enable further administrative functionality. A number of lower-level security points throughout the complex – which utilize traditional keys – integrate Command Centre with an electronic key management system. Keys are electronically released to personnel depending on their access permissions. Two high-level interfaces provide communication to all elevators connected to Command Centre There are approximately 80 elevator shafts located throughout the City of Dreams complex. Two high-level interfaces (Schindler and Otis) provide communication to all elevators connected to Command Centre where access control groups manage access to each of the floors. This integration is particularly important for heart-of-house elevators where access can be highly restricted to only authorized personnel. HR system integrated with Command Centre An integration between City of Dreams Human Resources (HR) system and Command Centre was established. The active connection between the two ensures that basic personnel information is automatically communicated from the HR system to Command Centre without the need for manual intervention. Because of this, the process of updating cardholder information and assigning access to cardholders is a quick and simple procedure – a must for a database of this size. The Gallagher system provides rapid response times to access requests ensuring the efficient movement of people in and out of areas. Where high-level (software) interfaces are not available, the Gallagher system connects with other services including: boom gates, motorized vehicle and pedestrian doors, and turnstiles, using what is commonly referred to as a low-level interface. A control relay in Gallagher’s Command Centre platform activates the door or gate, and in turn the status of the door or gate (open, closed) is reported back. Salto integrated guest locking system Melco Resorts requirement is to seamlessly integrate hotel guest-room locks with the Command Centre platformThe delivery of a high-level integration with a hotel guest-room locking solution is currently in development and will be a world first. Melco Resorts requirement is to seamlessly integrate hotel guest-room locks with the Command Centre platform in order to deliver high-level security across the entire complex. To deliver this solution, Gallagher is working with long-term partner Salto. The Salto integrated guest locking system is required to operate in conjunction with Melco Resorts high-security card encryption and encoding, while complimenting the hotel décor. Melco Resorts and Gallagher maintain an ongoing relationship which brings together Melco Resorts evolving requirements and Gallagher’s product development road map. “The relationship is key for us” said Billups, “having a team based in the region who meet with us regularly and having a level of engagement over development is very important.”

CoreRFID supplies the UK's largest outsourcing company Serco with 100,000 RFID access cards for its Caledonian Sleeper railway service. The cards will provide passengers with access to rooms and will improve security on routes between London and Scotland. The cards are completely re-usable and replace paper-based RFID tickets, which were judged to not be as cost effective in the long-term. Specialist locks Serco had specialist locks provided by a Spanish company and needed cards which were compatible" Munzi Ali, technical director of CoreRFID comments: “Our knowledge and experience on similar work in the hotel industry helped us to meet the challenges of this project. Serco had specialist locks provided by a Spanish company and needed cards which were compatible. Consultancy is a big part of the larger projects we undertake and we were able to solve the issue with Serco.” The Caledonian Sleeper service, which is operated by Serco as a standalone franchise, can trace its origins back to 1873. It serves a number of destinations in Scotland - including Inverness, Aberdeen, Fort William, Glasgow and Edinburgh - on route to and from Euston Station. RFID solutions Graham Kelly, guest experience director at Serco Caledonian Sleeper, said: "Our new trains are designed to improve every aspect of the guest experience. We strive to deliver a hotel experience and a major part of that is having keycard entry for rooms. We've only been running our new trains for a few weeks but the feedback from guests on the keycard has been excellent, with CoreRFID's solution proving extremely effective." Ali added: “RFID solutions can provide real benefits in efficiency, costs and in this case significantly cutting down on waste.” CoreRFID's clients include ICL, London Underground and Thomas Cook.

The concept of how security systems can contribute to the broader business goals of a company is not new. It seems we have been talking about benefits of security systems beyond “just” security for more than a decade. Given the expanding role of technologies in the market, including video and access control, at what point is the term “security” too restrictive to accurately describe what our industry does? We asked the Expert Panel Roundtable for their responses to this premise: Is the description “security technology” too narrow given the broader application possibilities of today’s systems? Why?

Hospitals and healthcare facilities are an important vertical sector in the physical security market. Protecting healthcare facilities is a rich opportunity to leverage the value of physical security systems that range from video to access control to newer location and asset protection systems. But understanding how technology can excel in the healthcare vertical requires that we first identify and understand what these institutions need. Therefore, we asked this week’s Expert Panel Roundtable: What are the physical security challenges of hospitals and healthcare?