Mobile access

At ISC West 2019 (booth #13109), Sielox LLC is showcasing versatile new enhancements to its Pinnacle v.10.4 Access Control Platform. New functionality allows users to seamlessly access the features of Allegion’s Schlage Engage Wi-Fi locks enabling them to be easily integrated with Pinnacle Schlage Wi-Fi access platform feature. Additionally, Allegion Schlage wireless locks can now receive firmware updates through Sielox’s 1700 controller using Allegion ONR technology, which can save integrators tremendous time and money when upgrading and maintaining layered security systems using cost-effective wireless locks. Pinnacle v.10.4 Access Control Platform Pinnacle v.10.4 provides seamless integration with Allegion Schlage NDE and LE wireless locks  “Pinnacle v.10.4 provides a number of features that are exclusive to Sielox that further enhance the implementation and maintenance of Wi-Fi locks on our access control platform,” said Karen Evans, President, Sielox. “This, plus other new feature additions like LDAP (Active Directory) and improved security, further leverage the versatility and cost-efficiency of Pinnacle for myriad access control applications.” Pinnacle v.10.4 provides seamless integration with Allegion Schlage NDE and LE wireless locks so they can easily be incorporated as part of a facility’s overall access control system using existing Wi-Fi infrastructure. Integration With Allegion Schlage Wireless Locks The Pinnacle Schlage Wi-Fi integration provides access to the wireless locks’ features, enabling advanced door management capabilities along with credential management, detailed audit reports, and customizable screen layouts. With this integration, users are able to control an unlimited number of Allegion Schlage NDE and LE wireless locks, manage cardholder records, create access groups, define holiday schedules and more. Additional Schlage wireless lock fields are now reported in Pinnacle providing users a single dashboard to monitor the lock status. An industry first, Allegion Schlage NDE and LE wireless locks can receive firmware updates when using the Sielox 1700 Controller Allegion ONR feature via RS-485 communications. By pushing the ONR Firmware Package for Allegion Schlage wireless locks using 1700 Controllers, users and integrators can save both time and money. Transport Layer Security (TLS 1.2) An additional update to Pinnacle v.10 includes Lightweight Directory Access Protocol (LDAP) Sielox has also added a new Transport Layer Security (TLS 1.2) enhancement to Pinnacle v.10.4. TLS, and its predecessor Secure Sockets Layer (SSL) for improved network security. TLS/SSL operates by establishing an encrypted communication path between two applications, "wrapping" the entire application protocol inside the secure link. This provides complete privacy for the entire transaction so that sensitive information is protected from unauthorized access while in transit. Pinnacle TLS 1.2, which is available to current Pinnacle users, provides compliant level security. An additional update to Pinnacle v.10 includes Lightweight Directory Access Protocol (LDAP), a licensed service that can be installed on the same server as Pinnacle. The feature simplifies administration by assigning roles to users with permissions, which makes the overall solution more efficient and easier to use for larger security systems. Pinnacle 10.4 will be released in Q2 2019 and is available in several configurations that can be specifically tailored to the needs of any size business or facility or integrated in a layered systems model.

Sielox LLC is demonstrating its portfolio of layered security systems at ISC West 2019 in booth #13109, which address the complexity of providing the right combination of features and configurations to best accommodate specific applications and needs. Featured solutions include: the new release of Pinnacle v.10.4 access control solution; Sielox CLASS crisis lockdown alert status system; AnyWare browser-based access control platform; and the company’s highly-touted 1700 Intelligent Controllers. Sielox Access Control Systems Sielox access control and emergency notification systems are also ideal for stand-alone operation Designed for seamless integration with one another, Sielox access control and emergency notification systems are also ideal for stand-alone operation and are scalable for future expansion. “Sielox has always operated under the principle of continuous technology and process improvement in order to consistently deliver solutions that deliver the performance and functionality required to meet our customers’ evolving security and operational challenges,” said Karen Evans, President, Sielox. “Our innovative layered security solutions provide users with a high degree of flexibility when configuring the systems, they need today and tomorrow.” Sielox Solutions On Display At Booth #13109 At ISC West 2019 Include: The newly-released Pinnacle v.10.4 access control platform that allows users to seamlessly access the features of Allegion’s Schlage Engage WiFi locks enabling them to be easily integrated with Pinnacle Schlage WiFi access platform feature. Additionally, Allegion Schlage wireless locks can now receive firmware updates through Sielox’s 1700 Controllers, which can save integrators tremendous amounts of time and money when upgrading and maintaining large systems. Additional enhancements in Pinnacle v.10.4 include: Transport Layer Security (TLS 1.2) that establishes an encrypted communication path between two applications, "wrapping" the entire application protocol inside the secure link; and Pinnacle LDAP Sync Service (Lightweight Directory Access Protocol), that simplifies administration by dynamically importing and verifying user and cardholder data through data synchronization. Sielox CLASS (Crisis Lockdown Alert Status System) Administrators or any designated initiator can issue an emergency alert to notify responders The Sielox CLASS (Crisis Lockdown Alert Status System) emergency notification and response solution provides vital emergency status details to responders so they can best manage events. Administrators or any designated initiator can issue an emergency alert to notify responders of conditions in real time while communicating status via one of five programmable color-coded alert levels. Occupants within a facility can then report status at their specific location enabling responders to view detailed facility maps with compiled room-by-room color-coded conditions that update in real time as the situation evolves. A chat feature enables two-way communications between occupants and first responders to exchange detailed information or instructions. CLASS can also issue messages with response instructions specific to each alert level via email or text and override any PC on the network to ensure the highest visibility of alert status. Sielox AnyWare Browser-Based Access Control The Sielox AnyWare browser-based access control platform features a variety of enhancements that make it faster, easier and more scalable for small to mid-sized businesses to take access management mobile. The intuitive and easy-to-use AnyWare solution features a capacity increase from 8 up to 40 doors, allowing for an increased number of controllers and readers. Other features include; custom fields allowing users the ability to add additional information to the cardholder record including the card holder images, multiple card type formats, reader block and privilege access levels. Sielox 1700 Intelligent Controller No personal data is required or collected from the user or integrator The Sielox 1700 Intelligent Controller is an intelligent fully-distributed controller ensuring decisions even if communications have been interrupted. New I/O series boards provide a flexible, cost-effective means to expand the input and output functionality of the access control solution, a next-generation access control panel, utilising 32-bit technology with real-time operations for speed, performance and reliability. The new series have the same footprint and mounting as the Sielox 1700 controller; are backwards compatible with Sielox Pinnacle and AnyWare systems; and are cost-effective, not requiring a separate backplane and power module. Integrated with Sielox’s 1700 Controller and the AnyWare and Pinnacle software platforms, Conekt mobile credentials and readers from Farpointe Data use Bluetooth to enable communication between smartphones and readers. No personal data is required or collected from the user or integrator, and multiple credentials can be stored on the app.

Maxxess Systems, the innovator in security solutions that empower total situational awareness for security enterprises, is showcasing its unique portfolio of video, access control and communications platforms that provide users with the highest levels of system integration, management and incident response technology here at ISC West 2019 (booth # 6065). Solutions on display include the U.S. public debut of Maxxess InSite awareness and response coordination system, the enhanced eFusion security management software and Maxxess’ MX+ web dashboard, the newly designed Ambit event management communications software, and a new Multi-Form Panic Solution that provides the lowest cost of entry for proactive protection. Access Control And Communications Systems “Maxxess Systems transcend the capabilities of conventional video, access control and communications systems by empowering people and transforming security operations to deliver new levels of situational awareness and business intelligence,” said Nancy Islas, President of Maxxess Systems. “By combining systems intelligence and human intelligence on our unique open architecture platforms and intuitive interfaces, Maxxess Systems offers powerful, scalable solutions that can help stop events from happening, and better control incidents from the moment they begin.” The Maxxess solutions being demonstrated at ISC West 2019 include: The system combines “system intelligence” and “human intelligence” to detect and respond to unfolding events in real time Maxxess InSite Maxxess InSite awareness and response coordination system combines “system intelligence” and “human intelligence” to detect and respond to unfolding events in real time – all of which are queued, organized and displayed on a highly-intuitive user interface. Maxxess InSite enables early incident detection and action, allowing users to correlate data, improve response coordination, and deal with issues when they’re small – before they become large and costly. Maxxess InSite features an open-architecture framework to accommodate virtually any security or business intelligence application with comprehensive functionality. Over 50 different leading manufacturers are already integrated into Maxxess InSite, providing more combined capabilities and functionality than any other cross-platform solution available. This allows Maxxess InSite to be configured for virtually any security and business intelligence application, using any combination of software and hardware to deliver a highly-customized solution with unparalleled efficiency. eFusion Security Management Software eFusion security management software is a “system intelligence” solution that integrates and correlates data from surveillance, access control and various other physical security and facility operations’ data onto a comprehensive monitoring and reporting dashboard. eFusion provides video and access system management and control capabilities along with alarm monitoring; remote access credentials tracking, authorization, and de-authorization; door/access status and more. eFusion can be deployed as a stand-alone management and control platform, or as a core component of Maxxess InSite. Advanced Data Processing New enhancements to eFusion include new Flow Control with auto expiration, and advanced data processing Proven globally in installations around the world, new enhancements to eFusion include new Flow Control with auto expiration, and advanced data processing. Flow Control allows users to configure the specific door(s) that must be used first to gain primary access to a facility with programmable timer setting. Advanced data processing correlates databases to accommodate complex relationship rules between the authoritative database and the Maxxess database. To further simplify user engagement with eFusion, Maxxess Systems’ MX+ web dashboard has also been further enhanced with new features including: System-wide lockdown; video management system (VMS) integration; cellphone cardholder management operations with badge printing; access control status indication in an easy-to-read graphical format and schedule configuration. Ambit Event Management Communications Software Ambit event management communications software provides real-time “human intelligence” for alerts, notifications and status assessment via users’ smartphone and/or tablets, along with access control management. Ambit’s extensive communications and access control functionality provides security management and first responders with the critical on-site information and access system management they need to best handle unpredictable crises. A cloud-based solution, Ambit can be deployed as a stand-alone communications platform, or as a core component of Maxxess InSite. New enhancements to Ambit include: a new app design for easier operation including: a new status update window; an easily accessible panic button; support for multiple photos from the field; the ability to assign reports to designated groups and/or individuals; enhanced filtering for target audiences to receive mass broadcasts; NC4 integration to external intelligence software to enhance information gathering; auto-location detection for event status posts; and a texting option for users without the app to receive relevant mass broadcasts. Maxxess Systems’ new Multi-Form Panic Solution, provides the lowest cost of entry for proactive protection Multi-Form Panic Solution Also featured is Maxxess Systems’ new Multi-Form Panic Solution, which provides the lowest cost of entry for proactive protection. Available for implementation with any Maxxess System platform or as a stand-alone solution, the new Multi-Form Panic Solution can be configured on any cellphone device, PC keyboard or wearable device. Maxxess Systems also continues to expand its roster of technology partners and integrations with the addition of: Mercury LP and MR62e controllers; OTIS Elevator Compass Overwatch; enhanced Milestone Systems’ MIP and Geutebruck GeViScope integrations; as well as new integrations with salient systems, Avigilon, ISS (Intelligent Security Systems), Nedap and RemotePoint.

Maxxess Systems, globally renowned innovator in security solutions that empower total situational awareness for security enterprises, is demonstrating its new Multi-Form Panic Solution at ISC West 2019 (booth #6065). Designed to work with any smartphone, tablet, PC keyboard or wearable device, the new Multi-Form Panic Solution effectively lowers the cost of entry for proactive security for a wide range of applications. Multi-Form Panic Solution “The concept for a new, yet simple Multi-Form Panic Solution originated with the development of our new InSite Awareness and Response Coordination System, which we are debuting here at ISC West 2019 for the U.S. market,” said Nancy Islas, President of Maxxess Systems. “Our software engineers came up with the idea to incorporate a more efficient panic notification solution for InSite and developed a new Multi-Form Panic Solution that is equally effective and very affordable as a stand-alone solution.” It is a clean, green and safe solution that makes an impact right away A software driven solution, Maxxess’ Multi-Form Panic Solution can be configured to work with any smartphone, tablet, PC keyboard or wearable device. It is a clean, green and safe solution that makes an impact right away. It allows organizations to easily deploy a panic notification system without the expense of purchasing and deploying application specific panic buttons and software. Integration With Maxxess Systems’ Software Platforms The new Multi-Form Panic Solution can also be quickly and affordably deployed as a stand-alone solution or integrated with any of Maxxess Systems’ powerful enterprise system management, control and communications platforms, as well as numerous VMS and access platforms from third- party suppliers.

Maxxess Systems, the innovator in security solutions that empower total situational awareness for security enterprises, is showcasing the company’s newly designed Ambit Event Management Communications Software here at ISC West 2019 (booth #6065). Ambit’s powerful communications capabilities provides security management and first responders with real-time ‘human intelligence’ via users’ smartphone and tablets, along with a host of remote access control and geo-tracking capabilities, enabling better management of daily operations and potentially threatening events. “Even the best technology-driven systems cannot replace human intelligence to best manage people and events across numerous locations. Ambit resolves this longstanding challenge by providing a highly-intuitive solution that bridges the gap between users, an organization’s management team and first responders, improving overall safety and security,” said Nancy Islas, President of Maxxess Systems. Users can request location tracking to help security and first responders respond to incidents more quickly and accuratelyRemote Access Control Management Ambit Event Management Communications Software provides real-time ‘human intelligence’ for alerts, notifications and status assessment via users’ smartphones and/or tablets, along with remote access control management capabilities. By integrating with a facility’s access control system, Ambit can unlock doors manually or even automatically based on user designated permissions to remotely grant access to individuals or implement system-wide lockdowns when necessary. Ambit also allows messages to be broadcast to all users, select groups or individuals, with the ability for designated users in the field to also send mass notifications. Users can also request location tracking to help security and first responders respond to incidents more quickly and accurately. A ‘see it and say it’ application also allows any user to report abnormalities or potentially dangerous situations from their personal cellphone devices. Easily Accessible Panic Button The newly designed Ambit includes: a new app design for easier operation including a new status update windowThe newly designed Ambit includes a new app design for easier operation including: a new status update window, an easily accessible panic button, support for multiple photos from the field, the ability to assign reports to designated groups and/or individuals, enhanced filtering for target audiences to receive mass broadcasts, NC4 integration to external intelligence software to enhance information gathering, auto location detection for event status posts and a texting option for users without the app to receive relevant mass broadcasts. A cloud-based solution, Ambit can be deployed as a stand-alone communications platform, or as a core component of Maxxess’ InSite Awareness and Response Coordination System or eFusion Security Management Software.

SilverShield Safety & Information Systems, providers of the industry’s most advanced cloud-based, multi-platform solution, is featuring their new Self-Service Visitor Management Kiosk at ISC West this week. The kiosk is integrated with the SilverShield Visitor and Incident Management System to enable unmanned registration for visitors and guests. “Our Self-Service Kiosk helps organizations secure all of their entry points so they know who is on premises at all times, even those entry points that are unmanned,” said Robin Baker, CTO, SilverShield. “Even a single uncontrolled entrance could otherwise compromise the safety of the facility.” Silent Alert Notifications Visitors can self-register with the SilverShield Kiosk (SS Kiosk) using a Mac or PC computer, iOS or Android device. The process is fast and easy; users enter their credentials manually, scan their valid IDs, or scan a SilverShield Quick Badge. Once a visitor’s details are entered, SS Kiosk notifies a Kiosk Monitor (e.g., system administrator or security guard) that a visitor has completed check-in; they can then initiate access or deny access if the visitor’s details match any watchlist or sex offender entries. If a visitor’s details are matched with any watchlist or sex offender entry, the Kiosk Monitor may initiate silent alert notifications to any stakeholders the organization chooses. Also, if the visitor that is denied access becomes a further threat, the Kiosk Monitor can initiate any additional internal or external alarms they feel are needed (e.g., Alert Security, Hard Lockdown, etc.) which produce mass emergency notifications. “The SilverShield Self-Service Kiosk ensures that all visitors are correctly checked-in, screened and badged,” said Baker. “It’s one more way that SilverShield Systems helps keep your facility safe and secure.”

The industry faces numerous challenges in the coming year. Physical and cyber security threats continue to become more complex, and organizations are struggling to manage both physical and digital credentials as well as a rapidly growing number of connected endpoints in the Internet of Things (IoT). We are witnessing the collision of the enterprise with the IoT, and organizations now must establish trust and validate the identity of people as well as ‘things’ in an environment of increasingly stringent safety and data privacy regulations. Meanwhile, demand grows for smarter and more data-driven workplaces, a risk-based approach to threat protection, improved productivity and seamless, more convenient access to the enterprise and its physical and digital assets and services. Using Smartphone Apps To Open Doors Cloud technologies give people access through their mobile phones and other devices to many new, high-value experiencesEnterprise customers increasingly want to create trusted environments within which they can deliver valuable new user experiences. A major driver is growing demand for the ‘digital cohesion’ of being able to use smartphone apps to open doors, authenticate to enterprise data resources or access a building’s applications and services. Cloud technologies are a key piece of the solution. They give people access through their mobile phones and other devices to many new, high-value experiences. At the same time, they help fuel smarter, more data-driven workplace environments. With the arrival of today’s identity- and location-aware building systems that recognize people and use deep learning analytics to customize their office environment, the workplace is undergoing dramatic change. Improved Fingerprint Solutions Cloud-based platforms and application programming interfaces (APIs) will help bridge biometrics and access control in the enterprise, overcoming previous integration hurdles while providing a trusted platform that meets the concerns of accessibility and data protection in a connected environment. At the same time, the next generation of fingerprint solutions will deliver higher matching speed, better image capture quality and improved performance. The next generation of fingerprint solutions will deliver higher matching speed, better image capture quality and improved performance Liveness detection will ensure that captured data is from a living person. Biometrics authentication will also gain traction beyond access control in immigration and border control, law enforcement, military, defense and other public section use cases where higher security is needed. Flexible Subscription Models Access control solutions based on cloud platforms will also change how solutions are deployed. Siloed security and workplace optimization solutions will be replaced with mobile apps that can be downloaded anywhere across a global ecosystem of millions of compatible and connected physical access control system endpoints. These connections will also facilitate new, more flexible subscription models for access control services. As an example, users will be able to more easily replenish mobile IDs if their smartphones are lost or must be replaced. Generating Valuable Insights With Machine Learning Machine learning analytics will be used to generate valuable insights from today’s access control solutionsEducation, finance, healthcare, enterprise, and other niche markets such as commercial real-estate and enterprises focused on co-working spaces will benefit from a cloud-connected access control hardware foundation. There will be a faster path from design to deployment since developers will no longer have to create an entire vertically integrated solution. They will simply add an app experience to the existing access control infrastructure. New players will be drawn to the market resulting in a richer, more vibrant development community and accelerated innovation. Data analytics will be a rapidly growing area of interest. Machine learning analytics will be used to generate valuable insights from today’s access control solutions. Devices, access control systems, IoT applications, digital certificates and location services solutions, which are all connected to the cloud, will collectively deliver robust data with which to apply advanced analytics and risk-based intelligence. As organizations incorporate this type of analytics engine into their access control systems, they will improve security and personalize the user experience while driving better business decisions. 

It’s not surprising that people are nervous about the security of newer technologies, many of which are part of the Internet of Things (IoT). While they offer greater efficiency and connectivity, some people still hesitate. After all, there seems to be a constant stream of news stories about multinational corporations being breached or hackers taking control of smart home devices. Both of these scenarios can feel personal. No one likes the idea of their data falling into criminal hands. And we especially don’t like the thought that someone can, even virtually, come into our private spaces. The reality, though, is that, when you choose the right technology and undertake the proper procedures, IoT devices are incredibly secure. That said, one of the spaces where we see continued confusion is around access control systems (ACS) that are deployed over networks, particularly in relation to mobile access, smartcards, and electronic locks. These technologies are often perceived as being less secure and therefore more vulnerable to attacks than older ACS systems or devices. In the interest of clearing up any confusion, it is important to provide good, reliable information. With this in mind, there are some myths out there about the security of ACS that need to be debunked. The fact that these devices communicate with an ACS via Bluetooth or Near Field Communication (NFC) leads to one of the main myths we encounter Myth #1: Mobile Credentials Are Not Secure The first myth we have to look at exists around mobile credentials. Mobile credentials allow cardholders to access secured doors and areas with their mobile devices. The fact that these devices communicate with an ACS via Bluetooth or Near Field Communication (NFC) leads to one of the main myths we encounter about the security of credentialed information. There is a persistent belief that Bluetooth is not secure. In particular, people seem to be concerned that using mobile credentials makes your organization more vulnerable to skimming attacks. While focusing on the medium of communication is an important consideration when an organization deploys a mobile credentialing system, the concerns about Bluetooth miss the mark. Bluetooth and NFC are simply channels over which information is transmitted. Believing that Bluetooth is not secure would be the same as suggesting that the internet is not secure. In both cases, the security of your communication depends on the technology, protocols, and safeguards we all have in place. So, instead of wondering about Bluetooth or NFC, users should be focused on the security of the devices themselves. Before deploying mobile credentials, ask your vendor (1) how the credential is generated, stored, and secured on the device, (2) how the device communicates with the reader, and (3) how the reader securely accesses the credential information. When you deploy smartcard technology as part of your ACS, you should choose the latest generation, such as MiFARE DesFIRE EV1 or EV2 and HID iCLASS SEOS Myth #2: All Smartcards Are Equally Secure The question “how secure are my smartcards?” is a serious one. And the answer can depend on the generation of the cards themselves. For example, while older smartcards like MiFARE CLASSIC and HID iCLASS Classic offer better encryption than proxy cards and magstripe credentials, they have been compromised. Using these older technologies can make your organization vulnerable. As a result, when you deploy smartcard technology as part of your ACS, you should choose the latest generation, such as MiFARE DesFIRE EV1 or EV2 and HID iCLASS SEOS. In this way, you will be protecting your system as well as your buildings or facilities. Some traditional readers and controllers can also pose a serious risk to your organization if they use the Wiegand protocol, which offers no security. While you can upgrade to a more secure protocol like OSDP version 2, electronic locks are a very secure alternative worth considering. It is also important to understand that not all smartcard readers are compatible with all smartcard types. When they are not compatible, the built-in security designed to keep your system safe will not match up and you will essentially forego security as your smartcard-reader will not read the credentials at all. Instead, it will simply read the non-secure portion—the Card Serial Number (CSN) —of the smartcard that is accessible to everyone. While some manufacturers suggest that this is an advantage because their readers can work with any smartcard, the truth is that they are not reading from the secure part of the card, which can put your system and premises at risk. Using electronic locks can help protect facilities and networks through various security protocols, including encryption and authentication Myth #3: Electronic Locks Are More Vulnerable These days, there are still many who believe that electronic locks, especially wireless locks, are more vulnerable to cybercriminal activity as compared to traditional readers and controllers. The concern here is that electronic locks can allow cybercriminals to both access your network to get data and intercept commands from the gateway or nodes over the air that would allow them access to your buildings or facilities. The reality is that using electronic locks can help protect facilities and networks through various security protocols, including encryption and authentication. Additionally, because many of these locks remain operational regardless of network status, they provide real-time door monitoring. This means that many electronic locks not only prevent unauthorized access but also keep operators informed about their status at all times, even if a network goes down. Outdated technology and old analogue systems are more vulnerable to attacks When it comes to deploying electronic locks, it is important to remember that, like any device on your network, they must have built-in security features that will allow you to keep your information, people, and facilities safe. Be Prepared To Unlock Future Benefits Ultimately, the information in your IP-based ACS is at no greater risk than any other information being transmitted over the network. We just have to be smart about how we connect, transmit, and store our data. In the end, maintaining the status quo and refusing to move away from old technology is not a viable option. Outdated technology and old analogue systems are more vulnerable to attacks. The reason it is so important to debunk myths around ACS and, at the same time, get people thinking about network security in the right way is that network-based systems can offer an ever-increasing number of benefits. When we deploy new technology using industry best practices and purchase devices from trusted vendors, we put ourselves and our networks in the best possible position to take full advantage of all that our increasingly connected world has to offer.

With the coming of a New Year, we know these things to be certain: death, taxes, and… security breaches. No doubt, some of you are making personal resolutions to improve your physical and financial health. But what about your organization’s web and mobile application security? Any set of New Year’s resolutions is incomplete without plans for protecting some of the most important customer touch points you have — web and mobile apps. Every year, data breaches grow in scope and impact. Security professionals have largely accepted the inevitability of a breach and are shifting their defense-in-depth strategy by including a goal to reduce their time-to-detect and time-to-respond to an attack. Despite these efforts, we haven’t seen the end of headline-grabbing data breaches like recent ones affecting brands such as Marriott, Air Canada, British Airways and Ticketmaster. App-Level Threats The apps that control or drive these new innovations have become today’s endpoint The truth of the matter is that the complexity of an organization’s IT environment is dynamic and growing. As new technologies and products go from production into the real world, there will invariably be some areas that are less protected than others. The apps that control or drive these new innovations have become today’s endpoint — they are the first customer touch point for many organizations. Bad actors have realized that apps contain a treasure trove of information, and because they are often left unprotected, offer attackers easier access to data directly from the app or via attacks directed at back office systems. That’s why it’s imperative that security organizations protect their apps and ensure they are capable of detecting and responding to app-level threats as quickly as they arise. It’s imperative that security organizations protect their apps and ensure they are capable of detecting and responding to app-level threats as quickly as they arise In-Progress Attack Detection Unfortunately, the capability to detect in-progress attacks at the app level is an area that IT and security teams have yet to address. This became painfully obvious in light of the recent Magecart attacks leveraged against British Airways and Ticketmaster, among others. Thanks to research by RiskIQ and Volexity, we know that the Magecart attacks target the web app client-side. During a Magecart attack, the transaction processes are otherwise undisturbed Attackers gained write access to app code, either by compromising or using stolen credentials, and then inserted a digital card skimmer into the web app. When customers visited the infected web sites and completed a payment form, the digital card skimmer was activated where it intercepted payment card data and transmitted it to the attacker(s). Data Exfiltration Detection During a Magecart attack, the transaction processes are otherwise undisturbed. The target companies receive payment, and customers receive the services or goods they purchased. As a result, no one is wise to a breach — until some 380,000 customers are impacted, as in the case of the attack against British Airways. The target companies’ web application firewalls and data loss prevention systems didn’t detect the data exfiltration because those controls don’t monitor or protect front-end code. Instead, they watch traffic going to and from servers. In the case of the Magecart attacks, the organization was compromised and data was stolen before it even got to the network or servers. Today’s proven obfuscation techniques can help prevent application reverse engineering, deter tampering, and protect personal identifiable information and API communications Best Practice Resolutions The Magecart attacks highlight the need to apply the same vigilance and best practices to web and mobile application source code that organizations apply to their networks—which brings us to this year’s New Year’s resolutions for protecting your app source code in 2019: Alert The key to success is quickly understanding when and how an app is being attacked First, organizations must obtain real-time visibility into their application threat landscape given they are operating in a zero-trust environment. Similar to how your organization monitors the network and the systems connected to it, you must be able to monitor your apps. This will allow you to see what users are doing with your code so that you can customize protection to counter attacks your app faces. Throughout the app’s lifecycle, you can respond to malicious behavior early, quarantine suspicious accounts, and make continuous code modifications to stay a step ahead of new attacks. Protect Next, informed by threat analytics, adapt your application source code protection. Deter attackers from analyzing or reverse engineering application code through obfuscation. Today’s proven obfuscation techniques can help prevent application reverse engineering, deter tampering, and protect personal identifiable information and API communications. If an attacker tries to understand app operation though the use of a debugger or in the unlikely event an attacker manages to get past obfuscation, threat analytics will alert you to the malicious activity while your app begins to self-repair attacked source code or disable portions of the affected web app. The key to success is quickly understanding when and how an app is being attacked and taking rapid action to limit the risk of data theft and exfiltration. Protecting encryption keys is often overlooked but should be considered a best practice as you forge into the new year with a renewed commitment to app security to ensure your organization’s health and well-being in 2019 Encrypt Finally, access to local digital content and data, as well as communications with back office systems, should be protected by encryption as a second line of defense, after implementing app protection to guard against piracy and theft. However, the single point of failure remains the instance at which the decryption key is used. Effective encryption requires a sophisticated implementation of White-Box Cryptography This point is easily identifiable through signature patterns and cryptographic routines. Once found, an attacker can easily navigate to where the keys are constructed in memory and exploit them. Effective encryption requires a sophisticated implementation of White-Box Cryptography. One that combines a mathematical algorithm with data and code obfuscation techniques transforming cryptographic keys and related operations into indecipherable text strings. Protecting encryption keys is often overlooked but should be considered a best practice as you forge into the new year with a renewed commitment to app security to ensure your organization’s health and well-being in 2019. Protecting Applications Against Data Breach According to the most recent Cost of a Data Breach Study by the Ponemon Institute, a single breach costs an average of $3.86 million, not to mention the disruption to productivity across the organization. In 2019, we can count on seeing more breaches and ever-escalating costs. It seems that setting—and fulfilling—New Year’s resolutions to protect your applications has the potential to impact more than just your risk of a data breach. It can protect your company’s financial and corporate health as well. So, what are you waiting for?

The Emerging Technology Zone (ETZ) at ISC West welcomes new startups to the security industry; a requirement for exhibitors is that they have been in business for five years or less. This year, the ETZ will be in the Venetian Ballroom, a new section at ISC West 2019, incorporating companies that were previously featured in the “Global Expo” area along with mid-sized domestic companies and the return of the successful Emerging Technology Zone section. Now located in the Venetian Ballroom adjacent to the Sands Convention Center, this group of exhibitors will also have three large entrances of their own. Latest Technology Companies The ETZ will be a draw in and of itself and will do better for us than being on the main show floor" “The Emerging Technology Zone is a place for attendees to see the latest technology companies all in one place, rather than searching out individual companies all over the main show floor,” says Tom Buckley, Vice President, Sales and Marketing, for Qumulex, a 2019 exhibitor in the Emerging Technology Zone (ETZ). “The ETZ was an easy choice for us and is, in fact, the deciding factor in our taking a booth,” says Buckley. “As a technology startup, we wanted to be located with the other new companies. The ETZ will be a draw in and of itself and will do better for us than being on the main show floor.” Consistent Customer Lifetime Qumulex (Booth 40932) was formed in late 2018 by the founders of Exacq and Infinias. The new mobile-first, unified video surveillance and access control platform enables security integrators to increase recurring revenue and achieve consistent customer lifetime value, says Buckley. ”We are launching in the fall of 2019 but are exhibiting at ISC West due to early interest from security integrators wanting an early preview of what is coming.” Also among the 40 or so exhibitors in the Emerging Technology Zone will be a range of new technologies, from artificial intelligence (AI) to cloud solutions to wearables to lighting solutions and more. Video Analytics Platform Simple, intuitive situational awareness platform that gives first responders a tactical advantage Another ETZ exhibitor is ZeroEyes (Booth 40821), an intelligent video analytics platform, powered by AI, to detect weapons and recognize faces in real time. The company’s goal is to provide school administrators and decision-makers with a simple, intuitive situational awareness platform that gives first responders a tactical advantage. The company was founded by five former Navy SEALS with a combined 50 years of combat experience. “Our platform is being developed right now and has hit an inflection point where artificial intelligence and graphics processors are both capable enough and cost effective,” says Mike Lahiff, ZeroEyes CEO. “This technology is just at the point where it is ready for a wider release and not just for early adopters.” The company will be doing live demonstrations of the product in real time. “It is one thing to tell everyone our capabilities, but it is much more powerful to show our capabilities,” says Rob Huberty, ZeroEyes COO. “We will have cameras set up that are typical of school security systems. These cameras will be linked to the best available hardware on the market. We will showcase our software as it will actually be used in practice.” Companies At ETZ Last year’s Emerging Technology Zone, located downstairs on the lower level of the Sands Convention Center, had a lot of foot traffic and created positive feedback. Some of last year’s Emerging Technology Zone companies are exhibiting in the main exhibit hall this year, emphasising its role as a ‘stepping stone’ as new companies enter the market and then achieve critical mass. This year’s ETZ exhibitors will be looking for a similar level of results from the show. Our expectation is to demonstrate the huge value proposition in proactive security solutions in schools" “We will quantify our success at ISC West in the number of partners and integrators that decide they cannot live without our product,” says Lahiff. “Our expectation is to demonstrate the huge value proposition in proactive security solutions in schools. We want to have partners after the show ready to install our product.” Pre-show preparation will help ensure success. “We are inviting prospects and arranging demos ahead of time,” says Buckley of Qumulex. “Success at any trade show starts before the show. We’re fairly certain about the turnout we will get and the level of interest that integrators will have. We are sending out invites to several thousand security integrators to gain early interest. We also have a suite off the show floor for more in-depth demos.” Affordable Solutions The Emerging Technology Zone, along with the other exhibitors in the Venetian Ballroom, will be among the must-see highlights of ISC West. “Attendees will get to see the future in security,” says Huberty. “They will see actual solutions that are affordable and make sense. These solutions will have a clear value proposition.”

Recent technology advances – from the cloud to artificial intelligence, from mobile credentials to robotics – will have a high profile at the upcoming ISC West exhibition hall. Several of these technologies were recently designated by the Security Industry Association as the Top 8 Security Technologies for Security and Public Safety. Some of them will also be a focus at the ISC West conference program, SIA Education@ISC, April 9-11 at the Sands Expo Center. This article will highlight some of those conference sessions.  Topic: Cloud Systems And Video Surveillance As A Service (VSaaS) Managed Video Services are saving TD Bank $500K annually, April 9, 2:45 to 3:45 p.m. Why TD Bank decided to roll out a managed services solution, what it took to deploy and how the bank is saving an astounding $500,000 annually. IT 4.0 and Video Surveillance: A Guide to the New Terminology and What It Means to You and Your Customers, April 11, 1:15 to 2:15 p.m. How IT 4.0 can enhance or change video surveillance, and consequently deliver additional value to customers, including explanations of terms such as cloud data centers, personal clouds, the edge, IoT sensors and data analytics. One of the sessions to cover how IT 4.0 can enhance or change video surveillance, and consequently deliver additional value to customers Topic: Artificial Intelligence (AI) In Video And Other Systems The Challenges and Opportunities of AI in Physical Security, April 10, 3:45 to 4:45 p.m. Looking toward what the future may hold for AI in physical security; the challenges and opportunities the technology has created; and how participants can leverage AI and machine learning with existing customers to grow their business. Deep Learning Demystified: Next-Generation AI Applied to Video, April 11, 9:45 to 10:45 a.m.  Dispelling the myths of the terms “deep learning” and “artificial intelligence,” and what the technologies can do in practical terms. Modern cameras find and identify faces and vehicles, analyse behavior and organize and control assets Neural Processing and Smart Cameras, April 9, 8:30 to 10 a.m. Deep learning-capable hardware is evolving at a frantic pace, and GPU and NPU (neural processing unit) co-processors are commonly embedded in cameras and video management systems. Modern cameras find and identify faces and vehicles, analyse behavior and organize and control assets. Analytics in the Video Central Station: Proper Deployment, Programming and Configuration to optimize operational and cost efficiencies, April 11, 3:45 to 4:45 p.m. How analytics plays a critical role in reducing alarm traffic in a central station environment, allowing them to save money and realize other operational and performance efficiencies. Topic: Robotics And Autonomous Devices Robotic Aerial Security – Growth Trends and Best Practices, April 10, 11 a.m. to noon The lion’s share of growth in the robotic aerial security sector will come from autonomous systems and changing FAA regulations will soon allow companies to monitor and secure remote facilities with no human guards present. Racing drones are difficult to detect as they do not use GPS or radio frequency signals to identify the location of other devices How to Adapt to Address Drone Security, April 11, 1:15 to 2:15 p.m. Drone industry professionals and a physical security design engineer will cover the realistic applications of drone systems and counter-drone solutions that can protect organizations and facilities. Next Generation Threat: Racing Drones, April 11, 2:30 to 3:30 p.m. Racing drones are difficult to detect as they do not use GPS or radio frequency signals to identify the location of other devices. This session will identify the potential risks these drones can pose to facilities, special events, and critical infrastructure. Establishing a Corporate Drone Program, April 10, 9:45 to 10:45 p.m. Is a corporate drone program an appropriate addition to an existing security program? How to understand and navigate the regulatory challenges and processes associated with starting up a commercial-use drone program. The Rise of Intelligence in Physical Security, April 11, 9:45 to 10:45 a.m. “Intelligence” incorporates a variety of subdomains from artificial intelligence to machine learning and contextual analysis. It is rapidly becoming a focus in the realm of IT security – and increasingly in the realm of physical security, too. Changing FAA regulations will soon allow companies to monitor and secure remote facilities with no human guards present Topic: Mobile Credentials Finding Their Place In Access Control How Biometrics Are Enabling the Convergence of Physical and Information Security, April 10, 1:45 to 2:45 p.m. At the center of convergence is one crucial building block: strong irrefutable identity powered by biometrics. Driving the Future: How Interoperability Standards in Access Control Can Enable Smart Building Success, April 9, 1:30 to 2:30 p.m. Growing user demand is driving new open platform approaches and the adoption of interoperability standards Growing user demand for unfettered and unlimited third-party integrations is now driving new open platform approaches and the adoption of interoperability standards. They are changing the dynamic of access control and its role within the smart building environment. Topic: Facial Biometrics In Professional Solutions How Biometrics Are Enabling the Convergence of Physical and Information Security, April 10, 1:45 to 2:45 p.m. Securing workstations, virtual desktops, turnstiles, front doors, mobile devices and more, biometric authentication is helping enterprises and governments worldwide to realize a more secure future. Topic: Voice Control In The Smart Home Environment Delivering the Smart Home of the Future, April 11, 3:45 to 4:45 p.m. With the proliferation of connected smart devices, including voice control devices, consumers have a growing array of options for defining what their Smart Home experience could be.

How’s this for a simple access control scenario? You walk up to a door, wave your hand in front of a button, the button lights up, and the door opens. That’s the simplified user experience that startup Openpath is promoting as it enters the crowded and mature market for physical access control. Openpath says a simple user experience provides the extra boost needed for mobile credentialing to gain momentum. In this case, it’s even simpler than using a card credential (no searching in a bag or purse for the card). And there’s no personal identification number (PIN) code to remember; no “intrusive” biometric element that can concern some users. James Segil, President and Co-Founder of Openpath, says the simplified process “uses fewer thought cycles.” Reliability of the system comes from Openpath’s SurePath triple-connect technology “We wanted to make mobile access control that people want to use and can use safely and with ease,” he says. “We wanted to make using a smart phone for access control easier and more reliable than using a keycard.” Simplified User Operation In the simplified scenario, the mobile credential resides on a smart phone that can remain tucked away in the user’s purse or pocket. The credential remains active without the user needing to open an app. The wave of the hand signals intent, which causes the button to light up, activate and the door is ready to open. Segil says the simplicity of operation has contributed to the system seeing an unheard-of 94% adoption rate among users. Reliability of the system comes from Openpath’s SurePath triple-connect technology. The smart phone credential is delivered using Bluetooth, WiFi or LTE (cellular) – whichever signal reaches the reader first enables the door to be opened. So even if a company’s WiFi is down or Bluetooth proves unreliable, there is still a third option. Openpath deploys “seamless” cloud integration and makes it easy for landlords and tenants to integrate Openpath with other systems Seamless Cloud Integration Segil is a serial entrepreneur who has had experiences as a frustrated user, dealing with many different offices, people and access control deployments over the years – subletting office space, changing PIN codes, dealing with 10 different offices using 10 different cards. Based on that experience, Openpath’s founders saw a need for a more user-centric approach to access control, and a chance to improve the office experience to be more aligned with employees’ experiences in their smart homes. Segil says he also saw “significant lethargy” among incumbent players in the access control space, and a market in which mobile and cloud technologies had still not taken hold. In addition to a simplified user experience built around mobile credentialing, Openpath deploys “seamless” cloud integration and makes it easy for landlords and tenants to integrate Openpath with other systems. The “elegant” readers, including a flush-mounted version, fit in well with high-end office environments. The company launched in May 2018. Openpath has been signing up national and regional channel partners all across the U.S. Openpath is focused on the commercial real estate market, where they have already seen significant adoptions, especially among mid-sized companies. Larger deployments as part of new construction are in the pipeline. National System Integration In the past six months since its launch, Openpath has been signing up national and regional channel partners all across the U.S. and now has a nationwide footprint and is able to service customers all over the U.S. They are not yet disclosing any specifics about the number of partners they have signed up and who they are. “I can share that we have a number of large national system integration and security brands on board as channel partners and many more regional and local system integrators,” says Segil. They are looking for additional integrator partners. “There is a cohort of folks out there who say ‘I get it,’ and I want to offer it to my customers,” says Segil. The cloud element of the system can provide recurring monthly revenue (RMR). Openpath’s system offers flexibility in terms of meeting each customer’s security needs. In addition to the “super convenient” scenario described above, the system can also be configured to be “super secure,” using two-factor authentication and other measures, says Segil. There are multiple “flavors” between the two extremes. It can also be integrated with elevators to enable the buttons on allowed floors. Integration With Existing Systems Cloud software simplifies operation for both tenants and landlords. The system is backwards-compatible to existing systems and can be used to retrofit and mobile-enable a legacy system, providing the benefits of mobile features and cloud operation to multiple sites. The software can interface with enterprise applications such as Active Directory, and an application programming interface (API) facilitates integration with other systems and building components. It operates with marketing automation platforms such as Flack and visitor management systems such as Envoy. The system is backwards-compatible, providing the benefits of mobile features and cloud operation to multiple sites Open standards make the system easy to install in new or existing buildings using RS485, or Cat 5 or Cat 6 wiring, whatever is in place. Retrofit installations can use existing panels, servers, software, etc., or they can be replaced. The Openpath panel is installed right next to an existing panel in a retrofit and preserves all legacy integrations of the previous system. Access Credentials Compatibility In its simplest configuration, the Openpath system consists of single or four-door panels wired using standard ports, Wiegand ports and REX ports, each connected to software in the cloud. Each panel works offline if the internet connection is down. Various key fobs, cards and other credentials are available in addition to mobile credentials. Openpath was one of the new exhibitors at last fall’s GSX show in Las Vegas, occupying a large-sized booth for a startup company. The “beautiful” hardware drew a lot of attention, says Segil. “The channel loves us, and we signed a lot of people,” he adds. “We were excited by the response.”

Kwikset brand of Spectrum Brands, Inc. – Hardware & Home Improvement Division, announces that its SmartCode 888 Deadbolt Lock was chosen to become part of the new Home is Connected smart home system from D.R. Horton, Inc. The inclusion of Kwikset’s SmartCode 888 in the system was based on its value (great functionality at an entry-level price), reliability, and high degree of security. Incorporating the latest Z-Wave 500 chipset, the SmartCode 888 offers keyless entry through a convenient, easy-to-use touchpad. Kwikset’s patented Home Connect technology enables the lock to wirelessly communicate with other devices in the home through a third-party smart home controller, as well as to remotely check the door lock status, lock or unlock the door and receive notifications. Innovative Program D.R. Horton’s Home Is Connected system is included in the base price of each new home from the company’s family of brands D.R. Horton’s 'Home Is Connected' system is included in the base price of each new home from the company’s family of brands. The system includes a robust central hub by Qolsys that controls the smart home features, including a home alarm and automation platform by Alarm.com, Honeywell Home thermostat from Resideo, smart switches by Eaton Corporation, video doorbell by SkyBell and hands-free, voice-first experiences with Amazon Alexa. “We are pleased to be part of such an innovative program created by the nation’s largest volume homebuilder,” said Dave Seeman, Director of National Builder Accounts, Kwikset and Baldwin, Spectrum Brands, Inc. – Hardware & Home Improvement Division. Convenience Of Keyless Entry “We are confident that buyers of D.R. Horton homes will not only appreciate the security and convenience of keyless entry that our SmartCode 888 provides, but also the endless benefits of whole home automation. To be a part of a system that includes such well-known, reputable brands indicates to us the high level of trust D.R. Horton puts in our products.” Brad Conlon, Vice President of National Accounts for D.R. Horton, said, “We are pleased to work with Kwikset to provide this essential component to D.R. Horton’s new Home is Connected smart home system. We know our customers will appreciate the peace of mind that comes from Kwikset’s SmartCode 888 lock and the Home is Connected system overall.”

Mobile-device and application-security technology company Trustonic announces that Hyundai Motor America will demonstrate its new Digital Key app, secured by Trustonic Application Protection, at the New York International Auto Show 2019. The Digital Key will launch with the all-new 2020 Hyundai Sonata in the fall. Hyundai’s Digital Key is a downloadable smartphone app that can replace a traditional car key by leveraging Near Field Communication (NFC) to detect an authorized smartphone. An NFC antenna is located in the driver’s door handle for locking and unlocking while a second antenna for starting the engine is located in the wireless charging pad in the center console. Seamless Vehicle Sharing The Digital Key allows a smartphone to control select vehicle systems remotely using Bluetooth Low Energy (BLE) communication Once authorized, the Digital Key allows a smartphone to control select vehicle systems remotely using Bluetooth Low Energy (BLE) communication. A user can lock and unlock the vehicle, activate panic alert and start the engine within a range of about 30 feet of the car. The new Digital Key can be utilised by up to four authorized users, facilitating seamless vehicle sharing. Users’ preferred settings are also stored in the car, meaning that when a user is recognized, the vehicle automatically adjusts settings for side mirrors, radio presets, sound settings, and seat positioning. Hyundai is using Trustonic Application Protection (TAP) to secure the Digital Key. TAP ensures that Digital Key transfer requests are securely displayed to and approved by a real, authenticated user on a trusted device. Cybersecurity Approach TAP utilizes a multilayered industry-recognized security approach for communication to and from the customer’s phone. “Hyundai has been a leader in connected car technology for a long time now, with new features like Apple CarPlay, Android Auto, Smartwatch and Smart-speaker integration into our vehicles,” said Manish Mehrotra, director of digital business planning and connected operations, Hyundai Motor America. “Digital Key adds convenience for 2020 Sonata owners and allows us to be ready for future shifts in the mobility space, such as car sharing. We chose Trustonic because of their multilayered, industry recognized cybersecurity approach.” Vehicle-Function Permissions Hyundai’s Digital Key will enable easy car sharing and improved user experiences" Car owners have a deeper level of access than other authenticated users, enabling them to set vehicle-function permissions and the duration of access for each shared user. This enables uses beyond car sharing, such as enabling couriers to access the trunk within a pre-agreed window of time to deliver a package. Future uses that the app could enable include car rentals, triggering an alarm when a vehicle travels outside a designated area and remote control of features, such as autonomous parking. Ben Cade, CEO, Trustonic, adds, “Consumers expect to be able to manage their lives on their smartphones, and this includes their vehicles. Hyundai’s Digital Key will enable easy car sharing and improved user experiences for drivers—and as international leaders in app security, it’s up to us to ensure this can happen in a scalable and secure way.”

LOCKEN has been selected to modernise access management for half of all substations in Enedis’ national network. Following a test phase it has opted for the latest-generation intelligent key by Iseo, which uses contactless induction technology to guarantee instant access. The EDF subsidiary supplies electricity to consumer meters, through extremely high-voltage lines, located at its many substations. The solution is currently being introduced and full deployment across 1,100 substations will take place throughout 2019. Effective Solution The construction principles for this type of structure require wide open spaces to keep people and equipment safe Substations transform the power from very high-voltage lines (90,000 V or 225,000 V) to high-voltage (20,000 V most often) and through to private homes (230V). Some sites may be located in urban settings. In this case, the substations are installed in underground infrastructure, like in Paris and its inner suburbs. But most are found in rural or semi-urban areas, covering a half or full hectare. The construction principles for this type of structure require wide open spaces to keep people and equipment safe. With perimeter security accessible through an outside gate, substations comprise a technical room and a number of transformers, which may be outside or under shelter. These facilities have many access points which must be secured. Without an effective solution, key management is complex and operational efficiency is reduced. Centralized Management Software Substations are sensitive sites with strictly controlled access. Given the exposure to electrical risk, intrusions present potentially lethal consequences. This is where the LOCKEN solution comes in: a single key with associated rights allows employees to open any area they require (and are authorized to access) as part of their job. A lost key is easily disabled within the centralized management software. The solution is particularly appropriate given the number of maintenance officers required by substations. Users are not all Enedis employees, explains Maxime Leboeuf, Project Manager at Enedis. “Although site workers are mostly Enedis employees, the sites must also be accessible to subcontractors for extension and renewal work and a number of maintenance operations, by employees of RTE, the electricity transmission system operator responsible for the very high-voltage lines which end at substations.” Electronic Access Management “Electronic access management drastically reduces the risk of intrusion associated with mechanical keys. With the Locken system, we can now authorize subcontractor access for a specified period and location. In the Enedis setup, the access rights memorised by the electronic keys must be updated daily by the key's user using the dedicated devices.” Keys are deactivated almost immediately once the process is initiated in the Locken Smart Access (LSA) central management software" “Keys are deactivated almost immediately once the process is initiated in the Locken Smart Access (LSA) central management software. This also provides a reliable crisis management tool.” At Enedis, LOCKEN has fitted outdoor access points in often isolated, rural areas. The key supplies the energy to open the cylinder so no wires are needed for doors. Extending Electronic Key The cylinder is approved to resist extreme weather conditions, especially the effects of water. Contactless technology also shields it from dust and oxidation. Enedis is considering the possibility of extending electronic key use to the most sensitive parts of its technical rooms, especially access to control and command rooms, the nerve centres of the substations. Enedis also plans to replace all substation cylinders to minimize the risks associated with joint activity, meaning a number of operations carried out by different engineers can take place simultaneously at the same substation.

HID Global, a global provider of trusted identity solutions, announced that Tasmania’s Old Kempton Distillery (OKD) has deployed its Internet of Things (IoT) enablement platform, HID Trusted Tag Services, to combat counterfeiting of its world class whiskeys, gins and other liquor products. HID’s innovative IoT platform for brand protection, combined with the web application developed by local integrator AusNFC, enables Old Kempton Distillery to guard against gray market activities and allows customers to authenticate their product at the point of sale. It also strengthens the appellation registration for the Australian island state of Tasmania, which boasts some of the most pristine water and climate conditions for manufacturing premium, top-shelf liquor products. Taking Measures To Prevent Counterfeiting HID Trusted Tag Services is changing the game for authenticating brands and staying connected to buyers through a mobile experience"“Old Kempton Distillery makes one of the world’s finest whiskeys, and with counterfeiting in our industry becoming a global issue, we recognized the need to take proactive steps to protect our brand,” said Robbie Gilligan, Business Manager and Brand Ambassador for Old Kempton Distillery. “We were seeking the best brand protection technology available and a solution that would also allow us to securely engage with our customers, long after a sale. We believe that HID Trusted Tag Services and the support provided through AusNFC provide just that.” Beyond its anti-counterfeiting features, HID’s IoT offering opens a new and powerful avenue for Old Kempton Distillery to stay connected with customers via direct and hyper-personalized communications that helps the distillery build brand loyalty in a privacy-preserving, closed environment. “We find HID’s solutions to be applicable to many different industries,” said Larry Hower, CEO of AusNFC. “HID Trusted Tag Services is changing the game for authenticating brands and staying connected to buyers through a mobile experience.” Working Of The System The distillery’s solution incorporates HID Trusted Tag Services into the AusNFC web application that drive the front-end mobile experience on customers’ phones. A HID cryptographically secure Near Field Communication (NFC) tag is embedded into the label of every liquor bottle, which links to HID’s cloud authentication service. By tapping their iPhone or Android phone to the bottle, the customer activates a secure communications channel that authenticates the provenance of their premium product – down to the actual bottle number. Each tap generates a unique URL, preventing counterfeiters from copying, spoofing or manipulating the URL for false verification. Combining Cloud Authentication With NFC Tags The advanced cryptographic capabilities of the embedded tags make them virtually impossible to be cloned or copied“HID’s IoT technology is enabling mass adoption of brand protection by major brands worldwide that are seeking to address more sophisticated attempts by fraudsters focused on imitating their products,” said Mark Robinton, Director of Business Development and Strategic Innovation at HID Global. “Manufacturers and consumers alike can rest assured that their product can be authenticated at every stage of its lifecycle – from production to the shopping bag.” HID Trusted Tag Services combine HID’s cloud authentication services with its trusted NFC tags that come in many form factors for variety of product shapes and sizes requiring brand authentication. HID’s trusted NFC tags are embedded into each product during the manufacturing process, and are easily read using NFC-enabled smartphones (both Android and iOS v11 and newer). The advanced cryptographic capabilities of the embedded tags make them virtually impossible to be cloned or copied, and the extended security features in HID’s cloud authentication service provide privacy-preserving brand authentication and consumer engagement in a closed and trusted environment. 

3xLOGIC, Inc., a provider of integrated, intelligent security solutions, and a three-time Deloitte Technology Fast 500 winner, announces that the Bradley Business Center, located in Chicago, has installed a 3xLOGIC infinias CLOUD access control system throughout the redevelopment project. HTML Global, an IT Managed Services Provider (MSP), oversaw system installation and continues to provide remote system management. Bradley Business Center (BBC) is the largest redevelopment project on Chicago’s north side, comprising over 500,000 square feet, spread over 22 acres. The BBC offers a unique shared office environment for entrepreneurs and professionals and boasts a wide array of features and amenities. Controlling Common Areas Both organizations do the day-to-day administration of the system, with HTML Global providing back-up and higher-level functions At present, the 3xLOGIC infinias system manages a total of 43 internal doors throughout the complex, split between BBC-managed doors and those for a tenant company, Compass Health Center. The two organizations manage their own access separately but use some of the same network and PoE switches. BBC doors managed are mainly those controlling common areas and shared amenities— parking, fitness facility, rooftop terrace, and others—but also data rooms and other sensitive areas within the office space. Both organizations do the day-to-day administration of the system, with HTML Global providing back-up and higher-level functions when requested. “When we started with BBC, they were looking to us for our knowledge base, and we installed a few doors at that time. Then, we built out the system as they added new offices and common areas to be managed,” explained William Hunt, Managing Director, HTML Global. Cloud-Based System “The distributed Ethernet network can easily handle all the doors and that simplified installation and on-going management. The BBC property management staff don’t want a server onsite, so a cloud solution nicely fits their needs. Another advantage for BBC is our RMR services and the fact that a cloud-based system is mainly operating expenses, not hardware capital expenses—that’s economically advantageous for a property management business.” “There are so many other advantages to a cloud-based system, especially our ability to add doors when any of the resident companies want to join the system, or to expand the number of doors for existing customers—we can add one door or hundreds of doors upon request,” said Hunt. “Compass likes the system functionality and ease-of-use so much, they recently expanded it to their Northbrook location, too. That way, when staff move between the two facilities, they only need one set of credentials.” Access Control System Such high-level control and ease of use is accomplished with minimal hardware on site BBC controls access by zone and/or amenity for each credential holder, administrators can add zones and close access to other zones with a few keystrokes. Door control is granular, making it easy to provide all-areas access to senior staff and highly-limited access, for example, for contractors and temporary workers. Such high-level control and ease of use is accomplished with minimal hardware on site. Many administrators were up and running on the infinias system with very little training, if any. With a cloud-based access control system, new tenants can join the system with ease, or a tenant can be removed from the system in a matter of minutes. Fix Things Remotely Hunt again, “As an MSP, we are overseeing a system that updates itself automatically, and because BBC management doesn’t have a full-time IT person, that’s where we come in.” The future looks bright for HTML Global with the Bradley Business Center. Current office space is nearing fully-leased status, and BBC management is looking to expand their property offerings into additional buildings located on the same parcel. Hunt is impressed with another feature of the cloud-based system, “The network is set up on PoE switches, so if a door isn’t acting properly, we can fix things remotely, we don’t need to roll a truck—that’s very cost-effective.”

Serving a large geographical area of the North Island of New Zealand, the Waikato District Health Board (Waikato DHB) provides hospital and community-based health services to a population of nearly 400,000 people. With a wide range of security needs that include protecting staff and patients, securing high-risk facilities, restricting unauthorized access to medication and medical equipment, and streamlining contractor and car park management, Waikato DHB required a security solution that could be applied to both high and low security areas. The system al so needed to provide a comprehensive audit trail and detailed reporting, to identify access movements by employees and help meet legal requirements around the safe and secure storage of medication and equipment. Gallagher Single Access Card Control System Gallagher’s access control solution for Waikato DHB utilizes a single access-card system that simply and instantly updates access permissions Gallagher’s access control solution for Waikato DHB utilizes a single access-card system that simply and instantly updates access permissions, as well as streamlining car parking services. Where high-level security is needed, Gallagher’s system offers Waikato DHB the ability to lock-down areas of the hospital when required, isolating areas and restricting access. Gallagher’s Command Center Mobile application also delivers duress notifications from buttons located around the hospital directly to a guard's mobile device. Electronic Tag Boards allow contractors to easily sign on and off of the site, ensuring Waikato DHB meets health and safety requirements. In an environment where access profiles change on a daily basis as staff move between different departments, Gallagher’s access control system and Command Center central management platform ensure staff can approach doors with the confidence that they can enter or leave areas as necessary. The access card system has also reduced the risks associated with handling keys, along with providing detailed reports to meet comprehensive auditing requirements, saving time and cost. 'Security Ward Standard' Waikato DHB's experience with Gallagher products ultimately led them to develop a 'Security Ward Standard' detailing the minimum-security equipment required for new buildings, greatly reducing time spent producing specification documents and gathering approvals. As Waikato DHB's security requirements continue to evolve, Gallagher’s systems provide future-proofing with a software maintenance agreement ensuring they operate the very latest software available. Fast Facts About The Project Industry: Healthcare Business type: Hospital Number of employees: 6,500 Site Size: 18 hectares with 176,000 sq.metres of buildings Number of doors: Over 730 access-controlled doors; 40 alarmed and monitored refrigerators/freezers; 15 carpark barrier arms; 1 gate. Gallagher solutions and technology utilized: Command Center Controller 6000 T-Series readers Tag Boards Car park Management

The year ahead holds endless promise for the physical security industry, and much of that future will be determined by which technologies the industry embraces. The menu of possibilities is long – from artificial intelligence to the Internet of Things to the cloud and much more – and each technology trend has the potential to transform the market in its own way. We tapped into the collective expertise of our Expert Panel Roundtable to answer this question: What technology trend will have the biggest impact on the security market in 2019?

The new year 2019 is brimming with possibilities for the physical security industry, but will those possibilities prove to be good news or bad news for our market? Inevitably, it will be a combination of good and bad, but how much good and how bad? We wanted to check the temperature of the industry as it relates to expectations for the new year, so we asked this week’s Expert Panel Roundtable: How optimistic is your outlook for the physical security industry in 2019? Why?

When is it too late to learn that a video camera isn’t working properly? As any security professional will tell you, it’s too late when you find that the system has failed to capture critical video. And yet, for many years, system administrators “didn’t know what they didn’t know.” And when they found out, it was too late, and the system failed to perform as intended. Fortunately, in today’s technology-driven networked environment, monitoring a system’s health is much easier, and a variety of systems can be deployed to ensure the integrity of a system’s operation. We asked this week’s Expert Panel Roundtable: How can remote monitoring of a security system’s health and operation impact integrators and end users?