GET Group North America, an innovative developer of mobile ID technology with over 20 years of experience in secure government credentials, announced that its GET Mobile Administrator will enable DMVs and other ID card Issuing Authorities to provide mobile driver's licenses (mDLs) and other forms of mobile identification (mIDs) that comply with global interoperability standards. GET Group NA, with its technology partner Scytales AB, is working with the International Standards Organisation (ISO)...
Pulse Secure, the provider of software defined secure access solutions, announces that growing demand for hybrid IT and Zero Trust Secure Access, resulted in double digit deal volume growth in the first half of 2019. Additionally, the company announces significant achievements in product innovation, channel programs, customer service and talent acquisition. “Our sales growth demonstrates that we offer the most flexible and robust platform for Secure Access. We are ideally positioned to ca...
Keysight, the test and measurement vendor introduces its new Automotive Cybersecurity Program that delivers a broad cybersecurity portfolio, including hardware, software and services, to address the growing concern of cyber-attacks on connected vehicles. The cyber world is increasingly impacting the safe operation of automobiles, opening the risks of exposure, including malicious hacker activities. The new reality is that cyber-attacks against automobiles could result in the loss of human life....
Global Security Exchange (GSX) 2019 will blow into the Windy City this fall, combining a tradeshow, a full schedule of professional education sessions, plenty of industry networking opportunities, and an annual reunion of the top professionals from around the world tasked with protecting people, property and assets. GSX – the trade show and industry event 'formerly known as' the ASIS Annual Seminar and Exhibits – will be Sept. 8-12 at Chicago’s McCormick Place. The show promi...
AMAG Technology, global provider of unified solutions that help organizations mitigate risk, introduces its Symmetry GUEST visitor management family of interactive touch screen kiosks. Symmetry GUEST kiosks Symmetry GUEST improves the visitor experience by automating all processes associated with the lifecycle of a visitor, streamlining the journey through the reception area, enforcing compliance and reducing operating costs. Eliminate paper logbooks and create an audit trail to properly manag...
GET Group North America, an innovative developer of mobile ID technology with over 20 years of experience in identity management, announced that its GET Mobile ID Digital Identity Solution for iOS can support near-field communication (NFC) for identity transactions at Point of Sale (POS), airports, and even kiosks. GET Mobile ID for Android already supports NFC identity transactions. GET Group NA and global partner Scytáles AB, innovative developers of mobile ID technology, are the...
Cook Security Group (CSG) successfully unveiled its privately branded video surveillance solution, Piko VMS, during their 2019 Technology & Innovation Summit in Portland Oregon. Health monitoring Cook named Razberi Technologies as their hardware partner to provide the intelligent appliance and health monitoring component to the new VMS brand. “While we still have strong relationships with our traditional video partners, we wanted to provide an open cloud-enabled platform to deliver seamless integrations of multiple technologies. This is beyond just video, as we have already integrated with dozens of apps such as analytics, alarm, access control, retail, HR, IoT...the list goes on. All designed to bring our customers efficiencies and give them the technology they’ve been waiting for” states Brian Cook, CEO of Cook Security Group. Three together creates an industry changing solution for our Financial & Commercial Customers" Secure, simple, and open “We are excited because Piko is secure, simple, and open. Secure because all traffic is encrypted including video and outbound only. Simple because Piko is extremely user-friendly, needs no enterprise requirements or complexity, and offers adaptive scaling. Open because Piko offers endless APIs and ways to integrate. Those three together creates an industry changing solution for our Financial & Commercial Customers.“ adds CTO Levi Daily. Integration with Mobile Interface Piko also includes a wide variety of video analytics and integrations, providing customized notifications, proactive machine learning, and 24/7 health monitoring. “Customers come to us with ideas or pain points and we develop then implement. They drive our solutions and Piko makes it easy” Brian adds. Piko fully integrates with Cook’s secure mobile & online interface, Cook Command Center, and includes 10GB’s of Cook’s Case Management module offering seamless secure sharing with law enforcement or other institutions. Razberi chosen as hardware partner Piko and the ServerSwitchIQ provide everything our customers are asking for" Cook chose Razberi Technologies as their hardware partner, loading Piko on Razberi’s robust ServerSwitchIQ, complete with an integrated server & managed PoE switch. “We chose Razberi based on their solid reputation in the marketplace” states Daniel Smallwood, Cook’s VP of Technology. “They provide CameraDefense built in to combat cyber threats, anti-virus, proactive machine learning, and UL, CE, FCC, & RoHS Certifications.” “They are IP camera agnostic and completely scalable in terms of storage, PoE ports, etc. Piko and the ServerSwitchIQ provide everything our customers are asking for and at roughly half the price of a traditional DVR.” Smallwood adds. Expertise in video surveillance “Razberi’s partnership with Cook is exciting,” said Joe Vitalone, CMO of Razberi Technologies. “Razberi believes it should be easy for anyone to deploy, manage, and cybersecure their enterprise video surveillance system. Cook’s reputation in the financial industry will make it possible for Razberi’s expertise in video surveillance and cybersecurity to continue to provide solutions to financial institutions on a larger scale.”
Pulse Secure, the provider of software-defined Secure Access solutions, announces that it has published its ‘2019 State of Enterprise Secure Access’ report. The findings quantify threats, gaps and investment as organizations face increasing hybrid IT access challenges. The survey of large enterprises in the US, UK and DACH uncovers business risk and impact resulting in a pivot towards extending Zero Trust capabilities to enable productivity and stem exposures to multi-cloud resources, applications and sensitive data. Audit Access Security The survey data showed all enterprises have ongoing data center dependencies While enterprises are taking advantage of cloud computing, the survey data showed all enterprises have ongoing data center dependencies. One fifth of respondents anticipate lowering their data center investment, while more than 40% indicated a material increase in private and public cloud investment. According to the report, the shift in how organizations deliver Hybrid IT services to enable digital transformation must also take into consideration empowering a mobile workforce, supporting consumer and IoT devices in the workplace and meeting data privacy compliance obligations – all make for a challenging environment to ensure, monitor and audit access security. Empower Corporate Leadership “What was consistent across enterprise sizes, sectors, or location was that secure access for hybrid IT is a current and growing concern with cyberthreats, requirements and issues emerging from many sources. The reporting findings and insights should empower corporate leadership and IT security professionals to re-think how their organizations are protecting resources and sensitive data as they migrate to the cloud,” said Martin Veitch, editorial director at IDG Connect. IDG Connect and Pulse Secure will share research findings in a webcast entitled ‘State of Enterprise Secure Access – Issues, Initiatives and Tech,’ on June 13 at 7 a.m. PT / 10 a.m. ET / 2 p.m. GMT. Authorization Access Controls 61% of respondents indicated modest confidence in their security processes The survey found the most impactful incidents were contributed by a lack of user and device access visibility and lax endpoint, authentication and authorization access controls. Over the last 18 months, half of all companies dealt with malware, unauthorized/vulnerable endpoint use and mobile or web apps exposures. Nearly half experienced unauthorized access to data and resources due to insecure endpoints and privileged users, as well as unauthorized application access due to poor authentication or encryption controls. While a third expressed significant confidence, 61% of respondents indicated modest confidence in their security processes, human resources, intelligence and tools to mitigate access security threats. Device Configuration Compliance The survey revealed the top access threat mitigation deficiencies: Defining app, data and resource access and protection requirements Defining, implementing and enforcing user and device access policy Provisioning, monitoring and enforcing BYOD and IoT device access When survey participants were asked what they perceive as their largest operational gaps for access security, the majority identified hybrid IT application availability; user, device and mobile discovery and exposures; weak device configuration compliance; and inconsistent or incomplete enforcement. Correspondingly, the participants stated that their organizations are stepping up their access security initiatives: 48% improving endpoint security, remediation prior to access 46% enhancing IoT discovery, isolation and access control 44% fortifying network and cloud access visibility and resource segmentation Software Defined Perimeter Larger companies have about 30% more tools than smaller enterprises The cited incidents, threat mitigation deficiencies and operational gaps are among reasons for the interest in a Zero Trust approach for access security. A Zero Trust model authenticates, authorizes and verifies users, devices, applications and resources no matter where they reside. It encompasses proving identity, device and security state before and during a transaction; applying a least privilege access closest to the entities, applications and data; and extending intelligence to allow policies to adapt to changing requirements and conditions. Adding to management complexity, the report also found that organizations employ three or more secure access tools per each of 13 solutions presented in the survey. Larger companies have about 30% more tools than smaller enterprises. Correspondingly, nearly half of respondents were open to exploring the benefits of consolidating their security tools into suites. With the migration to cloud, one tool of interest cited by respondents as being implemented or planned over the next 18 months is Software Defined Perimeter (SDP). Secure Access Tool 91% of enterprises plan to increase secure access expenditure over the next 18 months; 30% anticipate an increase spend between 15% to 25% 44% of enterprises use data center in conjunction with public cloud, 30% in conjunction with private cloud, and 26% utilize all three delivery environments 46% of large enterprises prefer data center and private cloud; primarily preferred by financial services and U.K.-based companies 49% or more cited significant access incidents due to malware, unauthorized and vulnerable endpoint use and mobile and web app exposures - healthcare organizations experienced greater mobile and web app exposures 81% expressed gaps in hybrid IT application availability - financial services experienced the most business impact related to application availability 78% indicated need for greater visibility of users, endpoints and mobile devices; more evident in large enterprises and those in the DACH region 42% will focus on refining privileged user or service account-based access – a top priority in financial services and manufacturing 48% stated a willingness to explore secure access tool consolidation into suites 56% stated a project or pilot of Software Defined Perimeter technology over the next 18 months Over 38% of respondents outsource secure access capabilities to Managed Security Service Providers (MSSPs) with additional MSSP usage to grow 10% by 2021 Secure Access Priorities We are pleased to sponsor the 2019 State of Enterprise Secure Access Report" The independent research for the report, which offers key insights into the current access security landscape and the maturity of defenses, was conducted by IDG Connect. Survey respondents included more than 300 information security decision makers in enterprises with more than 1,000 employees across U.S., U.K. and DACH regions, and covered key verticals including financial services, healthcare, manufacturing and services. “We are pleased to sponsor the 2019 State of Enterprise Secure Access Report. The independent research provides a useful litmus test for the level of exposure, controls and investment regarding hybrid IT access,” said Scott Gordon, chief marketing officer at Pulse Secure. “The key takeaway from this report is hybrid IT delivery has expanded security risks and necessitates more stringent access requirements. As such, organizations should re-assess their secure access priorities, capabilities and technology as part of their Zero Trust strategy.”
Maxxess Systems, the innovator in security solutions that empower total situational awareness for security enterprises, is showcasing its unique portfolio of video, access control and communications platforms that provide users with the highest levels of system integration, management and incident response technology at Expo Seguridad 2019 (booth #2524). Solutions on display include the Latin American public debut of Maxxess InSite awareness and response coordination system, the enhanced eFusion security management software and Maxxess’ MX+ Web Dashboard, the newly designed Ambit event management communications software, and a new Multi-Form Panic Solution that provides the lowest cost of entry for proactive protection. Combining Systems And Human Intelligence Maxxess solutions empower people and transform security operations to deliver new levels of situational awareness"“Maxxess solutions empower people and transform security operations to deliver new levels of situational awareness and business intelligence,” said Nancy Islas, President of Maxxess Systems. “By combining systems intelligence and human intelligence, our unique open architecture and intuitive platforms truly offer powerful, scalable solutions that can help stop events from happening, and better control incidents from the moment they begin.” The Maxxess solutions being demonstrated at Expo Seguridad 2019 include: Maxxess InSite awareness and response coordination system combines “system intelligence” and “human intelligence” to detect and respond to unfolding events in real time – all of which are queued, organized and displayed on a highly-intuitive user interface. Maxxess InSite enables early incident detection and action, allowing users to correlate data, improve response coordination, and deal with issues when they’re small – before they become large and costly. Maxxess InSite Maxxess InSite features an open-architecture framework to accommodate virtually any security or business intelligence application with comprehensive functionality. Over 50 different leading manufacturers are already integrated into Maxxess InSite, providing more combined capabilities and functionality than any other cross-platform solution available. eFusion security management software is a “system intelligence” solution that integrates and correlates data from surveillance, access control and various other physical security and facility operations’ data onto a comprehensive monitoring and reporting dashboard. eFusion Security Management Software eFusion provides video and access system management and control capabilities along with alarm monitoring eFusion provides video and access system management and control capabilities along with alarm monitoring; remote access credentials tracking, authorization, and de-authorization; door/access status; and more. Proven globally in installations around the world, new enhancements to eFusion include new Flow Control with auto expiration, and advanced data processing. Flow Control allows users to configure the specific door(s) that must be used first to gain primary access to a facility with programmable timer setting. Advanced data processing correlates databases to accommodate complex relationship rules between the authoritative database and the Maxxess database. Enhancements To MX+ Web Dashboard To further simplify user engagement with eFusion, Maxxess Systems’ MX+ Web Dashboard has also been further enhanced with new features including system-wide lockdown; Video Management System (VMS) integration; mobile cardholder management operations with badge printing; and access control status indication in an easy-to-read graphical format and schedule configuration. Ambit event management communications software provides real-time “human intelligence” for alerts, notifications and status assessment via users’ smartphone and/or tablets, along with access control management. Ambit’s extensive communications and access control functionality provides security management and first responders with the critical on-site information and access system management they need to best handle unpredictable crises. Ambit And Multi-Form Panic Solution Maxxess Systems’ new Multi-Form Panic Solution provides the lowest cost of entry for proactive protection A cloud-based solution, new enhancements to Ambit include: an app design for easier operation including: a status update window; an easily accessible panic button; support for multiple photos from the field; the ability to assign reports to designated groups and/or individuals; enhanced filtering for target audiences to receive mass broadcasts; NC4 integration to external intelligence software to enhance information gathering; auto-location detection for event status posts; and a texting option for users without the app to receive relevant mass broadcasts. Also featured is Maxxess Systems’ new Multi-Form Panic Solution, which provides the lowest cost of entry for proactive protection. Available for implementation with any Maxxess System platform or as a stand-alone solution, it can be configured on any mobile device, PC keyboard or wearable device. Expanding Technology Partners List Maxxess Systems also continues to expand its roster of technology partners and integrations with the addition of: Mercury LP and MR62e controllers; OTIS Elevator Compass Overwatch; enhanced Milestone Systems’ MIP and Geutebruck GeViScope integrations; as well as new integrations with Salient Systems, Avigilon, ISS (Intelligent Security Systems), Nedap and RemotePoint.
The inaugural Tech Security Summit met at the Sheraton Grand Nashville last week. Combining DICE Corporation’s annual DICE User Group Conference with a series of educational sessions and panel discussions, the April 29-May 2 event provided a platform for leaders in security and alarm monitoring to meet and examine new technology and revenue growth opportunities in an evolving industry. DICE Corporation President and CEO Cliff Dice kicked off day one with an energizing keynote presentation, explaining his inspiration behind launching a new conference platform. “I had the idea for a tech security summit because a lot of people in the security industry were coming to us asking if we could contribute to more panels and be part of the discussion.” Security Technology Companies For almost 30 years, you have turned to us to provide the best solutions you trust to run your businesses" “We are the predominant infrastructure provider in the industry, so it made sense that we would explore new ways to bring those leaders together with our engineers and expand our annual summit to include everyone in the industry,” Dice said. The recent news of other security technology companies being sold and restructured was also discussed in the keynote, with Dice assuring attendees of the company’s commitment to remaining a family business focused on quality and customer satisfaction. “We are not selling,” Dice said before discussing some of the company’s highlights from the last year. “For almost 30 years, you have turned to us to provide the best solutions you trust to run your businesses. This is a family business and we have a long-term vision to keep operating the company from one generation to another,” he said. Alarm Automation Software Much of the week’s sessions focused on value and usability. The company’s new CloudEye cloud video recording product stood out as a prime example of the company’s ability to streamline an in-demand technology without compromising functionality and performance. Jerry Corrion, DICE Corporation’s chief software architect, addressed the growing need for off-premises surveillance storage and gave attendees and in-depth look at the technology’s simple setup, the CloudEye Connect mobile tool, and how dashboards and integrations with alarm automation software provide additional advantages. DICE Corporation’s recently announced integrations with Microsoft’s Dynamics 365 financial management system DICE Corporation’s recently announced integrations with Microsoft’s Dynamics 365 financial management system was also a frequently discussed topic. As the first to bring integrated accounting to the security industry, the implementation of Dynamics 365 with the company’s Matrix web applications provides new opportunities for users, including fully automated reporting of RMR and attrition and reporting of industry metrics such as EBITA (earnings before interest taxes and amortization). Educational Opportunities Industry-specific dashboards and business intelligence tools were also showcased by the engineers behind the integrations. In addition to product information and educational opportunities, networking was a large component of the Tech Security Summit experience. Platinum sponsor ACKData sponsored outings at well-known Music City institutions like Famous Saloon, which offered a taste of Nashville to attendees. From sampling the city’s legendary barbecue to participating in line dancing, industry professionals were able to socialize with DICE staff and get to know the people behind the technology they use every day. “Downtown Nashville was the perfect backdrop for our evening networking events,” said Amy Augustin, director of marketing and communications for DICE Corporation. “Being able to get together outside of the summit setting gives us more opportunities to connect and grow as tech producers and users.” Panel Discussion The final day of the Tech Security Summit focused on training opportunities and panel discussions The final day of the Tech Security Summit focused on training opportunities and panel discussions. Joshua Greko outlined new additions in UL, including the changes that will affect monitoring centers going forward. An introduction to level one operator training was offered by the Monitoring Association as part of their Five-Diamond designation program to certify monitoring centers. The event concluded with a panel discussion featuring David Sylvester and Stephen Rubin of Davis Mergers & Acquisitions Group and Barry Epstein of Vertex Capital discussing topics related to acquisitions and the effects of changing markets in the security industry. For Cliff Dice, the 2019 Tech Security Summit proved to be a worthwhile experience in providing another source of information about new technology available to the security industry. “I’m really pleased with the new Tech Security Summit format. By providing a user-focused platform for our customers, tech experts, and security professionals, we were able to do something that was truly different and beneficial for the industry.”
TrackTik Software’s mobile and web-friendly guard tour system uses automation to take the effectiveness and efficiency of an organization’s security management operations to the next level. This first-of-its-kind system provides security managers with a custom-tailored, holistic view of their operations and security personnel on tour with the support and safety of having ‘a coach in their back pocket.’ From scheduling and interacting with security staff to incident reporting, TrackTik’s software offers a complete suite of tools, including real-time checkpoint logging, incident reporting, GPS tracking, messaging, alerts and audio-video capabilities. Real-Time Picture With a variety of checkpoint options, together with GPS tracking, TrackTik’s automated guard tour system creates a real-time picture of an organization’s guard tour operations that improves transparency and accountability. The guard tour system establishes permitted and restricted zones, and can assign special protocols for specific locations. Offering immediate communication, modifications and transmission of data, TrackTik’s automated guard tour system also provides a live picture of the security environment in which security personnel are operating. The watch mode audio and video feed and recording feature informs of dangerous situations, which also helps support the health and safety of security personnel dealing with potentially high-risk situations, resulting in maximized security impact to help deliver a safer environment.
ProdataKey (PDK), an innovator of cloud-based networked and wireless access control products and services, releases a whitepaper that explores why widespread adoption of mobile credentialing in conjunction with access control systems has lagged behind other smart phone applications, and how new technologies promise to overcome barriers related to a security/convenience trade-off previously inherent in such solutions. By virtue of their processing power, smart phones can provide superior encryption, and security, than RFID cards, fobs and smart cards. They are also more carefully guarded by employees. Cumbersome Activation Process Workers may loan a card to a colleague, but would never part with their phone and, unlike an access card, they would immediately seek to deactivate their phone if it were ever lost or stolen. Despite these and other security benefits, most mobile credentialing systems have fallen short in the area of convenience, requiring users to unlock and remove their phones from pocket or purse in order to use them as a credential. These systems require a cumbersome activation process for users and additional effort by administrators These systems also often require a cumbersome activation process for users and additional effort by administrators to manage. In order for smartphones to become the preferred method of credentialing, they need to provide a superior user experience to what they’re replacing – cards or fobs. Better User Experience Readers of this white paper will learn how, and why, this equation is changing. Topics include: How mobile credentials can improve both security and convenience. The long-term benefits of deploying and using mobile credentials. How to create a better user experience over cards, fobs, and other less convenient mobile credentials. Why the convenience versus security trade-off is ending. Josh Perry, PDK’s CTO, states, “The next generation of mobile credentialing, that leverages all the capabilities of cloud, smartphone and Bluetooth technology in exciting new ways, will deliver a consistently superior experience to security management teams, employees who use these systems, and security integrators who provide installation and support. Within a few years, I predict that the popularity of mobile credentialing will skyrocket.” ‘Moving Toward Mobile Credentials; How New Technologies Offer Smoother Sailing Ahead’ can be downloaded from PDK’s website
In the next three years, software as a service ‘SaaS’ is likely to grow by around 23%. That’s according to reports by Cognizance. It’s growth rests on the adoption of cloud public, private and hybrid. Without the cloud applications can’t truly pervade an organization, nor can operational or customer benefits be derived. But there’s no point in adopting the cloud if it’s not secure - the proliferation of SaaS demands security, none more so in a GDPR world. Large cloud environment But modern applications are difficult to secure. SaaS based, web, mobile, or custom made all work on different platforms and frameworks. It’s a headache managing all the APIs needed to automate and sync tools. This introduces risk. The greater the number of apps the broader the attack surface and therefore the greater the chance there will be blind posts. Keeping up to date with updates and new security policies is never easy There are also added hazards. Applications are always changing. Keeping up to date with updates and new security policies is never easy, but especially hard in a large cloud environment. Failure to adopt changes puts the organization and customers at further risk. But the biggest obstacle is keeping applications and APIs out of harm’s way. It’s a near on impossible task when attack methods and sources are constantly changing. More advanced threats To be specific there are four emerging challenges when it comes to protecting apps. Firstly, managing the good and the bad bots and spotting which is which, secondly securing APIs as IoT adoption intensifies, thirdly the relationship between securing apps and DevOps and ensuring ownership of security, and finally denial of service attacks that use newer tactics such as brute force. Basic security hygiene dictates that security teams refer to the OWASP Top 10. It’s considered the ‘ten commandments’ in security circles, providing a starting point for ensuring the most common threats and vulnerabilities are managed, detected and mitigated. Web Application Firewalls also come into the fray with guidance on testing for the ways hackers exploit vulnerabilities. However, though the basics are good to have in place, there are always more advanced threats to take care of. Bots being a big one. Bot management The more sophisticated bots will go as far as to mimic human behaviorAstonishingly about half of internet traffic is bot generated. Half of it is from bad bots. Discerning the good from the bad isn’t easy though and explains why around 80% of organizations can’t make a clear distinction between the two. Bad bots can do a lot of damage like take over user accounts and payment information, scrape confidential data, or hold up inventory and skew marketing metrics. The more sophisticated bots will go as far as to mimic human behavior and bypass tools like CAPTCHA and even device fingerprinting based protection ineffective. Securing APIs Then there’s the complications derived from machine-to-machine and internet of things (IoT) communications. The more integrated ‘things’, the more data there is, the more events there are report on, and the more activity there is reliant on APIs to make the ‘things’ useful and agile. That’s what makes them a target and the threats to API vulnerabilities include injections, protocol attacks, parameter manipulations, invalidated redirects and bot attacks. There’s the risk that business will grant access to sensitive data, without inspecting nor protecting APIs to detect cyberattacks. There’s the risk that business will grant access to sensitive data, without inspecting nor protecting APIs to detect cyberattacks Denial of service (DoS) You might think there’s little to add to the swathes of denial of service warnings. Yet when businesses are still being targeted and feeling the ill effects it’s worth mentioning again that different forms of application-layer DoS attacks are still very effective at bringing application services down. Even the greatest application protection is worthless if the service itself can be knocked down This includes HTTP/S floods, low and slow attacks (famous examples being Slowloris, LOIC, Torshammer), dynamic IP attacks, buffer overflow, Brute Force attacks and more. The IoT botnets are the culprits and have made application-layer attacks so popular that they have become the preferred DDoS attack vector. Even the greatest application protection is worthless if the service itself can be knocked down. Continuous security It may seem easy to say but for modern DevOps, agility is valued at the expense of security. We see time and again examples of where development and roll-out methodologies, such as continuous delivery, mean applications are exposed to threats each time they are modified. There’s no doubt it is extremely difficult to maintain a valid security policy and protect sensitive data in dynamic conditions without creating a high number of false positives. But we now find that this task has gone way beyond the capability of humans. Organizations now need machine-learning based solutions that map application resources, analyse possible threats, and create and optimise security policies in real time. Reaching this level in security planning should be a big wake-up call that security automation is an essential not a nice to have. Running security plans The board needs to know that investment is critical to protect their profits It’s critical that the security solution your company adopts protects applications on all platforms, against all attacks, through all the channels and at all times. The board needs to know that investment is critical to protect their profits. As such there are six things they need to know: Application security solutions must encompass web and mobile apps, as well as APIs. Bot management solutions need to overcome the most sophisticated bot attacks. DDoS mitigation must be an essential and integrated part of application security solutions. A future-proof solution must protect containerized applications, severless functions, and integrate with automation, provisioning and orchestration tools. To keep up with continuous application delivery, security protections must adapt in real time. A fully managed service should be considered to remove complexity and minimise resources. No amount of human power will beat the bots. That last point is the most critical. Skill is essential in designing and running security plans and policies that work. But the plans can’t be executed without automated tools. There are just too many decisions to make in a split second. Combining both is the path to an effective app protection strategy and a stronger brand to boot.
It’s not surprising that people are nervous about the security of newer technologies, many of which are part of the Internet of Things (IoT). While they offer greater efficiency and connectivity, some people still hesitate. After all, there seems to be a constant stream of news stories about multinational corporations being breached or hackers taking control of smart home devices. Both of these scenarios can feel personal. No one likes the idea of their data falling into criminal hands. And we especially don’t like the thought that someone can, even virtually, come into our private spaces. The reality, though, is that, when you choose the right technology and undertake the proper procedures, IoT devices are incredibly secure. That said, one of the spaces where we see continued confusion is around access control systems (ACS) that are deployed over networks, particularly in relation to mobile access, smartcards, and electronic locks. These technologies are often perceived as being less secure and therefore more vulnerable to attacks than older ACS systems or devices. In the interest of clearing up any confusion, it is important to provide good, reliable information. With this in mind, there are some myths out there about the security of ACS that need to be debunked. The fact that these devices communicate with an ACS via Bluetooth or Near Field Communication (NFC) leads to one of the main myths we encounter Myth #1: Mobile Credentials Are Not Secure The first myth we have to look at exists around mobile credentials. Mobile credentials allow cardholders to access secured doors and areas with their mobile devices. The fact that these devices communicate with an ACS via Bluetooth or Near Field Communication (NFC) leads to one of the main myths we encounter about the security of credentialed information. There is a persistent belief that Bluetooth is not secure. In particular, people seem to be concerned that using mobile credentials makes your organization more vulnerable to skimming attacks. While focusing on the medium of communication is an important consideration when an organization deploys a mobile credentialing system, the concerns about Bluetooth miss the mark. Bluetooth and NFC are simply channels over which information is transmitted. Believing that Bluetooth is not secure would be the same as suggesting that the internet is not secure. In both cases, the security of your communication depends on the technology, protocols, and safeguards we all have in place. So, instead of wondering about Bluetooth or NFC, users should be focused on the security of the devices themselves. Before deploying mobile credentials, ask your vendor (1) how the credential is generated, stored, and secured on the device, (2) how the device communicates with the reader, and (3) how the reader securely accesses the credential information. When you deploy smartcard technology as part of your ACS, you should choose the latest generation, such as MiFARE DesFIRE EV1 or EV2 and HID iCLASS SEOS Myth #2: All Smartcards Are Equally Secure The question “how secure are my smartcards?” is a serious one. And the answer can depend on the generation of the cards themselves. For example, while older smartcards like MiFARE CLASSIC and HID iCLASS Classic offer better encryption than proxy cards and magstripe credentials, they have been compromised. Using these older technologies can make your organization vulnerable. As a result, when you deploy smartcard technology as part of your ACS, you should choose the latest generation, such as MiFARE DesFIRE EV1 or EV2 and HID iCLASS SEOS. In this way, you will be protecting your system as well as your buildings or facilities. Some traditional readers and controllers can also pose a serious risk to your organization if they use the Wiegand protocol, which offers no security. While you can upgrade to a more secure protocol like OSDP version 2, electronic locks are a very secure alternative worth considering. It is also important to understand that not all smartcard readers are compatible with all smartcard types. When they are not compatible, the built-in security designed to keep your system safe will not match up and you will essentially forego security as your smartcard-reader will not read the credentials at all. Instead, it will simply read the non-secure portion—the Card Serial Number (CSN) —of the smartcard that is accessible to everyone. While some manufacturers suggest that this is an advantage because their readers can work with any smartcard, the truth is that they are not reading from the secure part of the card, which can put your system and premises at risk. Using electronic locks can help protect facilities and networks through various security protocols, including encryption and authentication Myth #3: Electronic Locks Are More Vulnerable These days, there are still many who believe that electronic locks, especially wireless locks, are more vulnerable to cybercriminal activity as compared to traditional readers and controllers. The concern here is that electronic locks can allow cybercriminals to both access your network to get data and intercept commands from the gateway or nodes over the air that would allow them access to your buildings or facilities. The reality is that using electronic locks can help protect facilities and networks through various security protocols, including encryption and authentication. Additionally, because many of these locks remain operational regardless of network status, they provide real-time door monitoring. This means that many electronic locks not only prevent unauthorized access but also keep operators informed about their status at all times, even if a network goes down. Outdated technology and old analogue systems are more vulnerable to attacks When it comes to deploying electronic locks, it is important to remember that, like any device on your network, they must have built-in security features that will allow you to keep your information, people, and facilities safe. Be Prepared To Unlock Future Benefits Ultimately, the information in your IP-based ACS is at no greater risk than any other information being transmitted over the network. We just have to be smart about how we connect, transmit, and store our data. In the end, maintaining the status quo and refusing to move away from old technology is not a viable option. Outdated technology and old analogue systems are more vulnerable to attacks. The reason it is so important to debunk myths around ACS and, at the same time, get people thinking about network security in the right way is that network-based systems can offer an ever-increasing number of benefits. When we deploy new technology using industry best practices and purchase devices from trusted vendors, we put ourselves and our networks in the best possible position to take full advantage of all that our increasingly connected world has to offer.
With the coming of a New Year, we know these things to be certain: death, taxes, and… security breaches. No doubt, some of you are making personal resolutions to improve your physical and financial health. But what about your organization’s web and mobile application security? Any set of New Year’s resolutions is incomplete without plans for protecting some of the most important customer touch points you have — web and mobile apps. Every year, data breaches grow in scope and impact. Security professionals have largely accepted the inevitability of a breach and are shifting their defense-in-depth strategy by including a goal to reduce their time-to-detect and time-to-respond to an attack. Despite these efforts, we haven’t seen the end of headline-grabbing data breaches like recent ones affecting brands such as Marriott, Air Canada, British Airways and Ticketmaster. App-Level Threats The apps that control or drive these new innovations have become today’s endpoint The truth of the matter is that the complexity of an organization’s IT environment is dynamic and growing. As new technologies and products go from production into the real world, there will invariably be some areas that are less protected than others. The apps that control or drive these new innovations have become today’s endpoint — they are the first customer touch point for many organizations. Bad actors have realized that apps contain a treasure trove of information, and because they are often left unprotected, offer attackers easier access to data directly from the app or via attacks directed at back office systems. That’s why it’s imperative that security organizations protect their apps and ensure they are capable of detecting and responding to app-level threats as quickly as they arise. It’s imperative that security organizations protect their apps and ensure they are capable of detecting and responding to app-level threats as quickly as they arise In-Progress Attack Detection Unfortunately, the capability to detect in-progress attacks at the app level is an area that IT and security teams have yet to address. This became painfully obvious in light of the recent Magecart attacks leveraged against British Airways and Ticketmaster, among others. Thanks to research by RiskIQ and Volexity, we know that the Magecart attacks target the web app client-side. During a Magecart attack, the transaction processes are otherwise undisturbed Attackers gained write access to app code, either by compromising or using stolen credentials, and then inserted a digital card skimmer into the web app. When customers visited the infected web sites and completed a payment form, the digital card skimmer was activated where it intercepted payment card data and transmitted it to the attacker(s). Data Exfiltration Detection During a Magecart attack, the transaction processes are otherwise undisturbed. The target companies receive payment, and customers receive the services or goods they purchased. As a result, no one is wise to a breach — until some 380,000 customers are impacted, as in the case of the attack against British Airways. The target companies’ web application firewalls and data loss prevention systems didn’t detect the data exfiltration because those controls don’t monitor or protect front-end code. Instead, they watch traffic going to and from servers. In the case of the Magecart attacks, the organization was compromised and data was stolen before it even got to the network or servers. Today’s proven obfuscation techniques can help prevent application reverse engineering, deter tampering, and protect personal identifiable information and API communications Best Practice Resolutions The Magecart attacks highlight the need to apply the same vigilance and best practices to web and mobile application source code that organizations apply to their networks—which brings us to this year’s New Year’s resolutions for protecting your app source code in 2019: Alert The key to success is quickly understanding when and how an app is being attacked First, organizations must obtain real-time visibility into their application threat landscape given they are operating in a zero-trust environment. Similar to how your organization monitors the network and the systems connected to it, you must be able to monitor your apps. This will allow you to see what users are doing with your code so that you can customize protection to counter attacks your app faces. Throughout the app’s lifecycle, you can respond to malicious behavior early, quarantine suspicious accounts, and make continuous code modifications to stay a step ahead of new attacks. Protect Next, informed by threat analytics, adapt your application source code protection. Deter attackers from analyzing or reverse engineering application code through obfuscation. Today’s proven obfuscation techniques can help prevent application reverse engineering, deter tampering, and protect personal identifiable information and API communications. If an attacker tries to understand app operation though the use of a debugger or in the unlikely event an attacker manages to get past obfuscation, threat analytics will alert you to the malicious activity while your app begins to self-repair attacked source code or disable portions of the affected web app. The key to success is quickly understanding when and how an app is being attacked and taking rapid action to limit the risk of data theft and exfiltration. Protecting encryption keys is often overlooked but should be considered a best practice as you forge into the new year with a renewed commitment to app security to ensure your organization’s health and well-being in 2019 Encrypt Finally, access to local digital content and data, as well as communications with back office systems, should be protected by encryption as a second line of defense, after implementing app protection to guard against piracy and theft. However, the single point of failure remains the instance at which the decryption key is used. Effective encryption requires a sophisticated implementation of White-Box Cryptography This point is easily identifiable through signature patterns and cryptographic routines. Once found, an attacker can easily navigate to where the keys are constructed in memory and exploit them. Effective encryption requires a sophisticated implementation of White-Box Cryptography. One that combines a mathematical algorithm with data and code obfuscation techniques transforming cryptographic keys and related operations into indecipherable text strings. Protecting encryption keys is often overlooked but should be considered a best practice as you forge into the new year with a renewed commitment to app security to ensure your organization’s health and well-being in 2019. Protecting Applications Against Data Breach According to the most recent Cost of a Data Breach Study by the Ponemon Institute, a single breach costs an average of $3.86 million, not to mention the disruption to productivity across the organization. In 2019, we can count on seeing more breaches and ever-escalating costs. It seems that setting—and fulfilling—New Year’s resolutions to protect your applications has the potential to impact more than just your risk of a data breach. It can protect your company’s financial and corporate health as well. So, what are you waiting for?
Nexkey says its mission is to disrupt the access control market and ‘change the way people experience access to physical places’. The startup is embracing the latest buzzword for access control – frictionless – while also enabling electronic access control for doors currently protected by mechanical locks. The system is simple with only three components – a controller, an electronic replacement lock core, and a smart phone app. The ‘controller’, a combined reader and access control panel, is used to connect to existing electric strikes, mag locks, electronic push bars and other hardware components at the door. It also communicates via Bluetooth with a smart phone credential. Users approach a door, choose the door they want to open in the app, and wait for the app to say ‘unlocked’. Replacing Key Cards And Fobs With App Access rights are customized for each user, and doors can be unlocked remotely to allow a delivery guy or guest to enterThe electronic ‘core’ device can be switched out with existing mechanical lock cores to provide electronic access control in locks such as deadbolts, mortise locks, Euro-cylinders, levers and camlocks. It is compatible with 95 percent of mechanical locks, using a changeable tail piece to adapt to various configurations. The core communicates via Bluetooth with a smart phone credential that links to a cloud system. Users approaching a door open the app, tap the core, and wait for the app to say ‘unlocked’. A Nexkey goal is to ‘replace all keys, key cards and fobs with one app’. The Nexkey app recognizes which ‘key’ goes to which door and reveals the right key as you approach. ‘Keys’ are created and access rights are assigned from a smart phone, using email addresses and phone numbers to verify identity. Temporary codes can be texted for one-time entrance for cleaning crews or contractors. Access rights are customized for each user, and doors can be unlocked remotely to allow a delivery guy or guest to enter the building. The Nexkey Portal provides a snapshot of system operation, who enters which door at what time, and logs that can be reviewed and downloaded for audit reports. Affordable Access Control Systems For SMBs Nexkey is targeting the small- and medium-sized business (SMB) market, basically companies with 20 to 500 employees, which are looking for access control systems that are affordable and easier to manage. The Nexkey controller costs $999, and the core is $499. Monthly fees start at $15 to $29 per month per door, but the prices go down as additional doors are added. Nexkey is targeting the SMB market, which are looking for access control systems that are affordable and easier to manage Larger enterprises tend to want out-of-the-box integration with alarm systems and video, which Nexkey does not offer, so SMB is their “sweet spot,” says Eric Trabold, CEO. There is an API (application programming interface) that integrates with third-party applications. According to Nexkey’s customer surveys, 30 percent of customers say they bought Nexkey to have a simpler access control credential (a smart phone instead of a key, card or fob). Another 30 percent favor simplified management and quick access through the app. Some 17 percent like the ‘unified’ experience to manage shared, single and multiple workspaces using smartphone credentialing and a cloud-based system. Involving Security Dealers And Integrators Nexkey announced a ‘dealer program’ at the recent ISC West trade show in Las Vegas, and interest was highIn the early days, Nexkey looked to work directly with businesses to foster communication and to gain understanding of how the product can best be deployed. Having gained that insight, the ‘next level’ is to engage security dealers and systems integrators to install the system, says Trabold. Nexkey announced a ‘dealer program’ at the recent ISC West trade show in Las Vegas, and interest was high. Trabold says 134 integrators/dealers sought to engage. In coming weeks, the company will be finalizing that program, enhancing the dashboard to enable dealers to manage the system on behalf of their customers, for example. “We will be looking at how we can go from that amazing level of interest to being actively engaged with partners in the channel,” says Trabold. Using NPS To Measure Product Quality Nexkey uses the Net Promoter Score (NPS) as a benchmark for how well the product is accepted in the marketplace. NPS measures the quality of a product by analyzing how likely customers are to recommend it to a friend or colleague. As an example, Apple currently has an NPS of 65%. In comparison, Nexkey has achieved a score of 60 percent, and is looking to improve it even more. “A year from now, we want to get the same positive feedback from our dealer/integrator community,” says Trabold. “That’s the challenge, engaging with partners and scaling the business forward. We still have work to do.”
There are many new technologies at ISC West this year. There are also some tried-and-true solutions on display. More mature products have the benefit of being fully vetted and battle-tested, which may make them a more comfortable choice for security customers. I had a couple of discussions on Day 2 of the show about the advantages, and possible drawbacks, of new products. “To a security director, when you say ‘new,’ he translates that into ‘risk,’” says Bill Spence, VP of Sales, U.S., Canada and Western Europe for HID Global’s Lumidigm biometrics brand. “Anytime you say new, there is a probability of risk. The key is to educate. Education quantifies risk, and an educated customer can make an intelligent decision about risk versus reward.” “We have to take customers from where they are to help them understand new technologies,” says Spence. “We must give them a bridge to that understanding, and education is the bridge.” Lumidigm Biometrics Integrations An app provides graphics that take installers step-by-step through the installation process HID Global is incorporating Lumidigm biometrics into the new iClass SE RB25F fingerprint reader being highlighted at the show. Two-factor authentication can use either a card or mobile credential along with biometrics; there is no latency; and templates can be stored on a card. Another new offering at the HID Global booth is an augmented reality tool to simplify installation of newer systems that incorporate the more secure OSDP protocol. An app provides graphics that take installers step-by-step through the installation process. Also highlighted at the HID Global booth — and at the booths of turnstile manufacturers throughout the show — are embedded readers that provide tested and certified mobile access control for turnstiles. IClass SE technology is embedded in the iRox-T Turnstile Reader from Essex Electronics. Innovative Security Technologies There’s a delicate balance at any trade show between creating excitement about new products and educating customers to be comfortable with new technologies. There is some of both at ISC West 2019. In the future, hardware will be a delivery device, not the core of systems “We are on the cusp of change in the industry, and it’s closer than ever,” says Jennifer Doctor, Johnson Controls’ Senior Director, Project Management - Intrusion. “We will see the impact of promised technologies that will come from other industries, such as artificial intelligence. The very definition of security is changing. We are an industry that needs to be risk-averse, and we need to prove out the technology. There is innovation, but we just need to make sure technologies are what the market wants and expects.” “In the future, hardware will be a delivery device, not the core of systems, which will come from intelligence in the software and from services,” she adds. “The products we deliver will enable that.” Have 30 percent of service companies in the U.S. security market jumped into the cloud? PowerSeries Pro Intrusion Portfolio Johnson Controls is highlighting the commercial PowerSeries Pro intrusion portfolio, which features PowerG encrypted technology that enables wireless systems that are cyber-secure. The cloud is coming on strong, and one company finding success in cloud systems is Eagle Eye Networks, which has seen 93% compounded annual growth over the past three years. Economies of scale have enabled them to lower subscription prices by 35%, with an extra 10% decrease for customers that pay annually. Ken Francis, President of Eagle Eye Networks, says they are signing up 50 new dealers a month for the cloud video offering. Francis estimates that 30 percent of service companies in the U.S. security market have jumped into the cloud “It’s really heating up,” says Francis. “The general cloud is driving increases in the surveillance cloud.” Jumping To Cloud Embracing the cloud and recurring monthly revenue (RMR) requires that dealers transform their businesses to ensure success. Francis says dealers should dedicate sales resources to cloud offerings rather than expect everyone to sell the cloud, and there should be a base commission plan on RMR services in lieu of upfront project fees. March Networks is also showing integration of video with the Shopify cloud-based point-of-sale (POS) system “Talk to professionals about your cash flow and understand how to capitalize on financing partners to ensure cash flow while investing in the RMR stream,” he adds. “And look for ways to reduce your costs to serve the customer base as your RMR increases.” For example, use of remote site diagnostics, configuration and support can avoid the need for expensive “truck rolls” that can undermine profitability. Francis estimates that 30 percent of service companies in the U.S. security market have jumped into the cloud. Alarm companies, which are accustomed to the RMR model, are generally ahead of the curve, while traditional security integrators are lagging. “It’s a requirement to change or die,” he notes. Insight Hosted Managed Service Also, in the area of managed services, March Networks is highlighting its Insight hosted managed service that can provide instant information on video systems located at remote sites, including visibility into firmware versions, camera warranty information, and cybersecurity status of systems. The ability to dive deeply into system status empowers a new recurring revenue stream for integrators. Color-coded icons summarize system status and show pending issues and clicking on the icons provides detailed workflow information. The system can also be offered for smaller systems such as those at convenience stores and quick-serve restaurants. March Networks is also showing integration of video with the Shopify cloud-based point-of-sale (POS) system. The integration enables managers to evaluate POS information, especially anomalies, to determine possible employee theft and other shrinkage issues.
Recent technology advances – from the cloud to artificial intelligence, from mobile credentials to robotics – will have a high profile at the upcoming ISC West exhibition hall. Several of these technologies were recently designated by the Security Industry Association as the Top 8 Security Technologies for Security and Public Safety. Some of them will also be a focus at the ISC West conference program, SIA Education@ISC, April 9-11 at the Sands Expo Center. This article will highlight some of those conference sessions. Topic: Cloud Systems And Video Surveillance As A Service (VSaaS) Managed Video Services are saving TD Bank $500K annually, April 9, 2:45 to 3:45 p.m. Why TD Bank decided to roll out a managed services solution, what it took to deploy and how the bank is saving an astounding $500,000 annually. IT 4.0 and Video Surveillance: A Guide to the New Terminology and What It Means to You and Your Customers, April 11, 1:15 to 2:15 p.m. How IT 4.0 can enhance or change video surveillance, and consequently deliver additional value to customers, including explanations of terms such as cloud data centers, personal clouds, the edge, IoT sensors and data analytics. One of the sessions to cover how IT 4.0 can enhance or change video surveillance, and consequently deliver additional value to customers Topic: Artificial Intelligence (AI) In Video And Other Systems The Challenges and Opportunities of AI in Physical Security, April 10, 3:45 to 4:45 p.m. Looking toward what the future may hold for AI in physical security; the challenges and opportunities the technology has created; and how participants can leverage AI and machine learning with existing customers to grow their business. Deep Learning Demystified: Next-Generation AI Applied to Video, April 11, 9:45 to 10:45 a.m. Dispelling the myths of the terms “deep learning” and “artificial intelligence,” and what the technologies can do in practical terms. Modern cameras find and identify faces and vehicles, analyse behavior and organize and control assets Neural Processing and Smart Cameras, April 9, 8:30 to 10 a.m. Deep learning-capable hardware is evolving at a frantic pace, and GPU and NPU (neural processing unit) co-processors are commonly embedded in cameras and video management systems. Modern cameras find and identify faces and vehicles, analyse behavior and organize and control assets. Analytics in the Video Central Station: Proper Deployment, Programming and Configuration to optimize operational and cost efficiencies, April 11, 3:45 to 4:45 p.m. How analytics plays a critical role in reducing alarm traffic in a central station environment, allowing them to save money and realize other operational and performance efficiencies. Topic: Robotics And Autonomous Devices Robotic Aerial Security – Growth Trends and Best Practices, April 10, 11 a.m. to noon The lion’s share of growth in the robotic aerial security sector will come from autonomous systems and changing FAA regulations will soon allow companies to monitor and secure remote facilities with no human guards present. Racing drones are difficult to detect as they do not use GPS or radio frequency signals to identify the location of other devices How to Adapt to Address Drone Security, April 11, 1:15 to 2:15 p.m. Drone industry professionals and a physical security design engineer will cover the realistic applications of drone systems and counter-drone solutions that can protect organizations and facilities. Next Generation Threat: Racing Drones, April 11, 2:30 to 3:30 p.m. Racing drones are difficult to detect as they do not use GPS or radio frequency signals to identify the location of other devices. This session will identify the potential risks these drones can pose to facilities, special events, and critical infrastructure. Establishing a Corporate Drone Program, April 10, 9:45 to 10:45 p.m. Is a corporate drone program an appropriate addition to an existing security program? How to understand and navigate the regulatory challenges and processes associated with starting up a commercial-use drone program. The Rise of Intelligence in Physical Security, April 11, 9:45 to 10:45 a.m. “Intelligence” incorporates a variety of subdomains from artificial intelligence to machine learning and contextual analysis. It is rapidly becoming a focus in the realm of IT security – and increasingly in the realm of physical security, too. Changing FAA regulations will soon allow companies to monitor and secure remote facilities with no human guards present Topic: Mobile Credentials Finding Their Place In Access Control How Biometrics Are Enabling the Convergence of Physical and Information Security, April 10, 1:45 to 2:45 p.m. At the center of convergence is one crucial building block: strong irrefutable identity powered by biometrics. Driving the Future: How Interoperability Standards in Access Control Can Enable Smart Building Success, April 9, 1:30 to 2:30 p.m. Growing user demand is driving new open platform approaches and the adoption of interoperability standards Growing user demand for unfettered and unlimited third-party integrations is now driving new open platform approaches and the adoption of interoperability standards. They are changing the dynamic of access control and its role within the smart building environment. Topic: Facial Biometrics In Professional Solutions How Biometrics Are Enabling the Convergence of Physical and Information Security, April 10, 1:45 to 2:45 p.m. Securing workstations, virtual desktops, turnstiles, front doors, mobile devices and more, biometric authentication is helping enterprises and governments worldwide to realize a more secure future. Topic: Voice Control In The Smart Home Environment Delivering the Smart Home of the Future, April 11, 3:45 to 4:45 p.m. With the proliferation of connected smart devices, including voice control devices, consumers have a growing array of options for defining what their Smart Home experience could be.
Siemens Mobility and globally renowned mission critical communications (MCX or MCC) enabler, Softil have jointly announced an agreement that will see a range of next generation communications solutions come to market for use in Long Term Evolution-Railway (LTE-R) railways as well as Mission-Critical Push-To-Talk (MCPTT) metro applications like underground/tram buses, etc. Siemens Mobility adopts Softil's BEEHD client framework to bring best-of-breed mission critical communications solutions to LTE-R rail networks; solutions will also support the UIC's FRMCS strategy to build a Global Rail Traffic Management System for the entire rail industry MCX solutions The MCX solutions will support the Future Railway Mobile Communications Systems of the UIC The MCX solutions will support the Future Railway Mobile Communications Systems (FRMCS) of the International Union of Railways (UIC) to build a Global Rail Traffic Management System (GRTMS) for the entire rail industry, bringing significant economic and operational benefits and efficiencies to operators in the process. "The rail industry is at the forefront of the mission-critical communication revolution and GSM-R based systems have already been replaced by LTE-R solutions in Asia Pacific (APAC) and the trend is expected to widen across other markets in 2019/20," says Pierre Hagendorf, Softil's CEO. "With Softil's BEEHD client framework at the heart of Siemens Mobility's next generation LTE-R offerings, the rail industry will have a range of supremely reliable solutions packed with rich communication features." The new radio system for the Railway industry has to guarantee the interoperability with GSM-R while delivering on these three main areas: Critical communications - Secure voice communication between driver and signaller, provision for emergency and group calls, real-time video imagery for any occurring incidents and the intelligent bearer for European Train Control System (ETCS) and Automatic Train Operation (ATO) operation; Performance communications - Track condition monitoring, Connected Driver Advisory System (C-DAS), on-train telemetry, maintenance of non-critical infrastructure, non-critical real-time video, wireless communication for on-train-staff; Business communications - passenger information system, passenger entertainment and passenger communication connections. Siemens Mobility will enable existing GSM-R users to develop a migration plan that will enable all of the above. BEEHD client technology LTE-R is the foundation for the railway variant of the 3GPP MCC over LTE/5G (MCPTT) standard "The rail industry is facing unprecedented challenges in handling increasing numbers of passengers and freight traffic loads," says Russell Clarke, General Manager, Mobile Communications at Siemens Mobility. "After careful analysis of market options, Siemens Mobility chose Softil's BEEHD client technology as the outstanding Software Development Kit (SDK) for our developers to build best-of-breed LTE-R communications solutions for the rail industry in the shortest timeframe." LTE-R is the foundation for the railway variant of the 3GPP MCC over LTE/5G (MCPTT) standard. What sets the LTE-R technology apart from the currently used GSM-R is that it brings the full power of broadband networks including voice, video, text, images, location and more and not just simple voice. LTE-R technology The Softil BEEHD framework is LTE-R compatible and will enable Siemens Mobility's solutions to deliver stable voice as well as data communications on trains running at speeds in excess of 400km/h. LTE-R technology makes possible live tracking of a train and transmitting railroad information to engine drivers, and also enables multimedia-based group calling and SMS services on top of voice call services. Additionally, real-time group/individual communication is made possible between train engineers and control centers. BEEHD IP communications solution is a cross-platform framework designed for system integrators BEEHD IP communications Softil's BEEHD IP communications solution is a cross-platform framework (SDK) designed for chipset vendors, device manufacturers, system integrators, application developers and service providers looking to accelerate the development of IP-based voice and video over LTE (VoLTE, ViLTE and MCPTT/MCX) solutions. The quality of the award-winning SDK is unmatched within the communications industry and BEEHD was proven to satisfy all required key performance indicators (KPIs) set by the 3GPP MCX standard, as well as often even stricter KPIs required by global carriers and service providers.
Frequentis was selected for phase two of the modernization and standardization of control center technology (Program MVL) for the police in the German state of North Rhine-Westphalia (NRW). NRW police selected the Frequentis multimedia communication platform, 3020 LifeX, to meet the requirements for future emergency call and broadband radio communications. Phase one of the modernization project was carried out by Thales Deutschland GmbH. To prepare for future multimedia emergency call and broadband radio communications, the NRW police selected Frequentis AG for the continuation of the modernization. Reliable technology partner The intensive and successful cooperation between Frequentis and Thales over the last two years – as well Frequentis’ previous success completing the project ‘digital radio concentrator’ – convinced the NRW police that Frequentis was a reliable technology partner. NRW is the largest police organization in Germany, covering 50 police authorities NRW is the largest police organization in Germany, covering 50 police authorities which ensure the protection and security of a population of approximately 18 million. To cope with this challenging task, and to live up to its self-acclaimed title as the most innovative police force in Germany, the NRW police relies on forward-thinking technologies for state-of-the-art control center solutions that will meet future demands of the service. Multimedia communication platform Phase two of the program MVL includes 50 police control centers with approximately 400 operator working positions. In the future, these will be hosted in a virtual cloud-based solution available in five networked technical centers across the region. The Frequentis multimedia communication platform, 3020 LifeX, will ensure efficient emergency call handling and operation on the public safety digital radio network as well as the interconnection of both channels. “We are very proud to be able to continue to work with, and deepen, our long-term cooperation with the North Rhine-Westphalia Police Department, helping them to achieve their goals for innovation. We see this customer as a very important strategic partner.” Norbert Haslacher, CEO Frequentis AG.
At the University of Tennessee, Knoxville, the Technology Integration Services department provides infrastructure, customer service and web application support to the faculty, staff, students, and units of the College of Business. Its focus is to facilitate the use of the campus infrastructure and support while adding complementary infrastructure and services to meet the unique needs of the college. The college took a very innovative approach to operating and securing its 174,000sq ft state of the art Haslam Business Building. The technologically advanced facility incorporates over 40 meeting rooms and needed a way to efficiently schedule and fill classrooms and conference space, yet maintain security and control. Physical access control CSC identified the Gallagher security management platform as the best fit for the foundation of the system The university had previously used an antiquated access control and security system across the campus, and realized it did not meet the demands of this new high-tech facility. Ramsey Valentine, Director of Technology for the College of Business, turned to WWR Engineering of Knoxville, and Coactive Systems (CSC) of Canton, Ohio to design and deploy a state-of-the-art integrated security business solution. The difficulty involved in deploying this solution was that certain components, like physical access control, were readily available, but other components such as digital signage information kiosks and the integration of all components of the system, were not off-the-shelf. CSC’s Brad Green and John Kortis worked with Director Valentine to understand the college’s specific needs and develop a solution that exceeded their expectations. CSC identified the Gallagher security management platform as the best fit for the foundation of the system. Application programming interface Gallagher systems are installed in approximately 90 percent of Australia’s and New Zealand’s universities. With proven strength in the tertiary market internationally, the Gallagher system was selected because of its open architecture, application programming interface, and published software developer’s kit. CSC also teamed with the local office of Simplex Grinnell. Led by Mitch Hall, Simplex was the contractor responsible for the assembly and installation of the Gallagher security system and the kiosks provided by CSC. WWR was responsible for the engineering drawings and interface to the existing security systems. The College utilizes Meeting Room Manager from NetSimplicity for room scheduling; CSC created an integration from Meeting Room Manager with Gallagher Command Centre software. CSC also designed and custom manufactured the 42 kiosks that the college uses at each classroom and in meeting room areas. Door position switches Use of the kiosk requires a valid access card carried by all students and faculty The kiosks are the user-interface to the ‘system’ for room access and scheduling. Use of the kiosk requires a valid access card carried by all students and faculty. Each touch-screen kiosk contains digital signage showing the classroom name and detailed information about the room schedule and its status. Users can also access current weather, news, and stock information via the touch screen. The kiosk may be programmed to display emergency messages and egress data if needed. The kiosks are connected to the college’s network on which Gallagher Command Centre resides. The Gallagher system controls and monitors the door functionality including electric lockset and door position switches. Meeting Room Manager is utilized by staff to schedule rooms for classes and assign students via the campus intranet. Gallagher server and controller application programming interfaces extend the functionality and flexibility of the Gallagher system as the platform for integration. Providing technology solutions Utilization of the integrated system provides continuous communications security and access control for the college, while allowing students unencumbered access to the meeting rooms and classrooms. Gallagher would like to acknowledge the support of the University of Tennessee and their security partners Coactive Systems of Canton and Simplex Grinnell, Knoxville in the development of this in-site study. CSC is a full service IT integration company providing technology solutions for audio, video, data, voice, dispatch, asset management, inventory, kiosks, security, communication, insurance, retail and medical systems. CSC’s services include custom software development, system installation, maintenance and cabling. Photos reproduced with permission from University of Tennessee.
Everbridge, Inc., the global pioneer in critical event management, announced that it has been awarded a multi-year contract to support the deployment of Australia’s next-generation national early warning system. In combination with Australia’s major telecommunications companies, the Everbridge Public Warning solution will be used to power Emergency Alert in Australia, providing population-wide alerting to help reach the country’s over 25 million residents and approximately 9 million annual visitors. If residing within an area where a sudden, critical event occurs such as fire, extreme weather or a terror attack, residents and visitors to Australia will receive location-based SMS notifications on their mobile phones, in addition to smart phone mobile app notifications and fixed line voice alerts, among other modalities. Supports first responder communications Everbridge Public Warning leverages telecom infrastructure to reach everyone within a geographic areaEverbridge Public Warning leverages existing telecom infrastructure, with no opt-in required, to reach everyone within a geographic area to reduce disaster risk, support first responder communications, and analyze disaster communication effectiveness for subsequent mitigation activities. “Our Public Warning solution enables government organizations and public safety agencies to immediately connect with every person in an affected area during a critical event regardless of nationality, residency or mobile telephone handset type,” said Jaime Ellertson, Chief Executive Officer and Chairman of Everbridge. “Australia has served as a model example for population-wide alerting and emergency preparedness over the past decade, and we are honored to support them on the evolution of their national system.” The next-generation system is scheduled to become operational in 2020.
Everbridge, Inc., the global pioneer in critical event management software that helps keep people safe and businesses running, announced that its mass notification solution will be used to power alerts for Nashville and Davidson County, Tennessee in times of emergency. The Metro Emergency Alert & Notification System (MEANS) will deliver safety instructions via cell phone, landline, and SMS for localized emergencies such as flooding, public health emergencies or active shooter situations. “This is an important way for us to keep the community updated on incidents happening in Nashville and Davidson County,” said Chief William Swann, Director, Nashville Fire Department. “The Everbridge system will be leveraged by Metro Government to communicate directly to the public. Residents and visitors can feel confident that when they receive alerts, they are getting accurate information straight from a Metro public safety agency.” Everbridge Mobile App delivers alerts to cell phones based on a user’s physical location during emergency Receiving alerts on cell phones Metro officials also urge residents to download the Everbridge Mobile App, which brings the added security of delivering alerts to cell phones based on a user’s physical location at the time of an emergency. “The Everbridge app provides Metro with a key alerting capability because it enables us to send safety instructions to residents who happen to be in the vicinity of an emergency in real time,” said Department of Emergency Communication’s Director Michele Donegan. Nashville joins a growing list of America’s largest cities, counties, and entire states that have rolled out the Everbridge platform including the cities of New York, Philadelphia, New Orleans, Atlanta, Houston, Phoenix, San Francisco, Tampa, and Washington, DC; hundreds of counties including Napa, Sonoma, Ventura, Miami-Dade, Palm Beach, Cook, Harris, and Maricopa; and the states of Florida, Connecticut, Vermont, and New York.
As increasing digital engagement powers forward in the hospitality industry, SALTO Systems has joined forces with the KeezApp technology platform to offer hotels an unrivalled guest experience. Property Management Systems The KeezApp platform provides a range of solutions for any property that hosts guests and is able to integrate with most PMS (Property Management Systems) on the market. Guests can check in from anywhere, receiving a virtual key straight to their smart phone and getting an alert when their room is ready for occupation. The front desk is then alerted when the guest has used the mobile key to enter their room even for doors equipped with offline electronic locks. The virtual app provides for access to all permitted areas of the hotel during their stay and when the time comes to check out, guests can again use KeezApp removing the need to queue at reception. KeezApp – SALTO Software Integration KeezApp has implemented JustIN Mobile key access technology and interfaced it with SALTO front desk management software ProAccess SPACE Additional tools include live chat with the front desk. This provides a better, more efficient way for guests to talk and interact with the front desk whether they are in the hotel or out and about. Guests can also choose different departments to contact such as reception, concierge, housekeeping or room service depending on their needs. KeezApp has implemented JustIN Mobile key access technology and interfaced it with SALTO front desk management software ProAccess SPACE. SALTO Hospitality add-ons include functionalities such as mobile keys (BLE), group check-in; real-time re-rooming and real-time extended stay. These plus other key hotel features make it easy to control all the offline and online rooms and back-of-house doors from different front desk guest workstations. SALTO Electronic Locks Both companies are driven by the opportunity for hotels to provide a superior guest experience to their clients, whether by offering mobile functionalities or superior management standards like quick check-in and check-out, online billing, live chat with reception, housekeeping and concierge or auto Wi-Fi connection for guests. SALTO welcomes new partnerships with industry leaders like KeezApp that will result in improved hospitality management and the guest experience. SALTO also continuously adds integrations with other technology providers so that those in the hospitality industry have a choice when it comes to which platform, they use to control SALTO’s robust line of electronic locks and supporting products.
Round table discussion
What is a business, or an industry, but a collection of people and the results of their work? People make all the difference in the destiny of a business or industry. And the people involved in a business reflect the impact of demographic changes – and the passage of time. The security industry has been largely built by Baby Boomers, who are getting older and increasingly stepping aside to make way for younger folks. We asked this week’s Expert Panel Roundtable: Is there a “new generation” of employees and managers entering the physical security marketplace, and what will be the impact?
The year ahead holds endless promise for the physical security industry, and much of that future will be determined by which technologies the industry embraces. The menu of possibilities is long – from artificial intelligence to the Internet of Things to the cloud and much more – and each technology trend has the potential to transform the market in its own way. We tapped into the collective expertise of our Expert Panel Roundtable to answer this question: What technology trend will have the biggest impact on the security market in 2019?
The new year 2019 is brimming with possibilities for the physical security industry, but will those possibilities prove to be good news or bad news for our market? Inevitably, it will be a combination of good and bad, but how much good and how bad? We wanted to check the temperature of the industry as it relates to expectations for the new year, so we asked this week’s Expert Panel Roundtable: How optimistic is your outlook for the physical security industry in 2019? Why?