Network / IP security
Ping Identity, the pioneer in Identity Defined Security, announced a significant update to PingOne for Customers, the cloud-delivered Identity-as-a-Service (IDaaS) offering built for developers. The API-first solution can now deliver seamless and secure push notifications from custom mobile applications that can be used for passwordless and advanced multi-factor authentication. The cloud identity solution helps development teams speed time to launch their applications, while also taking securit...
ExtraHop announces ExtraHop® Reveal(x) Cloud™, a Software-as-a-Service (SaaS)-based network detection and response (NDR) solution for the cloud-first hybrid enterprise. Reveal(x) Cloud provides deep and continuous visibility, enabling Security Operations (SecOps) teams to analyze every transaction, detect threats, and respond to attacks to gain control over their hybrid attack surface and protect their investment in the cloud. While the cloud has proven to be a force multiplier for De...
From small-town dental offices to major hospitals, healthcare facilities of all kinds need to be safe, secure, and protected. Security guards are often needed in emergency departments, quality doors and windows need to be installed to prevent unwanted entry or escape, and employees need to handle every situation with care to avoid malpractice claims. These aspects are crucial for a medical facility's success, however, there is another major factor that needs to remain top of mind: cybersecurity....
The ability to treat patients in a secure environment is a base requirement of hospitals and other healthcare facilities. Whether facilities are large or small, security challenges abound, including perimeter security, access control of sensitive areas, video surveillance, and even a long list of cyber-risks. We asked this week’s Expert Panel Roundtable: What are the security challenges of hospitals and the healthcare industry?
Johnson Controls introduces exacqVision VMS v19.06, with updates that include automatic transfer of video after a server failover, a new access control integration, support for ONVIF network loss recording, improved motion zone configuration and enhanced network security for mobile app users. exacqVision VMS v19.06 The latest version of exacqVision offers Enterprise Manager customers a more robust failover solution. In a failover scenario, transferring recordings from a spare NVR to the primar...
Allied Universal, renowned security and facility services company in North America, has announced the acquisition of Cypress Private Security, LP - a San Francisco-based company offering comprehensive security services. Terms of the deal were not disclosed. Manned guarding and security personnel “Cypress Private Security is a company that we have long admired and always wanted to partner with,” said Steve Jones, CEO of Allied Universal. “This security company has built...
Arecont Vision Costar, the pioneer in network-based video surveillance solutions, announces the addition of GT Reps, LLC to its Authorized Manufacturer’s Representative Program. GT Reps will deliver pre-sales support across the US Great Lakes Region, which includes the states of Ohio, Michigan, Kentucky, and Indiana. “We’re excited to add GT Reps to our sales organization to broaden our coverage with skilled professionals,” said Kyle Parker, Vice President, Americas, Arecont Vision Costar. “We have a well-established and growing customer base throughout the territory that will benefit from the quality pre-sales support that GT Reps will bring to the territory.” Cost-Effective infrastructure solutions Our customers will benefit from the company’s award-winning single-, dual-, and multi-sensor megapixel cameras"GT Reps is a manufacturer’s representative agency based in Avon Lake, Ohio. The company brings strong knowledge of emerging standards and technology improvements to assist and guide customers in choosing cost-effective infrastructure solutions for datacom and security that will perform to the highest standards. “GT Reps is pleased to add Arecont Vision Costar and their Total Video Solution to our product portfolio,” stated Leigh Taylor, Principal, GT Reps. “Our customers will benefit from the company’s award-winning single-, dual-, and multi-sensor megapixel cameras, cloud-enabled video management system and web services, and cloud-managed video recorders for even the most demanding surveillance needs.” Cyber-Secure video surveillance offerings John Bujarski, Arecont Vision Costar’s Senior Sales Director, Eastern USA & Canada, agreed, “Leigh Taylor and the GT Reps team are already assisting customers and sales partners across the territory. We expect that they will be important members of the Arecont Vision Costar regional sales organization by increasing our pre-sales coverage throughout the region for years to come.” Members of Arecont Vision Costar’s Manufacturer’s Representative Partner Program like GT Reps are focused on bringing the industry’s best, cyber-secure video surveillance offerings to their assigned regions. Participants in the program extend the reach of Arecont Vision Costar by providing expert pre-sales assistance while interfacing with and educating customers, system integrators, and distributors on available solutions for even the most challenging video surveillance requirements.
DW (Digital Watchdog) Complete Surveillance Solutions, globally renowned manufacturer of digital video recorders, surveillance cameras and management software solutions, has announced the release of our new 5MP complete Universal HD over Coax (UHDoC) surveillance solution. The new products include 5MP Star-Light Plus color in ultra-low-light UHDoC cameras, VMAX A1 Plus UHDoC digital video recorders (DVR) and C3 CMS, a brand new remote management software for DW’s VMAX A1 Plus DVRs and VMAX IP Plus NVRs. The complete solution and individual products are ideal for users looking to discover new ROI by utilizing their existing coaxial infrastructure and upgrade to HD multi-megapixel resolution image quality. Star-Light Plus Universal HD over Coax cameras 5MP Star-Light Plus Universal HD over Coax cameras offer image enhancement features such as Star-Light Plus ultra-low-light technology for clear color or monochromatic images in almost zero light, true WDR and Smart DNR 3D digital noise reduction. The new cameras come in a variety of housing options, including new vandal ball cameras with true 90° field-of-view angles and zero IR distortion. All DW Universal HD over Coax cameras are engineered to work with our new VMAX A1 Plus Universal HD over Coax DVRs to easily get new ROI from existing coaxial infrastructure. The DVR’s powerful capabilities are easily managed with an intuitive and simple-to-operate User Interface A VMAX A1 Plus DVR can record cameras with up to 5MP resolution, including 1080p video at real-time 30fps. The DVRs simplify camera installation and adjustment through Up the Coax (UTC) remote configuration, available with all compatible cameras. The DVR’s powerful capabilities are easily managed with an intuitive and simple-to-operate User Interface. Unique and dynamic features include P2P Pathfinder remote connection, camera event group recording, auto channel signal swap and live system monitoring. VMAX A1 Plus DVRs The VMAX A1 Plus DVRs can be controlled remotely via a built-in web server, our new powerful and easy-to-use C3 CMS software, DW mobile apps including the new state-of-the-art DW Mobile Plus app for iOS and Android smartphones or tablets, as well as on Apple TV with the DW Site Viewer app. The VMAX A1 Plus models are available with up to 20TB of storage. The C3 client and event server make up a remote management software suite for DW VMAX A1 Plus and VMAX IP Plus embedded recording solutions. It provides users a powerful and easy-to-use new way to monitor a system from anywhere. Full-featured yet lightweight, the software delivers simultaneous live views and playback of recorded video. The C3 client and versatile event management software support hundreds of devices simultaneously. C3 CMS provides actionable information in real-time, helping users to make more informative decisions as events happen. HD video over coaxial infrastructure “HD video over coaxial infrastructure is one of the fastest growing segments in the video surveillance industry,” said Mark Espenschied, Director of Marketing, DW. “DW makes it easy to breathe new life into that investment in cabling by swapping recorders and cameras for an instant HD upgrade. Our development of the C3 software has made it possible for us to offer powerful remote management features at no charge for which users would expect to pay a premium.”
The Security Industry Association (SIA) has named Sen. Amy Klobuchar (D-Minn.), Sen. Deb Fischer (R-Neb.) and Rep. Donald Payne, Jr. (D-N.J.) as the 2019 recipients of the SIA Legislator of the Year Award. The awardees will be honored at the upcoming SIA GovSummit, taking place June 26-27 in Washington, D.C. The SIA Legislator of the Year Award is presented annually to members of Congress and other elected officials who have demonstrated extraordinary leadership in advancing legislation and policies that encourage the effective use of technology solutions to enhance public safety and security and protect critical infrastructure. Recognition for promoting workforce development Sen. Fischer recently recognized SIA, along with SIA member companies Intel and VMware, as supporters of the DIGIT ActWith this award, Sen. Klobuchar will be recognized for her leadership on workforce development and life safety issues important to the security industry and its mission. In 2019, Klobuchar authored S.379, a bill that would allow workers to use “529” education savings accounts for training and credentialing programs, and S. 481 – the Nicholas and Zachary Burt Memorial Carbon Monoxide Poisoning Prevention Act – which would provide grant assistance for the purchase and installation of carbon monoxide detectors in dwelling units of low-income families and elderly persons, child care facilities, public schools and student housing owned by public universities. Sen. Fischer authored bipartisan legislation that would convene a working group of federal entities and private-sector stakeholders tasked with providing recommendations to Congress on how to facilitate the growth of connected Internet of Things (IoT) technologies. S. 1611, also known as the Developing and Growing the Internet of Things (DIGIT) Act, calls for the United States to craft a national strategy to position the United States as the global leader in IoT technologies. Sen. Fischer recently recognized SIA, along with SIA member companies Intel and VMware, as supporters of the DIGIT Act. Installing vehicular barriers to mitigate attacks Rep. Payne, who serves as chairman of the House Homeland Security Subcommittee on Emergency Preparedness, Response and Recovery, recently introduced H.R. 2160 – the Shielding Public Spaces From Vehicular Terrorism Act – which would help communities leverage homeland security grants to install vehicular barriers and implement other protective measures and direct research and development efforts on the emerging threats from vehicular attacks. Rep. Payne recently introduced H.R. 2160 – the Shielding Public Spaces From Vehicular Terrorism Act Payne also crafted H.R. 6920, the School Security Is Homeland Security Grant Act, which clarified allowable uses, requires a percentage of homeland security grants to be used for enhanced school security measures and increases overall authorization for the grants. Enhancing perimeter and school security “SIA’s policy priorities include notable measures that help increase safety and security across many sectors, including the critical areas of perimeter security and school security, while helping the industry to stay ahead of megatrends such as the proliferation of IoT and the recruitment and retention of qualified workers,” said SIA CEO Don Erickson. “SIA applauds Sen. Klobuchar’s work to promote the 21st-century technology workforce essential to our industry, Sen. Fischer’s leadership in recognizing the security industry’s role in fostering IoT growth, and Rep. Payne’s contributions to mitigating the threat of vehicular attacks and protecting students, staff, faculty and visitors in our nation’s schools.” Session on physical access control systems SIA GovSummit – the annual government security conference hosted by SIA – brings together government security leaders and private industry technologists for top-quality information sharing and education on security topics affecting federal, state and even local agencies. Attendees will find specialized sessions on topics such as modernizing federal physical access control systems Attendees will find specialized sessions on topics such as modernizing federal physical access control systems, the U.S. Department of Defense’s unified facilities criteria for security systems, facial recognition technology use for public safety and homeland security missions and helping communities protect religious institutions, crowded spaces and other soft targets. SIA GovSummit is free for all government employees, including federal, state, county and municipal-level staff (both domestic and international), plus all military, law enforcement and public safety representatives. Sponsors of the event This event is made possible thanks to the following sponsors and partners: Premier Sponsors LenelS2, HID Global, Tyco Security Products and Allegion; Event Sponsors AMAG Technology, American Fuel & Petrochemical Manufacturers, Axis Communications, B&B Roadway Security Solutions, Calpipe Security Bollards, the U.S. Department of Homeland Security Science and Technology Directorate, dormakaba, Gallagher, Genetec, Gibraltar, GSA Schedules, Inc., Hanwha Techwin America, HySecurity, IDEMIA, Identiv, ISC Security Events, Louroe Electronics, Marshalls, Milestone Systems, the National Initiative for Cybersecurity Careers and Studies, NetApp, Panasonic, the Secure Worker Access Consortium and TCP Security Solutions.
Visitors to the 2019 edition of Secutech Vietnam will have plenty of opportunities to gather market intelligence, thanks to the introduction of the new ‘Smart Factory Conference’ to the show’s fringe program. As the region’s leading trade fair for the security, fire safety and smart building sectors, the fair provides a program of educational events that cover technological trends, government regulations and industry outlook. Smart factory systems “Vietnam’s Smart Factory market is on an upward trajectory,” said Ms Regina Tsai, the Deputy General Manager of Messe Frankfurt New Era Business Media Ltd. “Newly built manufacturing facilities are being integrated with smart factory systems and there is also a need for ageing manufacturing infrastructure to be upgraded with smart solutions. For this reason, there is a growing appetite for information among prospective buyers which we hope the Smart Factory Conference will fulfill. It will be especially useful for investors, owners of industrial parks, consultants, contractors, architects, suppliers and government officials.” Vietnam’s manufacturing base is gradually moving towards industry 4.0, an automation trend of connected devices, IoT and AI Vietnam’s manufacturing base is gradually moving towards industry 4.0, an automation trend of connected devices, the internet of things, artificial intelligence and cloud computing. Against this backdrop, speakers at the Smart Factory Conference will demonstrate how factories that use new technologies to automate processes such as production and energy management can become more efficient and cost effective. Intelligent video solutions Another discussion point will be intelligent video solutions. With a focus on video analytics, access control and production surveillance, conference speakers will explain how both factory security and production efficiency can be improved. In addition, there will be an exploration of government regulations and the most up-to-date fire safety systems, including alarms, detectors, fireproof materials and extinguishing systems. Smart access control systems Besides the Smart Factory Conference, visitors to Secutech Vietnam 2019 will be able to benefit from two other elements of the fringe program. The Fire and Industrial Safety Seminar will cover best practices and solutions for disaster prevention in buildings and industrial settings The Fire and Industrial Safety Seminar will cover best practices and solutions for disaster prevention in buildings and industrial settings. Meanwhile, the Smart Hotel Seminar will update attendees on solutions that improve hotel management and guest experiences, including energy and building management platforms and smart access control systems. Market intelligence platform The Smart Factory Conference is jointly organized by Houselink JSC, Messe Frankfurt New Era Business Media Ltd and Vietnam Advertisement & Fair Exhibition JSC. Houselink JSC is Vietnam’s first developer of an online e-bidding and market intelligence platform for the construction market. The conference will take place on 15 August at Secutech Vietnam 2019, which runs from 14 – 16 August at the Saigon Exhibition and Convention Center. In 2018, the fair set new records, attracting over 13,800 buyers (2017: 12,097) and 310 exhibitors from 20 countries and regions (2017: 270).
Check Point Research, the threat intelligence arm of Check Point Systems Inc., has announced the creation of a new online vulnerability repository, CPR-Zero. Going forward, Check Point will publicly list all vulnerabilities its research teams find, even if they are not featured in a publication on the Check Point Research blog. The move makes Check Point the industry’s largest cyber security vendor to openly share such vital information online. CPR-Zero vulnerability repository "Not every vulnerability that we find leads to a blog post or publication. In fact, most do not,” said Omri Herscovici, Head of Vulnerability Research at Check Point. "This is why it’s important for us to share our findings using the CPR-Zero platform. The information listed on CPR-Zero will be a priceless resource for citizens and enterprises everywhere to be more informed and vigilant against the latest cyber-security threats.” CPR Zero has initially launched with over 130 vulnerabilities and will quickly expand to offer a comprehensive library of all vulnerabilities that Check Point’s research team has uncovered, both historic and in the future. CPR Zero lists CVEs with links and references for viewers to learn more from the official CVE database. The list also contains detailed information regarding each vulnerability, including a crash and dump, a short explanation and sometimes a POC. Enhanced cyber security Check Point’s mission is to make the online world a safer place to live in" The repository will be continually updated with new discoveries. However, Check Point reserves the right to not publicly disclose major vulnerabilities that may be at a high risk of being exploited before patches or updates are widely available. "Check Point’s mission is to make the online world a safer place to live in. To help us further get there, we are making the bold move to be the largest cyber security company in the industry to share ALL our technical CVE findings with everyone," said Neatsun Ziv, VP of Threat Prevention. “No other cyber security company of our size has taken this step." Greater customer and enterprise security Built by some of some of the most talented and capable experts in the field, CPR Zero is Check Point’s latest initiative in responsibly notifying both consumers and enterprise organizations of new cyber-security risks, as well as encouraging vendors to take the necessary steps to continue to provide a risk-free user experience.
For applications requiring an extra layer of protection against moisture, vehicle exhaust, pool chemicals or extreme temperatures, Enhanced Weather Protection gives you the durability you need for years of service. Enhanced Weather Protection “A customer down in his Florida beach home just took out one of our analog EWP entry phones because he is changing to a VoIP service provider. The Viking unit was still fully functional even after 10+ years of service in that salty air.” – Greg Yocom, Senior Engineer at Viking Electronics Viking products with Enhanced Weather Protection have a circuit board that is potted in urethane or thermoplastic. The potting material won’t crack in cold weather, it provides protection against moisture and condensation, and it’s an excellent electrical insulator. In conjunction with the potting material, EWP products feature internally sealed push-to-call buttons, dip-switches, and volume control pots. Additional gaskets for the speaker, mic and faceplate make EWP compliant to an IP66 rating. EWP for door, gate entry phones Customers trust Viking’s EWP products for tough applications like ocean beach properties, swimming pools areas or in parking garages. Door and gate entry phones that are exposed to the harsh elements can also be protected with Enhanced Weather Protection.
In the next three years, software as a service ‘SaaS’ is likely to grow by around 23%. That’s according to reports by Cognizance. It’s growth rests on the adoption of cloud public, private and hybrid. Without the cloud applications can’t truly pervade an organization, nor can operational or customer benefits be derived. But there’s no point in adopting the cloud if it’s not secure - the proliferation of SaaS demands security, none more so in a GDPR world. Large cloud environment But modern applications are difficult to secure. SaaS based, web, mobile, or custom made all work on different platforms and frameworks. It’s a headache managing all the APIs needed to automate and sync tools. This introduces risk. The greater the number of apps the broader the attack surface and therefore the greater the chance there will be blind posts. Keeping up to date with updates and new security policies is never easy There are also added hazards. Applications are always changing. Keeping up to date with updates and new security policies is never easy, but especially hard in a large cloud environment. Failure to adopt changes puts the organization and customers at further risk. But the biggest obstacle is keeping applications and APIs out of harm’s way. It’s a near on impossible task when attack methods and sources are constantly changing. More advanced threats To be specific there are four emerging challenges when it comes to protecting apps. Firstly, managing the good and the bad bots and spotting which is which, secondly securing APIs as IoT adoption intensifies, thirdly the relationship between securing apps and DevOps and ensuring ownership of security, and finally denial of service attacks that use newer tactics such as brute force. Basic security hygiene dictates that security teams refer to the OWASP Top 10. It’s considered the ‘ten commandments’ in security circles, providing a starting point for ensuring the most common threats and vulnerabilities are managed, detected and mitigated. Web Application Firewalls also come into the fray with guidance on testing for the ways hackers exploit vulnerabilities. However, though the basics are good to have in place, there are always more advanced threats to take care of. Bots being a big one. Bot management The more sophisticated bots will go as far as to mimic human behaviorAstonishingly about half of internet traffic is bot generated. Half of it is from bad bots. Discerning the good from the bad isn’t easy though and explains why around 80% of organizations can’t make a clear distinction between the two. Bad bots can do a lot of damage like take over user accounts and payment information, scrape confidential data, or hold up inventory and skew marketing metrics. The more sophisticated bots will go as far as to mimic human behavior and bypass tools like CAPTCHA and even device fingerprinting based protection ineffective. Securing APIs Then there’s the complications derived from machine-to-machine and internet of things (IoT) communications. The more integrated ‘things’, the more data there is, the more events there are report on, and the more activity there is reliant on APIs to make the ‘things’ useful and agile. That’s what makes them a target and the threats to API vulnerabilities include injections, protocol attacks, parameter manipulations, invalidated redirects and bot attacks. There’s the risk that business will grant access to sensitive data, without inspecting nor protecting APIs to detect cyberattacks. There’s the risk that business will grant access to sensitive data, without inspecting nor protecting APIs to detect cyberattacks Denial of service (DoS) You might think there’s little to add to the swathes of denial of service warnings. Yet when businesses are still being targeted and feeling the ill effects it’s worth mentioning again that different forms of application-layer DoS attacks are still very effective at bringing application services down. Even the greatest application protection is worthless if the service itself can be knocked down This includes HTTP/S floods, low and slow attacks (famous examples being Slowloris, LOIC, Torshammer), dynamic IP attacks, buffer overflow, Brute Force attacks and more. The IoT botnets are the culprits and have made application-layer attacks so popular that they have become the preferred DDoS attack vector. Even the greatest application protection is worthless if the service itself can be knocked down. Continuous security It may seem easy to say but for modern DevOps, agility is valued at the expense of security. We see time and again examples of where development and roll-out methodologies, such as continuous delivery, mean applications are exposed to threats each time they are modified. There’s no doubt it is extremely difficult to maintain a valid security policy and protect sensitive data in dynamic conditions without creating a high number of false positives. But we now find that this task has gone way beyond the capability of humans. Organizations now need machine-learning based solutions that map application resources, analyse possible threats, and create and optimise security policies in real time. Reaching this level in security planning should be a big wake-up call that security automation is an essential not a nice to have. Running security plans The board needs to know that investment is critical to protect their profits It’s critical that the security solution your company adopts protects applications on all platforms, against all attacks, through all the channels and at all times. The board needs to know that investment is critical to protect their profits. As such there are six things they need to know: Application security solutions must encompass web and mobile apps, as well as APIs. Bot management solutions need to overcome the most sophisticated bot attacks. DDoS mitigation must be an essential and integrated part of application security solutions. A future-proof solution must protect containerized applications, severless functions, and integrate with automation, provisioning and orchestration tools. To keep up with continuous application delivery, security protections must adapt in real time. A fully managed service should be considered to remove complexity and minimise resources. No amount of human power will beat the bots. That last point is the most critical. Skill is essential in designing and running security plans and policies that work. But the plans can’t be executed without automated tools. There are just too many decisions to make in a split second. Combining both is the path to an effective app protection strategy and a stronger brand to boot.
Edge devices (and edge computing) are the future. Although, this does seem a little cliché, it is the truth. The edge computing industry is growing as quickly as technology can support it and it looks like we will need it to. IoT Global Market The IoT (Internet of Things) industry alone will have put 15 billion new IoT devices into operation by the year 2020 according to a recent Forbes article titled, “10 Charts That Will Challenge Your Perspective of IoT’s growth”. IoT devices are not the only edge devices we have to deal with as the total number of connected edge devices includes the likes of devices like security devices, phones, sensors, retail sales devices, and industrial and home automation devices. The IoT (Internet of Things) industry alone will have put 15 billion new IoT devices into operation by the year 2020 The sheer number of devices begins to bring thoughts of possible security and bandwidth implications into perspective. The amount of data that will need to be passed and processed with all of these devices will be massive. There needs to be consideration taken by all business owners and automation engineers into how this amount of data and processing will be conducted. Ever-Expanding Edge Devices Market As the number of edge devices in the marketplace and their use among consumers and businesses rises, the need to be able to handle the data from all of these devices is no longer going to be suitable for central server architectures. We are talking about hundreds of billions and even trillions of devices. According to IHS Markit researchers’ study, there were 245 million CCTV cameras worldwide. One has to imagine there are at least 25% of that many access control devices (61.25 million devices) based on a $344 million market cap also calculated by IHS Markit’s researchers. If all the other edge devices mentioned earlier are considered then one can see that trying to route them all through servers for processing is going to start to become difficult if it hasn’t already, -which arguably it already has, as is evidenced by the popularity of cloud-based solutions amongst those businesses that already use a lot of edge devices or are processing a lot of information on a constant basis. Cloud Computing The question is whether cloud computing the most effective and efficient solution as the IoT industry grows The question is this; is cloud computing the most effective and efficient solution as the IoT industry grows and the amount of edge devices becomes so numerous? My belief is that it is not. Taking the example of a $399 USD device that is just larger than the size of a pack of cards and runs a CPU benchmarked at the same level as a mid-size desktop. This device has 8GB RAM and 64GB EMMC built-in and a GPU that can comfortably support a 4K signal at 60Hz with support for NVMe SSDs for add-on storage. This would have been unbelievable five years ago. As the price of edge computing goes down, which it has done in a dramatic way over the last 10 years (as can be seen with my recent purchase), the price to maintain a central server that can perform the processing required for all of the new devices being introduced to the world (due to the low cost of entry for edge device manufacturers) becomes more expensive. This introduces the guarantee that there will be a point where it will be less expensive for businesses, and consumers alike, to do the bulk of their processing at the edge as opposed to in central server architectures. Cloud computing is now being overtaken by edge computing, the method of processing data at the edge of the network in the devices themselves Edge Computing There are a plethora of articles discussing and detailing the opposition between the two sides of the computing technology coin, cloud computing and edge computing. The gist of it is that “cloud computing” was the hot new buzzword three years ago and is now being overtaken by “edge computing.” The truth is that cloud computing is a central server architecture hosted at someone else’s location. Edge computing is going to be a necessary development in the technology industry Edge computing is the method of processing data at the edge of the network (in the devices themselves) and allowing for less resources required at a central location. There is certainly a use case for both, however the shift to edge computing amongst the general public and small to mid-sized businesses will not be a surprise to those players, who have been paying attention. One article titled, “Next Big Thing In Cloud Computing Puts Amazon And Its Peers On The Edge” by Investor’s Business Daily takes the stance that edge computing is going to completely displace centralized cloud computing and even coins the phrase, “Cloud computing, decentralized” to explain edge computing. It speaks for the stance that most experts in technology seem to be taking, including Amazon Web Services’ VP of Technology, Marco Argenti according to the same article. We know that edge computing is going to be a necessary development in the technology industry, and it is happening as I write this, and quickly at that. Cost Efficiency Of Edge Processing As time goes on, the intersection between the prices of network bandwidth, edge processing and maintaining super powerful central servers will cause edge processing to be the most efficient and cost-effective way to maintain a scalable network in any environment, including datacenters. Owning a central server or utilizing edge computing become the better options As it currently stands, most residential users can only achieve a 1Gbps WAN (internet) connection, and small to medium-sized business can’t get much more but seem to get much less, based on my personal experience. When more than 1Gbps needs to be processed, cloud computing becomes very expensive at which point, owning a central server or utilizing edge computing become the better options. Then you look a total cost of ownership and when the cost of edge computing is less expensive than the cost of maintaining central server architectures, edge computing becomes the single best option. So, I’ll say it again, edge devices (and edge computing) are the future.
Where are video surveillance cameras headed? At the core of next-generation Internet Protocol (IP) cameras are advanced chips with artificial intelligence (AI) at the edge, enabling cameras to gather valuable information about an incident: scanning shoppers at a department store, monitoring city streets, or checking on an elderly loved one at home. Thanks to advanced chip technology, complex analytics operations are becoming more affordable across the full spectrum of surveillance cameras —professional to consumer — fueling the democratization of AI in the IP camera market.Complex analytics operations are becoming more affordable across the full spectrum of surveillance cameras Expanding The Global IP Camera Market The video surveillance equipment market grew to $18.5 billion in 2018 and is expected to increase this year, according to IHS Markit. The latest research points to video everywhere, edge computing, and AI as the top technologies that will have a major impact in both commercial and consumer markets in 2019. Computing at the edge means that the processors inside the camera are powerful enough to run AI processing locally, while still encoding and streaming video, and are able to do it all at the low-power required to fit into the limited thermal budget of an IP camera. New SoC chips will be able to perform all of the processing on camera and provide accurate AI information, with no need to send data to a server or the cloud for processing. Instead, data can be analyzed right in the camera itself, offering high performance, real-time video analytics, and lower latency — all critical aspects of video surveillance. This new AI paradigm is made possible by a new generation of SoCs, a key driver behind the market growth of IP cameras. Complex analytics operations are becoming more affordable across the full spectrum of surveillance cameras to fuel the advent of AI in the IP camera market Micro-Processor-Enabled Video Analytics Next-generation video cameras will be able to create heat maps of stores to see where people spend the most timeMicroprocessor-enabled analytics allow users to more easily extract valuable data from video streams. How about an insider’s view into retail customer behavior? Consider video cameras at a department store, monitoring shoppers’ behavior, traffic patterns, and areas of interest. Next-generation cameras will recognize how long a shopper stays in front of a specific display, if the shopper leaves and returns, and if the shopper ultimately makes a purchase. Next-generation video cameras will be able to create heat maps of stores to see where people spend the most time, so retailers will be able to adjust product placement accordingly. Analytics will also help identify busy/quiet times of the day, so retailers can staff accordingly. By understanding customers’ behavior, retailers can determine the best way to interact with them, target specific campaigns, and tailor ads for them. Cue the coupons while the shopper is still onsite! Analytics will also help identify busy/quiet times of the day, so retailers can staff accordingly Fast Processing For Rapid Response At City Level City surveillance and smart cities are depending on advanced video surveillance and intelligence to keep an eye on people and vehicles, identify criminals, flag suspicious behavior, and identify potentially dangerous situations such as loitering, big crowds forming, or cars driving the wrong way.Quick local decisions on the video cameras are also used to help analyze traffic situations Quick local decisions on the video cameras are also used to help analyze traffic situations, adjust traffic lights, identify license plates, automatically charge cars for parking, find a missing car across a city, or create live and accurate traffic maps. Real-Time HD Video Monitoring And Recording When it comes to home monitoring, what will next-generation video surveillance cameras offer? Real-time monitoring and notification can detect if a person is in the back yard or approaching the door, if there’s a suspicious vehicle in the driveway, or if a package is being delivered (or stolen). Advanced video cameras can determine when notifications are and aren’t required, since users don’t want to be notified for false alerts such as rain, tree branches moving, bugs, etc. Next-generation video camera capabilities can also help monitor a loved one, person or pet, helping put families at ease if they are at work or on vacation. For example, helpful analytics may be used to detect if someone has fallen, hasn’t moved for a while, or does not appear for breakfast according to their typical schedule. City surveillance and smart cities are depending on advanced video surveillance and intelligence to keep an eye on people and vehicles, identify criminals, flag suspicious behavior, and identify potentially dangerous situations Next-Gen IP Cameras When evaluating next-generation IP cameras (cameras on the edge), look at the brains. These cameras will likely be powered by next-generation SoCs chips. Here is what this means to you: Save on network bandwidth, cloud computing and storage costs. There is no need to constantly upload videos to a server for analysis. Analysis can be performed locally on the camera, with only relevant videos being uploaded. Faster reaction time. Decisions are made locally, with no network latency. This is critical if you need to sound an alarm on a specific event. Privacy. In the most extreme cases, no video needs to leave the camera. Only metadata needs to be sent to the cloud or server. For example, the faces of people can be recognized in the camera and acted upon, but the video never reaches the cloud. The cameras can just stream a description of the scene to the server “suspicious person with a red sweater walking in front of the train station, has been loitering for the last 10 minutes, suggest sending an agent to check it out.” This could become a requirement in some EU countries with GDPR rules. Easier search. Instead of having to look through hours of video content, the server can just store/analyze the metadata, and easily perform searches such as “find all people with a red sweater who stayed more than five minutes in front of the train station today.” Flexibility/personalization. Each camera at the edge can be personalized to work better for the specific scene it is looking at, compared to a generic server. For example, “run a heat map algorithm on camera A (retail) as I want to know which sections of my store get the most traffic; and run a license plate recognizer on camera B (parking lot) as I want to be able to track the cars going in/out of my parking lot.” No cloud computing required. For cameras in remote locations or with limited network bandwidth, users have the ability to perform all analytics locally, without relying on uploading video to a server/cloud. Higher resolution/quality. When AI processing is performed locally, the full resolution of the sensor can be used (up to 4K or more), while typically the video streamed to a server will be lower resolution, 1080p or less. This means more pixels are available locally for the AI engine so that you will be able to detect a face from a higher distance than when the video is streamed off camera. AI At The Edge Professional-level IP cameras capable of performing AI at the edge are coming soon with early offerings making their debut at this year’s ISC West. As we enter 2020, we will begin to see the availability of consumer-level cameras enabling real-time video analytics at the edge for home use. With rapid technology advancement and increased customer demand, AI is on the verge of exploding. When it comes to image quality and video analytics, IP cameras now in development will create a next-generation impact at department stores, above city streets, and keeping an eye on our loved ones.
Krowd is an app that connects people together based on geography; that is, if they are at the same place at the same time. Users sign into the app using the local WiFi, identify themselves by username, and are placed immediately in a group chat comprising anyone else at the location who has signed into the app. An enhancement of the Krowd app, known as Krowdsafe, leverages the technology to achieve and promote security and safety. Specifically, Krowdsafe enables users to interact directly with security personnel at a public place to report any crimes or security infractions and to enable rapid response. Think of it as “crowdsourcing” security – the app provides more eyes and ears to keep a venue safer. In effect, it enables each of its users to be an extension of the security presence at a venue or event. Krowdsafe improves crowd resilience. “Crowdsourcing” security – the app provides more eyes and ears to keep a venue safer Krowdsafe security app Krowdsafe also opens a channel of communication for the security team to provide ad-hoc security information reminders or messages. Krowdsafe can be used at a variety of venues, including stadiums, transport hubs, office blocks, retail malls, college campus and major events organizers. The app does not access identities, violate privacy, or track the movements of users. Other app users only know the information fellow users disclose. Still, group chats, one-on-one engagement, and other social media interactions can ensue, whether about a favorite soccer team or the excitement of a rock concert. The system fosters digital engagement that centers around a physical space. Krowdsafe applies those capabilities to promoting better security. Enhancing crowd safety and management The elements of Krowdsafe beat out 67 competitors to win the Defense & Security Accelerator Competition to Innovate Crowd Safety, launched by the UK Home office after terror events in 2017. Key areas of interest in the competition were to improve the detection of threats from explosives and weapons within a range of crowded places with high footfall and so reduce the chance of future attacks. Krowdsafe provides a prioritized, readily accessible and simple way for members of a crowd to communicate with a security team charged with keeping them safe. The £250,000 government award has helped the product move forward commercially at a faster pace. Krowdsafe app does not access identities, violate privacy, or track the movements of users Krowdsafe users can tap a red button, prominent on the Krowd app, that says “Report.” They may then choose from a listing of common threat types – from suspicious activity or unattended activity to medical emergency or fire services. The list is configurable by venue and corresponds to any specific threat models. The list corresponds to the nature of any situation security wants to address, such as “anti-social behavior” at a soccer game. Users in the crowd can anonymously report racist chanting, for example. In a children’s sporting event, the app can be used to facilitate lost-and-found children. If a child gets lost, a user can share a photo with the security team, who can alert the “public” (other Krowdsafe users) and find the child within minutes or seconds. Encrypted identifier code A user taps the “Report” button, selects an issue, and an alert goes directly to the security team A user taps the “Report” button, selects an issue, and an alert goes directly to the security team, who can respond because they have the encrypted identifier code from which the message came. For that point, the security team communicates one-on-one with the user, who can then choose to share their current location with the security team to facilitate response. (The “legitimate interest” of knowing the location negates any privacy concerns.) Once location is enabled, the security team can follow the precise positioning of threats on a map, using GPS and other technologies, or even on a three-dimensional digital map of a multi-story building. Another security benefit of Krowdsafe is prevention. Event organizers and venue managers can promote the use of Krowdsafe on posters or in announcements throughout the venue. Additional eyes and ears are the equivalent of CCTV coverage on every inch of a venue and use of the system makes the environment more hostile to mischievous, malicious and/or terrorist activity. In effect, bad guys will go somewhere else. Enhancement to Krowd app Krowdsafe is an enhancement to the Krowd app, which has been around for a couple of years and is available in app stores for iOS and Android. The app approximates in the digital world the experience of being a stranger in the crowd in the real world. Users can join a conversation based on their username, and then disclose to the crowd whatever they wish (or not). Event managers/organizers can promote hashtags to help identify others in the crowd (such as #ManUnited to identify fans of the same soccer team). In general, users can identify themselves (voluntarily) according to common interests using hashtags. “Krowd is a group chat that connects people together at the same place at the same time in a group, but without anyone having to disclose personal information,” says Geoff Revill, Managing Director, Krowdthink Ltd. “You have a digital presence in the same place with other people at the same time.” Wireless connectivity Users connect initially into the system through WiFi, access to which serves to approximate presence at a venue Users connect initially into the system through WiFi, access to which serves to approximate presence at a venue. Once someone signs in, information about them is merely a grouping of “hash” numbers, which are used to identify them as they communicate with others in the location. However, the “hashing” cannot be hacked to find a user’s location, thus ensuring greater privacy. Because Krowd does not collect personal data (which is a revenue source for most social media companies), the company generates revenue by providing the service to venue owners who wish to interact with and manage a crowd. Data security Location data is considered sensitive under General Data Protection Regulation (GDPR), and tracking locations can help to identify where someone lives, works, who they associate with, etc. By not tracking location, Krowd avoids the related privacy issues. After initially signing in on WiFi, Krowd communications can also use 2G, 3G and other cellular networks in addition to WiFi. Addressing privacy concerns is essential to encouraging involvement in the Krowd app, and in Krowdsafe. “If you want people to participate in keeping the crowd safe, you have to get their trust and respect them, that’s a building block behind the behavioral science,” says Revill. By not tracking location, Krowd avoids the related privacy issues Privacy protection Because Krowd users remain anonymous (except for the information they choose to share), user data is not collected (and/or sold or used for future marketing purposes). Krowd’s paying customers are event venues and public places that provide the Krowd service and can promote their commercial messages or provide other information to their populations while on site. Krowdsafe can provide immediate security benefits to a venue. Even if only 25 staff members use the app in a given location, for example, that’s 25 more sets of eyes and ears to help the security department. In a retail mall, if the staffs of 200 tenant businesses use the app, that’s another 500 or so people watching out for security. Among the general public, use of the app can be promoted in customer newsletters, or by posting group discussions on big screens around a venue. Wide marketing scope It enables members of a crowd to report any broken doors, water leaks or blocked toilets Security is a secondary benefit for some Krowd users, who are drawn to the app because of marketing opportunities, such as the ability to provide discounts or promotional offers to customers while they are on site. The app also encourages social media interaction, while maintaining the venue’s ability to “manage” the crowd by moderating any discussions. The Krowd app also provides management benefits to a venue. For example, it enables members of a crowd to report any broken doors, water leaks or blocked toilets. In general, the app helps to promote a better brand experience for the customer. Incident management One of the UK government’s concerns about Krowdsafe was its possible use by terrorists or other to cause incidents in a public venue. Think of the case of Olly Murs, a U.K. singer, whose mistaken tweets about hearing gunshots caused a brief panic at a department store on a busy shopping day. Might Krowd be uses similarly by a terrorist or other evil-doer to cause chaos or a distraction? No, says Revill, who points to a higher level of control over content exchanged in Krowd versus Twitter, for example. The security team can censor content or limit its propagation. They can also disable or block a user from communicating on the app. Messages containing dangerous or troubling content, such as racist terms, can trigger alerts to enable security teams to respond quickly.
As political winds present new challenges for Chinese companies doing business in the U.S. market, the countdown is under way to implementation of a ban on sale of Chinese manufacturers’ video surveillance products to the Federal government. Some good news is a delay enacting the wider-reaching “blacklist” aspects of the ban. Meanwhile, possible sanctions to prevent U.S. manufacturers from selling components to Chinese companies are posing immediate public relations difficulties – and the possibility of eventual more tangible ones. Chinese ban imposed by U.S. government The “Chinese ban” provision [[Paragraph (a)(1)(a) of section 889 of Title VII of the National Defense Authorization Act (NDAA) for FY 2019] prohibits Federal government procurement of “equipment, systems, or services provided by specified entities.” The “specified entities” are Huawei Technologies Co., ZTE Corp., Hytera Communications Corp., Hangzhou Hikvision Digital Technology Co. and Dahua Technology Co. Hikvision and Dahua are two of the largest manufacturers of video surveillance equipment, and Huawei manufactures HiSilicon chips widely used in video cameras. NDAA specifies that the ban be implemented within a year of the law taking effected The “Chinese ban” provision is an open Federal Acquisition Regulations (FAR) Case, and a proposed FAR draft rule is due in early June. NDAA specifies that the ban be implemented within a year of the law taking effected (signed by President Trump on August 18, 2018). Blacklisting integrators that sell Chinese products Implementation of a “blacklist” provision has been spun off into a separate FAR Case, and enactment has been delayed allowing time for public comments on its ramifications. The provision [Paragraph (a)(1)(B) of section 889 of Title VII of the National Defense Authorization Act (NDAA) for FY 2019] addresses “entities that use covered equipment.” As it relates to the video surveillance market, this provision has been interpreted to mean, for example, that an integrator that sells Hikvision equipment to anyone (e.g., to a small retailer) would be banned even from selling non-Hikvision equipment to the U.S. government or ‘recipients of Federal loan or grant funds.’ Obviously, this represents a broader impact on the industry compared to the Chinese equipment sale ban. The government’s stated reasons for the delay include concern about a dramatic reduction in the available industrial base Reduction in available industrial base The government’s stated reasons for the delay include concern about a dramatic reduction in the available industrial base (including small business suppliers), who will no longer be able to sell to the government, either because their non-government business is more valuable, or due to the cost of the potential regulatory burdens associated with compliance. Another concern is that Federal grant recipients in rural areas may be ‘disproportionally impacted … due to the limited number of market options in rural areas.’ The delay will allow time for a public meeting to solicit input on the proposed rulemakingThe delay will allow time for a public meeting to solicit input on the proposed rulemaking. In fact, the Department of Defense (DoD), General Services Administration (GSA) and NASA (National Aeronautics and Space Administration) are hosting a public meeting on July 19 from 9 a.m. to 3 p.m. at the Department of Interior (DOI) Auditorium in Washington, D.C. Interested parties may also attend virtually via the Internet. NDAA ban on Chinese technology, equipment Furthermore, a proposed rule of implementation will be published, followed by a second public meeting. The Office and Management and Budget will solicit feedback on proposed changes to existing grants and loans and consider public comments and feedback prior to finalizing changes. The White House has sent a legislative proposal to Congress to "adjust certain implementation deadlines to allow for additional stakeholder engagement." The Federal Acquisition Security Council would be tasked with submitting a report “containing a discussion and recommendations regarding any changes required for effective implementation of that section.” Do these processes represent hope for leniency? Hikvision targeted in ban The NDAA ban is one of several issues facing Chinese companies in the U.S. market The NDAA ban is one of several issues facing Chinese companies in the U.S. market. Another is snowballing backlash about the involvement of surveillance companies in human rights abuses at detention camps in the Xinjiang region of China. For example, a number of Congressmen and Senators have sent a letter asking the U.S. State Department and Treasury to impose sanctions, export controls and financial disclosures to counter the human rights abuses. In response, Hikvision has retained human rights expert and former U.S. Ambassador Pierre-Richard Prosper to advise the company regarding human rights compliance. According to a company spokesperson: “Hikvision takes these concerns very seriously and has engaged with the U.S. government regarding all of this since last October.” (See Hikvision USA’s full statement here.) Furthermore, Hikvision expressed optimism at the ISC West trade show. The Trump administration has also singled out Hikvision and is considering seeking limits on the video surveillance giant’s ability to buy American technology, similar to a ban already implemented against chipmaker Huawei. HiSilicon chips, manufactured by Huawei, currently run millions of security cameras across the United States, and several video camera manufacturers are rethinking their use of HiSilicon chips in wake of the ban.
While most security teams are focused on preventing malicious outsider attacks, recent data suggests that close to 30 percent of confirmed breaches today involve insiders. Today’s increasingly complex networks across physical, information technology (IT) and operational technology (OT) systems make it difficult for security teams to detect and prevent insider threats. This is compounded by the proliferation of data, devices, applications, and users accessing networked resources. Rising insider malicious attacks threat As the threat landscape evolves rapidly, CISOs need to step up their game According to the 2017 U.S. State of Cybercrime Survey, 50 percent of organizations experience at least one malicious insider incident per year. And the Verizon 2018 Data Breach Report found that close to 30 percent of confirmed breaches today involve insiders. In August 2018, a tragic crash involving a Seattle airplane stolen by an employee raised awareness for the need for physical insider threat awareness (as well as more psychological screening before employment). As the threat landscape evolves rapidly, CISOs need to step up their game, says Aamir Ghaffar, Director of Solutions Engineering at AlertEnterprise. They should implement security controls that protect their company’s people, physical assets, data, intellectual property, and reputation both inside and out. And they need to do it while simultaneously satisfying industry compliance requirements. In response to our questions, Aamir Ghaffar offered some additional insights on the timely topic of insider threats. Q: We are hearing discussion about the emergence of cyber-physical security systems. What are they and how do they help organizations address insider threats? Threats now originate not only in the physical space but also in cyber environments Ghaffar: The concept of convergence has evolved in response to risk and the overall threat landscape. Threats now originate not only in the physical space but also in cyber environments – this is what is commonly referred to as blended risk. These blended risks require a converged approach and a converged view of security as a whole; connecting data, building new capabilities and gaining new insights to allow security teams to better defend against attacks. Q: How are organizations responding? Ghaffar: They are shifting towards centralization – from the security operations center all the way to the executive level, where one C-Suite executive manages all security across physical, IT and OT domains. According to Gartner by 2023, 75% of organizations will restructure risk and security governance to address new cyber-physical systems (CPS) and converged IT, OT, Internet of Things (IoT) and physical security needs, which is an increase from fewer than 15% today. Q: How does the shift impact insider threats? Ghaffar: Unifying cyber and physical unlocks powerful new capabilities. For example, cyber-physical teams faced with a threat such as an intrusive device planted within their network environment, can quickly connect the cyber footprint to a physical location – understanding where the threats originate and identify those responsible for bringing it in. Converging physical and cyber identity through platforms that connect physical access control, IT and OT systems is an example of how organizations can better prepare for blended security threats An AI-enabled automated system is the most practical and human error-proof solution today Q: How is AI being used to protect against insider threats? Ghaffar: With increased security convergence we are now collecting such a large volume of data that relying on manual detection of insider or external threats is no longer a viable solution. An automated system, powered by artificial intelligence used with digital identities, is now the most practical and human error-proof solution today. AI and machine learning (ML) technology helps organizations map complex patterns of user behavior, process tens of millions of events within seconds to detect threats in near-real-time and respond swiftly. This benefits security operations personnel to go from distraction to action, allowing them to focus on what really matters, which are their most critical security events. Q: Sometimes the threat is about human error. Oftentimes we think the most harmful insider threats are intentionalGhaffar: Oftentimes we think the most harmful insider threats are intentional; however, unintentional user behavior and negligence could have serious ramifications for an organization. Organizations should deploy technology that delivers automation and active policy enforcement to prevent employees from making inadvertent yet critical errors. Organizations should also do regular risk assessments – not one and done. Don’t implement a process and think you’re secure. Automated identity and access management technology can provide scheduled access reviews to help detect high-risk user profiles with accumulated or a toxic combination of access, as well as segregation of duties violations due to department change or job transfers. Q: What are the biggest misconceptions about insider threats? Ghaffar: First, that the biggest threats originate outside my company. Or that insider threats are a problem for government agencies and highly sensitive organizations, not “regular” companies like us. A company may also mistakenly think that they have limited assets that could be exposed, or that the assets are of little value; therefore, a large-scale breach is less likely to happen. And even if it does, it probably won’t have a big impact. Risk management leaders should start by developing a compelling visionQ: So, they think “it can’t happen here.”? Ghaffar: Yes, and they think their employees are inherently trustworthy, and that with basic security measures in place, the risk is small. They think that insider threats are always intentional. Or they think “it’s not my job.” Q: What next steps should security leaders take in addressing insider threats in their organization? Ghaffar: Security and risk management leaders should start by developing a compelling vision and strategy that will resonate with key company stakeholders. They can expand the visibility they have into user activity beyond things that happen on the network. Go beyond a data-centric approach to a people-centric approach through identity behavior analysis. Improving visibility into user activity and taking a more preventive approach are the best ways to manage risk of an incident. Develop an inside-out approach to security. By converging physical, cyber and OT security you’ll gain a holistic view of your enterprise-wide security landscape.
People’s Choice Credit Union is one of Australia’s largest Credit Unions, with 365,000 members and 44 locations across South Australia, Northern Territory, Victoria, Western Australia, and Australian Capital Territory. People’s Choice Credit Union (People’s Choice) has earned a reputation as a forward-thinking and highly innovative company that is radically changing the banking experience for its members and employees. From their head-office to their branches throughout Australia, People’s Choice is utilizing new technology to improve service to members, be more efficient, reduce costs, and decrease their environmental footprint. Smarter workspaces Operating an innovative, modern working environment that utilizes flexible workspaces in place of traditional desks, People’s Choice staff are not allocated a specific desk but instead choose where they wish to sit each day. They can even choose whether they wish to sit or stand, by having desks that can be raised or lowered to suit personal preference. Flexible work environments are proving popular for large corporate companies due to the ability to increase company-wide communication, support project work, improve productivity, reduce clutter, and save costs. “With a large staff, there is always a number of people out of the office, whether it’s on sick or annual leave, or working on business outside of the office.” said Mike Humphrey, Manager of Property Services at People’s Choice Credit Union. “By implementing a flexible workspace model, we have been able to save approximately 3,000 square meters of office space which equates to thousands of dollars each year in building costs” said Mike. Multi-technology smartcard T20 and T10 readers Using Gallagher’s smartcard T20 and T10 readers on each locker bank, staff badge their access card to open their allocated locker To facilitate the operation of a flexible work environment and provide employees with storage for their personal effects (work-related material is stored elsewhere), People’s Choice uses banks of brightly colored lockers that are managed by electronic access control. Using Gallagher’s smartcard, multi-technology T20 and T10 readers on each locker bank, staff badge their access card to open their allocated locker. With the readers communicating with Gallagher’s Command Center software management platform, People’s Choice has a simple to operate, customizable system that enables staff to carry just one card on site. “We’re all about putting people first. As an organization we’re not afraid to try new ways of doing things, and as a result we’re seeing significant improvements for our members and staff.” Mike Humphrey, Manager of Property Services, People’s Choice Credit Union. Command Center Mobile App Utilizing Gallagher’s innovative Command Center Mobile App, key facilities management personnel are able to manage access remotely using their mobile phone. “Occasionally staff forget their access card and I’ll get a phone call to open their locker for them. Being able to access the platform and administer overrides using my phone, from wherever I am at the time, is huge for me” said Mike “and it speeds things up considerably for the employee”. With people working in different areas at different times, People’s Choice needed a printing solution that simply and easily enabled staff to retrieve printed documents from the nearest printer. People’s Choice was also looking for a solution that helped to cut down on unnecessary waste. Follow-Me Printing solution To meet both of these needs, People’s Choice installed Follow-Me Printing. This printing solution stores print jobs electronically until a user badges their Gallagher access card at a printer to retrieve their files. At this point, the user can terminate any print jobs they no longer need, cutting down on waste. The solution further reduces waste through a configuration that deletes any printing jobs that haven’t been actioned within a 24 hour period. “One of the truly efficient things about our set-up is that our printing integrates with our access control solution.” said Mike. “It means that staff only have one card for all of their access needs on site; they can access the various office floors, lockers, and printers all with a single card, instead of also having keys and pin numbers to manage.” Temperature management solution Any change in temperature beyond the set limits, triggers an alarm notification Through a Gallagher Bacnet integration, People’s Choice has implemented an automated, continuous temperature management solution for the large data center located at their head office. With temperature sensors communicating directly with Command Center, any change in temperature beyond the set limits, triggers an alarm notification to be sent directly to Mike’s phone. According to Mike “The capability for Gallagher’s platform to send critical information, like the potential overheating of a server room, straight to my phone was a big selling point for us. It provides a simple mobile solution to mitigate a considerable business risk.” Visitor management To support efficiency at their head office reception area, People’s Choice chose Gallagher’s Visitor Management Client and Self-Registration Kiosk. The self-registration kiosk serves as an ideal “extra lane” during particularly busy periods, ensuring that visitors are able to register their arrival quickly and effortlessly without delay. The integration between Gallagher’s visitor management solution and Command Center, ensures that a comprehensive audit trail of all visitor management events, including visitor pre-registration, escort, host, and visitor actions, is securely stored and can be easily retrieved to produce reports.
The American University of the Middle East (AUM) in Egaila is the largest private university in Kuwait. Its extensive campus is spread over 261,190 square meters of beautiful grounds, including academic buildings, technical labs, AUM library, AUM Sports Center, outdoor sports playgrounds including a FIFA certified football field, AUM Opera House, AUM Conference Center, parking areas, administrative and service areas. The American College of the Middle East (ACM) is also hosted within the campus. With sizeable grounds and multiple institutes of learning operating on site, AUM’s access control requirements were complex. The popularity of the campus with not only AUM students but also Kuwaiti youth in general meant AUM needed to ensure the right access was provided to the right people at multiple points on campus. AUM’s Director of IT highlights the challenge the administration faced in efficiently identifying, authenticating and providing access for more than 800 employees and over 10,000 students. “The campus needed to be secure, but at the same time easy to use, causing no inconvenience to students and staff.” Gallagher Command Center AUM needed a dynamic solution that met their access control requirements AUM needed a dynamic solution that met their access control requirements, could integrate with their core enterprise resource planning (ERP) solution, and was scalable to accommodate future growth. Gallagher’s access control solution, featuring Gallagher Command Center and a range of integrations, was selected as the university’s preferred choice, meeting its requirements in the best possible way. MIFARE contactless smart cards Student and staff ID cards became part of the access control system with MIFARE contactless smart cards provided to students, faculty and staff. Turnstiles installed at the entrances to AUM and intelligent integrations with existing systems provided total control of movement within the campus. AUM uses learning software and automated systems widely across its campus. Extensive integration with the Gallagher solution has significantly reduced operational costs, creating efficiencies for staff and students and enhancing the overall security system. “Gallagher gives us the best option to fulfill our requirements, with a total solution,” says the university’s Director of IT. Integration with CCTV system Exam control rooms at AUM need to be fully secure. Command Center integrates with the CCTV system to ensure that when movement is detected, or someone tries to open the door, the CCTV is triggered, and a photo attached to the security report. Within the campus, access permissions need to be well defined for different groups. Access to the gymnasium, library and sports center is defined by male and female, staff and students. Command Center allows AUM to define these access controls in the directory, ensuring they happen automatically. Fully automated access control Fully automated access control gives us confidence in the system" “Fully automated access control gives us confidence in the system,” says the university’s Director of IT. “We don’t have to worry about it.” The reporting capabilities of Command Center provide AUM with greater control and audit information. The university is governed by a council, that regularly conducts audits. “The Gallagher solution helps us easily produce daily reports to meet those reporting requirements. It’s a fantastic solution, no doubt." The integrated booking system in the library controls access to study rooms, giving entry only to those who are included in the room booking. Staff and students no longer have to manage who is in the rooms, allowing them to get on with their work and study. The university’s Director of IT says in the past, monitoring and reviewing this information would take a person two or three days. “With this small integration from Gallagher, turnaround time has improved to within half a day for the same task.” Restricted access He adds, “Campus access for dismissed students has been prevented. Their access is automatically restricted by the admin department. Student’s whose access has been prevented can visit the admin department to rectify their enrollment status. The integration with the Gallagher solution is amazing. Our operational costs have been reduced wherever it is used.” With new construction underway and increasing popularity with students, AUM is a growing university. The Gallagher solution is growing alongside it, providing regular updates and new innovations. “Gallagher often contacts us about new initiatives and things they are introducing,” says AUM’s Director of IT. “We will implement them, because of the success of the current solution. We try at every point to take full advantage of the features offered to keep reducing operational costs. From an industry perspective, it’s a beautiful solution.”
AMG Systems has been commissioned to help digitise the traffic monitoring system for newly-extended hard shoulder bus lanes on Belfast’s main motorways, to make it more efficient, secure and reliable. A new IP-based CCTV system was being installed as part of the extension project, so the underlying fiber network needed to be upgraded in order to handle the high-grade images being transmitted back to the city’s Traffic Information and Control Center (TICC). The upgrade helps to enhance passenger journeys by improving the quality of real-time information sent to traffic management teams. AMG – Juniper Networks partnership AMG, working with Juniper Networks, a leader in secure, AI-driven networks, brought the IP-driven CCTV project together across numerous government agencies and private construction contractors to create a cost-efficient, robust solution for Belfast’s M1 and M2 motorways. The Northern Ireland Department for Infrastructure (DfI) awarded a tender to Graham Construction to work on the extension of hard shoulder bus lanes along the M1 and M2 motorways, intended to improve journey times and service reliability for bus passengers without affecting general traffic flows. The scheme was designed by DfI consultants Aecom, who also carried out site supervision and project manager roles during construction. The work included the provision of new and upgraded Pan Tilt Zoom IP-based CCTV cameras for traffic monitoring purposes by the Traffic Information and Control Center (TICC) in Belfast. Hikvision PTZ IP video camerasGraham used Hikvision PTZ IP video cameras – installed by Chubb – for traffic monitoring Graham used Hikvision PTZ IP video cameras – installed by Chubb – for traffic monitoring. But connecting them to the Pelco system in use at TICC was not as straightforward as it at first seemed, which is where AMG Systems and Juniper Networks came in. “On each of the two motorways, the existing fiber network had only two spare fibres, so all the images had to be combined onto the two, allowing for a resilient ring,” consultant Jo Hopkins of Highways Consulting says, “meaning that if one fiber broke, the other would be able to transmit all the images. The existing cameras on the network were analog, but we took the opportunity to install digital cameras. This reduces the number of times the images are sampled and converted from analog to digital and back again, which improves the quality of the image.” Connecting IP cameras to Fiber Network Hopkins worked with Graham on the project, and said AMG was asked to provide a reliable, cost-effective means of connecting new cameras onto the existing fiber network, bringing the images back to the Traffic Control Center in Belfast. “The task itself was straightforward, but the integration into an existing live system made the project more complex,” she said. Hopkins and AMG Systems Business Development Director Sara Fisher worked to address the network challenge, which included upgrading from analog to IP cameras for the first time on the Belfast motorways. AMG switches The network design utilizes nine AMG switches on the M1 fibres and 15 switches for the M2 The network design utilizes nine AMG switches on the M1 fibers and 15 switches for the M2. At the TICC control room, there are a further four AMG switches which allow the IP cameras to connect to the existing Pelco monitoring equipment. Fisher explains that the control room network connection was further complicated as the TICC’s existing system called for the use of multi-casting and VLANs, and an existing firewall also had to be factored in. “The most appropriate interface in this case was Layer 3 POE switches from our partner Juniper Networks,” she said. IP video surveillance A DfI TICC representative said: “The joint network design by AMG and Juniper Networks has met the challenge presented to them in upgrading our hard shoulder bus lane cameras from purely analog to IP and has provided a resilient network, intended specifically for the task. AMG’s post-sales service and advice has also proved extremely helpful.”
King Chulalongkorn Memorial Hospital (KCMH) is a public medical facility in Bangkok, Thailand. The hospital is operated by the Thai Red Cross Society and functions as the teaching/training medical center for Chulalongkorn University’s Faculty of Medicine as well as the Thai Red Cross College of Nursing. With 1,479 in-patient beds, it is one of the largest hospitals in Thailand. Bhumi Siri Mangalanusorn Building (BSMB) is the largest Centre for Medical Excellence in Thailand. The building has 34 floors and total area of 225,000m. Gallagher security solution benefits Can integrate with other systems, such as Symphony video management software, building automation, parking and fire alarm systems Has a user-friendly Graphical User Interface (GUI) Is highly reliable and scalable, to meet future security needs Can meet increasing compliance requirements Supported IT industry standards for integration, XML, SQL, OPC, BACnet, etc Gallagher and AES Group Ltd, the local Gallagher system integrator, worked closely with the designer to ensure that the proposed system met the tender requirements of securing the hospital and protecting staff, patients and assets. The system is fully integrated, scalable and expandable, digital-based, user-friendly and crucially, a combination of enhanced operational efficiency and cost saving. Gallagher Command Centre Through Command Centre, Gallagher’s site management solution, KCMH is able to integrate multiple systems Through Command Centre, Gallagher’s site management solution, KCMH is able to integrate multiple systems, including fire alarm, video management system, building automation and parking, and feed the information into Command Centre. KCMH Security Manager, Adul Karutbumrung, says having one central monitoring platform ensures operational staff quickly identify, locate and respond to any risks on site. “The Gallagher system provides us with a higher level of validated access control in critical areas”. Centralized operation platform Gallagher’s system streamlines operations for KCMH to lower total cost of operation through its centralized operation platform. The user-friendly GUI also delivers the best value to reduce training time. In addition to meeting KCMH’s requirements for security, privacy and compliance, Gallagher provides additional benefits and features not available in other systems. Its scalability ensures that future expansion requirements can be addressed in a cost effective manner.
Two years ago, LABS opened up its new co-working facilities in Camden Market and has a number of locations centered around this iconic area of London. LABS isn’t just popping up in random locations but creating a co-working ecosystem of interconnected buildings and communities. Many companies who hire space are high tech, therefore they expect the facilities they work in to include the latest technology. The challenge LABS faced when developing a co-working environment was to offer a safe and secure working environment that is easy to use by both the clients and staff and uses the latest technology features and provides flexibility and future proofing. Gallagher Command Center The Gallagher solution was specified for the project because of the central hub it provides The Gallagher solution was specified for the project because of the central hub it provides as well as its ability to integrate with a number of products, such as visitor management software (VMS) and CCTV. The Gallagher Channel Partner was able to offer a tailored security package that ensured LABS premises are safely monitored, guaranteeing smooth day-to-day operation. The buildings are managed by Community Managers, whose role is to understand all the companies and people who work within the LABS buildings. With this understanding the managers can bring the community together and help create beneficial relationships. Community Manager at Camden, Fran, is able to use Gallagher Command Center for a number of tasks such as monitoring who enters the building including visitors, checking which meeting rooms are reserved, what hospitality is required etc. Bluepoint Real-Time Access Management LABS also use Bluepoint Real-Time Access Management (RAM), which integrates with the Gallagher Visitor Management system to create and modify cardholders and groups. Commands sent from the integration provide muster functionality and enables Community Managers, like Fran, full visitor and staff journey awareness. In order to attract new clients, the building runs open events and also allows people to book a tour. Guests will receive a QR code on their mobile phone so they can enter the building. Fran will receive a notification to say her guest has arrived so she can meet them and show them round. People within the building can also use the same functionality for visitors. Mobile access control Leases can be short, medium or long term and range from the occupation of offices to desks Everyone who works within a LABS building has access to an app so they can book meeting rooms seamlessly, find talent, swap skills, and engage with the community. This is the customer facing tool which links to Command Center to ensure when someone books a room the relevant people are notified, and the system is updated. Leases can be short, medium or long term and range from the occupation of offices to desks. This means there are lots of leases starting and ending at different times making it difficult to keep track. By integrating with Command Center access can be instantly revoked should a lease lapse, saving Community Managers time by not having to manually deny access.
New Covent Garden Market is a London icon with a history dating back to medieval days. Now the largest wholesale market in the UK, it has been feeding and flowering London every day for over 40 years. Brand New Covent Garden Market is the next evolution of the market, transforming the site into a 46,500m2 better, modern trading space during a phased build between 2015-2021. As a place of significance in a highly sought-after central London location, with hundreds of food and flower traders, suppliers and customers operating in the early hours every day, Brand New Covent Garden Market required an access control system that offered more than just granting door access. Gallagher access control solution Having successfully used a Gallagher access control solution for over 20 years in New Covent Garden Market, the decision to stay with Gallagher to meet the unique requirements of the new development was simple. New Covent Garden Market has worked with a Gallagher certified channel partner for a number of years, so facilities manager Jo Breare said they trusted their advice when deciding which access control system to go with. “The Gallagher card reader system has always worked for us,” says Jo. “With the developments in Command Centre, including the ability to customize features such as reporting, and integrating with CCTV and Nedap Transit Readers, we knew we had a system that suited our requirements. There were also fewer problems as we moved to the new site because staff and card users already understood how the system worked, causing minimum disruption.” Integration between Gallagher’s access control solution and Nedap technology has provided great benefit to the market Integration with Nedap technology Integration between Gallagher’s access control solution and Nedap technology has provided great benefit to the market. Each trader pays an annual fee to trade and enter the market. They are then given a tag so when they drive into the car park the market knows who does and doesn’t have access. Parking without a permit is very costly at £200 for 24 hours, so permits are an important part of the traders’ membership. During renewal time at the end of October each year, Gallagher Command Centre makes it easy to produce a report detailing the permit holders, which is then used as the basis for a mail merge to email renewal notifications to all traders. “Permits are one of the biggest sources of vehicle site management information and control for the market,” said Jo. He adds, “The renewal period could be a busy and stressful time, but the reporting function in Command Centre makes it quick and simple for all involved.” Groups have been created to allow access to different parking areas. Flower traders and suppliers park in their designated car park, while food traders and suppliers only have access to their designated car park. Parking lot access control Several customizations have also been created to support the unique operating environment of the market. Zone counting of underground parking spaces hired to local companies mean if an allocation is full, anyone trying to badge in from that company will not be granted access. A report on vehicle sizes to map car park sizes was also created and although this was not implemented, the data can be captured if needed in future. Traders contact the New Covent Garden Market Authority to revoke access for former employees and check if they have accessed the car park since leaving. They can also check if anyone is parking out of hours. This information can be easily pulled from Gallagher Command Centre and put into a simple report, saving time and providing value for traders. FLIR CCTV system The CCTV footage will be shown in the Command Centre workspace, keeping all security and access control in one place. When planning Brand New Covent Garden Market, the commercially-savvy organization designed the New Covent Garden Market Authority’s office area to include office space available for rent. With a Gallagher access control solution in place, tenants will be able to easily enter their offices, manage users and grant parking access, with the peace of mind that their office is safe and secure. The next stage of the project is to connect Gallagher Command Centre with Flir CCTV, which is a well-established integration. The CCTV footage will be shown in the Command Centre workspace, keeping all security and access control in one easy to manage place. “The Gallagher system has provided us with everything we need and more,” says Jo. “It sees the most use during renewal times but on a day to day basis the system works happily in the background.”
Round table discussion
The definition of a standard is “an authoritative principle or rule that usually implies a model or pattern for guidance, by comparison with which the quantity, excellence, correctness, etc., of other things may be determined.” In technology markets, such as physical security, standards are agreed-upon language, specifications or processes that are used across the board by multiple stakeholders to enable easier interconnectivity and smoother operation of systems. We asked this week’s Expert Panel Roundtable: How are standards shaping change in the physical security market?
Cybersecurity has become the ultimate buzzword in the physical security market. And it also represents one of the industry’s most intractable challenges. Several years ago, the problem with cybersecurity was lack of awareness among physical security practitioners. It’s now safe to say that awareness has increased. Everyone today talks about cybersecurity, but has it helped the larger problem? We asked this week’s Expert Panel Roundtable: Is greater awareness helping to increase the cybersecurity of physical security systems?
Technology advancements often come with new terms and definitions. The language of our marketplace evolves to include new words that describe innovations in the industry. In the skilled hands of marketers, terms intended to be descriptive can also take a new element of ‘buzz,’ often presaging exciting developments that will drive the future. We asked this week’s Expert Panel Roundtable: What new buzzword have you heard, and what does it mean for the industry?