Security service
The Security Industry Association (SIA) has named Dr. Elizabeth (Elli) Voorhees as its new director of education and training. In this role, Voorhees – who previously served as director of certifications and compliance for the National Center for Spectator Sports Safety and Security (NCS4) – will drive all education and certification program activity for SIA and through SIA’s partners in support of the SIA membership and larger industry goals. Provide Learning Opportunities...
STANLEY Security, one of the security providers, launches a new Dealer Program aimed at independent installers looking to expand their businesses without the risks associated with rapid growth. The new STANLEY Security Dealer Program provides installers with the considerable competitive benefits that come from being associated with a major global brand, backed up by national security infrastructure and expertise, whilst maintaining their independence. The Program will enable partners to capture...
Agent Video Intelligence announces its seventh annual Channel Partner Awards, honouring members of its Channel Partner Program. This special accolade recognizes six partners for their exceptional partnership and efforts during 2018 in their respective regions. Exanet is the Agent Vi Outstanding Partner of the Year for 2018, recognized for their professionalism in winning deployments such as the Vicente López Safe City project, and other large-scale municipal projects in Argentina. Furthe...
It’s not surprising that people are nervous about the security of newer technologies, many of which are part of the Internet of Things (IoT). While they offer greater efficiency and connectivity, some people still hesitate. After all, there seems to be a constant stream of news stories about multinational corporations being breached or hackers taking control of smart home devices. Both of these scenarios can feel personal. No one likes the idea of their data falling into criminal hands. A...
The oil and gas market is driven by a number of technology trends, political issues, waves of supply and demand, and regulations. At times, it seems like the market is in a constant state of ebb and flow, with business affected by traditional drivers, such as government mandates and operational efficiencies, and other non-traditional markers, like challenging weather conditions (consider the 2017 hurricane season as an example). Additionally, the global economy continues to grow, propelling incr...
ADT Inc., a provider of monitored security and interactive home and business automation solutions in the United States and Canada, announces its intent to lead a new consumer privacy initiative with a coalition of organizations committed to driving the adoption of privacy standards and best practices across the home security industry. The initiative will focus on ensuring the security and home automation industry take a leadership role in protecting consumer privacy. Launched on Data Privacy Da...
News
ExtraHop, provider of enterprise cyber analytics from the inside out, announces new capabilities designed to help Security Operations Center (SOC) and Network Operations Center (NOC) teams identify and safeguard critical assets, rapidly detect late-stage and insider threats, and transform security analysts into threat experts with streamlined investigation workflows. Demand for business agility and uptime have accelerated the rapid modernization of IT, which is now highly dynamic and distributed - from the data center, to cloud infrastructure and SaaS, to remote sites and device edges. Advanced Detections These changes introduce complexity and expand the attack surface, contributing to high rates of false positives and obscuring true threats. Analysts constantly waste time, through no fault of their own, working to validate the constant flow of alerts to determine if investigation is warranted. Senior analysts get timely detail on users and devices to support rogue device detection, insider threat investigations, threat hunting, and forensics The Winter 2019 release of ExtraHop Reveal(x) improves SOC and NOC analyst productivity through contextual discovery of the enterprise attack surface, full-spectrum detection, and one-click guided investigation for incident response. Advanced detections incorporate device and user context to identify known and unknown threats using an array of machine learning, rule-based, and custom techniques. Detections incorporate suggested next steps and are made actionable through clear evidence, enabling front-line analysts to validate, close, or escalate prioritized events with confidence. Senior analysts get timely detail on users and devices to support rogue device detection, insider threat investigations, threat hunting, and forensics. Better Prioritize Monitoring Significant features of the Winter 2019 release include: User-to-Device Mapping: Easy correlation between users and devices allows analysts to investigate quickly, expediting validation without the need to cross-reference with other tools. OS Auto-discovery: Operating system (OS) auto-discovery confirms and compares the OS each device is using with known behaviours of those systems to identify spoofing. Enhanced Role Classification: Expanded role auto-classification uses behavior to automatically infer more device types (e.g., mobile device, DHCP server, domain controller or DNS server), and then maintains groupings to keep analysts focused on what matters most. Dynamic Device Grouping: Sophisticated device grouping permits users to define complex rules for extensive attributes and behavior to better prioritize monitoring, detection, and triage. Advanced Rules Engine: The advanced rules engine immediately detects known threats, policy violations, and risk-based detections. Guided Investigation Workflows: One-click guided investigations link each detection to the right next steps, as well as the most relevant device's transaction and behavior details, for instant validation of threats and faster MTTR. Expanded Integrations: ExtraHop now integrates with ServiceNow CMDB, QRadar SIEM, and Palo Alto Networks firewalls. Contextual workflow With ExtraHop, security and IT teams can detect threats up to 95 percent faster, reduce resolution time by nearly 60 percent “Forcing analysts to switch between tools or manually pull together disparate data for an investigation increases cognitive load, delay, and the chance of missing a critical piece of evidence,” said Jesse Rothstein, CTO and Co-Founder, ExtraHop. “Our focus in this release is to bring authoritative data about every device's communications, OS, users, and network behavior into a contextual workflow that guides analysts to the right answer immediately.” With ExtraHop, security and IT teams can detect threats up to 95 percent faster, reduce resolution time by nearly 60 percent, and decrease unplanned downtime by as much as 86 percent. The innovative ExtraHop approach has been recognized by numerous organizations including Credit Suisse, JMP Securities, and independent analyst firms including Enterprise Management Associates.
Open Options, the provider of innovative access control solutions, recently completes a technology partnership with Schindler, one of the providers of elevators, escalators, and moving walks, allowing users yet another option with their access and elevator control solution. New with DNA Fusion version 7.5.0.33, the Schindler third-party database interface gives users the ability to manage their elevator dispatch control through the user-friendly DNA Fusion platform. All access information is set up within the Schindler Port Technology system, and DNA Fusion allows the operator to set up special access levels that reference those Port Technology profiles. This allows cardholder, credential, and access information to be transferred in real-time to the Schindler Port Technology system. Increased Facility Security Ideal for multi-elevator installations, this solution groups passengers with similar destinations into the same elevators. This ultimately reduces wait and travel times when compared to a traditional approach, where all passengers enter the same lift and then request their destination. Additional benefits include a single interface for access and elevator events, increased facility security and efficiency, cost savings, and much more. "We're excited to offer a joint solution between our DNA Fusion access control software and multiple elevator management platforms, including our most recent integration with Schindler," said Open Options Vice President of Marketing & Communications, Brent Doherty. "Open Options is dedicated to providing open platform solutions, which is why we continually work with leading security providers and technologies to develop integrations that provide end users best-of-breed solutions to complement their access control system." Open Options also has technology partnerships with other elevator manufacturers thyssenkrupp, KONE, and Otis.
Johnson Controls has entered into an agreement with CBRE, World Resources Institute (WRI) and Lawrence Berkeley National Laboratory (Berkeley Lab) to test and deploy an open-source, web-based energy analysis tool to identify energy efficient retrofit opportunities in commercial buildings. The initiative is part of the Johnson Controls and CBRE Innovation Lab, which was established three years ago to evaluate, connect and leverage products, services and energy data to create value for occupiers and investors of real estate. Retrofit Opportunities The initiative also supports the Building Efficiency Accelerator, a public-private collaboration that accelerates local government implementation of building efficiency policies and programs where Johnson Controls serves the role of co-convener along with the World Resources Institute. Berkeley Lab is working with Johnson Controls to automate and improve the LEAN energy analysis tool Johnson Controls developed the LEAN energy analysis technology over the past eight years and has used the tool to analyze retrofit opportunities in over 700 buildings. Berkeley Lab is working with Johnson Controls to automate and improve the LEAN energy analysis tool and create an open-source version of the tool for public use. CBRE will be an initial deployment partner, using the tool to help their enterprise customers target cost-effective energy efficiency retrofit opportunities across their real estate portfolios. Drive Greater Investment WRI will use the open-source tool to help local governments around the world target the best opportunities for retrofitting public and private buildings within their jurisdictions. “This is a big step forward in providing commercial, institutional and government building owners and managers with open-source, easy-to-use tools to target building efficiency improvement opportunities,” said Clay Nesler, vice president, global sustainability and regulatory affairs, Johnson Controls. “We believe this initiative will help drive greater investment in energy efficiency by turning readily available, monthly building energy consumption data into specific, cost-effective recommendations for improvement.”
Global cybersecurity firm, GRA Quantum announces the launch of its Security Operations Center and Managed Security Services offering. Over the last 24 months, GRA Quantum has successfully partnered with clients in special requests to support managed security services functions. Offering these stand-alone services through an onsite Security Operations Center is new to the organization. 24/7 Cybersecurity Monitoring Earlier this year we built a state-of-the-art Security Operations Center" According to GRA Quantum’s President Tom Boyden, “Earlier this year we built a state-of-the-art Security Operations Center in response to growing requests from our clients to provide day-to-day 24/7 cybersecurity monitoring, alerting, and incident handling. Our clients want to strengthen their security stance while transferring the daily burden of security functions to a team of experts. And our tailored Managed Security Services offering is designed to do just that.” Jennifer Greulich joined the team to lead the Security Operations Center as the Director of Managed Security Services. She brings a passion for keeping high-risk organizations secure, with over 13 years of experience in IT and cybersecurity. Greulich shares, “I’m excited to be part of the GRA Quantum team. We’re offering a unique program with a technology-agnostic approach that will allow us to adopt the best-in-class-technology for our Security Operations Center and our clients, including Security Information and Event Management (SIEM) and Managed Detection Response and Remediation (MDR) capabilities.” In conjunction with the launch of the Managed Security Services Offering, GRA Quantum experts will be conducting complimentary security assessments for interested parties.
Ping Identity, the provider of Identity Defined Security, announced the public preview of PingOne for Customers. The cloud-based Identity as a Service (IDaaS) offering is built for the developer community and provides API-based identity services for customer-facing applications. It can help large enterprises launch apps faster, replace custom identity services that are difficult to maintain, and facilitate the transition from on-premises deployments to cloud-hosted services. By making it easy to securely authenticate end users, PingOne for Customers frees up developers’ time to focus on delivering business value faster. PingOne for Customers is designed to make it faster and easier to embed registration, login, profile management, multi-factor authentication (MFA) and other cloud-based identity services directly into customer-facing applications. The solution offers developer-friendly APIs, extensive documentation, and a dedicated community to help ensure ease of use as developer teams get up and running. PingOne for Customers includes broad support for identity standards such as OAuth, OpenID Connect, and SAML Support For Identity Standards Organizations are embarking on a broader range of cloud-first digital business initiatives yet struggle with the integration and support of new cloud and SaaS offerings with their existing identity infrastructures. PingOne for Customers addresses these needs and includes broad support for identity standards such as OAuth, OpenID Connect, and SAML. It also offers hybrid IT capabilities, delegated administration, and addresses other enterprise requirements at the onset to provide diverse implementation and deployment options. Integrations across the broader Ping Intelligent Identity Platform will help current enterprise customers maintain a seamless path to the Cloud. Integrating Identity And Access Management Services “The developer community wants to build applications and just leverage a service for securing login and registration, versus creating the capabilities themselves in their app,” said Steve Shoaff, chief product officer, Ping Identity. Speed time to market by leveraging the APIs in PingOne for Customers to embed identity services directly into an application “PingOne for Customers saves time and valuable resources by greatly simplifying how developers integrate identity and access management services into their application development process. By providing easy to integrate identity services, developers can focus on other high-value work and their enterprise customers can rest assured their applications are secure.” Capabilities And Benefits Of PingOne PingOne for Customers provides the following additional capabilities and benefits: Flexible application integration: Speed time to market by leveraging the APIs in PingOne for Customers to embed identity services directly into an application. Tenant-in-tenant architecture: Create multiple development, staging and production environments for apps to support DevOps, agile development and delegated administration. Secure and reliable CIAM platform in the cloud: With support for identity standards (OAuth, OpenID Connect, and SAML), a cloud-based MFA solution, a secure place to store users in the cloud, centralized policies and authentication flows, and much more. IDaaS to on-premises: Connect with existing on-premises infrastructure to provide access management, single sign-on, and data synchronization across hybrid IT environments. According to Forrester Research, "The IDaaS model provides a much faster deployment model by eliminating the need for security and risk pros to purchase and deploy." PingOne for Customers is now available for public preview. Stop by the Ping Identity booth #324 at the Gartner IAM Summit taking place in Las Vegas this week to learn more about the offering.
Security-Net, Inc., a global provider of security system services, is celebrating its 25th Anniversary this year, a testament to the strength of the organization that today brings together the best independent security systems integrators to collaborate on enterprise-level projects, technology acumen and business practices. Security Systems Integrators Group Since its founding in 1993, Security-Net has been recognized as the top group of security systems integrators within the industry Since its founding in 1993, Security-Net has been recognized as the top group of security systems integrators within the industry. Its members are regularly included in the SDM 100 Top Systems Integrators list, an annual listing of the top security systems integrators in North America, and the Security Systems News 20 Under 40, an annual award that recognizes the top up and coming security systems integrators. “The idea for Security-Net originated during a manufacturer’s award trip when several security systems integrators expressed a desire to discuss common problems and business best practices with industry peers,” said Bill Savage, President of Security Control Systems of Houston and one of the four original founders of Security-Net. “A year later we had an organization formed.” Security-Net Project Management Platform Over the past 25 years, Security-Net has evolved into an organization that now collaborates on national projects, helps its members stay up to date on the latest technology issues and trends, and provides sales and project management training to its members. The group has also launched its own project management platform. “We’re proud of how Security-Net has grown dynamically over the years,” said J. Matthew Ladd, a member of the Security-Net Board of Directors. “Within the past 10 years we’ve added numerous sub-committees, including Tech-Net, Ops-Net and Sales-Net, and provided member companies with access to programs to strengthen their sales and project management skills.” Global Security Services Today, Security-Net members regularly collaborate with other member companies on projects that expand beyond their geographic areas of business, providing customers with global security services through its network of security systems integrators. Security-Net’s membership based currently includes 21 members a combined 50 offices in North American, Brazil, the Dominican Republic, the United Kingdom and Europe.


Expert commentary
According to the reports of not-for-profit organization Gun Violence Archive, the year 2018 has seen 323 mass shooting incidents as of November 28 in the United States. This number is 346 for the year 2017 and 382 for 2016 (more statistics are available here), with “mass shooting” defined as cases where four or more people are shot or killed in the same time period and location. While definitions of mass shooting vary with organizations in the US, the count of over 300 incidents per year, or about once per day on average, is simply alarming. It raises public safety concerns, ignites debates and protests, which in turn lead to public unrest and potentially more violence, and increases costs for governments from the regional to federal level. Most importantly, the loss of lives demands not only improvement in post-incident handling and investigation, but also new prevention technologies. Gunshot Detection Solutions AI weapon detection offers a more efficient alternative to prevent active shooting There are several gunshot detection solutions in the security market, commonly used by law enforcement agencies to detect and locate gun fires. These systems function based on acoustic recordings and analyses and often in combination with signals detected by sensors of the optical flash and shockwave when a gun is fired. However, gunshot detection by nature dictates that the law enforcement can only react to a shooting incident that has occurred. With fast action, law enforcement can prevent the incident from escalating, but lives that are lost cannot be recovered. With the development of artificial intelligence in object recognition, AI weapon detection offers a more efficient alternative to prevent active shooting: AI can visually detect guns based on their shapes before they are fired. The AI is trained to recognize firearms in different shapes, sizes, colors, and at different angles in videos, so that the AI weapon detector can be deployed with existing cameras systems, analyze the video feeds, and instantly notify security staff when a gun is spotted. Comparison of the advantages for law enforcement and public security agencies Legacy gunshot detection using sensors AI weapon detection Reactive measure: detect after guns have been fired Proactive measure: detect before guns are fired Time to action: within 1 second Time to action: within 1 second Unable to provide visual data about shooter(s) Can provide data about shooter(s) based on the camera recording: clothing, luggage (backpack, handbag, etc.), facial features, vehicle Unable to track the location of the shooter(s) before and after shooting because of the lack of sound Can track the shooter(s) using AI Person & Vehicle Tracking, AI Face Recognition, and AI License Plate Recognition False detection caused by similar sound such as fireworks and cars backfiring Minimal to no false detection, as AI can distinguish different types of handguns and rifles from normal objects (umbrella, cellphone, etc.) Require physical deployment of gunshot detection sensors Can be used with existing camera systems, do not require special hardware Complicated to deploy, require highly trained professional Easy to deploy as an add-on to existing video surveillance system - Can integrate with gun-shot detection to create a “double knock” audio and video active shooter alert system Gun-Shot Detection Advantages In addition to advantages for law enforcement and public security agencies, this type of visual-based pre-incident detector has three-fold advantages for the public: Save lives by spotting the shooter before the shooting event. Minimize the chaos entailing an incident: panic and chaos caused by a shooting incident often adds to injury, as people run, fall, trample on others… With an AI weapon detector, when a gun is spotted, the system sends an alert to security staff, who can quickly control the situation in an organized manner and apprehend the intending shooter. Can be added as a SaaS (Security as a Service) component to small business and home surveillance systems, e.g., intrusion detection alerts (home invasion incidents with firearms number over 2500 per year nationwide). For a complete active shooter detection system, video-based AI detector can operate in conjunction with gunshot detectors for enhanced security. Traditional X-ray based weapon detection or metal detection entrance systems are complicated and expensive; with AI video technology, active shooter detection system can be cost-effective, and after all, what price tag can one put on a life? Written by Paul Sun and Mai Truong, IronYun
With the coming of a New Year, we know these things to be certain: death, taxes, and… security breaches. No doubt, some of you are making personal resolutions to improve your physical and financial health. But what about your organization’s web and mobile application security? Any set of New Year’s resolutions is incomplete without plans for protecting some of the most important customer touch points you have — web and mobile apps. Every year, data breaches grow in scope and impact. Security professionals have largely accepted the inevitability of a breach and are shifting their defense-in-depth strategy by including a goal to reduce their time-to-detect and time-to-respond to an attack. Despite these efforts, we haven’t seen the end of headline-grabbing data breaches like recent ones affecting brands such as Marriott, Air Canada, British Airways and Ticketmaster. App-Level Threats The apps that control or drive these new innovations have become today’s endpoint The truth of the matter is that the complexity of an organization’s IT environment is dynamic and growing. As new technologies and products go from production into the real world, there will invariably be some areas that are less protected than others. The apps that control or drive these new innovations have become today’s endpoint — they are the first customer touch point for many organizations. Bad actors have realized that apps contain a treasure trove of information, and because they are often left unprotected, offer attackers easier access to data directly from the app or via attacks directed at back office systems. That’s why it’s imperative that security organizations protect their apps and ensure they are capable of detecting and responding to app-level threats as quickly as they arise. It’s imperative that security organizations protect their apps and ensure they are capable of detecting and responding to app-level threats as quickly as they arise In-Progress Attack Detection Unfortunately, the capability to detect in-progress attacks at the app level is an area that IT and security teams have yet to address. This became painfully obvious in light of the recent Magecart attacks leveraged against British Airways and Ticketmaster, among others. Thanks to research by RiskIQ and Volexity, we know that the Magecart attacks target the web app client-side. During a Magecart attack, the transaction processes are otherwise undisturbed Attackers gained write access to app code, either by compromising or using stolen credentials, and then inserted a digital card skimmer into the web app. When customers visited the infected web sites and completed a payment form, the digital card skimmer was activated where it intercepted payment card data and transmitted it to the attacker(s). Data Exfiltration Detection During a Magecart attack, the transaction processes are otherwise undisturbed. The target companies receive payment, and customers receive the services or goods they purchased. As a result, no one is wise to a breach — until some 380,000 customers are impacted, as in the case of the attack against British Airways. The target companies’ web application firewalls and data loss prevention systems didn’t detect the data exfiltration because those controls don’t monitor or protect front-end code. Instead, they watch traffic going to and from servers. In the case of the Magecart attacks, the organization was compromised and data was stolen before it even got to the network or servers. Today’s proven obfuscation techniques can help prevent application reverse engineering, deter tampering, and protect personal identifiable information and API communications Best Practice Resolutions The Magecart attacks highlight the need to apply the same vigilance and best practices to web and mobile application source code that organizations apply to their networks—which brings us to this year’s New Year’s resolutions for protecting your app source code in 2019: Alert The key to success is quickly understanding when and how an app is being attacked First, organizations must obtain real-time visibility into their application threat landscape given they are operating in a zero-trust environment. Similar to how your organization monitors the network and the systems connected to it, you must be able to monitor your apps. This will allow you to see what users are doing with your code so that you can customize protection to counter attacks your app faces. Throughout the app’s lifecycle, you can respond to malicious behavior early, quarantine suspicious accounts, and make continuous code modifications to stay a step ahead of new attacks. Protect Next, informed by threat analytics, adapt your application source code protection. Deter attackers from analyzing or reverse engineering application code through obfuscation. Today’s proven obfuscation techniques can help prevent application reverse engineering, deter tampering, and protect personal identifiable information and API communications. If an attacker tries to understand app operation though the use of a debugger or in the unlikely event an attacker manages to get past obfuscation, threat analytics will alert you to the malicious activity while your app begins to self-repair attacked source code or disable portions of the affected web app. The key to success is quickly understanding when and how an app is being attacked and taking rapid action to limit the risk of data theft and exfiltration. Protecting encryption keys is often overlooked but should be considered a best practice as you forge into the new year with a renewed commitment to app security to ensure your organization’s health and well-being in 2019 Encrypt Finally, access to local digital content and data, as well as communications with back office systems, should be protected by encryption as a second line of defense, after implementing app protection to guard against piracy and theft. However, the single point of failure remains the instance at which the decryption key is used. Effective encryption requires a sophisticated implementation of White-Box Cryptography This point is easily identifiable through signature patterns and cryptographic routines. Once found, an attacker can easily navigate to where the keys are constructed in memory and exploit them. Effective encryption requires a sophisticated implementation of White-Box Cryptography. One that combines a mathematical algorithm with data and code obfuscation techniques transforming cryptographic keys and related operations into indecipherable text strings. Protecting encryption keys is often overlooked but should be considered a best practice as you forge into the new year with a renewed commitment to app security to ensure your organization’s health and well-being in 2019. Protecting Applications Against Data Breach According to the most recent Cost of a Data Breach Study by the Ponemon Institute, a single breach costs an average of $3.86 million, not to mention the disruption to productivity across the organization. In 2019, we can count on seeing more breaches and ever-escalating costs. It seems that setting—and fulfilling—New Year’s resolutions to protect your applications has the potential to impact more than just your risk of a data breach. It can protect your company’s financial and corporate health as well. So, what are you waiting for?
In the age of massive data breaches, phishing attacks and password hacks, user credentials are increasingly unsafe. So how can organizations secure accounts without making life more difficult for users? Marc Vanmaele, CEO of TrustBuilder, explains. User credentials give us a sense of security. Users select their password, it's personal and memorable to them, and it's likely that it includes special characters and numbers for added security. Sadly, this sense is most likely false. If it's anything like the 5.4 billion user IDs on haveibeenpwned.com, their login has already been compromised. If it's not listed, it could be soon. Recent estimates state that 8 million more credentials are compromised every day. Ensuring Safe Access Data breaches, ransomware and phishing campaigns are increasingly easy to pull off. Cyber criminals can easily find the tools they need on Google with little to no technical knowledge. Breached passwords are readily available to cyber criminals on the internet. Those that haven’t been breached can also be guessed, phished or cracked using one of the many “brute-force” tools available on the internet. It's becoming clear that login credentials are no longer enough to secure your users' accounts. Meanwhile, organizations have a responsibility and an ever-stricter legal obligation to protect their users’ sensitive data. This makes ensuring safe access to the services they need challenging, particularly when trying to provide a user experience that won’t cause frustration – or worse, lose your customers’ interest. After GDPR was implemented across the European Union, organizations could face a fine of up to €20 million, or 4% annual global turnover Importance Of Data Protection So how can businesses ensure their users can safely and simply access the services they need while keeping intruders out, and why is it so important to strike that balance? After GDPR was implemented across the European Union, organizations could face a fine of up to €20 million, or 4% annual global turnover – whichever is higher, should they seriously fail to comply with their data protection obligations. This alone was enough to prompt many organizations to get serious about their user’s security. Still, not every business followed suit. Cloud Security Risks Breaches were most commonly identified in organizations using cloud computing or where staff use personal devices According to a recent survey conducted at Infosecurity Europe, more than a quarter of organizations did not feel ready to comply with GDPR in August 2018 – three months after the compliance deadline. Meanwhile, according to the UK Government’s 2018 Cyber Security Breaches survey, 45% of businesses reported breaches or attacks in the last 12 months. According to the report, logins are less secure when accessing services in the cloud where they aren't protected by enterprise firewalls and security systems. Moreover, breaches were most commonly identified in organizations using cloud computing or where staff use personal devices (known as BYOD). According to the survey, 61% of UK organizations use cloud-based services. The figure is higher in banking and finance (74%), IT and communications (81%) and education (75%). Additionally, 45% of businesses have BYOD. This indicates a precarious situation. The majority of businesses hold personal data on users electronically and may be placing users at risk if their IT environments are not adequately protected. Hackers have developed a wide range of tools to crack passwords, and these are readily available within a couple of clicks on a search engine Hacking Methodology In a recent exposé on LifeHacker, Internet standards expert John Pozadzides revealed multiple methods hackers use to bypass even the most secure passwords. According to John’s revelations, 20% of passwords are simple enough to guess using easily accessible information. But that doesn’t leave the remaining 80% safe. Hackers have developed a wide range of tools to crack passwords, and these are readily available within a couple of clicks on a search engine. Brute force attacks are one of the easiest methods, but criminals also use increasingly sophisticated phishing campaigns to fool users into handing over their passwords. Users expect organizations to protect their passwords and keep intruders out of their accounts Once a threat actor has access to one password, they can easily gain access to multiple accounts. This is because, according to Mashable, 87% of users aged 18-30 and 81% of users aged 31+ reuse the same passwords across multiple accounts. It’s becoming clear that passwords are no longer enough to keep online accounts secure. Securing Data With Simplicity Users expect organizations to protect their passwords and keep intruders out of their accounts. As a result of a data breach, companies will of course suffer financial losses through fines and remediation costs. Beyond the immediate financial repercussions, however, the reputational damage can be seriously costly. A recent Gemalto study showed that 44% of consumers would leave their bank in the event of a security breach, and 38% would switch to a competitor offering a better service. Simplicity is equally important, however. For example, if it’s not delivered in ecommerce, one in three customers will abandon their purchase – as a recent report by Magnetic North revealed. If a login process is confusing, staff may be tempted to help themselves access the information they need by slipping out of secure habits. They may write their passwords down, share them with other members of staff, and may be more susceptible to social engineering attacks. So how do organizations strike the right balance? For many, Identity and Access Management solutions help to deliver secure access across the entire estate. It’s important though that these enable simplicity for the organization, as well as users. Organizations need an IAM solution that will adapt to both of these factors, providing them with the ability to apply tough access policies when and where they are needed and prioritising swift access where it’s safe to do so Flexible IAM While IAM is highly recommended, organizations should seek solutions that offer the flexibility to define their own balance between a seamless end-user journey and the need for a high level of identity assurance. organizations’ identity management requirements will change over time. So too will their IT environments. organizations need an IAM solution that will adapt to both of these factors, providing them with the ability to apply tough access policies when and where they are needed and prioritising swift access where it’s safe to do so. Importantly, the best solutions will be those that enable this flexibility without spending significant time and resource each time adaptations need to be made. Those that do will provide the best return on investment for organizations looking to keep intruders at bay, while enabling users to log in safely and simply.
Security beat
A rapid string of merger and acquisition (M&A) transactions as 2018 passed into 2019 suggests the physical security industry may be on the verge of a busy year of companies buying other companies. Observers have noted a large amount of investment capital currently available to be invested in security M&A, and plenty of entrepreneurial companies are looking to be acquired. Joe Grillo, CEO of ACRE, previously hinted at upcoming M&A activity for his company by the end of 2018, foreshadowing ACRE’s late-year announcement to acquire access control company Open Options, Addison, Texas.The VaaS cloud-based image capture platform includes fixed and mobile license plate reader cameras driven by machine learning Just days later, in the midst of the holiday season, Qognify announced its plan to acquire On-Net Surveillance Systems Inc. (OnSSI) and sister company SeeTec GmbH. Then came an even larger announcement: Motorola has acquired VaaS International Holdings Inc., a data and image analytics company for $445 million. The VaaS cloud-based image capture and analysis platform includes fixed and mobile license plate reader cameras driven by machine learning and artificial intelligence. Most recently, ADT announced yet another acquisition, Advanced Cabling Systems, a technology integration company in the South, thus continuing consolidation on the integration side of the business. There are likely to be further mergers and acquisitions in the video surveillance supply base in 2019 Continuation Of The Trend In the case of the Qognify and Motorola deals, Jon Cropley, Principal Analyst, Video Surveillance & Security Services, IHS Global Limited, sees them as the next chapter in an M&A trend going back several years. “I think this is a continuation of what we have been seeing in recent years of video surveillance software vendors being acquired,” he says.In the face of intense price competition, vendors have found it increasingly difficult to compete based on hardware features" “In the face of intense price competition, vendors have found it increasingly difficult to compete based on hardware features and are looking at software to offer unique competitive advantages.” In short, he sees it as a continuation of a trend that previously saw Canon acquiring Milestone Systems and Briefcam, Panasonic acquiring Video Insight and Tyco acquiring Exacq. “There are likely to be further mergers and acquisitions in the video surveillance supply base in 2019,” adds Cropley. “However, a spree of large-scale mergers and acquisitions is not expected.” Memoori, another market research firm, forecasts that the value of acquisitions could actually decline marginally in 2019 in value terms but increase in number. This observation is based on Memoori’s charting of physical security deals over the last 18 years. Jim McHale, Managing Director of Memoori, says there have been four cycles of increase and decline in activity, often exaggerated by billion dollar deals in one year such as the merger of Johnson Controls and Tyco of $165Bn in 2016. Access control when combined with identity management is punching well above its weight, and this trend has continued Access Control To Open Systems Only time will tell whether the new year pattern of M&A activity is a coincidence or a harbinger of a busy M&A year ahead“It may be too early to make judgements on the future based on the last four weeks, but there are some interesting points that can be made when compared with our 2018 analysis,” says McHale. “Access control when combined with identity management is punching well above its weight, and this trend has continued. "Acre has been a major contributor and has completed some 10 acquisitions. In general, the access control business has been slow to move to open systems, and hopefully we can expect this trend toward openness to continue as it will give additional growth to the business.” For more commentary from Memoori, see their report “Major Trends in the Global Access Control Market 2018”. Only time will tell whether the new year pattern of M&A activity is a coincidence or a harbinger of a busy M&A year ahead. While past trends may provide a glimpse of what’s coming, there are always new variables. It’s a sure bet the overall trend toward consolidation will continue but predicting the pace and timing of individual transactions is almost impossible. In any case, it will be interesting to watch how 2019 unfolds on the M&A front, among other factors in a changing industry.
GSX 2018 is both a new event for the security industry and the continuation of a 63-year tradition. Global Security Exchange (GSX) is the new branding for ASIS International’s annual seminar and exhibits, which have been held since 1955. In recent years, the ASIS event has joined forces with other organizations to expand its scope and to appeal to a broader audience. Partners include ISSA (Information Systems Security Association) and Infragard, a public-private partnership between U.S. businesses and the Federal Bureau of Investigation (FBI). The expansion is continuing this year with the addition of 30 supporting organizations representing industry verticals and reflecting ASIS’s intent to unite the full spectrum of security. Improving The State Of Cyber Security The Cyber Security Summit will co-locate with GSX, offering cyber security programming at a time when it is needed the most Held September 23-27 at the Las Vegas convention Center, GSX 2018 seeks to attract more than 20,000 operational and cyber security professionals and 550 exhibitors. Other elements will further expand the 2018 event’s scope. The Cyber Security Summit will co-locate with GSX, offering cyber security programming at a time when it is needed the most. Top government, industry and academic thought leaders will engage in a dialog to improve the state of cyber security. The 2018 Security Cares Program will address school violence prevention and response in a free education program. Topics will include pre-violence indicators, target hardening, and best practices to involve the entire community of school administrators, law enforcement, security professionals and mental health providers. Experts To Deliver Keynote Speeches Keynote speakers including CNN host Fareed Zakaria will bestow celebrity appeal. Air Force Major General Bradley D. Spacy will share details about the new AFWERX innovation and tech hub in Las Vegas and how the U.S. Air Force is collaborating with the private sector to bring new security product ideas to market. Spacy’s keynote on Sept. 26 will kick off Military and Law Enforcement Appreciation Day. Also, K.T. McFarland, former Trump Administration Deputy National Security Advisor, will share an insider’s perspective on critical foreign policy and defense industries. Attendees to ASIS International’s annual gathering typically list networking and education as big benefits of the event. Historically, the trade show aspect has existed separately from the educational program, and foot traffic to the exhibits has sometimes suffered from the competition. Beginning last year, and continuing in 2018, ASIS International has pursued innovative approaches to integrate the trade show more closely into the overall attendee experience. “The integration of programming and exhibits is truly seamless,” says one observer of the new approach. Held Sept. 23-27 at the Las Vegas convention Center, GSX 2018 seeks to attract more than 20,000 operational and cyber security professionals and 550 exhibitors X Learning Theatres GSX has sought to transform the exhibit hall into a ‘learning lab environment’ that features thousands of security products, technologies and service solutions (provided by the exhibitors), in addition to ‘immersive learning opportunities to connect the current and emerging threat landscape with solutions available in the marketplace’. There are several ‘X Learning Theatres’, including one (‘X-Stage’) focused on leading-edge technologies such as blockchain, cryptocurrencies, AI, drones, and robotics. There is also an ‘Xcelerated Exchange Stage’ to facilitate discussions among security practitioners and solution providers. The ‘Xperience Stage’ showcases case studies and best practices. Also attracting more attendees to the Exhibit Hall will be ‘Career HQ’, a free career fair and enhanced career center. ‘D3 Xperience’ (Drones, Droids Defense) will focus on unmanned systems with education and demos. The ‘Innovative Product Awards (IPAs) Showcase’ will highlight winners of an awards program. Focusing On Security Practices GSX is not as much about sales leads as about making connections and contributing to a larger conversation about how to protect people, facilities and assets ASIS International (now GSX 2018) is often compared to ISC West, the U.S. industry’s largest show held in Las Vegas in the spring. GSX 2018 this year may face even more scrutiny based on the changes, rebranding, and location (also in Las Vegas). However, GSX is a completely different show than ISC West, which focuses on the business of security. In contrast, GSX is much more about the practice of security than business. The international network of ASIS International members attend the yearly conference to make new connections, to learn and to benefit from the experiences of other security professionals around the world. The successful trade show exhibitors are the ones that approach the show with that understanding. GSX is not as much about sales leads as about making connections and contributing to a larger conversation about how to protect people, facilities and assets. ASIS International deserves credit for their efforts to integrate the trade show element into the larger goal of the event. Hopefully their new approach will enhance the overall experience for both attendees and exhibitors – and help to make the world a safer place as a consequence.
As Internet of Things (IoT) devices go, networked video cameras are particularly significant. Connected to the internet and using on-board processing, cameras are subject to infection by malware and can be targeted by Distributed Denial of Service (DDoS) attacks. Hacking of cameras also threatens privacy by allowing unauthorized access to video footage. The performance of hacked cameras can be degraded, and they may become unable to communicate properly when needed. Ensuring cybersecurity is a challenge, and the fragmented structure of the video surveillance market contributes to that challenge. A variety of companies are involved in manufacturing, integrating, installing and operating video systems, and cybersecurity threats can enter the picture at any stage. “It’s not always clear who is responsible,” says Yotam Gutman, vice president of marketing for SecuriThings, a cybersecurity company. “However, the only entities who can ensure cybersecurity are the security integrator and the service provider. They will bear the financial pain and are willing to pay for cybersecurity. An extra $1 or $2 per camera per month is not expensive.” SecuriThings’ “lightweight software agent” runs in the background of video cameras, sending information to an analytics system in the cloud IoT Device Security Management At the recent IFSEC trade show in London, SecuriThings unveiled its IoT Device Security Management (IDSM) approach to enable integrators to ensure cybersecurity. Founded in 2015, the company has around 20 employees in Tel Aviv, Israel, and operates a sales office in New York City. SecuriThings’ “lightweight software agent” runs in the background of video cameras, collecting metadata on camera processes and connections and sending information back to an analytics system in the cloud. Drag-and-drop deployment enables a camera to begin generating data within seconds and requiring only two mouse clicks. The cloud system analyzes data, pinpoints abnormalities, identifies new users, detects multiple entry attempts and tracks other camera processes to identify any cyberattacks. It monitors all devices, gateways, users and APIs to detect threats in real-time and mitigate the threats based on a pre-determined security policy. Machine learning tools also analyze more subtle activities that can indicate insider abuse. For example, a user support center can identify if cameras are being accessed improperly by employees, thus preventing insider abuse. Certified Vendor Agnostic Software SecuriThings is working with camera manufacturers and video management system (VMS) manufacturers to certify operation of its software agents with various camera models and systems. Working through integrators, such as Johnson Controls, is the fastest route to market, SecuriThings has determined. The system can be added after the fact to existing installations for immediate monitoring and remediation, or it can easily be incorporated into new systems as they are launched. “We have a strong sales team in the United States focusing on bringing the technology to more local and national integrators,” says Gutman. Certification ensures SecuriThings’ software agent can be installed in most modern camera models without negatively impacting operation; the software is vendor agnostic. Another eventual route to market is to work with camera manufacturers to install the SecuriThings software agent in cameras at the factory. In this scenario, the system can easily be “clicked on” when cameras are installed. The SecuriThings cloud system generates a dashboard that tracks system activities to identify any cybersecurity threats IoT Security Operations Center SecuriThings operation is transparent to the VMS, and the company works with VMS manufacturers to ensure the code operates seamlessly with their systems. Cloud analytics generate a dashboard that tracks system activities, and/or a managed service monitors the system and notifies customers if there is a problem. “We monitor it from our IoT Security Operations Center, a fully managed service that ensures the real-time detection and mitigation of IoT cyber-threats,” says Gutman. “We found that end-customers don’t have the manpower to monitor the system, so our experts can guide them.”Access control and cloud-based access control will be the next systems under cyberattack, and they are almost as vulnerable" A benefit for camera manufacturers is the ability of a system like SecuriThings to “level the playing field” on issues of cybersecurity, says Gutman. The approach provides a higher level of cybersecurity confidence for integrators and users, including those using cameras that have previously had cybersecurity problems such as “back door” access. SecuriThings has certified its software for use with Hikvision cameras and is in the process of certifying with Dahua, says Gutman. “Western manufacturers say their products are more secure, but we can help all camera manufacturers prove that they are just as secure,” says Gutman. “Integrators and users can log into a device and see all the activity.” Securing Connected Devices From Cyber Threats Beyond video, SecuriThings’ products target the full range of connected devices in the Internet of Things (IoT). The SecuriThings security solution enables real-time visibility and control of IoT devices deployed in massive numbers in smart cities, physical security, building automation, home entertainment and more. Video surveillance is an early focus because of market need, an opportunity to gain traction, and the critical nature of security applications. But the challenges are much broader than video surveillance. “We are seeing similar risks to other devices,” says Gutman. “Access control and cloud-based access control will be the next systems under cyberattack, and they are almost as vulnerable. If you can disable the access control system, you can cause a lot of problems.” Other connected devices that could be at risk include building automation and heating and cooling (HVAC) systems.
Case studies
On December 11 to 16, 2018, the 14th FINA World Swimming Championships was held at the Olympic and International Expo Center in Hangzhou, China. Nearly 1,000 world swimming stars from 178 countries and regions competed here, creating a new glory with breaking 9 world records and 22 event records. The Chinese team won three gold medals, five silver medals and five bronze medals with the total medal number ranking the third in the world. The World Swimming Championships is one of the world's highest-level international swimming events. It is also the highest-standard individual international sporting event ever held in Hangzhou. For an international sporting event of this scale, the safety and security of the venues are of paramount importance. Security Monitoring Equipment As an important guarantee force for the security of the World Swimming Championships, Dahua Technology ensured the event’s safety with the host spirit and a great sense of responsibility. Dahua Technology once again shouldered the mission of guarding international events after successfully guaranteeing the G20 Hangzhou Summit. Dahua Technology provided a complete set of professional intelligent security monitoring equipment and system solutions In the periphery and outside of the venue, important entrances and exits, various passages and commanding points in the venues and security commanding headquarters, Dahua Technology provided a complete set of professional intelligent security monitoring equipment and system solutions, assisted the security department to establish security command headquarters, refined the security deployment of the venues and realized the full coverage of security monitoring from the periphery to the stadium and from the bottom to the commanding heights, facilitating the safe and smooth host of the 2018 Hangzhou FINA World Swimming Championships. Intelligence Equipment At the venue of the 2018 Hangzhou FINA World Swimming Championships - the surrounding area and interior of the Hangzhou Olympic and International Expo Center, Dahua Technology has teamed up to deploy a number of professional intelligent HD PTZ cameras, fiber cameras, bullet cameras, domes, transmission and other intelligence equipment, covering all areas within the venue, which helped the security department to control all corners inside and outside the stadium in real time so that to ensure the safety of the venue and the event. Dahua Technology combined the requirements of ‘first-class venue facilities, first-class organization guarantee, first-class opening and closing ceremonies, and first-class city image’ in the Championships, focused on key links and built a set of intelligent security video management system with the support of advanced technology platform. Integrated Control System It integrated control system, storage and management, and enjoyed the advantages of simple deployment and operation, flexible combination, excellent performance, and a high level of security and stability. It turned the cameras inside and outside the stadium into ‘smart brains’ to guarantee the safety of every corner of the Championships, meeting the high-level security needs of the event. Dahua Technology set the command and dispatch of the security department as the core At the security command headquarters of the site, Dahua Technology set the command and dispatch of the security department as the core, with high-definition tiled LCD screens as the display carriers and brought more intuitive and flexible display and control to the security management of the venues before and after the event to ensure the real-time handling, efficient command and visual control of the entire venues, thus winning the praise of the security department leaders. Display Control Equipment On the evening of December 16, the 2018 FINA Annual Awards Ceremony was held at the Hangzhou International Expo Center. As a ceremony of the most authoritative awards, with the largest scale and the greatest number of world-class swimming athletes in the global water sports field, Dahua Technology assisted the security units to reuse a large number of equipment around the venue, including intelligent cameras, storage, management platforms and display control equipment, making sure the ceremony was successfully being held. As an essential force in the escort 2018 World Swimming Championships, Dahua Technology actively devoted to the security work. Stationed professional and technical personnel were responsible for on-site equipment support, achieving zero failure of the equipment, successfully completion of the tasks, and winning the praise of the security department leaders.
Allot Communications Ltd., a global provider of innovative network intelligence and security solutions for service providers and enterprises worldwide, announces that Safaricom will be implementing a convergent network solution for its fixed and mobile customers. The tailored Allot solution features network analytics, advanced charging capabilities as well as Network Security and protection against DDoS. “We have a long and valued relationship with Allot,” said Thibaud Rerolle, Safaricom’s Chief Technology Officer. “With the visibility, control and security solutions provided by Allot, we will deliver added value with heightened quality of experience and protection to our customers from the rising cybersecurity threats, including DDoS attacks, phishing and Cryptojacking.” Protect Service Availability Proactively optimize network resources and customer service plans to maximize revenues By activating Allot’s network intelligence and security technologies, Safaricom is now better able to: Protect service availability and quality by blocking inbound and outbound DDoS attacks, Enhance quality of experience (QoE) through improved streaming quality, Proactively optimize network resources and customer service plans to maximize revenues, Turn detailed network, application and user data into actionable insights to drive customer satisfaction, and Save on CAPEX costs. “Safaricom joins several of the world’s largest global Tier 1 operators with its deployment of Allot,” comments Ran Fridman, EVP Global Sales at Allot. “I am confident the combined DDoS Secure and NetworkSecure convergent solution will bring value to Safaricom and its customers through a better, safer user experience as well as protection against a variety of online threats.”
Genetec Inc., a technology provider of unified security, public safety, operations, and business intelligence solutions announces that the South Grand Community Improvement District (CID) in St. Louis, Missouri is using the Genetec Stratocast cloud-based video monitoring system to deter license plate theft in its parking lot and provide video access to the local police department to help reinforce security. License Plate Theft One of the services offered by the South Grand CID is free parking. At any time of the day, drivers can park in a central parking lot to visit businesses or residents. While this lot has always been convenient and safe, license plate theft was troubling nearby areas. Video recordings are sent over a wireless network which connects to the South Grand CID main office To deter license plate theft in their own community, the South Grand CID board decided to add video surveillance to the lot. Currently, three cameras monitor the entire 90-space parking lot. Video recordings are sent over a wireless network which connects to the South Grand CID main office, just a few blocks away from the lot. With this cloud-based video monitoring system, Rachel Witt, Executive Director at South Grand CID, can quickly and easily view video from anywhere, at any time. Cloud Video System “Using the cloud video system, I am able to find and view the video in seconds. I can narrow down my search based on dates and time and watch the event unfold with all camera feeds up on the monitor. It’s really that simple,” commented Witt. Only two weeks after installing the Stratocast video monitoring system, a visitor reported that their license plates had been stolen. “The visitor provided a description of the car, and a timeframe in which the incident likely happened. Using the Stratocast system, I was able to find and view the video in seconds. I could clearly see the suspect enter the lot, remove the plates and leave in his own car. Since the police are very busy here, I was able to bookmark the video recording and then notify them that the video was ready,” said Witt. View Video Recordings Stratocast has made it easy for the South Grand CID to give video access to local police so that when a crime is reported in the district, officers can immediately begin to conduct investigations without leaving their desks. While the South Grand CID manages and owns the Stratocast solution, officers can log into the system and view video recordings when required While the South Grand CID manages and owns the Stratocast solution, officers can log into the system and view video recordings when required. This is enabled by the Genetec Federation feature, which gives an organization access to manage multiple independent Genetec systems as one. A memorandum of understanding was signed so each parties’ responsibilities are clear. Better Sense Of Safety “Instead of driving over and picking up a DVD, officers can directly access video from our cameras to see what happened. Not only does it help speed up investigations, it saves officers’ valuable time,” continued Witt. The installation of Stratocast is not only helping to reduce license plate theft but it is also helping residents and visitors feel safer than ever. “Business owners, residents, and visitors have a better sense of safety when they know cameras are up. But they also need to know that we’re equipped to respond quickly to any disturbance. And that’s what Stratocast helps us achieve. With the addition of Stratocast, we’re able to show everyone that we have strengthened the security in our community,” concluded Witt.
An integrated security system that includes new IP cameras and two-way audio technology has seen the rate of injuries as a result of attacks on Post Office staff decline by 36% in just three years. This follows the deployment of a sophisticated monitoring and intelligent threat detection platform from Morphean, a Video Surveillance-as-a-Service (VSaaS) innovator, which has not only helped to keep staff safe but has also protected ATMs from attack, helping to keep Post Office doors open. Post Office is responsible for the safety and well-being of 14,500 workers in 11,600 branches. The very nature of their combined service offering and the fact they are often located in rural areas, means branches are prime targets for thieves. Threat Intelligence Opportunistic attacks on staff and equipment, and the use of expanding gas to break open ATM machines is not uncommon Opportunistic attacks on staff and equipment, and the use of expanding gas to break open ATM machines is not uncommon. In rural communities, attacks on equipment can leave branches out of operation for long periods. In the last year alone, there were 13,437 violent attacks on convenience store workers, 27% of which involved a weapon and 39% led to injury, according to The Association of Convenience Stores (ACS) annual Crime Report. The Post Office security team wanted to build on its existing threat intelligence and response system, Grapevine, with a network of IP cameras and two-way audio into branches. Axis Communications cameras, microphones and speakers, connected to the Morphean Platform and hosted in the cloud, were installed in pilot branches by Kings Secure Technologies. Security Automation Now that trial implementations have been completed successfully, the security team plans to expand coverage rapidly. In addition to the cameras, the networked speakers enable control centre staff to speak directly to customers and suspected criminals, alerting them to the fact they are under surveillance. The solution is also optimised to use low bandwidth dataFurther integrations are under way to bring security automation to other branches, such as providing the ability for remote agents to lock on-site safes in the event of an attack. Because of the challenges around connectivity in the areas where the most vulnerable branches are situated, the solution is also optimized to use low bandwidth data and is capable of streaming video over a 3G mobile network. Built-In Intelligence The built-in intelligence of the Morphean Platform means staff are able to monitor footage for suspicious behavior, such as individuals loitering near an ATM, and issue an alert to security teams who can then decide on the appropriate course of action. If it’s someone trying to find their wallet, no action is taken; if a crime is in progress, police will be notified along with video footage. In addition, staff are able to trigger an alert manually using an under-the-counter activation button, which can be investigated immediately by control center staff at the alarm receiving centre (ARC). “The safety of our staff is our number one priority,” says Physical Security Manager for Post Office, Mark Dinsdale. Make Significant Differences Footage goes straight to the Morphean cloud, and the platform compresses video and is fully encrypted end-to-end"“We’ll never completely eliminate crime in our branches, but we are also not powerless against it and we are able to make significant differences to the safety of our people, as demonstrated by the new technology we are deploying.” “Post Officers, particularly those in remote areas without access to a nearby police station, value the easy access to help and now report feeling much safer at work,” he concludes. Paul Ottley, Account Director at Kings Secure Technologies, says there are more subtle benefits to the Morphean Platform. “Footage goes straight to the Morphean cloud, and the platform compresses video and is fully encrypted end-to-end. This means that even if criminals attempt to destroy cameras or on-site storage appliances, recordings of any incidents are secured in a manner that is admissible as evidence. This eliminates the challenge of sending out an engineer to collect footage. It’s a simple solution that is flexible and fully compliant with regulations such as the GDPR.”
When a leading English university sought electronic locks for its newest student accommodation block, it turned to Aperio to extend its installed Gallagher Command Centre access control system. The University of East Anglia (UEA) has relied on Gallagher access control for a decade. To extend their Gallagher Command Centre system to Crome Court—a student residence with 231 en suite rooms separated into flats for between 8 and 13 postgraduates—they needed the right wireless solution. Wireless Locking Technology Aperio wireless locks are battery powered, and so use much less energyUEA’s needs included more than just security, stylish component design and affordability. Crome Court was specifically designed to minimise environmental impact, including CO2 emissions. Any access control system was expected to contribute to that goal. The university chose Aperio wireless locking technology from ASSA ABLOY. Aperio wireless locks are battery powered, and so use much less energy than wired magnetic security locks. They only “wake up” when a credential is presented to the reader. On Campus Training “We decided to offer Aperio to upgrade and extend our system at UEA because of its outstanding reputation within the security industry,” explains Jason Boyce, sales manager at Gallagher. “Having worked with us for 6 years, Gallagher knew we would deliver,” adds David Hodgkiss, national sales manager at ASSA ABLOY UK. Installation was quick and easy, aided by training delivered on campus by specialist ASSA ABLOY technicians. “We found ASSA ABLOY’s service faultless,” says Wayne Dyble, installation and support manager at Check Your Security, UEA’s service provider. Environmentally Advanced Profile There’s no need for expensive and time-consuming work changing the locks Crome Court’s secure doors are fitted with Aperio E100 online escutcheons. Students open them with programmable RFID smart cards, instead of cumbersome mechanical keys. If a keycard is lost, it is straightforward for UEA facilities staff to cancel it and issue a replacement—using a simple web-based interface or mobile phone. There’s no need for expensive and time-consuming work changing the locks. UEA also aimed to build Crome Court with an environmentally advanced profile. Here, too, Aperio delivered. Wireless locks are battery-operated and emit much less CO2 than wired magnetic locks. In fact, in carbon terms, Aperio locks emit 0.16 percent of the total emissions produced by standard wired locks. Flexibility is another Aperio asset: additional doors can be brought into the same integrated Gallagher system whenever needed. “We hope to roll out Aperio across all new and existing residential estate,” says Christine Beveridge, head of campus services at UEA.
A county water resources department (DWR), which services the water and sewage needs of almost a million residents in the county and neighbouring communities, was looking to install several hundreds of surveillance cameras at the large water treatment plant, as well as several remote locations/plants under their management. Although they already had an existing solution, it involved complex integration of multiple hardware and software solutions for storage and networking in conjunction with OnSSI VMS and multiple cameras, the DWR was looking for a cost-effective replacement solution that would simplify the management of the existing system, and since the number of cameras at each treatment plant is expected to grow exponentially, the scalability of the new solution was also a very important consideration. VSkyCube Hyperconverged Infrastructure Solution Initial deployment of VSkyCube consists of a 3 x s200 cluster, supporting 40 IP cameras and 40TB of storagePromise, in conjunction with their partner ComTech, who took responsibility for management, setup and maintenance of the solution, offered the DWR their VSkyCube Hyperconverged Infrastructure Solution as a replacement and enhancement for their existing security storage infrastructure. Initial deployment of VSkyCube consists of a 3 x s200 cluster, supporting 40 IP cameras and 40TB of storage. The DWR’s high-end surveillance solution provides: Pre-integrated nodes that can be rapidly deployed and scaled for future deployments. VSkyCube software-defined approach allows ComTech to deploy and launch surveillance services with just a few clicks. A cost-effective, fully redundant platform for running their existing OnSSI video management, as well as secure storage for sensitive security video. Simple, powerful, centralized management with VSkyView allows the DWR personnel to manage, monitor, scale and adjust compute, storage and networking resources from a single pane-of-glass interface. Ability to scale and evolve to handle higher resolutions and additional cameras by simply adding additional VSky nodes for more storage or processing power. A crucial element, given the department’s expansion goals of more than 700 cameras in the near future. Vess A3340 With 16-port PoE Solutions Easily scalable and flexible solution provides the capability to expand to add additional cameras, upgrade cameras to higher resolutionsVSkyCube pre-integrates computing, storage, and networking into hyperconverged nodes, specifically optimized for video surveillance workloads and brings the benefits of the hyper-scale datacentre to the county. All these advantages allowed the DWR to focus on the security, not the infrastructure. The partnership with ComTech also resulted in installation of Vess A3340 with integrated 16-port PoE solutions, perfect for ‘all-in-one’ surveillance needs at smaller-scale sites, providing an affordable solution while still being capable of expanding as the number of cameras grows. Other departments within the county had different surveillance requirements that were met by the Vess A6120. Results And Benefits Of The Solution Cost-efficient solution eliminated the need for expensive discrete storage and networking. Replacement with hyperconverged node means Promise can provide high-quality support across the full scope of installations. Easily scalable and flexible solution provides the capability to expand to add additional cameras, upgrade cameras to higher resolutions, or increase retention times. The solution is anticipated to scale to 700+ cameras in the near future. High resilience and high availability features increased security of county surveillance operations, ensuring important video footage is captured and retained. Simple management and monitoring solution reduces overhead while enhancing operations and increasing flexibility. Solution can be readily applied by ComTech to future surveillance installations.


Products

