Security service

Morse Watchmans announces that its KeyWatcher Touch Key Management System has once again received LenelS2 factory certification and interfaces with the LenelS2 OnGuard version 7.5 access control security system. “Morse Watchmans has completed required factory testing at LenelS2 to validate the functionality of its interface to the OnGuard system,” said John Marchioli, OAAP product management, LenelS2. “We look forward to their continued involvement in the LenelS2 OpenAccess Alliance Program.” Unique and powerful solution “The collaboration between Morse Watchmans and LenelS2 will provide a unique and powerful solution with comprehensive capabilities within a single framework,” said Joe Granitto, COO, Morse Watchmans. “Using this interface, customers can now sync cardholders with the KeyWatcher Touch Key Management System, allowing them to remove and return assets using OnGuard access levels.” The new interface also allows administration to associate OnGuard access levels with different Key Groups, providing increased key control from within the OnGuard platform. The system’s modular design offers full scalability to enable systems to meet current and future needs.

Digital Defense, Inc. announces Frontline Network Map, an innovative feature offering IT security and operations professionals enhanced visibility of vulnerabilities and threats found on small, medium, and large networks. Frontline Network Map is accessible within Frontline.Cloud, the company’s SaaS security assessment platform and is being demonstrated at Black Hat 2019 conference currently underway in Las Vegas, Nevada. Risk network segments Through the Network Map capability, Fronline.Cloud users are able to view the relationships and interconnectivity of assets through a variety of clustering algorithms to pinpoint at risk network segments and areas of key vulnerability and active threat.   “Our Network Map feature is a powerful tool for information security blue team members to quickly visualize the security of the networks and connected assets for which they defend from cybercriminal attacks,” states Mike Cotton, SVP, Engineering. “Frontline.Cloud users receive an accurate graphic depiction of their risk that enables rapid response to those assets or network clusters that present the greatest exposure.” Learn more about Frontline Network Map by visiting the Digital Defense booth #2411 at Black Hat and request for a demonstration.

Keysight, the test and measurement vendor introduces its new Automotive Cybersecurity Program that delivers a broad cybersecurity portfolio, including hardware, software and services, to address the growing concern of cyber-attacks on connected vehicles. The cyber world is increasingly impacting the safe operation of automobiles, opening the risks of exposure, including malicious hacker activities. The new reality is that cyber-attacks against automobiles could result in the loss of human life. The most recent report from Consumer Watchdog has exposed the reality about the cybersecurity risk in connected vehicles. Deliver extensive security ISG’s visibility solutions deliver an enhanced infrastructure that improves the efficiency of security tool Keysight Technologies understands these risks and offers solutions to test and measure connected vehicle technologies, including the newly announced Automotive Cybersecurity Program that validates the resiliency of connected components of a vehicle, individually or as an entirely functioning automobile prior and post deployment. In addition, security solutions developed by Ixia Solutions Group (ISG), enables Keysight to deliver extensive security validations of the 4G/5G radio access network (RAN) infrastructure that connects vehicles, and the backend data centers that manage business operations. ISG’s visibility solutions deliver an enhanced infrastructure that improves the efficiency of security tool sets in production networks. Keysight provides test and measurement of cybersecurity effectiveness from the ECU level up to the cloud data center. Pre-Deployment testing “Early assessment, prior to production, is essential to enabling our automotive customers to deliver safe and supportable vehicles,” stated Mark Pierpoint, president of Ixia Solutions Group, a Keysight business.  “Potential issues identified post production, with the risk of recalls, cost orders of magnitude more to repair than when found during pre-deployment testing, notwithstanding the possible loss of human life." Cars today support multiple communication methods, like Bluetooth and USB" "Continued detection and mitigation of cybersecurity threats once vehicles are on the road are equally critical to keep consumers safe. Cybersecurity testing is an essential defense to ensure the design and implementation of a bullet-proof security posture in connected vehicles. Cars today support multiple communication methods, like Bluetooth and USB while a growing number of cars use mobile communication for a variety of services available in the car,” said Tom Goetzl, Automotive & Energy Solutions business general manager for Keysight. Available communication ports “Keysight’s Automotive Cyber security program can test for vulnerabilities on all available communication ports and provides direction to our customers on how to close such vulnerabilities.” Keysight offers a broad portfolio of solutions to help prevent vehicles from being cyber-hijacked, including: Automotive Cybersecurity Program – to validate and exploit the potential attack surfaces existing in connected vehicles Automotive Gateway Security Test – to validate the zoning and security posture of in-vehicle networks Network Security Test – to validate and stress a network infrastructure and backend data centers Application & Threat Intelligence (ATI) Research Center – to ensure testing that includes the latest application and security strike simulation Visibility for Network Security – to improve the performance of a security architecture with 100% visibility of all traffic on an automotive network

Johnson Controls announces Tyco Cloud, a new cloud-based security suite developed to help customers move costly and complex security infrastructure for access control and video surveillance to the cloud. With Tyco Cloud, organizations can reduce costs, improve enterprise security management and scale security operations on demand, providing unlimited possibilities to deliver security services over the internet. Accelerating digital transformation Tyco Cloud empowers this digital transformation with on-demand security management" Tyco Cloud allows users to protect lives, assets and facilities through management of access control, video surveillance and other security operations using secure cloud services and connected devices such as cloud cameras and controllers. Cloud solutions from Tyco run on an open and modern microservices architecture to ensure fast, scalable and secure services. “Our customers worldwide are embracing and accelerating digital transformation to make their businesses more intelligent, agile and cost effective,” said Martin Renkis, general manager of Cloud Solutions, Global Security Products at Johnson Controls. “Tyco Cloud empowers this digital transformation with on-demand security management that enables organizations to securely and cost-effectively customize their video surveillance and access control solutions based on site-specific and enterprise-wide requirements.” Multiple recording parameters For video surveillance, organizations can enable Tyco Cloud with any Illustra Cloud Camera or leverage existing camera systems using Tyco Cloud Gateways, which will automatically locate existing cameras from dozens of different manufacturers on a network and enable secure cloud management of those cameras. Tyco Cloud enables video storage in camera, in gateway, in low latency cloud, in high latency cloud or a hybrid combination to support unlimited flexibility and cost effectiveness. The intuitive interface allows users to customize multiple recording parameters, such as which cameras to record and for how long, video resolution, as well as create unique upload schedules to minimize bandwidth consumption. The service also offers Cold Cloud video storage for cost effective, high latency online archiving. The new Hyper View feature enables users to search through 24 hours of recorded video from up to 100 cameras within 60 seconds. Smartphone based mobile credentials Tyco Cloud ioSmart was cloud first designed to deliver convenience, cost savings and advanced security Tyco Cloud surveillance also supports powerful analytics such as heat mapping, object detection and crowd formation to name a few. For access control, the new ioSmart solutions from Tyco Cloud empower smartphone based mobile credentials and smart key managed access control for companies to securely allow personnel to conveniently access facilities using their smartphones without the security risk of lost, stolen, or cloning of legacy card technologies. Tyco Cloud ioSmart was cloud first designed to deliver convenience, cost savings and advanced security for access control. The Tyco Cloud Enterprise Manager portal provides users with a comprehensive view of their entire security solution through a single interface. Proper password management It provides real-time status and management of every connected device on a clickable global map. This simple dashboard also enables tracking and management of users, bandwidth utilization, cloud storage and device firmware. Additionally, Tyco Cloud secures all data from any device to the cloud and to the end user. Every connected device as well as the cloud platform are supported by the Johnson Controls Cyber Solutions Product Security Program, which delivers enhanced safeguards against cyber attacks, including additional controls for proper password management and end to end encrypted communications.

SnapAV, a provider of A/V, surveillance, networking and remote management products for professionals, and Control4 Corporation, a provider of smart home solutions, announce the successful completion of their merger. Unified into a single organization, Control4® becomes a professional smart home brand in the company portfolio, SnapAV continues to bring technology professionals a trusted, end-to-end partner that invests relentlessly in growing the industry and helping their businesses succeed. Delivering fantastic experiences Our team shares a passion to deliver fantastic experiences to homeowners and businesses" "The smart home industry is poised for massive growth, and much of that growth will be driven and satisfied by professionals. Our team shares a passion to deliver fantastic experiences to homeowners and businesses,” said John Heyman, chief executive officer of SnapAV. "Through this combination of industry leaders, we have organized ourselves around delivering a unified and integrated company that gives dealers one place to go for the best and broadest selection of products, greatest technical support, most rewarding sales programs, robust training resources, and more.” The combination of these two companies brings together a robust product catalog of in-house brands and third-party products, backed by highly-experienced product engineering teams, award-winning customer service, education and training programs, and in-field technical support. Together they have the resources and logistics infrastructure to be a one-stop shop that drives value added services for technology professionals across the industries they serve. Great living experiences The SnapAV product development team led by Charlie Kindel as chief product & technology officer envisions a roadmap that blends deep innovation with simplicity, interoperability, and quality. “We know this to be true: the number of connected devices in the home will continue to increase. Homeowners want help removing complexity so they can enjoy life at home more and manage technology less,” says Charlie. “We’re focused on the vision of making end-customers rave about our fantastic products and the great living experiences our dealers create with those products. Through this merger, we will fulfill the true promise of the smart home.” Together the combined company offers a broad product portfolio. Adding the award-winning Control4 Smart Home OS, an operating system specifically designed for the modern, pro-installed smart home, gives SnapAV one of the most connected product portfolios with interoperability across nearly 14,000 devices from hundreds of manufacturers. International expansion The merger feels like a game-changer for my company, and for the industry" Control4 will continue to be available only through Control4 Authorized Dealers, and the high standards required for dealer certification will not change. All brands in the combined product portfolio – including Pakedge® and Araknis®, OvrC® and BakPak®, Triad® and Episode® – continue to be supported today, and dealers can use the solution that best fits their business needs. Bryan Naquin, owner of Acadian Home Theater and Automation in Baton Rouge, Louisiana is enthusiastic about the merger. “The merger feels like a game-changer for my company, and for the industry. As one company, it means more help with all my installation needs which would simplify my business, and make it much easier to support my customers,” Naquin said. “I’m looking forward to seeing how the combined company will evolve.” Dealers can expect to see continued investment in both local and international expansion. Broad industry growth Ordering products will remain the same for now, but over time, the combined portfolios will be made available through easy and convenient online ordering, shipping, and local pickup. SnapAV intends to invest further into the international markets Control4 has established including the UK, Ireland, China, Germany, Australia, New Zealand, and Switzerland. SnapAV is committed to investing relentlessly in the success of its dealers" “Today is day one of this journey, and we are just getting started. SnapAV is committed to investing relentlessly in the success of its dealers and fueling broad industry growth to better serve our shared customers. We believe in the importance of professionally installed systems, and we are laying the groundwork to ensure those businesses succeed long into the future,” concluded Heyman. Additional executives With a combined 1,200 employees, SnapAV CEO John Heyman will lead the merged teams as chief executive officer, while former Control4 CEO Martin Plaehn joins the board of directors of SnapAV’s parent company. Jeff Hindman joins the executive team as chief revenue officer, while former Amazon Alexa executive and Control4 SVP of products & services Charlie Kindel is named chief product & technology officer. Mike Carlet will serve as the chief financial officer. Additional executives of the combined company include Jeff Dungan, G Paul Hess, JD Ellis, Barrett Schiwitz, Bryce Judd, Carmen Thiede, Graham Jaenicke, and Wally Whinna. The company will have headquarters in Charlotte, North Carolina, and Salt Lake City, Utah, with offices and local facilities around the world.

Security-Net, Inc., a network of security system integrators, is welcoming two new members, providing the organization with important geographic reach in the New York, New Jersey and Illinois areas. These two new additions increase Security-Net’s membership to twenty. New members include FE Moran Security Solutions, headquartered in Champaign, Illinois and Care Security Systems, based out of New York City. Their addition to Security-Net will bring extensive expertise in a diverse array of markets including government, education, residential and commercial. Service-Oriented relationships We are very service centric and we look to identify that in each new member" Dominic Burns, chief executive officer of A.C. Technical Systems and Security-Net member, said both companies participated in a rigorous review process before being accepted as members. Part of the Security-Net membership process is ensuring potential members are focused on developing and maintaining strong service-oriented relationships with their customers. “We are very service centric and we look to identify that in each new member,” Burns said. “A customer is not just a number.” The addition of FE Moran Security Solutions as a new member of Security-Net follows its April 2019 acquisition of MidCo, which has been a long-time active member of the organization. Providing alarm monitoring Adam Kimball, senior vice president, operations for FE Moran Security Solutions, said it was very important to FE Moran and MidCo that they continue the relationship with Security-Net. “We’re very excited to have a group of peers that trust each other to be able to speak about best practices, industry changes and challenges,” Kimball said. FE Moran is based in the Midwest, with locations serving Illinois, Indiana, Michigan, Kansas and National Clients coast to coast, Canada and Puerto Rico. Since its founding in 2003, they have grown to one of the largest security companies in their region, providing alarm monitoring and life safety and security services to its clients. The company is recognized by SDM Magazine as one of the top 50 security companies in the nation. It’s 250 employees serve about 30,000 clients, which includes a mix of both residential and commercial customers. Integrated security systems FE Moran specializes in providing customers with innovative life safety and security solutions, high quality equipment, as well as installation and monitoring. They are dedicated to a great customer experience and its UL-Listed Central Station is one of the few to receive the Five Diamond Certification. CSS has served some of the largest state, federal and corporate organizations Care Security Systems (CSS) is a certified woman-owned company with offices located in New York City and Montebello, N.Y. In the past 30 years, CSS has served some of the largest state, federal and corporate organizations in the United States on a national level, delivering integrated security systems with a commitment to building strong relationships with customers and within communities. City-Wide surveillance With a wide range of expertise, CSS specializes in a variety of industries, from city-wide surveillance, government and utilities to transportation, manufacturing, education and retail. Core services include video surveillance, security training, access control systems and visitor management. Abe Schwab, vice president of CSS, said the team is looking forward to working with Security-Net. “We are excited to be part of a group of specialists and to collaborate with others on best practices and to provide the highest level of security in the industry,” Schwab said. With these new additions, Security-Net expands its geographic footprint to serve customers in the New York and New Jersey markets, as well as Kansas, Illinois, Michigan and Indiana.

We live in an information and data-led world, and cybersecurity must remain top-of-mind for any organization looking to both protect business operation critical assets. Businesses without proper cyber measures allow themselves to be at risk from a huge list of threats - from cybercriminals conducting targeted spear-phishing campaigns - like the 2018 Moscow World Cup vacation rental scam, to nation-state actors looking to collect intelligence for decision makers - no organization is safe from innovative cyber threats. Security solutions enterprises Organizations can then set the groundwork necessary to stop malicious activity and keep their business’ data safe The evolving threat space means organizations need to ensure they have the most innovative prevention and detection frameworks in order to withstand adversaries using complex and persistent threats. When implementing new security solutions enterprises must start by assuming that there is already a bad actor within their IT environment. With this mindset, organizations can then set the groundwork necessary to stop malicious activity and keep their business’ data safe. As there is no one silver bullet that truly stops all cyberattacks, organizations must adopt a multipronged approach to be widely adopted to stop adversaries. This must include tracking, analyzing and pinpointing the motivation of cyber actors to stay one step ahead through global intelligence gathering and proactive threat hunting. In addition, deploying new technologies leveraging the power of the cloud give a holistic view of the continuously evolving threat landscape and thereby secure data more efficiently. Traditional security approach In today’s landscape, the propagation of advanced exploits and easily accessible tools has led to the blurring of tactics between statecraft and tradecraft. Traditional security approaches are no longer viable when it comes to dealing with the latest trends in complex threats. To make defending against these threats even more complicated, adversaries are constantly adapting their tactics, techniques and procedures (TTPs), making use of the best intelligence and tools. CrowdStrike’s latest Global Threat Report tracked the speed of the most notable adversaries including Russian, Chinese, North Korean and Iranian groups. As the adversaries’ TTPs evolve into sophisticated attack vectors defenders need to recognize we are amidst an extreme cyber arms race, where any of the above can become the next creator of a devastating attack. Russian efficiency is particularly high; they can spread through an enterprise network in 18 minutes 48 seconds on average, following the initial cyber-intrusion. Sophisticated cyber weapons Actors tend to use a simple trial and error technique where they test the organization's network So, reacting to threats in real-time is a priority. Bad actors are extremely vigilant and committed to breaking down an organization’s defenses, and speed is essential to finding the threats before they spread. Actors tend to use a simple trial and error technique where they test the organization's network, arm themselves with more sophisticated cyber weapons, and attack again until they find a vulnerability. This has highlighted the need for tools that provide teams with full visibility over the entire technology stack in real-time in order to meet these threats head-on. Traditional solutions are scan-based, which means they don’t scale well and can’t give the security teams context around suspicious activity happening on the network. They lack full visibility when a comprehensive approach is needed. Businesses without proper cyber measures allow themselves to be at risk from a huge list of threats - like the 2018 Moscow World Cup vacation rental scam Malicious Behavior Through leveraging the power of the cloud and crowdsourcing data from multiple use cases, security teams can tap into a wealth of intelligence collated from across a vast community. This also includes incorporating threat graph data. Threat graphs log and map out each activity and how they relate to one another, helping organizations to stay ahead of threats and gain visibility into unknowns. Threat graph data in conjunction with incorporating proactive threat hunting into your security stack creates a formidable 360-degree security package. Managed threat hunting teams are security specialists working behind the scenes facing some of the most sophisticated cyber adversaries through hands on keyboard activity. Threat hunters perform quickly to pinpoint anomalies or malicious behavior on your network and can prioritize threats for SOC teams for faster remediation. In-Depth knowledge Security teams need to beat the clock and condense their responseIt is key for security teams to have an in-depth knowledge of the threat climate and key trends being deployed by adversaries. The TTPs used by adversaries leave are vital clues on how organizations can best defend themselves from real-life threats. Intrusion ‘breakout time’ is a key metric tracked at CrowdStrike. This is the time it takes for an intruder to begin moving laterally outside of the initial breach and head to other parts of the network to do damage. Last year, the global average was four hours and 37 minutes. Security teams need to beat the clock and condense their response and ejection of attackers before real damage is done. Next-Generation solutions When managing an incident clients need to be put at ease by investigations moving quickly and efficiently to source the root of the issue. Teams need to offer insight and suggest a strategy. This can be achieved by following the simple rule of 1-10-60, where organizations should detect malicious intrusions in under a minute, understand the context and scope of the intrusion in ten minutes, and initiate remediation activities in less than an hour. The most efficient security teams working for modern organizations try to adhere to this rule. As the threat landscape continues to evolve in both complexity and scale, adequate budget and resources behind security teams and solutions will be determining factors as how quickly a business can respond to a cyberattack. To avoid becoming headline news, businesses need to arm themselves with next-generation solutions. Behavioral analytics The solution can then know when to remove an adversary before a breakout occurs Behavioral analytics and machine learning capabilities identify known and unknown threats by analyzing unusual behavior within the network. These have the ability to provide an essential first line of defense, giving security teams a clear overview of their environment. With this at hand, the solution can then know when to remove an adversary before a breakout occurs. Attackers hide in the shadows of a network’s environment, making the vast volume and variety of threats organizations face difficult to track manually. The automation of responses and detection in real-time is a lifeline that organization cannot live without as adversaries enhance and alter their strategies. Adversaries continue to develop new ways to disrupt organizations, with cybersecurity industry attempting to keep pace, developing new and innovative products to help organizations protect themselves. These technologies empower security teams, automating processes and equipping security teams with the knowledge to respond quickly. Organizations can set themselves up for success by integrating the 1-10-60 rule into their security measures, giving them an effective strategy against the most malicious adversaries.

The industry faces numerous challenges in the coming year. Physical and cyber security threats continue to become more complex, and organizations are struggling to manage both physical and digital credentials as well as a rapidly growing number of connected endpoints in the Internet of Things (IoT). We are witnessing the collision of the enterprise with the IoT, and organizations now must establish trust and validate the identity of people as well as ‘things’ in an environment of increasingly stringent safety and data privacy regulations. Meanwhile, demand grows for smarter and more data-driven workplaces, a risk-based approach to threat protection, improved productivity and seamless, more convenient access to the enterprise and its physical and digital assets and services. Using Smartphone Apps To Open Doors Cloud technologies give people access through their mobile phones and other devices to many new, high-value experiencesEnterprise customers increasingly want to create trusted environments within which they can deliver valuable new user experiences. A major driver is growing demand for the ‘digital cohesion’ of being able to use smartphone apps to open doors, authenticate to enterprise data resources or access a building’s applications and services. Cloud technologies are a key piece of the solution. They give people access through their mobile phones and other devices to many new, high-value experiences. At the same time, they help fuel smarter, more data-driven workplace environments. With the arrival of today’s identity- and location-aware building systems that recognize people and use deep learning analytics to customize their office environment, the workplace is undergoing dramatic change. Improved Fingerprint Solutions Cloud-based platforms and application programming interfaces (APIs) will help bridge biometrics and access control in the enterprise, overcoming previous integration hurdles while providing a trusted platform that meets the concerns of accessibility and data protection in a connected environment. At the same time, the next generation of fingerprint solutions will deliver higher matching speed, better image capture quality and improved performance. The next generation of fingerprint solutions will deliver higher matching speed, better image capture quality and improved performance Liveness detection will ensure that captured data is from a living person. Biometrics authentication will also gain traction beyond access control in immigration and border control, law enforcement, military, defense and other public section use cases where higher security is needed. Flexible Subscription Models Access control solutions based on cloud platforms will also change how solutions are deployed. Siloed security and workplace optimization solutions will be replaced with mobile apps that can be downloaded anywhere across a global ecosystem of millions of compatible and connected physical access control system endpoints. These connections will also facilitate new, more flexible subscription models for access control services. As an example, users will be able to more easily replenish mobile IDs if their smartphones are lost or must be replaced. Generating Valuable Insights With Machine Learning Machine learning analytics will be used to generate valuable insights from today’s access control solutionsEducation, finance, healthcare, enterprise, and other niche markets such as commercial real-estate and enterprises focused on co-working spaces will benefit from a cloud-connected access control hardware foundation. There will be a faster path from design to deployment since developers will no longer have to create an entire vertically integrated solution. They will simply add an app experience to the existing access control infrastructure. New players will be drawn to the market resulting in a richer, more vibrant development community and accelerated innovation. Data analytics will be a rapidly growing area of interest. Machine learning analytics will be used to generate valuable insights from today’s access control solutions. Devices, access control systems, IoT applications, digital certificates and location services solutions, which are all connected to the cloud, will collectively deliver robust data with which to apply advanced analytics and risk-based intelligence. As organizations incorporate this type of analytics engine into their access control systems, they will improve security and personalize the user experience while driving better business decisions. 

It’s not surprising that people are nervous about the security of newer technologies, many of which are part of the Internet of Things (IoT). While they offer greater efficiency and connectivity, some people still hesitate. After all, there seems to be a constant stream of news stories about multinational corporations being breached or hackers taking control of smart home devices. Both of these scenarios can feel personal. No one likes the idea of their data falling into criminal hands. And we especially don’t like the thought that someone can, even virtually, come into our private spaces. The reality, though, is that, when you choose the right technology and undertake the proper procedures, IoT devices are incredibly secure. That said, one of the spaces where we see continued confusion is around access control systems (ACS) that are deployed over networks, particularly in relation to mobile access, smartcards, and electronic locks. These technologies are often perceived as being less secure and therefore more vulnerable to attacks than older ACS systems or devices. In the interest of clearing up any confusion, it is important to provide good, reliable information. With this in mind, there are some myths out there about the security of ACS that need to be debunked. The fact that these devices communicate with an ACS via Bluetooth or Near Field Communication (NFC) leads to one of the main myths we encounter Myth #1: Mobile Credentials Are Not Secure The first myth we have to look at exists around mobile credentials. Mobile credentials allow cardholders to access secured doors and areas with their mobile devices. The fact that these devices communicate with an ACS via Bluetooth or Near Field Communication (NFC) leads to one of the main myths we encounter about the security of credentialed information. There is a persistent belief that Bluetooth is not secure. In particular, people seem to be concerned that using mobile credentials makes your organization more vulnerable to skimming attacks. While focusing on the medium of communication is an important consideration when an organization deploys a mobile credentialing system, the concerns about Bluetooth miss the mark. Bluetooth and NFC are simply channels over which information is transmitted. Believing that Bluetooth is not secure would be the same as suggesting that the internet is not secure. In both cases, the security of your communication depends on the technology, protocols, and safeguards we all have in place. So, instead of wondering about Bluetooth or NFC, users should be focused on the security of the devices themselves. Before deploying mobile credentials, ask your vendor (1) how the credential is generated, stored, and secured on the device, (2) how the device communicates with the reader, and (3) how the reader securely accesses the credential information. When you deploy smartcard technology as part of your ACS, you should choose the latest generation, such as MiFARE DesFIRE EV1 or EV2 and HID iCLASS SEOS Myth #2: All Smartcards Are Equally Secure The question “how secure are my smartcards?” is a serious one. And the answer can depend on the generation of the cards themselves. For example, while older smartcards like MiFARE CLASSIC and HID iCLASS Classic offer better encryption than proxy cards and magstripe credentials, they have been compromised. Using these older technologies can make your organization vulnerable. As a result, when you deploy smartcard technology as part of your ACS, you should choose the latest generation, such as MiFARE DesFIRE EV1 or EV2 and HID iCLASS SEOS. In this way, you will be protecting your system as well as your buildings or facilities. Some traditional readers and controllers can also pose a serious risk to your organization if they use the Wiegand protocol, which offers no security. While you can upgrade to a more secure protocol like OSDP version 2, electronic locks are a very secure alternative worth considering. It is also important to understand that not all smartcard readers are compatible with all smartcard types. When they are not compatible, the built-in security designed to keep your system safe will not match up and you will essentially forego security as your smartcard-reader will not read the credentials at all. Instead, it will simply read the non-secure portion—the Card Serial Number (CSN) —of the smartcard that is accessible to everyone. While some manufacturers suggest that this is an advantage because their readers can work with any smartcard, the truth is that they are not reading from the secure part of the card, which can put your system and premises at risk. Using electronic locks can help protect facilities and networks through various security protocols, including encryption and authentication Myth #3: Electronic Locks Are More Vulnerable These days, there are still many who believe that electronic locks, especially wireless locks, are more vulnerable to cybercriminal activity as compared to traditional readers and controllers. The concern here is that electronic locks can allow cybercriminals to both access your network to get data and intercept commands from the gateway or nodes over the air that would allow them access to your buildings or facilities. The reality is that using electronic locks can help protect facilities and networks through various security protocols, including encryption and authentication. Additionally, because many of these locks remain operational regardless of network status, they provide real-time door monitoring. This means that many electronic locks not only prevent unauthorized access but also keep operators informed about their status at all times, even if a network goes down. Outdated technology and old analogue systems are more vulnerable to attacks When it comes to deploying electronic locks, it is important to remember that, like any device on your network, they must have built-in security features that will allow you to keep your information, people, and facilities safe. Be Prepared To Unlock Future Benefits Ultimately, the information in your IP-based ACS is at no greater risk than any other information being transmitted over the network. We just have to be smart about how we connect, transmit, and store our data. In the end, maintaining the status quo and refusing to move away from old technology is not a viable option. Outdated technology and old analogue systems are more vulnerable to attacks. The reason it is so important to debunk myths around ACS and, at the same time, get people thinking about network security in the right way is that network-based systems can offer an ever-increasing number of benefits. When we deploy new technology using industry best practices and purchase devices from trusted vendors, we put ourselves and our networks in the best possible position to take full advantage of all that our increasingly connected world has to offer.

A video analytics system that provides ‘behavioral understanding’ can yield more meaningful and actionable data for a range of applications. In public safety and security, such a system can alert on violent or suspicious behaviors, such as people fighting, vandalism, people with weapons, etc. In advanced traffic surveillance and monitoring, it can provide alerts to vehicle collisions (accidents), traffic hazards or vehicle that aren’t using the road properly, such as a car that stops in the middle of the junction. For enterprise and campus security, it can provide advanced anti-tailgating and detect unauthorized activity. Video surveillance infrastructure viisights was founded by a group of entrepreneurs with track records in developing technology businesses These uses are among the benefits of viisights’ video analytics technology based on behavioral understanding of video content. “It means we can extract more meaningful data from the huge amount of video content that is captured, and we can transform that data to actionable insights that eventually justify the massive investment in video surveillance infrastructure,” says Asaf Birenzvieg, CEO of viisights. Their behavioral understanding systems for real-time video intelligence leverage artificial intelligence technology. viisights was founded by a group of serial entrepreneurs with track records in developing technology businesses. The Israeli company’s founders recognized a growing global need for intelligence to make physical and virtual public areas safer – and realized the role that smart video understanding technology can play. Developing artificial intelligence technologies viisights is committed to developing artificial intelligence technologies that facilitate human-like video understanding, which in turn serves as the basis for fully autonomous video intelligence systems powered by pattern prediction technology. “Behavioral recognition is the future of video analytics and the next generation of the object classification analytics systems that hold the majority of the market today,” says Birenzvieg. viisights has developed a video understanding technology for real-time video processing “To date most video analytics systems still base their product features on static analysis of objects from images using image recognition, even the ones that use ‘AI analytics.’ Products built using such object classification technology are extremely limited.” For example, object classification analytics cannot recognize behavioral events in a video such as people fighting or a car collision because such behaviors can’t accurately be concluded in large scale from analyzing a single static image/frame. Video understanding technology viisights has developed a video understanding technology for real-time video processing. The technology can process live video feeds. In addition to recognizing a particular object (e.g., person) and its attributes (e.g., red shirt), the system can understand an object’s actions, interactions with other objects (events), the scene being viewed (i.e., crowd is gathering, riots) and the context (a car is driving on the road or on the sidewalk). The main verticals are smart cities, enterprises and campuses, banks and ATM security“Basically, we are able to extract more meaningful data from a live video feed and therefore create actionable insights and greater ROI,” says Birenzvieg. The company focuses mostly on security and safety use-cases. The main verticals are smart cities, enterprises and campuses, banks and ATM security, security guard companies and transportation hubs. The company is working on a new product for in-vehicle monitoring mostly for security, safety, vehicle protection and proper vehicle use; it monitors passengers’ behavior inside a bus, train, or taxi. The product will come to market next year. Video management system viisights’ video analytics offering is currently optimized for server-side deployment, and the integration architecture is similar to most video analytics systems. From one side it is integrated with the video management system (VMS). They are a Milestone verified partner and soon will be part of Milestone's marketplace. From the other end, it is connected to a command-and-control system for processing the data and presenting the alerts to the end-user. The analytics company makes most sales through system integrators. They have partnerships with big system integrators like Motorola Solutions and NEC and are also working with smaller ones. They are looking to expand their system integrator network, mostly in the USA and Europe. Behaviors can have many variations and they can be very diverse Cloud video surveillance “We will continue to invest in performance and accuracy, meaning higher recall and lower false positive rate,” says Birenzvieg. “Since our major value proposition is in behavior recognition, behavior events many times are not clearly defined, which is very different from object classification. Behaviors can have many variations and they can be very diverse.” An example is a simple behavior like a person falling on the floor. A person can fall on the floor in many ways, but the challenge is to ignore similar behaviors that are not a person falling and that confuse the system, such as a person bending over to tie his shoelaces. With cloud video surveillance becoming a trend, viisights is also looking into offering some of their advanced functionalities in a video-analytics-as-a-service-model.

An interim Federal Acquisition Rule (FAR) detailing how the U.S. Federal government will implement a ban on government use of video surveillance products from Chinese manufacturers has been released just days before the August 13, 2019, deadline for the ban to take effect. The interim rule will take effect immediately; it notes there are "urgent and compelling reasons… to promulgate this interim rule without prior opportunity for public comment." After the interim rule is published in the Federal Register, 60 days will be allowed for public comments to be submitted (tag comments and correspondence ‘FAR Case 2018-017’). The final rule will follow. The agencies issuing the interim rule are the Department of Defense (DoD), the General Services Administration (GSA), and the National Aeronautics and Space Administration (NASA). Banning Chinese video surveillance equipment The interim rule provides details about implementation of Section 889(a)(1)(A) of the NDAA for fiscal year 2019The interim rule provides details about implementation of Section 889(a)(1)(A) of the National Defense Authorization Act (NDAA) for fiscal year 2019, which the President signed into law on August 13, 2018, to take effect a year later. It bans government uses of telecommunications and video surveillance equipment produced by Hikvision and Dahua, among other companies. The interim rule also applies to telecommunications equipment produced by Huawei Technologies Company or ZTE Corp. (or any subsidiary or affiliate). Huawei manufactures HiSilicon chips widely used in video cameras. The interim rule requires inclusion of a clause prohibiting the listed telecommunications and video surveillance services on solicitations and/or resulting contracts that occur on or after August 13, 2019. Contractors who identify covered equipment during the performance of a contract are required to report it within one business day; and to report mitigation actions within 10 business days. The requirement is included in contracts with subcontractors. Identifying telecommunications equipment The rule requires submission of a ‘representation’ with each offer (government bid) to identify any covered telecommunications equipment or services that will be provided to the Government. The interim rule states: “DoD, GSA, and NASA recognize that some agencies may need to tailor the approach to the information collected based on the unique mission and supply chain risks for their agency.” The head of an executive agency can grant a one-time waiver on a case-by-case basis for up to a two-year period There is an option for contractors to "represent annually whether they sell equipment, systems, or services that include covered telecommunications equipment or services." A ‘no’ answer then applies to any contracts during the year. If a contractor answers ‘yes’, they are required to specify that each individual bid does not include the covered equipment. The head of an executive agency can grant a one-time waiver on a case-by-case basis for up to a two-year period. Waivers require a compelling justification, that the equipment be listed/reported, and that a phase-out plan is implemented. The Director of National Intelligence can also provide a waiver. Prohibits purchase of COTS items The interim rule also applies to purchase of commercial off-the-shelf (COTS) items: "Th[e] level of risk is not alleviated by the fact that the equipment or service being acquired has been sold or offered for sale to the general public... nor by the small size of the purchase." It prohibits ‘micro-purchases’ of covered products and services delegated by agency heads. The interim rule covers the NDAA Section 889(a)(1)(A), which is the ‘Chinese ban’ provision. It does not cover the ‘blacklist’ provision [Section 889(a)(1)(B)], which was the subject of a public hearing in July. According to the interim rule: "The prohibition in section 889(a)(1)(B) is not effective until August 13, 2020, and will be implemented through separate rulemaking." The ban also applies to current government installations, and there are questions about whether agencies and departments will comply in time.

Video surveillance cannot address all the security challenges in education, but it is a valuable tool and among the least obtrusive options available. And the list of security challenges that video can address grows every day. Video systems can provide real-time monitoring of school premises and facilitate rapid response to incidents. New advances such as video analytics are currently underutilized in the education arena. Historically, video has been used as a forensic tool in the education market, providing critical information about an incident after the fact. But that generalization is changing. Today, networking enables video images to be shared throughout a school system, traveling over existing networks, empowering a more centralized security management structure, and making video more valuable. In particular, higher education institutions are more likely to view live video, given the larger campuses, greater number of buildings, and more public areas where staff and students congregate. Challenges for securing a school environment Panoramic cameras are one tool to address challenges, as a single 360-degree camera can replace between 4 and 5 PTZ camerasMultiple challenges in the education market for security goods and services (from a video perspective) include wide open spaces that make securing schools with video surveillance cameras difficult since the vast amount of coverage required can be cost-prohibitive. Second, state and federal regulations must be taken into account and balanced with the need to protect student privacy. Finally, schools and colleges face dwindling budgets, which means security solutions must deliver more coverage and functionality, while also being cost-effective to deploy. Panoramic cameras are one tool to address these challenges, as a single 360-degree camera can replace between four and five traditional pan-tilt-zoom cameras, resulting in fewer cameras and more coverage – all at a lower cost for hardware and licensing. Data capture form to appear here! Intelligent cameras with video analytics Video surveillance with video analytics can be deployed to monitor areas at certain times of day. For example, once school starts, there shouldn’t be a lot of activity in the parking lot or in particular areas around the school. For these situations, intelligent cameras with video analytics can be used to detect activity in those areas of interest to alert school security that something may need their attention. Radar detection is ideal for perimeters, where a device can be set up unobtrusively to alert when someone enters a particular area. ACC 6 video management software with Avigilon Appearance Search technology provides advanced video analytics search The goal in a potentially dangerous situation is to speed up response times. The faster you’re able to detect something using technology, the faster you’re able to respond. Therefore, being able to identify something happening in a parking lot and alert school resource officers could provide 30 seconds or a minute head start for response, which can get the school into a lockdown situation and get first responders on site more quickly. Video cameras with low-Light capability There are video cameras available with extreme low-light capability to see in near-dark or complete darknessIt’s been shown that using lighting at night can deter crime. However, it can be expensive to keep a building and grounds illuminated all night, every night. To mitigate these concerns and potential costs, there are video cameras available with extreme low-light capability that allows them to see in near-dark or in some cases complete darkness. This allows a school to save money by turning lights off while achieving a level of surveillance performance similar to daytime deployments. Facing above-average student incident rates and student disciplinary concerns at some schools, a school system in the United States sought to upgrade its video surveillance system to allow better local and remote monitoring in important areas. Avigilon high-definition cameras with self-learning video analytics and access control solutions were installed in 101 schools, and ACC 6 video management software with Avigilon Appearance Search technology provides advanced video analytics search. A deep learning artificial intelligence search engine can sort through hours of footage and allow operators to click on a button and search for all instances of a person or vehicle across all cameras on a site, quickly and efficiently.

Ping Identity, the provider of Identity Defined Security, announces its successful completion of the Financial-grade API (FAPI) conformance testing, as part of the process defined by Open Banking Ltd. This builds on Ping Identity’s previous success as the first identity platform to pass all 70 technical security tests, as set by Open Banking Ltd., with zero warnings. The most recent set of FAPI conformance testing evaluated the latest versions of the Ping Intelligent Identity platform, including PingFederate, PingAccess and PingDirectory, within a mock banking environment. Additional technical requirements It switches to an API model with structured data that utilizes a token model such as Open Authorization The inclusion of FAPI within the Ping Identity solution for Open Banking helps allow banks to overcome insecure practices such as screen scraping by using stored user credentials. Instead, it switches to an API model with structured data that utilizes a token model such as Open Authorization. FAPI is a technical specification developed as a multi-industry standard by the FAPI Working Group of OpenID Foundation (OIDF). It leverages OAuth 2.0 and OpenID Connect (OIDC) to define additional technical requirements for the financial industry and other sectors requiring higher security. For banks specifically, FAPI provides various advantages. This includes enabling applications to securely interact with financial accounts, while also enhancing the user’s ability to control security and privacy settings. Secure identity requirements In concurrence with the specification, OpenID Foundation maintains a cloud-based testing suite for conformance testing by banks, certified third-party security providers and platform vendors—such as Ping Identity. The Ping Intelligent Identity platform is used by hundreds of financial services enterprises, including many of the CMA 9 and Open Banking Ltd. itself. Additionally, FAPI is of increasing relevance to the growing number of new fintech start-ups in areas such as investment, wealth management, insurance, payments and even real estate. “This is significant beyond the Open Banking and financial services sector,” explains Rob Otto, EMEA Field CTO, Ping Identity. “Other digitally-focused sectors, with similar secure identity requirements, now have a proven template that can allow them to quickly deploy their own security controls, which have been stringently tested by the largest financial institutions in the UK.”

PerpetuityARC Training, part of the Linx International Group recently delivers a risk and crisis management workshop for Lafarge Egypt (part of the LafargeHolcim Group) in Cairo. The training provided senior managers from across the organization with the knowledge and skills needed to manage resources during a crisis and operate within the organization’s crisis management and compliance framework. The intensive program was built collaboratively between PerpetuityARC Training and Lafarge Egypt and specifically tailored to its operating environment in the construction materials industry. Achieve successful resolution It was great to see them solving problems in a pressured, but safe environment"In a series of practical and theoretical exercises, Linx International Group Director, Angus Darroch-Warren, assessed and enhanced the ability and confidence of participants to apply their new skills to manage complex and evolving crisis scenarios, each requiring close collaboration between team members, in order to achieve a successful resolution. Security Director at Lafarge, Magdy Khorshid, stated: “The course was amazing, very practical and interesting to all and I received much positive feedback from all learners.” Angus commented: “The Lafarge teams engaged fully with the workshop scenarios. It was great to see them solving problems in a pressured, but safe environment, that allowed them to think through issues and respond using identified resources and procedures.” The workshop is the latest collaboration in a five year relationship between Lafarge Egypt and PerpetuityARC Training. During this time PerpetuityARC Training has delivered its security and risk related courses to employees and stakeholders in Egpyt and the UK.

Located at the very heart of Amman, Jordan, Landmark Amman Hotel is one of the most renowned 5 star hotels in the city, as well as a true local landmark in more than one ways. Boasting seventeen flexible event spaces for everything from small intimate meetings to large-scale exhibitions and 258 rooms that are among the largest hotel accommodation in Jordan, Landmark Amman Hotel is an ideal choice for high-end customers of many types. Dahua Technology, a video-centric smart IoT solution and service provider, is trusted, for the first time in Amman, with the job of keeping Landmark Amman Hotel safe in its phase 2 CCTV improvement. Need of a competent surveillance system The other challenge concerned old system’s storage, which couldn’t meet the requirement of local policeIt is difficult for a large-scale hotel like Landmark Amman to patrol the grounds and premises of the hotel relying only on security personnel. Moreover, there might be no standardized evidence for the police to check without a competent surveillance system when an accident happens. There are two aspects of the old system to be improved. The analog system the hotel was using was not easy to manage, the problem which was exacerbated by the condition that a great number of cameras were broken. The other challenge concerned old system’s storage, which couldn’t meet the requirement of local police. IP camera and NVR solution Dahua Technology’s CCTV solution comprising IP camera and NVR solves the problems just right. IPC-HDW1431S, the 4MP WDR IR Eyeball Network Camera, supports Smart Coding (H.265+ & H.264+), Intelligent Video Analysis(IVS), Wide Dynamic Range(WDR), Smart IR Technology, etc., which is fully capable of smartly capturing the 4MP resolution images in hotels. NVR4216-4KS2, the 32 Channel 1U 4K&H.265 Lite NVR can be served as edge storage, central storage And NVR4216-4KS2, the 32 Channel 1U 4K&H.265 Lite Network Video Recorder, which supports 4K and H.265 encoding technology, can be served as edge storage, central storage or backup storage with an intuitive shortcut operation menu for remote management and control. Compatible with ONVIF 2.4 protocol Easy to install, it is compatible with numerous third-party devices making it the perfect solution for surveillance systems that work independently of video management system (VMS). It features an open architecture that supports for multi-user access and is compatible with ONVIF 2.4 protocol, enabling interoperability with IP cameras. Dahua surveillance system has helped Landmark Amman Hotel find a new way to enhance the guest experience through improving the level of security with reduced property damage and thefts in hotel. It also improved team cohesion and work efficiency of the hotel employees. Furthermore, the hotel could increase revenue by monitoring and invoicing according to actual numbers of guests, and be compliance with local authorities’ security and safety regulations. 

Merthyr County Council were experiencing high levels of break-ins and thefts in its three household recycling sites resulting in high repair and replacement costs. The Council employed a security company to man guard three sites which cost over £150,000 per annum however, the break-ins were still occurring. The Gallagher Channel Partner designed a solution to detect, deter and protect. They installed a Gallagher Monitored Pulse Fence to detect intruders climbing or breaking through the fence, deter by delivering a short, sharp but safe shock, while protecting the Council's assets and on-going operation. Cost-Effective installation The system was retrofitted to an existing fence structure ensuring an easy, efficient and cost-effective installation. Since the fence was installed break-ins have ceased and the requirement for man guarding is no longer needed. Electrical Statutory Compliance Inspector at Merthyr County Council, Les Lewis, said: “I was thrilled with the completed project. Not only is it aesthetically pleasing, but it has met all of our security requirements. It has also helped make huge cost savings as we no longer require manned security out of hours or need to repair damaged fences and replace expensive assets. I believe the Gallagher system will pay for itself within 18 months.”

K9 Fuels are a family run, fuel distribution business providing an efficient and customer focused service in and around Lincolnshire. Since moving to their new premises on an industrial site, they weren’t able to leave their fuel trucks in the yard because of constant break-ins and theft. CCTV was installed but wasn't enough of a deterrent. Seeing a Gallagher monitored pulse fence at nearby TC Harrison, K9 Fuels wanted more information on how a similar system could benefit them. Monitored building alarm A simple stand-alone, four zone system linked to their existing monitored building alarm was installed. There is potential to upgrade this to a network based system, using the same F32 fence energizers, if the company expands. System height is 3.0m (32 wire), with a fence length of approximately 200 metres including one sliding gate and one double leaf gate. The break-ins stopped after the monitored pulse fence was installed and K9 Fuels are at ease knowing that their premises are monitored and protected 24 hours a day.

"The safety of others has always been a matter close to my heart", says Hans Wetzlar, Managing Director of IHRE SICHERHEIT Security Service in Bielefeld. It was out of this motivation that he founded his security company ten years ago. Together with his team, he ensures, for example, that visitors to events and trade fairs can move around safely. Mobile ‘video guards’, using Dahua's powerful video surveillance technology, are now contributing to this. Video surveillance system Video surveillance is a new addition to the portfolio of security service providers Video surveillance is a new addition to the portfolio of security service providers. "This enables us to offer our customers a much wider range of services from a single source," says Hans Wetzlar: "Even the sight of a camera can deter potential perpetrators. The inhibition threshold increases. In our experience, this means less damage to property and less theft." And if 'someone dares', the course of events is completely documented. While searching for a reliable video surveillance system, the security expert quickly came across Kruse Sicherheitstechnik in Salzkotten. The idea to develop mobile ‘video guards’ arose from this cooperation. The compact housing of the video monitor contains a great deal of technology: four high-resolution HD cameras are attached to the 6-metre-high trailer, which can record a range of up to 200 metres using motion detectors. Wide-Angle fixed cameras "When it comes to technology, we rely on Dahua Technology's products and solutions - and with good reason. The heart of this control station is the DSS server, which receives all signals from the video trailers. The advantage over other providers is that Dahua Technology's licenses are provided free of charge - regardless of whether a 4-channel or a 64-channel recorder," says Tobias Vieth of Kruse Sicherheitstechnik. The Starlight series has very good night vision and a high-performance infrared illuminator Two different camera types are mounted on the trailers: Two wide-angle fixed cameras and two Dahua Starlight series PTZ cameras. They can zoom to certain objects. The Starlight series has very good night vision and a high-performance infrared illuminator - allowing people to be seen from up to 300 metres away. Specialist trade partners "The feedback from our customers is consistently positive. Our video guard allows significantly better surveillance at the best price. With Dahua Technology at our side, we are well prepared for the future," says Hans Wetzlar. Dahua Technology remains on a growth course in Germany, Austria and Switzerland with a comprehensive benefits program for its specialist trade partners. Reliable on-site support, permanent customer advisors, dedicated project support and technical support from Germany: The comprehensive services contribute to the fact that within a short period of time a three-digit number of specialist trade partners have decided to cooperate with Dahua Technology.

The ability to treat patients in a secure environment is a base requirement of hospitals and other healthcare facilities. Whether facilities are large or small, security challenges abound, including perimeter security, access control of sensitive areas, video surveillance, and even a long list of cyber-risks. We asked this week’s Expert Panel Roundtable: What are the security challenges of hospitals and the healthcare industry?

Technology advancements often come with new terms and definitions. The language of our marketplace evolves to include new words that describe innovations in the industry. In the skilled hands of marketers, terms intended to be descriptive can also take a new element of ‘buzz,’ often presaging exciting developments that will drive the future. We asked this week’s Expert Panel Roundtable:  What new buzzword have you heard, and what does it mean for the industry?

The new year 2019 is brimming with possibilities for the physical security industry, but will those possibilities prove to be good news or bad news for our market? Inevitably, it will be a combination of good and bad, but how much good and how bad? We wanted to check the temperature of the industry as it relates to expectations for the new year, so we asked this week’s Expert Panel Roundtable: How optimistic is your outlook for the physical security industry in 2019? Why?