Gunshot detection today is part of more physical security systems than ever before, and many manufacturers are developing interfaces to the latest gunshot detection technologies. Genetec has integrated ShotSpotter gunshot detection technology into its unified IP security platform, Security Center. Thanks to this integration, police departments and security professionals will be able to receive more actionable information, gain rapid access and detailed location insights when a gunshot situatio...
Qualitest, the independent software testing and quality assurance company, opens its new headquarters in Central London following a period of worldwide growth. Serving as a central location with easy access to Qualitest’s US, Israel, India and Romanian offices, London is also a base for prominent existing clients as well as a wide array of companies seen as prospective clients. The new office, based close to Liverpool Street station, brings together employees located across greater London...
With security threats on the rise, LILIN Americas is answering the call by introducing an advanced yet easy-to-install Access Control System for monitoring entry to a building, resulting in a safer environment for personnel and assets. When integrated with other platforms such as IP cameras, fire alarms, and sensors, the system provides a layered security approach that significantly enhances peace-of-mind and acts as a deterrent for theft and vandalism. "The LILIN Access Control System is a sin...
Pulse Secure, the provider of software defined secure access solutions, announces that growing demand for hybrid IT and Zero Trust Secure Access, resulted in double digit deal volume growth in the first half of 2019. Additionally, the company announces significant achievements in product innovation, channel programs, customer service and talent acquisition. “Our sales growth demonstrates that we offer the most flexible and robust platform for Secure Access. We are ideally positioned to ca...
Connected Technologies LLC, maker of the award-winning patented Connect ONE integrated cloud-hosted security management platform, has boosted the capacity of its Access Expander to handle up to 100,000 users. Prior to developing this new programming capability the Access Expander handled up to 10,000 system users, depending on the panel manufacturer’s integration. Integrated access control Connect ONE allows security dealers to offer home automation with integrated access control Connec...
Microsoft and CyberArk are globally renowned companies in the identity management space for the security software sector, according to the latest Thematic scorecard from GlobalData. Identity management Identity management refers to software whose function is to ensure that the right people (or machines) have access to the parts of the IT system they require to fulfill their role. Both companies gained the highest Thematic score (5 out of 5) for the identity management theme in GlobalData&rsquo...
BitSight, the Standard in Security Ratings, announced BitSight Enterprise Analytics, the latest Security Performance Management solution available on the BitSight platform. BitSight Enterprise Analytics helps security and risk leaders quickly gain insight into the impact of risk introduced at the organizational group level – from subsidiaries to business units and departments – enabling them to identify the areas of highest risk concentration within their organizations. The solution provides visibility into which groups have the biggest impact on their organizations' overall cyber risk posture and helps identify areas for security performance improvement. Simplifies security program monitoring The solution helps security and risk leaders simplify security program monitoring, managementLarge enterprises often consist of dozens to upwards of hundreds of distinct organizational groups including departments, business units, subsidiaries, centers, offices and more – and in some cases, located in disparate geolocations. Each of these groups has a unique structure, function and points of digital exposure, and consequently, a unique cyber risk level. This has historically made it difficult for security and risk leaders to pinpoint where exactly the greatest cyber risk exists across the entire organization. BitSight Enterprise Analytics takes the guesswork out of identifying risk concentration throughout and enhances security performance across distributed enterprise groups. The solution helps security and risk leaders simplify security program monitoring, management and reporting by aligning risk management and communication with the existing business structure. Access meaningful and objective data With BitSight Enterprise Analytics, businesses can access real-time, meaningful and objective data and metrics on organizational group-specific security performance across several categories of vulnerabilities and cyber incidents. Armed with this visibility, security and risk leaders can: Quickly Discover Group-Based Performance Deficiencies: BitSight Enterprise Analytics helps organizations uncover the factors within each enterprise group that most significantly impact the organization's overall security performance. More Effectively Allocate Security Resources: BitSight Enterprise Analytics allows an organization to accurately distribute resources and prioritize initiatives that are in line with the company's risk appetite and policy thresholds for the greatest impact on security performance improvement. Create Focused Improvement Plans: When used alongside BitSight's security performance projection and improvement model tool, BitSight ForecastingTM, BitSight Enterprise Analytics helps businesses create improvement plans by enterprise group for the greatest impact. Report More Impactfully to the Board: With BitSight Enterprise Analytics, security and risk leaders can measure and manage the security performance of their corporate structure and confidently report to senior executives and the board. Continuous monitoring of cybersecurity posture "Within the last month, regulators have issued billions of dollars in fines due to cyber insecurity; companies experiencing cyber incidents have lost billions in market capitalization. This is the new risk reality that senior executives and board members find themselves in today," said Dave Fachetti, SVP Corporate Strategy & CMO of BitSight. "BitSight Enterprise Analytics provides confidence to executives through data. It helps our customers gain insight into risk concentration and changes in potential risk impact throughout their organization over time to help them continuously monitor cybersecurity posture, measure security program performance and allocate limited resources to focus on the areas that will have the greatest impact on their cyber risk management programs."
Boon Edam Inc., a pioneer in security entrances and architectural revolving doors, announces they are emphasizing the theme of tailgating mitigation and integration in booth #1103 at the GSX (formerly ASIS) exhibition in Chicago, Illinois from September 10-12. GSX is an annual event that brings together over 20,000 participants from across the security profession for a week of networking, educational opportunities and discovering the latest security solutions. Boon Edam is also the official turnstile sponsor of the show. Appropriate entrance solution Security entrances coupled with access technologies provide a complete solution Access technologies, such as card readers and biometric devices, are critical for controlling entry to secure areas within a building. However, these solutions are only effective at mitigating tailgating when coupled with the appropriate entrance solution. Swinging doors do not stop one authorized person from opening the door and then holding it open for a number of others. Security entrances coupled with access technologies provide a complete solution that ensures only one person can enter per valid authorization. The following solutions will be on display in Boon Edam’s booth: Lifeline Speedlane Swing Optical Turnstile: The industry’s slimmest optical turnstile will feature a custom, integrated pedestal that incorporates the MorphoWave™ touchless fingerprint technology from IDEMIA. This solution enables high throughput with the enhanced security of rapid biometric identification, all in a stylish, cohesive design. New! Lifeline Boost Access Control Pedestal: The Boost is a brand new, stylish access control pedestal designed by Boon Edam to complement the popular Lifeline optical turnstile series. The Boost will include the latest version of Essex’s credential card reader, now with optical Bluetooth and OSDP capability, the iRox-T with BLE expands for HID Global’s Mobile Access solutions. Tourlock 180+90 Security Revolving Door: The entrance of choice for the Fortune 500, the Tourlock will feature an AMAG Symmetry card reader to demonstrate access control integration paired with the door’s uniquely high, bi-directional throughput and its ability to prevent tailgating and piggybacking without manned supervision. Circlelock Mantrap Portal: Offering the highest level of security available in an entrance, the Circlelock security portal prevents intrusion into the most sensitive areas such as data centers. The portal will be configured to demonstrate two-factor authentication: an AMAG Symmetry card reader on the outside of the portal conducts the initial authorization, while facial recognition provides instant authentication inside the portal. The secure, edge-based facial recognition access control device by Alcatraz, called the Rock, can also be experienced at their booth (GSX booth #1047). BoonConnect Software: An IP-addressable, proprietary software system providing diagnostic and configuration tools for the Tourlock security revolving door and Circlelock mantrap portal. Users can remotely access door operations and events using devices such as a tablet, laptop or smartphone via a secured corporate network. Upcoming tailgating season Boon Edam is celebrating its position as the market pioneer for security entrances, according to a report by IHS Markit®, with a tailgating-themed prize giveaway. All visitors to GSX are invited to participate by visiting booth #1103 during show hours. Participants will have the opportunity to win a variety of prizes that will help them make the most of the upcoming tailgating season: the Big Green Egg® grill, a YETI® cooler and more. Winners will be selected at random after the exhibition, and an announcement will be made to all participants via email by Friday, September 27.
Antaira Technologies is a developer and manufacturer of industrial networking devices and communication solutions for harsh environment applications and is proud to announce the expansion of its industrial networking infrastructure family with the introduction of the LMP-1802G-SFP and LMX-1802G-SFP Series. Antaira’s LMP-1802G-SFP and LMX-1802G-SFP series are industrial-grade equipment that is Ethernet ready to fulfill various markets’ edge-level networking applications in harsh and outdoor environments, such as manufacturing automation, security surveillance, power/utility, waste water treatment plants, oil/gas/mining, and transportation. Industrial switches These devices support high density Ethernet port connectivity, wide bandwidth, long distance data transmission, and have a superb reliability factor. The LMX-1802G-SFP Series is an ideal choice for campus ring solutions with its two fiber optic ports supporting an open standard ring technology (ERPS). These outdoor devices are able to communicate and send critical information back to an enterprise switch There are many proprietary ring technologies available but using an open standard like ERPS means that it is possible to have equipment from different manufacturers working together in the ring. For example, campuses have networking rings consisting of hardened and industrial switches for outdoor environments that require a wide temperature-rated device. These outdoor devices are able to communicate and send critical information back to an enterprise switch at a data center. Electromagnetic interference Antaira’s LMP-1802G-SFP Series can not only provide a large number of PoE ports (30 Watts) for high density security applications, but also fiber optic interfaces for long range connectivity (1 meter to 100 KM) that is 3 feet to over 60 miles. The SFP port will not only allow connectivity beyond the 100 meter/300-foot limitation of copper cable but also permits connectivity through areas where electromagnetic interference may cause issues such as on a factory floor. The Antaira management software on these switches helps monitor, react, and troubleshoot applications to reduce the cost of maintenance and downtime. Features such as SNMP Traps, Syslog, and port mirroring can be priceless when maintaining a system and reducing issues causing outages.
Keysight, the test and measurement vendor introduces its new Automotive Cybersecurity Program that delivers a broad cybersecurity portfolio, including hardware, software and services, to address the growing concern of cyber-attacks on connected vehicles. The cyber world is increasingly impacting the safe operation of automobiles, opening the risks of exposure, including malicious hacker activities. The new reality is that cyber-attacks against automobiles could result in the loss of human life. The most recent report from Consumer Watchdog has exposed the reality about the cybersecurity risk in connected vehicles. Deliver extensive security ISG’s visibility solutions deliver an enhanced infrastructure that improves the efficiency of security tool Keysight Technologies understands these risks and offers solutions to test and measure connected vehicle technologies, including the newly announced Automotive Cybersecurity Program that validates the resiliency of connected components of a vehicle, individually or as an entirely functioning automobile prior and post deployment. In addition, security solutions developed by Ixia Solutions Group (ISG), enables Keysight to deliver extensive security validations of the 4G/5G radio access network (RAN) infrastructure that connects vehicles, and the backend data centers that manage business operations. ISG’s visibility solutions deliver an enhanced infrastructure that improves the efficiency of security tool sets in production networks. Keysight provides test and measurement of cybersecurity effectiveness from the ECU level up to the cloud data center. Pre-Deployment testing “Early assessment, prior to production, is essential to enabling our automotive customers to deliver safe and supportable vehicles,” stated Mark Pierpoint, president of Ixia Solutions Group, a Keysight business. “Potential issues identified post production, with the risk of recalls, cost orders of magnitude more to repair than when found during pre-deployment testing, notwithstanding the possible loss of human life." Cars today support multiple communication methods, like Bluetooth and USB" "Continued detection and mitigation of cybersecurity threats once vehicles are on the road are equally critical to keep consumers safe. Cybersecurity testing is an essential defense to ensure the design and implementation of a bullet-proof security posture in connected vehicles. Cars today support multiple communication methods, like Bluetooth and USB while a growing number of cars use mobile communication for a variety of services available in the car,” said Tom Goetzl, Automotive & Energy Solutions business general manager for Keysight. Available communication ports “Keysight’s Automotive Cyber security program can test for vulnerabilities on all available communication ports and provides direction to our customers on how to close such vulnerabilities.” Keysight offers a broad portfolio of solutions to help prevent vehicles from being cyber-hijacked, including: Automotive Cybersecurity Program – to validate and exploit the potential attack surfaces existing in connected vehicles Automotive Gateway Security Test – to validate the zoning and security posture of in-vehicle networks Network Security Test – to validate and stress a network infrastructure and backend data centers Application & Threat Intelligence (ATI) Research Center – to ensure testing that includes the latest application and security strike simulation Visibility for Network Security – to improve the performance of a security architecture with 100% visibility of all traffic on an automotive network
Digital Defense, Inc. and The University of Texas at San Antonio (UTSA) Department of Computer Science jointly announced a partnership that will provide students and faculty with access to an award-winning cloud-based information security platform to further enrich the students’ cybersecurity education. UTSA students and faculty will be able to utilize Digital Defense’s flagship Frontline.Cloud platform to evaluate the security posture of applications, systems and networks in classroom and lab environments both on and off campus. With Frontline.Cloud, students will not only be able to assess the security posture of software applications and systems they build and run on lab networks, but when coupled with the supervision and course curriculum provided by UTSA faculty, they will also learn how to use industry recognized tools to establish and execute an effective vulnerability lifecycle management program. Testing for hidden threats on target networks These systems will provide students with vulnerability and web application scanning capabilitiesUTSA will have access to three different systems available on the Frontline.Cloud platform. These systems will provide students with vulnerability and web application scanning capabilities, and Digital Defense’s new threat scanning solution (Frontline Active Threat Sweep), which allows testing for hidden threats on target networks. Mark Robinson, assistant professor in practice in the UTSA College of Sciences, will use the Frontline.Cloud platform in the classroom with his students this fall. “As the home of the nation’s top program in cybersecurity, UTSA is committed to developing partnerships that provide our students with unparalleled learning experiences so they can become the most competitive candidates in the marketplace,” said Robinson. “Frontline.Cloud is an incredibly powerful platform with a host of capabilities that will allow UTSA students and researchers to test their systems, applications and networks before they move into a production-style environment. We are also excited to evaluate integration possibilities for Frontline.Cloud into our security research and competitive events.” Enhanced classroom cybersecurity learning As a Security SaaS platform technology firm, Digital Defense is pleased to provide Frontline.Cloud's access to UTSA"“The alliance of our two San Antonio-based organizations is a natural fit,” states Larry Hurtado, president & CEO at Digital Defense. “We are excited to extend our existing relationship with UTSA, primarily focused on making paid internships available to UTSA students, to one that includes assisting UTSA faculty and students with more enhanced classroom cybersecurity learning. “As a global Security SaaS platform technology firm, Digital Defense is pleased to provide access to Frontline.Cloud to UTSA, one of the world’s leading cybersecurity education institutions. Working together with UTSA, we are able to provide a hands-on experience to students, enabling them to solve real-world information security challenges in a classroom setting. These types of skills are in high demand and the future will now be even brighter for these individuals as they enter the workforce.” Security research units of UTSA The UTSA Department of Computer Science offers bachelor’s, master’s and doctoral degrees supporting a dynamic and growing program with over 1,300 undergraduates, 74 master’s students and 67 doctoral students. The department’s research and experimental facilities are supported by federal research and infrastructure grantsIts major research units include the Institute for Cyber Security, which operates the FlexCloud and FlexFarm laboratories dedicated to both basic and applied cybersecurity research, and the Center for Infrastructure Assurance and Security (CIAS), which focuses on the cybersecurity maturity of cities and communities while also conducting national cyber security defense competitions for college and high school students. The department’s research and experimental facilities are supported by federal research and infrastructure grants. San Antonio is home to one of the largest concentrations of cybersecurity experts and industry leaders outside Washington, D.C., which uniquely positions the city and UTSA to lead the nation in cybersecurity research and workforce development.
Expansion of the Aqua-Pivotal collaboration delivers comprehensive security for application development and production environments on PCF. Aqua Security, global platform provider for securing container-based and cloud native applications, has announced the public release of Aqua Security’s runtime protection for Pivotal Cloud Foundry (PCF). Users of Pivotal’s platform can download and install the Aqua Security for PCF service from Pivotal Services Marketplace, and deploy an end-to-end solution for scanning, application assurance and runtime protection for their application workloads. Cloud Foundry Application Runtime PCF includes a widely deployed distribution of Cloud Foundry Application Runtime (CFAR) and allows customers to implement the same application platform on any major vendor’s cloud, on premises or in a hybrid model. “No matter where they began their journey with Pivotal, enterprises routinely begin pushing code into production faster and more frequently with our platform. Therefore, application security checks must be accessible within the deployment pipeline in order to scale safety and compliance,” said Angus MacDonald, GM Technology Ecosystem at Pivotal. Aqua Security for PCF service “Solutions such as Aqua provide the automation and controls necessary. Together, we hope to make the task of implementing end-to-end security simpler for our customers," Angus further states. Aqua Security for PCF is offered in two tiers – standard and advanced protection. The standard tier allows users to: Scan their applications for vulnerabilities during the Continuous Integration process Provision policies to block unauthorized applications during the staging phase Scan and monitor application or container artifacts for vulnerabilities, malware, and user activity Apply host assurance policies for application or container artifacts Aqua’s advanced protection tier includes all of the standard features with an added layer of security, allowing users to: Detect and block unapproved changes to running application workloads Monitor and control application activity based on customized policies View application network connections and apply firewall rules that whitelist authorized connections Leverage granular audit trails of access activity, scan events and coverage, application activity and system events Advanced runtime protection component Aqua Security for PCF installs natively as a Buildpack (containing the languages and services used by the app) Aqua Security for PCF installs natively as a Buildpack (containing the languages, runtimes, libraries, and services used by the app), and the advanced runtime protection component is implemented as a Bosh add-on, protecting all Pivotal Application Service apps without requiring any manual changes or individual re-deployments of Aqua per application. “Since introducing scanning for Pivotal Cloud Foundry last year, we have seen tremendous interest in the PCF platform at some of our largest customers”, said Upesh Patel, VP of Business Development for Aqua. “As they progressed in their application rollouts, they are now looking to protect their production-grade applications as well, and we are pleased to deliver the complete Aqua solution for Pivotal Cloud Foundry today.” Pivotal customers can get Aqua Security for PCF directly from the Pivotal services marketplace.
Critical infrastructure facilities that must secure large areas with extended outer boundary and numerous entry points, present a particularly difficult challenge when it comes to perimeter protection. As such, true end-to-end perimeter protection calls for the utilization of a sophisticated, multi-layered solution that is capable of defending against anticipated threats. Integrated systems that incorporate thermal imaging, visible cameras, radar and strong command and control software are crucial for covering the various potential areas of attacks. Let’s look at these technologies and the five key functions they enable to achieve an end-to-end solution that provides intrusion detection, assessment and defense for the perimeter. 1. Threat Recognition The first step in effectively defending against a threat is recognizing that it’s there. By combining state-of-the-art intrusion detection technologies, facilities can arm themselves with a head start against possible intruders. An exceptionally important aspect of effective perimeter protection is the ability to conduct 24-hour surveillance, regardless of weather conditions, environmental settings, or time of day. Visible cameras do not perform as well in low light scenarios and inclement weather conditions. However, thermal imaging cameras can provide constant protection against potential intruders, regardless of visual limitations, light source or many environmental factors. In fact, facilities such as power stations located near bodies of water can use thermal cameras to create what is known as a “thermal virtual fence” in areas where they are unable to utilize the protection of a physical fence or wall. Deterring suspicious activity can be achieved through real-time two-way audio, a simple but powerful tool Critical infrastructure applications require not only continuous video surveillance and monitoring, but also a solution that yields highly reliable intrusion detection, with fewer false alarms. This need makes advanced video analytics a must for any adequate surveillance system. Features like dynamic event detection and simplified data presentation are game changing in supporting accurate intrusion analysis and facilitating a proactive response. Advanced analytics will provide multiple automated alarm notification options, including email, edge image storage, digital outputs or video management software (VMS) alarms. Incorporating high quality, unique and adaptive analytics can virtually eliminate false alarms, allowing security personnel to respond more efficiently and effectively, while also lowering overall cost for the end user. While surveillance technologies such as radar, thermal imaging and visible cameras, or video analytics work well on their own, utilizing all of these options together provides an advanced perimeter detection system. For example, ground surveillance radar can detect possible threats beyond the fence line as they approach and send a signal to pan-tilt-zoom (PTZ) cameras, triggering them to slew to a specific location. From there, embedded analytics and visible cameras can further identify objects, notify authorized staff, and collect additional evidence through facial recognition or high-quality photos. 2. Automatic Response Systems Once an intrusion attempt is discovered, it is important to act fast. Organizing a response system that can initiate actions based on GPS location data, such as the slewing of PTZ cameras, automated intruder tracking or activated lighting sensors, greatly increases staff’s situational awareness while easing their workload. For instance, thermal imagers deployed in conjunction with video analytics can be used to generate an initial alarm event, which can then trigger a sequence of other security equipment and notifications for personnel to eventually respond to. Having all of this in place essentially lays the entire situation out in a way that allows responders to accurately understand and evaluate a scene. Power stations located near bodies of water can use thermal cameras to create a “thermal virtual fence” in areas where they are unable to utilize the protection of a physical fence or wall 3. Deterring Suspicious Activity After the designated auto-response mechanisms have activated and done their job, it is time for responders to acknowledge and assess the situation. From here, authorized personnel can take the next appropriate step toward defending against and delaying the threat. Deterring suspicious activity can be achieved through real-time two-way audio, a simple but powerful tool. Often, control room operators can diffuse a situation by speaking over an intercom, telling the trespasser that they are being watched and that the authorities have been notified. This tactic, known as ‘talk down’, also allows officers to view the intruder’s reaction to their commands and evaluate what they feel the best next step is. If individuals do not respond in a desired manner, it may be time to take more serious action and dispatch a patrolman to the area. 4. Delay, Defend, Dispatch And Handle The possible danger has been identified, recognized and evaluated. Now it is time to effectively defend against current attacks and slow down both cyber and physical perpetrators’ prospective efforts. Through the use of a well-designed, open platform VMS, security monitors can manage edge devices and other complementary intrusion detection and response technologies, including acoustic sensors, video analytics, access control and radio dispatch. A robust VMS also enables operators to control functions such as video replay, geographical information systems tracking, email alerts and hand-off to law enforcement. With the right combination of technologies, facilities can take monitoring and evidence collection to the next level The primary purpose of the delay facet of the overall perimeter protection strategy is to stall an attempted intrusion long enough for responders to act. Access control systems play a key role in realizing this objective. When a security officer sees a non-compliant, suspicious individual on the camera feed, the officer can lock all possible exits to trap them in one area all through the VMS. 5. Intelligence: Collect Evidence And Debrief More data and intelligence collected from an event equals more crucial evidence for crime resolution and valuable insight for protecting against future incidents. With the right combination of technologies, facilities can take monitoring and evidence collection to the next level. One innovative resource that has become available is a live streaming application that can be uploaded to smart phones and used for off-site surveillance. This app gives personnel the power to follow intruders with live video anywhere and allows operators to monitor alarm video in real-time. Geographic Information System (GIS) maps are computer systems utilized for capturing, storing, reviewing, and displaying location related data. Capable of displaying various types of data on one map, this system enables users to see, analyze, easily and efficiently. Multi-sensor cameras, possessing both visible and thermal capabilities, provide high-contrast imaging for superb analytic detection (in any light) and High Definition video for evidence such as facial ID or license plate capture. Integrating these two, usually separated, camera types into one helps to fill any gaps that either may normally have. Still, in order to capture and store all of this valuable information and more, a robust, VMS is required. Recorded video, still images and audio clips serve as valuable evidence in the event that a trial must take place to press charges. Control room operators can use data collection tools within their VMS to safely transfer video evidence from the field to the courtroom with just a few clicks of their mouse. More advanced video management systems can go a step further and package this data with other pertinent evidence to create a comprehensive report to help ensure conviction.
In the next three years, software as a service ‘SaaS’ is likely to grow by around 23%. That’s according to reports by Cognizance. It’s growth rests on the adoption of cloud public, private and hybrid. Without the cloud applications can’t truly pervade an organization, nor can operational or customer benefits be derived. But there’s no point in adopting the cloud if it’s not secure - the proliferation of SaaS demands security, none more so in a GDPR world. Large cloud environment But modern applications are difficult to secure. SaaS based, web, mobile, or custom made all work on different platforms and frameworks. It’s a headache managing all the APIs needed to automate and sync tools. This introduces risk. The greater the number of apps the broader the attack surface and therefore the greater the chance there will be blind posts. Keeping up to date with updates and new security policies is never easy There are also added hazards. Applications are always changing. Keeping up to date with updates and new security policies is never easy, but especially hard in a large cloud environment. Failure to adopt changes puts the organization and customers at further risk. But the biggest obstacle is keeping applications and APIs out of harm’s way. It’s a near on impossible task when attack methods and sources are constantly changing. More advanced threats To be specific there are four emerging challenges when it comes to protecting apps. Firstly, managing the good and the bad bots and spotting which is which, secondly securing APIs as IoT adoption intensifies, thirdly the relationship between securing apps and DevOps and ensuring ownership of security, and finally denial of service attacks that use newer tactics such as brute force. Basic security hygiene dictates that security teams refer to the OWASP Top 10. It’s considered the ‘ten commandments’ in security circles, providing a starting point for ensuring the most common threats and vulnerabilities are managed, detected and mitigated. Web Application Firewalls also come into the fray with guidance on testing for the ways hackers exploit vulnerabilities. However, though the basics are good to have in place, there are always more advanced threats to take care of. Bots being a big one. Bot management The more sophisticated bots will go as far as to mimic human behaviorAstonishingly about half of internet traffic is bot generated. Half of it is from bad bots. Discerning the good from the bad isn’t easy though and explains why around 80% of organizations can’t make a clear distinction between the two. Bad bots can do a lot of damage like take over user accounts and payment information, scrape confidential data, or hold up inventory and skew marketing metrics. The more sophisticated bots will go as far as to mimic human behavior and bypass tools like CAPTCHA and even device fingerprinting based protection ineffective. Securing APIs Then there’s the complications derived from machine-to-machine and internet of things (IoT) communications. The more integrated ‘things’, the more data there is, the more events there are report on, and the more activity there is reliant on APIs to make the ‘things’ useful and agile. That’s what makes them a target and the threats to API vulnerabilities include injections, protocol attacks, parameter manipulations, invalidated redirects and bot attacks. There’s the risk that business will grant access to sensitive data, without inspecting nor protecting APIs to detect cyberattacks. There’s the risk that business will grant access to sensitive data, without inspecting nor protecting APIs to detect cyberattacks Denial of service (DoS) You might think there’s little to add to the swathes of denial of service warnings. Yet when businesses are still being targeted and feeling the ill effects it’s worth mentioning again that different forms of application-layer DoS attacks are still very effective at bringing application services down. Even the greatest application protection is worthless if the service itself can be knocked down This includes HTTP/S floods, low and slow attacks (famous examples being Slowloris, LOIC, Torshammer), dynamic IP attacks, buffer overflow, Brute Force attacks and more. The IoT botnets are the culprits and have made application-layer attacks so popular that they have become the preferred DDoS attack vector. Even the greatest application protection is worthless if the service itself can be knocked down. Continuous security It may seem easy to say but for modern DevOps, agility is valued at the expense of security. We see time and again examples of where development and roll-out methodologies, such as continuous delivery, mean applications are exposed to threats each time they are modified. There’s no doubt it is extremely difficult to maintain a valid security policy and protect sensitive data in dynamic conditions without creating a high number of false positives. But we now find that this task has gone way beyond the capability of humans. Organizations now need machine-learning based solutions that map application resources, analyse possible threats, and create and optimise security policies in real time. Reaching this level in security planning should be a big wake-up call that security automation is an essential not a nice to have. Running security plans The board needs to know that investment is critical to protect their profits It’s critical that the security solution your company adopts protects applications on all platforms, against all attacks, through all the channels and at all times. The board needs to know that investment is critical to protect their profits. As such there are six things they need to know: Application security solutions must encompass web and mobile apps, as well as APIs. Bot management solutions need to overcome the most sophisticated bot attacks. DDoS mitigation must be an essential and integrated part of application security solutions. A future-proof solution must protect containerized applications, severless functions, and integrate with automation, provisioning and orchestration tools. To keep up with continuous application delivery, security protections must adapt in real time. A fully managed service should be considered to remove complexity and minimise resources. No amount of human power will beat the bots. That last point is the most critical. Skill is essential in designing and running security plans and policies that work. But the plans can’t be executed without automated tools. There are just too many decisions to make in a split second. Combining both is the path to an effective app protection strategy and a stronger brand to boot.
The extensive analysis and discussion preceding any decision to implement a new physical security solution – whether it’s hardware, software or a combination of both – often focuses on technology, ROI and effectiveness. When it comes to deciding what type of security entrances to install at your facility, you will almost certainly also consider the aesthetics of the product, along with throughput and, if you’re smart, you’ll also look into service concerns. Each of these factors has its important place within the evaluation process, and none should be overlooked as they all have a significant effect on how well your entrances will perform once they are installed. Culture Influences Door Solution Decisions How significant will the change from current entrances to security entrances be for employees? Still, one additional factor actually trumps everything: if you have not considered your organization’s culture in choosing a security entrance, you may be missing the most important piece of the puzzle. Culture is a part of every other decision factor when selecting an entry solution. Before you make a decision about what type of entrance to deploy, you need to consider and understand the values, environment and personality of your organization and personnel. For example, how significant will the change from current entrances to security entrances be for employees? If people are accustomed to simply walking through a standard swinging door with no access control, this will be a culture change. Beyond this, whether you are considering a type of turnstile, a security revolving door or possibly a mantrap portal, simply walking through it will be a significant change as well. Training Employees On Door Security You’ll want to know whether employees have ever used security entrances before. If these types of entrances are in place in another part of the facility, or in a facility they’ve worked in at an earlier time, the adjustment will not be as great as if they’ve never used them at all. Consider, too, how your personnel typically react to changes like this in the organization or at your facility. They may be quite adaptable, in which case there will be less work to do in advance to prepare them. However, the opposite may also be true, which will require you to take meaningful steps in order to achieve buy-in and train employees to properly use the new entrances. With the increased importance of workplace security, discussing new entrances with workforces will help maintain a safer environment Communicate Through The Decision-Making Process All of this will need to be communicated to your staff, of course. There are a number of ways to disseminate information without it appearing to come down as a dictate. Your personnel are a community, so news about changes should be shared rather than simply decreed. As part of this process, you’ll need to give some thought to the level of involvement you want for your staff in the decision-making process. Finally, do not overlook the special needs among your personnel population. You undoubtedly have older individuals on staff, as well as disabled persons and others who bring service animals to the office. Entrances need to be accessible to all, and you never want to be in the position of having a gap in accessibility pointed out to you by the individual who has been adversely affected. New Security Entrance Installation By communicating early and often with your personnel, you can alleviate a great deal of the anxiety Once you have made the decision about which security entrances to install, training your personnel on how to use the new security entrances – both before and after the installation – will help to smooth the transition. Because workplace security is such a big issue right now, it makes sense to discuss the new entrances in the context of helping to maintain a safer environment. They will prevent violent individuals from entering, decrease theft, and most of all, promote greater peace of mind during the workday. If you can help them take control of their own safety in a responsible way, you have achieved much more than just a compliant workforce. By communicating early and often with your personnel, you can alleviate a great deal of the anxiety and concern that surrounds a significant change in the work environment. Schedule Group Meetings Consider your employees; what type of communications do they respond best to? A few suggestions to educate staff on the benefits of the new entrances include: Typically, you would communicate a general message 2-3 months in advance and then provide more specific information (for example, impacts to fire egress, using certain entrances during construction) in a follow up message closer to the installation date. Schedule group meetings to: announce the rationale for increased security, share statistics on crime, review the new security changes that are coming, show drawings/photos of the new doors/turnstiles, and show the orientation videos available from the manufacturer. These meetings are an excellent way to work through user questions and directly address any concerns. Once the installation of a new security system is complete, it is a good idea to have an "ambassador" on board to help employees use these new systems Ensure You Monitor Public Areas If you are implementing a lot of new changes, such as a new access control system, new guard service and security entrances, you might consider hosting a ‘security fair’ on a given day and have the selected vendors come for a day with tabletop displays to meet employees and answer questions during their lunch. This could be a great way to break the ice in a large organization. Make user orientation videos (provided by the manufacturer) available in several ways, for example: Intranet Site Monitors in public areas—lounges, cafeteria, hallways, etc. Send to all staff as email attachments Immediately after installation, once the doors or turnstiles are operational but before they are put into service, train ‘ambassadors’ on how to use the door/turnstile. Have these people monitor and assist employees during peak traffic times. What Is The Ultimate Success Of The Installation? By communicating clearly and openly with your population you can greatly facilitate adoption and satisfaction If you have thousands of employees, consider dividing them into groups and introduce the new entrance to one group at a time (Group A on Monday, Group B on Tuesday, etc.) to allow a little extra orientation time. Place user education ‘quick steps’ posters next to the door/turnstiles for a few weeks to help employees remember the basic steps and guidelines, e.g., ‘stand in front of the turnstile, swipe badge, wait for green light, proceed.’ Ask your manufacturer to provide these or artwork. While there are always going to be people who are resistant to change, by communicating clearly and openly with your population you can greatly facilitate adoption and satisfaction. Your responsiveness to any issues and complaints that arise during and after the implementation is equally fundamental to the ultimate success of the installation.
The ban on U.S. government usage of Chinese-made video surveillance products was signed into law last year and was scheduled to take effect a year later – on August 13, 2019. With that deadline looming, there are questions about whether government agencies and departments will comply in time. A year ago, the U.S. Congress passed, and the President signed, a ban on government uses of video surveillance equipment produced by two of the world’s top manufacturers – Hikvision and Dahua. The provision was buried in the National Defense Authorization Act (NDAA) for fiscal year 2019, which the President signed into law on August 13, 2018. The ban, which takes effect ‘not later than one year after … enactment’, applies not only to future uses of Dahua and Hikvision equipment but also to legacy installations. Tracking software to detect banned products Forescout Technologies, San Diego, California, provides software to track various banned devicesThe bill calls for an assessment of the current presence of the banned technologies and development of a ‘phase-out plan’ to eliminate the equipment from government uses. One problem is identifying where the surveillance equipment is being used, which involves either a tedious manual process to search out the equipment or the installation of tracking software to identify it on the network. A federal Department of Homeland Security program called ‘Continuous Diagnostics and Mitigation’ requires use of a detection tool to find any banned products on a network. Forescout Technologies, San Diego, California, provides software to track various banned devices, but not all required agencies have complied with a mandate to secure their networks by tracking every connected device (only 35% had complied as of 2018.) “Without an automated, real-time tool that can detect all of the IT devices – computer or ‘other’ – on your network, there is simply no way to be 100 percent certain that you are compliant with these product bans,” says Katherine Gronberg, Forescout’s Vice President, Government Affairs. Difficult to determine device’s manufacturer Not all equipment is marked to identify its manufacturer; some has been rebrandedAnother problem is the existence of OEM agreements and other supply chain complications that can make it difficult to determine the manufacturer of any given device. A report by Bloomberg says: “A complex web of supply chain logistics and licensing agreements makes it almost impossible to know whether a security camera is actually made in China or contains components that would violate U.S. rules.” Not all equipment is marked to identify its manufacturer; some has been rebranded. “There are all kinds of shadowy licensing agreements that prevent us from knowing the true scope of China’s foothold in this market,” said Peter Kusnic, a technology writer at business research firm The Freedonia Group. “I’m not sure it will even be possible to ever fully identify all of these cameras, let alone remove them. The sheer number is insurmountable.” Companies banned under NDAA The NDAA ban covers “public safety, security of government facilities, physical security surveillance of critical infrastructure, and other national security purposes.” It bans “video surveillance and telecommunications equipment produced by Hytera Communications Corporation, Hangzhou Hikvision Digital Technology Company, [and] Dahua Technology Company (or any subsidiary or affiliate of such entities).” Hytera Communications is a Chinese digital mobile radio manufacturer. Huawei Technologies Co. equipment has also been banned, including the HiSilicon chips widely used in video cameras. In addition to banning the Chinese equipment in government installations, the NDAA also includes a ‘blacklist’ provision [paragraph (a)(1)(B)], which could be interpreted to extend the ban to companies that use Chinese-made products in other, non-government applications. Rulemaking on that aspect is still under way, including a public hearing in July.
Workforce management systems gather and analyze information and anomalies from security officers in the field. The information ranges from direct observations entered via mobile or desktop apps by officers on duty to reports from cleaning staff, the maintenance department, and CCTV operators. Taken together, the information yields business intelligence and data analytics at no additional cost. Trackforce is a provider of workforce management solutions specific to the security industry and its unique operational requirements. From tracking guard tours to managing incidents and officers remotely, the platform improves officer accountability, optimizes operations, and delivers actionable insights via a live dashboard to reduce vulnerabilities and enhance efficiencies. The platform is customizable and scales to each client’s business. Platform to control and identify risks “Corporate security teams deal with issues related to operational risk, facility security levels and design basis threats, and must contend with manmade, naturally occurring, and technological events,” says Guirchaume Abitbol, CEO and founder of Trackforce. “We provide them a platform that enables them to control and identify risks, deliver their service, and maintain security best practices.” Trackforce uses live monitoring to ensure quality control and to upgrade situational awareness, delivers real-time incident notifications Trackforce serves large security guard companies and global organizations in diverse vertical market sectors and is expanding in facilities management. More than 200,000 professionals at over 20,000 customer sites in 45 countries use the platform. Trackforce uses live monitoring to ensure quality control and to upgrade situational awareness, delivers real-time incident notifications, and generates data-rich analysis and key performance indicators (KPIs) that enhance monitoring and reporting. Reduces corporate risk Better management of corporate risk is a benefit of security workforce management. The Trackforce platform reduces corporate risk in four areas by: Managing multiple sites, located anywhere, with various threat levels, cultural differences, operating procedures, and regulations. Supporting a security budget and investment in new solutions by providing data necessary for budget approval. Keeping management informed about outsourced security services partners with relevant data, analytics, and transparency. Providing real-time data on risks and incidents so operations can be quickly optimized to ensure top-level security services. Identifying potential threats and risks The platform rapidly and accurately collates data (implied data or trends) based on user-selected parameters. Data- and intelligence-rich reports become available to managers from any location via a dashboard. All necessary information is displayed on a single screen in an uncluttered format.The ability to analyze current and historical data in real time empowers security managers to track patterns Reports can be downloaded and shared with stakeholders. The ability to analyze current and historical data in real time empowers security managers to track patterns, identify potential threats and risks, and implement preventative actions and strategies. Using data intelligence as benchmark Security teams will use data intelligence as a performance benchmark for resources required to accomplish site goals. They will also use this information to pilot and rationalize resource needs for impending contracts based on historical, descriptive (what happened), diagnostic (why did it happen), predictive (what will happen) and/or prescriptive data (how can we can make it happen). “For example, when a large company incurs incremental computer equipment theft, a supervisor can use the platform to review historical reports and identify patterns and anomalies,” says Abitbol. “The supervisor could then identify and proactively implement targeted strategies to mitigate the theft, such as modifying security routes, increasing patrols, or adjusting asset management protocols.” Enhanced control of security resources The Trackforce platform has been designed to serve clients at multiple regional and national locations and is available in many languages. The Command Center allows a security supervisor based at a central location to easily manage officers on multiple sites. The Command Center provides greater oversight and enhanced control of security resources The Command Center provides greater oversight and enhanced control of security resources. Management can compare locations and evaluate security with a customizable reporting dashboard for each site. The uniform platform uses the same reporting templates and processes for each secured and managed location, thus ensuring consistency and accurate benchmarking. Trackforce’s workforce management solution has low cost and presents a low barrier to entry, with systems that can be implemented in a short time.
Artificial intelligence (AI) is expanding the capabilities of license plate readers and vehicle identification systems. Within a smart/safe city scenario, automatic license plate reader solutions are used to help analyze real-time video streams for site surveillance, inspection and public safety, and to offer actional information through a network of connected camera systems. Outside of law enforcement, this can include other public safety initiatives such as traffic tolls, car counting, and parking security. Vehicle recognition systems Rekor Systems is a provider of vehicle recognition systems in more than 60 countries Using AI to enable video cameras, Rekor Systems is a provider of vehicle recognition systems in more than 60 countries. Applications include security and surveillance, public safety, electronic toll collection, brand loyalty, parking operations, banking and insurance, logistics, and traffic management. AI allows Rekor’s products to recognize and read license plates, while also providing information about each vehicle, including color, make, year, and model. Rekor’s products are powered by OpenALPR software, an AI-based solution that enables any IP (internet protocol) surveillance camera to scan license plates and provide vehicle data including tag number, make, model, and color in real time with 99% accuracy, according to the company. Rekor’s products are powered by OpenALPR software Integrated solutions “Rekor's software started as an open source project, and we have done our best to keep the commercial software as open as possible,” says Rod Hillman, Chief Operating Officer, Rekor Systems. “One of the challenges we see with others in our space is a tendency to ‘close off’ and ‘silo’ their solutions. Our goal is to make it as simple as possible to deploy, integrate, and ultimately use.” Rekor has numerous application programming interfaces (APIs) and ways the solution can be integrated into partners' solutions with a software development kit (SDK). Rekor solutions can be purchased directly or through a worldwide partner network of integrators, wholesalers, and within integrated solutions such as Nokia's smart city platform. Electronic toll collection Rekor’s solutions have viable applications within multiple markets While many systems are hardware-based, Rekor’s software-as-a-solution offering can turn an IP camera into an automatic license plate reader. Rekor’s solutions have viable applications within multiple markets, including law enforcement, security and surveillance, electronic toll collection, parking operations, banking and insurance, logistics, traffic management, and customer experience. “Rekor offers a cost-effective alternative to traditional LPR systems with a much higher accuracy rate at 99% allowing more cameras to be present and active at any given time,” says Hillman. “Traditional LPRs need someone to go through hours of footage to find what they are looking for while Rekor’s technology will send alerts in real time, resulting in much quicker response times.” Move Over Camera mounts onto roadside worker’s vehicles to capture ‘Move Over’ violations Two-Part authentication Rekor’s products include: NUMERUS, a cloud-based solution for high-volume vehicle recognition, designed to reduce costs and increase efficiencies for the electronic toll collecting industry. Two-part authentication instantly identifies the vehicle’s make, model, color and body type along with the license plate read. Machine-learning-enabled software recognizes license plates from all 50 U.S. states, in addition to plates from more than 70 countries on six continents. Edge, an all-in-one camera and vehicle recognition system that instantly reads vehicle license plates, along with the vehicle’s make, model, color and body type. Move Over Camera, which mounts onto roadside worker’s vehicles (police, tow truck, etc.) to capture ‘Move Over’ violations. ‘Move Over’ laws state that vehicles must move over one lane and/or slow down if they cannot move over to avoid incident while roadside workers are in the shoulder lane. The camera can detect what lane vehicles are in and how fast they are moving. Violators are flagged in the system for law enforcement’s review.
Over 1,600 Wisenet cameras manufactured by Hanwha Techwin have been installed at Asia’s largest mega hub terminal in order to help operators monitor the movement of parcels and vehicles, as well as keep employees and visitors safe. With its nine decades of endless innovation, Korea’s logistics service provider, CJ Logistics, is leaping forward to become a pioneer by expanding its global networks to over 94 locations and entering the Thailand, Malaysia, China and Philippines markets. Video surveillance solution In June 2018, CJ Logistics opened Asia’s largest mega hub terminal in Gonjiam, Gyeonggi-do, South Korea. The terminal, which comprises two buildings with four floors above ground and two underground, occupies approximately 300,000sq meters, almost the size of 40 football stadiums. The total length of the facility’s conveyor belts is almost 43km, long as a full-course marathon The total length of the facility’s conveyor belts is almost 43km, which is as long as a full-course marathon. The terminal also has a state-of-the-art automation system, the first of its kind in Korea, which has increased the company’s daily handling capacity to 1.72 million parcels, four times higher than its competitors. CJ Logistics looked for a top-notch video surveillance solution which could match the terminal’s grand scale and the technically advanced automated facilities. Providing periphery monitoring After testing cameras from different manufacturers in the market, CJ Logistics chose Hanwha Techwin as its supply partner and have subsequently installed around 1,660 Wisenet cameras throughout the terminal. Wisenet X series IR PTZ cameras have been installed along the building exteriors, providing periphery monitoring 24/7 and auto tracking that enables precise monitoring across long distances, while IR illumination provides visibility even at night. Inside the buildings, around 1,400 Hanwha Techwin’s Wisenet Q series cameras were installed on the terminal’s ceilings and walls. The cameras are able to help detect any problems occurring to the automated conveyor systems which have a constant flow of parcels on them. They also oversee the movement of over 1,500 vehicles in and around the terminal and help create a safe working environment. Highly accurate recognition Wisenet X series bullet cameras, running license plate recognition (ANPR) software onboard, have been installed at the main gate of the terminal to enhance security at the entrances and exits, providing highly accurate recognition of license plates. These cameras enable effective vehicle monitoring within the terminal where cargo moves in and out around the clock, and are particularly useful in monitoring the main entrance. Both camera types are equipped with 12x optical zoom and 150dB WDR Wisenet X series bullet and PTZ cameras have been installed at indoor staircases and corridors of the office building. Both camera types are equipped with 12x optical zoom and the World’s best 150dB Wide Dynamic Range (WDR) which ensures clear images are captured from scenes that contain a challenging mix of bright and dark areas, normally causing overexposed or underexposed images. Intelligent video analytics As part of the Wisenet X series, these cameras feature intelligent video analytics and offer movement, loitering and intrusion detection. They are also equipped with audio analysis functionality which recognizes critical sounds such as gunshots, explosions, screams and broken glass. “Thanks to the Hanwha Techwin’s Wisenet security solution, we were able to build a safe video surveillance system that can match the size and the cutting edge facilities of Asia’s largest logistics terminal,” said an official at CJ Logistics. “Now we can safeguard every corner of our terminal including vehicles, parcels, and personnel, not to mention indoor and outdoor spaces.”
As the largest and busiest commercial port in New Zealand, Port of Tauranga spans 190 hectares and handles in excess of 1500 ships and 840,000 TEU (Twenty-foot Equivalent Units) each year. The port is a bustling import and export gateway which relies on efficient processes and procedures to maintain superior operational activity. Being a large site, with unrivaled sea, road, and rail connections, Port of Tauranga has a strong focus on employing security and safety solutions which enhance and support workflow across the site. In 2004, Port of Tauranga faced new security challenges with the introduction of the International Ship and Port Facility Security Code (ISPS Code). Key security element The new code was developed following the attacks of September 11, 2001 on the United States, and prescribed new measures required by governments, ships, and ports, in order to continue shipping trade with North America. Gallagher’s access control system was installed at 12 road access gates Compliance with the ISPS code was enforced by Maritime New Zealand, giving ports throughout the country until the end of 2004 to become compliant with the new regulations. A key security element for Port of Tauranga to become ISPS compliant was restricting and controlling access on and off the port. Gallagher’s integrated access control solution was selected as the system to deliver this for Port of Tauranga. To manage the variety of entry and exit points, Gallagher’s access control system was installed at 12 road access gates, 4 rail access gates, and over 60 doors across the site. Access Control Solution Providing more than just standard card/reader access control, Gallagher’s Challenge feature gives the port an additional tier of security by utilizing video integration. The Challenge solution enables operators the ability to check cardholder identities against a live image being taken at the access point. This feature reduced the number of staffed gates required, resulting in significant ongoing labor savings for Port of Tauranga. With a large number of people coming and going from the port on a daily basis, Port of Tauranga needed a robust system capable of effortlessly managing a large database. While the port has only 170 employees, there are currently 9,000 active cardholders. “A constant flow of trucks throughout the day is essential,” said Mike Letica, Manager of Security at the Port of Tauranga. “Trucks delivering containers cannot be backed up waiting.” The Gallagher access control solution, coupled with Gallagher’s Command Centre software platform, enables Port of Tauranga to restrict entry amongst the 9,000 cardholders to the specific areas they are authorized to work in, through the use of access groups and access zones. Plant washing facility The system provides the functionality for bulk changes to be easily applied to groups, ensuring the port staff’s database administration time is kept to a minimum. More than just controlling access on and off the site, Port of Tauranga needed an auditable trail of exactly who had accessed the site. Another key feature of Gallagher Command Centre being utilized by Port of Tauranga The Gallagher Command Centre platform provided the functionality for tailored reports on who had accessed zones and facilities, and at what time. “Some services available at the port, for example the plant washing facility and diesel pump, are billed back to the user” said Letica. “We needed a simple way of identifying users and this was achieved by having access control cards activate the facilities”. Another key feature of Gallagher Command Centre being utilized by Port of Tauranga is the scheduling function. Port security team Being able to adjust the access control schedule for the road and rail gates in support of peak operating times and statutory holidays provides greater control for the port security team, along with the ability to set schedules in advance. In 10 years, the operational activity at Port of Tauranga almost doubled. From approximately 32,000 trucks per month in 2004, to over 61,000 trucks and 24,000 cars per month in 2014, the volume and tonnage growth has been extensive. Despite both activity growth and site expansion, the Gallagher system has enabled Port of Tauranga to maintain the same number of security staff they had in 2004. Letica has confidence in the Gallagher solution supporting the port’s future expansion, “We believe we have a security system that has not only met our growth needs to date, but is going to continue to meet our needs in the future.”
Wintec (The Waikato Institute of Technology), established in 1924 is a major New Zealand Government-funded tertiary institution, which has three Hamilton campuses; a city site overlooking the central business district, Avalon campus on the northern outskirts of the city, and a horticultural campus at Hamilton Gardens. In addition, it has regional operations at Te Kuiti and Thames and also an office in Beijing. The Avalon campus, a ten-minute drive from the city, is home to specialist trades training facilities, a state-of the-art sport and exercise complex and custom designed facilities for the School of International Tourism, Hospitality and Events. The third Hamilton campus, the Horticultural Education Centre, is situated amidst the 58 hectares of Hamilton Gardens. On-Line distance education Wintec’s programs and qualifications are nationally and internationally recognized Wintec is one of the largest institutes of technology in New Zealand, and has more than 35,000 full-time and part-time students, more than 500 full and part time staff and eleven schools within its academic faculty. International enrolments exceed 1000 from 47 countries. A range of student services provide its domestic and international students with a high level of support so they enjoy a positive, safe and secure study experience. Wintec’s programs and qualifications are nationally and internationally recognized and its degrees have equal status to those from universities. The degree programs include Media Arts, Midwifery, Nursing, Occupational Therapy, Early Childhood Education, Business Studies, Engineering, Technology, Information Technology, and Sport and Exercise Science and a wide range of full and part time courses for those already in the workforce. Wintec is also recognized nationally in the delivery of on-line distance education for those unable to attend regular classes for reasons of geographical access or other constraints. Electronically controlled doors Wintec strives for a balance of unobtrusive yet robust control of site activity, essential for maintaining an open campus environment. Shane Goodall, Security Manager at Wintec, describes the approach to security as highly proactive and collaborative: “by focusing on preventing issues arising, we now have a minimal policing role and the crime resolution rate is high”. This environment is underpinned by Gallagher’s security system, a core access control, intruder alarms and integration platform. Wintec first installed the Gallagher system (formerly Cardax FT) in 1999 and has since migrated this legacy system to Gallagher’s latest security technology platform. Security for the entire organization, including satellite sites, is managed and monitored centrally from Wintec’s single Gallagher security system. Since initial installation, Wintec’s Gallagher access control system has grown from 7 to 240 electronically controlled doors in 2009, with another 40 planned - testimony to the scalability and flexibility of the system. Network friendly system communications The organization first installed 6 cameras in 2004 which has increased to 7 DVRs and 85 cameras Wintec has integrated its imaging system to the Gallagher system delivering a visual record which can be matched to the audit trail of events in Gallagher Command Centre software. The organization first installed 6 cameras in 2004 which has increased to 7 DVRs and 85 cameras (both analog and IP). Another compelling aspect of the system for Wintec is the scalability and TCP/IP network friendly system communications. As well as monitoring and controlling staff and student access, equipment including computers, TVs, printers, audio visual resources at Wintec are also monitored through the Gallagher system. The ‘Gallagher Hub’, a new computer laboratory offering comprehensive IT resources is open 24 hours. The Hub contains 125 workstations, and there are plans to extend that number. Active monitoring of equipment though the Gallagher system has significantly reduced theft. Students and staff have scheduled access to shared IT resources, classrooms and lecture theatres. Manage cardholder data ‘Cardholder Import’, an XML Interface, supports the importation of cardholder data including course enrolments from their student record system to Gallagher Command Centre. Shane comments, “Student card issuing is an automated process which is enrollment-driven – a student’s access privileges are assigned according to their enrolled courses.” “To implement this, we defined a rules-based allocation of access groups in the Gallagher system using the XML interface. The interface is ‘live’ so that changes in the student enrolments database are immediately reflected in the Gallagher system. The student’s updated access privileges come into effect without delay.” Staff that interact directly with students are now empowered to manage cardholder data enabling the security team to focus on security. Students and staff utilize Mifare SmartCard functionality extensively, embracing them as an integral multiapplication tool in their modern educational environment – SmartCards are used to issue resources from the library and as pre-stored value cards enabling prepaid printing and photocopying. In the near future they will also be used in Wintec’s Pay and Display car-park and potentially as passes onto city council buses. Electronic access control At Wintec, security is not viewed as a discrete functional activity relegated to security staff only Stewart Brougham, Director of Internationalisation at Wintec, says students have given very positive feedback about their ID cards. In particular, the ability to verify the identity of staff members from their ID access cards provides peace of mind for students. The end result is a people-friendly campus. Future enhancements of Wintec’s security may include the utilization of the CommCard solution from Gallagher to manage and monitor access to student accommodation. CommCard is a unique high level integration between the Gallagher Command Centre software and Salto off-line readers, delivering offline, non-monitored electronic access control for lower security doors. An overriding philosophy of collaboration has seen Wintec take a lateral approach to security, the value of which many organizations have yet to realize. At Wintec, security is not viewed as a discrete functional activity relegated to security staff only. The ongoing management of security is a joint effort between the security services team and the information services team. Increasing operational security The security services team manages the Gallagher system while IT looks after back end functions such as installation on the network and backup. Wintec has leveraged the convergence of security (access control) and other operational business functions recognizing the tremendous potential for reducing risk and increasing operational security, safety, performance and efficiency. Looking beyond simply controlling and monitoring who goes where and when on site, Wintec is harnessing the reporting capabilities of Gallagher Command Centre to meet regulatory requirements. The Gallagher system enables the institution to report on actual space utilization (not just space booking). Decisions are made for best use, and also to substantiate funding, based on these reports. “The key to space utilization reporting are the frequency of reporting and the integrity and reliability of information,” states Stewart Brougham. It’s a national issue for educational institutes in New Zealand. Extending external partnerships “For Wintec, reporting is about ensuring compliance with regulatory requirements and is also a staff time management issue – reducing the administration load on lecturers, who would otherwise have to track student attendance manually.” Brian Fleming, Director of Gallagher Channel Partner, Concord Technologies, sites this lateral application of a security system as key to maximizing the value of Gallagher to Wintec. Wintec has a strong relationship with Gallagher in the ongoing development of its technologies This collaborative philosophy extends to proactive external partnerships with their Gallagher Channel Partner, Concord Technologies, for the installation and maintenance of the Gallagher system, and with system designer and manufacturer, Gallagher. Having signed an agreement to continue in the capacity of a Gallagher field test site, Wintec has a strong relationship with Gallagher in the ongoing development of its technologies. Wintec’s success, in the last 5 years, as a test site reflects the competence of both its IT and security staff and the institute’s commitment to edge student services. Minimal training has been required. Software maintenance agreement There is open communication and information sharing between all internal and external parties involved, which means any issues that arise can be quickly addressed. Wintec has committed to a site maintenance plan with their security partner, Concord Technologies. The plan incorporates both software and hardware maintenance to ensure the system is maintained on the latest operating platforms within a known cost structure. A Software Maintenance Agreement also ensures enhanced ongoing system performance and reliability of the Gallagher system. Acknowledgements Gallagher would like to acknowledge the support of Wintec and security partner, Concord, with the development of this in-site study. Gallagher would also like to particularly acknowledge and thank Shane Goodall for the pivotal role he plays in championing the collaboration of these parties and for his outstanding support of the Northern Region Cardax User Group (NZ) in the capacity of Chairman of the group.
Todd Burgess has an easy answer when asked why he’s used a March Networks video solution in his Quik-E Food convenience stores for more than 15 years. “It’s simple. The system is constantly saving us money.” Networking and IT In his role as Vice President of Quik-E Food Stores, Burgess oversees all the networking and IT requirements for the Lynchburg, Virginia business, which includes 13 convenience stores and gas stations, six car washes, a laundromat and a craft beer pub called The Filling Station known for its unique combination of ‘growlers, grub and gas’. Finding those incidents and stopping them quickly can directly impact Quik-E’s profitability While many things about the family-owned business have changed since its founding in 1973, the need to keep a close eye on each location’s inventory hasn’t. Like every retail organization, Quik-E can cite numerous examples of theft, fraud and inventory errors that have cost the business thousands of dollars in lost revenue. Finding those incidents and stopping them quickly can directly impact Quik-E’s profitability, and that’s where its March Networks intelligent video solution really proves its worth. Video system helps curb thefts “I can’t tell you how many thefts I’ve caught with the help of our video system,” said Burgess. “I had a former employee just finish paying me back $13,000 they owed us in stolen goods, and we recently caught another employee who was stealing probably $50 worth of cigarettes each day.” “And just this morning I was reviewing video of a weekly delivery with one of our managers,” continued Burgess. “We were able to confirm that we’d been charged for $77 worth of gloves that we didn’t actually receive. The video showed the delivery guy come into the store and put everything down. Two boxes of gloves is easy to spot, so it was obvious that that portion of the delivery was missing.” Quik-E Food Stores has upgraded its video solution over the years and Burgess uses the Searchlight software regularly to check for any unusual or suspect transactions and review the data when an incident occurs New software capabilities Over the years, Quik-E Food Stores has upgraded its video solution to take advantage of better performance and new software capabilities. The March Networks video recorders first installed more than a decade ago have been slowly replaced by new generation 8000 Series Hybrid NVRs, able to support both analog and IP cameras or a full complement of IP-only video. Hosted networking solution Burgess has also overseen the transition from older Visual Intelligence software to March Networks Command Enterprise software working with Integrated Technology Group (ITG), the retailer’s long-time systems integrator and March Networks certified partner. That’s in addition to moving the organization from office servers to a hosted networking solution and switching from an existing point-of-sale (POS) system to a new Gilbarco Passport POS solution. “We’ve been proactive about upgrading our IT infrastructure over the last few years, and our video system has always come back online, except in one instance where we couldn’t get the cameras connected again in a couple of locations,” said Burgess. “March Networks Tech Support was wonderful. They managed to diagnose the issue, which wasn’t related to the video products in the end. They were just a big help.” March Networks Searchlight™ Burgess says that he’s a satisfied customer and he won’t be looking for another video solution anytime soon Quik-E is also using March Networks Searchlight™ for retail, a software application that integrates surveillance video with the retailer’s POS transaction data to provide powerful search and investigation tools. Burgess uses the Searchlight software regularly to check for any unusual or suspect transactions and review the data when an incident occurs. “I use Searchlight primarily to look for voids and cancellations, or high dollar value transactions,” said Burgess. “We actually just used it to help catch a manager who probably stole thousands of dollars from us. I knew I was short in inventory, so I pulled up the video and transaction data to see if things were being rung up. It was clear they were not and we had the evidence to prove it. Now we’ll use that evidence to hopefully recoup our losses.” Satisfied customer Ultimately, Burgess says that he’s a satisfied customer and he won’t be looking for another video solution anytime soon. “I think it’s one of the best video surveillance systems on the market. March Networks has been good to me over the years and I’m a very happy customer.”
Avigilon Corporation (‘Avigilon’), a Motorola Solutions company, announces that the New Bedford Housing Authority (‘NBHA’) in Massachusetts, USA has selected Avigilon video security solutions to help improve safety and reduce crime within its community. With close to 1,750 federal public housing units and 748 state aided units, the NBHA services over 6,000 individuals by providing safe, well-maintained and affordable housing units. New Bedford has faced challenges related to crime, which prompted the NBHA to seek out a security system that delivers actionable results to increase public safety throughout its community. Monitor critical areas The NBHA has deployed a complete Avigilon solution to monitor 13 of its properties throughout the city The NBHA has deployed a complete Avigilon solution to monitor 13 of its properties throughout the city. The system includes more than 125 Avigilon cameras and Avigilon Appearance Search™ technology, which is powered by AI to help enable security officers to quickly sort through hours of video with ease to locate a specific person or vehicle of interest across an entire site or multiple sites that are connected to the same Avigilon Control Center™ client software. “Our goal is to provide a safe environment for our residents and deploying an Avigilon system has allowed us to monitor critical areas more efficiently and respond more quickly,” said Steven Beauregard, executive director of NBHA. Video security solutions “So far, the results are tangible as we’ve made great strides in improving the safety and security of our communities.” “The NBHA is taking significant action to proactively address crime and other security concerns to help protect what matters most: its residents,” said Ryan Nolan, senior vice president, Commercial Operations of Avigilon. “By using our AI-powered video security solutions they are able to increase the effectiveness of their security system and provide a new level of public safety.”
One French town just north of Paris faced familiar key management challenges. Each person in their Municipal Technical Centre had to carry approximately forty physical keys. If a single key was lost or stolen, for even one door, all compromised cylinders had to be changed. To prevent unauthorized access, all the keys had to be replaced, too — at great expense. Key duplication costs were mounting. “One lost key cost from €3,000 to €4,000 for changing cylinders and replacing the keys,” explains Fabrice Girard, Territorial Technician at the Villiers-le-Bel Municipal Technical Centre. Administrators can program access rights for every CLIQ key, padlock or cylinder using the Web ManagerTo fix their expensive lost key problem, Villiers-le-Bel city administrators chose to combine ABLOY’s mechanical PROTEC2 and CLIQ electromechanical locking within the same flexible, key-based access control system. Almost 500 CLIQ wireless cylinders, 850 programmable, battery-powered CLIQ keys, plus programming devices and wireless CLIQ padlocks, have been deployed in a multi-year, rolling upgrade program. CLIQ Web Manager software Now, with CLIQ, lost or stolen keys are canceled instantly using the CLIQ Web Manager software. The Web Manager works securely inside a standard browser, with no software installation needed. Administrators can program access rights for every CLIQ key, padlock or cylinder using the Web Manager. They filter access to specific sites and doors according to the precise needs of every city employee. “CLIQ Web Manager is a very easy and pleasant system to use every day,” says Fabrice Girard. CLIQ also saves time for the city’s security team, because staff no longer must return to the Technical Centre to collect the keys for multiple sites. Authorized users carry a single, programmable, battery-powered CLIQ key, where all their individually tailored access rights are stored. Wireless system to enhance safety Using the CLIQ Web Manager, security staff can track exactly who has been granted access to every school site“We wanted a wireless system with reduced maintenance costs and increased safety,” adds Fabrice Girard. “CLIQ met all these requirements.” The city has already rolled out CLIQ beyond their Municipal Technical Centre to 10 local schools. Using the CLIQ Web Manager, security staff can track exactly who has been granted access to every school site — critical for these sensitive premises and to improving overall school safety. Plans are in place to equip Villiers-le-Bel’s 12 remaining schools with CLIQ within 2 to 3 years, including canteens and boiler rooms. Because CLIQ can be deployed and scaled flexibly, the city’s dedicated security budget funds this gradual extension of their CLIQ system.
Round table discussion
In the digital age, software is a component of almost all systems, including those that drive the physical security market. A trend toward hardware commoditization is making the role of software even more central to providing value to security solutions. Software developments make more things possible and drive innovation in the market. We asked this week's Expert Panel Roundtable: How do software improvements drive physical security?
Cybersecurity has become the ultimate buzzword in the physical security market. And it also represents one of the industry’s most intractable challenges. Several years ago, the problem with cybersecurity was lack of awareness among physical security practitioners. It’s now safe to say that awareness has increased. Everyone today talks about cybersecurity, but has it helped the larger problem? We asked this week’s Expert Panel Roundtable: Is greater awareness helping to increase the cybersecurity of physical security systems?
ISC West 2019 is in the industry’s rear-view mirror, and what a show it was! The busy three days in April offered a preview of exciting technologies and industry trends for the coming year. We asked this week’s Expert Panel Roundtable: What was the big news at ISC West 2019?
Security software: Manufacturers & Suppliers
- ACT Security software
- Milestone Security software
- Vicon Security software
- DSX Security software
- Hanwha Techwin America Security software
- Gallagher Security software
- HID Security software
- TDSi Security software
- Bosch Security software
- Nedap AEOS Security software
- CEM Security software
- Software House Security software
- CCTV Software Security software
- PAC Security software
- Honeywell Security Security software
- FLIR Systems Security software
- Panasonic Security software
- Dallmeier Security software
- Geutebruck Security software
- IDTECK Security software