ISONAS Access Control Cards, Tags & Fobs(4)
Browse Access Control Cards, Tags & Fobs
Access control card/ tag/ fob products updated recently
Today’s security industry technology standards create a common framework for achieving predictable performance. Systems are made more secure and easier to install, use and integrate with other devices. Standards are also intended to be living documents, open to continual refinements to benefit manufacturers, integrators and end users. An excellent example is the Open Supervised Data Protocol (OSDP), which is now the industry’s gold standard for physical access control installations. It was designed to offer a higher level of security with more flexible options than the aging defacto Weigand wiring standard. Updating OSDP-readers simultaneously One recent addition enables end users to push firmware and software updates to thousands of OSDP-enabled card readers simultaneouslyOSDP, first introduced in 2011 by the Security Industry Association (SIA), continues to evolve with significant manufacturer input. One recent addition enables end users to push firmware and/or software updates to a few or thousands of OSDP-enabled card readers simultaneously. Weigand technology requires updates to be made one at a time at each reader. Regularly changing reader encryption keys is an excellent way to enhance facility security. It’s easy using the OSDP file transfer capability and the latest DESFire EV2 credentials containing multiple encryption keys. You can transfer the next code on the card to all readers and the job is done. And there’s no need to create a new card for each user or reprogram each individual reader. AES-128 encryption ensures cybersecurity It’s time to migrate entirely away from Weigand technology. If greater security, convenience and reduced labour from the latest OSDP updates isn’t reason enough, here are a few more things to consider. The 40-year-old Weigand protocol provides no signal encryption, making it easy for hackers to capture the raw data transmitted between cards and readers. OSDP readers support AES-128 encryption while providing continuous monitoring of wires to guard against cybercriminals. Weigand reader installations require homerun cable pulls from the control panel to each peripheral device. OSDP readers can be daisy chained, providing additional savings on cabling and installation time. Weigand technology is simply too slow to work with today’s most versatile and secure card technologies. OSDP readers work with virtually all modern access control cards. The OSDP standard also works with biometric devices; Weigand does not. Meeting requirements of FICAM guidelines SIA is pushing to make the latest OSDP version a standard recognised by the ANSI, a move to enhance the global competitiveness of U.S. security businessesAlso, OSDP is becoming a must-have standard for organisations demanding the highest security levels. The standard meets requirements of the Federal Identity, Credential and Access Management (FICAM) guidelines that affect how the access control industry does business with the federal government. SIA is pushing to make the latest OSDP version a standard recognised by the American National Standard Institute (ANSI), a move to enhance the global competitiveness of U.S. security businesses. There’s still a large worldwide reader installation base that works solely with the Weigand protocol. Admittedly, changing them all at one time may be prohibitively expensive; however, standards should be viewed as a journey, not a destination. That’s why a measured migration is the right choice for many organisations. Begin by securing the perimeter. Replace only the outside-facing Weigand readers. As long as the walls are secured, the inside can remain a softer target until OSDP-compatible readers can be added indoors. The case for moving to OSDP as a standard is compelling. It offers our industry the opportunity to design access control software and products that provide what end users want most – greater security, flexibility and convenience.
It’s not surprising that people are nervous about the security of newer technologies, many of which are part of the Internet of Things (IoT). While they offer greater efficiency and connectivity, some people still hesitate. After all, there seems to be a constant stream of news stories about multinational corporations being breached or hackers taking control of smart home devices. Both of these scenarios can feel personal. No one likes the idea of their data falling into criminal hands. And we especially don’t like the thought that someone can, even virtually, come into our private spaces. The reality, though, is that, when you choose the right technology and undertake the proper procedures, IoT devices are incredibly secure. That said, one of the spaces where we see continued confusion is around access control systems (ACS) that are deployed over networks, particularly in relation to mobile access, smartcards, and electronic locks. These technologies are often perceived as being less secure and therefore more vulnerable to attacks than older ACS systems or devices. In the interest of clearing up any confusion, it is important to provide good, reliable information. With this in mind, there are some myths out there about the security of ACS that need to be debunked. The fact that these devices communicate with an ACS via Bluetooth or Near Field Communication (NFC) leads to one of the main myths we encounter Myth #1: Mobile credentials are not secure The first myth we have to look at exists around mobile credentials. Mobile credentials allow cardholders to access secured doors and areas with their mobile devices. The fact that these devices communicate with an ACS via Bluetooth or Near Field Communication (NFC) leads to one of the main myths we encounter about the security of credentialed information. There is a persistent belief that Bluetooth is not secure. In particular, people seem to be concerned that using mobile credentials makes your organisation more vulnerable to skimming attacks. While focusing on the medium of communication is an important consideration when an organisation deploys a mobile credentialing system, the concerns about Bluetooth miss the mark. Bluetooth and NFC are simply channels over which information is transmitted. Believing that Bluetooth is not secure would be the same as suggesting that the internet is not secure. In both cases, the security of your communication depends on the technology, protocols, and safeguards we all have in place. So, instead of wondering about Bluetooth or NFC, users should be focused on the security of the devices themselves. Before deploying mobile credentials, ask your vendor (1) how the credential is generated, stored, and secured on the device, (2) how the device communicates with the reader, and (3) how the reader securely accesses the credential information. When you deploy smartcard technology as part of your ACS, you should choose the latest generation, such as MiFARE DesFIRE EV1 or EV2 and HID iCLASS SEOS Myth #2: All smartcards are equally secure The question “how secure are my smartcards?” is a serious one. And the answer can depend on the generation of the cards themselves. For example, while older smartcards like MiFARE CLASSIC and HID iCLASS Classic offer better encryption than proxy cards and magstripe credentials, they have been compromised. Using these older technologies can make your organisation vulnerable. As a result, when you deploy smartcard technology as part of your ACS, you should choose the latest generation, such as MiFARE DesFIRE EV1 or EV2 and HID iCLASS SEOS. In this way, you will be protecting your system as well as your buildings or facilities. Some traditional readers and controllers can also pose a serious risk to your organisation if they use the Wiegand protocol, which offers no security. While you can upgrade to a more secure protocol like OSDP version 2, electronic locks are a very secure alternative worth considering. It is also important to understand that not all smartcard readers are compatible with all smartcard types. When they are not compatible, the built-in security designed to keep your system safe will not match up and you will essentially forego security as your smartcard-reader will not read the credentials at all. Instead, it will simply read the non-secure portion—the Card Serial Number (CSN) —of the smartcard that is accessible to everyone. While some manufacturers suggest that this is an advantage because their readers can work with any smartcard, the truth is that they are not reading from the secure part of the card, which can put your system and premises at risk. Using electronic locks can help protect facilities and networks through various security protocols, including encryption and authentication Myth #3: Electronic locks are more vulnerable These days, there are still many who believe that electronic locks, especially wireless locks, are more vulnerable to cybercriminal activity as compared to traditional readers and controllers. The concern here is that electronic locks can allow cybercriminals to both access your network to get data and intercept commands from the gateway or nodes over the air that would allow them access to your buildings or facilities. The reality is that using electronic locks can help protect facilities and networks through various security protocols, including encryption and authentication. Additionally, because many of these locks remain operational regardless of network status, they provide real-time door monitoring. This means that many electronic locks not only prevent unauthorised access but also keep operators informed about their status at all times, even if a network goes down. Outdated technology and old analogue systems are more vulnerable to attacks When it comes to deploying electronic locks, it is important to remember that, like any device on your network, they must have built-in security features that will allow you to keep your information, people, and facilities safe. Be prepared to unlock future benefits Ultimately, the information in your IP-based ACS is at no greater risk than any other information being transmitted over the network. We just have to be smart about how we connect, transmit, and store our data. In the end, maintaining the status quo and refusing to move away from old technology is not a viable option. Outdated technology and old analogue systems are more vulnerable to attacks. The reason it is so important to debunk myths around ACS and, at the same time, get people thinking about network security in the right way is that network-based systems can offer an ever-increasing number of benefits. When we deploy new technology using industry best practices and purchase devices from trusted vendors, we put ourselves and our networks in the best possible position to take full advantage of all that our increasingly connected world has to offer.
The basic principles of access control are well established: only authorised people should have access to secure areas, only at times that can be defined in advance, and only within a system that can identify exactly who went where, and when. Traditional mechanical lock-and-key systems cannot accomplish this — at least, not without loading a huge admin burden onto security staff. But modern, electronic wireless access control has the flexibility to achieve it. What criteria determine the right sort of access control for your organisation? It makes sense to assess what is desirable against what is affordable or available in the electronic access control market today. Asking yourself these 5 questions will lead to a wise investment in the right technology: Wireless locks like Aperio work seamlessly with existing systems from over 100 different access control providersDo you want to extend your existing system, or begin from scratch? You are not stuck with locks chosen by a previous management team. Security needs change. Wireless locks like Aperio, for example, work seamlessly with existing systems from over 100 different access control providers, integrated online or offline. You will save time and money extending your current system with a technology like Aperio and users can continue with their existing credentials. Going forward, it makes sense to choose locks built using open architecture, for added flexibility and to future-proof your next investment. Who are the site users and what kind of credentials suit their needs? In many industries, access to premises is required by permanent staff and short-term contractors: your access system needs to be flexible. Different systems offer credentials stored on cards and fobs, or on programmable, battery-powered keys. For example, the new Openow app for SMARTair wireless locking converts a user’s smartphone into a virtual key. You issue and revoke user keys using the intuitive software, an efficient, flexible mobile management solution. What is the structure of the site (or sites) you protect? You will need different locks for high-traffic and low-traffic doors, indoor and outdoor use. Almost everywhere, wireless locks are much easier to install and to maintain than traditional wired magnetic locks — and more cost-effective to run. Certified wireless security locks provide extra protection for sensitive areas needing stringent standards. If you have a mobile workforce or manage dispersed sites, consider the credential management practicalities. For example, programmable keys that are easy to update with a Bluetooth-enabled smartphone app — like ASSA ABLOY’s CLIQ Connect solution — will save your staff time and money. For outdoor access points, you will need gate locks or padlocks certified for operation in extreme conditions Do you want to secure more than just doors? Some wireless systems have locks for cabinets, machines, windows and even server racks (handy if you want an extra layer of control over co-located servers). There will be workflow advantages in monitoring these ‘non-doors’ — medicine stores, for example, or car parks or lifts — from the same admin interface as your doors. Site users will appreciate the convenience of carrying one credential for every access need. For outdoor access points, you will need gate locks or padlocks certified for operation in extreme conditions. For example, CLIQ mechatronic padlocks are currently deployed outdoors at utility sites in Scandinavia and supermarkets in East Africa. Do you need real-time capabilities? Choose an Online system and you can manage and amend access control doors at any time and from anywhere, using the admin software. You can monitor sensitive areas like medicine stores remotely and in real time, and can revoke access rights if a user credential gets lost. In an emergency, remote locking or unlocking of an entrance could be critical. Aperio wireless locks, for example, are integrated with online electronic access and real-time monitoring systems in hospitals, manufacturing plants and student halls of residence. With some systems, including SMARTair, you can combine ‘Update on Card’ and Online updating for different doors within the same installation. The CLIQ Connect app and programmable keys make real-time control over remote sites or teams possible. Wireless access control offers a compelling mix of audit compliance, easy installation, cost efficiency, and seamless integration. It makes life easier for security managers, and is deployed in premises as diverse as power plants and co-working spaces; museums and care homes; banks, schools and skyscrapers.
Cybersecurity has become a major element – and a major source of discussion – in the physical security marketplace as a result of the rise in networked systems. And we may still not be talking enough about cybersecurity. Here is part one of our Cybersecurity series. “Cybersecurity requires everyone in the security industry to be playing offense and defense at the same time, every single day,” says Bill Bozeman, President and CEO of PSA Security Network. “It needs to just become part of the standard conversation when we are talking about physical security because they are so intertwined.” Creating new industry leaders Cybersecurity and physical security can be seen as two parts of a single entity, and increasingly the two will be combined at the enterprise level over the next several years. “This convergence of physical security and cybersecurity will create new industry leaders that will emerge to lead a new segment of the combined market through strong investment and leadership,” says Rob Lydic of ISONAS, now part of Allegion. Data capture form to appear here! Cybersecurity issues dominate almost every discussion in today’s physical security industry, and the clear message is that “manufacturers and integrators must continue to create robust and scalable cybersecurity offerings to protect customer data and facilities,” says Lydic. He contends that cloud services providers (such as ISONAS) are more cybersecure and reliable ‘by orders of magnitude’ than non-cloud solutions. Cybersecurity is linked to cloud-based systems and managed security service provider models Cloud-based services The Security Industry Association (SIA) has listed cybersecurity as one of 2019’s ‘Top Megatrends’ in the physical security market. SIA says it is important to prioritise cybersecurity among security businesses, for customers’ businesses, and for vendors. The trend calls for continual process improvement and investment. Bill Bozeman of PSA Security Network agrees: “Cybersecurity has definitely taken a strong foothold in the industry.” With the continued expansion of cloud-based services, cybersecurity will be more important than ever to integrators, manufacturers and end users alike, he says. Notably, cybersecurity is directly linked to two other important industry trends listed by Bozeman: cloud-based systems and the rise in recurring monthly revenue (RMR) and managed security service provider (MSSP) models, whose focus will include cybersecurity. Loss prevention executives The days when cybersecurity was exclusively the domain of the information technology (IT) department are gone. “Cybercrime is one of the biggest threats organisations of all sizes and types face today,” says Michael Malone, CEO of ADT Cybersecurity (formerly known as Datashield). “Considering the magnitude of these crimes, it now falls on the entire organisation, including the traditional security or loss prevention executives, to band together to combat these threats.” Cybercrime is one of the biggest threats organisations of all sizes and types face today Malone favours (and his company offers) a managed detection and response (MDR) service, which combines advanced technology and human analysis. Using packet capture on the network, an MDR analyst can ‘replay’ a cyber security event and dig deeper into the incident and determine remediation steps. It’s an approach that significantly cuts through false positive ‘noise’ so security teams can focus on what matters. Helping security officers Interestingly, cybersecurity is poised to benefit from another major trend in the physical security market – the rise of artificial intelligence. Specifically, machine learning applications for cybersecurity include: detecting malicious activity, helping security officers determine what tasks they need to complete in an investigation process, analysing mobile endpoints, decreasing the number of false positive threats, automating repetitive tasks like interrupting ransomware, and potentially closing some zero-day vulnerabilities. But AI in this case is not a panacea. Christopher McDaniels of Mosaic451 recommends pairing human intellect with machine technology to sort through data faster and catch hackers before they do much damage. See part two of our Cybersecurity series here.
Booth number: 20043 ISONAS, now part of the Allegion family of brands, is an IoT solution for physical access control with a purely IP-based reader-controller driven from a fully featured access control software hosted in the cloud. ISONAS has been revolutionising access control with this simple solution and is a leading manufacturer of Pure IP Access Control hardware. The open architecture hardware can be paired with their cloud-hosted software or with any full-featured access control solution; providing a complete access control platform. An ISONAS system provides an ideal product solution for securing facilities while reducing costs and providing all of the advantages that Pure IP technology brings to the door. We use ISC West to establish thought leadership opportunities in the market and drive the appropriate groups to our booth Q: What was the first year your company exhibited at ISC West? Please share your remembrances of that experience? The first full year we exhibited at ISC West was in 2015. We had a smaller booth in relation to the show, but one of the most memorable moments was the energy of the tradeshow floor and in our booth – almost like being on the floor of the stock exchange. The constant flow of people through our booth was a fulfilling experience - the number of folks that patiently waited to hear the ISONAS story and learn why our products could provide differentiation for them in the market was validation of our hard work. Q: What strategies do you use to get the most out of exhibiting at ISC West? We have a strategic formula for pre-show, during show and post show communications and messaging. ISC West has traditionally been one of the largest marketing spends annually and our objective was to drive significant traffic and see as many people as possible. To do this we task our teams with setting meetings with customers ahead of time. In addition, we use ISC West to establish thought leadership opportunities in the market and drive the appropriate groups to our booth to help proliferate our message. Q: How do you quantify your success at ISC West? What ROI do you receive from the show? We quantify success by the number of leads, along with the quality of those leads and how many turn into viable opportunities. We also measure success based on the amount of thought leadership coverage we obtain, and relationships we build. The face-to-face conversations with partners and customers is also invaluable and tough to gauge from the ROI perspective, but it is an important part to building real relationships and trust with customers. Q: What company activities (outside the show floor) does your company organise each year? ISC West is where the who’s who of the security industry debut new products and partnerships Traditionally we have held our annual sales meeting prior to ISC West to bring our teams together for some face time as well as educate them on new products, messaging and talking points for the trade show. Q: What sets ISC West apart from other trade shows on the calendar? ISC West is where the who’s who of the security industry debut new products and partnerships. The educational workshops, industry events and ability to connect with the majority of your network for three days in one place is incredibly valuable. Customers from all verticals and sizes see value in the ISC West show, and this drives high attendance rates and a greater opportunity to interact with new and existing customers.
Consolidation persisted in the physical security industry in 2018, and big companies such as Motorola, Canon and UTC continued to make moves. Also among the mergers and acquisitions (M&A) news in 2018 was a high-profile bankruptcy (that ended well), continuing consolidation in the integrator market, and the creation of a new entity called “LenelS2.” Here’s a look at the Top 10 M&A stories in 2018: 1. Motorola acquires Avigilon Motorola Solutions announced in February that it had entered into a definitive agreement to acquire video surveillance provider Avigilon in an all-cash transaction that enhances Motorola Solutions’ portfolio of mission-critical communications technologies. Avigilon products are used by a range of commercial and government customers including critical infrastructure, airports, government facilities, public venues, healthcare centers and retail. The company holds more than 750 U.S. and international patents. 2. UTC Climate, Control & Security buys S2 Security UTC Climate, Controls & Security agreed in September to acquire S2 Security, a developer of unified security and video management solutions. UTC subsequently combined S2 with its Lenel brand to create LenelS2, “a global leader in advanced access control systems and services” with “complementary strengths.” 3. Costar Technologies acquires Arecont Vision after bankruptcy Arecont Vision, the provider of IP-based megapixel camera and video surveillance solutions, announced in July that the acquisition by Costar Technologies, Inc. of its assets had been approved by the bankruptcy court. After the closing of the sale, the company began operating as Arecont Vision Costar, LLC and is part of Costar, a U.S. corporation that designs, develops, manufactures, and distributes a range of products for the video surveillance and machine vision markets. 4. Allegion acquires access control company ISONAS Allegion plc, a security products and solutions provider, agreed in June to acquire ISONAS through one of its subsidiaries. ISONAS’ edge-computing technology provides access control solutions for non-residential markets. ISONAS' devices – like its integrated reader-controllers – utilise power over ethernet, making them easy to install and cost effective as they utilise existing customer infrastructures. The company is based in Boulder, Colo. 5. HID buys Crossmatch for Biometrics HID Global announced that it had acquired Crossmatch, a provider of biometric identity management and secure authentication solutions, from Francisco Partners. Crossmatch’s portfolio of products includes biometric identity management hardware and software that complement HID’s broad portfolio of trusted identity products and services. 6. BriefCam announces acquisition by Canon BriefCam, a global provider of video synopsis and deep learning solutions, announced its acquisition in May by Canon Inc., a global digital imaging solutions company. The addition of BriefCam to Canon’s network video solutions products portfolio complements the Canon Group’s previous acquisitions of Axis Communications and Milestone Systems. 7. Allied Universal acquires U.S. Security Associates Allied Universal, a security and facility services company, finalised its acquisition of U.S. Security Associates (USSA) in October, further building on its position in the security services industry. This acquisition includes Andrews International (including its Government Services Division and Consulting and Investigations and International Division) and Staff Pro. 8. Johnson Controls acquires Smartvue Corp. Johnson Controls announced in April that it had acquired Smartvue, a global IoT and video provider that empowers cloud video surveillance and IoT video services. The addition of the Smartvue cloud-based video platform will enhance Johnson Controls’ offering of an end-to-end, smart cloud-based solution that can provide superior business data and intelligence to customers and added value to partners. 9. ADT acquires Red Hawk Fire & Security (and others) ADT Inc.’s acquisition of Red Hawk Fire & Security, Boca Raton, Fla., was the latest move in ADT Commercial’s strategy to buy up security integrator firms around the country and grow their footprint. In addition to the Red Hawk acquisition, announced in mid-October, ADT has acquired more than a half-dozen security system integration firms in the last year or so. 10. Convergint Technologies continues to acquire Convergint Technologies announced in August the acquisition of New Jersey-based Access Control Technologies (ACT), bringing further electronic security systems experience to Convergint's service capabilities. Convergint has strategically grown its service footprint across the United States, Canada, Europe and Asia Pacific through strong organic growth and the completion of 18 acquisitions since early 2016. And it continues: Convergint announced acquisition of SI Technologies, Albany, N.Y., in November and Firstline Security Integration (FSI), Anaheim, Calif., in December. (And Convergint itself was acquired in February by private equity group Ares Management.)
Why outdated access control systems are a big problemDownload
Five things to consider for AI with video technologyDownload
OSDP is the strongest access control for your businessDownload
- ASSA ABLOY helps Vejle Friskole staff to reduce key management time with its SMARTair® system
- Vanderbilt ACT365 addresses access control security concerns at Study Abroad University, London
- HID Global’s IoT enabled platform HID Trusted Tag Services deployed at Tasmania’s Old Kempton Distillery
- APT Security Systems upgrades Nortech FeeMaster Smart parking management system at a luxury hotel in Bath