MAXxess Access Control Cards, Tags & Fobs

Today’s security industry technology standards create a common framework for achieving predictable performance. Systems are made more secure and easier to install, use and integrate with other devices. Standards are also intended to be living documents, open to continual refinements to benefit manufacturers, integrators and end users. An excellent example is the Open Supervised Data Protocol (OSDP), which is now the industry’s gold standard for physical access control installations. It was designed to offer a higher level of security with more flexible options than the aging defacto Weigand wiring standard. Updating OSDP-readers simultaneously One recent addition enables end users to push firmware and software updates to thousands of OSDP-enabled card readers simultaneouslyOSDP, first introduced in 2011 by the Security Industry Association (SIA), continues to evolve with significant manufacturer input. One recent addition enables end users to push firmware and/or software updates to a few or thousands of OSDP-enabled card readers simultaneously. Weigand technology requires updates to be made one at a time at each reader. Regularly changing reader encryption keys is an excellent way to enhance facility security. It’s easy using the OSDP file transfer capability and the latest DESFire EV2 credentials containing multiple encryption keys. You can transfer the next code on the card to all readers and the job is done. And there’s no need to create a new card for each user or reprogram each individual reader. AES-128 encryption ensures cybersecurity It’s time to migrate entirely away from Weigand technology. If greater security, convenience and reduced labour from the latest OSDP updates isn’t reason enough, here are a few more things to consider. The 40-year-old Weigand protocol provides no signal encryption, making it easy for hackers to capture the raw data transmitted between cards and readers. OSDP readers support AES-128 encryption while providing continuous monitoring of wires to guard against cybercriminals. Weigand reader installations require homerun cable pulls from the control panel to each peripheral device. OSDP readers can be daisy chained, providing additional savings on cabling and installation time. Weigand technology is simply too slow to work with today’s most versatile and secure card technologies. OSDP readers work with virtually all modern access control cards. The OSDP standard also works with biometric devices; Weigand does not. Meeting requirements of FICAM guidelines SIA is pushing to make the latest OSDP version a standard recognised by the ANSI, a move to enhance the global competitiveness of U.S. security businessesAlso, OSDP is becoming a must-have standard for organisations demanding the highest security levels. The standard meets requirements of the Federal Identity, Credential and Access Management (FICAM) guidelines that affect how the access control industry does business with the federal government. SIA is pushing to make the latest OSDP version a standard recognised by the American National Standard Institute (ANSI), a move to enhance the global competitiveness of U.S. security businesses. There’s still a large worldwide reader installation base that works solely with the Weigand protocol. Admittedly, changing them all at one time may be prohibitively expensive; however, standards should be viewed as a journey, not a destination. That’s why a measured migration is the right choice for many organisations. Begin by securing the perimeter. Replace only the outside-facing Weigand readers. As long as the walls are secured, the inside can remain a softer target until OSDP-compatible readers can be added indoors. The case for moving to OSDP as a standard is compelling. It offers our industry the opportunity to design access control software and products that provide what end users want most – greater security, flexibility and convenience.

It’s not surprising that people are nervous about the security of newer technologies, many of which are part of the Internet of Things (IoT). While they offer greater efficiency and connectivity, some people still hesitate. After all, there seems to be a constant stream of news stories about multinational corporations being breached or hackers taking control of smart home devices. Both of these scenarios can feel personal. No one likes the idea of their data falling into criminal hands. And we especially don’t like the thought that someone can, even virtually, come into our private spaces. The reality, though, is that, when you choose the right technology and undertake the proper procedures, IoT devices are incredibly secure. That said, one of the spaces where we see continued confusion is around access control systems (ACS) that are deployed over networks, particularly in relation to mobile access, smartcards, and electronic locks. These technologies are often perceived as being less secure and therefore more vulnerable to attacks than older ACS systems or devices. In the interest of clearing up any confusion, it is important to provide good, reliable information. With this in mind, there are some myths out there about the security of ACS that need to be debunked. The fact that these devices communicate with an ACS via Bluetooth or Near Field Communication (NFC) leads to one of the main myths we encounter Myth #1: Mobile credentials are not secure The first myth we have to look at exists around mobile credentials. Mobile credentials allow cardholders to access secured doors and areas with their mobile devices. The fact that these devices communicate with an ACS via Bluetooth or Near Field Communication (NFC) leads to one of the main myths we encounter about the security of credentialed information. There is a persistent belief that Bluetooth is not secure. In particular, people seem to be concerned that using mobile credentials makes your organisation more vulnerable to skimming attacks. While focusing on the medium of communication is an important consideration when an organisation deploys a mobile credentialing system, the concerns about Bluetooth miss the mark. Bluetooth and NFC are simply channels over which information is transmitted. Believing that Bluetooth is not secure would be the same as suggesting that the internet is not secure. In both cases, the security of your communication depends on the technology, protocols, and safeguards we all have in place. So, instead of wondering about Bluetooth or NFC, users should be focused on the security of the devices themselves. Before deploying mobile credentials, ask your vendor (1) how the credential is generated, stored, and secured on the device, (2) how the device communicates with the reader, and (3) how the reader securely accesses the credential information. When you deploy smartcard technology as part of your ACS, you should choose the latest generation, such as MiFARE DesFIRE EV1 or EV2 and HID iCLASS SEOS Myth #2: All smartcards are equally secure The question “how secure are my smartcards?” is a serious one. And the answer can depend on the generation of the cards themselves. For example, while older smartcards like MiFARE CLASSIC and HID iCLASS Classic offer better encryption than proxy cards and magstripe credentials, they have been compromised. Using these older technologies can make your organisation vulnerable. As a result, when you deploy smartcard technology as part of your ACS, you should choose the latest generation, such as MiFARE DesFIRE EV1 or EV2 and HID iCLASS SEOS. In this way, you will be protecting your system as well as your buildings or facilities. Some traditional readers and controllers can also pose a serious risk to your organisation if they use the Wiegand protocol, which offers no security. While you can upgrade to a more secure protocol like OSDP version 2, electronic locks are a very secure alternative worth considering. It is also important to understand that not all smartcard readers are compatible with all smartcard types. When they are not compatible, the built-in security designed to keep your system safe will not match up and you will essentially forego security as your smartcard-reader will not read the credentials at all. Instead, it will simply read the non-secure portion—the Card Serial Number (CSN) —of the smartcard that is accessible to everyone. While some manufacturers suggest that this is an advantage because their readers can work with any smartcard, the truth is that they are not reading from the secure part of the card, which can put your system and premises at risk. Using electronic locks can help protect facilities and networks through various security protocols, including encryption and authentication Myth #3: Electronic locks are more vulnerable These days, there are still many who believe that electronic locks, especially wireless locks, are more vulnerable to cybercriminal activity as compared to traditional readers and controllers. The concern here is that electronic locks can allow cybercriminals to both access your network to get data and intercept commands from the gateway or nodes over the air that would allow them access to your buildings or facilities. The reality is that using electronic locks can help protect facilities and networks through various security protocols, including encryption and authentication. Additionally, because many of these locks remain operational regardless of network status, they provide real-time door monitoring. This means that many electronic locks not only prevent unauthorised access but also keep operators informed about their status at all times, even if a network goes down. Outdated technology and old analogue systems are more vulnerable to attacks When it comes to deploying electronic locks, it is important to remember that, like any device on your network, they must have built-in security features that will allow you to keep your information, people, and facilities safe. Be prepared to unlock future benefits Ultimately, the information in your IP-based ACS is at no greater risk than any other information being transmitted over the network. We just have to be smart about how we connect, transmit, and store our data. In the end, maintaining the status quo and refusing to move away from old technology is not a viable option. Outdated technology and old analogue systems are more vulnerable to attacks. The reason it is so important to debunk myths around ACS and, at the same time, get people thinking about network security in the right way is that network-based systems can offer an ever-increasing number of benefits. When we deploy new technology using industry best practices and purchase devices from trusted vendors, we put ourselves and our networks in the best possible position to take full advantage of all that our increasingly connected world has to offer.

The basic principles of access control are well established: only authorised people should have access to secure areas, only at times that can be defined in advance, and only within a system that can identify exactly who went where, and when. Traditional mechanical lock-and-key systems cannot accomplish this — at least, not without loading a huge admin burden onto security staff. But modern, electronic wireless access control has the flexibility to achieve it. What criteria determine the right sort of access control for your organisation? It makes sense to assess what is desirable against what is affordable or available in the electronic access control market today. Asking yourself these 5 questions will lead to a wise investment in the right technology: Wireless locks like Aperio work seamlessly with existing systems from over 100 different access control providersDo you want to extend your existing system, or begin from scratch? You are not stuck with locks chosen by a previous management team. Security needs change. Wireless locks like Aperio, for example, work seamlessly with existing systems from over 100 different access control providers, integrated online or offline. You will save time and money extending your current system with a technology like Aperio and users can continue with their existing credentials. Going forward, it makes sense to choose locks built using open architecture, for added flexibility and to future-proof your next investment. Who are the site users and what kind of credentials suit their needs? In many industries, access to premises is required by permanent staff and short-term contractors: your access system needs to be flexible. Different systems offer credentials stored on cards and fobs, or on programmable, battery-powered keys. For example, the new Openow app for SMARTair wireless locking converts a user’s smartphone into a virtual key. You issue and revoke user keys using the intuitive software, an efficient, flexible mobile management solution. What is the structure of the site (or sites) you protect? You will need different locks for high-traffic and low-traffic doors, indoor and outdoor use. Almost everywhere, wireless locks are much easier to install and to maintain than traditional wired magnetic locks — and more cost-effective to run. Certified wireless security locks provide extra protection for sensitive areas needing stringent standards. If you have a mobile workforce or manage dispersed sites, consider the credential management practicalities. For example, programmable keys that are easy to update with a Bluetooth-enabled smartphone app — like ASSA ABLOY’s CLIQ Connect solution — will save your staff time and money. For outdoor access points, you will need gate locks or padlocks certified for operation in extreme conditions Do you want to secure more than just doors? Some wireless systems have locks for cabinets, machines, windows and even server racks (handy if you want an extra layer of control over co-located servers). There will be workflow advantages in monitoring these ‘non-doors’ — medicine stores, for example, or car parks or lifts — from the same admin interface as your doors. Site users will appreciate the convenience of carrying one credential for every access need. For outdoor access points, you will need gate locks or padlocks certified for operation in extreme conditions. For example, CLIQ mechatronic padlocks are currently deployed outdoors at utility sites in Scandinavia and supermarkets in East Africa. Do you need real-time capabilities? Choose an Online system and you can manage and amend access control doors at any time and from anywhere, using the admin software. You can monitor sensitive areas like medicine stores remotely and in real time, and can revoke access rights if a user credential gets lost. In an emergency, remote locking or unlocking of an entrance could be critical. Aperio wireless locks, for example, are integrated with online electronic access and real-time monitoring systems in hospitals, manufacturing plants and student halls of residence. With some systems, including SMARTair, you can combine ‘Update on Card’ and Online updating for different doors within the same installation. The CLIQ Connect app and programmable keys make real-time control over remote sites or teams possible. Wireless access control offers a compelling mix of audit compliance, easy installation, cost efficiency, and seamless integration. It makes life easier for security managers, and is deployed in premises as diverse as power plants and co-working spaces; museums and care homes; banks, schools and skyscrapers.

Maxxess will be at Intersec 2019 showcasing its latest advances in corporate risk reduction, improved people management and smarter hospitality access solutions - including new releases in its popular eFusion and Ambit solutions. eFusion security management The latest version of the VisitorPoint module within the eFusion security management platform will be showcased, offering a host of new streamlined functions for efficient people and visitor management. Harnessing current advances in cloud computing and mobile communications, VisitorPoint is being used at premises from hotels and campuses to corporate headquarters. It allows the whole process of visitor management to be streamlined in a way never previously possible. For example, it lets guests’ phones be used as access credentials, making it a perfect alternative to room keys in the hospitality sector. Compatibility of the VisitorPoint system with ASSA Abloy Hospitality products has proved to be particularly popular with hotels. VisitorPoint System VisitorPoint is also ideal for busy hotel reception teams who need to keep across who is entering the premises VisitorPoint is also ideal for busy hotel reception teams who need to keep across who is entering the premises. With the latest version of VisitorPoint, users can easily view pre-registered visitors in advance; manage and sign-in large groups in seconds; book meeting rooms; manage visitor car parking; and automate notifications and messaging. Now organisations can go even further in streamlining their people and diary management processes, thanks to integration with Outlook and Google calendars. A new VIP feature allows automatically tailored welcomes for specified guests and/or groups; and a QR Scan App allows visitors and VIPS to be immediately verified. In addition, a new, sleek self-service kiosk will be unveiled at the show, which is ideal for positioning in hotels and high-end corporate lobbies. Open-technology systems integration Meanwhile, with its versatile, open-technology software eFusion is proving a practical alternative to costly or complex conventional PSIM solutions. It offers the advantages of a modular, building block approach and gives users the freedom to integrate, customise and adapt their security systems to meet both current needs and emerging risks. Ensuring compatibility with leading surveillance, intruder, access and fire detection systems, eFusion now supports more than 60 off-the-shelf integrations and several important additions are confirmed for the show. These latest integrations include Jaquies IP intercom hardware; the mobile phone app GuardPoint; and the Metra locker system hardware. “For users who want control and better value from their security investments, eFusion with its expanding choice of integrations is the ideal management platform”, says Lee Copland, Managing Director, Maxxess EMEA. Smart, open infrastructure The eFusion platform allows legacy systems to be transformed into a smart, open infrastructure and extends the life of equipment" “The eFusion platform allows legacy systems to be transformed into a smart, open infrastructure and extends the life of equipment. Our technology is proving particularly popular because it gives users all the advantages of advanced PSIM without the associated cost or complexity.” eFusion can be easily scaled from one site to multiple sites globally and it can connect stand-alone systems for easy upgrades such as retro-fits with existing hardware. Network monitoring for public safety Also on show, Ambit allows security controllers to communicate directly with both individuals and groups and to monitor the safety of everyone on site (or on multiple sites), for example employees, residents, visitors, or contractors. Now Ambit users will benefit from direct notification of a wide range of risks thanks to a new integration with the NC4 incident alert service. NC4 monitors risks and issues alerts in real time, covering potential threats ranging from terrorist incidents to weather events, from civil disruption to cyber-attacks. With this new integration, as N4C alerts arise they will be filtered by proximity/relevance and directly sent to Ambit users. Lone worker monitoring   Visitors to the Maxxess stand will also learn how Ambit’s latest life-saving technology comes with a choice of applications tailored to the user’s needs. For example, it can allow lone-worker monitoring; courtesy communications and remote escorting after-hours; panic alarm features; and individualised messaging during incidents. It can help security teams co-ordinate and work more effectively with emergency responders too as well as improving the efficiency of day-to-day operations.  We are well positioned to further capitalise on major infrastructure projects across the region such as hotels and leisure" With new customers and projects including Bluewater Island, TAJ Hotel & Residences JLT Dubai, TAJ Hotel & Palace on Palm Jumeirah, the Emirates Nuclear Energy Corporation, Emirates Flight Catering Extension, the Jewel of the Creek and Yahsat, 2019 will be an exciting year of growth for Maxxess in the Middle East.  Maxxess expands Middle East reach  “We are well positioned to further capitalise on major infrastructure projects across the region such as hotels and leisure. The demand for increased operational efficiencies across the MENA region has seen many organisations look to automate tasks and at the same time mitigate against the potential for human error. This is evident in the demand we’re seeing for streamlined visitor management, the elimination of keys and better optimised workforces across security and facilities management functions.”, said Lee Copland, Managing Director, Maxxess EMEA. He adds, “And as real-world applications for artificial intelligence become a reality, we are continuing to collaborate with our world leading video surveillance partners to bring these advanced analytics into the eFusion platform. Meanwhile, we will continue to support our customers in complying with revised fire and safety codes and new security regulations.” 

VisitorPoint from Maxxess is a smart visitor management solution that offers an easy but powerful upgrade for a wide range of users. For those needing to replace a basic signing-in book for the first time, VisitorPoint is an attractive, user-friendly solution with a choice of useful features. And for larger organisations looking for a multi-site visitor management solution, it provides control and audit features that are future proof, flexible, and designed to complement security, fire and building management operations. It can be integrated with Maxxess software and eFusion range of modules, or adapted with a customised integration, plus it allows users to manage everything from visitor pre-registration, to SMS notification, identity verification and car park occupancy. Easy & efficient visitor management Putting more control in the hands of front-of-house teams, VisitorPoint allows pre-registered visitors to be viewed any time in advance. Visitor badges can be pre-printed for a smoother and more efficient welcome, and sign-in for large groups can be managed in seconds. Visitors check themselves in easily and efficiently using either an iPad or the VisitorPoint free standing touch-screen kiosk. The pre-registered visitor’s details are confirmed when they enter a reference code, passport number, QR code or any specified ID. A photo can be taken with the iPad or kiosk, printed onto the badge and/or saved to the record. Visitors can also be asked to read and sign any non-disclosure agreement (NDA), health and safety or safeguarding instructions on screen, The allocation and control of visitor car parking also becomes much more efficient as specific spaces can be easily assigned to specific vehicles in advance. Automatic email notifications and/or SMS messaging reduce the burden on front-of-house staff, with employees automatically alerted when their visitors arrive. The system can be set up so that both hosts and visitors receive a friendly reminder text ahead of the visit, at check in and check out. Useful information such as directions and meeting details can be added.  Hosts can also check out a visitor, helping front-of-house staff to maintain up-to-date site occupancy records. For enhanced security, alerts can be sent when a visitor forgets to check out, or when a pre-specified visit is due VisitorPoint security enhancement For enhanced security, alerts can be sent when a visitor forgets to check out, or when a pre-specified visit is due. For senior security managers real time reports can be generated to show who is currently on site, where they are authorised to visit, as well as who been on site during any given timeframe. The smart VisitorPoint badge printer allows individual badge customisation so that details can be easily changed and added – for example with Wi-Fi codes, meeting room details and specific courtesy messages.  This feature also makes it ideal for multiple tenancy sites, with individual badge branding and messaging, available to each tenant. “VisitorPoint is a highly flexible solution that can be used for both single and multiple sites,” says Lee Copland, Managing Director, Maxxess EMEA. “It allows a practical, easily managed upgrade from more basic solutions and it can be easily adapted to the organisation’s changing requirements in future years.”

Shaikh will also provide support for ambit, a patented, private, two-way, managed messaging service To meet growing demand in the Middle East for its award-winning integrated security, access control and operations monitoring solutions, US-based global corporation Maxxess has appointed Mr Majid Shaikh to join the company’s regional head office in Dubai. eFusion In his role as professional technical support and pre-sales manager, Mr Shaikh will provide design and technical expertise for the firm’s flagship eFusion solution. With highly versatile open technology software, eFusion supports more than 60 off-the-shelf integrations. This enables customers to integrate surveillance, access control, fire and intruder systems from top security vendors with back office processes, with less cost and complexity than conventional physical security information management solutions. Mr Shaikh will work closely with customers to design fully customised eFusion solutions that maximise protection from new and emerging threats, reduce the risk of business disruption, optimise process efficiency, improve return on investment and build competitive advantage from real-time information. Alongside support for eFusion, he will also provide support for ambit, a patented, private, two-way, managed messaging service that enables organisations to communicate directly with their mobile workforces via their mobile devices to provide a more effective solution for safety, security and emergency management. In-depth experience Mr Shaikh brings more than 12 years of in-depth technical and business development experience in the electronic security industry. He has particular expertise in ID technologies and access control across a wide range of vertical sectors, notably hospitality, education, government and commercial property. Since 2009, Mr Shaikh had worked at Salto Systems as area manager for UAE, Qatar, Oman and India. He has graduate and post-graduate degrees from the University of Mumbai and International University of Louisiana. Lee Copland, Maxxess Managing Director, EMEA, said: “We’re delighted to welcome Majid on board. The Middle East is a strategic region with a large installed base that is looking to upgrade and bring new technologies on line. End users want a smarter, more cost-effective approach to enhancing security and streamlining operations. eFusion meets this need by enabling customised solutions and mobile capabilities that integrate security and operational processes with real-time information to drive value, efficiency and traceability of people, products and assets. Majid will be instrumental in educating the market on how eFusion leverages existing investments and provides freedom of product choice without locking customers into recurring annual fees and tying them to complex and expensive systems integration services.” Mr Shaikh added: “It’s a fantastic time to join Maxxess while we’re experiencing tangible growth in the Middle East security market. eFusion is bringing to the region a highly exciting proposition which offers an industry leading number of integrations, a powerful access control engine with a hardware takeover capability that enables an affordable, simple and pragmatic approach to integrating disparate systems. Our end user customers benefit from a lower cost of ownership plus a faster, more accurate response to threats and incidents through one unified platform. eFusion offers the type of seamless integration that until recently was only attainable for the largest public sector and corporate enterprises.”