Access control software - Expert commentary

Hybrid working and the threat of desk data
Hybrid working and the threat of desk data

The transition to remote working has been a revelation for many traditional office staff, yet concerns over data security risks are rising. Mark Harper of HSM explains why businesses and their remote workers must remain vigilant when it comes to physical document security in homes. Pre-pandemic, home offices were often that neglected room in people’s homes. But now things are different. After the initial lockdown in 2020, 46.6% of UK workers did some work at home with 86% of those doing so because of the pandemic. Semi-permanent workspaces Since then, many have found that over time, those semi-permanent workspaces have become slightly more permanent – with official hybrid working coming into effect for an assortment of businesses and their teams. The adoption of hybrid working can in fact be seen as one of the few positives to come from the pandemic, with less travel, more freedom and higher productivity top of the benefits list for businesses and their employees. The handling of sensitive documents, is a growing concern for office managers But those welcomed benefits don’t tell the whole story. The transition to remote working has undoubtedly impacted workplace security, with various touch points at risk. The handling of sensitive documents for example, is a growing concern for office managers. In simpler times, sensitive data was more or less contained in an office space, but with millions of home setups to now think about, how can businesses and their office managers control the issue of desk data? Physical document security As of January 2021, it’s said that one in three UK workers are based exclusively at home. That’s millions of individuals from a variety of sectors, all of which must continue in their efforts to remain data secure. With that, reports of cyber security fears are consistently making the news but that shouldn’t be the sole focus. There is also the underlying, but growing, issue of physical document security. The move to remote working hasn’t removed these physical forms of data – think hard drives, USBs and paper based documentation. A recent surge in demand for home printers for example, only exemplifies the use of physical documents and the potential security issues home offices are facing. Adding to that, research conducted in 2020 found that two out of three employees who printed documents at home admitted to binning those documents both in and outside of their house without shredding them. Data security concern Without the right equipment, policies and guidance, businesses are sure to be at risk Those findings present a huge data security concern, one that must be fixed immediately. The Information Commissioner’s Office (ICO) has since released guidance for those working from their bedrooms and dining tables. Designed to help overcome these challenges, the ‘security checklists’ and ‘top tips’ should be the first port of call for many. Yet throughout, the ICO make reference to ‘following your organisation’s policies and guidance’ – highlighting that the onus isn’t solely on the individuals working from their makeshift offices. Office managers have a monumental task on their hands to ensure teams are well equipped within their home setups. Without the right equipment, policies and guidance, businesses are sure to be at risk. But it would be wrong to insinuate that unsecure desk data has only now become an issue for organisations. Modern office spaces Keeping clear desks has long been a battle for many office managers. In fact, clear desk policies are practised in most modern office spaces, with it recognised as a key preventative to personal information being wrongly accessed and so falling foul of GDPR legislation. Throwing sensitive documents in the bin was never an option pre-pandemic However, the unsupervised aspect of home working has led to a potentially more lax approach to these policies, or in some cases, they can’t be followed at all. For those taking a more laid back approach, organisation leaders must remind staff of their data security responsibilities and why clear desk policies have previously proven effective. Ultimately, throwing sensitive documents in the bin was never an option pre-pandemic and this must be carried through to home workspaces now. Securely destroy documents There are also concerns over the equipment people have access to at home. For example, without a reliable home shredding solution, data security suddenly becomes a tougher task. To add to that, several recommendations state that employees working from home should avoid throwing documents away by instead transporting them to the office for shredding once lockdown rules ease. While this is an option, it does pose further issues, with document security at risk of accidental loss or even theft throughout the transportation period, not to mention the time spent in storage. The best and most effective way to securely destroy documents is at the source, especially in environments where higher levels of personal data is regularly handled. Correct shredding equipment The recent findings on home office behaviour represent a true security risk Only when home workers implement their own clear desk policies alongside the correct shredding equipment (at the correct security level), can both home office spaces and regular offices become data secure. Realistically, these solutions should, like the common home printer, become a staple in home office spaces moving forward. The likelihood is that many UK workers will remain in their home offices for the foreseeable future, only to emerge as hybrid workers post-pandemic. And while the current working environment is more ideal for some than others, the recent findings on home office behaviour represent a true security risk to organisations. With this in mind, it’s now more key than ever for business leaders, their office managers and homeworkers to all step up and get a handle on home data security policies (as well as maintaining their standards back at the office) – starting with the implementation of clear desk policies. After all, a clear desk equals a clear mind.

Video intercoms for a smarter, safer workspace
Video intercoms for a smarter, safer workspace

Though many office workers across the globe have found themselves working remotely for the past year, we are seeing a bit of a silver lining, as vaccine rollouts hint at a return to some pre-pandemic sense of normalcy. However, while some of us might opt for a fully-remote work life, others are anticipating a hybrid solution. Even before the pandemic, offices were taking a new, more open layout approach—moving past the days of cubicles and small office configurations. Going forward, offices and other workspaces will be tasked with supporting a hybrid work solution, as well as increasing hygiene measures. Video intercom solution This is where an IP video intercom solution can assist. Below are four ways they can help usher in a smarter, safer work environment: Video intercoms assist in creating a more hygienic work environment - The outbreak of COVID-19 has raised awareness of germs and just how easily a virus can be transmitted by face-to-face contact. Germ barriers are popping up in many aspects of our daily lives, where we were not likely to see them before Unfortunately, the door is also the easiest of these germ barriers to breach As such, we’re becoming accustomed to seeing plexiglass barriers at restaurants, grocery stores, and even coffee shops. However, many don’t realise that one of the best germ barriers is a simple door. Unfortunately, the door is also the easiest of these germ barriers to breach. All it takes is a knock or a doorbell ring to make us open our germ barrier and be face-to-face with whomever is on the other side. Increasing hygiene safety A simple step to increase hygiene safety and visitor security in commercial buildings and workspaces is an IP video intercom. Installing a video intercom will allow staff to see and speak with visitors without breaching that all-important germ barrier. A video intercom system provides a first line of defence, enabling the user to visually confirm the identity of the person on the other side of the door first before granting access. It can also be used to make sure proper procedures are being followed before a person is allowed to enter, such as using hand sanitiser, wearing a mask, and following social distancing guidelines. Basic security needs A major topic of conversation the past year has been how to manage occupancy in all facilities Video intercoms for occupancy management and basic security - A major topic of conversation the past year has been how to manage occupancy in all facilities—ranging from grocery stores and retail shops to restaurants and commercial buildings. Workspaces and offices are no exception. A video intercom provides a quick and convenient method of seeing who, or what, is on the unsecure side of the door before opening. For basic security needs, if a business has a door opening into an alley, a video intercom would be used to ensure no one is waiting outside to force their way in when the door is opened. Personal protection equipment Such solutions can also be used to ensure a person is carrying proper credentials, or wearing proper personal protection equipment (PPE), before entering a sensitive area. For example, if a lab has a room which can only be accessed by two persons at a time wearing specific protective gear, a video intercom could ensure each person is properly equipped, before allowing access that particular room. Additionally, for office or workspaces that have shared common areas, such as a cafeteria, gym or even conference rooms, managing access to these spaces will remain a priority, especially with post-pandemic restrictions in place. Video intercoms are a comprehensive safety and security tool for any workspace Deliveries of packages, work-related materials, or even food are common in any office or workspace. Video intercoms can assist in facilitating safe deliveries by visually and audibly confirming the identity of the individual. The visitor could be your next big client, your lunch delivery, a fellow employee with a faulty access card, or your mail. Video intercoms are a comprehensive safety and security tool for any workspace. Visitor management systems Video intercoms provide a cost-effective solution in small to mid-sized office facilities - One significant advantage of video intercom systems is the variety of applications available. Systems range from simple one-to-one video intercoms, to buzz-in systems, to full-fledged visitor management systems in mixed-use buildings. While they might lack the resources and manpower many enterprises have, small-to medium-sized offices can also take steps to ensure the safety of their staff and customers. Like any business, controlling who comes into the building is a primary way of maintaining safety. Video intercoms work in conjunction with access control systems to provide an identifying view of visitors or employees with lost or missing credentials. They allow staff to both see and hear those on the unsecured side of the door to determine intent before granting access. Most quality video intercoms will provide a clear enough image to allow an identification card to be read by holding it close to the lens, adding another opportunity to verify identity. Touchless intercom activation One major trend is the option of providing a touchless door activation Video intercoms provide a touchless option - Even prior to COVID-19, one major trend is the option of providing a touchless door activation or touchless intercom activation of a video intercom for those without proper credentials. Though touchless isn’t a new solution to the access control market, the pandemic introduced a renewed focus on these types of solutions to provide hygienic access to visitors. For offices and other workspaces looking to make investments into post-pandemic solutions to assist in reopening, touchless can support these efforts. When it comes to smart, secure workspaces, many people think instantly of cameras or monitors, access control, and alarm systems. Proper access credentials However, video intercoms are often the missing piece of a building’s security puzzle. A video intercom provides an identifying view that is not always available from a camera covering a large area. They allow those without proper access credentials a method of requesting entry, and just like cameras, they can be activated by alarms to allow staff to clearly see and communicate. If a workspace or office is important enough to be secure, it’s important enough to be sure of who is there before the door is opened. In 2021, it’s not enough to ensure the physical security of your staff and visitors, but also to ensure they are accessing a hygienic environment. Video intercoms provide that security and peace of mind.

Q&A: Bosch Video Systems & Solutions' Michael Seiter and Magnus Ekerot on smart technology, "AIot", and plans for 2021
Q&A: Bosch Video Systems & Solutions' Michael Seiter and Magnus Ekerot on smart technology, "AIot", and plans for 2021

Q: Mr. Seiter, Mr. Ekerot, you both joined Bosch Building Technologies’ business unit Video Systems & Solutions as Senior Vice Presidents in March 2020, when the Coronavirus pandemic was just beginning. How did your business unit get through 2020? Magnus Ekerot: The crisis was also felt at Bosch. At the same time, demand has risen for solutions that keep businesses open and protect people's health. We offer corresponding video solutions that can make a significant contribution to containing the pandemic.  Michael Seiter: Overall, we managed the past year well despite the challenges and have been growing again since the third quarter compared to 2019. We see good opportunities for further growth in 2021. Q: Has the Corona crisis again accelerated the development of smart technologies in the security technology market, and does the security market in contrast to most industries benefit from the crisis more than it suffers? Michael Seiter: The Corona crisis has definitely demonstrated that the future lies in data-driven solutions. Thanks to our product development strategy already being based on this, we at Bosch were very quickly able to develop new products for the ‘New Normal’ and to expand existing products accordingly. To give one or two examples: in cooperation with Philips, we very quickly developed a people counting solution for retail operations – smart Philips displays in conjunction with smart cameras from Bosch that provide protection for staff and customers. The In-Store Analytics software solution was also implemented with additional features. Shop owners can now make decisions based on customer movement data such as “Where do we position products to avoid queues or crowds?” HTD involves a touch-free monitoring system to accurately and speedily identify people with heightened skin temperature  The latest highlight is the Bosch Human Skin Temperature Detection solution, in short HTD. This involves a touch-free monitoring system to accurately and speedily identify people with heightened skin temperature at control points in offices, factory floors, or airports. The benefits of previously existing solutions on the market are sometimes called into question. Competitors are often unable to deliver what they promise because, for example, the measured temperature of the skin does not correspond to the core temperature of the person, or fluctuates, due to environmental influences. Therefore, we developed a software-based solution that, in compliance with GDPR, first allows people with potentially elevated body temperatures to be filtered out, and in a second step, allows medical personnel to perform a more targeted fever measurement. Q: You see a lot of potential for the video security industry in new technologies such as Artificial Intelligence and the Internet of Things. What specific opportunities do you mean, and how are you leveraging these technologies at Bosch Building Technologies? Michael Seiter: Bosch has committed itself fully to an “AIoT” – AI meets IoT – strategy. The development of AI algorithms and software, in general, is at Bosch significantly driven in the security space.  By AIoT, we specifically mean the networking of physical products and the deployment of artificial intelligence. With AI we aim to enable clients to understand events at an ever-deeper level and predict them in the future – the keyword being predictive – so that they can act proactively. This is particularly important for health and safety. An example is the Intelligent Insights solution where the user can anticipate potentially dangerous situations, for instance in maintaining social distance and a maximum number of people numbers in any one area. Q: From your point of view do you have an advantage over other suppliers when it comes to AI-based products in the video arena? Michael Seiter: The analysis and utilisation of video data have long been front and centre with us. Since 2016 we’ve been following the strategy of offering AI applications in the form of integrated intelligent video analytics as a standard in our network cameras. Data such as colour, object size, object speed, and direction are all measured. Simply put, you can say this is seeing and understanding – which is the principle behind smart security cameras. Today it’s much more a question of intelligent, data-based solutions than collecting high-quality pictures and storing them for the record. Bosch has been investing heavily in AI for years, from which we can benefit greatly in our area. In the first quarter, for example, we will launch a vehicle detector based on deep learning that is already running on our cameras. This will create significant added value for our customers in the area of intelligent traffic control. Q: Mr. Ekerot, what advantages do customers have in AI-based video security from Bosch? Magnus Ekerot: A key advantage is strong customer focus with tailored solutions that are at the same time modular and scalable through new AI algorithms A key advantage is our strong customer focus with tailored solutions that are at the same time modular and scalable through new AI algorithms. Take the example of Camera Trainer, a machine learning software that can be directly uploaded to Bosch network cameras. The camera is thus trained up on recognising objects and situations – tailored to the specific needs of our customers. If the camera detects the defined scenario, it performs a predefined action in real-time – for example, a count or an alarm. The latest example is our new camera platform Inteox. As a completely open camera platform, Inteox combines Bosch's intelligent video analytics with an open operating system. This allows programmers to develop specific software applications - or apps - for various application purposes. These can then be loaded onto cameras – the same principle as an app store for smartphones. To sum up, Bosch AI applications support customer-specific needs related to data analysis while enabling totally new applications within and beyond the video security market. Q: Can you name a specific current project where Bosch has deployed an AI-based solution? Magnus Ekerot: A current ground-breaking project using our smart cameras is being implemented as a pilot in the USA. Smart Ohio enables users to configure more intelligent traffic flows and thus ensure mobility, safety, and the efficient use of roads today and tomorrow. The new vehicle detector mentioned by Mr. Seiter also plays a central role here. Our overall goal is to provide connected smart sensor solutions for public and private transportation agencies to enable them to operate their roads safely and efficiently. The Intelligent Insights can anticipate potentially dangerous situations, for instance in maintaining social distance and a maximum number of people numbers in any one area Q: Mr. Seiter, you have been involved with the topic of mobility for some time. What experience from your previous job in the automotive business of Bosch might help you when it comes to further develop the video portfolio of Bosch Building Technologies? Michael Seiter: There's a lot to tell. First of all, the development of core algorithms for video-based solutions, whether for autonomous driving, for vehicle interior monitoring, or for our Bosch Building Technologies video systems, all come together at Bosch's Hildesheim location. This gives us considerable synergies and allows us to bring R&D results to market faster and more flexibly. Essentially, assisted driving systems use AI algorithms that process ever-increasing volumes of video data. Attempts are being made to imitate the human being and enable the vehicle to understand better the surrounding environment with its ‘eyes’. This predictive capability is especially critical with autonomous driving. For example, key questions include: “How should the car respond and what could potentially happen next?” “What kind of environment does it find itself in?” etc. There are many activities in this area at Bosch that in my new role in security we can also strongly benefit from. I am now bringing a lot of this experience and existing R&D achievements to Bosch Video Systems & Solutions, which also results in further synergies with our mobility division: At Stuttgart Airport, autonomous driving is already being implemented together with Mercedes-Benz and the parking garage operator Apcoa as part of the "Automated Valet Parking" project, or AVP for short, in which intelligent video systems from Bosch Building Technologies are making a significant contribution. Mr. Ekerot, you have a lot of experience in the video security area. Where do you position Bosch Building Technologies now in this market and what specific goals are you pursuing? Magnus Ekerot: Our clients are looking for reliable partners and products. We are a strong brand; you can rely on Bosch products. Bosch is a thought leader in video and a pioneer in AI applications in this field since 2016. Data security is everything to us: Our products conform to the EU’s GDPR regulations. Beyond that, we have an extensive camera portfolio that complies with the US National Defense Authorization Act (NDAA) for video security devices. This enables our portfolio to be deployed for example within US government buildings. We are planning to conclude more software maintenance agreements with our clients in 2021. These deliver investment and future security for our customers and include for example a ‘patch guarantee’ along with regular updates with new functionalities. This is the first step in a comprehensive plan to access new revenue channels for us and our partners delivering the best technology and excellent service to the end-user! Overall, many new products will be launched this year and this trend will intensify. Our goal is to establish new product families that follow a simple principle: “The development and delivery of disruptive, predictive video solutions that every user can trust because of the underlying sustainable forward-thinking mindset.” It’s been much discussed of late that Bosch is one of the very first companies globally that operates on a CO2-neutral basis. How does sustainability impact your business? Magnus Ekerot: IoT solutions are actually sustainable and contribute to environmental protection Our IoT solutions are actually sustainable and contribute to environmental protection. For example, our cameras are sustainable in that they remain up-to-date through software updates and needn’t be constantly exchanged for new ones. Our systems demonstrate sustainability also operationally as they can be managed remotely. System integrators don’t need to be physically present, thus avoiding unnecessary travel with its accompanying emissions. All in all, Bosch Building Technologies develops ways to accompany and support our clients in reaching their climate goals via new technologies. This can be done, for example, through improved energy efficiency, the total cost of ownership models, organising and simplifying the supply chain, and helping our customers meet their social responsibilities. The Power of Bosch helps us here to leverage company-wide research to be two steps ahead, a shade faster, when it comes to new technologies and initiatives that our and future generations will benefit from. I should also say that I am personally very proud to work for a company that set an ambitious climate goal for itself and achieved it! Can you already share a preview of your technology innovations in 2021? Michael Seiter: We see great market potential for our cameras that use artificial intelligence and can be updated flexibly throughout their lifecycles. I have already mentioned the deep learning-based vehicle detector in our cameras. More such solutions – also for other applications where object and person recognition are important – will follow in the course of the year. And the best part is: with AI, the more data we collect and the more intelligently we use it, the better the solutions become and the more added value they bring to the customer. This will revolutionise our industry! Another example is our cloud-based solutions, for example for alarm monitoring. Here, we can now also integrate third-party cameras and, building on this, offer and jointly develop our intelligent software-based solutions. This gives our customers more opportunities to take advantage of the opportunities created by AI. The trend towards integration of the various security technologies seems to be driven mostly by the rapid progress in software development. Does this affect full-range suppliers such as Bosch and what specific plans for fully integrated security solutions do you have for the future? Michael Seiter: Naturally, this suits us as a full-scope supplier. Bosch solutions are deployed in many cross-domain client projects. We have experts for the different domains under one roof and a strong brand with the same quality promise for all areas. Nevertheless, it is always also about specific domain excellence. Only when you master all different areas and have profound and proven expertise in each of them you can succeed in integrated cross-domain projects. The respective business units craft their future strategies and innovation roadmaps with this in mind – as we do in the field of Video Systems & Solutions. Our business unit offers fully integrated Bosch video solutions that can be extended and operated on open systems. This is why we drive open platforms such as Inteox, to offer customers from a wide range of industries the right solutions. Our Bosch Integration Partner Program that we launched in 2012 is also heading in this direction – every product can be integrated into multiple other systems and VMS solutions. In summary: At Bosch, we are both a one-stop-shop, but also an open-system, meaning we offer customers maximum flexibility in their choice of products and services.

Latest Allegion (UK) Ltd news

Security Industry Association launches Talent Inclusion Mentorship Education program for security professionals
Security Industry Association launches Talent Inclusion Mentorship Education program for security professionals

The Security Industry Association (SIA) and the SIA RISE Steering Committee are launching Talent Inclusion Mentorship Education (TIME) – a new mentorship program for early and mid-career professionals in the security industry. The TIME program is designed to promote diversity, equity and inclusion and empowerment of underrepresented identities in the security industry by creating a well-defined pathway for learning and development. Talented security industry “SIA’s new TIME mentorship program seeks to build a security industry full of diverse perspectives, people and cultures,” said Pierre Trapanese, chair of the SIA Board of Directors. “Through the program, we look forward to creating valuable learning experiences for both mentees and mentors, giving back and helping to grow an inclusive, talented security industry.” SIA’s TIME mentorship program aims to offer meaningful developmental opportunities for participants. Key components of the TIME mentorship program include: Career development: Connecting early and mid-career professionals and students with established industry professionals to further career growth and talent development Skill enhancement: Building a sustainable community of support through collaboration, networking and skill building Recruitment: Attracting students to the security industry by providing insights on the wide array of career opportunities available Executive leadership development: Promoting leadership development opportunities that will encourage diversity within the ranks Fun networking opportunities TIME is guided by volunteers from the SIA RISE Diversity and Inclusion Subcommittee – including Bobby Louissaint, technical operations solutions manager at Facebook; Erin Mann, strategy and marketing manager, multifamily at Allegion; and Eddie Reynolds, CEO of Iluminar Inc. – and with the support of SIA staff. The program will run for 12 monthly sessions and have semi-annual orientations. SIA is seeking seasoned security industry professionals to serve as mentors in the TIME program. SIA RISE is a community that fosters the careers of young professionals in the security industry. Membership in SIA RISE – which offers fun networking opportunities, career growth webinars and education tracks at ISC West and East, scholarships and the annual AcceleRISE conference – is open to all employees at SIA member companies who are young professionals under 40 or have been in the security industry for less than two years.

SIA appoints Erin Mann and Kelsey Carnell as the new chair and vice chair to lead SIA RISE
SIA appoints Erin Mann and Kelsey Carnell as the new chair and vice chair to lead SIA RISE

The Security Industry Association (SIA) has named a new chair and vice chair to lead SIA RISE, a community that fosters the careers of young professionals in the security industry. Erin Mann – strategy and marketing manager, multifamily at Allegion Canada Inc. – will serve as chair of the RISE Steering Committee, with Kelsey Carnell – regional sales manager, New England at Axis Communications – serving as vice chair. In these new roles, Mann and Carnell will help RISE deliver educational content and networking opportunities to young professional employees of SIA member companies, college students and recent graduates interested in the global security industry. Security forum scholarship Erin Mann has been with Allegion in a variety of roles of increasing responsibilities since 2016. In 2019, she moved to Toronto to work for Allegion Canada, with a focus on the multifamily market. Having a passion for people, Mann is an active member of Allegion’s Young Professionals Group, a founding member of the organisation’s innovation group Creativity Unlocked, a member of Allegion’s Network of Empowered Women and a co-chair of Allegion Canada’s engagement group. Mann is a member of the Foundation for Advancing Security Talent (FAST) Board of Directors In addition to her work with RISE, Mann is a member of the Foundation for Advancing Security Talent (FAST) Board of Directors. In 2018, she was awarded the SIA RISE Scholarship, and in 2020, she was honoured with the SIA Women in Security Forum Scholarship. Mann is also a member of the SIA Women in Security Forum. She holds a B.A. in communications from DePauw University. Passionate young professionals “Joining the RISE committee in 2018 provided me with the most incredible community of dynamic, fun, engaging and passionate young professionals. RISE gave me a deeper understanding of the impact early-career individuals can have in our organisations and industry. I could not be more excited or grateful for the opportunity to lead the RISE group as chair for the next year, alongside Kelsey Carnell as vice chair,” said Mann. “Our committee is a team of dedicated and empowered individuals, and I am looking forward to the work that is ahead as we continue to collaborate with other groups, work towards more empowered and inclusive work spaces and build a network of excited leaders within the security industry.” Applications of IP video Carnell works with a dedicated inside sales account manager and field sales engineer In her role at Axis Communications, Carnell works with a dedicated inside sales account manager, field sales engineer and over 300 partners in the Western Massachusetts and Connecticut region, striving to share with integrators, distributors, consultants and end users the benefits and applications of IP video and Axis solutions. In 2018, she was selected as a recipient of the SIA RISE Scholarship. She holds a master’s degree in business administration and a bachelor’s degree in marketing from Southern New Hampshire University and completed the Crime Prevention Through Environmental Design (CPTED) course at Florida Atlantic University in 2019. Amazing young professionals “I am so excited and very honoured to have been selected as vice chair of the RISE committee this year, working alongside some amazing young professionals. RISE has been such a rewarding, fulfilling and inspiring group to be a part of for the last few years,” said Carnell. “This team works so hard to make a difference, push the envelope and drive some positive and necessary change within the industry. We work to uncover new initiatives and offer scholarships, educational modules, networking events and more. I am so excited to see what this group continues to accomplish and look forward to making a difference in the coming years!” Fun networking opportunities SIA RISE is an essential resource to help young security industry professionals access high-quality education" “SIA RISE is an essential resource to help young security industry professionals access high-quality education and training, make valuable connections and take their careers to the next level, and RISE’s offerings would not be possible without the support of talented volunteers like Erin Mann and Kelsey Carnell and our outgoing SIA RISE chair, Matt Feenan,” said SIA CEO Don Erickson. “We thank Matt for his dedicated leadership of RISE over the last two years and congratulate Erin and Kelsey on their new roles, and we look forward to partnering with them to help propel the security industry’s future growth.” SIA RISE – which offers fun networking opportunities, career growth webinars and education tracks at ISC West and East, scholarships and the annual AcceleRISE conference – is open to all employees at SIA member companies who are young professionals under 40 or have been in the security industry for less than two years.

LEAF Identity Consortium enables interoperability with encrypted smart cards
LEAF Identity Consortium enables interoperability with encrypted smart cards

Can a smart card be used securely for multiple applications (and among multiple manufacturers )? End users are demanding such interoperability, and they also want openness to switching out components of their access control systems in the future without being “locked in” to one vendor. Those are the goals of the LEAF Identity consortium, a collection of companies that share and support end user-owned encryption keys stored securely in smart cards with MIFARE DESFire EV2 chips and are used to authenticate access control credentials and read the data required to access multiple applications secured by multiple vendor devices. Smart card systems - more secure Almost everyone in the industry now knows that low-frequency (125 kHz) “prox” cards are not secure; in fact, low-cost cloning equipment is readily and inexpensively available. As the industry transitions to encrypted cards, challenges of interoperability persist. Keeping smart card systems more secure are AES 128 encryption keys encoded onto the card chips. Information is exchanged via radio frequency (RF) in a challenge-response interaction when a card is presented to a reader. The most recent LEAF EV2/EV3 cards allow up to 16 devices to be individually accessed using 16 unique keys, respectively that are stored in the smart cards (and among a variety of manufacturers). LEAF Identity Consortium enables interoperability with encrypted Smart Cards LEAF Memory Model specifies a standard EV2 (EV1 backward compatible) smart card data format and application access protocols that ensure each manufacturer’s devices can interface with a card chip in the same way. Specifically, each card has a “common data structure” based on the LEAF Memory Model, which means that the location of information is arranged on a card chip in a predictable and consistent manner. Each end-user application (for door readers, secure printing, vending, etc.) stored in the card is secured with their own cryptographic key. Member companies adhere to that structure in order to be interoperable with a single credential. There are no license fees or intellectual property rights involved. Keysets The approach involves a LEAF Custom Cryptographic Keyset (LEAF Cc Keysets) owned by the end-user. “When we present these concepts to integrators, they realize that, first, they need to get their clients to pay attention to the risks around proximity cards and to migrate to encrypted card technology,” says Laurie Aaron, Executive Vice President, WaveLynx Technologies Corp. “Then we explain the benefits of customer-owned keys and of the LEAF data structure. Then integrators can differentiate themselves by selling the value of the end-user staying in control and having unlimited interoperability.” WaveLynx Access control manufacturer WaveLynx is implementing the LEAF concept, which is the brainchild of CEO Hugo Wendling, who saw the advantages of leveraging the ability of an EV2 chip card to authenticate access to multiple applications by multiple manufacturer’s devices. WaveLynx set up the specification, maintains the website, and is involved when a manufacturer wants to become LEAF Enabled. They provide a key management service (for life) to end-users based on LEAF capabilities. End-users “own” the keys and can submit a request to WaveLynx to have us securely share them with any other manufacturer. Sharing a key involves two key custodians from WaveLynx Technologies and the Vendor who is receiving the customer’s keys, each of whom only has access to half of the encrypted key in order to keep it secure.  Keys are shared via a “key ceremony”. Combining capabilities The LEAF consortium provides a way for manufacturers to work together to provide an ecosystem of devices that are compatible with a single encrypted smart card without the need to embed proprietary reader modules in their devices or license another manufacturer’s technology, thereby making it possible for them to increase their market share. Working together, independent manufacturers can assemble a group of devices to compete more effectively with larger manufacturers. In effect, they combine their capabilities in order to offer the end-user viable options and to compete. LEAF Consortium partners include Allegion, ASSA ABLOY, Brivo, Eline by DIRAK, Linxens, RFIDeas, and Telaeris. Biometric partners include Idemia and IrisID. Biometric devices may either store their biometric on the card or on a central database and access it through the badge number. The LEAF standard continues to evolve. Although the standard does not currently offer mobile credentials, a common mobile credential standard is currently being discussed and designed by the Consortium.  

Related white papers

Facing the ever-evolving hacker head-on

Four areas to consider in frictionless access control

Cloud video and smart cities