Brivo Systems Access Control Softwares

Rodrigue Zbinden, CEO at Morphean, discusses the business benefits from merging video surveillance and access control technologies as demand for ACaaS grows. The big question facing businesses today is how they will use the data that they possess to unlock new forms of value using emerging technologies such as the cloud, predictive analytics and artificial intelligence. Some data is better utilised than others: financial services were quick to recognise the competitive advantages in exploiting technology to improve customer service, detect fraud and improve risk assessment. In the world of physical security, however, we’re only just beginning to understand the potential of the data that our systems gather as a part of their core function. Benefits of ‘Integrated access control’ The first thing to look for is how multiple sources of data can be used to improve physical security functionsWhat many businesses have yet to realise is that many emerging technologies come into their own when used across multiple sources of data. In physical security, for example, we’re moving from discussions about access control and CCTV as siloed functions, to platforms that combine information for analysis from any source, and applying machine learning algorithms to deliver intelligent insights back to the business. ‘Integrated access control’ then looks not just to images or building management, but to images, building management, HR databases and calendar information, all at the same time. And some of the benefits are only now starting to become clear. The first thing to look for, of course, is how multiple sources of data can be used to improve physical security functions. For example, by combining traditional access control data, such as when a swipe card is used, with a video processing platform capable of facial recognition, a second factor of authentication is provided without the need to install separate biometric sensors. CCTV cameras are already deployed in most sensitive areas, so if a card doesn’t match the user based on HR records, staff can be quickly alerted. Making the tools cost-effective In a similar vein, if an access card is used by an employee, who is supposed to be on holiday according to the HR record, then video data can be used to ensure the individual’s identity and that the card has not been stolen – all before a human operator becomes involved. This is driving growth in ‘access control as a service’ (ACaaS), and the end-to-end digitalisation of a vital business functionThese capabilities are not new. What is, however, is the way in which cloud-based computing platforms for security analytics, which absorb information from IP-connected cameras, make the tools much more cost effective, accessible and easier to manage than traditional on-site server applications. In turn, this is driving growth in ‘access control as a service’ (ACaaS), and the end-to-end digitalisation of a vital business function. With this system set up, only access control hardware systems are deployed on premise while the software and access control data are shifted to a remote location and provided as a service to users on a recurring monthly subscription. The benefits of such an arrangement are numerous but include avoiding large capital investments, greater flexibility to scale up and down, and shifting the onus of cybersecurity and firmware updates to the vendor. Simple installation and removal of endpoints What’s more, because modern video and access control systems transmit data via the IP network, installation and removal of endpoints are simple, requiring nothing more than PoE and Wi-Fi. Of all the advantages of the ‘as a service’ model, it’s the rich data acquired from ACaaS that makes it so valuable, and capable of delivering business benefits beyond physical security. Managers are constantly looking for better quality of information to inform decision making, and integrated access control systems know more about operations than you might think. Integrating lighting systems with video feeds and access control creates the ability to control the lightsRight now, many firms are experimenting with ways to find efficiencies and reduce costs. For example, lights that automatically turn off to save energy are common in offices today, but can be a distraction if employees have to constantly move around to trigger motion detectors. Integrating lighting systems with video feeds and access control creates the ability to control the lights depending on exactly who is in the room and where they are sitting. Tracking the movement of employees Camera data has been used in retail to track the movement of customers in stores, helping managers to optimise displays and position stocks. The same technology can be used to map out how employees move around a workspace, finding out where productivity gains can be made by moving furniture around or how many desks should be provisioned. Other potential uses of the same data could be to look for correlations between staff movement – say to a store room – and sales spikes, to better predict stock ordering. What makes ACaaS truly exciting is it is still a very new field, and we’re only just scratching the surface of the number of ways that it can be used to create new sources of value. As smart buildings and smart city technology evolves, more and more open systems will become available, offering more ways to combine, analyse and draw insights from data. Within a few years, it will become the rule, rather than the exception, and only grow in utility as it does.

We live in an information and data-led world, and cybersecurity must remain top-of-mind for any organisation looking to both protect business operation critical assets. Businesses without proper cyber measures allow themselves to be at risk from a huge list of threats - from cybercriminals conducting targeted spear-phishing campaigns - like the 2018 Moscow World Cup vacation rental scam, to nation-state actors looking to collect intelligence for decision makers - no organisation is safe from innovative cyber threats. Security solutions enterprises Organisations can then set the groundwork necessary to stop malicious activity and keep their business’ data safe The evolving threat space means organisations need to ensure they have the most innovative prevention and detection frameworks in order to withstand adversaries using complex and persistent threats. When implementing new security solutions enterprises must start by assuming that there is already a bad actor within their IT environment. With this mindset, organisations can then set the groundwork necessary to stop malicious activity and keep their business’ data safe. As there is no one silver bullet that truly stops all cyberattacks, organisations must adopt a multipronged approach to be widely adopted to stop adversaries. This must include tracking, analysing and pinpointing the motivation of cyber actors to stay one step ahead through global intelligence gathering and proactive threat hunting. In addition, deploying new technologies leveraging the power of the cloud give a holistic view of the continuously evolving threat landscape and thereby secure data more efficiently. Traditional security approach In today’s landscape, the propagation of advanced exploits and easily accessible tools has led to the blurring of tactics between statecraft and tradecraft. Traditional security approaches are no longer viable when it comes to dealing with the latest trends in complex threats. To make defending against these threats even more complicated, adversaries are constantly adapting their tactics, techniques and procedures (TTPs), making use of the best intelligence and tools. CrowdStrike’s latest Global Threat Report tracked the speed of the most notable adversaries including Russian, Chinese, North Korean and Iranian groups. As the adversaries’ TTPs evolve into sophisticated attack vectors defenders need to recognise we are amidst an extreme cyber arms race, where any of the above can become the next creator of a devastating attack. Russian efficiency is particularly high; they can spread through an enterprise network in 18 minutes 48 seconds on average, following the initial cyber-intrusion. Sophisticated cyber weapons Actors tend to use a simple trial and error technique where they test the organisation's network So, reacting to threats in real-time is a priority. Bad actors are extremely vigilant and committed to breaking down an organisation’s defences, and speed is essential to finding the threats before they spread. Actors tend to use a simple trial and error technique where they test the organisation's network, arm themselves with more sophisticated cyber weapons, and attack again until they find a vulnerability. This has highlighted the need for tools that provide teams with full visibility over the entire technology stack in real-time in order to meet these threats head-on. Traditional solutions are scan-based, which means they don’t scale well and can’t give the security teams context around suspicious activity happening on the network. They lack full visibility when a comprehensive approach is needed. Businesses without proper cyber measures allow themselves to be at risk from a huge list of threats - like the 2018 Moscow World Cup vacation rental scam Malicious behaviour Through leveraging the power of the cloud and crowdsourcing data from multiple use cases, security teams can tap into a wealth of intelligence collated from across a vast community. This also includes incorporating threat graph data. Threat graphs log and map out each activity and how they relate to one another, helping organisations to stay ahead of threats and gain visibility into unknowns. Threat graph data in conjunction with incorporating proactive threat hunting into your security stack creates a formidable 360-degree security package. Managed threat hunting teams are security specialists working behind the scenes facing some of the most sophisticated cyber adversaries through hands on keyboard activity. Threat hunters perform quickly to pinpoint anomalies or malicious behaviour on your network and can prioritise threats for SOC teams for faster remediation. In-depth knowledge Security teams need to beat the clock and condense their responseIt is key for security teams to have an in-depth knowledge of the threat climate and key trends being deployed by adversaries. The TTPs used by adversaries leave are vital clues on how organisations can best defend themselves from real-life threats. Intrusion ‘breakout time’ is a key metric tracked at CrowdStrike. This is the time it takes for an intruder to begin moving laterally outside of the initial breach and head to other parts of the network to do damage. Last year, the global average was four hours and 37 minutes. Security teams need to beat the clock and condense their response and ejection of attackers before real damage is done. Next-generation solutions When managing an incident clients need to be put at ease by investigations moving quickly and efficiently to source the root of the issue. Teams need to offer insight and suggest a strategy. This can be achieved by following the simple rule of 1-10-60, where organisations should detect malicious intrusions in under a minute, understand the context and scope of the intrusion in ten minutes, and initiate remediation activities in less than an hour. The most efficient security teams working for modern organisations try to adhere to this rule. As the threat landscape continues to evolve in both complexity and scale, adequate budget and resources behind security teams and solutions will be determining factors as how quickly a business can respond to a cyberattack. To avoid becoming headline news, businesses need to arm themselves with next-generation solutions. Behavioural analytics The solution can then know when to remove an adversary before a breakout occurs Behavioural analytics and machine learning capabilities identify known and unknown threats by analysing unusual behaviour within the network. These have the ability to provide an essential first line of defence, giving security teams a clear overview of their environment. With this at hand, the solution can then know when to remove an adversary before a breakout occurs. Attackers hide in the shadows of a network’s environment, making the vast volume and variety of threats organisations face difficult to track manually. The automation of responses and detection in real-time is a lifeline that organisation cannot live without as adversaries enhance and alter their strategies. Adversaries continue to develop new ways to disrupt organisations, with cybersecurity industry attempting to keep pace, developing new and innovative products to help organisations protect themselves. These technologies empower security teams, automating processes and equipping security teams with the knowledge to respond quickly. Organisations can set themselves up for success by integrating the 1-10-60 rule into their security measures, giving them an effective strategy against the most malicious adversaries.

In 2017, IoT-based cyberattacks increased by 600%. As the industry moves towards the mass adoption of interconnected physical security devices, end users have found a plethora of advantages, broadening the scope of traditional video surveillance solutions beyond simple safety measures. Thanks in part to these recent advancements, our physical solutions are at a higher risk than ever before. With today’s ever evolving digital landscape and the increasing complexity of physical and cyber-attacks, it’s imperative to take specific precautions to combat these threats. Video surveillance systems Cybersecurity is not usually the first concern to come to mind When you think of a video surveillance system, cybersecurity is not usually the first concern to come to mind, since digital threats are usually thought of as separate from physical security. Unfortunately, these two are becoming increasingly intertwined as intruders continue to use inventive methods in order to access an organisation's assets. Hacks and data breaches are among the top cyber concerns, but many overlook the fact that weak cybersecurity practices can lead to physical danger as well. Organisations that deploy video surveillance devices paired with advanced analytics programs often leave themselves vulnerable to a breach without even realising it. While they may be intelligent, IoT devices are soft targets that cybercriminals and hackers can easily exploit, crippling a physical security system from the inside out. Physical security manufacturers Whether looking to simply gain access to internal data, or paralyse a system prior to a physical attack, allowing hackers easy access to surveillance systems can only end poorly. In order to stay competitive, manufacturers within the security industry are trading in their traditional analogue technology and moving towards interconnected devices. Due to this, security can no longer be solely focused on the physical elements and end users have taken note. The first step towards more secured solutions starts with physical security manufacturers choosing to make cybersecurity a priority for all products, from endpoint to edge and beyond. Gone are the days of end users underestimating the importance of reliability within their solutions. Manufacturers that choose to invest time and research into the development of cyber-hardening will be ahead of the curve and an asset to all. Wireless communication systems Integrators also become complicit in any issues that may arise in the future Aside from simply making the commitment to improve cyber hygiene, there are solid steps that manufacturers can take. One simple action is incorporating tools and features into devices that allow end users to more easily configure their cyber protection settings. Similarly, working with a third party to perform penetration testing on products can help to ensure the backend security of IoT devices. This gives customers peace of mind and manufacturers a competitive edge. While deficient cybersecurity standards can reflect poorly on manufacturers by installing vulnerable devices on a network, integrators also become complicit in any issues that may arise in the future. Just last year, ADT was forced to settle a $16 million class action lawsuit when the company installed an unencrypted wireless communication system that rendered an organisation open to hacks. Cybersecurity services In addition, we’ve all heard of the bans, taxes and tariffs the U.S. government has recently put on certain manufacturers, depending on their country of origin and cybersecurity practices. Lawsuits aside, employing proper cybersecurity standards can give integrators a competitive advantage. With the proliferation of hacks, malware, and ransomware, integrators that can ease their client's cyber-woes are already a step ahead. By choosing to work with cybersecurity-focused manufacturers who provide clients with vulnerability testing and educate end users on best practices, integrators can not only thrive but find new sources of RMR. Education, collaboration and participation are three pillars when tackling cybersecurity from all angles. For dealers and integrators who have yet to add cybersecurity services to their business portfolios, scouting out a strategic IT partner could be the answer. Unlocking countless opportunities Becoming educated on the topic of cybersecurity and its importance for an organisation is the first step Physical security integrators who feel uncomfortable diving headfirst into the digital realm may find that strategically aligning themselves with an IT or cyber firm will unlock countless opportunities. By opening the door to a partnership with an IT-focused firm, integrators receive the benefit of cybersecurity insight on future projects and a new source of RMR through continued consulting with current customers. In exchange, the IT firm gains a new source of clients in an industry otherwise untapped. This is a win for all those involved. While manufacturers, dealers and integrators play a large part in the cybersecurity of physical systems, end users also play a crucial role. Becoming educated on the topic of cybersecurity and its importance for an organisation is the first step. Commonplace cybersecurity standards Below is a list of commonplace cybersecurity standards that all organisations should work to implement for the protection of their own video surveillance solutions: Always keep camera firmware up to date for the latest cyber protections. Change default passwords, especially those of admins, to keep the system locked to outside users. Create different user groups with separate rights to ensure all users have only the permissions they need. Set an encryption key for surveillance recordings to safeguard footage against intruders and prevent hackers from accessing a system through a backdoor. Enable notifications, whether for error codes or storage failures, to keep up to date with all systems happenings. Create/configure an OpenVPN connection for secured remote access. Check the web server log on a regular basis to see who is accessing the system. Ensure that web crawling is forbidden to prevent images or data found on your device from being made searchable. Avoid exposing devices to the internet unless strictly necessary to reduce the risk of attacks.

Security Essen 2018, held in Messe Essen, Germany, promised attendees a newly modernised trade show with a simplified layout and more interactive experience. Compared to previous years, halls were reorganised by technology area, with aisles laid out to make more direct pathways for attendees. The fair welcomed 950 exhibitors and more than 36,000 trade visitors from the global security market. Several manufacturers mentioned that footfall had been lighter than expected, but that the show had delivered on its promise to welcome more international visitors, in particular from the Middle East region. Exhibitors also grumbled about higher costs for booth space. Key security industry exhibitors Exhibitors expressed concern that the absence of key players reduced overall foot traffic Exhibitors praised the bigger aisles, which made it easier for visitors to navigate the show. However, some were unsure whether this was due to a better layout or simply because the show was missing key exhibitors. Notably absent were access control provider Dormakaba, security solutions company Honeywell, and surveillance providers Geutebruck and Dallmeier. Exhibitors expressed concern that the absence of key players reduced overall foot traffic. Security Essen hosted a particularly strong access control presence. Halls 2 and 3 were home to companies from across the access control and mechatronics spectrum. Sponsorship by EVVA covered the west entrance. The locking systems manufacturer, which celebrates its 100th anniversary next year, boasted significant floorspace. Exhibitors were pleased with the large access and locking presence, commenting that London-based IFSEC International tends to be dominated by video surveillance providers. EVVA, which celebrates its 100th anniversary next year, boasted significant floorspace Deep learning and artificial intelligence The push toward artificial intelligence (AI) in physical security continues, although the tone at Security Essen seemed to be shifting beyond hype and more toward how the technology can actually add value. For example, Hikvision’s cameras boasted more intelligence and processing power, and the company emphasised faster-paced product cycles. Customers ultimately do not buy AI – they buy benefits and solutions VIVOTEK embraced artificial intelligence as the biggest trend in the industry. The company demonstrated its latest deep learning technology for crowd detection applications. For Dahua, artificial intelligence allows users to easily search metadata in a video, including age and behaviour. Dahua demonstrated its solution for the transportation market, which is able to learn if a bus or train driver is falling asleep at the controls. However, some manufacturers chose not to focus on artificial intelligence. Representatives from Brivo and Eagle Eye Networks highlighted that customers ultimately do not buy AI – they buy benefits and solutions. Historically, video analytics were oversold and underdelivered, and the same could happen to AI if the term is overused in marketing security solutions. VIVOTEK embraced artificial intelligence as the biggest trend in the industry The German market & GDPR While the fair welcomed an increase in international visitors, many stands offered a distinctly German flavour. Exhibitors catered to German customers’ preference for data protection and high levels of privacy. Visitors were welcomed to the show by banners from Genetec, emblazoned with the slogan “Privacy matters… So, remember to forget me.” The video security provider’s stand demonstrated this concept more tangibly, via its Privacy Protector Module.  The surveillance software, which is certified with the European Privacy Seal (EuroPriSe), monitors events while automatically pixelating people and vehicles in real time. If an incident occurs, an authorised operator can securely access the unaltered video. Visitors were welcomed to the show by banners from Genetec Other companies also acknowledged issues of privacy and cybersecurity. Hikvision noted that Europe is more regulated, which limits the implementation of the company’s products compared to those used in China. Dahua emphasised that its data for the German market is stored in Frankfurt to meet demands for data protection. IDIS made a point of saying there are no backdoors to their products. The deep learning products are easy to use and 96% accurate, says the company. FLIR has developed a cybersecurity hardening document, and strives to be transparent about cyber issues, including a web landing page where customers can raise any concerns. Vanderbilt is also pushing the cloud as a way forward with its ACT365 cloud-based access and video solution. Users are not intimidated by the cloud anymore since we all use it in our personal lives, says the company. Also on the access control side, EVVA were clear on the security of their AirKey mobile access system, which uses technology based on internet banking, double encryption and high-quality hardware. As well as demonstrating its SAROS thermal camera, FLIR strived for cybersecurity concerns to be addressed by customers Taking a broader view Nedap views security as being about allowing people to focus on their daily lives and work, safe in the knowledge that security is being taken care of. At the show, Nedap launched its new slogan ‘Security for Life’, stating that “true security is when you don’t have to think about it”. Nedap’s global client program represents a long-term commitment to projects. They are having more discussions with clients about risk management through standardisation and centralised policy.Solutions – as opposed to products – were also a focus at Security Essen, as at IFSEC before it Clients remain with Nedap because they keep investing in the platform, constantly updating the code and simplifying it to improve scalability for organisations, says the company. Nedap had one of the few double-decker booths at Security Essen. Solutions – as opposed to products – were also a focus at Security Essen, as at IFSEC before it. HID Global touted their extensive use of partnerships to provide solutions. SeeTec highlighted their move away from products to a more solution-based approach. FLIR, perhaps best known as a thermal camera company, were pushing their solutions approach to markets including intelligent traffic, smart city, video management and PSIMs.  Nedap had one of the few double-decker booths at Security Essen Vertical markets in focus As vertical markets go, retail was big, and several players were offering some type of retail solution. Retail – along with banking, finance and transportation – was among Hikvision’s vertical markets of choice. Dahua's new panoramic cameras stitch together the image inside the camera instead of on the server SeeTec’s retail solution combines EAS with business intelligence and heat mapping. Dahua’s retail offerings include people counting and emotion detection, which can correlate with weather data, for example. Genetec also showcased a range of retail solutions. Technology improvements announced at Security Essen include FLIR's more robust FB6 series thermal line, Promise Technology's SMARTBOOST technology improved playback performance, and Videotec's cameras with better night performance. The extended 50m range of Optex's intrusion detection laser sensor reduces the need for cameras. Dahua's new panoramic cameras stitch together the image inside the camera instead of on the server. The Hanwha Techwin booth featured Korean flags and a “Korean at heart” motto to set the company apart Signs of the U.S. congressional ban There were signs at Security Essen of an impact of the recent U.S. ban on use of Hikvision and Dahua equipment in government installations, although both big Chinese manufacturers maintained a high profile at the German show. For example, the Hanwha Techwin booth featured Korean flags and a “Korean at heart” motto to set the company apart. Chinese camera manufacturer Uniview were keen to stress that they are not owned by Chinese government (neither is Dahua). Uniview’s all-IP camera line offers high resolution, low-light, multisensor and fisheye options, and AI software provides facial recognition, object detection, and fire and smoke detection at the edge. The company aims to increase its global presence with more international branch offerings and international factories.

Brivo, global innovator and designer of cloud-based physical security solutions for commercial buildings, announced its expansion into Europe with the opening of its Amsterdam office and the creation of a new subsidiary, Brivo Systems BV. The move highlights the increasing adoption of cloud-based physical security systems and the company’s growing partner and customer base in Europe. With sales, technical, and logistics operations located in Amsterdam, Brivo will now provide a full range of support services to its European customers. Brivo Systems BV We’re seeing growing demand for cloud-based access control solutions in Europe and felt this was a great time to expand our reach" “We’re seeing growing demand for cloud-based access control solutions in Europe and felt this was a great time to expand our reach,” explained Brivo’s President and CEO, Steve Van Till. “We’re really excited about the opportunities and our ability to provide local support resources for our European customers.” As part of this expansion program, Brivo has recently conducted commercial and technical training sessions in Amsterdam and London, with more planned for the future. “We have a great group of end-users and partners already established in Europe,” said Van Till. “It's a pleasure to see their enthusiasm for our solutions and passion for bringing our products to the European market.” Brivo Onair cloud-based security platform The Brivo Onair cloud-based security platform will offer all the same features in Europe as it does in the U.S, including integrated cloud video from Eagle Eye Networks. With customers in over 55 countries worldwide, Brivo has long had a solid customer base in Europe. The expansion of staff and offices will further drive Brivo’s ability to provide solutions for its customers around the world.

Brivo, global innovator of cloud-based physical security solutions for commercial buildings, has announced the addition of two new executives. Jeff Nielsen joins the company as CTO to lead the technology team behind the Brivo Onair security platform, and Jennifer Love joins the company as the new VP of Marketing to lead go-to-market and partner programs. New CTO to drive physical security division Jeff joins Brivo as Chief Technology Officer (CTO) to continue building the engineering and operations team driving Brivo’s success in the physical security space. Jeff is a technology executive with more than twenty years of experience building, growing and scaling software teams and organisations. Jeff has a proven track record of transforming and improving software/IT organisations in startup to Fortune 500 environments. His experience is particularly relevant to growing our portfolio of native IoT products and enhancing our data analytics capabilities" “Jeff’s experience is invaluable in expanding the Brivo ecosystem and extending our API platform strategy. His experience is particularly relevant to growing our portfolio of native IoT products and enhancing our data analytics capabilities. It’s a great time to have such a talented leader joining our team,” said Steve Van Till. New Marketing VP, technology and SaaS expert Jennifer Love joins Brivo as the VP of Marketing to build out new marketing programs for its existing partner community and to recruit new dealers as Brivo expands its international reach. Jennifer brings a wealth of experience in technology and SaaS models as she has worked in b2b marketing for over fifteen years. “We are thrilled to have both Jeff and Jennifer join Brivo’s leadership team. Jennifer’s experience will prove invaluable to maintaining our industry leadership position and helping commercial building owners make progressive security decisions. Jennifer is a very strong leader. Her strategic acumen in identifying new markets, her passion for growing customer-first cultures, and her expertise in scaling global businesses make her a great match for what Brivo needs to accelerate our growth plans,” says Brivo CEO, Steve Van Till.