EVVA Access Control Softwares(5)
Browse Access Control Softwares
Access control software products updated recently
Gallagher Command Centre Site Plan Viewer for centralised site management visibility and situational awareness
Gallagher Software Maintenance ensures security system stays up-to-date with latest security innovations
In 2017, IoT-based cyberattacks increased by 600%. As the industry moves towards the mass adoption of interconnected physical security devices, end users have found a plethora of advantages, broadening the scope of traditional video surveillance solutions beyond simple safety measures. Thanks in part to these recent advancements, our physical solutions are at a higher risk than ever before. With today’s ever evolving digital landscape and the increasing complexity of physical and cyber-attacks, it’s imperative to take specific precautions to combat these threats. Video surveillance systems Cybersecurity is not usually the first concern to come to mind When you think of a video surveillance system, cybersecurity is not usually the first concern to come to mind, since digital threats are usually thought of as separate from physical security. Unfortunately, these two are becoming increasingly intertwined as intruders continue to use inventive methods in order to access an organisation's assets. Hacks and data breaches are among the top cyber concerns, but many overlook the fact that weak cybersecurity practices can lead to physical danger as well. Organisations that deploy video surveillance devices paired with advanced analytics programs often leave themselves vulnerable to a breach without even realising it. While they may be intelligent, IoT devices are soft targets that cybercriminals and hackers can easily exploit, crippling a physical security system from the inside out. Physical security manufacturers Whether looking to simply gain access to internal data, or paralyse a system prior to a physical attack, allowing hackers easy access to surveillance systems can only end poorly. In order to stay competitive, manufacturers within the security industry are trading in their traditional analogue technology and moving towards interconnected devices. Due to this, security can no longer be solely focused on the physical elements and end users have taken note. The first step towards more secured solutions starts with physical security manufacturers choosing to make cybersecurity a priority for all products, from endpoint to edge and beyond. Gone are the days of end users underestimating the importance of reliability within their solutions. Manufacturers that choose to invest time and research into the development of cyber-hardening will be ahead of the curve and an asset to all. Wireless communication systems Integrators also become complicit in any issues that may arise in the future Aside from simply making the commitment to improve cyber hygiene, there are solid steps that manufacturers can take. One simple action is incorporating tools and features into devices that allow end users to more easily configure their cyber protection settings. Similarly, working with a third party to perform penetration testing on products can help to ensure the backend security of IoT devices. This gives customers peace of mind and manufacturers a competitive edge. While deficient cybersecurity standards can reflect poorly on manufacturers by installing vulnerable devices on a network, integrators also become complicit in any issues that may arise in the future. Just last year, ADT was forced to settle a $16 million class action lawsuit when the company installed an unencrypted wireless communication system that rendered an organisation open to hacks. Cybersecurity services In addition, we’ve all heard of the bans, taxes and tariffs the U.S. government has recently put on certain manufacturers, depending on their country of origin and cybersecurity practices. Lawsuits aside, employing proper cybersecurity standards can give integrators a competitive advantage. With the proliferation of hacks, malware, and ransomware, integrators that can ease their client's cyber-woes are already a step ahead. By choosing to work with cybersecurity-focused manufacturers who provide clients with vulnerability testing and educate end users on best practices, integrators can not only thrive but find new sources of RMR. Education, collaboration and participation are three pillars when tackling cybersecurity from all angles. For dealers and integrators who have yet to add cybersecurity services to their business portfolios, scouting out a strategic IT partner could be the answer. Unlocking countless opportunities Becoming educated on the topic of cybersecurity and its importance for an organisation is the first step Physical security integrators who feel uncomfortable diving headfirst into the digital realm may find that strategically aligning themselves with an IT or cyber firm will unlock countless opportunities. By opening the door to a partnership with an IT-focused firm, integrators receive the benefit of cybersecurity insight on future projects and a new source of RMR through continued consulting with current customers. In exchange, the IT firm gains a new source of clients in an industry otherwise untapped. This is a win for all those involved. While manufacturers, dealers and integrators play a large part in the cybersecurity of physical systems, end users also play a crucial role. Becoming educated on the topic of cybersecurity and its importance for an organisation is the first step. Commonplace cybersecurity standards Below is a list of commonplace cybersecurity standards that all organisations should work to implement for the protection of their own video surveillance solutions: Always keep camera firmware up to date for the latest cyber protections. Change default passwords, especially those of admins, to keep the system locked to outside users. Create different user groups with separate rights to ensure all users have only the permissions they need. Set an encryption key for surveillance recordings to safeguard footage against intruders and prevent hackers from accessing a system through a backdoor. Enable notifications, whether for error codes or storage failures, to keep up to date with all systems happenings. Create/configure an OpenVPN connection for secured remote access. Check the web server log on a regular basis to see who is accessing the system. Ensure that web crawling is forbidden to prevent images or data found on your device from being made searchable. Avoid exposing devices to the internet unless strictly necessary to reduce the risk of attacks.
In the next three years, software as a service ‘SaaS’ is likely to grow by around 23%. That’s according to reports by Cognizance. It’s growth rests on the adoption of cloud public, private and hybrid. Without the cloud applications can’t truly pervade an organisation, nor can operational or customer benefits be derived. But there’s no point in adopting the cloud if it’s not secure - the proliferation of SaaS demands security, none more so in a GDPR world. Large cloud environment But modern applications are difficult to secure. SaaS based, web, mobile, or custom made all work on different platforms and frameworks. It’s a headache managing all the APIs needed to automate and sync tools. This introduces risk. The greater the number of apps the broader the attack surface and therefore the greater the chance there will be blind posts. Keeping up to date with updates and new security policies is never easy There are also added hazards. Applications are always changing. Keeping up to date with updates and new security policies is never easy, but especially hard in a large cloud environment. Failure to adopt changes puts the organisation and customers at further risk. But the biggest obstacle is keeping applications and APIs out of harm’s way. It’s a near on impossible task when attack methods and sources are constantly changing. More advanced threats To be specific there are four emerging challenges when it comes to protecting apps. Firstly, managing the good and the bad bots and spotting which is which, secondly securing APIs as IoT adoption intensifies, thirdly the relationship between securing apps and DevOps and ensuring ownership of security, and finally denial of service attacks that use newer tactics such as brute force. Basic security hygiene dictates that security teams refer to the OWASP Top 10. It’s considered the ‘ten commandments’ in security circles, providing a starting point for ensuring the most common threats and vulnerabilities are managed, detected and mitigated. Web Application Firewalls also come into the fray with guidance on testing for the ways hackers exploit vulnerabilities. However, though the basics are good to have in place, there are always more advanced threats to take care of. Bots being a big one. Bot management The more sophisticated bots will go as far as to mimic human behaviourAstonishingly about half of internet traffic is bot generated. Half of it is from bad bots. Discerning the good from the bad isn’t easy though and explains why around 80% of organisations can’t make a clear distinction between the two. Bad bots can do a lot of damage like take over user accounts and payment information, scrape confidential data, or hold up inventory and skew marketing metrics. The more sophisticated bots will go as far as to mimic human behaviour and bypass tools like CAPTCHA and even device fingerprinting based protection ineffective. Securing APIs Then there’s the complications derived from machine-to-machine and internet of things (IoT) communications. The more integrated ‘things’, the more data there is, the more events there are report on, and the more activity there is reliant on APIs to make the ‘things’ useful and agile. That’s what makes them a target and the threats to API vulnerabilities include injections, protocol attacks, parameter manipulations, invalidated redirects and bot attacks. There’s the risk that business will grant access to sensitive data, without inspecting nor protecting APIs to detect cyberattacks. There’s the risk that business will grant access to sensitive data, without inspecting nor protecting APIs to detect cyberattacks Denial of service (DoS) You might think there’s little to add to the swathes of denial of service warnings. Yet when businesses are still being targeted and feeling the ill effects it’s worth mentioning again that different forms of application-layer DoS attacks are still very effective at bringing application services down. Even the greatest application protection is worthless if the service itself can be knocked down This includes HTTP/S floods, low and slow attacks (famous examples being Slowloris, LOIC, Torshammer), dynamic IP attacks, buffer overflow, Brute Force attacks and more. The IoT botnets are the culprits and have made application-layer attacks so popular that they have become the preferred DDoS attack vector. Even the greatest application protection is worthless if the service itself can be knocked down. Continuous security It may seem easy to say but for modern DevOps, agility is valued at the expense of security. We see time and again examples of where development and roll-out methodologies, such as continuous delivery, mean applications are exposed to threats each time they are modified. There’s no doubt it is extremely difficult to maintain a valid security policy and protect sensitive data in dynamic conditions without creating a high number of false positives. But we now find that this task has gone way beyond the capability of humans. Organisations now need machine-learning based solutions that map application resources, analyse possible threats, and create and optimise security policies in real time. Reaching this level in security planning should be a big wake-up call that security automation is an essential not a nice to have. Running security plans The board needs to know that investment is critical to protect their profits It’s critical that the security solution your company adopts protects applications on all platforms, against all attacks, through all the channels and at all times. The board needs to know that investment is critical to protect their profits. As such there are six things they need to know: Application security solutions must encompass web and mobile apps, as well as APIs. Bot management solutions need to overcome the most sophisticated bot attacks. DDoS mitigation must be an essential and integrated part of application security solutions. A future-proof solution must protect containerised applications, severless functions, and integrate with automation, provisioning and orchestration tools. To keep up with continuous application delivery, security protections must adapt in real time. A fully managed service should be considered to remove complexity and minimise resources. No amount of human power will beat the bots. That last point is the most critical. Skill is essential in designing and running security plans and policies that work. But the plans can’t be executed without automated tools. There are just too many decisions to make in a split second. Combining both is the path to an effective app protection strategy and a stronger brand to boot.
The industry faces numerous challenges in the coming year. Physical and cyber security threats continue to become more complex, and organisations are struggling to manage both physical and digital credentials as well as a rapidly growing number of connected endpoints in the Internet of Things (IoT). We are witnessing the collision of the enterprise with the IoT, and organisations now must establish trust and validate the identity of people as well as ‘things’ in an environment of increasingly stringent safety and data privacy regulations. Meanwhile, demand grows for smarter and more data-driven workplaces, a risk-based approach to threat protection, improved productivity and seamless, more convenient access to the enterprise and its physical and digital assets and services. Using smartphone apps to open doors Cloud technologies give people access through their mobile phones and other devices to many new, high-value experiencesEnterprise customers increasingly want to create trusted environments within which they can deliver valuable new user experiences. A major driver is growing demand for the ‘digital cohesion’ of being able to use smartphone apps to open doors, authenticate to enterprise data resources or access a building’s applications and services. Cloud technologies are a key piece of the solution. They give people access through their mobile phones and other devices to many new, high-value experiences. At the same time, they help fuel smarter, more data-driven workplace environments. With the arrival of today’s identity- and location-aware building systems that recognise people and use deep learning analytics to customise their office environment, the workplace is undergoing dramatic change. Improved fingerprint solutions Cloud-based platforms and application programming interfaces (APIs) will help bridge biometrics and access control in the enterprise, overcoming previous integration hurdles while providing a trusted platform that meets the concerns of accessibility and data protection in a connected environment. At the same time, the next generation of fingerprint solutions will deliver higher matching speed, better image capture quality and improved performance. The next generation of fingerprint solutions will deliver higher matching speed, better image capture quality and improved performance Liveness detection will ensure that captured data is from a living person. Biometrics authentication will also gain traction beyond access control in immigration and border control, law enforcement, military, defence and other public section use cases where higher security is needed. Flexible subscription models Access control solutions based on cloud platforms will also change how solutions are deployed. Siloed security and workplace optimisation solutions will be replaced with mobile apps that can be downloaded anywhere across a global ecosystem of millions of compatible and connected physical access control system endpoints. These connections will also facilitate new, more flexible subscription models for access control services. As an example, users will be able to more easily replenish mobile IDs if their smartphones are lost or must be replaced. Generating valuable insights with machine learning Machine learning analytics will be used to generate valuable insights from today’s access control solutionsEducation, finance, healthcare, enterprise, and other niche markets such as commercial real-estate and enterprises focussed on co-working spaces will benefit from a cloud-connected access control hardware foundation. There will be a faster path from design to deployment since developers will no longer have to create an entire vertically integrated solution. They will simply add an app experience to the existing access control infrastructure. New players will be drawn to the market resulting in a richer, more vibrant development community and accelerated innovation. Data analytics will be a rapidly growing area of interest. Machine learning analytics will be used to generate valuable insights from today’s access control solutions. Devices, access control systems, IoT applications, digital certificates and location services solutions, which are all connected to the cloud, will collectively deliver robust data with which to apply advanced analytics and risk-based intelligence. As organisations incorporate this type of analytics engine into their access control systems, they will improve security and personalise the user experience while driving better business decisions.
EVVA has upgraded its electronic access control system Xesar. "The EVVA developers have given Xesar 3.0 a total upgrade and equipped it with Service Pack 1,” said Erich Gärtner, Head of the Xesar Product Management department. With Service Pack 1, it is now even easier for EVVA partners and Xesar users to manage their facilities. It equips Xesar with a huge range of new features, while also making the system considerably more intuitive to use. User-friendly features "The new upgrades are all based on our principle of simple and intuitive operation. Our main objective was to make the new features as simple as possible for the user," according to Gärtner. One of the most important new features is, for example, that software updates can be run while the system is being serviced, saving time.Filter settings that need to be used repeatedly can be saved as presets in the user data The help messages are also new. They are displayed by clicking on question marks that are highlighted in yellow and can be hidden again with a click, without completing disappearing. They can answer questions about operating the device and explain particular input boxes, lists or fields. It is also now even easier to manage lists in the system: "For me, the filter preset function is one of the most user-friendly innovations," Gärtner said. Filter settings that need to be used repeatedly can be saved as presets in the user data. The number of presets is unlimited and they can be changed at any time. Automatic backups "There will now be automatic backups when you start and stop the system in the installation manager," Gärtner explained. You can specify a time for a backup to be performed every dayYou can, however, also specify a time for a backup to be performed every day or you can still run a backup manually. An automatic backup is performed before every update, which makes data loss almost impossible. It is especially easy to organise user groups. With Xesar 3.0, user groups can now be organised easily and can be customised according to your requirements. Existing user groups can be copied, altered and assigned either only read permission or full write permission. "All in all, top-notch service! The more than 25 other functions, which I could not list here, are proof of this," said Gärtner.
Security Essen 2018, held in Messe Essen, Germany, promised attendees a newly modernised trade show with a simplified layout and more interactive experience. Compared to previous years, halls were reorganised by technology area, with aisles laid out to make more direct pathways for attendees. The fair welcomed 950 exhibitors and more than 36,000 trade visitors from the global security market. Several manufacturers mentioned that footfall had been lighter than expected, but that the show had delivered on its promise to welcome more international visitors, in particular from the Middle East region. Exhibitors also grumbled about higher costs for booth space. Key security industry exhibitors Exhibitors expressed concern that the absence of key players reduced overall foot traffic Exhibitors praised the bigger aisles, which made it easier for visitors to navigate the show. However, some were unsure whether this was due to a better layout or simply because the show was missing key exhibitors. Notably absent were access control provider Dormakaba, security solutions company Honeywell, and surveillance providers Geutebruck and Dallmeier. Exhibitors expressed concern that the absence of key players reduced overall foot traffic. Security Essen hosted a particularly strong access control presence. Halls 2 and 3 were home to companies from across the access control and mechatronics spectrum. Sponsorship by EVVA covered the west entrance. The locking systems manufacturer, which celebrates its 100th anniversary next year, boasted significant floorspace. Exhibitors were pleased with the large access and locking presence, commenting that London-based IFSEC International tends to be dominated by video surveillance providers. EVVA, which celebrates its 100th anniversary next year, boasted significant floorspace Deep learning and artificial intelligence The push toward artificial intelligence (AI) in physical security continues, although the tone at Security Essen seemed to be shifting beyond hype and more toward how the technology can actually add value. For example, Hikvision’s cameras boasted more intelligence and processing power, and the company emphasised faster-paced product cycles. Customers ultimately do not buy AI – they buy benefits and solutions VIVOTEK embraced artificial intelligence as the biggest trend in the industry. The company demonstrated its latest deep learning technology for crowd detection applications. For Dahua, artificial intelligence allows users to easily search metadata in a video, including age and behaviour. Dahua demonstrated its solution for the transportation market, which is able to learn if a bus or train driver is falling asleep at the controls. However, some manufacturers chose not to focus on artificial intelligence. Representatives from Brivo and Eagle Eye Networks highlighted that customers ultimately do not buy AI – they buy benefits and solutions. Historically, video analytics were oversold and underdelivered, and the same could happen to AI if the term is overused in marketing security solutions. VIVOTEK embraced artificial intelligence as the biggest trend in the industry The German market & GDPR While the fair welcomed an increase in international visitors, many stands offered a distinctly German flavour. Exhibitors catered to German customers’ preference for data protection and high levels of privacy. Visitors were welcomed to the show by banners from Genetec, emblazoned with the slogan “Privacy matters… So, remember to forget me.” The video security provider’s stand demonstrated this concept more tangibly, via its Privacy Protector Module. The surveillance software, which is certified with the European Privacy Seal (EuroPriSe), monitors events while automatically pixelating people and vehicles in real time. If an incident occurs, an authorised operator can securely access the unaltered video. Visitors were welcomed to the show by banners from Genetec Other companies also acknowledged issues of privacy and cybersecurity. Hikvision noted that Europe is more regulated, which limits the implementation of the company’s products compared to those used in China. Dahua emphasised that its data for the German market is stored in Frankfurt to meet demands for data protection. IDIS made a point of saying there are no backdoors to their products. The deep learning products are easy to use and 96% accurate, says the company. FLIR has developed a cybersecurity hardening document, and strives to be transparent about cyber issues, including a web landing page where customers can raise any concerns. Vanderbilt is also pushing the cloud as a way forward with its ACT365 cloud-based access and video solution. Users are not intimidated by the cloud anymore since we all use it in our personal lives, says the company. Also on the access control side, EVVA were clear on the security of their AirKey mobile access system, which uses technology based on internet banking, double encryption and high-quality hardware. As well as demonstrating its SAROS thermal camera, FLIR strived for cybersecurity concerns to be addressed by customers Taking a broader view Nedap views security as being about allowing people to focus on their daily lives and work, safe in the knowledge that security is being taken care of. At the show, Nedap launched its new slogan ‘Security for Life’, stating that “true security is when you don’t have to think about it”. Nedap’s global client program represents a long-term commitment to projects. They are having more discussions with clients about risk management through standardisation and centralised policy.Solutions – as opposed to products – were also a focus at Security Essen, as at IFSEC before it Clients remain with Nedap because they keep investing in the platform, constantly updating the code and simplifying it to improve scalability for organisations, says the company. Nedap had one of the few double-decker booths at Security Essen. Solutions – as opposed to products – were also a focus at Security Essen, as at IFSEC before it. HID Global touted their extensive use of partnerships to provide solutions. SeeTec highlighted their move away from products to a more solution-based approach. FLIR, perhaps best known as a thermal camera company, were pushing their solutions approach to markets including intelligent traffic, smart city, video management and PSIMs. Nedap had one of the few double-decker booths at Security Essen Vertical markets in focus As vertical markets go, retail was big, and several players were offering some type of retail solution. Retail – along with banking, finance and transportation – was among Hikvision’s vertical markets of choice. Dahua's new panoramic cameras stitch together the image inside the camera instead of on the server SeeTec’s retail solution combines EAS with business intelligence and heat mapping. Dahua’s retail offerings include people counting and emotion detection, which can correlate with weather data, for example. Genetec also showcased a range of retail solutions. Technology improvements announced at Security Essen include FLIR's more robust FB6 series thermal line, Promise Technology's SMARTBOOST technology improved playback performance, and Videotec's cameras with better night performance. The extended 50m range of Optex's intrusion detection laser sensor reduces the need for cameras. Dahua's new panoramic cameras stitch together the image inside the camera instead of on the server. The Hanwha Techwin booth featured Korean flags and a “Korean at heart” motto to set the company apart Signs of the U.S. congressional ban There were signs at Security Essen of an impact of the recent U.S. ban on use of Hikvision and Dahua equipment in government installations, although both big Chinese manufacturers maintained a high profile at the German show. For example, the Hanwha Techwin booth featured Korean flags and a “Korean at heart” motto to set the company apart. Chinese camera manufacturer Uniview were keen to stress that they are not owned by Chinese government (neither is Dahua). Uniview’s all-IP camera line offers high resolution, low-light, multisensor and fisheye options, and AI software provides facial recognition, object detection, and fire and smoke detection at the edge. The company aims to increase its global presence with more international branch offerings and international factories.
EVVA's electronic system range has been extended by the electronic cam lock. It can be integrated into any AirKey and Xesar system. "This means that EVVA's electronic product range is becoming even more versatile," Sabine Ribits, product manager at EVVA, explains. Be it for sensitive areas, such as pharmaceuticals cabinets, display cases with valuable contents at jewellers' or even lockers in sports facilities, letterboxes in residential developments or distributor cabinets – electronic cam locks are the ideal addition to a Xesar or AirKey access control system. Compliant with GDPR They are easy to install and even easier to manage in the software as they are integrated just like all other electronic components. Here at the EVVA head office in Vienna we provide the best example: we offer pickup lockers at the shipping department that are equipped with electronic cam locks. "As a result, EVVA Partners in Vienna can pick-up their goods 24/7 whenever it suits them and must no longer observe opening times," Ribits adds. Locking direction and cam lock designs are oriented to the EVVA mechanical locking systems" The new electronic cam lock can be flexibly adapted depending on the installation situation thanks to the shorter cylinder length. The fixed cam (FVS) is also a new feature. Here the thumb turn is blocked when the cam lock is disengaged. In addition, any locking operation as part of this function is logged in compliance with data protection regulations. Electronic cam lock "One key objective was to offer our partners an important product extension without complicated ordering processes. For this reason, locking direction and cam lock designs are oriented to the EVVA mechanical locking systems." All cams from our mechanical locking system range are also available for the electronic cam lock. They can be ordered and delivered in three variants with MB19, MB22 and MB27 thread diameters. Visitors are welcome to test the new cam lock at Security Essen between 25th and 28th September at the EVVA fair stand, hall 3, stand 3F69.
5 steps to finding the right access control system for youDownload
Why outdated access control systems are a big problemDownload
Five things to consider for AI with video technologyDownload
- Traka provides key management solution to keep track of authorised access at the London Clinic
- ASSA ABLOY helps Vejle Friskole staff to reduce key management time with its SMARTair® system
- Matrix COSEC time-attendance and access control solutions enhance IndiaNivesh’s financial services
- IGNIS Fire Protection Services installs Inner Range’s Inception system at a cosmetic surgery clinic in Birmingham