Touchless Biometric Systems (TBS) Access Control Softwares

Insider threat programmes started with counter-espionage cases in the government. Today, insider threat programmes have become a more common practice in all industries, as companies understand the risks associated with not having one. To build a programme, you must first understand what an insider threat is. An insider threat is an employee, contractor, visitor or other insider who have been granted physical or logical access to a company that can cause extensive damage. Damage ranges from emotional or physical injury, to personnel, financial and reputational loss to data loss/manipulation or destruction of assets. Financial and confidential information While malicious insiders only make up 22% of the threats, they have the most impact on an organisation Most threats are derived from the accidental insider. For example, it’s the person who is working on a competitive sales pitch on an airplane and is plugging in financial and confidential information. They are working hard, yet their company’s information is exposed to everyone around them. Another type of insider, the compromised insider, is the person who accidentally downloaded malware when clicking on a fake, urgent email, exposing their information. Malicious insiders cause the greatest concerns. These are the rogue employees who may feel threatened. They may turn violent or take action to damage the company. Or you have the criminal actor employees who are truly malicious and have been hired or bribed by another company to gather intel. Their goal is to gather data and assets to cause damage for a specific purpose. While malicious insiders only make up 22% of the threats, they have the most impact on an organisation. They can cause brand and financial damage, along with physical and mental damage. Insider threat programme Once you determine you need an insider threat programme, you need to build a business case and support it with requirements. Depending on your industry, you can start with regulatory requirements such as HIPAA, NERC CIP, PCI, etc. Talk to your regulator and get their input. Everyone needs to be onboard, understand the intricacies of enacting a programme Next, get a top to bottom risk assessment to learn your organisation’s risks. A risk assessment will help you prioritise your risks and provide recommendations about what you need to include in your programme. Begin by meeting with senior leadership, including your CEO to discuss expectations. Creating an insider threat programme will change the company culture, and the CEO must understand the gravity of his/her decision before moving forward. Everyone needs to be onboard, understand the intricacies of enacting a programme and support it before its implemented. Determining the level of monitoring The size and complexity of your company will determine the type of programme needed. One size does not fit all. It will determine what technologies are required and how much personnel is needed to execute the programme. The company must determine what level of monitoring is needed to meet their goals. After the leadership team decides, form a steering committee that includes someone from legal, HR and IT. Other departments can join as necessary. This team sets up the structure, lays out the plan, determines the budget and what type of technologies are needed. For small companies, the best value is education. Educate your employees about the programme, build the culture and promote awareness. Teach employees about the behaviours you are looking for and how to report them. Behavioural analysis software Every company is different and you need to determine what will gain employee support The steering committee will need to decide what is out of scope. Every company is different and you need to determine what will gain employee support. The tools put in place cannot monitor employee productivity (web surfing). That is out of scope and will disrupt the company culture. What technology does your organisation need to detect insider threats? Organisations need software solutions that monitor, aggregate and analyse data to identify potential threats. Behavioural analysis software looks at patterns of behaviour and identifies anomalies. Use business intelligence/data analytics solutions to solve this challenge. This solution learns the normal behaviour of people and notifies security staff when behaviour changes. This is done by setting a set risk score. Once the score crosses a determined threshold, an alert is triggered. Case and incident management tools Predictive analytics technology reviews behaviours and identifies sensitive areas of companies (pharmacies, server rooms) or files (HR, finance, development). If it sees anomalous behaviour, it can predict behaviours. It can determine if someone is going to take data. It helps companies take steps to get ahead of bad behaviour. If an employee sends hostile emails, they are picked up and an alert is triggered User sentiment detection software can work in real time. If an employee sends hostile emails, they are picked up and an alert is triggered. The SOC and HR are notified and security dispatched. Depending on how a company has this process set-up, it could potentially save lives. Now that your organisation has all this data, how do you pull it together? Case and incident management tools can pool data points and create threat dashboards. Cyber detection system with access control An integrated security system is recommended to be successful. It will eliminate bubbles and share data to see real-time patterns. If HR, security and compliance departments are doing investigations, they can consolidate systems into the same tool to have better data aggregation. Companies can link their IT/cyber detection system with access control. Deploying a true, integrated, open system provides a better insider threat programme. Big companies should invest in trained counterintelligence investigators to operate the programme. They can help identify the sensitive areas, identify who the people are that have the most access to them, or are in a position to do the greatest amount of harm to the company and who to put mitigation plans around to protect them. They also run the investigations. Potential risky behaviour Using the right technology along with thorough processes will result in a successful programme You need to detect which individuals are interacting with information systems that pose the greatest potential risk. You need to rapidly and thoroughly understand the user’s potential risky behaviour and the context around it. Context is important. You need to decide what to investigate and make it clear to employees. Otherwise you will create a negative culture at your company. Develop a security-aware culture. Involve the crowd. Get an app so if someone sees something they can say something. IT should not run the insider threat programme. IT is the most privileged department in an organisation. If something goes wrong with an IT person, they have the most ability to do harm and cover their tracks. They need to be an important partner, but don’t let them have ownership and don’t let their administrators have access. Educating your employees and creating a positive culture around an insider threat programme takes time and patience. Using the right technology along with thorough processes will result in a successful programme. It’s okay to start small and build.

Growing up, I was surrounded by the military way of life as my father was a Captain in the Marine Corps during the Vietnam War and my grandfather and uncles all served in the military. Even from a young age, I knew I was going to serve our country. My 22-year career in the military includes serving in the United States Air Force, the California Air National Guard and as a reservist assigned to an active-duty Air Force unit. Training and development operations Over the course of my military career, I held a variety of assignments from starting out as a Gate Guard to becoming a Flight Chief and Non-Commissioned Officer in Charge (NCOIC) of a Security Forces section. I retired from the military as a Master Sergeant. After my deployment to Afghanistan, I joined Allied Universal as a security director. My 17-year career at Allied Universal encompasses roles including Service Manager and General Manager at the West Los Angeles Branch and leading the Training and Development operations and Fire Life Safety Division. In 2008, I was tasked to develop and implement the company’s Healthcare Division. Attaining meaningful employment opportunities Below are just a few reasons why the physical security sector is a natural fit for military veterans: Self-Discipline and Organisation Coveted in Security Sector - I believe that the skills learned in the military, such as self-discipline and organisation, have provided the necessary tools to be successful. I truly enjoy working with other veterans at my company as we all know that we can count on each other to get the job done right. This bond and sense of commitment to each other is always there. Multi-faceted Career Paths Available - The security sector also offers veterans the ability to attain meaningful employment opportunities with multi-faceted career paths. A veteran’s background and experience are highly valued in this sector and there are many positions to match our skill sets and expertise. The responsibility we have for those in our charge is really not any different than what we have learned in the military. Team Players - Teamwork is a lesson all military veterans learn. In the military, you live and work together, and are taught to support your team members and efficiently collaborate with the people around you. This is an invaluable skill in the security sector whether you are seeking an entry level or management position. No Military to Civilian Decoder Needed - Veterans need a ‘military to civilian decoder’ system to help explain the significance of their military skills and how they translate to the general employment landscape. The physical security sector, however, understands the language of the military and don’t generally require that military responsibilities be coded into language that non-military can understand. Securing mid-level appointments The physical security sector features a wide variety of jobs from entry level, middle management to senior positions. A retired veteran with a pension may look to the security sector for part-time or full-time entry level work. Other former military, who are not eligible for retirement benefits, may secure mid-level appointments with the goal of climbing the ladder to the highest rungs. The flexibility and opportunity are unparalleled in the security sector. Veterans generally enter the workforce with identifiable skills that can be transferred to the physical security world and are often skilled in technical trends pertinent to business and industry. And what they don't know, they are eager to learn - making them receptive and ready hires in physical security environments that value ongoing learning and training.

The jury is in: traditional security is out — and it’s being replaced with service-based solutions. The bottom line is: if you’re not embracing it, you’ll soon be left behind. XaaS — the collective term referring to the delivery of anything as a service — includes all services made possible through the use of the cloud. Security-as-a-Service (SaaS), which encompasses any type of system from access control to video surveillance, has paved the way for users to gain significant functionality and scalability not previously experienced with more traditional methods. Complicated IT functions SaaS allows manufacturers to provide numerous benefits to their customers As such, there is a marked transition for manufacturers from simply designing and building products to providing a service rooted in a partner- and customer-centric focus. This change hasn’t come easily. Some are still holding out and waiting for the “fad” to pass. However, the potential advantages for all parties involved far outweigh the perceived negative points. First and foremost, SaaS allows manufacturers to provide numerous benefits to their customers. An “as-a-service” model shifts the burden of data maintenance and infrastructure spending to an integrator/dealer partner or service provider. This relieves the end user of the expertise necessary to implement complicated IT functions to keep networked and on-premise solutions up-to-date. Traditional security systems Additionally, end users demand solid customer service. For some end users, traditional security systems are so similar in features and functionality that the key differentiator is the ability of the integrator or manufacturer to provide exceptional customer service and training. This is made possible through the service-based model, where customers appreciate a strong relationship with their integrator or manufacturer that provides them with additional knowledge and assistance when necessary. The cloud has proven to be  highly functional, flexible, and convenient for organisations Everyone also wants convenience. In the consumer market, we invest in things like meals that are pre-measured, prepped, and ready to be cooked, or companies that auto-ship dog food to our door each month. This ease-of-use translates over to the B2B market, where time is money and systems that save valuable resources are highly regarded. The role of the cloud The cloud has proven to be a highly functional, flexible, and convenient method for organisations to leverage as part of their strategies to protect and modernise their facilities. And the service-based nature lends itself well; forward-thinking integrators and dealers can diversify their product arsenal while still capitalising on a recurring monthly revenue model (RMR). But then why has there been so much resistance to this change? Over the last 10 to 15 years, the cloud has gotten a bad rap for a myriad of reasons, including usability, management, and unreliability. However, that view of the cloud is changing for the positive as the technology becomes more advanced and innovators learn more about what it means to design a product or service with security at its core. "As-a-service” platform For example, one of the biggest misconceptions that plagues the cloud is the idea that it is not secure. However, the security of public cloud service providers is integral to their success because their business depends on it. Developing an ongoing and trustworthy relationship with customers can only be made possible through the assurance that their services are safe and the customer’s data is protected. As such, they’ve embraced the service-based model that is, at its core, the future of the business world as we know it. There isn’t a person, manufacturer, or integrator partner out there today who isn’t somehow touched or influenced by an “as-a-service” platform. And it’s about time the service-based model that leverages the public cloud reaches the masses.

Nedap and Touchless Biometric Systems (TBS) are hosting the first Security Integration Forum in the Middle East on 7th October 2019. Held at the Conrad hotel on Sheikh Zayed Road in Dubai, it will bring together technology businesses and experts. The aim is to enable discussion of the latest security industry trends and potential collaborations, and showcase advanced technologies and integrations. The highlight of this first Security Integration Forum is the live experience area. Here, in a live demo of a smart building, attendees can experience seamless integrations of technologies from TBS, and other manufacturers, with Nedap’s AEOS access control. Visitor registration and management The integrations on show will be from best-of-breed solution providers and security equipment manufactures It’s also an opportunity to learn more about the commercial and operational value offered by AEOS and TBS integrations. The integrations on show will be from best-of-breed solution providers and security equipment manufactures. This includes Milestone Systems, Axis communication, CNL Software, Samsotech, Traka, Assa Abloy and Boon Edam, as well as Nedap Identification Systems. The scenarios and features available to experience include: End-to-end security for access control Visitor identification and verification using biometrics Visitor registration and management Vehicle identification Key and asset management Wireless access control using online and offline locks Video management systems and CCTV Physical security information management Identifying new opportunities and partnerships All of the businesses involved will present the technology trends in their business area and market" Jochem van Ruijven, Managing Director at Nedap FZE says: “With this event, we aim to display the incredible strength and expertise of each participating technology partner. All of the businesses involved will present the technology trends in their business area and market.” “It’s an amazing opportunity for security industry experts in the Middle East to come together and get to know the people behind the leading security manufacturers. Not to mention the chance to identify new opportunities and partnerships for their business. More than ever before, decision makers must provide both security and convenience,” says Alex Zarrabi, CEO of TBS and co-host of the Security Integration Forum. “This calls for integrated rather than isolated solutions. Navigating the maze of technologies and interoperability takes more time than people have available. But during a few hours at our forum, decision makers can experience what happens when best-of-breed security manufacturers join forces to solve their challenges.”

Access control manufacturer Inner Range announces a new integration with Swiss firm Touchless Biometric Systems AG (TBS). Users of Inner Range’s award-winning intelligent access control system Integriti can now use a range of biometrics credentials via TBS. A connected USB ‘enrolment station’ allows biometrics to be assigned to synchronised Integriti users. TBS offers one of the widest selections of biometric readers for all applications: all with a triple layer of template and data encryption. The portfolio includes touchless, 3D-Multiview finger scan, multispectral for rough environments, iris, optical and capacitive sensors to confirm user credentials. Access control systems Biometrics offer an extra layer of security for clients by providing unique credentials for each user" Tim Northwood, General Manager at Inner Range, said: “Biometrics offer an extra layer of security for clients by providing unique credentials for each user and reducing the risk of credential theft or cloning. In lower risk applications, biometrics may make it easier for users too because they don’t have to remember a smartcard or PIN number to gain the access they need.” “We were impressed with TBS’s products and the way the firm’s biometric scanners and readers can be integrated to access control systems of all sizes and complexities. We are confident this new integration will be of significant interest for new and existing clients.” Biometric security features Philippe Niederhauser, Head of Sales for TBS, said: “The push for digitalisation of all kinds of processes is pulling for seamless integration. We are extremely proud that Inner Range has decided to work with TBS. We see here a perfect synergy - Inner Range’s Integriti offers scalability and ease of use and TBS enhances these with unique biometric security features.” Integration with a wide range of third-party systems turns Integriti into a complete security management system Inner Range’s Integriti delivers an intelligent integrated security solution ideal for managing and controlling single and multiple sites at local, national and global levels. Integration with a wide range of third-party systems turns Integriti into a complete security management system, managing not only security and building automation but also people and business continuity processes such as HR, payroll, health & safety and other regulations. Intelligent security solutions Its advanced reporting functionality also enables organisations to gain valuable insight and evidence for business improvement and other core business functions. Inner Range has been a pioneer in the design and manufacture of intelligent security solutions since it was established in 1988. More than 150,000 Inner Range systems have been installed in over 30 countries. Customers include hospitals and high-security units, colleges, distribution centres and pharmaceutical companies, government and critical national infrastructure.

TBS Biometrics introduces a revolutionary reader, featuring combined iris algorithm and face detection. Its distinctiveness comes from the combination of eye and face detection that makes an even more robust accuracy. The sensor captures the iris of both eyes while the face sensor is used to automatically distinguish the height of the users and adjust. All biometric devices have their advantages and limitations. Where popular face recognition still struggles is with high accuracy however, it is very intuitive and simple to use. Iris recognition extremely accurate but is still not user-friendly. 2D Eye's face detection interaction is most convenient for users, while its iris-based identification guarantees highest levels of accuracy delivered by modern technology Multi-modal identification The TBS 2D Eye overcomes limitations by combining the best of both worlds. Its face detection interaction is most convenient for users, while its iris-based identification guarantees highest levels of accuracy delivered by modern technology. For even further user comfort, the reader adjusts itself automatically to the height of users. Additionally, the 2D EYE allows multi-modal identification by PIN and RFID. The 2D Eye is part of the TBS Ecosystem and manufactured by CMITech, a leader in the biometric Iris industry. All TBS Ecosystem products comply with TBS quality standards while developed by a third-party manufacturer and fully integrated by TBS R&D within the powerful TBS Biometric subsystems (web based software/server with biometric core). It adds an additional masterpiece to one of the most complete biometric portfolios. From corporate offices to airports, government to healthcare, research centres and critical infrastructures, the TBS 2D Eye will be the right solution where security is paramount Optimal security solution With a sleek and attractive design, its screen allows for a great deal of interactivity, customisation and notably gives the opportunity for the user to see themselves during capture process, similar to facial recognition. Pilot users acclaimed the exceptionally comfortable experience as opposed to traditional iris-based technologies. This has established that the 2D Eye meets the expectations from the users for a ‘touchless’, convenient and rapid identification. From corporate offices to airports, government to healthcare, research centres and critical infrastructures, the TBS 2D Eye will be the right solution where security is paramount. With the 2D Eye, TBS is even more at the forefront of integrated biometric solutions. Two touchless biometric sensors and four different touch-based fingerprint sensor technologies, complete a compelling portfolio at the disposal of countless system integrators to provide seamless biometric solutions for access control and attendance. TBS, Secure by Nature.