Apollo Security showcased integration software at ISC West 2011
Apollo Security showcased integration software at ISC West 2011

Apollo Security will be demonstrating advanced Universal Video Integration, OPC support, FIPS 201 and TWIC support at ISC West. Contact Apollo if you would like to schedule a private demonstration of these developments.Among the products on show will be Apollo Security's APACS software. The APACS software is designed for Apollo-based integrated security systems. It provides management of the access control system and performs information exchange and coordination between all subsystems, including: alarm monitoring, fire protection, analogue / IP live and recorded video, HVAC, paging, lighting, elevator control, visitor management and badging. In addition, APACS also provides data exchange with third party human resources, time and attendance and visitor management packages. Using PC with the Windows based operating system; APACS effectively performs in both small single computer systems and large-scale integrated client-server systems using TCP/IP protocol. In multi-user applications a powerful computer is used as a dedicated database server to process queries from all APACS workstations. Users can select between Firebird, Interbase, Oracle and MS SQL databases. APACS software is available in three packages: Pro, Standard and Lite. APACS Lite provides basic reliable access control. If features text-based on-line event display, alarm linkage on hardware level, event retrieval and sorting, elevator control and other functions.APACS Standard includes graphic maps, alarm display, live video, hardware status tree and badging.APACS Pro is an advanced security management software package. It integrates access control with digital and analogue video equipment, visitor management systems, HVAC and lighting control systems, public announcement and paging systems. Distinctive feature of APACS Pro is built in reaction mechanism. Any event, time zone, card or PIN read can trigger a reaction. Possible reactions can be DVR/CCTV control by signals from readers or alarm inputs, HVAC and lightning system control by time zones, audible alarms to operator, transmission of alarm messages to pagers, roll call, execution of external programs or activation of external systems. Reactions can be unconditional - immediate response to specified event, or conditional - an operator will be prompted with a list of possible reactions; default reaction will be executed if operator does not respond to the prompt. Reaction mechanism removes some of the operator workload and increases security, ensuring that important events will be noted. For example, APACS Pro can automatically arm the building as the last person leaves, and turn on the lights and air conditioning as the first person is granted access in the morning, or it can be configured so that personnel can use a special PIN (i.e. 911) to notify guards of emergency situations from the nearest reader with a keypad.Other APACS Pro features include live video verification, roll call and extended personnel reports. With its flexible modular structure, user friendly design, single and multi-user capabilities, and three different options, APACS can provide a solution that meets the customer's requirements today and in the future. The APACS software package consists of six modules: Alarm Mode, System Configuration, Cardholder Database, Report Generation, Visitor Management Web Interface, and External Reports. This special modular structure provides additional security and convenience by distributing tasks to difference operators. The systems can be monitored, controlled and configured from any workstation, provided the required module is installed and the operator has the appropriate permission.Features:Windows 2000/XP/2003/Vista/Windows 7 operating systemsFirebird, Oracle or MS SQL (including MS SQL 2008) database management systemSingle and multi-user applicationsMore than 50 workstationsIntuitive, user-friendly interfaceUnrestricted number of controllers, readers, and alarm panelsModular structureMultiple card formatsOnline help255 access levels, 6 access levels per card, individual access levels (precision)Elevator ControlDuress communicationDatabase conversion utilities

Add to Compare

Access control software - Expert commentary

Protect physical assets from cyber-attacks
Protect physical assets from cyber-attacks

Recent cyber-attacks have disabled and even shut down physical assets. Robust foundational security and training staff, able to recognise an attack can help mitigate the threat, as ABB’s Rob Putman explains. Edge devices and data analytics As cyber security specialists, we must navigate an ever-changing threat landscape, one that is made even more complex by the increased interconnectivity between Operational Technology (OT) and Information Technology (IT), as companies look to leverage edge devices and data analytics, as well as remote connectivity, in the wake of the COVID-19 pandemic. As the threat surface evolves, the industry must guard against attacks on key physical infrastructure, carried out by a range of malicious actors, including nation states and criminals intent on blackmail. The chemicals sector, a high-value target for cyber-criminals Cyber-criminals view the chemicals sector, as a high-value target, because of the potential cost In 2017, not long after a ransomware attack that targeted Maersk, the world’s largest shipping firm, made the news around the world. Another cyber-attack, this time targeting physical industrial assets, generated fewer headlines, and yet could have resulted in both real, as well as financial, damage. Cyber-criminals view the chemicals sector, as a high-value target, because of the potential cost, both financial and reputational, to the operator, should production be interrupted or stopped entirely. Cyber security vulnerabilities put physical assets at risk The attack in question, a ‘Triton’ custom malware attack on a petro-chemical facility in Saudi Arabia, targeted a safety system, taking over system controllers. Bugs in the code triggered an emergency shutdown, but could have led to the release of toxic and explosive gases. It was a vivid reminder of how cyber security vulnerabilities are increasingly putting companies’ key physical assets at risk. Two more-recent high-profile incidents illustrate my point. In February, a Florida water treatment plant was hacked. The malicious actor remotely accessed the system for three to five minutes, during which time they opened various functions on the screen, including one that controls the amount of sodium hydroxide (NaOH) in the water. The hacker changed the NaOH from about 100 parts per million to 11,100 parts per million, which could have resulted in a mass poisoning event. Colonial Pipeline cyber-attack incident Then, in May, the Colonial Pipeline system that originates in Houston, Texas and carries gasoline, and jet fuel, suffered a ransomware attack. Using a VPN, hackers targeted back-office IT systems, forcing Colonial to shut down IT hosts and network infrastructure, severing communication with those OT systems that are responsible for communicating ‘transactional data’ associated with fuel delivery. In this instance, a single compromised password disrupted Colonial’s ability to invoice its customers. This dependency on OT data stopped pipeline and business operations, and the company was elected to pay the hackers an initial ransom of US$ 4.4 million, in order to restore operations. The Colonial attack was multi-dimensional, in that it not only impacted Colonial’s business, but also the wider US economy and national security, since the pipeline transports nearly half of the east coast's fuel supplies. Outdated IT system elevates physical risk The increased interconnectivity between IT and OT can also create vulnerabilit Attacks such as these prove that, armed with little more than a laptop, an email account and access to the dark web, determined hackers can cause disproportionate damage to physical infrastructure. As mentioned at the outset, the increased interconnectivity between IT and OT can also create vulnerability. Producers often want to know: Is it risky to connect a production asset or their operational environment to the Cloud? My answer is, if you do so without having done any risk audits around people, processes and technology, or without enhancing and maintaining that environment, then yes, that is risky. For example, we often observe that the life cycle of a production asset far outlasts the IT systems that are used to run it. Take a cement kiln. Several generations of plant operators may have come and gone, but that asset may still run, using legacy software, such as Windows XP and why not? Need to replace aging distributed control systems Well, that’s fine, if you are not concerned about having that asset compromised, and all that entails. A ‘flat’ IT network, an aging distributed control system, and machines with legacy versions of Microsoft Windows, all these elements, which are still commonplace in many industries, make it much easier for attackers to find and infiltrate a company, without needing sophisticated tools. The age-old mantra of not interfering with a piece of equipment or software that appears to be working, often applies to the individual assets. For example that cement kiln that are still controlled by the same Windows XP-based control software. However, if we’re honest, things have changed quite a bit, not because something was broken, but because innovation came in. That same kiln control system is most likely connected to other systems, than when first commissioned and that opens it to exposure to threats that it was never designed for. The human element There is a misconception that IoT-connected devices can open companies to risk There is a misconception that IoT-connected devices can open companies to risk, but many recent, high-profile cyber-attacks have been conducted from a laptop, by hacking someone’s VPN, or are a simple phishing/malware attack. In all these cases, the human element is partly to blame. Take the Florida attack. The compromised computer at the water treatment facility was reportedly running an outdated Windows 7 operating system and staff all used the same password, in order to gain remote access via the Teamviewer app, which the hacker was then able to use. Physical and human assets, key to robust cyber security Discussion on the best way to mitigate the threat is often framed solely around specific technical solutions and ignores the fact that robust foundational cyber security is really driven by two very different, but equally important, types of capital: physical assets (e.g. production machinery), and human assets. The truth is that smart digital software and industry-renowned cyber security applications, while critical, are in many cases, only as good as the weakest human link in the chain. Industry would, therefore, do well to ask itself the following question: Do we have a security problem, or a complacency problem? At this juncture, it is important to point out that the majority of companies that ABB works with, are at least aware of the threat posed by cyber attackers, and the potential impact of an attack, on their revenues, reputation and bottom line. User error and human-generated exposures Making sure staff are aware of the threat and training them to respond properly, if they are targeted, is vital However, user error and human-generated exposures are where most of these attacks occur. Those human failures are mostly not due to malicious intent from employees, but to the lack of training of the employees on secure behavior. Making sure staff are aware of the threat and training them to respond properly, if they are targeted, is vital. However, there are also age demographics at play here. Much of the operations employee base is heading towards retirement and often, there is no plan or ability to backfill these people. Need to invest in new digital and automated technologies If you think you don't have enough people now, in order to stay on top of basic care and feeding of the OT environment, with regards to security, what is that going to be like in 20 years? For this reason, there must be a major industry reset, when it comes to its workforce. Companies must invest in new digital and automated technologies, not only to ensure that they stay ahead of the curve and mitigate risk, but also to attract the next generation of digitally literate talent. Robust cyber security is built on solid foundations When we talk about foundational cyber security, we mean fundamentals, such as patching, malware protection, high-fidelity system backups, an up-to-date anti-virus system, and other options, such as application allow-listing and asset inventory. These basic controls can help companies understand their system setup and the potential threats, identify vulnerabilities, and assess their risk exposure. The Pareto principle states that around 80% of consequences come from 20% of the causes. In the context of cyber security, that means 80% of exposure to risk comes from 20% of the lack of security. If companies do the foundational things right, they can manage out a significant amount of this risk. Importance of maintaining and upgrading security controls However, having basic security controls, such as anti-virus software in place, is just the first step on that journey. Equally important is having someone within the organisation, with the requisite skill set, or the extra labour bandwidth, to operate, maintain and update those security controls, as they evolve. Educating, training and recruiting existing employees, and the next generation of talent, along with forging partnerships with trusted technology providers, will ensure that industry can leverage the latest digital technologies, in order to drive business value, and secure physical assets against cyber-attacks.

The robotic transformation of the security industry
The robotic transformation of the security industry

The COVID-19 pandemic is only accelerating the expansion of Automation, Robotics, Machine Learning (ML) and Artificial Intelligence (AI), and changing how people live their daily lives. This expansion leads the way with technologies that are developed to solve problems, improve operations, streamline processes and assist people, to focus on learning new skills, creativity, and imagination. Transformation of the physical security industry One of the latest industries to be permanently transformed is physical security. The era of utilising security cameras is slowly changing into more advanced and more efficient technological applications - security robotic solutions. SMP Robotics is a California-based company, which is a pioneer in developing robotic technologies, powered by AI, to assist, improve and deliver on new expectations in today’s world. One of their services is smart surveillance systems. This represents a proactive approach to security. The company, SMP Robotics’ Founder and Chief Executive Officer (CEO), Leo Ryzhenko, stated “Autonomous robotic technologies will become a driving force in future security solutions.” Robotics and AI in autonomous security solutions The robots can patrol 24/7, counteracting intrusion and communicating via voice message with guards The company uses robotics and AI technology to implement autonomous security solutions, which reduce liability and overhead, as well as improving the quality of services. Robotic guards are capable of patrolling all types of facilities, in both urban and rural contexts. The robots can patrol 24/7, counteracting intrusion and communicating via voice message with guards. The inspection robots, deployed by SMP Robotics, are easily integrated with many existing security technologies, armed with obstacle avoidance and anti-collision measures, automatically recharge, and can recognise faces up to 50 metres. As the world grows increasingly complex, technology like this is essential to ensure safety for all. AI-enabled autonomous video monitoring ground vehicles The advancements in technological breakthroughs of SMP Robotics position the company and its AI-powered, autonomous video monitoring ground vehicles, to be the most adaptable to any industry, cost-effective for clients’ business needs, in providing various types of services from public safety, crime prevention, to asset protection and physical security. SMP Robotics continues to implement new innovative solutions and groundbreaking technologies in its latest generation of autonomous models. Currently, many were already deployed or in a process to be delivered to a number of key clients, in various industries throughout the globe, from oil & gas, nuclear power plants to data centers, healthcare facilities, and amusement parks. Smart security robots Tal Turner, the Vice President (VP) of Business Development and Partnerships, SMP Robotics, said “We provide autonomous, artificial intelligence, all-weather, all-surface, smart security robots that are turnkey and operate independently on their own, using real-time obstacle avoidance, face recognition, and other cutting-edge technological advancements.” According to Coherent Market Insights, the Robots as a Service (RaaS) market direction will grow by 15.9% by 2028 and reach the threshold of 41.3 billion dollars. SMP Robotics stands at the forefront of the security robotic revolution, making an impactful change to make the world a safer place.

The EU called for a ban on police use of facial recognition but not commercial use. Why?
The EU called for a ban on police use of facial recognition but not commercial use. Why?

Recently, the European Parliament called for a ban on police use of facial recognition. In the US, too, some cities have restricted police use of facial recognition. The first question that comes to mind is - why ban police from using technology that is allowed to private companies? Point of difference The key difference between the way police use facial recognition and the way commercial facial recognition products work is that: The police get a picture of a suspect from a crime scene and want to find out: "Who is the person in the picture?" That requires as wide a database as possible. Optimally - photos and identities of all the people in the world. Commercial facial recognition products such as those used by supermarkets, football stadiums, or casinos answer different questions: "Is the person in the picture on the employees' list? Is the person in the picture on a watch-list of known shoplifters?" To answer these questions doesn't require a broad database but rather a defined list of employees or a watch-list of specific people against whom there is an arrest warrant or a restraining order. Use of facial recognition AnyVision helps organisations leverage facial recognition ethically to identify known persons of interest "Facial Recognition Apps Should Be Provided to the Police with an Empty Database". This is exactly the subject of the open letter sent by AnyVision, to the British Biometrics and Surveillance Camera Commissioner, Prof. Fraser Sampson, titled: "Facial Recognition Apps Should Be Provided to the Police with an Empty Database". AnyVision recently raised $235M from Softbank and another leading VCs is a visual AI platform company that helps organisations across the globe leverage facial recognition ethically to identify known persons of interest, including shoplifters, felons, and security threats. Ethical use of facial recognition AnyVision CEO Avi Golan wrote, "The ethical use of facial recognition is a thorny one and requires a nuanced discussion. Part of that discussion has to explain how facial recognition works, but, just as important, the discussion must also involve how the technology is used by police departments and what checks and balances are built into their processes.” “We recommend building their watchlists from the ground up based on known felons, persons of interest, and missing persons. Some facial recognition solution providers have scrapped billions of photos and identities of people from social networks, usually without their consent." "Unfortunately, this method of facial recognition has justifiably angered privacy groups and data protection agencies around the globe and damaged the public trust in accuracy and reliability of facial recognition systems.” Preventing invasion of citizen’s privacy We believe an unjustified invasion of citizens' privacy can be prevented, false arrests can be reduced" “We believe that lists of suspects should be limited and justified. In this way, unjustified invasion of citizens' privacy can be prevented, false arrests can be reduced and public confidence in technology can be increased.” Golan added: "AnyVision is willing to share its industry insights and best practices from our vast research experience with leading global players, including name-brand retailers, global hospitality and entertainment companies, and law enforcement agencies from around the world.” Balancing public order and crime prevention “If the regulations set forth by Surveillance Camera Code of Practice are committed to the principles outlined above, then law enforcement agencies can strike the right balance between the need to maintain public order and prevent crime with the rights of every person to privacy and non-discrimination before the law." Recently Clearview AI CEO told Wired; the company has scraped 10 billion photos from the web - 3 times more than was previously known.

Latest Apollo Security news

Apollo Security appoints security expert Reuben Rebullar as Director of Engineering
Apollo Security appoints security expert Reuben Rebullar as Director of Engineering

Apollo Security, a premier provider of access control and alarm monitoring solutions for over 30 years announces the appointment of Reuben Rebullar as Director of Engineering. Mr. Rebullar will be responsible for ongoing development and expansion of Apollo’s robust open hardware platform and feature rich software platform. Integrated security systems expert Mr. Rebullar joins Apollo with 12 years of experience in the hardware and software industry, most recently serving as Engineering Manager at Mercury Security in Long Beach, CA. He will oversee the development of Apollo’s fast-growing ASP Series Network Clustering Integrated Controllers as well as APACS software platform. While known primarily for integrated security systems, Apollo has been providing OEM hardware solutions for the entire life of the company and recently established ApolloEM as a division dedicated to sales and support for software developers and advanced system integrators. “We are delighted to welcome Reuben to the Apollo family and look forward to the new exciting innovations he and his team will deploy for our customers,” commented Clifford Crane, Managing Director of Apollo.

ADME of Apollo Security Access Control announces new division for Software OEM and Integration partners
ADME of Apollo Security Access Control announces new division for Software OEM and Integration partners

ADME, Inc., parent company of Apollo Security Access Control has announced creation of a new division for sales and support exclusively for its Software OEM and Integration partners. This new division, named ApolloEM, will be responsible to provide support for industry partners that use Apollo’s hardware platforms along with their own software solutions. “Providing hardware-only solutions to our partners has been a significant part of Apollo’s business since the very beginning,” explained William Lorber, Vice President of Sales and Marketing. “Establishing a separate division to strengthen our role as an Access Hardware OEM became logical as more partners are coming on board to utilise our new product line.” Lorber went on to explain that Apollo’s new ASP Series Controllers allow easy integration as well as post-factory customisation with App Scripting.” ASP-4 integrated controller/reader interface The flagship of the new hardware series, ASP-4 is a four-door integrated controller/reader interface designed for secure, high volume applications. In addition to expansion options via OSDP to support up to 20 readers, the ASP-4 can work in a network device cluster to support up to 128 doors working as a single management unit. Other features such as a native Open Platform SDK, on-board app scripting and 3rd-party serial device support make ASP Series an attractive choice for system integrators and software OEMs in the security industry. ApolloEM ApolloEM will provide support for existing partners as well as market to potential new partners. Upcoming events for 2018 include Security Essen and ASIS/GSX as well as product and technical seminars worldwide.

Apollo’s ASP Series Controllers set new standards for secure, scalable and customisable access solutions
Apollo’s ASP Series Controllers set new standards for secure, scalable and customisable access solutions

Everyone can agree the convergence trend is in full force in the electronic security industry and organisations are pushing more and more for integrated solutions that can not only enhance ROI but also solve problems that have traditionally been out of the realm of electronic physical security systems. This leaves system integrators and other solution providers in a difficult position as they scramble to be competitive especially when faced with an industry dominated by a few power players. Tackling this problem can now be a matter of survival for small to medium players especially in regional markets. To address this need, Apollo Security Access Control has introduced the new ASP Series Controllers that promise to set a new standard in for secure, scalable and customisable solutions. For 30 years, Apollo has been known for producing some of the most robust hardware in the industry and with the ASP series a new layer of flexibility has been added by allowing ‘post-factory’ customisation in addition to many other feature upgrades. This will have the effect to put more control in the hands of integrators and even end-users so they are not locked into hardware solutions that are ‘off the shelf’ and don’t provide any ability to adapt to customer specific needs for the present or the future. The flagship of Apollo’s new controller series, the ASP-4 is an intelligent access controller designed to provide a high performance security solution Intelligent access controller The flagship of Apollo’s new controller series, the ASP-4 is an intelligent access controller designed to provide a high performance security solution with the ability to solve non-standard problems. Natively, the ASP-4 can support four readers and four doors, but when clustered with 32 other ASP devices it can secure up to 128 doors in one management unit by utilising inter-device communication across standard IT networks. Each ASP-4 can also support up to 16 additional readers by utilising OSDP Secure Channel communications, supporting configurations such as 4 Doors with In/Out (8 Readers) or even more doors by adding input/output modules for door control. Enterprise capacity of 250,000+ cardholders, 300 access levels with up to 50 access levels per card is provided at each device, providing total cardholder and access rights database redundancy, preventing reduced functionality modes such as ‘facility code check only’. The ASP’s real power lies however with the ability to customise the functions of the controller by loading customised App Scripts and third-party protocols. Using industry standard ‘C-like’ programming language, the ASP can have new functions designed by the integrator. Running customisations at the hardware level instead of in software offers the benefits of drastically reduced time/cost of implementation as well as superior reliability. Whereas before if an organisation wanted to integrate a new device such as an alarm panel, fire system or similar they would have to request software customisation which can take months and cost tens of thousands of dollars, with the ASP such a task can take days or weeks and be completed with a budget of hundreds of dollars. An example of how effective this customisation works was provided by a subsidiary of a large multi-national Corporate access control solutions An example of how effective this customisation works was provided by a subsidiary of a large multi-national that was struggling to comply with strict labor regulations. Under these rules, workers in their factory can only work six consecutive days, requiring the seventh day for rest. The HR department struggled to keep track of this as each employee’s rest day could be prior to when six days was expired; in addition to workers switching shifts and other complications the tracking was too difficult to be done manually, so an automated solution was necessary. The current access control solution the company was using didn’t provide any solution for this so the only possibility was expensive customisation which would take 3-4 months and then provide no guarantee in the future what would happen if needs changed. With ASP-4, Apollo’s local partner was able to offer a much more rapid solution. The requirements were programmed into a logic script that was loaded to the controller. This script checks every cardholder at time of access for any violation of the rules and will deny access if necessary, then displaying a reason on an LCD display as well as flash an indicator light so that the cardholder will know it is not simply an access level error that has denied their entry. This customisation took less than one man-day to program and was tested over the course of one week and was then ready to be deployed. The ability to do this customisation gave the partner the edge needed to provide a timely, cost effective solution to a problem that could have cost the company greatly if a work-related accident resulted in legal action. In the future, the logic script can be easily changed for example if the company would like to move to a five-day work week in the future. Additional customisation possibilities are possible using the serial connections of the ASP Real-time monitoring Additional customisation possibilities are possible using the serial connections of the ASP. This allows integration of input devices such as scales or barcode scanners, or interface to any device that has a serial interface such as displays, mimic panels, entry phone systems and more. Protocols for these devices can be embedded in scripts and the devices can assume alarm input/output functions or even new card reader types can be supported such as wireless locks or long-range RFID readers. In addition to being customisable, the ASP of course is designed with security in mind. With all communication channels being secured with 128-bit TLS encryption which prevents attempts to intercept or forge data. Security goes all the way down to the reader using OSDP Secure Channel to protect card reader data transmission lines. Being able to communicate simultaneously with up to five software hosts also gives the ASP ability to be monitored in real-time by redundant systems, ensuring that important alarms are always delivered in time for the security team to react. Software OEMs and System Integrators The ASP Series has been designed from the ground up to be friendly to Software OEMs and System Integrators using other systems in place of or in addition to Apollo Security’s software platform. A native Open Platform SDK allows tight integration with all the ASP’s standard features in addition to the customisations available through scripting and embedded software. The SDK comes with several integration pathways including .NET and Python and includes sample code, tutorials and online developer support. To better support Software OEM partners, Apollo Security’s parent company, ADME INC., has recently announced a new division, ApolloEM which will provide support for partners that utilise the ASP hardware platform in their own software solutions. William Lorber, Vice President of Sales and Marketing said, “Establishing a separate division to strengthen our role as an Access Hardware OEM became logical as more partners are coming on board to utilise our new product line. We are excited to see the solutions that our partners develop on this platform.” Lorber added that partners will be able to share and market their solutions on the upcoming App Script Library platform that Apollo will roll out later this year to expand the effectiveness of ASP solutions.

Related white papers

Top 5 ways to ensure visitor safety and security

Moving to mobile: A guide for businesses switching to mobile access control

Attention OEMs: 5 Ways RFID Readers Can Secure Your Markets