Ingersoll Rand Access control systems & kits

The cyber security threat is constant and real. Entire businesses, large enterprises and even whole cities have been vulnerable to these attacks. Growing threat of cyber attacks The threat is not trivial. Recently, two cities in Florida hit by ransom ware attacks – Rivera Beach and Lake City – opted to capitulate and pay ransom totaling more than $1.1 million to hackers. The attacks had disrupted communications for first responders and crippled online payment and traffic-ticketing systems. It was reminiscent of the $4 billion global WannaCry attacks on financial and healthcare companies. A full two years after the WannaCry attack, many of the hundreds of thousands of computers affected remain infected.  And hackers are continuously devising new techniques, adapting the latest technology innovations including machine learning and artificial intelligence to devise more destructive forms of attack. Indeed, AI promises to become the next major weapon in the cyber arms race. For enterprises, there is no choice but to recognise the threat and adopt effective countermeasures Enterprise security For enterprises, there is no choice but to recognise the threat and adopt effective countermeasures. Not surprisingly, as the number, scale and sophistication of cyber-attacks has grown, so has the significance of the Chief Information Security Officer, or CISO, who owns the responsibility of sounding the alarm to the C-suite and the board – and recommending the best defense strategies. Consider it a grim irony of the digital economy. As companies have migrated to the cloud to gain scale and efficiency and integrated new channels and touch points to make it easier for their customers and suppliers to do business with them, they have also created more potential points of entry for cyber-attacks. IoT increases threat of cyber-attacks Amplifying that vulnerability is the trend of allowing employees to bring their own laptops, smartphones and other digital devices to the office or use to work remotely. And thanks to the Internet of Things, as more devices connect to enterprise systems – from thermostats to cars –  the threat surface or targets of intrusion are multiplying exponentially. According to the McAfee Labs 2019 Threats Predictions Report, hackers will increasingly turn to AI to help them evade detection and automate their target selection. Companies will have no choice but to begin adopting AI defenses to counter these cybercriminals.  Importance of cyber security This escalation in the cyber arms race reflects the sheer volume of data and transactions in modern life. In businesses like financial services and healthcare it is not humanly possible to examine every transaction for anomalies that might signal cyber snooping. Even when oddities are glimpsed, simply flagging potential problems can create so-called threat fatigue from endless false alarms. What’s more, attacks like those from Trickbots are specifically designed to go undetected by end users. The fact is, even if throwing more people at the problem were a solution, there aren’t enough skilled cyber security workers in the world. By some estimates, as many as 10 million cyber security jobs now go unfilled.  AI is being used to conduct predictive analysis at a scale beyond human means Deploying AI As a result, AI is being deployed on multiple cyber-defense fronts. So far, it is mainly being used to conduct predictive analysis at a scale beyond human means. AI programs can sift through petabytes of data, identifying anomalies and even helping an organisation recognise and diagnose intrusions before they turn into catastrophic attacks. AI can also be used to continually monitor and allocate levels of access to a network’s multitude of legitimate users – whether employees, customers, partners or suppliers – to ensure that all parties have the access they need, but only the access they need. Countering cyber security threats To harden defenses, some AI programs can be configured to perform simulated war games To harden defenses, some AI programs can be configured to perform simulated war games. Because cyber attackers have stealth on their side, organisations might need dozens of experts to counter only a handful of attackers. AI can help even the odds, scoping out the potential permutations of vulnerabilities.  As CISOs – and the CIOs they typically report to – advise C-suites and boards on their growing cybersecurity risk, they can also help those leaders recognize an enduring truth: AI programs cannot replace experienced cybersecurity professionals. But the technology can make staff smarter, more vigilant and more nimbly responsive. AI-based cyber security tools Financial and healthcare companies are leading this charge because of the sheer volume and variety of transactions they handle and because of the value and sensitivity of the data. Organisations like the U.S. Department of Defense and the space agency NASA, as well as governments around the world are also implementing AI-based tools to address the cyber threat. For businesses of all types, the threat stretches from the back office to the supply chain to the store front. That is why recognising and countering that threat must involve everyone from the CISO to the CEO to the Chairman of the Board. The AI arms race is underway in security. To delay joining it is to risk letting your enterprise become one of the grim statistics.

With the recent news headlines about store closures and the collapse of well-known chains, alongside clear adjustments in business strategy amongst established high street favourites, there is no denying that the UK retail industry is under huge pressure. A recent report suggests growing issues are leading some retailers to increase risk-taking in the supply chain. But here, Steve Bumphrey, Traka UK Sales Director, looks at ways to help retailers embrace the storm, including paying attention to security, management processes and efficient customer focus. Challenges plaguing retail industry It’s been an awful year to date for UK retail if you believe the cacophony of negative headlines about the health of the UK economy and the confidence levels of the UK consumer. The sector is facing huge challenges in dealing with the evolution in on-line and smart mobile retailing The sector is undoubtedly facing huge challenges in dealing with the evolution in on-line and smart mobile retailing. Further concerns include an unwillingness of policymakers to address the changing retail environment and how business rates and general business taxation and regulation is making a difficult situation worse. Supply Chain Risk Report According to the latest Global Supply Chain Risk Report, published by Cranfield School of Management and Dan & Badstreet, those under pressure, are now facing increased exposure to risk if they are forced to cut costs in their supply chain. The report cites data for the retail sector that shows increased levels of risk-taking since Q4 2018, with retailers reporting high levels of dependency on suppliers and indicating a propensity to off-shore to low-cost, high-risk countries where suppliers are more likely to be financially unstable. In-store technology revolution The underlying evolution of technology taking hold of the retail industry and consequential changing consumer behaviour is what is really forcing the industry to step up and act. This is not only in the shift to online and smart mobile purchases, but also with the increased use of technology in store. Self-scanning and checkouts In a bid to enhance the physical shop experience, especially in supermarket outlets across the UK, retailers are increasingly giving customers autonomy with self-scanners and checkouts and need to be able to trust them to ensure an honest transaction. And for the shoppers, this dependency on technology and not human interaction to complete a shop means scanners must be instantly available and ready for use. Many different underlying competing challenges impact the retail industry Compensators At the recent British Retail Consortium’s ‘Charting the Future’ conference, looking at retail crime and security, Dr Emmeline Taylor, a criminologist at the City University of London identified in self -service shops, several new types of ‘offenders’ such as so-called ‘compensators’ including the atypical ‘frustrated consumer’ who, “fully intended to pay but were unable to scan an item properly”, adding to the security challenge. There are clearly many different underlying competing challenges impacting the retail industry. Arguably, the increase in technology and autonomous shopping, where less staff are present (or staff cuts planned) throws up more vulnerabilities, such as the opportunity for store theft. Use of body cameras Staff needs emerging technology such as body cameras to act as a deterrent to crime and keep employees safe Furthermore, staff may need greater use of emerging technology such as body cameras to act as a deterrent to crime and help keep employees safe. In essence, prevention is better than cure, and it’s certainly cheaper. Whether combating crime physically or online, or looking to find ways to counter the high street trends, working together, sharing information and taking a more holistic approach will help the development of a shared language between retailers. Retail banking It is also here where common approaches can help to deliver on efficiencies, in time, resource and budget that can serve to operate right through the supply chain, and minimise, or even negate the need to take any risks. It can even serve to enhance the customer experience, increasing confidence in the shopping environment. Of course, when discussing the high street, it is not just the department stores and chains that are feeling the impact. Well known banks are also having to redefine their priorities and role on the high street, with customers (especially younger generations) demanding a more efficient service than ever before. Well known banks are also having to redefine their priorities and role on the high street Asset protection Leading the way is Nationwide, globally renowned building society, which prides itself on being one of the largest savings providers and mortgages provider in the UK, promoting itself as running purely for the benefit of its customers, or ‘members.’ Richard Newland, Director of Branch & Workplace Transformation at Nationwide said, “Even more than getting a good ‘deal’ from a building society, the quality of our welcome, or our renowned level of service, we make sure our members feel safe with us, enough to trust us with their greatest assets. We are doing everything we can to evolve our business and focus our efforts on providing the best and most secure services that people value.” Key management systems Traka has supported Nationwide with the introduction of dedicated key management systems So committed to its branch network, it has pledged to its 15 million members that every town and city with a Nationwide branch, will still have one for at least the next two years. A bold statement in today’s climate. Traka has supported Nationwide with the introduction of dedicated key management systems, moving its branch network into a more digital system. Keys no longer need to leave site and the audit trail capability has helped to remove the manual paper recording, allowing status of keys to be established instantly, at any time. Changes in retail market This example, together with Traka’s portfolio of high street brands and globally renowned department stores that cannot be named for security reasons, demonstrates the need for retailers to embrace the need for change, both from a product offering and operational running perspective to achieve aspirations of resonating with customers. They also prove the opportunities for success, in an unquestionable difficult market environment. If retailers can listen to customers and respond accordingly, taking into consideration staff safety and security, alongside an ability to respond quickly to personalised enquiries and expectations. This way, perhaps, the current environment can be seen as an opportunity to innovate and embrace technology to form the high street of the future.

Should ‘Made in China’ be seen as a negative in security systems and products? It’s an important and complex issue that merits a more detailed response than my recent comment in the Expert Panel Roundtable. For me, there are two sides of the answer to this question: Buying products that have certain negative attributes that are not in alignment with some part of a belief system or company mandate. Buying products that do not perform as advertised or do something that is unacceptable. For integrators and end users making the buying decisions, the drive to purchase products may not be based on either aspect and instead on the product that can do the best job for their business. But for others, a greater emphasis on the ethical implications of purchasing decisions drives decision-making. What is ethical consumption? Ethical consumption is a type of consumer activism that is based on the concept of ‘positive buying’ in that ethical products are favouredEthical consumption — often called ethical consumerism — is a type of consumer activism that is based on the concept of ‘positive buying’ in that ethical products are favoured, and products that are ethically questionable may be met with a ‘moral boycott’. This can be as simple as only buying organic produce or as complex as boycotting products made in a totalitarian regime that doesn't offer its citizens the same freedoms that we enjoy in the United States. Consider the goals of the Boston Tea Party or the National Consumers League (NCL), which was formed to protect and promote social and economic justice for consumers and workers in the United States and abroad. Some examples of considerations behind ethical consumption include fair trade, treatment of workers, genetic modification, locally made and processed goods, union-made products and services, humane animal treatment, and in general, labour issues and manufacturing practices that take these factors into account. Increase in ethical consumption The numbers show that ethical consumption is on the rise. In a 2017 study by Unilever, 33 percent of consumers reported choosing to buy and support brands that they believe are doing social or environmental good. In the same study, 53 percent of shoppers in the United Kingdom and 78 percent in the United States said they feel better when they buy products that are ‘sustainably’ produced. There’s clear evidence that products from some Chinese companies suffer from cybersecurity vulnerabilities Though the aforementioned question that sparked this conversation centres around concerns with products made in China, there are many other countries where, for example, governments/dictators are extremely repressive to all or parts of their populations, whose products, such as oil, diamonds, minerals, etc., we happily consume. There are also a number of countries that are a threat in terms of cybersecurity. It may be naive and simplistic to single out Chinese manufacturers. Impact on physical security products Product buying decisions based on factors other than product functionality, quality and price are also starting to permeate the security marketplace. While this hasn't been a large focus area from the business-to-business consumption side, it's something that should be considered for commercial security products for a variety of reasons. Hardware hacks are more difficult to pull off and potentially more devastating" There’s clear evidence that products from some Chinese companies suffer from cybersecurity vulnerabilities. Last fall, 30 U.S. companies, including Apple and Amazon, were potentially compromised when it was discovered that a tiny microchip in the motherboard of servers built in China that weren't a part of the original specification. According to a Bloomberg report, “This attack was something graver than the software-based incidents the world has grown accustomed to seeing. Hardware hacks are more difficult to pull off and potentially more devastating, promising the kind of long-term, stealth access that spy agencies are willing to invest millions of dollars and many years to get.” This, along with many other incidents, are changing the considerations behind purchasing decisions even in the physical security industry. Given that physical security products in general have been lax on cybersecurity, this is a welcome change. Combating tech-specific threats In early January, members of the U.S. Senate introduced bipartisan legislation to help combat tech-specific threats to national security posed by foreign actors and ensure U.S. technological supremacy by improving interagency coordination across the U.S. government. The bill creates the Office of Critical Technologies & Security at the White House, an indication that this issue is of critical importance to a number of players across the tech sector. Members of the U.S. Senate introduced bipartisan legislation to help combat tech-specific threats to national security posed by foreign actors To address a significant number of concerns around ethical production, there are certifications such as ISO 26000 which provides guidance on social responsibility by addressing accountability, transparency, ethical behaviour, respect for stakeholder interests, respect for rule of law, respect for international norms of behaviour and respect for human rights. While still emerging within physical security, companies that adhere to these and other standards do exist in the marketplace. Not buying products vulnerable to cyberattacks It may be counter-productive, even irresponsible, to brand all products from an entire country as unfit for purchasing. Some manufacturers’ products may be ethically questionable, or more vulnerable to cyberattacks than others; so not buying products made by those companies would make sense. The physical security industry might be playing a bit of catch up on this front, but I think we're beginning to see a shift toward this kind of responsible buying behaviour.

Allegion UK, global specialist in fire safety and security products, has launched the ISONAS Pure IP family of access control solutions in the UK. ISONAS believes access control belongs on the network and should have the ability to be managed from anywhere across an unlimited number of facilities, that is why ISONAS created Pure IP Access Control Hardware. Access control hardware Patented reader controllers eliminate the need for cumbersome control panels at every door, removing complex wiring and power supplies – meaning it is simple to install. By utilising standard category cabling installation time is significantly reduced making it the ideal choice for integrators. Commenting on the launch, Trevor Ball, business development manager at Allegion UK and Ireland said, ‘’Since Allegion’s acquisition of ISONAS in 2018, ISONAS is generating a huge amount of interest in the UK market. Perhaps one of the greatest benefits of ISONAS is the ability to manage and administer devices across the globe.” ISONAS Pure IP access control Built-in Bluetooth Low Energy enables the door to be configured directly from smartphones and tablets He adds, “The ability to program the system centrally and manage many different remote sites is an intrinsic benefit. This singular advantage is one of the reasons why many customers are choosing to invest in ISONAS Pure IP access control. With the flexibility, scalability and accessibility of ISONAS, I’m certain that this is the future of access control.” Built-in Bluetooth Low Energy enables the door to be configured directly from smartphones and tablets. This permits them to be installed, managed and monitored remotely from one single device. Pure IP hardware also eliminates the need for a physical card, allowing organisations to efficiently manage an unlimited number of credentials and manage access control in real-time. Intelligent access control system ISONAS’s innovative access control solutions allow businesses to use their existing security network to bring intelligent decision-making to the forefront and to embrace an open platform with both an API for 3rd party software integrations and an SDK for integration of Allegion’s patented Pure IP hardware. ISONAS Pure IP access control is not technology of the future. It is a technology of today and here to stay, making it a logical choice for businesses that want full control over their security and a proven IP solution at their door.

Tools such as standard operating procedures (SOPs) and checklists ensure that every factor is considered when installing a physical security system – or do they? Security system installations are detailed projects, and any overlooked detail is a missed opportunity to make the system better. We asked this week’s Expert Panel Roundtable: What is the most overlooked factor when installing physical security systems?

Qumulex is a new startup with a mission to provide physical security integrators a transition path to embrace the technology of the cloud and a subscription-based business model. Qumulex’s products seek to provide capabilities to embrace the cloud without an integrator having to turn their back completely on the ‘transactional revenue’ of installing new systems. As the transition happens, Qumulex offers a product line that supports any mix of systems from on-premises to the cloud. The flexible deployment model – enabling a cloud installation, an on-premise installation or any combination – is one of the ways Qumulex seeks to differentiate itself in the market. Installing fully on-premise system The Qumulex cloud-based platform uses a gateway device located on-premises to which local cameras are connected The system is designed so that an integrator can install a fully on-premise system and then later ‘flip a switch’ and transition to a cloud model, says Tom Buckley, VP Sales and Marketing. The Qumulex initial 1.0 system launch is currently entering its final beta test. Full commercial availability is expected in the first quarter of 2020, which the company will highlight in a bigger 20x20 booth at ISC West next year. The Qumulex cloud-based platform uses a gateway device located on-premises to which local cameras are connected. Ensuring cybersecurity, the gateway provides a ‘firewall’ of sorts to avoid any cybersecurity threat from entering an enterprise through a vulnerable IP camera. The system is designed to be ‘cloud-agnostic’ and to work with any public or private cloud, using Docker software and ‘containers,’ a standard unit of software that packages code and all its dependencies so an application runs quickly and reliably from one computing environment to another. At launch, the Qumulex system will use the Google cloud. Greater situational awareness The open platform approach will enable users to assemble best-of-breed solutions Another point of differentiation for the new platform is a unified access control and video surveillance environment – both are part of the same program. Access control can drive video events and vice versa for greater situational awareness. A unified system avoids having to integrate separate systems. A big emphasis for Qumulex is ease of use. They have designed the user interface to be as simple and intuitive as possible, using consumer-oriented systems such as Nest and the Ring Doorbell as a model of simplicity. Finally, the open platform approach will enable users to assemble best-of-breed solutions. Keeping it simple, the system offers native integration with only the major camera manufacturers that represent most of the market: Axis, Hanwha, Arecont, Panasonic, Vivotek and Sony. Longer-term storage Other cameras can be included using the ONVIF interface. On the access control side, the system will initially be compatible with Axis door controllers, Allegion wireless door locks and ASSA ABLOY Aperio wireless door locks. Future versions of the software will seek to integrate HID Edge and Vertx and eventually Mercury panels. The gateway device may incorporate only a solid-state drive (SSD) for buffering Qumulex is taking a ‘mobile-first’ approach. The software is designed as a ‘progressive web app,’ which means is it is adaptable to – and fully functioning in – any smart phone, mobile device, laptop, or on a desktop computer with multiple monitors. The gateway device may incorporate only a solid-state drive (SSD) for buffering, or as many hard drives as the customer wants for storage. Short-term storage is available in the cloud, but local hard drives may be used for longer-term storage which can get expensive given the monthly fees of cloud storage. Using third-party server To manage the variety of scenarios, Qumulex will offer a line of gateways and recorders, or a customer can use a third-party server along with Qumulex, which is an open system. Qumulex will use a manufacturer’s representative sales model and has already signed up 11 rep firms covering the United States (the initial target of the launch). The company has been spreading the word among integrators, too, first at the ISC West show last spring, when 98 integrators saw demonstrations of the system at a suite in the Palazzo. Another 48 integrators saw the system at ESX in Indianapolis in June. At the recent GSX show in Chicago, Qumulex had a booth on the show floor, where they scanned 450 badges that yielded 176 unique integrators. Entering the physical security market Qumulex just closed a second round of funding, which does not include any ‘institutional’ money Buckley estimates there are around 10,000 total security integrators in the United States that sell products similar to theirs at their price point. They are working to build their database to reach out to those integrators. (Exacq had more than 4,500 dealer/integrators before it was sold to Tyco/Johnson Controls.) Qumulex is the third company to enter the physical security market by the same team that launched two other successful startups in the last 20 years: Exacq Technologies (sold to Tyco in 2013) and Integral Technologies (sold to Andover Controls in 2000). Both previous companies were built around a need to help the integrator community transition to newer technologies. Qumulex just closed a second round of funding, which does not include any ‘institutional’ money. The first round of investment involved only the founders, and the second round added some ‘angel’ investors to the mix. The funding allows more flexibility and control over the company’s timeline and the evolution of the product’s feature set, free of outside mandates, says Buckley.