Access control controllers - Expert commentary

The intersection of education and fire and security
The intersection of education and fire and security

Protecting against fire and security risks is an essential aspect of life for people and across all sectors. However, there is an increasing expectation and demand on fire and security providers, in areas such as education. The securitisation of our world paired with the rapid speed of communication and news updates means that young people especially have the potential to be more aware of potential dangers and threats to their own safety and the safety of those around them. Education institutions are large and sometimes sprawling sites that present considerable fire and security challenges. From kindergarten to university Each education site brings distinct challenges, with differing facilities and specialties, as well as the need to maintain the capacity of students, teachers and lecturers to study, learn and teach at the high level expected.Each education site brings distinct challenges, with differing facilities and specialties While some schools and universities are based in urban areas with a mix of heritage and high rise buildings, others are sprawled across green open spaces. Some of these sites have specialised sporting facilities, while others may be focused on engineering or scientific study, with costly technical equipment. Kindergartens and primary schools have their own unique requirements. Parents expect the highest safety standards, while schools require safety in addition to efficient facilities management. The demographic of these institutions is predominantly young children, who are often unaware of or only just learning about fire safety and personal safety. This creates a huge vulnerability and an added onus on teachers to keep their students safe. Facial recognition at West Academy of Beijing In response to this need, Chubb China upgraded the closed-circuit television (CCTV) system for Western Academy of Beijing (WAB) focusing on elevating video content analytic features, including maximised CCTV monitoring, automatic police calling, and a smart search solution. Complementing this, a facial recognition system capable of finding the exact location of a student on campus within 30 seconds was added, aided by real-time remote gate operation. This integrated and advanced system resulted won the "High Quality Educational Technology Suppliers for School" award for the WAB project at the 2019 BEED Asia Future Oriented Construction of Universities and Schools Seminar. This award recognises outstanding solution design and project execution. Parents expect the highest safety standards, while schools require safety in addition to efficient facilities management Awareness remains important at university As students graduate from kindergarten, primary school, junior and senior school, they become more aware of fire safety, relevant dangers and how to protect themselves. Unfortunately, external dangers remain. There are particularly high stakes for university campus facilities managers The safety of students in a university environment is also critical. It is often the first time young people live away from their family home and have the independence of adulthood. For this reason, there are particularly high stakes for university campus facilities managers. In the eventuality of a fire, students could be at great risk and, beyond the immediacy of physical harm, this can have serious ramifications for the reputation of an educational institution. Integrated solutions Integrated solutions must be nimble and adapted to a range of site types including campus residences, recreational areas, open spaces and lecture theatres. Chubb Sicli recently identified and overcame these challenges through the installation of a full suite of fire safety and security equipment and services at Webster University Geneva. Established in Switzerland in 1978, Webster University Geneva is an accredited American university campus that offers programs in English to students interested in undergraduate or graduate-level education.  Located in the Commune of Bellevue, just a few kilometres from Geneva's central station, the campus of Webster University Geneva includes five buildings in a park-style atmosphere. Full fire and security audit Chubb Sicli provided Webster’s fire extinguisher maintenance for over 25 years. This business relationship led to a full fire and security audit that identified the need for updates to the university’s security installation. The initial audit showed several improvements to the university’s security profile were needed.The challenge was to create and provide an effective and interconnected fire and security solution The challenge was to create and provide an effective and interconnected fire and security solution, enhancing the security of the student population and its ever-evolving needs. This included complete fire detection and intruder alarms for all five buildings, upgrades to existing CCTV systems, new video surveillance equipment and an automated fire extinguishing system in the kitchen areas. In addition to this integrated system solution, Webster University required access control for all main entrances, with the requirement that all documentation to be made available in English, because Webster is an American company. Customised solution Chubb Sicli’s quality, capability, and security expertise provided a customised solution for the unique educational establishment. Not only was the solution both tailored and integrated, the approach and planning were based on audit, fire extinguisher and emergency light maintenance, fire detection, intrusion detection, access control, video surveillance and Fire Detection. Through dedicated and integrated fire safety support, Chubb provides students and families peace of mind and security. From the moment a young child enters the education system, Chubb’s diligent and effective surveillance and fire safety systems work to prevent and protect, offering a new kind of ‘end-to-end’ service for education systems around the world.

How to build an insider threat programme
How to build an insider threat programme

Insider threat programmes started with counter-espionage cases in the government. Today, insider threat programmes have become a more common practice in all industries, as companies understand the risks associated with not having one. To build a programme, you must first understand what an insider threat is. An insider threat is an employee, contractor, visitor or other insider who have been granted physical or logical access to a company that can cause extensive damage. Damage ranges from emotional or physical injury, to personnel, financial and reputational loss to data loss/manipulation or destruction of assets. Financial and confidential information While malicious insiders only make up 22% of the threats, they have the most impact on an organisation Most threats are derived from the accidental insider. For example, it’s the person who is working on a competitive sales pitch on an airplane and is plugging in financial and confidential information. They are working hard, yet their company’s information is exposed to everyone around them. Another type of insider, the compromised insider, is the person who accidentally downloaded malware when clicking on a fake, urgent email, exposing their information. Malicious insiders cause the greatest concerns. These are the rogue employees who may feel threatened. They may turn violent or take action to damage the company. Or you have the criminal actor employees who are truly malicious and have been hired or bribed by another company to gather intel. Their goal is to gather data and assets to cause damage for a specific purpose. While malicious insiders only make up 22% of the threats, they have the most impact on an organisation. They can cause brand and financial damage, along with physical and mental damage. Insider threat programme Once you determine you need an insider threat programme, you need to build a business case and support it with requirements. Depending on your industry, you can start with regulatory requirements such as HIPAA, NERC CIP, PCI, etc. Talk to your regulator and get their input. Everyone needs to be onboard, understand the intricacies of enacting a programme Next, get a top to bottom risk assessment to learn your organisation’s risks. A risk assessment will help you prioritise your risks and provide recommendations about what you need to include in your programme. Begin by meeting with senior leadership, including your CEO to discuss expectations. Creating an insider threat programme will change the company culture, and the CEO must understand the gravity of his/her decision before moving forward. Everyone needs to be onboard, understand the intricacies of enacting a programme and support it before its implemented. Determining the level of monitoring The size and complexity of your company will determine the type of programme needed. One size does not fit all. It will determine what technologies are required and how much personnel is needed to execute the programme. The company must determine what level of monitoring is needed to meet their goals. After the leadership team decides, form a steering committee that includes someone from legal, HR and IT. Other departments can join as necessary. This team sets up the structure, lays out the plan, determines the budget and what type of technologies are needed. For small companies, the best value is education. Educate your employees about the programme, build the culture and promote awareness. Teach employees about the behaviours you are looking for and how to report them. Behavioural analysis software Every company is different and you need to determine what will gain employee support The steering committee will need to decide what is out of scope. Every company is different and you need to determine what will gain employee support. The tools put in place cannot monitor employee productivity (web surfing). That is out of scope and will disrupt the company culture. What technology does your organisation need to detect insider threats? Organisations need software solutions that monitor, aggregate and analyse data to identify potential threats. Behavioural analysis software looks at patterns of behaviour and identifies anomalies. Use business intelligence/data analytics solutions to solve this challenge. This solution learns the normal behaviour of people and notifies security staff when behaviour changes. This is done by setting a set risk score. Once the score crosses a determined threshold, an alert is triggered. Case and incident management tools Predictive analytics technology reviews behaviours and identifies sensitive areas of companies (pharmacies, server rooms) or files (HR, finance, development). If it sees anomalous behaviour, it can predict behaviours. It can determine if someone is going to take data. It helps companies take steps to get ahead of bad behaviour. If an employee sends hostile emails, they are picked up and an alert is triggered User sentiment detection software can work in real time. If an employee sends hostile emails, they are picked up and an alert is triggered. The SOC and HR are notified and security dispatched. Depending on how a company has this process set-up, it could potentially save lives. Now that your organisation has all this data, how do you pull it together? Case and incident management tools can pool data points and create threat dashboards. Cyber detection system with access control An integrated security system is recommended to be successful. It will eliminate bubbles and share data to see real-time patterns. If HR, security and compliance departments are doing investigations, they can consolidate systems into the same tool to have better data aggregation. Companies can link their IT/cyber detection system with access control. Deploying a true, integrated, open system provides a better insider threat programme. Big companies should invest in trained counterintelligence investigators to operate the programme. They can help identify the sensitive areas, identify who the people are that have the most access to them, or are in a position to do the greatest amount of harm to the company and who to put mitigation plans around to protect them. They also run the investigations. Potential risky behaviour Using the right technology along with thorough processes will result in a successful programme You need to detect which individuals are interacting with information systems that pose the greatest potential risk. You need to rapidly and thoroughly understand the user’s potential risky behaviour and the context around it. Context is important. You need to decide what to investigate and make it clear to employees. Otherwise you will create a negative culture at your company. Develop a security-aware culture. Involve the crowd. Get an app so if someone sees something they can say something. IT should not run the insider threat programme. IT is the most privileged department in an organisation. If something goes wrong with an IT person, they have the most ability to do harm and cover their tracks. They need to be an important partner, but don’t let them have ownership and don’t let their administrators have access. Educating your employees and creating a positive culture around an insider threat programme takes time and patience. Using the right technology along with thorough processes will result in a successful programme. It’s okay to start small and build.

The benefits of an integrated security system
The benefits of an integrated security system

Today, the world is connected like never before. Your watch is connected to your phone, which is connected to your tablet and so on. As we’ve begun to embrace this ‘smart’ lifestyle, what we’re really embracing is the integration of systems. Why do we connect our devices? The simplest answer is that it makes life easier. But, if that’s the case, why stop at our own personal devices? Connection, when applied to a business’ operations, is no different: it lowers effort and expedites decision making. Integrating security systems Systems integration takes the idea of connected devices and applies it to an enterprise Systems integration takes the idea of connected devices and applies it to an enterprise, bringing disparate subcomponents into a single ecosystem. This could mean adding a new, overarching system to pull and collect data from existing subsystems, or adapting an existing system to serve as a data collection hub. Regardless of the method, the purpose is to create a single, unified view. Ultimately, it’s about simplifying processes, gaining actionable insights into operations and facilitating efficient decision-making. Although integration is becoming the new norm in other areas of life, businesses often opt out of integrating security systems because of misconceptions about the time and resources required to successfully make the change. So, instead of a streamlined operation, the various security systems and devices are siloed, not communicating with each other and typically being run by different teams within an organisation. Time-intensive process When systems are not integrated, companies face a wide range of risks driven by a lack of transparency and information sharing, including actual loss of property or assets. For example, a team in charge of access control is alerted to a door being opened in the middle of the night but can’t see what exactly is taking place through video surveillance. Without integrated systems they have no way of knowing if it was a burglar, an equipment malfunction or a gust of wind. Without integration between systems and teams, the ability to quickly put the right pieces in front of decision makers is missing. Instead, the team would have to go back and manually look for footage that corresponds with the time a door was open to figure out which door it was, who opened it and what happened after, which can be a time-intensive process. Integrating access control and surveillance systems Theft and vandalism occur quickly, meaning systems and users must work faster in order to prevent it This slowed response time adds risk to the system. Theft and vandalism occur quickly, meaning systems and users must work faster in order to prevent it. Security systems can do more than communicate that theft or vandalism occurred. Properly integrated, these systems alert users of pre-incident indicators before an event happens or deter events altogether. This gives teams and decision makers more time to make effective decisions. Integrating access control and surveillance systems allows for a more proactive approach. If a door is opened when it’s not supposed to be, an integrated system enables users to quickly see what door was opened, who opened it and make a quick decision. Integrated solutions are more effective, more efficient and help drive cost-saving decisions. Ideally, companies should establish integrated solutions from the start of operations. This allows companies to anticipate problems and adjust accordingly instead of reacting after an incident has occurred. Security camera system Although starting from the beginning is the best way to ensure comprehensive security, many companies have existing security systems, requiring integration and implementation to bring them together. Typically, companies with established security systems worry about the impact to infrastructure requirements. Is additional infrastructure necessary? How and where should it be added? What financial or human resources are required? These concerns drive a mentality that the benefits gained from an integrated solution aren’t worth the costs of implementation. Thankfully, this is becoming less of a problem as security providers, like Twenty20™ Solutions, work to offer adaptable solutions. With flexible options, operators don’t worry about adding or replacing infrastructure to align with a provider’s model. This allows users to monitor camera footage and gate traffic from one system If a company has an existing security camera system, but identifies a need for access control, a modern integrated solution provider can supply the gates for access points and equip the gates and cameras with the technology to connect the two. This allows users to monitor camera footage and gate traffic from one system. This model also spares operators additional costs by using a sole vendor for supplemental needs. Overall management of security While a single, unified system is beneficial for cost saving, it can also help the overall management of security. The ability to view all operating systems in one dashboard allows security personnel to manage a site from any location, reducing the expense and effort required to manage a system. The mobile world today means security directors no longer need to be in a centralised operations center to see alerts and make decisions. This simplifies processes by allowing users to quickly see an alert, pull up a camera, delete a user or check an access log from a phone. Modern networks are secure and accessible to those with permissions, without requiring those users to be physically present. Consolidating security systems is the first step companies can take toward streamlining work, information and costs. The next step is integrating all sites, both remote and on-grid. Energy and communication technology The integration of sites and systems turns mountains of data and information into actionable intelligence Traditional methods demanded two systems: one for on-grid facilities and another for off-grid locations. With advancements in energy and communication technology, the need for multiple systems is gone. Data from remote sites can be safely and securely fed into an existing system. These remote locations may gather, distribute and manage data in a different manner than a connected system due to the cost of transmission via remote connections (i.e., cellular or satellite connection). The end result, however, is a consistent and holistic view of operations for the decision maker. The integration of sites and systems turns mountains of data and information into actionable intelligence. With connected devices monitoring occurrences at individual sites, as well as events across locations, the data tells a story that is unhindered by operational silos or physical space. Identifying patterns and trends Instead of providing 10 hours-worth of footage that may or may not be relevant, system analytics can provide users with the specific set of information they need. Incidents once discarded as ‘one-off’ events can now be analysed and data-mapped to identify patterns and trends, directing future resources to the most critical areas first. Consumers are increasingly expecting everything they need to be right where they need it – and businesses are right behind them. The current generation of security professionals are increasingly expecting the simplicity of their everyday personal tasks to be mirrored in enterprise systems, which means giving them the ability to see what matters in one place. A unified system can provide just that, a single view to help simplify processes, promote cost saving and accelerate decision making.

Latest Axis Communications news

Axis expects body-worn camera system to expand the technology use cases
Axis expects body-worn camera system to expand the technology use cases

Axis Communications has introduced a body-worn camera solution, which the company says represents a natural extension of their corporate vision, business strategy and core competence. The new body-worn cameras and other elements of the system will provide Axis new opportunities to grow by tapping into existing and new customers. The fast-growing body-worn camera market is an attractive one, and Axis sees opportunities to extend the use of body-worn cameras beyond the current core market of police and corrections officers. Private security applications for the technology include healthcare, education, banking, public venues, retail, logistics, transportation and places of worship. The new body-worn camera system was designed with Axis partners and ecosystem in mind, says Martin Gren, Founder and Director of New Projects at Axis. “We try to make it fit with existing customers.” Deploying and using the system The new body-worn camera system was designed with Axis partners and ecosystem in mind Gren says the system is easy to deploy and use. The Axis W100 camera provides 1080p images, wide dynamic range (WDR) and has dual microphones, operating 12 hours on a single charge. GPS/GNSS global satellite navigation provides location, and a six-axis gyroscope and accelerometer offer additional data beyond the video image. For example, sensors might be triggered in some situations to initiate recording.  One-bay (Axis W700) or eight-bay (Axis W701) docking stations enable high-speed supervised data offloading and battery charging, and a system controller (Axis W800) provides a central point for integration and management. Use of Zipstream compression technology saves on bandwidth and storage. Video cannot be accessed in the field, but only when a camera has been docked. There are many layers of security, and encryption protects all data used in the system from being accessed by outside agents. The USB interface cannot be connected to an ordinary computer but only to the docking station.     Open standards Open standards ensure easy integration with video management systems and/or evidence management systems, whether on-premises or in the cloud. At the time of release, the Axis body-worn camera system is already integrated with Milestone XProtect, Genetec Security Center, and Axis Camera Station VMSs. It is also integrated with the Genetec Clearance cloud-based evidence management system. An application programming interface (API) will facilitate additional integrations over time.  The body-worn cameras will be sold through the current Axis channels The body-worn cameras will be sold through the current Axis channels of distributors, systems integrators and resellers. The camera is part of the Axis “ecosystem,” which includes the company’s familiar network cameras as well as recent additions such as access control, network audio systems (including loud speakers), intercom door stations, a radar detector and other Internet of Things (IoT) devices. “The more things you integrate, the more value you add to customers,” said Gren. The new body-worn camera systems are core products for Axis; they are not made by another original equipment manufacturer (OEM) and merely sold under the Axis label. “When we decided to do body-worn cameras, OEMing was not an option,” said Gren. “Instead we took some experienced Axis engineers and a bunch of new ones to develop this product line to ensure the same Axis quality and compatibility.” Introducing the new product The body-worn camera system was unveiled remotely in a press conference webinar; the original plan was to introduce the new product at ISC West, which was cancelled to minimise spread of the novel coronavirus. In addition to announcing the new product, the Axis executives provided commentary and insight into the ongoing coronavirus crisis. “The security industry is a close-knit community that is connected in more ways than one,” said Fredrik Nilsson, Axis Vice President of the Americas. “We are all in this together. The industry has always exemplified resiliency, ingenuity and vision to address such challenges.” We are all in this together. The industry has always exemplified resiliency, ingenuity and vision" “There is some disruption in the Axis supply chain, but we have a broad partner-based supply chain when it comes to our sub-suppliers, our seven global CLCs (Configuration and Logistics Centers) and the distributors who keep inventory for integrators,” said Nilsson in the March 18th press call. “There is some stress on some components, but things are working relatively well under the circumstances. We are monitoring it on a day-to-day basis, but so far we have been able to hold things up very well.” Gren offered a comment on the possible use of thermal cameras (which Axis makes) to measure body temperature during the COVID-19 crisis: “When we designed our thermal cameras, that was a common question,” he said. “But in general, it is difficult to use a thermal camera to get an accurate reading. We have one model – the Q2901 – that is a temperature-accurate thermal camera, and if you look straight into the camera, it is accurate to around 1° F. However, there are more efficient ways to [measure temperature]. In general, it’s not a business application I would recommend.”

Honeywell Xtralis VCA suite of security software is available for licensing by third parties to improve analytic capabilities
Honeywell Xtralis VCA suite of security software is available for licensing by third parties to improve analytic capabilities

Honeywell, a pioneer in products, software and technologies for connected buildings and homes, announced that its Xtralis VCA suite of security software is available for licensing by third parties. Now, both Xtralis LoiterTrace video detection software and Xtralis IntrusionTrace video detection software will be made available to third parties looking to improve the analytics capabilities of their security offerings.  Xtralis IntrusionTrace, a high-performance intrusion detection software solution designed for continual outdoor operation is now integrated into its first external partner, Axis Communications Inc., a provider of network video, and their Axis Camera Application Platform (ACAP).  Honeywel-Axis integration  “The ACAP offers a variety of services and applications for select devices to ensure our customers can deploy value-added services on our cameras,” said Alex Walthers, business development manager, ADP, Axis Communications, Inc.   “We are pleased to collaborate with Honeywell to allow mutual customers to embed Honeywell’s Xtralis IntrusionTrace on Axis cameras. This technology brings video detection analytics that has been tested and hardened to the market.”  Beyond Xtralis IntrusionTrace, the VCA suite available for licensing also includes Xtralis LoiterTrace Beyond Xtralis IntrusionTrace, the VCA suite available for licensing also includes Xtralis LoiterTrace, an advanced detection system that provides timely notification of unauthorised loitering in both indoor and outdoor areas.  Intrusion detection products   “Nearly three decades ago Xtralis commercialised the first video motion detection product in the industry; and since then our intrusion detection products have been the industry benchmark and top choice for protecting perimeters with the highest security requirements,” said Alessandro Araldi, Vice President of global product management, Honeywell Home and Building Technologies.   “Honeywell is making Xtralis IP available for leading security manufacturers. We are pleased to have Xtralis IntrusionTrace offered on select Honeywell cameras as well as the ACAP and are looking forward to even more manufacturers leveraging our technology,” Araldi added.  The Xtralis VCA suite can be integrated with cameras, network video recorders, video management systems and third-party panel and platform providers. 

SIA announces appointment of new Chairman and 2020 Executive Committee, along with five new Board Members
SIA announces appointment of new Chairman and 2020 Executive Committee, along with five new Board Members

The Security Industry Association (SIA) welcomed a new chairman, announced its 2020 executive committee and welcomed five new members to the SIA Board of Directors at The Advance, SIA’s annual membership meeting, held virtually on Tuesday, March 17, 2020. SIA’s The Advance SIA ratified the selection of Pierre Trapanese, CEO of Northland Controls, as SIA’s chairman of the board. Trapanese has 33 years of international project and financial management experience in the security industry. He has been the sole owner of Northland Controls since 2005 and has transformed it into a global service provider with 250 Northlanders spread across offices in 5 countries. During The Advance, SIA also announced the addition of five new voting members to the SIA Board of Directors to serve terms from 2020 to 2022: Jonathan Aguila, director – systems and technology, Facebook – Global Security Stacy Deveraux, president, Electromechanical Solutions Group, ASSA ABLOY Opening Solutions Mike Mathes, executive vice president, Convergint Technologies Erica McBride-Rapp, logistics manager, Allegion Tim Palmquist, vice president, Americas, Milestone Systems Following the ratification, the SIA Executive Committee for 2020 includes: Chairman: Pierre Trapanese, CEO, Northland Controls Director of Technology: Kim Loy, Vandebilt Treasurer: Scott Dunn, director, business development, Axis Communications Secretary: Lynn de Séve, president, GSA Schedules Inc. Immediate Past Chairman: Scott Schafer, principal, SMS Advisors New additions to SIA Board I am thankful to SIA for welcoming me as SIA chairman and entrusting me with the responsibilities of this role" Additionally, three existing SIA board members – Janet Fenner, chief marketing officer at Intelligent Security Systems; John E. Mack III, executive vice president, co-head of investment banking and head of mergers and acquisitions at Imperial Capital; and Tom Nakatani, vice president of customer monitoring technology and product development at ADT – renewed their involvement in the SIA Board of Directors for an additional term. “I am thankful to SIA for welcoming me as SIA chairman and entrusting me with the responsibilities of this role,” said Trapanese. “We congratulate the new and returning members to the SIA Board of Directors and the SIA Executive Committee – this is a remarkable group of security leaders poised to guide the association and industry forward.” SIA Board of Directors The SIA Board of Directors is comprised of industry professionals representing a broad spectrum of interests in the security industry. The full list of current board members can be found here. During The Advance, in addition to announcing the new board chairman, new and returning board members and executive committee, SIA shared market intelligence for the year ahead and presented its annual membership awards – the SIA Chairman’s Award, Sandy Jones Volunteer of the Year Award, Committee Chair of the Year Award and Member of the Year Award.

Related white papers

OSDP is the strongest access control for your business

Is your access control as effective as you think?

The role of IT in physical access control