Audio, video or keypad entry - Expert commentary

The digital transformation of access control solutions
The digital transformation of access control solutions

The safeguarding of premises through the monitoring of entrance and exit points has traditionally been a very manual aspect of security. Human operators have been relied on to make decisions about who to admit and deny based on levels of authorisation and the appropriate credentials. But the access control business, like many industries before it, is undergoing its own digital transformation; one where the protection of premises, assets and people is increasingly delivered by interconnected systems utilising IoT devices and cloud infrastructure to offer greater levels of security and protection. Modern access control solutions range from simple card readers to two factor authentication systems using video surveillance as a secondary means of identification, right through to complex networks of thermal cameras, audio speakers and sensors. These systems, connected through the cloud, can be customised and scaled to meet the precise requirements of today’s customer. And it’s the ease of cloud integration, combined with open technologies and platforms that is encouraging increasing collaboration and exciting developments while rendering legacy systems largely unfit for purpose. Remote management and advanced diagnostics Cloud technology and IoT connectivity means remote management and advanced diagnostics form an integral part of every security solution.Cloud technology and IoT connectivity means remote management and advanced diagnostics form an integral part of every security solution. For example, as the world faces an unprecedented challenge and the COVID-19 pandemic continues to cause disruption, the ability to monitor and manage access to sites remotely is a welcome advantage for security teams who might otherwise have to check premises in person and risk breaking social distancing regulations. The benefits of not physically having to be on site extend to the locations within which these technologies can be utilised. As an example, within a critical infrastructure energy project, access can be granted remotely for maintenance on hard to reach locations. Advanced diagnostics can also play a part in such a scenario. When access control is integrated with video surveillance and IP audio, real-time monitoring of access points can identify possible trespassers with automated audio messages used to deter illegal access and making any dangers clear. And with video surveillance in the mix, high quality footage can be provided to authorities with real-time evidence of a crime in progress. Comprehensive protection in retail Within the retail industry, autonomous, cashier-less stores are already growing in popularity The use of connected technologies for advanced protection extends to many forward-looking applications. Within the retail industry, autonomous, cashier-less stores are already growing in popularity. Customers are able to use mobile technology to self-scan their chosen products and make payments, all from using a dedicated app. From an access control and security perspective, connected doors can be controlled to protect staff and monitor shopper movement. Remote management includes tasks such as rolling out firmware updates or restarting door controllers, with push notifications sent immediately to security personnel in the event of a breach or a door left open. Remote monitoring access control in storage In the storage facility space, this too can now be entirely run through the cloud with remote monitoring of access control and surveillance providing a secure and streamlined service. There is much to gain from automating the customer journey, where storage lockers are selected online and, following payment, customers are granted access. Through an app the customer can share their access with others, check event logs, and activate notifications. With traditional padlocks the sharing of access is not as practical, and it’s not easy for managers to keep a record of storage locker access. Online doors and locks enable monitoring capabilities and heightened security for both operators and customers. The elimination of manual tasks, in both scenarios, represents cost savings. When doors are connected to the cloud, their geographical location is rendered largely irrelevant. Online doors and locks enable monitoring capabilities and heightened security for both operators and customers They become IoT devices which are fully integrated and remotely programmable from anywhere, at any time. This creates a powerful advantage for the managers of these environments, making it possible to report on the status of a whole chain of stores, or to monitor access to numerous storage facilities, using the intelligence that the technology provides from the data it collects. Open platforms power continuous innovation All of these examples rely on open technology to make it possible, allowing developers and technology providers to avoid the pitfalls that come with the use of proprietary systems. The limitations of such systems have meant that the ideas, designs and concepts of the few have stifled the creativity and potential of the many, holding back innovation and letting the solutions become tired and their application predictable. Proprietary systems have meant that solution providers have been unable to meet their customers’ requirements until the latest upgrade becomes available or a new solution is rolled out. This use of open technology enables a system that allows for collaboration, the sharing of ideas and for the creation of partnerships to produce ground-breaking new applications of technology. Open systems demonstrate a confidence in a vendor’s own solutions and a willingness to share and encourage others to innovate and to facilitate joint learning. An example of the dynamic use of open technology is Axis’ physical access control hardware, which enables partners to develop their own cloud-based software for control and analysis of access points, all the while building and expanding on Axis’ technology platform. Modern access control solutions range from simple card readers to two factor authentication systems using video surveillance as a secondary means of identification Opportunities for growth Open hardware, systems and platforms create opportunities for smaller and younger companies to participate and compete, giving them a good starting point, and some leverage within the industry when building and improving upon existing, proven technologies. This is important for the evolution and continual relevance of the physical security industry in a digitally enabled world. Through increased collaboration across technology platforms, and utilising the full range of possibilities afforded by the cloud environment, the manufacturers, vendors and installers of today’s IP enabled access control systems can continue to create smart solutions to meet the ever-changing demands and requirements of their customers across industry.

A secured entrance is the first defence against an active shooter
A secured entrance is the first defence against an active shooter

The statistics are staggering. The death tolls are rising. And those who now fear environments that were once thought to be safe zones like school campuses, factories, commercial businesses and government facilities, find themselves having to add the routine of active-shooter drills into their traditional fire drill protocols. The latest active shooter statistics released by the FBI earlier this year in their annual active-shooter report designated 27 events as active shooter incidents in 2018. The report reveals that 16 of the 27 incidents occurred in areas of commerce, seven incidents occurred in business environments, and five incidents occurred in education environments. Deadly active-shooter events Six of the 12 deadliest shootings in the country have taken place in the past five years Six of the 12 deadliest shootings in the country have taken place in the past five years, including Sutherland Springs church, Marjory Stoneman Douglas High School, the San Bernardino regional center, the Walmart in El Paso and the Tree of Life Synagogue in Pittsburgh, which have all occurred since 2015. Although these incidents occurred in facilities with designated entry points common to churches, schools and businesses, the two most deadly active-shooter events since 2015 were the Route 91 Harvest music festival shooting in Las Vegas that left 58 dead and the Pulse nightclub killings in Orlando where 49 perished. As Christopher Combs, special agent in charge of the FBI field office in San Antonio, Texas, said during a news conference following the August 31 mass shooting in Odessa, Texas that claimed seven lives: “We are now at almost every two weeks seeing an active shooter in this country." Active shooter incidents Between December 2000 and December 2018, the FBI’s distribution of active shooter incidents by location looks like this: Businesses Open to Pedestrian Traffic (74) Businesses Closed to Pedestrian Traffic (43) K-12 Schools (39) Institutions of Higher Learning (16) Non-Military Government Properties (28) Military Properties—Restricted (5) Healthcare Facilities (11) Houses of Worship (10) Private Properties (12) Malls (6) What the majority of these venues have in common is they all have a front entrance or chokepoint for anyone entering the facilities, which is why any active-shooter plan must include a strategy to secure that entry point. Situational awareness in perimeter and door security Preventing people with the wrong intentions from entering the space is the goal" According to Paul Franco, an A&E with more than 28 years of experience as a consultant and systems integrator focusing on schools, healthcare and large public and private facilities, that while active shooter incidents continue to rise, the residual effect has been an increase in situational awareness in perimeter and door security. “Certainly, protecting people and assets is the number one goal of all our clients. There are multiple considerations in facilities like K-12 and Healthcare. Preventing people with the wrong intentions from entering the space is the goal. But a critical consideration to emphasise to your client is getting that person out of your facility and not creating a more dangerous situation by locking the person in your facility,” says Franco. High-security turnstiles “Schools today are creating a space for vetting visitors prior to allowing access into the main facility. Using technology properly like high-security turnstiles offer great benefits in existing schools where space constraints and renovation costs can be impractical.” What steps should they be taken when recommending the proper door security to ensure the building is safe As a consultant/integrator, when discussions are had with a client that has a facility in a public space like a corporate building, government centre or industrial facility, what steps should they be taken when recommending the proper door security to ensure the building is safe and can protect its people and assets? For Frank Pisciotta, President and CEO of Business Protection Specialists, Inc. in Raleigh, North Carolina, a fundamental element of his security strategy is making appropriate recommendations that are broad-based and proactive. Properly identifying the adversaries “As a consultant, my recommendations must include properly identifying the adversaries who may show up at a client’s door, the likelihood of that event occurring, the consequences of that event occurring, determining if there are tripwires that can be set so an organisation can move their line of defence away from the door, educating employees to report potential threats and creating real-time actionable plans to respond to threats. A more reactionary posture might include such thing as target hardening such as ballistic resistant materials at entry access points to a facility,” Pisciotta says. Veteran consultant David Aggleton of Aggleton & Associates of Mission Viejo, California recommends that clients compartmentalise their higher security areas for limited access by adding multiple credential controls (card + keypad + biometric), along with ‘positive’ access systems that inhibit tailgating/piggybacking such as secure turnstiles, revolving door and mantrap if your entrances and security needs meet the required space and access throughput rates. Integrated solution of electronic access control Defining a single point of entry in some public facilities is becoming the new standard of care according to many A&Es and security consultants, especially in a school environment. This approach allows a concerted effort when it comes to staffing, visitor monitoring and an integrated technology solution. The bottom line remains: most buildings are vulnerable to a security breach A proactive stance to securing a door entryway will use an integrated solution of electronic access control, turnstiles, revolving doors and mantraps that can substantially improve a facility’s security profile. The bottom line remains: most buildings are vulnerable to a security breach, so it’s not a matter of if there will be a next active shooter tragedy, it’s only a matter of where. Enhancing access control assurance “There is no easy answer to this question,” says Pisciotta referring to how a secured entrance can deter an active shooter. “There have been at least two high-profile incidents of adversaries shooting their way into a facility through access control barriers. So, if the threat so dictates, a ballistic resistant might be required.” He concludes: “There is obviously no question that turnstiles, revolving doors and man traps enhance access control assurance. Electronic access control is easy to integrate with these devices and providing that credentials are secure, approval processes are in place, change management is properly managed and the appropriate auditing measures in place, access control objectives can be met.”

Are mobile credentials more secure than smart cards?
Are mobile credentials more secure than smart cards?

For the past several years, there has been a focus by integrators and customers to assure that their card-based access control systems are secure. To give businesses an extra incentive to meet their cybersecurity threats, the Federal Trade Commission (FTC) has decided to hold the business community responsible for failing to implement good cybersecurity practices and is now filing lawsuits against those that don't. For instance, the FTC filed a lawsuit against D-Link and its U.S. subsidiary, alleging that it used inadequate safeguards on its wireless routers and IP cameras that left them vulnerable to hackers.Many companies perceive that they are safer with a card but, if done correctly, the mobile can be a far more secure option  Now, as companies are learning how to protect card-based systems, such as their access control solutions, along comes mobile access credentials and their readers which use smart phones instead of cards as the vehicle for carrying identification information. Many companies perceive that they are safer with a card but, if done correctly, the mobile can be a far more secure option with many more features to be leveraged. Handsets deliver biometric capture and comparison as well as an array of communication capabilities from cellular and Wi-Fi to Bluetooth LE and NFC. As far as security goes, the soft credential, by definition, is already a multi-factor solution. Types of access control authentication Access control authenticates you by following three things: Recognises something you have (RFID tag/card/key), Recognises something you know (PIN) or Recognises something you are (biometrics). Your smart phone has all three authentication parameters. This soft credential, by definition, is already a multi-factor solution. Your mobile credentials remain protected behind a smart phone's security parameters, such as biometrics and PINs. Organisations want to use smart phones in their upcoming access control implementations Once a biometric, PIN or password is entered to access the phone, the user automatically has set up 2-factor access control verification - what you know and what you have or what you have and a second form of what you have.                 To emphasise, one cannot have access to the credential without having access to the phone. If the phone doesn’t work, the credential doesn’t work. The credential operates just like any other app on the phone. The phone must be “on and unlocked.” These two factors – availability and built-in multi-factor verification – are why organisations want to use smart phones in their upcoming access control implementations. Smart phone access control is secure Plus, once a mobile credential is installed on a smart phone, it cannot be re-installed on another smart phone. You can think of a soft credential as being securely linked to a specific smart phone. Similar to a card, if a smart phone is lost, damaged or stolen, the process should be the same as with a traditional physical access credential. It should be immediately deactivated in the access control management software - with a new credential issued as a replacement. Your mobile credentials remain protected behind a smart phone's security parameters, such as biometrics and PINs Leading readers additionally use AES encryption when transferring data. Since the Certified Common Criteria EAS5+ Computer Interface Standard provides increased hardware cybersecurity, these readers resist skimming, eavesdropping and replay attacks.            When the new mobile system leverages the Security Industry Association's (SIA) Open Supervised Device Protocol (OSDP), it also will interface easily with control panels or other security management systems, fostering interoperability among security devices.All that should be needed to activate newer systems is simply the phone number of the smart phone Likewise, new soft systems do not require the disclosure of any sensitive end-user personal data. All that should be needed to activate newer systems is simply the phone number of the smart phone. Bluetooth and NFC the safer options Bottom line - both Bluetooth and NFC credentials are safer than hard credentials. Read range difference yields a very practical result from a security aspect. First of all, when it comes to cybersecurity, there are advantages to a closer read range. NFC eliminates any chances of having the smart phone unknowingly getting read such as can happen with a longer read range. There are also those applications where multiple access readers are installed very near to one-another due to many doors being close. One reader could open multiple doors simultaneously. The shorter read range or tap of an NFC enabled device would stop such problems. However, with this said in defence of NFC, it must also be understood that Bluetooth-enabled readers can provide various read ranges, including those of no longer than a tap as well. One needs to understand that there are also advantages to a longer reader range capability. Since NFC readers have such a short and limited read range, they must be mounted on the unsecure side of the door and encounter all the problems such exposure can breed. Conversely, Bluetooth readers mount on the secure sides of doors and can be kept protected out of sight. Aging systems could cause problems Research shows that Bluetooth enabled smart phones are continuing to expand in use to the point where those not having them are already the exceptions With that said, be aware. Some older Bluetooth-enabled systems force the user to register themselves and their integrators for every application. Door access – register. Parking access – register again. Data access – register again, etc. Newer solutions provide an easier way to distribute credentials with features that allow the user to register only once and need no other portal accounts or activation features. By removing these additional information disclosures, vendors have eliminated privacy concerns that have been slowing down acceptance of mobile access systems. In addition, you don’t want hackers listening to your Bluetooth transmissions, replaying them and getting into your building, so make very sure that the system is immunised against such replays. That’s simple to do. Your manufacturer will show you which system will be best for each application. Research shows that Bluetooth enabled smart phones are continuing to expand in use to the point where those not having them are already the exceptions. They are unquestionably going to be a major component in physical and logical access control. Gartner suggests that, by 2020, 20 percent of organisations will use mobile credentials for physical access in place of traditional ID cards. Let’s rephrase that last sentence. In less than 18 months, one-fifth of all organisations will use the smart phone as the focal point of their electronic access control systems. Not proximity. Not smart cards. Phones!

Latest Ajax Systems news

Ajax Systems highlights importance of controlling home automation device using a button trigger
Ajax Systems highlights importance of controlling home automation device using a button trigger

The button (wireless panic button) operates at up to 1,300 meters from the hub and is indispensable in situations where one’s life is at risk. Moreover, the button is a simple way to control a smart home. Set up the automation device response to button pressing and switch the lights off, close the gates, or open roller shutters with a single click. The button is tiny and weightless, resistant to dust and splashes. It can be easily attached onto any surface, worn on the wrist or around the neck. Keep it always close by! Protection against false pressing As soon as the hub receives a signal from button, it instantly sends notifications to all users of the system and the security company. If necessary, it can also activate sirens. A child left home alone can press a button to call for help if they hear a stranger banging on the door. If a cashier is at risk, they can easily reach button installed inside the cash register and raise a silent alarm. Ajax has developed a two-level system for protection against false pressing And the security patrol will know precisely where the problem is thanks to the informative Ajax security system notifications. Button notifications are SOS signals in the security language. Security companies respond to them immediately. Understanding the cost of false alarms, Ajax has developed a two-level system for protection against false pressing. A single button is recessed into the body of the device. One can carry button in a pocket of their pants, in a handbag, or keep it by the bed. Remote control for automation devices It will only send the signal when pressed with a finger. For additional protection, button can be configured to react to a double pressing or a long hold. Button is a simple and reliable way to raise an alarm instantly when the security system is disarmed: during business hours or when the family is at home. Hubs on OS Malevich 2.8 or later allow using button as a remote control for automation devices. In the Control mode, button has two pressing options: short and long (the button is pressed for more than 3 seconds). In turn, these presses trigger one or more automation devices: Relay, WallSwitch, or Socket. Such scenarios allow automating the security system and reducing the number of routine actions. Switch the lights on, turn water off, open the gates, block electric locks with a single button press.

Ajax Systems introduce Hub 2 to guard homes, offices, and personal boundaries
Ajax Systems introduce Hub 2 to guard homes, offices, and personal boundaries

With Hub 2, a user will no longer need to live under round-the-clock camera surveillance to know why an alarm has gone off. Like the first generation of hubs, Hub 2 protects the user’s property against burglars, fire, and flood. But unlike its predecessors, it sends not only alarm notifications but also animated series of images from MotionCam motion detectors. Thanks to the optional Wings radio protocol, a built-in battery, and two SIM card slots, Hub 2 is independent of the guarded facility infrastructure. It will continue protecting the user’s family and property, even if the building has lost power and Internet connection. Hub 2 is a control tool for safe homes, offices, shops, or even industrial facilities. The control panel can manage up to a 100 of Ajax detectors and devices on a distance of up to 2000 metres. And this is not the limit - the ReX radio signal range extender boosts the hub’s coverage area to up to 16 km². Protection of any scale The new hub has three channels to communicate with the users and security companies: Ethernet and two slots for SIM cards. The second slot allows users to improve stability by choosing two different GSM operators. And thanks to the instantaneous switching between communication channels, Hub 2 is guaranteed to transmit photos and alarms even with an unstable Internet connection. The list of features of the Ajax hubs expands every year with the regular updates of the OS Malevich operating system. To ensure the future development of the Hub 2, Ajax Systems has increased the amount of ROM and RAM and equipped it with a fast processor.

Ajax Systems releases MotionCam and Hub 2 as the next level of informative alarm systems
Ajax Systems releases MotionCam and Hub 2 as the next level of informative alarm systems

Even the most reliable security equipment is never fully protected from false alarms. Most of the time, they occur due to simple oversights, hyperactive pets, or incorrect installation. But when the security companies react to false alarms, they risk getting late in case of a real emergency. Some send security patrols to check the unverified alarms right away. The others count the detector triggerings before responding and lose precious minutes in the result. In any case, false alarms bring stress for the consumers and the risk of suffering losses. Prime security companies found the solution in photo and video alarm verification. Both options came with serious compromises. On the one hand, motion detectors equipped with cameras provided a technical possibility to see what triggered the alarm. But the systems that support such devices required frequent maintenance (due to low battery life), delivered low-quality pictures, and were significantly overpriced. Wireless security system On the other hand, video surveillance allowed for a 24/7 monitoring but came with the new difficulties: complicated installation and configuration, total dependence on the building’s infrastructure, high risks of malfunctioning and exploits, as well as the privacy issues. Both solutions didn’t have a chance to become the new security standard. The market required the new cost-efficient solution that would unite the reliability and informing efficiency of the best security systems with the visual capabilities of the cameras. Ajax Systems was one of the first ones to develop the security system with visual alarm verification. Just like they were not the ones to invent wireless security system when launching Jeweller. Parallel transmission of alarms With Wings, the user can view the first snapshot of the situation in under 9 seconds But that fact gave them company an opportunity to rethink the experience of using the equipment from the consumer’s and the service provider’s points of view. They tested and analysed the weak spots and best practices in the industry and eventually created a breakthrough product in terms of informing speed, communication distance, and battery life. To ensure fast and reliable transmission of the photo confirmations, the company developed a new Wings radio protocol based on Jeweller. The technologies that MotionCam and Hub 2 use to communicate, nullify the interference between channels during the parallel transmission of alarms and pictures. With Wings, the user can view the first snapshot of the situation in under 9 seconds while the alarm signals sent via Jeweller are still delivered in a split second. Camera-equipped detector Photo transmission does not shorten the MotionCam communication range. Just like the rest of the Ajax detectors, the new gadget operates at a distance of 1700 metres from the hub. This number is one of the top performance results for a camera-equipped detector. The Ajax security system still covers an area of up to 12 km², which is enough to protect the multi-story buildings but now with visual alarm verification. MotionCam features an extraordinary - for a camera-equipped detector - autonomy with up to 4 years of battery life. This is not an optimistic forecast with ideal use conditions. Instead, it is an estimate for the typical operating conditions, which includes the regular activations and changes in weather conditions. And they have considered the privacy issue. The MotionCam detectors activate their cameras only if triggered by motion when the system is armed. Indoor motion detector Without a doubt, the Wings technology sets the new standards in the security industry" The users and the security company have no way to access the camera and request to take pictures. All photos are encrypted during transmission, and as they are stored at the Ajax Cloud (just like all the events in the security system’s log). No one analyses and processes the photographs from the detectors. MotionCam and Hub 2 raise the informing quality of the Ajax security system to the next level while preserving its fundamental characteristics. MotionCam can easily replace any indoor motion detector, which makes upgrading the security system as painless as possible. It will forever change the user’s attitude to alarms, yet they still won’t be bothered with the system maintenance for years to come. Phenomenal energy efficiency “I am proud that we can make such inventions. Without a doubt, the Wings technology sets the new standards in the security industry. Fast photo transmission at a distance of 1700 metres with phenomenal energy efficiency - it’s magic that was previously unavailable on the market. We’ve managed to boost the informing quality of the system to the next level and preserve the familiar user experience at the same time,” says Aleksandr Konotopskyi, CEO Ajax Systems.

Related white papers

RFID and smartphone readers in physical access control

The role of IT in physical access control

Mobile Access - What you need to know