Intruder Detectors & Detection Systems

Surveillance systems can track the locations of mobile phone users and spy on their calls, texts and data streams. The Washington Post has reported on such systems that are being turned against travellers around the world, according to security experts and U.S. officials. The summer season highlights the need to take extra precautions when travelling. When travelling anywhere in the world, for business or pleasure, citizens need to be aware of and alert to looming physical and cybersecurity threats. To elaborate on expert security tips, strategies and advice for traveling this summer, we presented several questions to The Chertoff Group, a global security advisory firm that enables clients to navigate changes in security risk, technology and policy. Chris Duvall, Senior Director at The Chertoff Group, offers insights into cybersecurity concerns, physical security precautions, and recommends digital resources/apps for consumers while traveling. Q: How are security risks – physical and digital – changing? Why are threats greater today than five years ago? The exponential number of headlines over the past few years is a strong indication that both physical and digital risks are evolving and increasing Duvall: The exponential number of headlines over the past few years is a strong indication that both physical and digital risks are evolving and increasing. The scope, severity and complexity of physical and cyber risks are increasing and becoming more dangerous and destructive. This is especially true for those travelling outside the U.S. On the physical side, threat actors are actively seeking “soft targets” – public events, social settings, mass audience venues, etc. – to communicate their message, sow chaos and inflict catastrophic harm. On the digital or cyber side, we have seen a shift from “thrill hacking,” to an increase of “hacking as a business” (through credential compromise and ransomware), to an increase in “hacking for harm” - with the rise of “nuke ware” and ransomware without a clear financial motivation. Q. What specific precautions should a traveller take to protect their calls, texts and data streams from being spied on? Duvall: When travelling abroad, we recommend to our clients that their personnel and executives should practice good internet and social media hygiene. Some best practices include: Avoid using public Wi-Fi services—unless you use private VPN service for encryption Increase the privacy setting on your technical devices Disable location identifiers on apps Create a new (unlinked) email for internet correspondence Consider purchasing international MyFi devices to decrease the risk of getting your personal identification information (PII) or protected healthcare information (PHI) stolen  Use temporary (i.e. burner) phones to protect your data and your contacts Q. What cybersecurity concerns are likely to impact travellers? Are the threats greater outside the United States or in any specific parts of the world? Significant precautions should be taken to protect personal electronic devices (PEDs) and the data connected to PEDs Duvall: The international cybersecurity landscape has grown increasingly dynamic, with threats posed by government authorities (in some countries), terrorists, insurgents, and criminals, requiring travelers to be proactive and vigilant. U.S. citizens, particularly executives of U.S.-based technology companies, must be aware that they are considered high-value targets for nation-state intelligence services and criminally-motivated bad actors. Many countries will go to great lengths and expense to acquire and exploit proprietary information from U.S.-based companies, and views U.S. executives visiting the country as “soft” targets of opportunity. As such, significant precautions should be taken to protect personal electronic devices (PEDs) and the data connected to PEDs. The tactics, techniques and procedures (TTPs) utilised by bad actors are often covert and nearly undetectable by the affected person. Threat actors routinely access, monitor and utilise Wi-Fi networks at hotels and in public spaces to compromise target devices. Other targeting methods include luggage searches, extensive questioning, and unnecessary inspection and downloading of information from personal electronic devices. There are numerous, high-risk countries for which the U.S. Government warns travellers to be wary of mobile malware, mobile device privacy attacks and hot spots for mobile botnets. The U.S. Department of State has the most recent and up-to-date list. For example, the U.S. Government has investigated numerous incidents in which U.S. travellers’ PEDs (personal and company devices) have been compromised by Russian authorities while transiting Russian airports, left unattended in public spaces and in travellers’ hotel rooms.  When travelling to an unfamiliar place, research your destination to understand the local roads and transportation, geography, local roads, culture, etiquette and laws Q: What physical security precautions should a traveller take? Duvall: Here are some useful precautions: When traveling to an unfamiliar place, research your destination to understand the local roads and transportation, geography, local roads, culture, etiquette and laws. Protect your personal information and travel itinerary as much as possible. Limit the amount of jewelry worn, cash, credit cards and electronic devices carried while traveling. Avoid staying on the ground floor of a hotel. Consider choosing a room on the 2nd through 7th floors as these rooms may be more difficult to break into than those on the ground level, but still able to be accessed by fire/emergency response equipment. Never answer your hotel room door for anyone until you’ve determined who they are, why they are at your door, and if it is necessary for you to open the door to interact with them. Carry a rubber door stop/wedge with you to install on the room side of the door before you go to bed. Vary your patterns and routines when venturing out in to a new location, do not become predictable. Politely decline offers of food or drink from strangers (If you do accept beverages, ensure that they are in sealed containers and that there is no evidence of tampering). Never discuss your itinerary, personal, business or other sensitive information where others can hear you. Q: How can companies be proactive in protecting their business travellers? Companies should educate their employees on the importance of maintaining good internet hygiene while travelling abroad Duvall: When travelling on business, companies should provide their employees with clean computers and cell phones before departure. Upon return, the company should immediately wipe the computer clean to prevent any malicious threats from penetrating the company’s internal, cyber-infrastructure. Additionally, companies should educate their employees on the importance of maintaining good internet hygiene and recommend their employees disconnect from social media platforms while travelling abroad. Some general tips to recommend to your employees when travelling abroad include: Register in the Smart Traveler Enrollment Program (https://step.state.gov/step/) Visit Travel.State.Gov to view travel related information specific to the country or countries you’re visiting, including local US Embassy or Consulate contact information, as well as current travel advisories and alerts. Always leave a copy of your transportation and hotel itinerary and driver’s license (or passport if travelling internationally) with a family member or trusted friend. Always use a baggage tag with a protective cover Avoid using public Wi-Fi services Q: What digital resources and/or apps might a traveller benefit from (and how)? Duvall: The Chertoff Group recommends researching the below travel-related apps before departing on a trip: TravWell: This app provides destination-specific vaccine recommendations, a checklist of what you need to do to prepare for travel, and a customisable healthy travel packing list. The app can store travel documents, keep records of medications and immunisations, and set reminders to get vaccine booster doses or take medicines. My TSA: This app provides real-time updates on airport delays. It includes how long security lines are at various airports; information about what you can and cannot bring onto an airplane; and a frequently-asked question list, including new advanced imaging technology. Border Wait Time: The app provides estimated wait times and open-lane status at land ports of entry, which may be particularly helpful when in an area with multiple crossings. Mobile Pass: The Mobile Passport app speeds you through U.S. Customs and Border Protection at (1) cruise port and (24) airports Q: As a security expert, what’s your best advice for travellers? Duvall: At the end of the day, travel security is not rocket science. Simply put, travellers need to: Be aware and situationally alert at all times. Be aware and situationally alert to the location of your luggage and carry-ons at all times. Don’t access unknown, unsecured or public Wi-Fi if at all possible. Turn off “auto connect” features and institute stringent privacy controls as much as possible. Try to “blend in” – you don’t have to try to look like a local but travellers should avoid gaudy and expensive attire wherever possible. Use your common sense – if an offer, invitation or opportunity seems to good to be true... it probably is.

Over the course of the past few months, I have discussed a myriad of topics, from Big Data, the Internet of Things and emerging video surveillance-use cases, to analytics, storage complexities and IT technologies like virtualisation and hyperconverged infrastructure (HCI). All of these trends have a significant effect on the security market, and in April they were highlighted in spades at ISC West. It’s great to talk about these trends but it’s far better to see how they are being leveraged in real-world applications. That’s really where we can all see the true value of new solutions and concepts. We’re lucky enough to work with some leading organisations that want others to benefit from their experience and I’m happy to have the opportunity to share two of these applications with you. Protecting educational facilities UCF has adopted advancements in technology, particularly video surveillance solutions, to help ensure stronger security on campus Educational institutions face an increasingly complex risk environment. Recent high-profile incidents emphasise these risks and magnify the vulnerabilities that educational facilities face. These incidents have led to more public demand for improved security solutions across campuses. The primary mission of these organisations is to deliver quality education to students, and they face the challenge of balancing between a highly secure facility and one that supports open interaction. The University of Central Florida is no different. This organisation, one of the largest universities in the country, has adopted advancements in technology, particularly video surveillance solutions, to help ensure stronger security on campus. Active shooter incidents In March 2013, UCF faced an active shooter situation in which a former student planned to pull the fire alarm in a residence hall and then attack his classmates as the building was evacuated. However, the shooter’s gun jammed, and as officers were closing in on the gunman, he took his own life. During the university’s response to the incident, accessibility to critical video data was a major issue. Educational institutions face an increasingly complex risk environment UCF had cameras in the area where the incident took place, but first responders had no way of viewing the footage without being at the physical location of the video recorder. At the time, UCF had a wide variety of standalone systems in place, including non-integrated video surveillance, access control and intrusion systems. As a result, there was no way to centralise video management, viewing and analysis. Upgrading from analogue systems Altogether, its security system consisted of older analogue platforms that were reaching end of life, 58 standalone servers, 12,000 access points and a wide variety of DVRs — all being managed in a siloed manner. UCF needed a solution that would allow officials to centralise system management, store video data more effectively and reliably, and enable the security team to deliver situational awareness to responders when needed. Security leaders sought a way to further modernise its security, surveillance, access control and IT infrastructure The university deployed an HCI solution, one that is optimised for demanding, data-intensive workloads like video surveillance. Using standard off-the-shelf server hardware, the system aggregates the storage and compute resources from multiple servers into a single unified pool that all cameras can access, which maximises performance and storage capacity utilisation. The platform also hosts the university’s video management solution, which serves as a centralised source to manage video and effectively protect its security data. Because of the growing demand for video across UCF's campuses — for both safety and business purposes — the HCI solution’s ability to eliminate the opportunity for data loss and easily scale were key components in its selection. Protecting air travel and airports In 2012, Charleston International Airport embarked on an ambitious upgrade project dubbed the Terminal Redevelopment and Improvement Program. The $200 million initiative was designed to modernise and expand the facility to meet increased passenger demand. While the aesthetics and amenities of the airport were under construction, security leaders sought a way to further modernise its security, surveillance, access control and IT infrastructure. The IT and security teams needed to address the challenges of their existing standalone server environment, which included siloed systems, management complexity and high administrative and equipment costs. Charleston International Airport embarked on an ambitious upgrade project dubbed the Terminal Redevelopment and Improvement Program Considering the high value of the airport’s video, security and IT data, it required a solution that could deliver reliable data protection, system resiliency and fault tolerance. The airport is required to store video for 30 days, but it seeks to expand its retention time to 60 days. Therefore, technology that can scale simply was key in the selection process. Storage system updates It also required a storage platform that could manage the demanding and write-intensive nature of its nearly 250 IP surveillance cameras — a challenging task for traditional video recorders. The airport deployed HCI appliances to better manage captured video data and expand its archive capability for video surveillance. Users rely on video to validate whether something did or did not happen - and this is essential in airports HCI surveillance solutions are designed to provide industry-leading resiliency. Even if multiple hardware failures occur, including an entire appliance, video management servers will remain online and recording, and any previously recorded video will continue to be protected and accessible. Reducing expenses and costs The solution also reduced total cost of operations by consolidating servers, storage and client workstations into one enterprise-class solution that is easily managed from a single user interface, without the need for specialised IT skills. These use cases demonstrate the value emerging technologies bring to these types of modern environments. And they show that solutions like HCI are no longer simply much-talked about technology trends. Video, IT and security data is critical to organisations of all types and they need to ensure their investment in capturing this data is protected. From a security standpoint, users rely on video to validate whether something did or did not happen. If that video data isn’t protected, they lose a very valuable investigative tool. That isn’t an option in today’s complex environment. That’s is why it is paramount to understand how new technologies can help expand current capabilities and evolve security operations. This can’t be left to chance.

Despite the huge amount of video data collected, statistics show that only 10 percent of data is ever used and most loses its value within seconds of being generated. Why use such a limited amount of data? Many security organisations are focused on delivering the right information in case of an emergency or providing the correct evidence after a criminal act. Yet the fact is, a new video security system can be a large investment. Together with the service, maintenance and management costs associated with it, most video systems are currently considered overhead. So how can you maximise the value of your video system? Video analytics ensure surveillance images are continuously analysed in real-time to alert users to things that need attention. This helps organisations make sense of video data and adds an extra layer of protection by providing alerts to potential security risks before or as they occur, such as detecting loitering in a parking lot or a perimeter breach after hours.Integrating analytic alerts with other security systems enables organisations to use the data to trigger responses from other components of the security solution Video analytics can be programmed to alert on things such as line/perimeter crossing, illegal parking, loitering: people counting, speeding in areas like parking lots, colour matching alerts. These are just some of the ways video analytics can assist to enhance security and safety. Video analytics trigger system events Integrating analytic alerts with other security systems enables organisations to use the data to trigger responses from other components of the security solution. This can increase overall security, better mitigate risk, and reduce complexity for users to improve efficiency. For example, intelligent cameras equipped with video analytics can initiate intrusion detection system events when alarms are triggered. The analytic alert can immediately fault a corresponding point on the panel. This can prompt the panel to communicate the alarm to the central station or to send video snapshots to security personnel. In a retail store or warehouse environment, video analytics can also alert to an emergency exit that has been blocked by a pallet of boxes or by another object. Using an idle object rule, the IP camera with analytics can alert when an object remains in the area for longer than a pre-defined amount of time. People counting and crowd detection can also help organisations improve customer satisfaction by monitoring for long lines or people gathered in an area When this occurs, the alert can fault a point on the intrusion control panel, which can then send an email or text message with a video snapshot to the store or warehouse manager. This can help to prevent code violations and unsafe conditions. Extending beyond security Not only can video analytics detect threats, alert to security breaches, and help enforce health and safety regulations, it can also do much more. It can enable organisations to re-purpose the data for new uses for the business—offering valuable insights to other departments within an organisation, such as providing the ability to analyse behaviour in retail stores to help merchandisers create more effective display placements. How is this possible? Analytics can provide organisations with the additional information about video data that they need to re-purpose it for a business advantage. The cameras can interpret data directly at the source and re-assign it to help organisations make smarter decisions.By providing business information that goes beyond conventional security applications, new functionality can easily be added to a video security system This includes monitoring presence to reduce utility bills, identifying patterns in customer activity to improve sales, and distinguishing road blocks to optimise retail shop layout and increase customer satisfaction. Improving customer satisfaction People counting and crowd detection can also help organisations improve customer satisfaction by monitoring for long lines or people gathered in an area, indicating additional assistance may be needed. By providing business information that goes beyond conventional security applications, new functionality can easily be added to a video security system. In this way, video analytics can help organisations reduce costs, increase efficiency, and improve sales. The organisation gains greater value from the system and a return on investment that can be measured in tangible business results. Then, the video system is no longer considered overhead. Overall, using video analytics as part of an integrated security system and fully using the data gained from the analytics can help you better meet your organisation’s needs for security and extend surveillance data to deliver additional business benefits. I believe that every business should be able to take advantages of these advances in technology - without the need for additional investment or a license fee. Every business is different, and new analytics solutions should be adaptaple to meet your exact needs. Thinking beyond security opens up video analytics to revolutionise how video data will be used in the future and can take data usage to a whole new level.