PCSC Intruder Detectors & Detection Systems  (2)

Today’s organisations face numerous diverse threats to their people, places and property, sometimes simultaneously. Security leaders now know all too well how a pandemic can cripple a company’s ability to produce goods and services, or force production facilities to shut down, disrupting business continuity. For example, a category three hurricane barreling towards the Gulf of Mexico could disable the supplier’s facilities, disrupt the supply chain and put unexpected pressure on an unprepared local power grid. Delivering timely critical information Tracking such risk is hard enough, but managing it is even more difficult. A swift response depends on delivering the right information to the right people, at the right time. And, it’s not as easy as it sounds. Indeed, 61 percent of large enterprises say critical information came too late for them, in order to mitigate the impact of a crisis, according to Aberdeen Research (Aberdeen Strategy & Research). These challenges are accelerating the hype around Artificial Intelligence (AI) These challenges are accelerating the hype around Artificial Intelligence (AI). The technology promises to help us discover new insights, predict the future and take over tasks that are now handled by humans. Maybe even cure cancer. Accelerating the hype around AI But is AI really living up to all this hype? Can it really help security professionals mitigate risk? After all, there’s a serious need for technology to provide fast answers to even faster-moving issues, given the proliferation of data and the speed at which chaos can impact operations. Risk managers face three major obstacles to ensuring business continuity and minimising disruptions. These include: Data fatigue - Simply put, there’s too much data for human analysts to process in a timely manner. By 2025, the infosphere is expected to produce millions of words per day. At that pace, you’d need an army of analysts to monitor, summarise and correlate the information to your impacted locations, before you can communicate instructions. It’s a herculean task, made even more difficult, when we consider that 30 percent of this global datasphere is expected to be consumed in real time, according to IDC. Relevance and impact - Monitoring the flood of information is simply the first hurdle. Understanding its impact is the second. When a heat dome is predicted to cover the entire U.S. Pacific Northwest, risk managers must understand the specifics. Will it be more or less hot near their facilities? Do they know what steps local utilities are taking to protect the power grid? Such questions can’t be answered by a single system. Communication - Once you know which facilities are impacted and what actions to take, you need to let your employees know. If the event is urgent, an active shooter or an earthquake, do you have a fast, effective way to reach these employees? It’s not as simple as broadcasting a company-wide alert. The real question is, do you have the ability to pinpoint the location of your employees and not just those working on various floor in the office, but also those who are working from home? How AI and ML cut through the noise Although Artificial Intelligence can help us automate simple tasks, such as alert us to breaking news, it requires several Machine Learning systems to deliver actionable risk intelligence. Machine Learning is a branch of AI that uses algorithms to find hidden insights in data, without being programmed where to look or what to conclude. More than 90 percent of risk intelligence problems use supervised learning, a Machine Learning approach defined by its use of labelled datasets. The benefit of supervised learning is that it layers several pre-vetted datasets, in order to deliver context-driven AI The benefit of supervised learning is that it layers several pre-vetted datasets, in order to deliver context-driven AI. Reading the sources, it can determine the category, time and location, and cluster this information into a single event. As a result, it can correlate verified events to the location of the people and assets, and notify in real time. It’s faster, more customised and more accurate than simple Artificial Intelligence, based on a single source of data. Real-world actionable risk intelligence How does this work in the real world? One telecommunications company uses AI and ML to protect a mobile workforce, dispersed across several regions. An AI-powered risk intelligence solution provides their decision makers with real-time visibility into the security of facilities, logistics and personnel movements. Machine Learning filters out the noise of irrelevant critical event data, allowing their security teams to focus only on information specific to a defined area of interest. As a result, they’re able to make informed, proactive decisions and rapidly alert employees who are on the move. Four must-have AI capabilities To gain real actionable risk intelligence, an AI solution should support four key capabilities: A focus on sourcing quality over quantity. There are tens of thousands of sources that provide information about emerging threats - news coverage, weather services, social media, FBI intelligence and so much more. Select feeds that are trusted, relevant and pertinent to your operations. Swift delivery of relevant intelligence. To reduce the mean-time-to-recovery (MTTR), risk managers need an accurate understanding of what’s happening. Consider the different contextual meanings of the phrases ‘a flood of people in the park’ and ‘the park is at risk due to a flood’. Machine Learning continuously increases the speed of data analysis and improves interpretation. Ability to cross-reference external events with internal data. As it scans different data sources, an AI engine can help you fine-tune your understanding of what’s happening and where. It will pick up contextual clues and map them to your facilities automatically, so you know immediately what your response should be. Ready-to-go communications. Long before a threat emerges, you can create and store distribution, and message templates, as well as test your critical communications system. Handling these tasks well in advance means you can launch an alert at a moment’s notice. The ability to minimise disruptions and ensure business continuity depends on speed, relevance and usability. AI and ML aren’t simply hype. Instead, they’re vital tools that make it possible for security professionals to cut through the noise faster and protect their people, places and property.

The impact of the COVID-19 pandemic has accentuated our digital dependency, on a global scale. Data centres have become even more critical to modern society. The processing and storage of information underpin the economy, characterised by a consistent increase in the volume of data and applications, and reliance upon the internet and IT services. Data centres classed as CNI As such, they are now classed as Critical National Infrastructure (CNI) and sit under the protection of the National Cyber Security Centre (NCSC), and the Centre for the Protection of National Infrastructure (CPNI). As land continues to surge in value, data centre operators are often limited for choice, on where they place their sites and are increasingly forced to consider developed areas, close to other infrastructures, such as housing or industrial sites. Complex security needs One misconception when it comes to data centres is that physical security is straightforward One misconception when it comes to data centres is that physical security is straightforward. However, in practice, things are far more complex. On top of protecting the external perimeter, thought must also be given to factors, such as access control, hostile vehicle mitigation (HVM), protecting power infrastructure, as well as standby generators and localising security devices to operate independently of the main data centre. Face value How a site looks is more important than you may think. Specify security that appears too hostile risks blatantly advertising that you’re protecting a valuable target, ironically making it more interesting to opportunistic intruders. The heightened security that we recommend to clients for these types of sites, include 4 m high-security fences, coils of razor wire, CCTV, and floodlighting. When used together in an integrated approach, it’s easy to see how they make the site appear hostile against its surroundings. However, it must appear secure enough to give the client peace of mind that the site is adequately protected. Getting the balance right is crucial. So, how do you balance security, acoustics and aesthetics harmoniously? Security comes first These are essential facilities and as a result, they require appropriate security investment. Cutting corners leads to a greater long-term expense and increases the likelihood of highly disruptive attacks. Checkpoints Fortunately, guidance is available through independent accreditations and certifications, such as the Loss Prevention Certification Board’s (LPCB) LPS 1175 ratings, the PAS 68 HVM rating, CPNI approval, and the police initiative - Secured by Design (SBD). Thorough technical evaluation and quality audit These bodies employ thorough technical evaluation work and rigorous quality audit processes to ensure products deliver proven levels of protection. With untested security measures, you will not know whether a product works until an attack occurs. Specifying products accredited by established bodies removes this concern. High maintenance Simply installing security measures and hoping for the best will not guarantee 24/7 protection. Just as you would keep computer software and hardware updated, to provide the best level of protection for the data, physical security also needs to be well-maintained, in order to ensure it is providing optimum performance. Importance of testing physical security parameters Inspecting the fence line may seem obvious and straightforward, but it needs to be done regularly. From our experience, this is something that is frequently overlooked. The research we conducted revealed that 63% of companies never test their physical security. They should check the perimeter on both sides and look for any attempted breaches. Foliage, weather conditions or topography changes can also affect security integrity. Companies should also check all fixtures and fittings, looking for damage and corrosion, and clear any litter and debris away. Accessibility When considering access control, speed gates offer an excellent solution for data centres. How quickly a gate can open and close is essential, especially when access to the site is restricted. The consequences of access control equipment failing can be extremely serious, far over a minor irritation or inconvenience. Vehicle and pedestrian barriers, especially if automated, require special attention to maintain effective security and efficiency. Volume control Data centres don’t generally make the best neighbours. The noise created from their 24-hour operation can be considerable. HVAC systems, event-triggered security and fire alarms, HV substations, and vehicle traffic can quickly become unbearable for residents. Secure and soundproof perimeter As well as having excellent noise-reducing properties, timber is also a robust material for security fencing So, how do you create a secure and soundproof perimeter? Fortunately, through LPS 1175 certification and CPNI approval, it is possible to combine high-security performance and up to 28dB of noise reduction capabilities. As well as having excellent noise-reducing properties, timber is also a robust material for security fencing. Seamlessly locking thick timber boards create a flat face, making climbing difficult and the solid boards prevent lines of sight into the facility. For extra protection, steel mesh can either be added to one side of the fence or sandwiched between the timber boards, making it extremely difficult to break through. A fair façade A high-security timber fence can be both, aesthetically pleasing and disguise its security credentials. Its pleasant natural façade provides a foil to the stern steel bars and mesh, often seen with other high-security solutions. Of course, it’s still important that fencing serves its primary purposes, so make sure you refer to certifications, to establish a product’s security and acoustic performance. Better protected The value of data cannot be overstated. A breach can have severe consequences for public safety and the economy, leading to serious national security implications. Countering varied security threats Data centres are faced with an incredibly diverse range of threats, including activism, sabotage, trespass, and terrorism on a daily basis. It’s no wonder the government has taken an active role in assisting with their protection through the medium of the CPNI and NCSC. By working with government bodies such as the CPNI and certification boards like the LPCB, specifiers can access a vault of useful knowledge and advice. This will guide them to effective and quality products that are appropriate for their specific site in question, ensuring it’s kept safe and secure.

Enclosures containing electronics, communications or cabling infrastructure offer a simple attack point for cyber breaches and an opportunity for a physical attack on the hardware. Yet, many of these assets are housed within enclosures that provide minimal security features to offer a deterrent to any would-be attacker. This has always just been a pet hate. Walking down the high street of a town anywhere in the United Kingdom, you can often see open street communication cabinets. You can actually look directly inside at the equipment. And if I was a bad guy, I could quite easily just put my foot into their enclosure and quite quickly take out their infrastructure. Charged service for enclosures This seems crazy when a US$ 2 magnetic contact on a door can quickly tell you whether your enclosure is open or shut, and can be vital in keeping your network alive. Moreover, the operators of these systems, whether it is telecoms or internet providers, are providing a charged service to their customers, so they should really be protecting their enclosures. Why has that security level not been so readily taken into the outside world, into the unprotected environment? More sobering, if you contrast this security approach to the approach taken in the data centre world, an environment that already has multiple stringent security protocols in place, you get a very different picture. For instance, security devices can capture snapshots of anyone who opens a cabinet door in a data room, so it is recorded who has opened that door. While that is just one simple example, it begs the question. Why has that security level not been so readily taken into the outside world, into the unprotected environment? In my mind, a lot of it boils down simply to education. Network connection, easy point of cyber attacks Our preconceived idea about cyber security is some big corporation being knocked out or held to ransom by, again in our mind, someone sitting at a laptop, probably with their hood up over their head, typing away in the darkness, attacking us through the internet. But how the would-be criminal is going to come at us is just like in sport. They attack at the weakest point. Networks can be deployed in the outside world in many ways, such as cameras monitoring the highways. That means those locations will have a network connection. And that can be a point of attack in a non-secure outside world. Enclosures can be broken into by attackers Many people think, ‘That is okay because I’m going to take that ethernet device that my cameras are connected to and I’m going to put it inside an enclosure.’ However, what people do not realize is that the only thing that the enclosure is doing is protecting the ethernet device from Mother Nature. Because, without proper security, those enclosures can be broken into pretty easily. Many of them are just a single key that is not in any way coded to the device. Twofold cyber security People need to realise that cyber security is twofold. It can be carried out by hacking the network or physically breaking Therein lays the problem. People need to realise that cyber security is twofold. It can be carried out by hacking the network or physically breaking into the weakest physical point. And so, a simple boot through the open door of an enclosure can vandalise the devices inside and take down a small or large part of a network. And by definition, this meets the criteria for a cyber-attack. So, how do we go about tackling this problem? Well, security is a reaction marketplace. And for enclosures, there’s not, at present, a plethora of solutions out there for to counter these types of attacks. It can be challenging to find what you’re looking for through a quick Google search compared to searching for more traditional security protection measures. Deploying smart sensors and detectors But, under Vanderbilt and ComNet, we are currently taking our knowledge and experience from system installation and compiling it together. We’re bringing different products from different parts of our business to make a true solution. For instance, we have sensors for enclosures that detect anything from gas or smoke to open doors, detectors that will tell you if someone is trying to smash open your enclosure with a sledgehammer, or that someone is trying to lift your enclosure off of its mount. More importantly, as is not really a one-size-fits-all solution, we have developed a menu structure available that allows customers to pick and choose the ones that will best fit their own requirements.

PCSC, a designer and manufacturer of access control solutions and Coolfire Solutions, a St. Louis based software company known for creating Military-Grade situational awareness platforms, collaborate to deliver top-level capabilities for access and security. Coolfire Solutions created its innovative Ronin Platform to deliver software that sits on top of existing systems and infrastructure to transform data into actionable intelligence. Originally developed for the U.S. military, the Ronin Platform is being widely adopted by industry leaders and organisations who recognise the importance of placing the right data, in the right hands, in real-time, so that intelligent decisions can be made. LiNC-NXG PSIM system Stacking the Ronin Platform on top of the data provided by PCSC’s LiNC-NXG PSIM system provides a robust, real-time common operational pictureStacking the Ronin Platform on top of the data provided by PCSC’s LiNC-NXG physical security information management system provides a robust, real-time common operational picture, visually representing physical security events, and enabling a coordinated security response. For instance, urgent security related event details are pushed to mobile devices of nearby security officials for immediate action. An additional benefit, in the case of an on-premises environment, the underlying access management system is not exposed, only the top-level data is managed. Extend the capabilities of access solutions “An extremely impressive GUI for our industry and an actionable set of features extend the capabilities of PCSC’s access solutions for real-time response,” said Mas Kosaka, President and CEO of PCSC. “The expansion possibilities are virtually limitless too. We’re excited to debut the capabilities of Ronin to our Business Partners during the PCSC Symposium in conjunction with ISC West, the largest security industry trade show in the U.S.” Coolfire Solutions and PCSC have the experience and capabilities to transform the way security professionals do their job every day" “Coolfire Solutions and PCSC have the experience and capabilities to transform the way security professionals do their job every day. We can maximise the value of existing technology investments by combining data from any source and making it actionable," said Don Sharp, CEO at Coolfire Solutions. "Security professionals have an incredibly challenging job and it’s only getting tougher. By bringing all of their critical data onto a single pane of glass we can increase the level of security while driving significant operational efficiencies.”

The BioConnect Identity Platform provides an integration of Suprema's biometric solutions with the majority of leading access control systems BioConnect and Suprema have announced Suprema's launch of the BioConnect Identity Platform. Developed by BioConnect, Suprema's long-standing strategic partner in North America, the BioConnect Identity Platform provides an integration of Suprema's biometric solutions with majority of the leading access control systems in the global security market. Under the appointment, Suprema will provide and support the BioConnect Identity Platform globally from June 1st, 2016 onward. Powerful integration featuresWith the BioConnect Identity Platform's powerful integration features and BioConnect's and Suprema's partner eco-systems, enterprises benefit from the ability to take advantage of deploying biometrics with their existing (or their choice of) access control vendor, standards, devices and way of operating. The BioConnect Identity Platform enables the seamless integration of Suprema's biometric terminals with access control systems, ERP and time and attendance systems, supporting biometric and multi-factor authentication, biometric enrollments and user ID management. One central system The solution enables greater security, identity assurance and convenience from one central system and has ultimately changed the way that the physical access control market can consume biometrics as an authentication strategy. No other manufacturer around the world has been able to offer this level and quality of integrations - with the BioConnect Identity Platform boasting over 20. "With the BioConnect Identity Platform, BioConnect complements our goal of providing industry-leading biometric security solutions to the global market. The product is a ready-made bridge solution that provides easier integration of cutting-edge Suprema biometric technology together with a customer's choice of leading access control systems," said Young Moon, VP of Suprema. "We are looking forward to providing the BioConnect Identity Platform to a more global security market and are excited to offer our customers a seamless and cost-effective way of adopting Suprema's biometric security solutions," Moon added. Innovative technologies From the perspective of the access control provider, the BioConnect Identity Platform opens up the option to provide a Suprema biometric solution and continue to benefit from the complete product line as Suprema brings new and innovative technologies to market. "As a Suprema partner we have experienced a lot of growth in the North American and UK markets due to its leadership and continued emphasis on producing biometric products of superior quality, versatility and range," said Steve Greb, Strategic Director of Business Development at BioConnect. "We're very excited to draw on Suprema's impressive partner network and continue to build out our Quest for Rightful Identity on a global scale." Integration with leading systems The BioConnect Identity Platform integrates the following leading access control systems with the Suprema biometric terminals; ACT ACTManage, AMAG Symmetry, Axis A1001, Brivo OnAir/OnSite, Genetec Security Center, IMRON IS2000, Lenel OnGuard, Open Options dnaFusion, Paxton Net2, Honeywell ProWatch, Honeywell WINPAK, RS2 AccessIT!, S2 Netbox, Software House CCURE 9000, Stanley SecureNET, Gallagher Command Centre and now PCSC LiNC-PLUS. Suprema and BioConnect will team together to showcase the BioConnect Identity Platform at IFSEC 2016 in London on June 21st-23rd at Stand E1400.

Systems may be reliable and performing as originally intended, but can also beoutdated in comparison to current technology offerings Let’s start by defining what a legacy system is in the context of a security control system. Legacy refers to an installed and operating security control system made up of numerous components, both hardware and software, that have been eclipsed by newer technologies. A shortage of parts and pieces may be creeping in, and it’s also likely the older stuff has a service tech scratching his head when faced with a configuration setting or data entry protocol. The newer technologies, however, may still be providing much of the desired functionality required by the legacy system user. Legacy in this context then is not necessarily a pejorative term. The system may be both reliable and performing as originally intended but is outdated in comparison to current technology offerings both from a communications standpoint and as it relates to applications and data mining. So what to do? For openers, as my dad would day, do a Ben Franklin list of do’s and don’ts. Naturally you’d love to move to a new, bigger or smaller, better and faster system. But, first, what does that list look like? I for one think is might begin to look like this: Things to do when managing legacy systems Do you have a handle on your current technology capabilities? Many legacy systems are underutilised and have features that are not used. Revisit your systems capabilities: You are likely to make some pleasant discoveries. Do you have a handle on your current technology capabilities? Many legacy systems are underutilised and have features that are not used Do you currently know how all of the pieces and parts in your system are currently communicating? A great start for planning the next steps is to understand the “plumbing.” Associated with that is the location of communication; specifically, how are things wired and where are they terminated, recorded and catalogued? What does your power distribution for the system components look like? Do you have backup and other means of maintaining operations during a loss of power, and where is that stuff? If not done recently, this step provides an opportunity to ensure you are ready for things that don’t happen and also to revisit codes. It’s always worthwhile if a maintenance provider is available to a system test in this area, or it can be self-conducted. What is the state of your record management, and when was the last time you did some basic housekeeping, such as backup and the like? If you don’t remember when you did it last, stop reading and go do some housekeeping — it’s clearly due now! What works for you and your organisation, and what have you developed a work-around for? If your “super users” have found ways to manage desired system outcomes by some clever workaround, are there other desired features?  Do you have a relationship with an authorised service provider or an on-staff trained first responder? Do you have attic stock (stuff you own) to support those older components? I like to think of it like making a road trip with a spare tire and basics in the trunk in case an extended unplanned stop on the side of the road interrupts your trip. Have you developed a plan for an eventual upgrade? What’s first, what does it cost and whom will I let provide pricing to do so?  Rip-and-replace isn't your only option. There are many products and servicesavailable to migrate from a legacy to next steps utilising embedded infrastructure Planning and management What are my/your basic functional requirements, and where are the gaps now you must fill for enterprise sustainability? That legacy system likely has paid its way and now needs to be retired; I’m not ready either. Do you have a business case for this refresh – applications, data mining, new and reporting and risk mitigation strategies? If not, you are missing this first step of legacy migration planning and management. Managing the age includes a system exit strategy. Getting C suite, namely your CFO’s, attention is key; sustainability of your enterprise is 101, so functionality as it relates to risk mitigation is essential to keeping your entity flourishing. So what are the DON’T’s? Don’t trivialise the migration or response to the Do’s or you’ll end up in a big To Do. Don’t minimise the relationship with existing integration resources you have worked with, old and new. Organisations evolve, some for the best, some not so. Refresh these relationships as well; resources are like bridges – you never know when a crossing is needed. Don’t rush into the latest and greatest; be wary of who’s definition you subscribe to. There’s a reason they call it the “cutting” edge. Don’t believe that rip-and-replace is your only option. There are many legacy systems in our industry, and many well-made and well-thought-out products and services are available to migrate from a legacy to next steps utilising embedded infrastructure. The bottom line: Define your parameters, select your partners and engage companies with a history of legacy migration and thought leadership. If your legacy includes some products with forward-thinking engineering thought leadership, you may be able to manage your needs with security control board-level replacements or the flashing of new firmware and upgrades to software. I‘m aware of several companies whose products elegantly move through time, adding new applications and functionality without wholesale rip-and-replace. These legacies carry on. The market has responded to you and others eager to know their options. There are many ingenious and clever ways to upgrade communications and transport of data, reliable mainstream products designed to meet this challenge head-on. There are solutions aimed at allowing you to use current IT and Internet of Things (IoT) apps and functionality. However, there are also quite a number of technology partners able help make the leap from analogue to digital using existing pathways. The bottom line: Define your parameters, select your partners and engage companies with a history of legacy migration and thought leadership. They are most likely to produce the best results and allow you to leave behind the legacy you want to be associated with.