Morse Watchmans key management systems feature software that enables the user to set up all these and many other types of custom reports

Morse Watchmans system is programmable to recognise specific keys and release them once the three required logins are complete

Casinos are cash-based industries that rely on physical controls and strict documentation procedures in order to safeguard large amounts of cash and chips. One of the most critical areas of casino security where these controls come into play is key management. Physical keys are used for access to virtually all of the most sensitive and highly secured areas of the casino, including counting rooms and drop boxes. By maintaining tight control of keys with sophisticated key control and management systems, the casino can minimise incidents of loss and fraud for these and other sensitive areas.

Genesis Resource, Inc., a leading provider of Morse Watchmans KeyWatcher electronic key control systems to the casino industry, has firsthand experience in understanding how important key control systems are to a casino’s security operation. They know where and why key control systems need to be placed; they know how they are used and who uses them; and they stay aware of the various regulatory and licensing commission regulations that must be met. Their clients include most of the casinos in Arizona, Nevada and New Mexico.

“While all markets – including corrections, hospitals, universities, and others – will have unique requirements regarding key control and management, the gaming industry is perhaps the most regulated and has the most number of in-house areas requiring key control,” states Genesis Resource Technical Manager Ken Olson. “Morse Watchmans addresses these requirements with the most robust and complete key control feature set available. In fact, Morse not only sets the bar for features, they are also, in my opinion, the gold standard for usability, support and system reliability.”

Managed access limits vulnerability

Genesis established their business in the gaming market with the casino’s slot departments, which led to controlling access to sensitive drop box keys, counting room keys, and drop box cabinet keys. With a Morse Watchmans solution in place, these keys and key sets are secured in a KeyWatcher key control cabinet that will not open until the system verifies that the user has permission for the specific key(s) requested. All other key sets remain locked in place. Since key sets for counting rooms and drop boxes are highly sensitive, gaming regulations generally require the three man rule to access key sets – one person each from three different departments is required to log in. Typically the three individuals would include a drop team member, a cage cashier and security officer. Often the KeyWatcher is either located in the cage mantrap or chip bank area, with a secondary combination remote keypad and display console located inside the cage to allow cashiers to log in without leaving their workstation.

The Morse Watchmans system is programmable to recognise specific keys or key sets and only open the cabinet door and release them once the three required logins are complete and the credentials verified. As a user convenience, KeyWatcher will prompt for the additional logins only once, regardless of how many sets were initially requested. A non-disputable key control log is maintained to substantiate control over the keys. One of many reasons KeyWatchers are so widely accepted is because they exceed the level of security offered by manual log systems.

According to Mr. Olson, returning highly sensitive keys is also tightly regulated with multiple levels of security required. He says, “The KeyWatcher system is configurable to meet these gaming regulations. For example, “Full Secure” requires the same users who removed a key to return the key, while “Department Secure” would only require the first user’s credentials to match exactly while the two other users would have to match by department.”

Access to table game drop box release keys is limited to the specific employees who are authorised to remove the table game drop boxes from the tables. A different set of employees would have access to the unscheduled drop sets, and the KeyWatcher system can be configured to reinforce this safety procedure. Individuals are precluded from

"Morse not only sets the bar for features, they are also, in my opinion, the gold standard for usability, support and system reliability"

having access to table game drop box content keys at the same time they have the table game drop box release keys out.

System intelligence adds to user convenience

In emergency situations such as machine jam, customer dispute, machine relocation or maintenance, where key sets must be accessed outside of regularly scheduled times, the KeyWatcher cabinet can be pre-programmed with “notes”. Before a key is released, the system will prompt the user to select a predefined note plus enter a freehand comment indicating the affected machine and table numbers.

Outside of special key access or emergency situations, it is useful for certain keys or key sets to be immediately available to their authorised users. With the KeyWatcher instant key release feature, the user only needs to input their credentials, and the system knows whether they already have their specific keys or not. If not, the system unlocks and their keys are immediately available to them. Returning keys is just as fast and easy with KeyWatcher. This saves time, reduces training and helps to overcome any language barriers.

Another convenient feature of the KeyWatcher utilised frequently by casinos/resorts is key cycling. Casino/resort staff including housekeepers and slot floor attendants can be organised into “groups” by the system administrator. For these individuals or groups, the hotel and casino has multiples of the same respective key sets available. The KeyWatcher can be programmed to release the next available set to each authorised user from a group, which cycles through the sets so that each gets equal usage.

Reporting

Gaming regulations require a number of different types of audits on a regular basis to assure the casino is in full compliance with regulations. For example, for employees signing the table game drop box keys in or out, Nevada Gaming requirements call for maintenance of separate reports indicating the date, time, table game number, reason for access, and signature or electronic signature. An “electronic signature” includes a unique employee PIN or card, or employee biometric identification validated and recorded through a computerised key security system.

Morse Watchmans key management systems feature software that enables the user to set up all these and many other types of custom reports, which can run and be delivered automatically to management on a regular basis. The robust reporting system will also greatly assist the casino in tracking and improving processes, assure employee honesty and minimise security risks. Auditors can be given access only to print reports, without access to key sets.

Additionally, robust SMS text messaging and emailing allows for the key set user or select management to automatically receive alerts when specified key sets are removed and/or returned, along with select alarm notifications.

Enterprising connections

With the advent of network systems and technology, Genesis reports a greater demand from casinos for key control systems that operate as an enterprise client-server application with a common user database. Since each system includes an unlimited site license, there are no site licensing fees to be concerned with. A common user database helps to ensure an employee’s HR-issued ID is recognised across all systems in an organisation, which allows for auditing transactions and history even after an employee’s departure. This also makes it possible for the slots, cage and security departments each to have their own system, with users part of the same common user database but different access for each system.

"Synchronising the same
information across multiple
KeyWatchers happens
automatically behind the
scenes with the KeyWatcher
software"

Using employee IDs also opens the door for optional 3rd party integration with existing card access control systems. For instance, when new employees are added, or terminated employees are removed from the access control system, they are automatically added or terminated in the KeyWatcher system. This integration can also pay dividends in terms of security policies and/or procedures as well as compliance with government agencies.

Mr. Olson says, “Synchronising the same information across multiple KeyWatchers happens automatically behind the scenes with the KeyWatcher software. It tremendously simplifies keeping all KeyWatchers updated with current user key access and enrollment information. Profiles (which include user access level, key set permissions, time durations, department and more) can be created and assigned to each user and any changes to the profile are cascaded down to the users assigned to it.”

Enterprise systems are highly scalable and key control cabinets can be distributed across the casino’s network to help relieve usage congestion. For example, at the start of a morning shift upwards of 500 housekeeping staff will need to access keys or key sets. By locating KeyWatcher cabinets adjacent to the areas where the keys will be used, bottlenecks in accessing/returning the keys can be avoided. In another example, KeyWatcher cabinets can be installed at an employee entrance/exit door. When an employee leaves the building temporarily for a scheduled break, keys can be returned to the local key cabinet and then accessed again when the employee returns from the break.

Quality product enhanced with quality support

Casinos and other gaming establishments are 24/7 operations and as such need 24/7 support. However, quality of support varies from manufacturer to manufacturer and from dealer to dealer. Telephone support from Morse Watchmans is included with the system and Genesis supplements that support with extended warranties, after hours phone support, training and a variety of service/ maintenance contracts. To further enhance their service offerings, Morse has offered free firmware and software updates for over a decade.

“Too often, customers find the product works and the service doesn’t or the service works and the product doesn’t,” said Mr. Olson. “Together with Morse, we offer the casino the best of both.”

Download PDF version Download PDF version

In case you missed it

How soon will access control cards become extinct and why?
How soon will access control cards become extinct and why?

Since the advent of the physical security industry, access control has been synonymous with physical cards, whether 125 kHz ‘prox’ cards or the newer smart card alternatives. However, other credentials have also come on the scene, including biometrics and even smart phones. Some of these choices have distinct cost and security advantages over physical cards. We asked this week’s Expert Panel Roundtable: How soon will the access control card become extinct and why? 

Addressing the Internet Of Things (IoT) and challenges in device design using a comprehensive approach
Addressing the Internet Of Things (IoT) and challenges in device design using a comprehensive approach

As the number of connected devices increases worldwide, the ways that they are being used, designed, and tested have also expanded. The rise of connected devices is demanding engineers to harness the power of the internet of things, which is expected to hit 28 billion by 2025. A comprehensive approach to device design is needed more than ever to address the challenges that this rapid growth will bring. Why engineers should be using IoT technology in product design The demand for devices designed to use the Internet of Things (IoT) technology is increasing as more industries are finding expanded ways to put them into use. Industries such as healthcare, automobiles, and agriculture are becoming more dependent on cloud capabilities and are therefore in need of new devices able to connect to it. Due to this rise in demand, an increasing amount of devices are delivering a multitude of benefits both to consumers and companies. However, this new wave of products has led to a growing list of challenges for engineers as they are forced to address IoT tech in regards to connectivity, regulations, longevity, and security. Ways to use IoT in the development process Engineers are facing these new challenges along with the normal pressure of deadlines and test considerations. By approaching all of these issues from a comprehensive point-of-view, the solutions become clearer and new device capabilities can be born. Let’s look at the challenges individually as well as possible solutions for them. Improving connectivity IoT enables data to be transferred between infrastructure, the cloud, and devices, making the process smooth  Because IoT is based around connection, it’s no surprise that the primary challenge for engineers to overcome is the improvement of connectivity between devices. IoT enables data to be transferred between infrastructure, the cloud, and devices, so making this process as smooth as possible is crucial. The main challenges involved with connectivity have to do with development and product testing while meeting industry standards and best practices. Additionally, many companies lack the necessary equipment and technology to develop new IoT devices, which makes it difficult to create scalable prototypes and test new products. Suggested solutions To address the issue of not having the expertise and necessary tools for testing, we suggest outsourcing the prototyping and evaluation process instead of attempting to tackle this in-house. By doing this, you’re able to free up resources that would otherwise be needed for expensive equipment and qualified staff. Helping comply with regulations When working with devices that are connected across the world, there is a complex web of regulations and conformance standards that can lead to challenges for engineers. The necessity of complying with these regulations while also pushing to meet deadlines can be burdensome and lead to an increase in production time and expenses. Failure to comply with global and regional laws, as well as system and carrier requirements, can lead to fines and costly setbacks. This type of failure can destroy a company’s reputation on top of causing financial losses, often leading to the loss of business. Suggested solutions By testing the IoT device design and components early, engineers can address any pre-compliance issues that may arise. During the early stages of development, we suggest using scalable and automated test systems readily available in the marketplace. Improved communication with other devices New challenges arise as new devices hit the market and existing technologies are redesigned to offer a better experience In the rapidly growing number of connected devices, new challenges will arise as new devices hit the market and existing technologies are redesigned to offer a better user experience. This rapid growth in devices will lead to congested networks leading to the necessity of devices being able to function in the midst of increased traffic and interference. Failure to do this will lead to delayed responses which could prove to be fatal. Suggested solutions The best solution for this issue is found in the evaluation process and supporting test methods that the Institute of Electrical and Electronics Engineers (IEEE) published in the American National Standard for Evaluation of Wireless Coexistence (ANSI). This process addresses the interconnectivity issues present in radio frequency environments. The outlined process involves defining the environment and evaluating the wireless performance of the equipment through thorough testing. An in-depth version can be found in its entirety online. Increasing the longevity of devices IoT devices are being used in vital industries such as healthcare and automotive so battery life and power consumption are two challenges that engineers must take seriously. A failure in this area could potentially lead to loss of life or safety concerns on the road. As new firmware and software are being designed to address these factors, engineers must be implementing them into IoT devices with the ability to be continually updated. Suggested solutions Longevity should be addressed in all aspects of the design process and tested thoroughly using a wide range of currents. By doing this, an engineer can simulate consumer applications to best predict performance. Security Security and privacy are concerns with any technology, but with the use of IoT in medical devices, it’s paramount Security has been a controversial issue for IoT since its inception. Security and privacy are concerns with any technology, but with the widespread use of IoT in medical devices, smart home appliances, and access control and surveillance, it’s paramount. For example, medical devices may store information about health parameters, medications, and prescriber information. In some cases, these devices may be controlled by an app, such as a smart pacemaker, to prevent heart arrhythmias. Naturally, a security issue in these devices could be devastating. Another example of dangerous security concern is with surveillance cameras and access control, such as for home or business security systems. These intelligent door locking systems contain locks, lock access controllers, and associated devices that communicate with each other. Suspicious activities are flagged with alerts and notifications, but if a hacker gains access, it can lead to real-world, physical danger. Security design points Here are some key points for security design: Physical security: IoT devices may be in external, isolated locations that are vulnerable to attack from not only hackers but by human contact. Embedding security protection on every IoT device is expensive, but it’s important for general security and data safety. Security of data exchange: Data protection is also important because data gets transmitted from IoT devices to the gateway, then onto the cloud. With surveillance and access control information or sensitive medical information, and encryption is vital to protecting data from a breach. Cloud storage security: Similar to data exchange, the information stored in medical devices, surveillance and access control systems, and some smart appliances with payment features, must be protected. This includes encryption and device authentication through access control, which can police what resources can be accessed and used. Update: Security vulnerabilities will always occur, so the key to addressing them is having a plan to address errors and release patches. Customers should also have options to secure devices quickly and effectively. Suggested solutions Engineers can include security and protection into IoT devices with early and perpetual testing throughout the design process. Most security breaches occur at endpoints or during updates, giving engineers a starting point for how to address them. Creating more secure devices Ensuring the security of connected devices should be of supreme importance for engineers as these devices are vulnerable to security breaches. The ultimate security of devices goes beyond the scope of engineering as the network and enterprise levels must also be secure to protect against potential threats. However, engineers play a role in this protection as well and should consider device security in the design process. Suggested solutions On a device level, engineers can help protect IoT devices from vulnerabilities by implementing early testing and continuing it throughout the design process. Most security transgressions occur at endpoints so this continual testing can, and should, create barriers to breaches. Regulations and compliance For IoT engineers, the complex web of regulations and compliance standards present new challenges Regulations and compliance surrounding data and technology are nothing new, but for IoT engineers, the complex web of regulations and compliance standards present new challenges. Engineers are already addressing obstacles in security and connectivity, all while meeting deadlines, and working around regulations adds time and expense to the process. Unfortunately, a failure to comply with global, regional, or local laws can lead to setbacks and fines. In addition to time lost in production and possible fines, the damage to a company’s reputation can lead to even more losses. Suggested solutions Compliance should be considered early and often in the design process. In the early stages of development, the IoT device or components can be tested to address and compliance issues. If possible, use a scalable and automated test system. The comprehensive solution As we stare at an uncertain future full of possibilities, it’s clear to see that new challenges will continue to be presented as technology evolves and new innovative devices are designed by engineers. By addressing these issues early and often, solutions can be implemented and problems prevented before they even have a chance to occur thanks to sound engineering and solid design.

Everbridge provides the critical event management platform to help organisations manage the full lifecycle of a crisis
Everbridge provides the critical event management platform to help organisations manage the full lifecycle of a crisis

The UK Government is consulting on plans to introduce a new law requiring operators of public spaces to consider the risk of a terrorist attack and take proportionate and reasonable measures to prepare for and protect the public from such an attack. Under the proposals outlined in the consultation document, those responsible for a publicly accessible location will have a ‘protect duty.’ The protect duty would apply to certain publicly accessible locations, widely defined as ‘any place to which the public or any section of the public has access, on payment or otherwise, as of right or by virtue of express or implied permission.’ Publicly accessible locations Publicly accessible locations include a wide variety of everyday locations such as: Sports stadiums, festivals and music venues, hotels, public houses, clubs, bars, casinos, high streets, retail stores, shopping centres, markets, schools, universities, medical centres, hospitals, places of worship, government offices, job centres, transport hubs, parks, beaches, public squares, other open spaces. This list is by no means exhaustive, but it does demonstrate the diverse nature of publicly accessible locations. To manage these challenges, some organisations are relying on guarding and manual solutions or processes Organisations responsible for publicly accessible locations have many challenges they need to overcome while at the same time ensuring that safety and security is visible, yet non-intrusive. To manage these challenges, some organisations are relying on guarding and manual solutions or processes, whereas other organisations have invested heavily in diverse security technologies: CCTV, access control, intruder alarms, fire detection, intercoms and more. Managing public safety Effectively managing public safety and security is difficult and can be costly. Potential liabilities are something to seriously consider, based on forthcoming regulation and prevailing public expectations. When a critical event unfolds public reactions can be difficult to safely manage, however this is now a must do. Public space operators need to get the right information to the right people at the right time to protect all people, including every single member of the public. Their work with public and private sector clients around the world has enabled them to understand ‘protecting the public’ challenges and offer solutions that meet the specific requirements. Public space operators and organisations must keep track of all emerging threats and assess the potential impacts of when, not if, they will experience a critical event. Unpredictable threat environment Security executives have the challenge of protecting people, facilities and assets With an increasingly complex and unpredictable threat environment, it has never been more imperative to act faster. With more complete intelligence, organisations can increase their speed and decisiveness to assess risks and prevent those risks from harming people or disrupting operations. Leisure and entertainment is a prominent UK industry, that is also one of the most vulnerable to safety and security threats. Security executives have the challenge of protecting people, facilities and assets, while also maintaining friendly and welcoming services to visitors. Public venues and retailers must provide non-intrusive client safety and security. For the would-be criminal, safety and security provision should be a visible deterrent. Balancing these needs is where Everbridge can help organisations. Everbridge provides the critical event management platform to help organisations manage the full lifecycle of a crisis. Facilitating device activation Their platform correlates events from disparate safety and security systems into a common operating picture to focus people’s attention on what really matters. The platform provides users with actionable alerts, next step actions, and automated reporting to better manage risks, ensure compliance with operating procedures and support the business continuity. Automated workflows ensure rapid, consistent responses, reducing the risk of human error Automated workflows ensure rapid, consistent responses, reducing the risk of human error. It also facilitates device activation to ensure they are always in operational control and protecting the people. Dynamic reports and dashboards provide real-time actionable insights for the operations teams and senior executives. Benefits include: Real-time situational awareness. Reduces risk. Accelerates response times. Avoids technology lock-ins. Prevents information overload. Keeps stakeholders informed. With Everbridge, the organisation can deliver the public protect duty. Now and in the future.