A critical issue for security officers today is how to make sure temporary or permanent employees are removed from the employee directory system when they are no longer working for the company. This situation arises especially in large enterprises, which may have different Physical Access Control Systems (PACS) supporting different offices or company operations. It is not uncommon for a company to make an acquisition and have two or more incompatible PACS systems. The simple way to address this is to issue a separate card to the employee to support a different PACS system. While this might be slightly inconvenient for the worker, it is often a simple solution that many companies use. Updating employee information, must be done on each system separately and often manually

There are several problems with this solution. There is no central control of identities and they can exist in multiple locations of a company. Updating employee information, for example increasing access to reflect an employee’s new responsibilities, must be done on each system separately and often manually. Unless the company has a strong procedure to support this, the records outside of the main system, may not be updated and errors can occur. This may not be a significant problem if an employee is working for the company, but, if the employee is terminated, he or she may continue to have access to company facilities and systems, potentially compromising security.

Physical Logical Access Interoperability - PLAI

The Physical Security Interoperability Alliance has addressed this with its Physical Logical Access Interoperability (PLAI) specification. PLAI allows disparate PACS systems to normalise employee identity information and relies on a single trusted source to make changes to employee access and then synchronises it across disparate PACS systems. The same holds true for a terminated employee. A central trusted source eliminates access, and this is instantaneously reflected in all PACS systems. PLAI offers a simple and cost-effective way to enhance a company’s access control system, providing a more robust security environment.

Having a commercial PLAI Agent, available to any company, is an important milestone for PLAI”

PLAI demo at ISC West 2018

A commercial version of the PLAI Agent will be demonstrated by the PSIA at ISC West 2018 on April 12 in Las Vegas. Johnson Controls (Software House), Kastle Systems, and Princeton Identity will show the interoperability and exchange of identity information between disparate systems. “Having a commercial PLAI Agent, available to any company, is an important milestone for PLAI,” said David Bunzel, Executive Director of the PSIA. “It will enable Physical Access Control System (PACS) vendors to have an effective solution for bridging otherwise incompatible systems, saving considerable time in integration, and costs to enterprise customers.

The PLAI Agent was developed jointly by Johnson Controls and Dublin, Ireland-based Cruatech, a new member of the PSIA. It will be available to vendors from either company prior to ISC West. “As an integrator, we are often challenged with client acquisitions and the need to quickly establish a unified security ecosystem.” said Mike Mathes, Executive Vice President of Convergint Technologies and Chairman of the PSIA. “PLAI offers a means to quickly support disparate systems in a robust and reliable manner.

The PSIA has seen growing momentum for commercial implementations of PLAI

Identity management

As identity becomes a more critical feature of security systems, finding ways to manage credentials, permissions, limit duplication of records, and eliminating “orphans” left over when an employee leaves a company is essential. PLAI is an elegant means to address many of these issues. “PLAI provides an effective option to reduce problems related to integration compatibility, upgrades, and synchronisation which plague the industry today. This is good for both the customer as well as the manufacturers,” notes Jason Ouellette, General Manager of Access Control for Johnson Controls.

Further, PLAI reduces the impact of conflict inherent to the replication of personnel and credential data, while giving an authoritative control of records which can span PACS systems and other integrations to reduce risks in activities such as off boarding.

The PSIA has seen growing momentum for commercial implementations of PLAI. Already the U.S. Department of Justice, The Washington Post, and Corporate Executive Board (CEB) have utilised PLAI. In addition, Microsoft is planning to incorporate PLAI into their security ecosystem. There is a growing list of other organisations which are planning PLAI implementations in the government, financial services, electronics, industrial, and bottling industries.

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version

In case you missed it

What will be the biggest security trends in 2021?
What will be the biggest security trends in 2021?

We are several weeks into 2021, and it is already shaping up to be an eventful year. The happenings and trends from 2020 will likely carry over into the new year, but in a fast-moving industry such as ours, there will also be additional trends to watch. Looking toward the year ahead, we asked this week’s Expert Panel Roundtable: What will be the biggest security trends in 2021?

Securing empty premises: Product performance is everything
Securing empty premises: Product performance is everything

Since the start of the pandemic, almost a quarter of UK businesses have been forced to temporarily close, pause trading, or work remotely, with very little notice. Now nearing the 12th month of the crisis, the country is currently enduring its third national lockdown, with an unspecified timeframe. Most workers are being urged to remain at home and only venture out for essential travel. This means a huge number of premises across the board, from recreational venues such as theatres, pubs and leisure centres, to office buildings, and storage facilities, will remain empty. It’s likely that security has been scaled back, so many buildings could be vulnerable to attack for the foreseeable future. Just recently we’ve seen empty pubs in London targeted by opportunistic illegal rave organisers. Physical security strategy Even rural areas aren’t exempt from the problem, as burglars have reportedly targeted beauty salons, etc Even rural areas aren’t exempt from the problem, as burglars have reportedly targeted beauty salons, food stores and vehicle hire premises this winter. Vandalism and burglary remain very real threats, therefore it is vital that facilities managers and property owners ensure the physical security of these empty buildings is maintained to the highest standard to protect property and the assets within. Below we outline key considerations when evaluating a physical security strategy for an empty building. Assess the risk We would urge facilities managers and building owners to carry out regular, thorough checks of the building and the perimeter to assess any obvious factors which would elevate the risk of attack. This includes assessing the location. Is the crime rate high? How visible is the property? Are the contents of the property on show? How secure is the access or perimeter boundary? View the premises from a potential intruder’s perspective, and when you can’t be at the site in person, use photographs, notes and drawings to identify potential weaknesses. For example, there may be high security fencing at the front of the premises, but make sure it is not at risk of being compromised at the back. Conducting regular maintenance Retain and maintain quality Inspecting the fence line may seem obvious and straightforward, but it needs to be a deliberate, scheduled event Conducting regular maintenance is even more essential while premises are left empty, as it is much easier for any issues to appear and escalate undetected. We highly recommend regularly inspecting your fencing for disrepair or damage as this can affect the perimeter’s integrity. Alternatively, choosing high quality galvanised and preferably powder coated steel fencing with a 25-year guarantee will offer longer-lasting protection against rust and corrosion. Inspecting the fence line may seem obvious and straightforward, but it needs to be a deliberate, scheduled event. Take time to check the perimeter on both sides. As you inspect the fencing, keep an eye out for any attempted breaches and note if foliage, weather conditions, or topography changes have affected security integrity. Check all fixtures and fittings are in good working order, look for damage and corrosion, and clear all litter and debris away. Huge security risk Quality investments In a time when businesses are already stretched, it can be tempting to opt for quick, inexpensive fixes. However, poorly executed design or cheap, low quality products can lead to costly, long-term remediation or worse, significant loss to the business. Make wise, informed decisions and specify solutions based on your organisation’s security needs first and foremost. While generic steel palisade is a popular option, owing to its intimidating aesthetic, it is easily compromised. Steel palisade fencing has inherent weaknesses that undermine performance. Its wide pales can obstruct surveillance, while the bolted construction is a huge security risk. Simply removing or breaking the lower fixing on one or two pales would allow them to swing aside to give repeated access to the site without leaving an easily visible sign that the perimeter has been breached. It’s a false economy, as the initial lower price is offset by the costs and inconvenience incurred by regular repairs. Performance classification system The standard works via a performance classification system, and even considers the tools that an intruder may use Specifying a higher quality product that’s fit for purpose makes more sense both in the short and long term, and it adds little to the original cost. Fortunately, there are a number of security accreditations that facilities managers and building owners can refer to when specifying security measures at their site, helping them choose effective solutions to combat the risks the property faces. Proven performance Certifications and approvals, such as The Loss Prevention Certification Board’s (LPCB) LPS 1175 and the British Standards Institution’s (BSI) PAS, prove a product has been thoroughly tested to a specific standard. They prove the strength and durability of the item in multiple different situations. It is worth noting also that investing in effective perimeter protection can actually deliver a positive return by reducing the incidence of burglary and vandalism, and their associated costs. The technical evaluation work carried out by LPCB is extremely thorough. The product is subjected to rigorous quality audit processes, to certify the security products tested by BRE deliver verified levels of protection. All LPS 1175 rated products are vigorously tested before receiving an accreditation. The standard works via a performance classification system, and even considers the tools that an intruder may use. Intrusion detection system Our law enforcement teams are stretched to capacity and coping with reduced workforces due to illness By predicting a likely toolset, specifiers can construct multiple defensive layers to maximise how much time a facility has to respond to an attack. Different levels of security are crucial for the ‘5D defence’ concept, whereby a quintet of security assets work together to prevent access to your site, resulting in a strategy that will: Deter, Detect, Deny, Delay and Defend unwanted access from intruders. 360° security There is no single solution when it comes to securing a building. Every situation must be considered on an individual basis, starting with a full risk assessment. We recommend an integrated approach where appropriate. Along with a secure perimeter, this might also include effective lighting in shaded areas and at doors, gates, and vulnerable windows, Perimeter Intrusion Detection Systems (PIDS) and well-placed CCTV. These measures can hinder entry and escape, or increase the chance of discovery and detection. Domestic burglaries While domestic burglaries have become less attractive as many of our homes are now occupied around the clock, commercial properties have become increasingly more vulnerable. Our law enforcement teams are stretched to capacity and coping with reduced workforces due to isolating and illness. Therefore it has never been so important for building owners and facilities managers to assess the properties they’re responsible for to ensure they’re protected effectively in the event of an attack.

Safety in smart cities: How video surveillance keeps security front and centre
Safety in smart cities: How video surveillance keeps security front and centre

Urban populations are expanding rapidly around the globe, with an expected growth of 1.56 billion by 2040. As the number of people living and working in cities continues to grow, the ability to keep everyone safe is an increasing challenge. However, technology companies are developing products and solutions with these futuristic cities in mind, as the reality is closer than you may think. Solutions that can help to watch over public places and share data insights with city workers and officials are increasingly enabling smart cities to improve the experience and safety of the people who reside there. Rising scope of 5G, AI, IoT and the Cloud The main foundations that underpin smart cities are 5G, Artificial Intelligence (AI), and the Internet of Things (IoT) and the Cloud. Each is equally important, and together, these technologies enable city officials to gather and analyse more detailed insights than ever before. For public safety in particular, having IoT and cloud systems in place will be one of the biggest factors to improving the quality of life for citizens. Smart cities have come a long way in the last few decades, but to truly make a smart city safe, real-time situational awareness and cross-agency collaboration are key areas which must be developed as a priority. Innovative surveillance cameras with integrated IoT Public places need to be safe, whether that is an open park, shopping centre, or the main roads through towns Public places need to be safe, whether that is an open park, shopping centre, or the main roads through towns. From dangerous drivers to terrorist attacks, petty crime on the streets to high profile bank robberies, innovative surveillance cameras with integrated IoT and cloud technologies can go some way to helping respond quickly to, and in some cases even prevent, the most serious incidents. Many existing safety systems in cities rely on aging and in some places legacy technology, such as video surveillance cameras. Many of these also use on-premises systems rather than utilising the benefits of the cloud. Smart programming to deliver greater insights These issues, though not creating a major problem today, do make it more challenging for governments and councils to update their security. Changing every camera in a city is a huge undertaking, but in turn, doing so would enable all cameras to be connected to the cloud, and provide more detailed information which can be analysed by smart programming to deliver greater insights. The physical technologies that are currently present in most urban areas lack the intelligent connectivity, interoperability and integration interfaces that smart cities need. Adopting digital technologies isn’t a luxury, but a necessity. Smart surveillance systems It enables teams to gather data from multiple sources throughout the city in real-time, and be alerted to incidents as soon as they occur. Increased connectivity and collaboration ensures that all teams that need to be aware of a situation are informed instantly. For example, a smart surveillance system can identify when a road accident has occurred. It can not only alert the nearest ambulance to attend the scene, but also the local police force to dispatch officers. An advanced system that can implement road diversions could also close roads around the incident immediately and divert traffic to other routes, keeping everyone moving and avoiding a build-up of vehicles. This is just one example: without digital systems, analysing patterns of vehicle movements to address congestion issues could be compromised, as would the ability to build real-time crime maps and deploy data analytics which make predictive policing and more effective crowd management possible. Cloud-based technologies Cloud-based technologies provide the interoperability, scalability and automation Cloud-based technologies provide the interoperability, scalability and automation that is needed to overcome the limitations of traditional security systems. Using these, smart cities can develop a fully open systems architecture that delivers interoperation with both local and other remote open systems. The intelligence of cloud systems can not only continue to allow for greater insights as technology develops over time, but it can do so with minimal additional infrastructure investment. Smart surveillance in the real world Mexico City has a population of almost 9 million people, but if you include the whole metropolitan area, this number rises sharply to over 21 million in total, making it one of the largest cities on the planet. Seven years ago, the city first introduced its Safe City initiative, and ever since has been developing newer and smarter ways to keep its citizens safe. In particular, its cloud-based security initiative is making a huge impact. Over the past three years, Mexico City has installed 58,000 new video surveillance cameras throughout the city, in public spaces and on transport, all of which are connected to the City’s C5 (Command, Control, Computers, Communications and Citizen Contact) facility. Smart Cities operations The solution enables officers as well as the general public to upload videos via a mobile app to share information quickly, fixed, body-worn and vehicle cameras can also be integrated to provide exceptional insight into the city’s operations. The cloud-based platform can easily be upgraded to include the latest technology innovations such as licence plate reading, behavioural analysis software, video analytics and facial recognition software, which will all continue to bring down crime rates and boost response times to incidents. The right cloud approach Making the shift to cloud-based systems enables smart cities to eliminate dependence on fibre-optic connectivity and take advantage of a variety of Internet and wireless connectivity options that can significantly reduce application and communication infrastructure costs. Smart cities need to be effective in years to come, not just in the present day, or else officials have missed one of the key aspects of a truly smart city. System designers must build technology foundations now that can be easily adapted in the future to support new infrastructure as it becomes available. Open system architecture An open system architecture will also be vital for smart cities to enhance their operations For example, this could include opting for a true cloud application that can support cloud-managed local devices and automate their management. An open system architecture will also be vital for smart cities to enhance their operations and deliver additional value-add services to citizens as greater capabilities become possible in the years to come. The advances today in cloud and IoT technologies are rapid, and city officials and authorities have more options now to develop their smart cities than ever before and crucially, to use these innovations to improve public safety. New safety features Though implementing these cloud-based systems now requires investment, as new safety features are designed, there will be lower costs and challenges associated with introducing these because the basic infrastructure will already exist. Whether that’s gunshot detection or enabling the sharing of video infrastructure and data across multiple agencies in real time, smart video surveillance on cloud-based systems can bring a wealth of the new opportunities.