Bank security

Maven Capital Partners, one of the UK’s most active private equity houses, has led an investment, alongside existing shareholders Par Equity and the Scottish Investment Bank, in Edinburgh-based Symphonic Software Limited, a global player in the Identity and Access Management (IAM) market. The funding will be used to further scale the business, investing in sales and marketing resource, as well as product innovation, to ensure Symphonic continues to offer customers a best-of-breed solution in this important and growing market. Authorisation software solution Symphonic has developed a fine-grained, context-aware authorisation software solution that enables organisations to securely share critical, time-dependent and sensitive information by managing access to data and services in the inter-connected digital economy. It does this by enabling the user to set rules and controls, even for the most complex administrative requirements, at extreme granular levels. Heightened security, is driving market demand as customers’ interactions with the organisation become deeper and more complex A powerful policy management interface incorporated into the system provides centralised visibility and control over the policies that apply to an enterprise's entire digital landscape. This makes access management more simple and agile, helping support rapidly emerging needs for sharing data both inside and outside an organisation, while maintaining compliance with internal policies and external regulations. Heightened security, an emphasis on risk management and the introduction of ever-increasing digital access channels, is driving market demand as customers’ interactions with the organisation become deeper and more complex. As a result, the IAM market is growing rapidly and is forecast to be worth in excess of $20 billion by 2022. Sophisticated access management Data security, General Data Protection Regulation (GDPR) and Open Banking regulations are just some of the initiatives forcing Symphonic’s financial customers to undertake major re-engineering programmes that inevitably involve the deployment of a sophisticated access management solution. Under the latest open banking regulations, banks are now required to share the data they hold on their customers, safely and securely with authorised third parties. Symphonic is targeting further growth in retail banking and other sectors and is well positioned to expand into new markets" The aim of the regulation is to bring more competition and innovation to the financial services market, which should in turn lead to more and better products. Symphonic’s solution enables financial institutions to manage the new, complex access patterns resulting from open banking whilst delivering the right balance between security and customer experience. Symphonic clients can react quickly to new threats whilst lowering their costs by defining their access control policies in a single location. Significant new regulation David Milroy, Partner at Maven, said: “We are delighted to be leading the investment in Symphonic Software. The company operates in a high growth sector driven by significant new regulation. Symphonic is targeting further growth in retail banking and other sectors and is well positioned to expand into new markets. We look forward to working with Derick and his team over the coming years to scale the business and deliver on its growth strategy.” Derick James, CEO at Symphonic, added: “We are very pleased to maintain our strong relationship with Par Equity and the Scottish Investment Bank and are delighted to welcome Maven as part of this latest investment round. The team at Symphonic is looking forward to continuing to drive the company’s success with the support of our new and existing investors”.

March Networks, a global video security and video-based business intelligence pioneer, is proud to announce that it has been designated as a cybersecure business by Cyber Essentials Canada for a second consecutive year. March Networks was the first company in the country to achieve the certification in 2018, and is the first to re-certify through the program this year. Developed as part of the United Kingdom’s (U.K.’s) National Cyber Security Programme, Cyber Essentials certification is awarded to organisations able to demonstrate good cybersecurity practices and an ability to mitigate risks from Internet-based threats in areas including: boundary firewalls and Internet gateways; network configuration; software management; access control; and malware protection. The toolset is also a valuable asset for end user organisations seeking to verify the security of their supply chain. Adhering to best security practices Our participation in the Cyber Essentials program enables us to confirm that we are adhering to the current security practices"“March Networks works with many Fortune 500 customers, including some of the world’s largest banks, so strong corporate security practices have always been a priority,” said Peter Strom, President and CEO, March Networks. “Our participation in the Cyber Essentials program enables us to confirm that we are adhering to the most current security best practices. It also provides our customers with yet another assurance of our high cybersecurity standards.” March Networks’ holistic approach to security involves a 360° view of all areas of its business – from product development and source code management, to operational processes and customer data privacy. The company’s Network Operations Center, for example, operates with extensive physical access and networking controls and restrictions to ensure the security of customer data. The company also participates in comprehensive security audits initiated by large enterprise customers seeking to confirm the security of their video solution provider. Identifying potential vulnerabilities Proactive resilience strategies help strengthen organisations’ ability to avoid disruption"In addition, March Networks takes a proactive approach to identifying potential vulnerabilities in its products. The company’s Security Updates and Advisories program involves regularly tracking US-CERT reports on identified vulnerabilities, conducting in-depth investigations when required, and alerting customers and partners to any necessary software updates via email alerts and information posted directly on the March Networks website. Endorsed by the U.K. government, Cyber Essentials was originally created in collaboration with industry partners such as the Information Security Forum (ISF) and the British Standards Institution (BSI). CyberNB, a special operating agency of Opportunities New Brunswick, administers the program in Canada, where it is gaining momentum as a requirement to win business in both public and private sectors. “The team at CyberNB is proud of the commitment to security and continuous improvement that we’ve seen from March Networks,” said Josh Waite, Head of Cyber Essentials Canada. “Proactive resilience strategies help strengthen organisations’ ability to avoid disruption and demonstrate responsible practice. We congratulate March Networks for having made Cyber Essentials Canada certification part of their strategy.”

Honeywell is expanding its Performance Series video line with the launch of six new cameras and upgrades to 11 existing products. The enhanced Performance Series Video 2/4/8 MP IP Solution native integrated cameras deliver faster notification and verification of potential threats along with powerful insights to support small-to-medium businesses and enterprise level applications at a lower installation and operating cost. The Performance Series video cameras feature new Face Detection and Smart Search tools that eliminate hours of video review by allowing end users to quickly search video for more efficient identification, tracking and viewing of specific individuals. New Pin-hole camera enable discreet surveillance with banking applications such as ATMs or self-check-out registers. Key benefits and features: Improves end-customer revenue and reduce operational costs: Provides customer behavioural analysis with People Counting feature which is ideal for retail environments by helping users increase revenue by monitoring traffic and flow for optimising store layouts, staff planning and merchandising strategies. The camera line provides more efficient storage options, including H.265 Smart Codec support, which can help lower storage costs by nearly 50 percent, and reduces training costs with unified GUI and multiple language support. Minimises inventory shrinkage: Features 4K technology for high-definition video across larger coverage areas in day or night settings; users can zoom in from greater distances to reduce the number of cameras required. Ensures efficient and effective security: Increased cybersecurity features protecting the end-user investment and estate infrastructure. Integrates with MAXPRO cloud for easy access control and multi-site management. The cameras allow users to access one or multiple sites through a single user interface using the HDCS software. The Performance Series is part of the Honeywell connected security portfolio which can provide customers a complete solution with video, access control, intrusion and integrated security products.

Pulse Secure, global provider of secure access solutions to both enterprises and service providers, has been recognised as a technology leader and among the top three performers in Network Access Control (NAC) according to research by Quadrant Knowledge Solutions. The NAC market, estimated at nearly $1.3 billion and growing by 27.6 percent per year, is driven by workforce mobility and Bring Your Own Device (BYOD), global regulations, automated threat response and Internet of Things (IoT) security risks. 2019 NAC Market Outlook According to the '2019 NAC Market Outlook' report by Quadrant Knowledge Solutions, NAC manages and controls access of devices and users to corporate networks based on policies, including endpoint configuration, authentication and user’s identity. NAC technologies have evolved significantly from device access authorisation, BYOD and guest management functions to more granular endpoint visibility, access and security capabilities that support robust policies driven by mobility, cloud and virtualisation trends. Modern NAC technology includes functionality to support granular network segmentation, user behavior monitoring, enhanced visibility, and security automation and orchestration capability for automated threat detection and response. The published report provides an overview of the market including NAC capabilities, technology, drivers, adoption trends and competitive insights. IoT proliferation IoT proliferation and the convergence of IT/OT networks is expanding the enterprise attack surface"“IoT proliferation and the convergence of IT/OT networks is expanding the enterprise attack surface. With endpoint, BYOD and IoT security risks, organisations are taking advantage of the operational visibility and threat mitigation capabilities of next generation NAC solutions,” said Piyush Dewangan, industry research manager at Quadrant Knowledge Solutions. “Pulse Secure has received strong ratings for its sophisticated technology platform, competitive differentiation, scalability, technology vision and overall customer impact.” The report cites that Cisco, ForeScout Technologies, and Pulse Secure are the top performers and technology leaders in the global NAC market. These companies provide comprehensive NAC solutions targeting large enterprise organisations, improving their network visibility and granular policy implementation. Pulse Policy Secure Among the capabilities highlighted in the report that earned Pulse Policy Secure (NAC) a technical leadership ranking, the most distinguished are: Integrated visibility, BYOD and IoT security and Zero Trust enforcement capabilities Easy path to NAC, starting with rich network device profiling, inventory and guest management Dynamic identification, classification, monitoring and reporting of managed and unmanaged endpoint and IoT devices Agent and agentless options for pre- and post-admission control, supporting an existing 802.1x supplicant/agent, or by employing agentless multi-factor device discovery and verification Automated or self-service provisioning of guest, BYOD and IoT devices Advanced User Enhanced Behavior Analytics (UEBA) further detects anomalous user, endpoint and IoT device activity Integration with leading networking and security tools, and automated threat response Data center or cloud administration of multiple distributed PPS appliances; each appliance can control up to 50,000 devices to scale to over a million devices per network Integration with leading networking and security tools, and automated threat response Common NAC/VPN Client, policy engine and system management for streamlined deployment, unified visibility and consistent access control for data center and hybrid IT Expanding enterprise NAC platform Pulse Secure continues to experience growth in its enterprise NAC platform with sales through partners to existing customers" “Pulse Secure continues to experience growth in its enterprise NAC platform with sales through partners to existing customers, as well as to organisations investing in first-time NAC deployments and those replacing their current solutions,” said Scott Gordon, vice president of marketing at Pulse Secure. “With our unique means to offer a simple, unified NAC and VPN solution, we allow enterprises to gain essential intelligence, compliance and protection for remote, cloud and data center access. We are honoured to receive this NAC market distinction as technology leader.” The 'NAC Market Outlook' report earmarks that the global NAC market is expected to increase significantly in the next five to six years. NAC is increasingly becoming mature and accepted as a key technology to improve an organisation's overall security defenses. Both large and mid-sized organisations are looking at full-scale deployments and extending NAC security to a greater number of devices and endpoints. Adopting security technologies Traditionally, the adoption of security technologies is primarily driven by compliance to broader global regulations. In the global market, banking & financial services, education, government and healthcare sectors are the primary users of NAC solutions. However, organisations from several industry verticals are increasingly focusing on improving their security measures to enhance overall security. IT/OT convergence has resulted in increased exposure to cyberthreats to the industrial environment, and NAC vendors are expanding their capabilities to support IT/OT convergence.

Sargent and Greenleaf (S&G), renowned manufacturer of high-quality mechanical and electronic locks, has announced the release of its Digital Vault Lock solution. Through a secure online interface and user-friendly software, this static code, electronic time lock allows for increased flexibility and security for convenient vault access. Digital Vault Lock  Combining an attack-resistant lock case and enhanced features to protect against a variety of threats – vibration, bouncing and punching attacks – the Digital Vault Lock provides durable security for financial institutions. With the ability to assign four independent time lock schedules for up to 100 users and retrieve up to 1,000 time- and date-stamped audit events with a simple USB connection from the lock, the Digital Vault Lock increases shift coverage without overriding security and can be customised for a single user, dual user or manager. “With S&G’s Digital Platform features and benefits continuing to evolve, the Digital Vault Lock will provide our customers with additional flexibility and security for a smarter and faster vault access lock,” stated Keith Deaton, COO of Sargent and Greenleaf. “The auditing capabilities along with the scheduling and management features of this lock, make it possible for banks to have a digital vault security option,” said Deaton. S&G’s Digital Vault Lock’s main features include: User-friendly programming via website interface or keypad for secure programming. Audio and visual signals, including a display screen and three keypad LEDs for lock status indication. 1,000 time- and date-stamped events for precisely managing audit trails. Offers dual control, automatic daylight savings, a management reset code, time delay up to 99 minutes and a penalty lockout. S&G 3029-3XX lock S&G’s Digital Vault Lock is powered by the S&G 3029-3XX lock with a motor-driven lock bolt. With same mounting footprints as the S&G 6400 and 6500 series mechanical vault locks, retrofits are quick and easy.

ADT, a provider of monitored security and interactive home and business automation solutions in the United States and Canada, unveils its new ADT Commercial brand and positioning video, as part of its multi-year expansion plans. Since the merger with Protection 1, ADT has built upon its commercial capabilities and customer focused approach combining more than ten strategic acquisitions, bringing decades of experience to commercial and national account customers. ADT’s announcement is part of its participation in ISC West, North America’s largest security industry trade show with more than 30,000 industry professionals and 1,000 exhibitors. Significant expansion plans “Today marks the official start of significant expansion plans for the ADT Commercial brand as we bring together numerous strategic acquisitions and alliances we’ve recently achieved, including industry leader, Red Hawk,” said Dan Bresingham, Executive Vice President, ADT Commercial. The ADT Commercial vision is to offer a unified approach to its customers’ security and life safety needs “We are delivering an expanded product portfolio and geographic reach to our enterprise customers, combined with an obsession for customer service, high quality and commitment to excellence.” Led by Bresingham, the ADT Commercial leadership team has a single-minded focus on security and life safety—having spent the majority of their careers in the industry. The ADT Commercial vision is to offer a unified approach to its customers’ security and life safety needs.  Enterprise risk management services ADT Commercial brings together the experience, capabilities and offerings from acquisitions, made since merging with Protection 1, with the goal of creating a best in class security and life safety provider. Most recently, these acquisitions include Red Hawk Fire & Security, Aronson Security Group, MSE Security, Advanced Cabling and Commercial Protection Systems, Inc. ADT Commercial will serve customers with a broad portfolio of solutions such as enterprise risk management services, IP-based video and access control technologies; intrusion detection; fire/life safety; sprinkler installation and maintenance; banking and ATM sales and services; managed services; remote monitoring via its owned and operated monitoring centers; security only networks design, management and monitoring.

In the age of massive data breaches, phishing attacks and password hacks, user credentials are increasingly unsafe. So how can organisations secure accounts without making life more difficult for users? Marc Vanmaele, CEO of TrustBuilder, explains. User credentials give us a sense of security. Users select their password, it's personal and memorable to them, and it's likely that it includes special characters and numbers for added security. Sadly, this sense is most likely false. If it's anything like the 5.4 billion user IDs on haveibeenpwned.com, their login has already been compromised. If it's not listed, it could be soon. Recent estimates state that 8 million more credentials are compromised every day. Ensuring safe access Data breaches, ransomware and phishing campaigns are increasingly easy to pull off. Cyber criminals can easily find the tools they need on Google with little to no technical knowledge. Breached passwords are readily available to cyber criminals on the internet. Those that haven’t been breached can also be guessed, phished or cracked using one of the many “brute-force” tools available on the internet. It's becoming clear that login credentials are no longer enough to secure your users' accounts. Meanwhile, organisations have a responsibility and an ever-stricter legal obligation to protect their users’ sensitive data. This makes ensuring safe access to the services they need challenging, particularly when trying to provide a user experience that won’t cause frustration – or worse, lose your customers’ interest. After GDPR was implemented across the European Union, organisations could face a fine of up to €20 million, or 4% annual global turnover Importance of data protection So how can businesses ensure their users can safely and simply access the services they need while keeping intruders out, and why is it so important to strike that balance? After GDPR was implemented across the European Union, organisations could face a fine of up to €20 million, or 4% annual global turnover – whichever is higher, should they seriously fail to comply with their data protection obligations. This alone was enough to prompt many organisations to get serious about their user’s security. Still, not every business followed suit. Cloud security risks Breaches were most commonly identified in organisations using cloud computing or where staff use personal devices According to a recent survey conducted at Infosecurity Europe, more than a quarter of organisations did not feel ready to comply with GDPR in August 2018 – three months after the compliance deadline. Meanwhile, according to the UK Government’s 2018 Cyber Security Breaches survey, 45% of businesses reported breaches or attacks in the last 12 months. According to the report, logins are less secure when accessing services in the cloud where they aren't protected by enterprise firewalls and security systems. Moreover, breaches were most commonly identified in organisations using cloud computing or where staff use personal devices (known as BYOD). According to the survey, 61% of UK organisations use cloud-based services. The figure is higher in banking and finance (74%), IT and communications (81%) and education (75%). Additionally, 45% of businesses have BYOD. This indicates a precarious situation. The majority of businesses hold personal data on users electronically and may be placing users at risk if their IT environments are not adequately protected. Hackers have developed a wide range of tools to crack passwords, and these are readily available within a couple of clicks on a search engine Hacking methodology In a recent exposé on LifeHacker, Internet standards expert John Pozadzides revealed multiple methods hackers use to bypass even the most secure passwords. According to John’s revelations, 20% of passwords are simple enough to guess using easily accessible information. But that doesn’t leave the remaining 80% safe. Hackers have developed a wide range of tools to crack passwords, and these are readily available within a couple of clicks on a search engine. Brute force attacks are one of the easiest methods, but criminals also use increasingly sophisticated phishing campaigns to fool users into handing over their passwords. Users expect organisations to protect their passwords and keep intruders out of their accounts Once a threat actor has access to one password, they can easily gain access to multiple accounts. This is because, according to Mashable, 87% of users aged 18-30 and 81% of users aged 31+ reuse the same passwords across multiple accounts. It’s becoming clear that passwords are no longer enough to keep online accounts secure. Securing data with simplicity Users expect organisations to protect their passwords and keep intruders out of their accounts. As a result of a data breach, companies will of course suffer financial losses through fines and remediation costs. Beyond the immediate financial repercussions, however, the reputational damage can be seriously costly. A recent Gemalto study showed that 44% of consumers would leave their bank in the event of a security breach, and 38% would switch to a competitor offering a better service. Simplicity is equally important, however. For example, if it’s not delivered in ecommerce, one in three customers will abandon their purchase – as a recent report by Magnetic North revealed. If a login process is confusing, staff may be tempted to help themselves access the information they need by slipping out of secure habits. They may write their passwords down, share them with other members of staff, and may be more susceptible to social engineering attacks. So how do organisations strike the right balance? For many, Identity and Access Management solutions help to deliver secure access across the entire estate. It’s important though that these enable simplicity for the organisation, as well as users. Organisations need an IAM solution that will adapt to both of these factors, providing them with the ability to apply tough access policies when and where they are needed and prioritising swift access where it’s safe to do so Flexible IAM While IAM is highly recommended, organisations should seek solutions that offer the flexibility to define their own balance between a seamless end-user journey and the need for a high level of identity assurance. Organisations’ identity management requirements will change over time. So too will their IT environments. Organisations need an IAM solution that will adapt to both of these factors, providing them with the ability to apply tough access policies when and where they are needed and prioritising swift access where it’s safe to do so. Importantly, the best solutions will be those that enable this flexibility without spending significant time and resource each time adaptations need to be made. Those that do will provide the best return on investment for organisations looking to keep intruders at bay, while enabling users to log in safely and simply.

Timely and important issues in the security marketplace dominated our list of most-clicked-upon articles in 2018. Looking back at the top articles of the year provides a decent summary of how our industry evolved this year, and even offers clues to where we’re headed in 2019. In the world of digital publishing, it’s easy to know what content resonates with the security market: Our readers tell us with their actions; i.e., where they click. Let’s look back at the Top 10 articles we posted in 2018 that generated the most page views. They are listed in order here with a brief excerpt. 1. U.S. President Signs Government Ban on Hikvision and Dahua Video Surveillance The ban on government uses, which takes effect ‘not later than one year after … enactment,’ applies not only to future uses of Dahua and Hikvision equipment but also to legacy installations. The bill calls for an assessment of the current presence of the banned technologies and development of a ‘phase-out plan’ to eliminate the equipment from government uses. 2. Motorola Makes a Splash with Avigilon Video Surveillance Acquisition Early clues point to Motorola positioning Avigilon as part of a broader solution, especially in the municipal/safe cities market. The company says the acquisition will enable more safe cities projects and more public-private partnerships between local communities and law enforcement. Motorola sees Avigilon as ‘a natural extension to global public safety and U.S. federal and military’ applications, according to the company. 3. Impact of Data-Driven Smart Cities on Video Surveillance One of the major areas of technology that is going to shift how we interact with our cities is the Internet of Things (IoT). One benefit will be the ability to use video surveillance to analyse data on large crowds at sporting events The IoT already accounts for swaths of technology and devices operating in the background. However, we’re increasingly seeing these come to the forefront of everyday life, as data becomes increasingly critical. Bosch is highlighting its “Simply. Connected” portfolio of smart city technology to transform security as well as urban mobility, air quality and energy efficiency 4. CES 2018: Security Technologies Influencing the Consumer Electronics Market Familiar players at security shows also have a presence at the Consumer Electronics Show (CES). For example, Bosch is highlighting its “Simply. Connected” portfolio of smart city technology to transform security as well as urban mobility, air quality and energy efficiency. Many consumer technologies on display offer a glimpse of what’s ahead for security. Are Panasonic’s 4K OLEDs with HDR10+ format or Sony’s A8F OLED televisions a preview of the future of security control room monitors? 5. SIA Predicts Top Physical Security Trends for 2018 Traditional security providers will focus more on deepening the customer experience and enhancing convenience and service. The rise of IoT also places an emphasis on cybersecurity, and security dealers will react by seeking manufacturers and technology partners with cyber-hardened network-connected devices. 6. High-Speed Visitor Screening Systems Will Improve Soft Target Security The system is more expensive than a metal detector, but about a third the cost of familiar airport body scanners. Labor reduction (because of faster throughput) can help offset the system costs, but “it’s difficult to quantify the improvement in the visitor experience,” says Mike Ellenbogen, CEO of Evolv Technology. 7. How to Prevent ATM Jackpotting with Physical and Cyber Security A new crime wave is hitting automated teller machines (ATMs); the common banking appliances are being rigged to spit out their entire cash supplies into a criminal’s waiting hands. The crime is called “ATM jackpotting” and has targeted banking machines located in grocery shops, pharmacies and other locations in Taiwan, Europe, Latin America and, in the last several months, the United States. Rough estimates place the total amount of global losses at up to $60 million. The safety and security world bring a complex problem to solve- how to pick out a face in a moving and changing environment and compare it to several faces of interest 8. Why We Need to Look Beyond Technology for Smart City Security Solutions Although technology is necessary for an urban area to transition in to a safe and smart city, technology alone isn’t sufficient. Truly smart cities are savvy cities and that includes how they employ software, sensing, communications and other technologies to meet their needs. 9. How New Video Surveillance Technology Boosts Airport Security and Operations Employing airport security solutions is a complex situation with myriad government, state and local rules and regulations that need to be addressed while ensuring the comfort needs of passengers. Airport security is further challenged with improving and increasing operational efficiencies, as budgets are always an issue. As an example, security and operational data must be easily shared with other airport departments and local agencies such as police, customs, emergency response and airport operations to drive a more proactive approach across the organisation. 10. The Evolution of Facial Recognition from Body-Cams to Video Surveillance The safety and security world bring a complex problem to solve how to pick out a face in a moving and changing environment and compare it to several faces of interest. “One-to-many” facial recognition is a much harder problem to solve.

There’s no denying that cyber-crime is one of the biggest threats facing any organisation with the devastating results they can cause painfully explicit. Highly publicised cases stretching from the US government to digital giant Facebook has made tackling cyber security a necessity for all major organisations. The consequences of breaches have just become more severe, with new GDPR rules meaning any security breach, and resultant data loss, could cost your organisation a fine of up to four per cent of global revenue or up to 20 million euros. Cyber-crime potentially affects every connected network device. In the biggest cyber-crime to date, hackers stole $1 billion from banks around the world, by gaining access to security systems. It’s more important than ever for organisations to be vigilant when it comes to their cyber security strategy. To help avoid becoming the next victim, I’ve put together a five-point cyber plan to protect your video surveillance system. 1. Elimination of default passwords A small change to a memorable, complex password could have huge consequences for your business It is estimated that over 73,000 security cameras are available to view online right now due to default passwords. ‘Password’ and ‘123456’ are among the top five most popular passwords with a staggering 9,000,000 login details matching this description. Guessable passwords create an unsecure security system which can result in an easy way for hackers to gain access to your organisation’s data, making you vulnerable to a breach. A small change to a memorable, complex password could have huge consequences for your business. Removing default passwords from products and software forces individuals to think of their own to keep their data safe. If a password system is not provided by your organisation we recommend that your password uses two or more types of characters (letters, numbers, symbols) and it is changed periodically. 2. Encrypted firmware Encrypting firmware is an important part of any organisations overall security system. Firmware can leave an open door, allowing hackers to access your data. All firmware should be encrypted to reduce the possibilities of it being downloaded from the manufacturers website and deconstructed. If the firmware posted is not encrypted, there is a risk of it being analysed by persons with malicious intent, vulnerabilities being detected, and attacks being made. With i-PRO cameras and recorders, all firmware is securely encrypted to mitigate analysis There have been cases where a device is attacked by firmware vulnerabilities even if there are no problems with the user's settings, rendering it inoperable, and DDoS attacks being made on other servers via the device. With i-PRO cameras and recorders, all firmware is securely encrypted to mitigate analysis. There is also a possibility of being attracted to spoofing sites by targeted attack email and firmware being updated with a version that includes a virus, so firmware must always be downloaded from the vendor's page. It may also be advantageous to combine this with an imbedded Linux operating system which removes all unused features of the device, it can help to reduce the chances of malicious entities searching for backdoor entities and inserting codes. 3. Removing vulnerabilities within the operating systems Vulnerability is the name given for a functional behaviour of a product or online service that violates an implicit or explicit security policy. Vulnerabilities can occur for a number of reasons for example, due to an omission in logic, coding errors or a process failure. Network attacks exploit vulnerabilities in software coding that maybe unknown to you and the equipment provider. The vulnerability can be exploited by hackers before the vendor becomes aware. You should seek to minimise these issues by looking for a secure operating system which is regularly updated. Panasonic has developed Secure Communications, a platform and package to protect against video tampering, altering, spoofing and snooping As a provider of security solutions, Panasonic is taking a number of steps to ensure its consumers remain safe and secure. We have developed Secure Communications, a platform and package to protect against video tampering, altering, spoofing and snooping. We have combined with a leading provider of highly reliable certificates and technology for detecting and analysing cyber-attacks with its own in-house embedded cryptography technology, to provide a highly secure and robust protection layer for its embedded surveillance products. 4. Avoiding remote login using Telnet or FTP Telnet and FTP are a very outdated source of software which as a result means they lack built-in security measures Telnet and FTP are a very outdated source of software which as a result means they lack built-in security measures. File transfer protocol or transfer through cloud-based services means the files and passwords are not encrypted and can therefore be easily intercepted by hackers. An encrypted software removes the risk of files being sent to the wrong person or forwarded on without your knowledge. Telnet predates FTP and as a result is even less secure. Hyper Transfer Protocol Secure is a protocol to make secure communications by HTTP, and it makes HTTP communications on secure connections provided by SSL/TLS protocols. The major benefits of using this system is that HTTPS and VPN encrypt the communications path, so data after communications is decrypted and recorded. If recorded data is leaked, it will be in a state where it can be viewed. With data encryption, however, it remains secure and can even be recoded to storage. Thus, even if the hard drive or SD card is stolen or data on the cloud is leaked, data cannot be viewed. 5. Use of digital certificates Private and public keys are generated at manufacture in the factory and certificates installed at the factoryDigital certificates are intended to safely store the public key and the owner information of the private key it is paired with. It provides assurance that the accredited data from a third party is true and that the data is not falsified. It is beneficial for all data to be encrypted with digital certificates. Digital certificates are far safer when issued by a third party rather than creating a self-signed version unless you are 100 percent sure of the receiver identity. From April 2016, some models of Panasonic series iPro cameras come with preinstalled certificates to reduce the risk of interception and the hassle of having to create one. With i-PRO cameras with Secure function, private and public keys are generated at manufacture in the factory and certificates installed at the factory. As there is no way to obtain the private key from the camera externally, there is no risk of the private key being leaked. Also, certificates are signed by a trusted third party, and the private key used for signing is managed strictly by the authority. In addition, encryption has been cleverly implemented to reduce the usual overhead on the IP stream from 20% to 2%.

Effective access control can be achieved without the use of cards using a new generation of secure facial authentication enabled by artificial intelligence and machine learning. Alcatraz AI is introducing a system that deploys a sensing device, about the size of a badge reader, with multiple colour and infrared cameras that can detect facial features and confirm an identity. Real-time 3D facial mapping avoids anyone using a photograph, video or mask to spoof the system and confirms there is a real person that matches the stored facial image. System helps in tailgating mitigation Deep neural networks, powered by NVIDIA, enable the system to achieve new levels of frictionless access control, says Vince Gaydarzhiev, CEO of Alcatraz AI. Computer processing is achieved at the edge to ensure speedy and secure access control. We saw an opportunity to create a system that solves issues of tailgating and addresses the need for security without increasing friction"“We saw an opportunity to create a system that solves issues of tailgating and addresses the need for security without increasing friction,” says Gaydarzhiev. The accuracy of the system lessens the need for security guards, he says. The Silicon Valley startup, currently with 20 employees, was founded in early 2016 by a team from Apple, NVIDIA and Lily Robotics with a goal of targeting mid- to large-sized corporations that currently have deployed badging systems. The company has raised close to $6M from venture capital firms and individuals, and Johnson Controls/Tyco has invested in the startup. Alcatraz AI’s sensor device, mounted near a door, confirms a user’s identity and communicates the user’s badge number to the existing access control infrastructure. “The system improves the facial profile every time, using the neural network to be even more accurate in the future,” says Gaydarzhiev. He says it is the industry’s first “instant one-factor authentication for multi-person in-the-flow sensing.” The system is less expensive than previous facial authentication systems and does not require users to be very close to the reader Easy enrolment and deployment Enrolment in the system is easy. Companies can deploy a separate enrolment station, or any reader can be used for enrolment. After badging in a couple of times, the face matching system “enrols” the face with the associated badge number, thus allowing the user to dispense with the badge altogether. In the future, the frictionless system simply recognises the user and opens the door. A user company can quickly deploy the system at locations where thousands of employees have access, without requiring employees to go to HR for enrolment. Gaydarzhiev says accuracy of the system is no less than that of iris scanning, and the accuracy is configurable for specific needs. He says the system is less expensive than previous facial authentication systems and does not require users to be very close to the reader. Facial authentication is also more flexible than iris scanning or fingerprinting. Detecting intent from positioning of eyes The system detects intent from the positioning of the eyes and body to avoid opening a door unintentionallyIn contrast to near field communication (NFC) or Bluetooth systems, the technology does not require a compatible smart phone or have issues of communication range. There is no need for users to stop and perform an action or gesture to signal intent. The system detects intent from the positioning of the eyes and body to avoid opening a door unintentionally, says Gaydarzhiev.  Alcatraz AI is targeting high-tech enterprises, including healthcare, government and eventually banks. Currently they have three pilot installations among large global software companies and are undergoing trials with some government agencies. Today, they sell direct to end users, but the intent is to develop a dealer channel that will account for most of the sales.

Recent technology advances – from the cloud to artificial intelligence, from mobile credentials to robotics – will have a high profile at the upcoming ISC West exhibition hall. Several of these technologies were recently designated by the Security Industry Association as the Top 8 security technologies for security and public safety. Some of them will also be a focus at the ISC West conference program, SIA Education@ISC, April 9-11 at the Sands Expo Center. This article will highlight some of those conference sessions.  Topic: Cloud Systems and Video Surveillance as a Service (VSaaS) Managed Video Services are saving TD Bank $500K annually, April 9, 2:45 to 3:45 p.m. Why TD Bank decided to roll out a managed services solution, what it took to deploy and how the bank is saving an astounding $500,000 annually. IT 4.0 and Video Surveillance: A Guide to the New Terminology and What It Means to You and Your Customers, April 11, 1:15 to 2:15 p.m. How IT 4.0 can enhance or change video surveillance, and consequently deliver additional value to customers, including explanations of terms such as cloud data centers, personal clouds, the edge, IoT sensors and data analytics. One of the sessions to cover how IT 4.0 can enhance or change video surveillance, and consequently deliver additional value to customers Topic: Artificial Intelligence (AI) In Video and Other Systems The Challenges and Opportunities of AI in Physical Security, April 10, 3:45 to 4:45 p.m. Looking toward what the future may hold for AI in physical security; the challenges and opportunities the technology has created; and how participants can leverage AI and machine learning with existing customers to grow their business. Deep Learning Demystified: Next-Generation AI Applied to Video, April 11, 9:45 to 10:45 a.m.  Dispelling the myths of the terms “deep learning” and “artificial intelligence,” and what the technologies can do in practical terms. Modern cameras find and identify faces and vehicles, analyse behavior and organise and control assets Neural Processing and Smart Cameras, April 9, 8:30 to 10 a.m. Deep learning-capable hardware is evolving at a frantic pace, and GPU and NPU (neural processing unit) co-processors are commonly embedded in cameras and video management systems. Modern cameras find and identify faces and vehicles, analyse behavior and organise and control assets. Analytics in the Video Central Station: Proper Deployment, Programming and Configuration to optimise operational and cost efficiencies, April 11, 3:45 to 4:45 p.m. How analytics plays a critical role in reducing alarm traffic in a central station environment, allowing them to save money and realise other operational and performance efficiencies. Topic: Robotics and Autonomous Devices Robotic Aerial Security – Growth Trends and Best Practices, April 10, 11 a.m. to noon The lion’s share of growth in the robotic aerial security sector will come from autonomous systems and changing FAA regulations will soon allow companies to monitor and secure remote facilities with no human guards present. Racing drones are difficult to detect as they do not use GPS or radio frequency signals to identify the location of other devices How to Adapt to Address Drone Security, April 11, 1:15 to 2:15 p.m. Drone industry professionals and a physical security design engineer will cover the realistic applications of drone systems and counter-drone solutions that can protect organisations and facilities. Next Generation Threat: Racing Drones, April 11, 2:30 to 3:30 p.m. Racing drones are difficult to detect as they do not use GPS or radio frequency signals to identify the location of other devices. This session will identify the potential risks these drones can pose to facilities, special events, and critical infrastructure. Establishing a Corporate Drone Program, April 10, 9:45 to 10:45 p.m. Is a corporate drone program an appropriate addition to an existing security program? How to understand and navigate the regulatory challenges and processes associated with starting up a commercial-use drone program. The Rise of Intelligence in Physical Security, April 11, 9:45 to 10:45 a.m. “Intelligence” incorporates a variety of subdomains from artificial intelligence to machine learning and contextual analysis. It is rapidly becoming a focus in the realm of IT security – and increasingly in the realm of physical security, too. Changing FAA regulations will soon allow companies to monitor and secure remote facilities with no human guards present Topic: Mobile Credentials Finding Their Place in Access Control How Biometrics Are Enabling the Convergence of Physical and Information Security, April 10, 1:45 to 2:45 p.m. At the center of convergence is one crucial building block: strong irrefutable identity powered by biometrics. Driving the Future: How Interoperability Standards in Access Control Can Enable Smart Building Success, April 9, 1:30 to 2:30 p.m. Growing user demand is driving new open platform approaches and the adoption of interoperability standards Growing user demand for unfettered and unlimited third-party integrations is now driving new open platform approaches and the adoption of interoperability standards. They are changing the dynamic of access control and its role within the smart building environment. Topic: Facial Biometrics in Professional Solutions How Biometrics Are Enabling the Convergence of Physical and Information Security, April 10, 1:45 to 2:45 p.m. Securing workstations, virtual desktops, turnstiles, front doors, mobile devices and more, biometric authentication is helping enterprises and governments worldwide to realise a more secure future. Topic: Voice Control in the Smart Home Environment Delivering the Smart Home of the Future, April 11, 3:45 to 4:45 p.m. With the proliferation of connected smart devices, including voice control devices, consumers have a growing array of options for defining what their Smart Home experience could be.

ISC West in Las Vegas kicked off with a bang on Wednesday, reflecting a healthy physical security industry with an overall upbeat outlook on the future. Driving the optimism is a pending new wave of product innovation, propelled largely by developments in artificial intelligence (AI) and deep learning. Some of that new wave is evident at ISC West, but much of the talk still centres on what’s to come. Attendees flocked to the first day of the show to check out the newest technologies, and they were rewarded with a wide range of innovations. Tempering the optimism are ongoing concerns about ensuring the cybersecurity of IP-based physical security systems. Cybersecurity standards for physical security At least one news announcement is related to cybersecurity at the show: Johnson Controls is the first company to achieve UL (Underwriters Laboratories) certification 2900-2-3 for cybersecurity of life safety and security products and systems for their VideoEdge network video recording platform from American Dynamics. The UL brand ensures that the certification involves a standards-based and scientific approach to evaluating cybersecurity, and that JCI’s certified products meet the requirements. “We were able to be first because we understand issues of cybersecurity, and the UL standard matches very closely to what we have been doing in cybersecurity,” says Will Brown, Senior Engineering Manager, Cyber Protection at Johnson Controls. Tempering the optimism are ongoing concerns about ensuring the cybersecurity of IP-based physical security systems Neil Lakomiak, Director of Business Development and Innovation at Underwriters Laboratories, says relatively few companies have invested sufficiently in cybersecurity, and much of UL’s work in the physical security market is to help manufacturers develop a roadmap to meet cybersecurity goals. “A lot of companies have not invested, but Johnson Controls has,” said Lakomiak. He speculated that it could be some time before another security company achieves the certification; there certainly won’t be a rush of additional companies to do so in the near term, based on the progress he has seen to date, says Lakomiak. “Cybersecurity is a topic that has hit the Board of Directors level,” says Lakomiak. “They are definitely inquiring about it and trying to understand what their posture should be. The leadership teams of companies will be asking a lot of questions.” In terms of cyber-consciousness among the integrator community, Brown estimates about 10 percent are “on board” with the issue. Among the manufacturing community, more than half of the companies are pursuing cybersecurity goals, although the levels of those efforts run a full  gamut, says Lakomiak. Vertical markets that are especially cyber-aware are enterprise, government, and critical infrastructure. Financial and retail companies are also coming on board, as well as companies — even small companies — in regulated industries such as utilities Cybersecurity is a topic that has hit the Board of Directors level Cybersecurity in the cloud Another company emphasising cybersecurity at ISC West is access control company Isonas. “What’s really new at the show for us is that we are being very transparent about the levels of cybersecurity we are applying to our cloud software platform and our IP network hardware,” says Rob Lydic, Isonas Global Vice President of Sales. “The levels of complexity we are putting into our cybersecurity, including the fact that we host our software on Amazon web services, ensures a really high level of security. We are taking painstaking efforts to subject ourselves to third-party penetration testing to give us the visibility of what is going on with our cybersecurity — are we actually as cybersecure as we believe?” The answer: “They have come back to us to say we have an amazing strategy for cybersecurity; the surface that is attackable is minuscule, and the complex layers underneath really prevent anybody from hacking the product.”We are being very transparent about the levels of cybersecurity we are applying to our cloud software platform"  Lydic says he sees higher levels of awareness about cybersecurity at the show, especially among end users. Several other exhibitors agree. Because edge devices have often been targeted in cybersecurity attacks, they are especially an area of concern. “We’re raising that conversation, saying we are a cloud service provider that uses edge devices, and it is core to us to make sure we have a great cybersecurity profile, so the customer can be assured we are doing what we say we are doing and delivering on those promises,” says Lydic. Awareness is filtering through channel: Isonas is seeing many customers who want to have that cybersecurity conversation at the show. “We have had probably 20 or 30 conversations with end users at the show who want to understand what it means to be in the cloud, to understand how the level of communication is encrypted between devices,” says Lydic.  Many end users at ISC West want to understand what it means to be in the cloud Ambitions for growth Successful companies often increase their ISC West booth size as a reflection of their ambition to grow as a company and their success in sales so far. One such company is Paxton Access Inc., which has increased its booth size from a 20x40-foot booth last year to a 30x50-foot space this year. Beyond the show, another reflection of Paxton’s growth is addition of personnel to cover 11 U.S. sales territories that have been newly restructured. New regional sales managers will work with dealers locally. At the show, Paxton is introducing its Net2 Entry Premium monitor, the latest addition to the company’s Net2 Entry line of door entry products. “The show is definitely a great way to promote who we are and what we offer,” says Linda Soriano, Paxton Marketing Communications Coordinator. “It’s great to meet new customers and interact with existing customers, to build new relationships. It’s an opportunity to promote the new things we have going on.” Paxton measures success at ISC West in terms of how many people they interact with at the show. In addition to welcoming booth visitors, the company is signing up attendance at free training through a show promotion. Anyone who signs up for training at the show is entered into a drawing for a $500 Visa gift card and a $1,000 discount off MSRP of Paxton products. Tim Shen, Director of Marketing at Dahua Technology USA, one of the larger exhibitors, says the company is emphasising solutions at ISC West, just one element of the successful international business model they are bringing to the United States.With AI and business analytics in transportation and retail markets, we are letting the market know that we can build solutions" Another topic for Dahua is artificial intelligence. “With AI and business analytics in transportation and retail markets, we are letting the market know that we can build solutions,” he says. Dahua sponsored a keynote address Wednesday on AI, including a presentation from Intel about AI trends. “AI is the future, but what can we use it for now?” asks Shen. “We need to give a very clear strategy of what we think about AI.” Dahua will bring AI cameras and an AI network video recorder to the U.S. market in the second quarter; in effect, they will be testing the water to see how well the AI concept is embraced here. Other new products from Dahua include multi-image and thermal cameras. In the thermal category, Dahua has developed their own chipset to help bring the price down and provide affordable thermal cameras to the U.S. market. Another focus will be e-POE (extended Power over Ethernet), which Dahua sees as a big differentiator. [Main photo credit: Abbey Masciarotte | Larry Anderson]

Ahli United Bank (AUB) is a leading financial institution providing banking, investment, and wealth management services from 147 branches in eight countries. Utilising Gallagher’s business and security solutions in Bahrain since 2008, Ahli United Bank decided in 2017 to undertake a full upgrade of the systems at its headquarters. Installing controlled doors As part of upgrading the full product suite at its Bahrain Headquarters – which included all controlled doors and software – Ahli United Bank (AUB) also took the opportunity for a complete re-design of the set-up and locations of its security system. The bank was committed to finding a product that was cost effective and had a long life expectancy. While researching their options, AUB management saw a demonstration of Gallagher’s Mobile Connect technology and were immediately convinced that this was the ideal product for the bank’s upgrade. Gallagher Mobile Connect uses Bluetooth wireless technology to enable users to badge at a reader using a smartphone  Gallagher Mobile Connect In late 2018, AUB began testing the new mobile solution on site then to be rolled out to most of its staff at headquarters. Gallagher Mobile Connect uses Bluetooth wireless technology to enable users to badge at a reader using a smartphone instead of an access card. A huge benefit for AUB is the solution’s capability to add additional layers of security where needed. Gallagher’s Mobile Connect solution provides the option to apply two-factor authentication via the smartphone – either fingerprint, PIN, or facial recognition – delivering heightened security over access to restricted areas. According to AUB’s management, the two-factor capability was very appealing to them. “Using mobile with facial recognition is far more secure than card and PIN, and it’s immensely more cost-effective than buying biometric readers,” they said. Temporary remote access control From an administrative and site management perspective, Gallagher Mobile Connect provides AUB with significant flexibility. Easy provisioning means that authorised staff can remotely allocate temporary access in advance and can also schedule when a user’s access can begin and end – ideal for visitors and contractors who come to the bank’s headquarters. Beyond Mobile Connect, readers and controllers, AUB uses Gallagher’s security software platform, Command Centre, to manage alarms and access for its headquarters and all branches, all from a centralised location. “The power of Command Centre is enormous,” said AUB’s Management. “It integrates with our CCTV equipment and gives excellent oversight of our operations.”

Brian Ishikawa has always kept tight control over his video surveillance system, allowing only authorised personnel within his corporate security division to access video footage. So it was a change for Ishikawa, Senior Vice President and Director of Corporate Security for the Bank of Hawaii, to get used to the idea of authorised staff from the bank’s branch division being able to review video for operational, compliance and marketing-related purposes. The insights collected from the video are helping the bank make more strategic decisions about staffing, customer service and even future branch design. Business intelligence Our March Networks surveillance platform is providing us with some significant business and non-security-related uses" “Our March Networks surveillance platform is providing us with some significant business and non-security-related uses,” Ishikawa explained. Bank of Hawaii, which operates 69 branches and 373 ATMs across Hawaii, American Samoa and the West Pacific, is currently using March Networks Searchlight for Banking software to gather business intelligence at its branches. Searchlight’s mix of surveillance video, teller/ATM transaction data and analytics delivers valuable insights into the bank’s operations, as well as helping to enhance security and uncover fraud. “Our branch division folks look at the data to get ideas on how we should do our branch operations or staffing differently,” he said. People counting data — collected by FLIR Brickstream3D sensors integrated with the Searchlight software — tells them which entrances and exits are most used so they can place marketing materials in high-traffic areas. Video surveillance products The information is also being used to help determine future branch layouts. Queue length and dwell time data, meanwhile, help them understand their busiest time of day, and day of the week, so they can staff branches appropriately. “It’s a huge plus for us,” said Ishikawa. “Our executive management team can see the benefits of the video solution, and the future possibilities for this data.” A forward-thinking bank that’s keen to try new technology, Bank of Hawaii began exploring Searchlight after its success with March Networks’ other video surveillance products. The bank first started using March Networks systems in 2015, when it was time to upgrade its legacy DVRs. At the time, Bank of Hawaii was relying on two different video platforms, and it wasn’t happy with their performance. After enlisting the help of a consultant, and doing his own research at security tradeshows, Ishikawa says the decision to go with March Networks was clear. Network video recorders 'March Networks’ products are really engineered for the banking environment" “I remember asking some of my banking counterparts, ‘Hey what are you guys using?’ And they strongly recommended March Networks,” he recalled. The consultant came to a similar conclusion. He said, "March Networks’ products are really engineered for the banking environment,’ so that helped us make the decision.” Bank of Hawaii is currently using March Networks 8000 Series Hybrid Network Video Recorders (NVRs) in about half of its banking branches. The Linux-based devices provide reliable video surveillance recording and management, and are also easy to service, which is a huge bonus for Ishikawa and his team. In addition, the 8000 Series rack mount units feature an innovative ‘dock and lock’ station that allows technicians to easily remove and service the recorder while leaving all rear connections clean and organised in place. Existing analogue cameras “With other companies, you have to power down the recorder for several minutes to service it, and that means unplugging and re-plugging all the inputs. You miss a number of minutes of recording during that time. With March Networks, we’re able to just pull out the hard drive and pop in another one without taking the NVR offline,” he said. “That’s huge for us.” According to Ishikawa, Bank of Hawaii also appreciates the 8000 Series’ hybrid support, which allowed the bank to continue using its existing analogue cameras, and the motion histograms in March Networks Command video management software, which show Ishikawa and his team where motion occurred and helps them rapidly locate video evidence. “Command’s modern interface is really user-friendly, and it’s very easy to find video,” said Ishikawa. Dynamic range technology Bank of Hawaii has installed MegaPX ATM Cameras, which are purpose-built for ATMs “When someone is telling you, ‘Hey we had a problem at this branch this morning, I don’t know what happened, but it must have been around this time’, we’re able to find that video much more quickly on a March Networks platform.” The bank’s high resolution cameras also make it easy to discern important details. In its newer branches, Bank of Hawaii is using March Networks ME4 Series IP cameras, which capture 4MP images and feature high dynamic range technology to optimise image quality in both low and bright light. The bank is also using Oncam 360° cameras for high-resolution panoramic views. For security at its bank machines, Bank of Hawaii has installed MegaPX ATM Cameras, which are purpose-built for ATMs. Video is integrated with the bank’s ATM transaction data in the Searchlight software for rapid investigations into customer complaints and potential fraud. More comprehensive oversight “It’s so easy to search,” said Ishikawa. “It takes us exactly to that transaction and the associated video so we can figure out what transpired.” The bank is also integrating its teller transaction data with video in Searchlight for more comprehensive oversight of its branches. The combination of video, transactions and analytics helps it get a more holistic view of its services. “Transaction data is not always indicative of how busy a branch is,” Ishikawa said, noting that lengthier conversations at the teller counter often create value because the customer returns later to access another bank product or service. Having video and analytics is an added layer of information. Being able to remotely access video also helps Ishikawa’s security team conduct virtual patrols. This saves them both time and money. Uniformed security member Capturing video of the incident helped underscore the serious nature of the situation “In the past, whenever there was an issue, we had a uniformed security member head out and physically check the branch. But with virtual patrols, we can do fewer physical visits and, when we do visit, it’s a more meaningful visit.” The security team, for example, can keep an eye on issues with vagrancy and loitering by simply logging into the Command software. March Networks video has helped the bank successfully address some of these issues. In one case, a person was routinely visiting a branch and causing disruptions by yelling and throwing deposit slips on the floor. “We don’t always know the situation, but if a person is yelling or displaying erratic behaviour, they pose a risk,” said Ishikawa. Capturing video of the incident helped underscore the serious nature of the situation. Investigating a fraud “We were able to show police that this was not a minor disruptive party. It was a very concerning issue for us. And it wasn’t just our bank, it was occurring in other banks, too.” Going forward, Bank of Hawaii is planning to migrate its remaining retail branches to March Networks. Given the widespread benefits of intelligent video, Ishikawa predicts that, like him, more bank security managers will receive requests to share their video surveillance securely with other departments. “In the future, it won’t just be security that’s asking for a video upgrade,” he said. “It’s going to be other parts of the business saying, ‘We want a piece of the pie too.’ Because surveillance is more than just investigating a fraud or robbery incident. Now, video surveillance is a lot more than that.”

Saudi Arabia’s National Commercial Bank (NCB) is using IDIS technology for one of the biggest financial surveillance system upgrades ever seen in the region, involving at least 1000 NVRs and over 2500 IP cameras. The bank, which serves over 5.4 million customers and is the second largest in the Arab world, chose an IDIS solution to modernise its security and comply with the latest standards introduced by the Saudi Arabian Monetary Authority (SAMA) and Ministry of Interior. Analogue infrastructure IDIS, which is the largest manufacturer of surveillance technology in South Korea, confirmed that the project involves an upgrade to full HD IP technology across 400 branches and more than 2580 ATMs, to be completed ahead of the 2021 deadline. Solutions provider Almajal G4S was appointed and following a competitive tender process IDIS technology was identified as performing better NCB, also known as AlAhli Bank, needed NVRs that would provide RAID 1 and RAID 5 support, and a solution that would allow integration of both IP and existing analogue infrastructure, and the capability to cost-effectively store video footage for a full year. Solutions provider Almajal G4S was appointed and following a competitive tender process IDIS technology was identified as performing better than alternatives in detailed and rigorous proof-of-concept testing. High level protection The IDIS solution operational benefits at the installation stage as well as in daily operations over the lifetime of the system. “Keys advantages for NCB in choosing an IDIS solution is the technology’s robustness, its resilience against data loss, and high level protection against cyber threats. Using IDIS technology is also ensuring a frictionless migration from existing analogue,” says Ahmad Said, ESS Director at Almajal G4S. Thanks to its hybrid capability, IDIS technology allows analogue and IP cameras to be used together, making the upgrade project easily manageable, with a seamless, staged switch-over. For this mission-critical project, IDIS’s Linux based servers and proprietory protocols also offered the highest level of resistance to hacking, while zero-configuration elminates the need to manage IP addresses for every device, all of which gave NCB the network security assurances they were looking for. Allow efficient maintenance NCB and the associated IDIS solution will be the first to achieve full compliance with the new SAMA standards An important consideration for NCB was IDIS Intelligent Codec which, together with dual H.264/H.265 performance, delivers up to 90% reduction in bandwidth and storage. This gives the bank significant, on-going savings allowing compliance with video data storage rules. It also speeds up recording retrieval and helps to make NCB’s new security system easier and more economical to run, says Harry Kwon, General Manager, IDIS Middle East and Africa. “With the upgrade already proving its value the bank’s central monitoring teams now work more efficiently, with their system providing event forwarding, acknowledgements, notifications and live pop-ups.” Providing the lowest total cost of ownership, the IDIS solution will allow efficient maintenance and simultaneous remote upgrades for multiple devices and gives NCB the assurance of IDIS Ultimate Warranty. The project is due for completion in 2019, NCB and the associated IDIS solution will be the first to achieve full compliance with the new SAMA standards.

MOBOTIX has announced a raised focus on cyber security by implementing the “MOBOTIX Cactus Concept.” The concept aims to deliver a comprehensive approach to protecting MOBOTIX products against the threat of cyber-attacks along with education and tools to help customers and partners build and maintain secure video surveillance and access control environments. Multimedia cybersecurity campaign The objective of the Cactus Concept is to implement a multimedia cyber security campaign in order to raise awareness among potential and existing MOBOTIX customers of the importance of data security in network-based video security systems and how organisations can protect themselves through cost-efficient and intelligent solutions. The Cactus Concept protects every element of the design, manufacture and operation of each device End-to-end encryption with no blind spots is required, from the image source via the data cables and the data storage through to the video management system on the user’s computer. Like a cactus, whose every limb is covered in thorns, all of the modules (camera, storage, cables, VMS) in the MOBOTIX system have digital thorns that protect them from unauthorised access. Protecting people, places and property “Modern video surveillance and access control technologies help protect people, places and property across the world but they are increasingly targeted by criminals aiming to infiltrate, take-over or disable these vital systems,” says Thomas Lausten, Chief Executive Officer of MOBOTIX. “With the Internet of Things trend adding billions of IP connected devices each year, our industry must lead the way in creating secure platforms that can reduce the risk posed by these damaging attacks.”MOBOTIX uses the services of SySS, a third-party security-testing company that examines the security of both software and hardware elements As an important company within digital video surveillance, MOBOTIX believes in its “Cactus Concept” that protects every element of the design, manufacture and operation of each device along with end-to-end encryption across the entire usage and management cycle. SySS third party security testing To ensure the highest levels of security, MOBOTIX uses the services of SySS, a highly-regarded and independent third-party security-testing company that examines the security of both software and hardware elements. SySS customers include Basler Versicherungen, Bundeswehr, CreditPlus Bank AG, Daimler, Deutsche Bank, Deutsche Flugsicherung, Festo, Hewlett Packard, Innenministerium/LKA Niedersachsen, SAP, Schaeffler, Schufa, T-Systems and Union Investment. Sebastian Schreiber, SySS CEO said: “MOBOTIX has a contract with us to provide further penetration testing of its technology elements. The initial platform testing on a current camera model revealed very positive results and we will continue security testing as an ongoing process.” “Cyber security has been and will continue to be a core focus for MOBOTIX,” adds Lausten, “and we look forward to working with our peers in the industry, customers and government agencies to protect the very technologies and systems that help make society safer for all.”

March Networks, a global provider of video security and video-based business intelligence, is pleased to announce that one of Qatar’s top banks is deploying the company’s business intelligence software and integrated analytics to improve customer service and operations. The customer is one of six Qatari financial institutions currently using March Networks systems for advanced video surveillance and fraud prevention. The bank is already using an end-to-end March Networks video recording and management solution in all of its Qatari retail banking branches, hundreds of ATMs, and multiple corporate facilities. It is expanding that solution with Searchlight for Banking software to deliver an enhanced customer experience and strengthen its fraud investigation capabilities. Detecting suspicious transactions The software helps banks evaluate and improve customer service using dwell time, queue length and people counting analyticsMarch Networks Searchlight for Banking combines surveillance video with ATM/teller transaction data and analytics to deliver powerful fraud-fighting tools, such as the ability to rapidly detect suspicious transactions and potential cases of ATM skimming. The software also helps banks evaluate and improve customer service using dwell time, queue length and people counting analytics. The bank started using March Networks several years ago to ensure compliance with CCTV legislation first introduced by the Qatari Ministry of Interior (MOI) in 2011. The law mandates that all banks equip their locations with IP video surveillance, record at a minimum 3-megapixel resolution and 20 frames per second, and ensure 120 days of video storage. The bank, which was using an analogue video surveillance system at the time, needed an enterprise-class video solution that could meet the MOI regulation. It was also looking for a solution that offered remote video management, system health monitoring, and the ability to scale easily to accommodate future growth. Command Enterprise video management software March Networks products have proven highly reliable and are able to meet the parameters set by the Qatar Ministry of Interior regulations"When the project went to tender, only the March Networks solution performed to all of the bank’s criteria, said its group safety and security manager. “With the March Networks system, we are able to fully comply with the law. The usability and health monitoring features of the Command Enterprise video management software are also excellent, enabling us to investigate and resolve potential system issues before they become critical.” According to ISC Group Gulf, a systems integrator in Qatar with a specialised focus and expertise in the banking sector, the March Networks solution is the best choice for banks in the region. “March Networks products have proven highly reliable and are able to meet – and often exceed – the parameters set by the Qatar Ministry of Interior regulations, as our organisation has seen in our work with most of the country’s major financial brands,” said Cristian Ivan Nicolae, Project Manager, ISC Group Gulf. CCTV products for banking environments We are fortunate to be working with ISC Group Gulf, a systems integrator with a deep understanding of the video requirements of Qatari banks"“In addition, March Networks offers the sole CCTV products in Qatar purpose-built for banking environments, which means you are getting a secure, highly-professional solution that is easy to scale in complexity.” “We are proud of our long-standing partnership with this Qatari bank. It is a leader in the use of innovative video technologies, and clearly understands the value intelligent video offers to its organisation,” said Trevor Sinden, Director, Middle East and Africa Sales, March Networks. “We are also fortunate to be working with ISC Group Gulf, a systems integrator with a deep understanding of the video requirements of Qatari banks.” March Networks will showcase its security and business intelligence solution for banks, as well as its complete enterprise video portfolio, in Stand S1-J42 at Intersec 2019, January 20-22 in Dubai, UAE.

Retail banking combines a demand for high security with complex workflows. Staff need efficient access. Facility managers need the flexibility to design access permissions around individual needs, so not everyone can access every area whenever they choose. Nobody wants to carry or track large numbers of keys. These were the requirements, managers of Creval — a regional bank in Italy — faced when seeking an alternative to a mechanical master-key system. Creval needed new access control devices to become an integral part of a security system for assets and people with the highest level of protection. They sought locks to offer a durable, secure and flexible alternative to standard mechanical security. They found an easy, electronic way to administer a powerful, user-friendly system based on battery-powered physical keys and secure, advanced microelectronics. Flexible high-security locking Staff carry a single, battery-powered eCLIQ key, programmed with only the right preauthorised access permissionsCreval chose eCLIQ key-based wireless access control for its banking premises. Bank doors across the Lombardy region are guarded by more than 30 durable eCLIQ cylinders, putting Creval managers in complete control of entrance security. eCLIQ is a scalable electronic extension of the CLIQ access control system deployed in critical infrastructure sites across Europe. Cylinders are fully electronic, protected against manipulation and with 128-bit AES encryption built into both lock and key microelectronics. Staff carry a single, battery-powered eCLIQ key, programmed with only the right preauthorised access permissions. Time-limited access rights Creval’s security manager is now able to grant access based on scheduled times and specific doors, and right down to the level of the individual site user. It is also straightforward to set time-limited access rights for a user key, increasing security if a key is lost. Audit trails and event logs are collected to the same, fine-grained degree. Key management is easy with software operated from a local PC or securely on the web via a standard browser. In the unlikely event a key is misplaced, Creval administrators simply delete its validity from the system. “We are satisfied with the results of the new access control system,” says Claudio Brisia, Logical Security Manager at Creval headquarters in Sondrio.

There’s a huge cloud hanging over the physical security market, but in a good way. Cloud-based systems, whether for video, access control or another category, are on the verge of taking the industry by storm. The benefits of that mythical “cloud” are well-known, or certainly well-touted, in the market. It’s almost as if the word “cloud” has become a buzzword that can mean different things, or at least whatever the customer wants it to mean (as long as they buy!). We asked this week’s Expert Panel Roundtable to define the term more specifically, and to comment on the industry’s understanding of the terminology. Specifically, we asked: Define what we mean by “the cloud.” Is the definition universally understood in the market?

One of the things all security systems have in common is that they depend on human operators, to one extent or another. But how often is the human factor overlooked in product design? Sometimes, more focus is aimed at increasing the functionality of a system, even at the expense of usability. That’s how we get systems that have more capabilities, although accessing that functionality may be hopelessly complex. Creating effective graphical user interfaces (GUIs) is an ongoing challenge for the security market, and the consumer market, with its iPads and smart phones, has raised the expectations bar. We asked this week’s Expert Panel Roundtable: What elements are required to make an effective video system user interface?

One of the benefits of newer IP systems is the ability to store video inside the camera or in a nearby digital video recorder (DVR) at the edge of the network. Edge-based storage is unlikely to take the place of centralised storage, but it is complementary and provides some interesting new options related to system design. We asked this week’s Expert Panel Roundtable: What is the value of edge-based storage and in what specific applications?