The cyber security threat is constant and real. Entire businesses, large enterprises and even whole cities have been vulnerable to these attacks. Growing threat of cyber attacks The threat is not trivial. Recently, two cities in Florida hit by ransom ware attacks – Rivera Beach and Lake City – opted to capitulate and pay ransom totaling more than $1.1 million to hackers. The attacks had disrupted communications for first responders and crippled online payment and traffic-ticketing...
The Spanish SMBs subscribed to Conexión Segura Empresas have avoided more than 80,000 potential cybersecurity incidents since the solution was launched in May. Of those, more than 89% of blocks occurred when users tried to access risky domains or websites, as a result of ‘phishing’. Combating rising cybercrime “The service that Telefónica Empresas offers to its customers has been launched at a moment of high level of cybercrime, in which a new threat is created...
By popular demand, NAPCO Security Technologies, known for innovative technology and reliable professional security solutions, is expanding its globally renowned and award-winning line of StarLink Universal Cellular Communicators with new models on the AT&T LTE network, so important in various areas of the United States of America. The much-anticipated StarLink LTE AT&T Cell and Cell/IP Communicator models include StarLink Fire Commercial Fire Communicators, plus StarLink Intrusion Cellu...
Global provider of critical comfort and security solutions primarily in the residential sector, Resideo Technologies, Inc. has announced that Bob Appleby will join its ADI Global Distribution business as vice president and general manager of ADI North America, effective immediately. ADI North America head In his new role, Appleby will oversee all of ADI North America’s business operations across the United States, Canada and Puerto Rico, and will help ADI deliver on financial commitments...
Ping Identity, globally renowned provider of identity defined security solutions, has announced the release of PingCloud Private Tenant, a private cloud identity solution for the enterprise. Cloud identity, access management PingCloud Private Tenant provides cloud identity and access management (IAM) by combining highly-configurable capabilities within a dedicated environment. Enterprises can provide authentication for all users with a highly-configurable global authentication authority that...
Advanced Access is celebrating its Gold Partner status with Comelit UK to provide bespoke security for future-proof smart door entry solutions. Specialist access control and door entry distributor, Advanced Access works closely with Comelit, introducing its customers to innovative security systems including its stylish audio and visual door entry, latest technology. Advanced - Comelit partnership Says Sam Wade, Advanced Access UK Sales Manager, “For more than 10 years Advanced Access ha...
CNL Software, a global provider of Physical Security Information management (PSIM) software, will be demonstrating the latest features of its IPSecurityCenter PSIM software at the GSX. These demonstrations will help those responsible for the security of major cities, government agencies, public & private critical infrastructure, public & private corporations, and transportation facilities & networks to better understand and more efficiently react to security incidents. Recent IPSecurityCenter developments include enhanced interactive dashboards, improved web and mobile accessibility, plug-in support for embedded analytics, machine learning, predictive insight tools and improved three-dimensional (3D) mapping. Improved sensor technologies to reduce threats Billions of dollars are spent developing new and improved sensor technologies that help reduce new threatsToday, security control centres are expected to process and react to more data from more sources than ever before. And every year, billions of dollars are spent developing new and improved sensor technologies that help reduce new threats as they emerge. This means there will be even more data to understand and manage in the security control center in coming years. By 2025, there will be more than 75 billion Internet of Things (IoT) devices online. That is almost 10 devices for every person in the world. CNL Software will be available at the GSX to discuss what this data management challenge means for the security control center and to demonstrate how security professionals can prepare their organisations to effectively process and react to an ever-increasing volume of otherwise unintegrated security data. Using technology to protect people and assets “Security control centers should be preparing for a huge change in the amount of data they need to be able to understand and manage. To cope, they will need the technology and tools to do more with less. Maintaining a ‘business as usual’ stance will also prevent organisations from taking advantage of the security control center efficiencies that integration, analytics, machine learning technology and automation can provide,” says Mike Mostow, General Manager – Americas at CNL Software. There has never been a greater need and opportunity to challenge traditional security control center methods" “There has never been a greater need and opportunity to challenge traditional security control center methods. Today’s most successful and informed security operations are making use of technology that provides deeper insights into their physical security environment, to better protect people & assets, and to drive efficiencies — creating value beyond safety and security, and across the enterprise.” IPSecurityCenter leads the Global market for PSIM software, offering unparalleled openness and adaptability, virtually unlimited scale, and security and performance advantages that are the result of more than a decade of investment.
ExtraHop, globally renowned cloud-first detection and response solutions provider for hybrid enterprises, has issued a security advisory exposing several cases of third-party vendors ‘phoning home’ proprietary data without the knowledge of or authorisation from their customers. The advisory serves as a warning to all enterprises to hold their vendors more accountable for how they use customer data. Phoning home proprietary data The newly-issued advisory defines phoning home as a host connecting to a server for the purpose of sending data to the server, the ‘white hat’ term for exfiltrating data. According to the report, phoning data home is a common practice that can be used for legitimate and useful reasons with the customer’s consent. But when customers are unaware of this vendor exfiltration, it risks exposure of sensitive data, such as Personally Identifiable Information (PII), in violation of increasingly strict privacy regulations. We decided to issue this advisory after seeing a concerning uptick in this kind of undisclosed phoning home by vendors" “We decided to issue this advisory after seeing a concerning uptick in this kind of undisclosed phoning home by vendors,” said Jeff Costlow, ExtraHop CISO. “What was most alarming to us was that two of the four cases in the advisory were perpetrated by prominent cybersecurity vendors. These are vendors that enterprises rely on to safeguard their data. We’re urging enterprises to establish better visibility of their networks and their vendors to make sure this kind of security malpractice doesn’t go unchecked.” Data and cloud security The advisory highlights four cases spanning the financial services, healthcare, and food service industries where ExtraHop documented vendors phoning home their customers’ data without the customer’s knowledge or authorisation, including: Foul-play in financial services: During a recent training session, ExtraHop noticed that domain controllers were shipping data to a public cloud instance. The customer had no idea that domain controllers were sending SSL traffic outbound to 50 different public cloud endpoints controlled by the vendor. The report documents how a prominent cybersecurity vendor had been doing this for at least two months. Medical device malpractice: A U.S. hospital was piloting a medical device management product that was only to be used on designated hospital Wi-Fi to ensure patient data privacy and HIPAA compliance. ExtraHop noticed that traffic from the workstation that was managing the initial device rollout was opening encrypted SSL:443 connections to vendor-owned cloud storage, in strict violation of HIPAA regulations. When shadow IT phones home to China: While ExtraHop was onsite with a large multinational food services customer, they discovered that approximately every 30 minutes, a network-connected device was sending UDP traffic out to a questionable IP address. The device in question was a Chinese manufactured security camera that was phoning home to an IP address known to be associated with malware downloads. When “on-box analysis” isn’t entirely “on box”: During a proof-of-concept (POC) with a financial services institution, ExtraHop noticed a large volume of outbound traffic headed from the customer’s S. datacenter to the United Kingdom. More than 400GB per day over two-and-a-half days (totaling more than 1TB of data) was exfiltrated by a security vendor that was also in a POC with the financial services institution. The customer was surprised because the vendor claimed to perform all analysis and machine learning ‘on-box’—meaning on the appliance deployed in the customer’s environment. Security advisory ExtraHop’s security advisory recommends that companies take the following actions to mitigate these kinds of phoning-home risks: Monitor for vendor activity: Watch for unexpected vendor activity on your network, whether they are an active vendor, a former vendor or even a vendor post-evaluation. Monitor egress traffic: Be aware of egress traffic, especially from sensitive assets such as domain controllers. When egress traffic is detected, always match it to approved applications and services. Track deployment: While under evaluation, track deployments of software agents. Understand regulatory considerations: Be informed about the regulatory and compliance considerations of data crossing political and geographic boundaries. Understand contract agreements: Track whether data is used in compliance with vendor contract agreements. ExtraHop also urges companies to ask questions of their vendors to ensure they understand how their data is being used, where their data is going and the vendor protocols for phoning home. ExtraHop believes these actions will hold vendors more accountable and ultimately limit the exposure of sensitive enterprise data.
DDoS attacks are easily capable of overloading many companies’ broadband connections. There are several DDoS-for-hire services offering attacks between 10 and 100 Gbps for a modest fee. Currently, one DDoS provider is offering free DDoS attacks of up to 200 Mbps bandwidth for a duration of five minutes. The maximum attack volumes seen by Link11 between April and June 2019 also increased by 25% year-on-year, to 195Gbps from 156Gbps in Q2 2018. In addition, 19 more high-volume attacks with bandwidths over 100 Gbps were registered in Q2 2019. DDoS attacks Rolf Gierhard, Vice President Marketing at Link11 said, "Too many companies still have the wrong idea when it comes to the threat posed by DDoS attacks. Our data shows that the gap between attack volumes, and the capability of corporate IT infrastructures to withstand them, is widening from quarter to quarter." Too many companies still have the wrong idea when it comes to the threat posed by DDoS attacks" Rolf adds, “Given the scale of the threat that organisations are facing, and the fact that the attacks are deliberately aimed at causing maximum disruption, it’s clear that businesses need to deploy advanced techniques to protect themselves against DDoS exploits." Multi-vector attacks Multi-vector attacks posed an additional threat in Q2 2019, with a significant increase in complex attack patterns. The proportion of multi-vector attacks grew from 45% in Q2 2018 to 63% in the second quarter of 2019. Attackers most frequently combined three vectors (47%), followed by two vectors (35%) and four vectors (15%). The maximum number of attack vectors seen was seven. Findings from Link11’s Q2 DDoS statistics include: 20 DDoS attacks resulted in bandwidth peaks in excess of 100 Gbps The largest attack registered by Link11’s network reached a peak bandwidth of 195 Gbps The highest packet rate seen was 46 million packets per second The longest attack during the quarter lasted 1,938 minutes, i.e. over 32 hours The most important amplification reflection vector for achieving large attack volumes is still DNS reflection. According to data from the market research company IDC, more than 80% of companies have already been hit by a DNS attack. Open source intelligence analyses The data is based on defended attacks on websites and servers that are protected by Link11. In addition to network analyses and evaluation of DDoS attack data, the Link11 DDoS report also makes use of open source intelligence (OSINT) analyses.
Carbon Black, globally renowned cloud-native endpoint protection solutions provider, has released a white paper that proposes an updated cybersecurity kill chain model to help defenders stay ahead of evolving cyberattacks. Cybersecurity kill chain model The paper titled, ‘Cognitions of a Cybercriminal: Introducing the Cognitive Attack Loop and the 3 Phases of Cybercriminal Behaviour’, delves into the various ways cybercriminals have evolved in recent years and offers specific guidelines for CISOs and security professionals to help manage risk. We believe cybersecurity professionals should be looking at existing kill chain models with a new lens" “We believe cybersecurity professionals should be looking at existing kill chain models with a new lens,” said Tom Kellermann, Carbon Black’s Chief Cybersecurity Officer and the paper’s primary author. “It’s no longer helpful to approach cybersecurity linearly. Cognitions and context are critical and help reveal attackers’ intent. Understanding the root cause of attacks and the way attackers think is paramount to good cybersecurity. With the ‘Cognitive Attack Loop,’ we’re offering defenders an updated model at how attackers think and behave.” Cognitive Attack Loop The paper outlines, in detail, the three phases proposed in the Cognitive Attack Loop - Recon & Infiltrate; Maintain & Manipulate; and Execute & Exfiltrate. The Cognitive Attack Loop was borne from insight provided by Carbon Black’s cloud-native endpoint protection platform (EPP), which collects terabytes of data per day from around the globe, as well as insights from the Carbon Black Threat Analysis Unit (TAU). Data security “The more insight defenders have into cybercriminal behaviour, the more effective technology can be in recognising and stopping suspicious activity. The patterns we see in attack data transcend any individual attack and allow us to provide protection against a broad set of threats without relying on specific pre-discovered indicators of compromise (IOCs). “With the Cognitive Attack Loop, we’ve taken the various insights from our cloud-native EPP and our threat research efforts to arrive at a modern cycle that helps uncover cybercriminal behaviour and gives defenders a true sense of how modern attackers are operating.”
ExtraHop, global provider of cloud-first network detection and response solutions, has announced the appointment of experienced technology and software industry veteran Bill Ruckelshaus as its Chief Financial Officer (CFO). Ruckelshaus joins the company as it accelerates with more than 10x growth in cybersecurity and rapid expansion of its cloud product portfolio. He will hold a position on the ExtraHop executive leadership team, reporting to ExtraHop CEO Arif Kareem. Cybersecurity expert Ruckelshaus brings nearly three decades of experience working with high-growth companies both internally and as an external financial advisor. As CEO and President at Blucora, Ruckelshaus led the company through a major transformation to become a globally renowned financial services and technology firm. Bill’s operational acumen and experience accelerating growth within the industry will be invaluable" Prior to Blucora, Ruckelshaus held CFO and COO positions with major technology companies including Expedia and AudienceScience. His experience also includes leadership roles in mergers and acquisitions at major financial institutions including Credit Suisse and Prudential. In his new role at ExtraHop, Ruckelshaus will steer the company through its next phase of hyper growth in security and the cloud. Expanding network detection market "Bill brings a rare depth and breadth of experience to ExtraHop leading and advising high-growth technology companies," said Arif Kareem, CEO of ExtraHop. "As we continue to expand our business and gain market share in the rapidly expanding network detection and response market, Bill’s operational acumen and experience accelerating growth within the industry will be invaluable. We look forward to having him on board as part of the ExtraHop team." "Bill’s depth of experience guiding companies through growth and strategic financings will be a significant asset to ExtraHop as it seeks to grow its global enterprise footprint and cement its position as a force in enterprise security,” said Matt McIlwain, managing director at Madrona Venture Group and a member of the ExtraHop Board of Directors. Security as a Service (SaaS) "ExtraHop is the rare growth company that combines exceptional innovation with operational excellence," said Ruckelshaus. "The company’s accelerating growth in cybersecurity, it’s recent expansion into SaaS, and the rapidly emerging network detection and response category combine to put ExtraHop on the precipice of a breakout year. It’s an exciting time to join this company, and I look forward to shepherding ExtraHop through its next phase of growth.”
Digital Barriers and Capita have announced that they have signed a global strategic partnership to integrate their full suite of technology solutions, including live facial recognition with Capita’s control room solutions for emergency services. Facial recognition tech integration The agreement will see Digital Barriers’ ultra-low bandwidth live video streaming, body-worn camera, video analytics and live facial recognition technology integrated with Capita’s control room solutions for the emergency services, critical responders and national infrastructure providers. It will also be integrated with Capita’s digital evidence management platform. The collaboration means that facial recognition results can be shown in control rooms alongside other information The collaboration means that facial recognition results can be shown in control rooms alongside other information, and ultra-low bandwidth streaming will provide new ways to view emergencies from the control room, making the job of operators easier and ensuring the right resources are sent to help. Edge-intelligent solutions Under the terms of the agreement, Digital Barriers’ edge-intelligent solutions, which are already used by government and commercial organisations in more than sixty countries, will be made available through Capita’s global network. Digital Barriers will also promote Capita’s ControlWorks and VisionDS control room offerings via its own channels. Digital Barriers - Capita partnership Paul Eggleton, Managing Director of Capita Secure Solutions and Services said, “We are very excited to be signing this agreement with Digital Barriers. The integration of this technology with our portfolio truly sets us apart in being able to offer the best facial recognition technology to our customers around the world.” Zak Doffman, CEO of Digital Barriers added, “This is the perfect time to partner with Capita as there is strong demand from law enforcement for technological advancements that promote officer safety and efficiency. We look forward to working in close collaboration to further accelerate our international growth.”
Edward Snowden’s name entered the cultural lexicon in 2013, after he leaked thousands of classified National Security Agency documents to journalists. He’s been variously called a traitor, a patriot, a revolutionary, a dissident and a whistleblower, but however you personally feel about him, there’s one way to categorise him that no one can dispute: He’s a thief. There’s no doubt about it: Snowden’s information didn’t belong to him, and the scary truth is that he is neither the first nor the last employee to attempt to smuggle secrets out of a building – and we need to learn from his success to try to prevent it from happening again. Since the dawn of the digital age, we’ve fought cyber pirates with tools like firewalls, encryption, strong passwords, antivirus software and white-hat hackers. But with so much attention on protecting against cyber risks, we sometimes forget about the other side of the coin: the risk that data will be physically removed from the building. Douglas Miorandi, director of federal programs, counter-terrorism and physical data security for Metrasens, recently discussed the major risks to physical data security with SourceSecurity.com. Q: What do you believe are the main physical threats to data? The biggest threats I have seen in the physical data security space have varied over the years, but there are four specific risks that remain the same across the board for any organisation, which are: Every organisation is at risk of having data walk out the building with that employee The Insider Threat The Outsider Threat The Seemingly Innocent Personal Item Poor or Nonexistent Screening To beginning with, every company or government agency has at least one disgruntled employee working for them, whether they know it or not, and that means every organisation is at risk of having data walk out the building with that employee. That is what security experts call the insider threat. Q: What do you think influences employees to steal data from their own organisation? People steal data from their workplaces because they see some means to an end, whether it’s to expose something embarrassing or damaging due to a personal vendetta, or because they can sell it to a competitor or the media and benefit financially – meaning they don’t even need to be disgruntled; they might just want a quick way to make a buck. Financial data, too, is attractive, both for insider trading and selling to the competition. People steal data from their workplaces because they see some means to an end, whether it’s to expose something embarrassing or damaging due to a personal vendetta, or because they can sell it to a competitor or the media and benefit financially This can happen to both private companies as well as government agencies. Take Natalie Mayflower Sours Edwards for example, a Treasury Department employee who was caught in the act just last month, when she disclosed sensitive government information about figures connected to the Russia investigation to a reporter. She didn’t hack the system, she simply used a flash drive. And let’s not forget that Snowden was a contractor working for the NSA. Q: Many of us think of security threats coming from an outsider, do companies still face these type of threats? Yes. Unfortunately, organisations do not only need to worry about their own employees – companies and government agencies need to be wary of threats from outsiders. COTS devices include SD cards, external hard drives, audio recorders and even smart phones They can come in the form of the corporate spy – someone specifically hired to pose as a legitimate employee or private contractor in order to extract information – or the opportunistic thief – a contractor hired to work on a server or in sensitive areas who sees an opening and seizes it. Either one is equally damaging to sensitive data because of the physical access they have. Q: Whether it be an insider threat or an outsider threat, what are ways these individuals can steal sensitive data? There are two types of personal items that can be used to steal data: the commercially available off-the-shelf (COTS) variety, and the intentionally disguised variety. This is considered risk number three – the seemingly innocent personal item. COTS devices include SD cards, external hard drives, audio recorders and even smart phones, any of which can be used to transport audio, video and computer data in and out of a building. Intentionally disguised devices are straight out of the spy novel; they could be a recording device that looks like a car key fob, or a coffee mug with a USB drive hidden in a false bottom. Intentionally disguised devices are straight out of the spy novel; they could be a recording device that looks like a car key fob, or a coffee mug with a USB drive hidden in a false bottom Q: What is the difference between COTS and disguised devices? The difference between COTS and disguised devices is that if someone gets caught with a COTS device, security will know what it is and can confiscate it. The disguised device looks like a security-approved item anyone could be carrying into the workplace, making it especially devious. Sometimes these devices don’t just function to bring information out of a building; they are used to damage a server or hard drive once it’s plugged in to a computer or the network. Some are both – a recording device that extracts data and then destroys the hard drive. Companies with airtight cyber security protocols can sometimes fall down when it comes to physically screening peopleQ: With these types of discrete items, can security personnel still catch individuals in the act? For example, through security screenings? Poor or nonexistent screening is the most substantial security threat to any organisation when it comes to sensitive data. Whether it’s an employee, an outside contractor or a device, the physical security risks are real, and everyone and everything entering and leaving a building needs to be screened. Unfortunately, screening often isn’t occurring at all, or is ineffective or inconsistent when it does occur. Even companies with airtight cyber security protocols can sometimes fall down when it comes to physically screening people and stopping them from stealing data through recording devices. Q: It’s surprising that so many organisations would neglect physical security when protecting their data. It’s a huge mistake, and the consequences can be dire. They range from loss of customer trust, exorbitant lawsuits and tanking stock prices in the private sector; and risks to national security in the public sector. Costs and resource allocation increase as well during efforts to reactively fix or mitigate the effects of physically stolen data. For both the private and public sectors, the risk for data to be physically removed from a building has never been greater. Years ago, it was much harder for the average Joe to figure out where they could sell stolen data. Now, with the Deep Web, anyone with Tor can access forums requesting specific information from competing spy agencies, with instructions on how to deliver it, greatly reducing the risk of getting caught – and increasing the likelihood people will try it. Although it’s getting easier to sell data, the good news is that all of these threats are avoidable with the right measures. Physical data security and cybersecurity must be considered the yin and yang of an airtight policy that effectively protects sensitive or confidential assets from a malicious attack Q: So how can an organisation protect against these risks? There are a number of ways – and the first one requires a change of mindset. Not long ago, the building/physical security department and the IT/cybersecurity department were considered two different entities within an organisation, with little overlap or communication. Organisations now are realising that, because of the level of risk they face from both internal and external threats, they must take a holistic approach to data security. Physical data security and cybersecurity must be considered the yin and yang of an airtight policy that effectively protects sensitive or confidential assets from a malicious attack. Q: How can companies and government agencies combine both physical data security and cybersecurity initiatives? Physical security managers can advise cybersecurity managers on ways to reinforce their protocols – perhaps by implementing the newest surveillance cameras in sensitive areas, or removing ports on servers so that external drives cannot be used. Organisations need to create an effective program and ensure it stays effective so people know it’s not worth the hassle to try In turn, the cybersecurity team can let the physical security team know that they have outside contractors coming in to work on the server, and the physical security team can escort the contractors in and stand guard as they work. Constant communication and a symbiotic relationship between the two departments are crucial to creating an effective holistic security protocol and, once you’ve got the momentum going, don’t let it slow down. Sometimes efforts start off strong and then peter out if priorities change. When guards are down, it’s an excellent time for a malicious actor to strike. Organisations need to create an effective program and ensure it stays effective so people know it’s not worth the hassle to try. It’s not just about the mentality, though. Using the right technology is just as important. Q: What type of technology can you use to protect physical data? Many problems can be avoided by simply using the right technology to detect devices that bring threats in and carry proprietary information out. Electronics such as hard drives, cell phones, smart watches, SD cards and recording devices have a magnetic signature because of the ferrous metals inside them. Using a ferromagnetic detection system (FMDS) as people enter and exit a building or restricted area means that anything down to a small microSD card triggers an alert, allowing confiscation or further action as needed. Electronics such as hard drives, cell phones, smart watches, SD cards and recording devices have a magnetic signature because of the ferrous metals inside them Q: How does FMDS work? In the most basic terms, FMDS uses passive sensors that evaluate disturbances in the earth’s magnetic field made by something magnetic moving through its detection zone. Nothing can be used to shield the threat, because FMDS doesn’t detect metallic mass; it detects the magnetic signature, down to a millionth of the earth’s magnetic field. FMDS is the most reliable method of finding small electronics items and should be part of the “trust, but verify” model Although it is a passive technology, it is more effective and reliable than using hand wands or the walk-through metal detectors typically seen in an airport, which cannot detect very small ferrous metal objects. FMDS can see through body tissue and liquids, so items cannot be concealed anywhere on a person or with their belongings. Whether or not the items are turned on doesn’t matter; FMDS doesn’t work by detecting a signal, but rather by spotting the magnetic signature that electronics contain. This is ideal, because most recording devices do not emit any signal whatsoever. In my experience, FMDS is the most reliable method of finding small electronics items (as well as other ferrous metal objects, like weapons), and should be part of the “trust, but verify” model, in which companies assume the best of their employees and anyone else entering the building, but still take necessary precautions. Q: What are the key takeaways for organisations looking to enhance data security? The toughest challenge in the security sector – whether it’s cyber or physical – is remembering that the bad guys are constantly looking for ways to slip in through the cracks, and security departments need to stay one step ahead to ward off both internal and external threats. Recognising the existing threats, putting together a holistic security strategy, and using the right technology to detect illicit devices comprises an effective three-pronged approach to protecting an organisation’s data. Organisations cannot afford to be passive about security and assume employees won’t steal data and spies won’t sneak in. Strong countermeasures are necessary because data loss can come from both inside and outside, in both private and public sectors, from places not everyone thinks of – and with technology like FMDS acting as a backup to the human element, organisations can lock down their data and keep the wolves in sheep’s clothing from getting through the door.
There’s only so much a corporation can do to counteract the threat of a major incident. You can ask everyone to be vigilant and to report anything suspicious, but you cannot stop someone intent on deliberately starting a fire, threatening a work colleague with a knife or something much worse. And of course, most businesses recognise that even routine events – such as burst pipes, IT system failures, extreme weather event or power outages – can have significant consequences unless they are quickly brought under control. Training security officers Governments and organisations across the world are increasingly encouraging businesses to re-assess risks and to plan for and conduct drills for major emergencies. This is driving different agencies and companies to invest in new skills, resources and systems, and encouraging businesses to routinely re-evaluate their emergency response strategies. UK police forces are increasingly training security officers in the public and private sectors on how best to react to potential terrorist incidents For example: UK police forces are increasingly training security officers in the public and private sectors on how best to react to potential terrorist incidents, as part of the UK government’s Action Counter Terrorism programme. And organisations including the Association of University Chief Security Officers (AUCSO) and Higher Education Business Continuity Network (HEBCoN) are developing customised training for their members to improve their own response and business continuity plans. Mass notifications systems Whether an organisation is facing a terrorist attack or a severe weather event, follow up reports consistently identify that the same types of challenges are common to all crisis situations, with similar errors often occurring again and again. Typically, these are centred on three key areas: poor communications, fractured command and control structures, and delayed deployment of resources. Communications skills and technologies clearly play a pivotal role in how effective an organisation is in responding to major incidents, particularly when it comes to assessing the situation and its implications, moving people towards safety and providing updates as an incident unfolds. However, when an organisation is considering its technology options, emergency response and mass notification systems (MNS) are often touted as the ideal platform to deliver all the required critical communications and ongoing updates. UK police forces are increasingly training security officers in the public and private sectors on how best to react to potential terrorist incidents Emergency notification system All the incident reporting, command and control, and communications functions have been brought together on a single platform But, if an organisation does not know exactly where all its staff or students are, and it cannot see the location and availability of its first responders and other emergency coordinators relative to them and the incident, then how useful is it to send a top-down alert to everyone? And what about fast moving or multi-centre incidents, where previously agreed evacuation procedures, recommended actions or mustering points may need to change if an incident takes an unexpected turn? Many organisations may have been lulled into believing that an emergency notification system will allow them to confidently handle all the communications aspects of virtually any crisis. In reality, too many businesses are still unaware that there are now much more sophisticated and proven technologies where all the incident reporting, command and control, and communications functions have been brought together on a single platform. Using live map tracking The benefit of using these advanced and more integrated approaches – often categorised as mobile distributed command and control systems – is that they enable faster and better decision making in a crisis using real-time feedback and two-way dialogue with those closest to the emergency. And they avoid the risks of any potential delays, miscommunications or mistakes that can happen when an organisation is under pressure to respond and often switching between multiple systems. Leading universities and multi-national corporations are already using new mobile/web-enabled platforms to improve their incident response These next generation emergency management platforms have been specifically designed to enable real-time mapping of an organisation’s security assets and its users on a single screen and to fully integrate it with a highly targeted geo-fenced notification capability. The mass notification aspect of the system can then be used to advise specific groups on the best actions to take at their location as an incident develops. The use of live map tracking enables real time mapping of an organisation's security assets Segmented messaging Many leading universities and multi-national corporations are already using these new mobile/web-enabled platforms to plan, manage and improve their incident response, leading to 50% faster reactions and more positive outcomes.During a crisis, users can receive push notifications so the security centre can immediately see their exact location and advise them accordingly The systems have been widely adopted within the higher-education sector, but they are equally applicable to any large company with multiple international sites or those situated in research or corporate campuses where the bulk of assets and people are based in one or more key locations. Typically, systems provide users with a smartphone app that they can use to call for immediate emergency or first aid support when at work, or to report something suspicious which could prevent an apparently minor incident from escalating into a full-scale emergency. During a crisis, users can receive push notifications, SMS and E-mails asking them to open the app if they are not already logged in, so the security centre can immediately see their exact location and advise them accordingly. Supporting dispersed mustering Now that communications can be more nimble, responsive and flexible this can support the increasing numbers of planners are recognising the advantages of dispersed mustering. This is a strategy that has been developed to reduce the risk of secondary attacks on unprotected people complying with instructions to evacuate from premises and gather in what are, effectively, exposed locations. It is now acknowledged that evacuees waiting outside for any length of time are more vulnerable to targeted attacks or to injury, from flying glass for example. With dispersed mustering – a strategy made more effective by these new mobile distributed command and control systems - a building’s occupants can be advised not to go outside, but to move to known safe internal locations. People in each specific area can then be kept regularly updated. Many corporations are now using new mobile/web-enabled platforms to improve their incident response Coordination between response agencies The software platforms can be integrated with an organisation’s fixed security infrastructure to take real-time sharing of information First responders are permanently logged in, so the emergency operations centre can see their exact locations in real-time and can advise what actions to take in mustering people or in setting up and protecting security cordons. Bringing everything together on one platform, with real-time feedback and in a fully integrated system also removes what is often seen as the weakest communication link in managing any major incident: the need to rely on conventional two-way radio as the sole means of communication between the command and control centre and its first responders and other team members on the ground. The software platforms can be integrated with an organisation’s fixed security infrastructure to take real-time sharing of information to a new level for improved collaboration, coordination and communications between users, the incident management team and external agencies. Improving emergency response strategies One of the most powerful features of some of these new systems is the ability to record and view all alerts, responses and the detailed conversations between first responders, emergency coordinators and other parties. This allows the systems to be used to simulate major incidents involving inputs from the emergency services and other key agencies and to ensure the organisation’s crisis management plans have been fully tested against a range of possible incident scenarios.
Video surveillance across the world is growing exponentially and its major application is in both public safety and law enforcement. Traditionally, it has been fixed surveillance where cameras provide live streams from fixed cameras situated in what is considered strategic locations. But they are limited in what they can see given by their very definition of being "fixed." The future of video surveillance includes the deployment of more mobile video surveillance with the benefits it offers. Instead of fixed cameras, this is the ability to live stream from mobile devices on the move such as body-worn cams, drones, motorbikes, cars, helicopters and in some cases, even dogs!Sending drones into the air, for example for missing people or rescue missions, is much more cost-effective than deploying helicopters Advantages of mobile surveillance The advantage of mobile surveillance is that the camera can go to where the action is, rather than relying on the action going to where the camera is. Also, sending drones into the air, for example for missing people or rescue missions, is much more cost-effective than deploying helicopters. The ability to live stream video from cars and helicopters in high-speed pursuits can be used to take some of the operational issues from the first responders on the ground and share that “life and death” responsibility with the operational team leaders back in the command centre. This allows the first responders in the pursuit vehicle to focus on minimising risk while staying in close proximity of the fleeing vehicle, with direction from a higher authority who can see for themselves in real time the issues that are being experienced, and direct accordingly. In addition to showing video live stream from a pursuit car or motorcycle, by using inbuilt GPS tracking, the video can be displayed on a map in real time, allowing a command chief to better utilise additional resource and where to deploy them, through the use of displaying mapping information with real time video feed. It allows police chiefs to make better informed decisions in highly-charged environments. The 4G phone network can now be used with compressed video to live stream cost effectively Application in emergency situations The same is true of first responders in many different emergency situations. Mobile surveillance opens up a new area of efficiencies that previously was impossible to achieve. For example, special operations can wear action body-worn cameras when doing raids, fire departments can live stream from emergency situations with both thermal and daylight cameras, and paramedics can send video streams back to hospitals allowing doctors to remotely diagnose and prepare themselves for when patients arrive at the hospital. How can special operations and emergency first responders live stream video from a mobile camera with the issues of weight, reliability and picture-quality being considered? H265 mobile video compression Law enforcement insists on secure transmissions, and it is possible to encrypt video to the highest level of security available in the public domain The 4G phone network can now be used with compressed video to live stream cost effectively. The issue of course is that 4G is not always reliable. Soliton Systems has mitigated this risk of low mobile quality in certain areas, by building an H265 mobile video compression device that can use multiple SIM cards from different cellular providers simultaneously. H265 is the latest compression technique for video, that is 50% more effective than conventional H264, and coupling this with using multiple “bonded” SIM cards provides a highly reliable connection for live-streaming high-quality HD video. The 400-gram device with an internal battery can be connected to a small action cam, and can live-stream simultaneously over at least three different cellular providers, back to a command centre. Latency is typically less than a second, and new advance improvements are looking to reduce that latency further. Encrypted video transmission What about security? Law enforcement insists on secure transmissions, and it is possible to encrypt video to the highest level of security available in the public domain, i.e. AES256.What about integration into existing video infrastructure at the command centre? It is not untypical for a police force to have an existing video management system (VMS) at their command centre such as Milestone System’s Xprotect. The Soliton range of products are ONVIF-compliant, a standard used by video surveillance cameras for interoperability, allowing cameras and video devices that are ONVIF-compliant to simply “plug&play” into existing video management systems. These mobile transmitters are deployed with law enforcement and first responders across the globe. Their ability to provide secure, full HD quality and highly-reliable video streaming within a small unit, and to enable it to be integrated into the current eco-system that is already installed at the receiving end, has made them a favourite choice with many companies and government agencies.
Physical security has been stuck in a forensic and siloed mindset for decades, while the rest of the enterprise has evolved and transformed into proactive, connected operations. A new security management platform based on artificial intelligence (AI) seeks to change that status quo by using modern tools for unification, analytics and controls. AI-based security management “Security teams are managing more moving parts than ever,” says Clayton Brown, Co-Founder of ReconaSense. “As it stands today, the industry can’t keep pace with the digital transformation and the ‘smart’ movement. Physical security must transition from forensic security to proactive, risk-adaptive security.” ReconaSense says the company is changing the physical security industry with AI-based technology and a risk-adaptive approach ReconaSense says the company is changing the physical security industry with AI-based technology and a risk-adaptive approach. “We’re focused on making security integrated, adaptive and proactive,” says Brown. The flagship product, ReconAccess, is a risk-adaptive physical access control system. It controls who can go where, when, in a building. Taken a step further, ReconAccess analyses risk to prevent an authorised person from entering a room if there is a danger or threat present. It also can spot abnormal activity that may warrant further investigation, i.e., insider threats. ReconAccess unification security solution ReconAccess is part of a unification platform that includes geospatial AI, mobile apps and analytics. ReconaSense helps organisations to mitigate risk effectively in two ways. First, the system pulls in data from disparate systems into a unified language. And then, it enables users to proactively identify risk and threats before they become issues. “We provide actionable guidance and unprecedented visibility so that they can implement appropriate controls for quick remediation and risk mitigation,” says Brown. In general, ReconaSense will improve life safety, future-proof physical security, and provide enhanced situational awareness, he says. Application programming interfaces (APIs) By creating a database translation layer through application programming interfaces (APIs), ReconaSense normalises diverse data into a common language, or database. Previous unification platforms have presented data from different systems into a common presentation layer. ReconaSense goes deeper by extracting, transforming and loading these diverse languages into a common format for humans and machines alike to understand what is going on across their operation in real-time. ReconaSense was honoured with the Security Industry Association (SIA) New Product Showcase Award for Access Control Software at ISC West 2019 Security and risk unification The ReconaSense security and risk unification platform integrates and translates siloed data across systems, devices and applications into a common language, which makes it easier to focus on what matters most and keep risk at bay. “We can change permissions in real time based on any individual behavior or environment,” says Brown. “Being able to assess risk on both sides of the door enables organisations to not only improve security but also improve life safety. We are also positioned to detect insider threats and to streamline operations overall.” Security and data integration ReconaSense provides a common operating picture integrating all the incoming security and relevant data across an organisation ReconaSense provides a common operating picture integrating all the incoming security and relevant data across an organisation. The security intelligence platform can detect early warning signs and abnormal events and implement remediation actions swiftly. The platform can more deeply integrate 3rd-party data systems, analyse and score the data for risk trends, and then activate changes with a native access control system based on this intelligence. ReconaSense works with traditional security integrators as its exclusive channel. They are actively adding more dealers to the network. At this point, distribution is not on the roadmap, but could be beyond the current horizon as the industry matures. Intelligent approach to physical security "The market is ready for the new technology", says Brown. “We must continue to educate integrators and end users on the need to move to a more proactive, intelligent and integrated approach for physical security,” he says. “We have to help demonstrate that AI is not as scary or far away as you think. It’s here today.” In one year, ReconaSense expects to grow its team and partner network significantly and to be deployed in a variety of sites across North America. The current team consists of technologists, engineers, IT and physical security experts and data scientists. ReconaSense is headquartered in Austin, Texas, and has a technology center in New York.
Workforce management systems gather and analyse information and anomalies from security officers in the field. The information ranges from direct observations entered via mobile or desktop apps by officers on duty to reports from cleaning staff, the maintenance department, and CCTV operators. Taken together, the information yields business intelligence and data analytics at no additional cost. Trackforce is a provider of workforce management solutions specific to the security industry and its unique operational requirements. From tracking guard tours to managing incidents and officers remotely, the platform improves officer accountability, optimises operations, and delivers actionable insights via a live dashboard to reduce vulnerabilities and enhance efficiencies. The platform is customisable and scales to each client’s business. Platform to control and identify risks “Corporate security teams deal with issues related to operational risk, facility security levels and design basis threats, and must contend with manmade, naturally occurring, and technological events,” says Guirchaume Abitbol, CEO and founder of Trackforce. “We provide them a platform that enables them to control and identify risks, deliver their service, and maintain security best practices.” Trackforce uses live monitoring to ensure quality control and to upgrade situational awareness, delivers real-time incident notifications Trackforce serves large security guard companies and global organisations in diverse vertical market sectors and is expanding in facilities management. More than 200,000 professionals at over 20,000 customer sites in 45 countries use the platform. Trackforce uses live monitoring to ensure quality control and to upgrade situational awareness, delivers real-time incident notifications, and generates data-rich analysis and key performance indicators (KPIs) that enhance monitoring and reporting. Reduces corporate risk Better management of corporate risk is a benefit of security workforce management. The Trackforce platform reduces corporate risk in four areas by: Managing multiple sites, located anywhere, with various threat levels, cultural differences, operating procedures, and regulations. Supporting a security budget and investment in new solutions by providing data necessary for budget approval. Keeping management informed about outsourced security services partners with relevant data, analytics, and transparency. Providing real-time data on risks and incidents so operations can be quickly optimised to ensure top-level security services. Identifying potential threats and risks The platform rapidly and accurately collates data (implied data or trends) based on user-selected parameters. Data- and intelligence-rich reports become available to managers from any location via a dashboard. All necessary information is displayed on a single screen in an uncluttered format.The ability to analyse current and historical data in real time empowers security managers to track patterns Reports can be downloaded and shared with stakeholders. The ability to analyse current and historical data in real time empowers security managers to track patterns, identify potential threats and risks, and implement preventative actions and strategies. Using data intelligence as benchmark Security teams will use data intelligence as a performance benchmark for resources required to accomplish site goals. They will also use this information to pilot and rationalise resource needs for impending contracts based on historical, descriptive (what happened), diagnostic (why did it happen), predictive (what will happen) and/or prescriptive data (how can we can make it happen). “For example, when a large company incurs incremental computer equipment theft, a supervisor can use the platform to review historical reports and identify patterns and anomalies,” says Abitbol. “The supervisor could then identify and proactively implement targeted strategies to mitigate the theft, such as modifying security routes, increasing patrols, or adjusting asset management protocols.” Enhanced control of security resources The Trackforce platform has been designed to serve clients at multiple regional and national locations and is available in many languages. The Command Center allows a security supervisor based at a central location to easily manage officers on multiple sites. The Command Center provides greater oversight and enhanced control of security resources The Command Center provides greater oversight and enhanced control of security resources. Management can compare locations and evaluate security with a customisable reporting dashboard for each site. The uniform platform uses the same reporting templates and processes for each secured and managed location, thus ensuring consistency and accurate benchmarking. Trackforce’s workforce management solution has low cost and presents a low barrier to entry, with systems that can be implemented in a short time.
Several video manufacturers have participated in the development of a U.K. 'Secure by Default' baseline standard to ensure cybersecurity measures are included in equipment as it leaves the factory. The standard includes ensuring that passwords must be changed from the manufacturer default at start-up, that chosen passwords should be sufficiently complex to provide a degree of assurance, and that controls are placed around how and when remote access should be commissioned. The standard aims to ensure security products are cyber- and network-secure by default and out of the box. The concept is that network video products will ship to installers in the most hardened, cyber-security-optimal form possible, with default settings that provide minimal vulnerabilities on first use. Secure by Default is a self-certification scheme that allows manufacturers to assess their systems for compliance and to apply for the U.K. Surveillance Camera Commissioner’s Secure by Default mark. The mark demonstrates to installers and customers that they are a competent manufacturer who takes the security of their products seriously. The Secure By Default mark demonstrates to installers and customers that they take the security of their products seriously Axis, Bosch, Hanwha, HikVision and Milestone Systems participated in developing the standard, which was officially unveiled at the IFSEC 2019 show. “The launch of the standard is not the end of the journey, but rather the beginning of something unique, exciting and vital for the future success of video surveillance,” says cybersecurity consultant Mike Gillespie, who works with the National Surveillance Camera Strategy for England and Wales. The standard has been developed so as not to present a barrier to entry The manufacturer standard is intended to lay out the basic areas where all video surveillance systems should be secure, regardless of their intended use, whether in public space or not, says Gillespie. “This is very much intended to be an entry-level standard and has been written with the intention of providing [video] manufacturers with a minimum baseline level all should aspire to,” he says. The standard has been developed so as not to present a barrier to entry for any competent and responsible manufacturer, he adds. The Secure by Default standards form part of a wider set of cyber security proposals from the Surveillance Camera Commissioner for the UK Home Office. Adoption within the industry Hanwha Techwin has embraced Secure by Default as part of its comprehensive approach to cybersecurity. “Although we appreciate security needs to be easy to implement, we do not allow for a default password to be used,” according to Hanwha Techwin. “We consider it essential that a secure password be set up during the initial installation process, which is why we prohibit the consecutive use of the same letter or number and we encourage the use of special characters as well as a combination of letters and numbers.” Hanwha Techwin’s approach has been to make security a fundamental feature of cameras and recording devices. Cybersecurity has been taken into account at the start of the design and development process, and not just treated as an optional feature. Article 25 mandates that organisations put in place appropriate technical and organisation measures Axis is aligned with the Secure by Default principles recommended by the U.K. National Cybersecurity Strategy Code of Practice. Furthermore, General Data Protection Regulation (GDPR) makes data protection and security by design and default a legal requirement. Article 25 mandates that organisations put in place appropriate technical and organisation measures designed to implement data protection in an effective manner. Gary Harmer, UK and Ireland Sales Director for Hikvision, said the new Secure by Default scheme is a further positive step forward for the industry, one which Hikvision fully supports. “The process of developing these standards has been one of open collaboration between companies across the network video security industry,” he said. “It’s a truly positive and genuine initiative geared towards creating a more secure environment for all stakeholders in the network security ecosystem.”
Traka has launched a new downloadable white paper to open a discussion on the changing nature of retail banking in the UK, using latest case examples to consider branch management and shifting customer expectations. The white paper, titled ‘Shaping the retail banking industry’ looks at several factors influencing the sector, including the increasing expectations and values of customers demanding a more personalised branch experience. Key and equipment management Incorporating analysis from globally renowned financial services, including PwC, Accenture and Deloitte, the paper highlights the opportunities for innovation, together with collaboration and adoption of new operational processes. This incorporates key and equipment management to enable retail banks to deliver on top quality service. The future for retail banking could arguably also be cited as bleak and in a state of industry disruption" Says Mike Hills, Traka UK Market Development Manager and Author of the white paper: “Against a backdrop of negative press concerning the state of UK high streets, the future for retail banking could arguably also be cited as bleak and in a state of industry disruption, as customers move towards a more mobile-connected lifestyle.” Staff and customer security “However, our research in putting together this white paper tells a different story. That actually, the sector has a real chance to embrace the changes occurring and entice their customers, meeting demands for personal service. We found that brands riding the storm are taking small yet significant steps to tailor their services and make operational differences that are proving key to their success.” The white paper focusses on Traka’s experience with Nationwide Building Society to demonstrate how supporting operational efficiency can benefit banking staff and ensure they can focus on serving their customers, without compromising on security. Retail Banking security Mike concluded, “We have brought this white paper together using the latest research and intrinsic market reports, together with case evidence on the future of the retail banking industry and the issues faced by the sector to ensure long term success.” “Within this, we wish to stimulate debate and encourage views and contributions from as many different voices as possible. We look forward to your opinion, experience or comment on this matter of growing importance so together, we can look to support and shape the future of retail banking.”
Crossword Cybersecurity plc, has announced that Stevenage Borough Council, Peterborough City Council and East Hertfordshire District Council (‘the Councils’), will use Rizikon Assurance to manage compliance with the GDPR (General Data Protection Regulation) with their suppliers and for wider information governance. GDPR compliance GDPR makes many requirements of organisations, including taking adequate steps to ensure data is both encrypted and anonymised, so that in the event of a breach, the data cannot be exploited. Infringements under GDPR can lead to fines of €20 million, or 4% of annual global turnover for an organisation. Data breaches can be accidental, through the loss of a laptop for example, or as a result of an intentional breach or cyber-attack With a combined residential population of over 430,000, the Councils have a duty to ensure that the personal information of all residents is adequately protected against the risk of data breach, either by the Councils themselves or the third-party suppliers and agencies with which they work. Data breaches can be accidental, through the loss of a laptop for example, or as a result of an intentional breach or cyber-attack. GDPR risk exposure Using Rizikon Assurance, the Councils will improve the process and accuracy of securing third party assurance. This will support compliance with GDPR, and establish a way to manage on-going assurance checks when needed at regular intervals. Additionally, the Councils will be in a position to identify GDPR risk exposure across their supplier portfolio, so that remedial action can be taken to improve the protection of citizen data. Jake Holloway, Director responsible for Rizikon Assurance, commented, “The role of every public service organisation is to serve its citizens, often holding personal information about them on many sensitive topics such as health, benefits and education. With that comes the responsibility of ensuring that information is protected, especially when it needs to be shared with partner organisations.” Rizikon Assurance Jake adds, “Rizikon Assurance will help any organisation dramatically improve the speed and reliability of its third-party assurance processes, covering areas such as GDPR, health & safety, the Modern Slavery Act and any other requirements that they may have. It moves third party assurance from a siloed and reactive activity, to a connected, proactive continuous process that delivers a complete view of third-party risk.”
Modern office design needs an advanced access control system that is powerful, flexible and aesthetically in tune with workspace users and their needs. At Plexal, a new £15 million flexible work environment located in the heart of Olympic East London, where the city’s ‘innovation community’ meet to brainstorm and explore new ideas, Aperio achieves all the three virtues wirelessly. At Plexal enterprise and academia work together, with technology companies, start-ups, universities and creatives under one roof. Up to 800 entrepreneurs use the workspace to devise, create and launch products and services. Innovative access control solution Easy, non-disruptive installation of new locking devices was another goal: Plexal preferred a wireless solution Plexal required a tried-and-tested access control solution they could rely on for high-end security to protect this new co-working office against unauthorised intrusion and burglary. Easy, non-disruptive installation of new locking devices was another goal: Plexal preferred a wireless solution. Any chosen solution would need the flexibility to expand access control as Plexal’s site scales over time. Device aesthetics must complement a contemporary, light-filled interior design with lots of glass. Powerful, flexible, wireless connectivity Plexal offices are now fitted with Aperio wireless, access card-based locking technology. Plexal’s battery-powered Aperio locks are integrated with DoorFlow, NetNodes’ online platform for managing and auditing building access. So far, 59 Aperio L100 wireless high-security door locks have been installed and integrated online with DoorFlow. These Aperio locks provide Plexal with a high level of physical protection and transmit door status to DoorFlow in real time. Adaptable locking solution Plexal required an adaptable locking solution for a range of different doors and, with no wiring required" “Plexal required an adaptable locking solution for a range of different doors and, with no wiring required, it was quick and easy to install Aperio with minimal disruption,” says Stewart Johnson, Director at NetNodes. Because Aperio locks are battery- rather than mains-powered, the new wireless solution also keeps Plexal’s maintenance costs and energy consumption low. Aperio wireless locks use no power when idle, only “waking up” to read credentials or maintain a system heartbeat. Annual running cost savings over traditional wired doors are significant. Modern locking device design Aperio aesthetics were a good fit for Plexal’s modern workspace. “We have a futuristic-style, open-plan design here at Plexal — our offices are predominantly glass-fronted, so we needed an effective design which was not only robust but adaptable, too,” says John Herbert, Facilities Manager at Plexal. “What really appealed to me about ASSA ABLOY access control’s products was the aesthetic.” Aperio technology integration And because Aperio technology is built on an open platform for integration with almost any security or building management system, Plexal’s access control solution is fully future-proofed. They have the option to expand to new offices, floors or even buildings easily. Aperio can upgrade mechanically locked doors and wirelessly connect them — online or offline — to new or existing access control systems. This is achieved with minimal modification to doors and premises, offering a simple, cost-effective security upgrade. Aperio can upgrade mechanically locked doors and wirelessly connect them to new or existing access control systems Wireless access control “Should any additional doors need to be added to the system in the future, this can be done easily, without modifying or changing the aesthetics of the environment,” confirms Stewart Johnson. “This also minimises future installation costs, offering a cost-effective and straightforward access control upgrade.” “We foresee change in the not-too-distant future and are delighted at our options to modify,” adds John Herbert. Secure physical and digital access ASSA ABLOY's innovations enable safe, secure and convenient access to physical and digital places, offering efficient door opening solutions, electronic locking devices, trusted identity solutions and entrance automation technologies.
A supplier of global technology services, Bosch chose to partner with Gallagher and KW Corporation to help streamline its North American security operations. Operational efficiency Bosch required a comprehensive yet flexible security solution that could be tailored to solve their specific requirements and challenges. Presently 22 Bosch locations are on the Gallagher platform with a cardholder database of approximately 6,000. A key area of focus for Bosch was improving operational efficiency. Command Centre, Gallagher’s powerful access control solution, offered Bosch a range of reporting functions to help streamline operations. Manager of Bosch’s corporate Security, Frederick Fung, says “The user friendliness of Command Centre and the ability to automate reporting means our operations now run more smoothly. Administration time has been reduced, creating significant cost savings.” Having the ability to pick up the phone and call technical support is critical to securing our sites" Centralised system Bosch selected Gallagher as the solution that could best meet its needs, including a centralised system to secure multiple sites. “Having the ability to pick up the phone and call technical support is critical to securing our sites,” explains Fung. “Many of our security staff have multiple responsibilities, so the Gallagher and KW Corporation services are invaluable.” Gallagher also offers customers the same training courses that it conducts for certified channel partners, providing staff with the capability to be first responders and giving them the confidence to handle certain security issues themselves. Command Centre Like many businesses, theft of physical and intellectual property is a big concern. With the support of Gallagher and KW Corporation, Command Centre manages access control, Bosch surveillance, and intrusion systems. Selecting Gallagher provided Bosch with: Video management system integration (BVMS), for safety precautions and oversight CCTV integration, image and video event audit trail Peace of mind through the use of the latest continually evolving software technologies and cyber security counter measures, eliminating the fear of hacking and site down-time Integrated intrusion detection system allowing full situational awareness Flexible and scalable solutions Fung explains, “The key differentiator for Gallagher is the company’s unmatched support, system user-friendliness, and cost savings in both short and long-term.” Gallagher solutions are flexible and scalable, creating the potential for future growth across Bosch locations. “Integration with Gallagher Command Centre has had a positive impact across our sites, improving safety, security, and operational efficiencies,” says Fung. “Gallagher supports us in providing a safe and secure working environment, improving the quality of life for our associates and visitors.”
People’s Choice Credit Union is one of Australia’s largest Credit Unions, with 365,000 members and 44 locations across South Australia, Northern Territory, Victoria, Western Australia, and Australian Capital Territory. People’s Choice Credit Union (People’s Choice) has earned a reputation as a forward-thinking and highly innovative company that is radically changing the banking experience for its members and employees. From their head-office to their branches throughout Australia, People’s Choice is utilising new technology to improve service to members, be more efficient, reduce costs, and decrease their environmental footprint. Smarter workspaces Operating an innovative, modern working environment that utilises flexible workspaces in place of traditional desks, People’s Choice staff are not allocated a specific desk but instead choose where they wish to sit each day. They can even choose whether they wish to sit or stand, by having desks that can be raised or lowered to suit personal preference. Flexible work environments are proving popular for large corporate companies due to the ability to increase company-wide communication, support project work, improve productivity, reduce clutter, and save costs. “With a large staff, there is always a number of people out of the office, whether it’s on sick or annual leave, or working on business outside of the office.” said Mike Humphrey, Manager of Property Services at People’s Choice Credit Union. “By implementing a flexible workspace model, we have been able to save approximately 3,000 square meters of office space which equates to thousands of dollars each year in building costs” said Mike. Multi-technology smartcard T20 and T10 readers Using Gallagher’s smartcard T20 and T10 readers on each locker bank, staff badge their access card to open their allocated locker To facilitate the operation of a flexible work environment and provide employees with storage for their personal effects (work-related material is stored elsewhere), People’s Choice uses banks of brightly coloured lockers that are managed by electronic access control. Using Gallagher’s smartcard, multi-technology T20 and T10 readers on each locker bank, staff badge their access card to open their allocated locker. With the readers communicating with Gallagher’s Command Centre software management platform, People’s Choice has a simple to operate, customisable system that enables staff to carry just one card on site. “We’re all about putting people first. As an organisation we’re not afraid to try new ways of doing things, and as a result we’re seeing significant improvements for our members and staff.” Mike Humphrey, Manager of Property Services, People’s Choice Credit Union. Command Centre Mobile App Utilising Gallagher’s innovative Command Centre Mobile App, key facilities management personnel are able to manage access remotely using their mobile phone. “Occasionally staff forget their access card and I’ll get a phone call to open their locker for them. Being able to access the platform and administer overrides using my phone, from wherever I am at the time, is huge for me” said Mike “and it speeds things up considerably for the employee”. With people working in different areas at different times, People’s Choice needed a printing solution that simply and easily enabled staff to retrieve printed documents from the nearest printer. People’s Choice was also looking for a solution that helped to cut down on unnecessary waste. Follow-Me Printing solution To meet both of these needs, People’s Choice installed Follow-Me Printing. This printing solution stores print jobs electronically until a user badges their Gallagher access card at a printer to retrieve their files. At this point, the user can terminate any print jobs they no longer need, cutting down on waste. The solution further reduces waste through a configuration that deletes any printing jobs that haven’t been actioned within a 24 hour period. “One of the truly efficient things about our set-up is that our printing integrates with our access control solution.” said Mike. “It means that staff only have one card for all of their access needs on site; they can access the various office floors, lockers, and printers all with a single card, instead of also having keys and pin numbers to manage.” Temperature management solution Any change in temperature beyond the set limits, triggers an alarm notification Through a Gallagher Bacnet integration, People’s Choice has implemented an automated, continuous temperature management solution for the large data centre located at their head office. With temperature sensors communicating directly with Command Centre, any change in temperature beyond the set limits, triggers an alarm notification to be sent directly to Mike’s phone. According to Mike “The capability for Gallagher’s platform to send critical information, like the potential overheating of a server room, straight to my phone was a big selling point for us. It provides a simple mobile solution to mitigate a considerable business risk.” Visitor management To support efficiency at their head office reception area, People’s Choice chose Gallagher’s Visitor Management Client and Self-Registration Kiosk. The self-registration kiosk serves as an ideal “extra lane” during particularly busy periods, ensuring that visitors are able to register their arrival quickly and effortlessly without delay. The integration between Gallagher’s visitor management solution and Command Centre, ensures that a comprehensive audit trail of all visitor management events, including visitor pre-registration, escort, host, and visitor actions, is securely stored and can be easily retrieved to produce reports.
Two years ago, LABS opened up its new co-working facilities in Camden Market and has a number of locations centered around this iconic area of London. LABS isn’t just popping up in random locations but creating a co-working ecosystem of interconnected buildings and communities. Many companies who hire space are high tech, therefore they expect the facilities they work in to include the latest technology. The challenge LABS faced when developing a co-working environment was to offer a safe and secure working environment that is easy to use by both the clients and staff and uses the latest technology features and provides flexibility and future proofing. Gallagher Command Centre The Gallagher solution was specified for the project because of the central hub it provides The Gallagher solution was specified for the project because of the central hub it provides as well as its ability to integrate with a number of products, such as visitor management software (VMS) and CCTV. The Gallagher Channel Partner was able to offer a tailored security package that ensured LABS premises are safely monitored, guaranteeing smooth day-to-day operation. The buildings are managed by Community Managers, whose role is to understand all the companies and people who work within the LABS buildings. With this understanding the managers can bring the community together and help create beneficial relationships. Community Manager at Camden, Fran, is able to use Gallagher Command Centre for a number of tasks such as monitoring who enters the building including visitors, checking which meeting rooms are reserved, what hospitality is required etc. Bluepoint Real-Time Access Management LABS also use Bluepoint Real-Time Access Management (RAM), which integrates with the Gallagher Visitor Management system to create and modify cardholders and groups. Commands sent from the integration provide muster functionality and enables Community Managers, like Fran, full visitor and staff journey awareness. In order to attract new clients, the building runs open events and also allows people to book a tour. Guests will receive a QR code on their mobile phone so they can enter the building. Fran will receive a notification to say her guest has arrived so she can meet them and show them round. People within the building can also use the same functionality for visitors. Mobile access control Leases can be short, medium or long term and range from the occupation of offices to desks Everyone who works within a LABS building has access to an app so they can book meeting rooms seamlessly, find talent, swap skills, and engage with the community. This is the customer facing tool which links to Command Centre to ensure when someone books a room the relevant people are notified, and the system is updated. Leases can be short, medium or long term and range from the occupation of offices to desks. This means there are lots of leases starting and ending at different times making it difficult to keep track. By integrating with Command Centre access can be instantly revoked should a lease lapse, saving Community Managers time by not having to manually deny access.
Round table discussion
Statistically speaking, incidents of terrorism are unlikely to impact most businesses and institutions. However, the mere possibility of worst-case-scenario attacks is enough to keep security professionals awake at night. Compounding the collective anxiety is the minute-by-minute media coverage when an attack does occur. The immediacy of the shared experience of global tragedy impacts us all – including security system decision-makers. We asked this week’s Expert Panel Roundtable: How is the rise in terrorism impacting the physical security market?
Employee turnover is a problem for many companies, especially among younger employees who have not developed the philosophy of employer loyalty that was common in previous generations. Nowadays, changing jobs is the norm. The idea of spending decades working for a single employer seems almost quaint in today’s economy. However, excessive employee turnover can be expensive for employers, who are looking for ways to keep their brightest and best employees happily toiling away as long as possible. We asked this week’s Expert Panel Roundtable: How can the physical security market promote better employee retention in a competitive employment environment?
In today’s global economy, goods are manufactured all over the world and shipped to customers thousands of miles away. Where goods are manufactured thus becomes a mere detail. However, in the case of “Made in China”, the location of a manufacturer has become more high-profile and possibly more urgent. The U.S. government recently banned the use in government installations of video system components from two Chinese manufacturers, presumably because of cybersecurity concerns. A simmering trade war between China and the United States also emphasises other concerns related to Chinese manufacturing. We asked this week’s Expert Panel Roundtable: Should "Made in China" be seen as a negative in the video surveillance marketplace? Why or why not?