Electronic access control
Ping Identity, globally renowned provider of identity defined security solutions, has announced the release of PingCloud Private Tenant, a private cloud identity solution for the enterprise. Cloud identity, access management PingCloud Private Tenant provides cloud identity and access management (IAM) by combining highly-configurable capabilities within a dedicated environment. Enterprises can provide authentication for all users with a highly-configurable global authentication authority that includes versatile single sign-on (SSO) and highly-scalable directory services, while also maintaining data and resource isolation. This allows global organisations the ability to automate IAM operations, simplify management and achieve their cloud-first objectives. PingCloud Private Tenant Enterprises need a dependable way for customers, employees and partners to sign-on to their services and applications Enterprises need a dependable way for customers, employees and partners to conveniently sign-on to their services and applications. However, this requires companies to support multiple standards, different authentication flows, a wide range of identity and service providers while operating and maintaining the solution. For this reason, PingCloud Private Tenant allows enterprises to automate the operation of their IAM solution, so IT staff can focus on innovation, in addition to providing a global authentication authority. PingCloud Private Tenant provides the following capabilities and benefits: Coud IAM: Practically limitless configuration options combined with a dedicated cloud environment means enterprises control their data and security while also automating IAM operations. Highly-configurable authentication and directory services: Regardless of where applications or resources reside, enterprises can leverage PingCloud Private Tenant’s extensibility for their diverse user populations and identity types. Simplified identity management and minimised costs: Moving IAM solutions from on-premises to the cloud can save companies significant IT operational costs. PingCloud Private Tenant provides the convenience of centralised configuration via self-service and concierge support options, allowing enterprises to save without compromising support for challenging and complex enterprise use cases. Architected for enterprise hybrid IT: PingCloud Private Tenant reaches every corner of an enterprise’s hybrid IT or multi-cloud environment without the need to install, update and manage separate on-premises proxies and agents. Automated operations to reduce complexity: IT teams are able to respond more quickly and easily to global demand for IAM services by reducing geographical deployment complexity and simplifying IAM operations. Multi-tenant cloud solutions PingCloud Private Tenant expands on the range of deployment options that Ping provides to enterprise customers PingCloud Private Tenant allows them to create different environments for development, test and production as needed, with regional configuration options to comply with geographic or regulatory constraints. PingCloud Private Tenant expands upon the broad range of deployment options that Ping provides to its enterprise customers, spanning multi-tenant cloud solutions, private cloud solutions and on premises software. These solutions cover the range of enterprise deployment preferences and use cases, and can operate independently or work together seamlessly as needed to support complex hybrid IT environments. Hybrid IT environments “Enterprises increasingly straddle hybrid IT and multi-cloud environments, as they prioritise a high standard of security and customer experience,” says Loren Russon, vice president of product management, Ping Identity. “PingCloud Private Tenant is designed to simplify identity management while providing the ability to retain full control of data and security.”
Ajax Systems, globally renowned manufacturer of innovative security solutions, announces a partnership with Oprema, renowned and rapidly growing independent security distributor in the UK. Oprema’s customers now have access to a full range of Ajax wireless products for complete protection of residential and commercial properties from intrusion, fire, and leaks. Remote access management Ajax users can remotely manage their systems, control appliances, and check the CCTV streams via mobile apps Ajax users can remotely manage their systems, control electrical appliances, and check the CCTV streams via mobile apps. Whenever the detectors spot a potential threat, the hub notifies the users via push-notifications, calls, and SMS. If an alarm response company oversees their property, it will also receive an alert. Ajax products are notable for their user-friendly design that gently fits any interior and a straightforward installation process. Jeweller radio-protocol connects all of the devices in the system on a distance of up to 2000 m from the hub central panel and allows them to serve up to 5-7 years on the pre-installed batteries. ReX intelligent signal range extender The system’s radio coverage area extends to up 16 sq. m using the ReX intelligent signal range extender. If an intruder attempts to interfere with the signal or jam it, the hub immediately raises an alarm. Ajax devices have earned the highest reliability grade available to the wireless security systems after testing in five independent accredited laboratories. The system runs on a proprietary software OS Malevich. It is immune to viruses, resistant to cyber-attacks, and regularly updates over the air to expand functionality. Oprema - Ajax Systems partnership Together with Oprema, we’re excited to bring Ajax, the next generation of wireless systems, to the UK security market" Aleksandr Konotopskyi, CEO/Founder at Ajax Systems, stated, “Oprema’s team is demonstrating an impressively profound dedication towards customer service, marketing, and operations management. Their far-sighted vision for innovative technologies and business qualities resonate with the core values at Ajax Systems. Together with Oprema, we’re excited to bring Ajax, the next generation of wireless systems, to the UK security market and stimuli its future development.” Ross Hawkins, Operations Director at Oprema said “We are always searching for the latest technology advancement in the industry for our customers. We are excited about this new partnership with Ajax. The new technology will provide our customers with new opportunities and advancements within the industry. We look forward to the future and working with Ajax as a key strategic partner.”
Since the Internet has matured, society has become more interconnected, as have the devices used to enhance everyday lives. This has led to the emergence of the so-called "Internet of Things" (IoT), in which autonomous devices as well as people are now interconnected in and across private, public, and industrial spaces. IoT technologies IoT technologies are invading all application domains including services relevant to emergency situations IoT technologies are invading all application domains including services relevant to emergency situations with a scope wider than IoT connectivity and communication systems. To address this topic, the ETSI Special Committee EMTEL (emergency communications) has just released a report, ETSI TR 103 582, studying use cases and communications involving IoT devices in the provision of emergency situations and providing recommendations on standardisation requirements that could enhance the safety of these communications. The report was prepared by a group of experts possessing a mix of both IoT and emergency communications competencies. ETSI TR 103 582 report ETSI TR 103 582 considers communications involving IoT devices in all types of emergency situations, such as emergency calling, mission critical communications, public warning system communications and adds a new emergency communications domain identified as automated emergency response, where IoT devices can act after receiving a trigger to prevent hazardous situations. A set of eight exemplary use cases illustrate how such communications can be used to provide additional/enhanced information for communicating parties involved in such situations. For example, they cover the case where a smoke detector in a rubbish container sends an emergency message in the event of a fire, sending potentially in parallel a real-time emergency video. Another case could also be that an IoT device turns off immediately a gas tap or slows down a high-speed train when it receives an earthquake public warning (automated response). IoT standardisation ETSI TR 103 582 aids in the potential standardisation requirements enabling a safe operation of these communications ETSI TR 103 582 also helps prepare the potential standardisation requirements enabling a safe operation of these communications. The use cases are analysed from the point of view of potential failures putting safety at risk. Potential means to prevent these points of failure are identified, the impact of these use cases on existing or future standards is assessed and recommendations for requirements against EMTEL existing specifications for each domain are provided. Other IoT standardisation stakeholders also receive suggestions to revise their specifications in order to support the emergency communications requirements. Fail-safe information sharing “The ETSI Report prepares the requirements for communications involving IoT devices in all types of emergency situations”, says Michelle Wetterwald, an expert from the ETSI EMTEL committee. “It also leverages from benefits of IoT with data gathering without human interaction, objectivity of IoT data, fast and fail-safe information sharing, translation of human languages not required, real-time data transmission and operation in dangerous environments.”
ExtraHop, globally renowned cloud-first detection and response solutions provider for hybrid enterprises, has issued a security advisory exposing several cases of third-party vendors ‘phoning home’ proprietary data without the knowledge of or authorisation from their customers. The advisory serves as a warning to all enterprises to hold their vendors more accountable for how they use customer data. Phoning home proprietary data The newly-issued advisory defines phoning home as a host connecting to a server for the purpose of sending data to the server, the ‘white hat’ term for exfiltrating data. According to the report, phoning data home is a common practice that can be used for legitimate and useful reasons with the customer’s consent. But when customers are unaware of this vendor exfiltration, it risks exposure of sensitive data, such as Personally Identifiable Information (PII), in violation of increasingly strict privacy regulations. We decided to issue this advisory after seeing a concerning uptick in this kind of undisclosed phoning home by vendors" “We decided to issue this advisory after seeing a concerning uptick in this kind of undisclosed phoning home by vendors,” said Jeff Costlow, ExtraHop CISO. “What was most alarming to us was that two of the four cases in the advisory were perpetrated by prominent cybersecurity vendors. These are vendors that enterprises rely on to safeguard their data. We’re urging enterprises to establish better visibility of their networks and their vendors to make sure this kind of security malpractice doesn’t go unchecked.” Data and cloud security The advisory highlights four cases spanning the financial services, healthcare, and food service industries where ExtraHop documented vendors phoning home their customers’ data without the customer’s knowledge or authorisation, including: Foul-play in financial services: During a recent training session, ExtraHop noticed that domain controllers were shipping data to a public cloud instance. The customer had no idea that domain controllers were sending SSL traffic outbound to 50 different public cloud endpoints controlled by the vendor. The report documents how a prominent cybersecurity vendor had been doing this for at least two months. Medical device malpractice: A U.S. hospital was piloting a medical device management product that was only to be used on designated hospital Wi-Fi to ensure patient data privacy and HIPAA compliance. ExtraHop noticed that traffic from the workstation that was managing the initial device rollout was opening encrypted SSL:443 connections to vendor-owned cloud storage, in strict violation of HIPAA regulations. When shadow IT phones home to China: While ExtraHop was onsite with a large multinational food services customer, they discovered that approximately every 30 minutes, a network-connected device was sending UDP traffic out to a questionable IP address. The device in question was a Chinese manufactured security camera that was phoning home to an IP address known to be associated with malware downloads. When “on-box analysis” isn’t entirely “on box”: During a proof-of-concept (POC) with a financial services institution, ExtraHop noticed a large volume of outbound traffic headed from the customer’s S. datacenter to the United Kingdom. More than 400GB per day over two-and-a-half days (totaling more than 1TB of data) was exfiltrated by a security vendor that was also in a POC with the financial services institution. The customer was surprised because the vendor claimed to perform all analysis and machine learning ‘on-box’—meaning on the appliance deployed in the customer’s environment. Security advisory ExtraHop’s security advisory recommends that companies take the following actions to mitigate these kinds of phoning-home risks: Monitor for vendor activity: Watch for unexpected vendor activity on your network, whether they are an active vendor, a former vendor or even a vendor post-evaluation. Monitor egress traffic: Be aware of egress traffic, especially from sensitive assets such as domain controllers. When egress traffic is detected, always match it to approved applications and services. Track deployment: While under evaluation, track deployments of software agents. Understand regulatory considerations: Be informed about the regulatory and compliance considerations of data crossing political and geographic boundaries. Understand contract agreements: Track whether data is used in compliance with vendor contract agreements. ExtraHop also urges companies to ask questions of their vendors to ensure they understand how their data is being used, where their data is going and the vendor protocols for phoning home. ExtraHop believes these actions will hold vendors more accountable and ultimately limit the exposure of sensitive enterprise data.
With the recent news headlines about store closures and the collapse of well-known chains, alongside clear adjustments in business strategy amongst established high street favourites, there is no denying that the UK retail industry is under huge pressure. A recent report suggests growing issues are leading some retailers to increase risk-taking in the supply chain. But here, Steve Bumphrey, Traka UK Sales Director, looks at ways to help retailers embrace the storm, including paying attention to security, management processes and efficient customer focus. Challenges plaguing retail industry It’s been an awful year to date for UK retail if you believe the cacophony of negative headlines about the health of the UK economy and the confidence levels of the UK consumer. The sector is facing huge challenges in dealing with the evolution in on-line and smart mobile retailing The sector is undoubtedly facing huge challenges in dealing with the evolution in on-line and smart mobile retailing. Further concerns include an unwillingness of policymakers to address the changing retail environment and how business rates and general business taxation and regulation is making a difficult situation worse. Supply Chain Risk Report According to the latest Global Supply Chain Risk Report, published by Cranfield School of Management and Dan & Badstreet, those under pressure, are now facing increased exposure to risk if they are forced to cut costs in their supply chain. The report cites data for the retail sector that shows increased levels of risk-taking since Q4 2018, with retailers reporting high levels of dependency on suppliers and indicating a propensity to off-shore to low-cost, high-risk countries where suppliers are more likely to be financially unstable. In-store technology revolution The underlying evolution of technology taking hold of the retail industry and consequential changing consumer behaviour is what is really forcing the industry to step up and act. This is not only in the shift to online and smart mobile purchases, but also with the increased use of technology in store. Self-scanning and checkouts In a bid to enhance the physical shop experience, especially in supermarket outlets across the UK, retailers are increasingly giving customers autonomy with self-scanners and checkouts and need to be able to trust them to ensure an honest transaction. And for the shoppers, this dependency on technology and not human interaction to complete a shop means scanners must be instantly available and ready for use. Many different underlying competing challenges impact the retail industry Compensators At the recent British Retail Consortium’s ‘Charting the Future’ conference, looking at retail crime and security, Dr Emmeline Taylor, a criminologist at the City University of London identified in self -service shops, several new types of ‘offenders’ such as so-called ‘compensators’ including the atypical ‘frustrated consumer’ who, “fully intended to pay but were unable to scan an item properly”, adding to the security challenge. There are clearly many different underlying competing challenges impacting the retail industry. Arguably, the increase in technology and autonomous shopping, where less staff are present (or staff cuts planned) throws up more vulnerabilities, such as the opportunity for store theft. Use of body cameras Staff needs emerging technology such as body cameras to act as a deterrent to crime and keep employees safe Furthermore, staff may need greater use of emerging technology such as body cameras to act as a deterrent to crime and help keep employees safe. In essence, prevention is better than cure, and it’s certainly cheaper. Whether combating crime physically or online, or looking to find ways to counter the high street trends, working together, sharing information and taking a more holistic approach will help the development of a shared language between retailers. Retail banking It is also here where common approaches can help to deliver on efficiencies, in time, resource and budget that can serve to operate right through the supply chain, and minimise, or even negate the need to take any risks. It can even serve to enhance the customer experience, increasing confidence in the shopping environment. Of course, when discussing the high street, it is not just the department stores and chains that are feeling the impact. Well known banks are also having to redefine their priorities and role on the high street, with customers (especially younger generations) demanding a more efficient service than ever before. Well known banks are also having to redefine their priorities and role on the high street Asset protection Leading the way is Nationwide, globally renowned building society, which prides itself on being one of the largest savings providers and mortgages provider in the UK, promoting itself as running purely for the benefit of its customers, or ‘members.’ Richard Newland, Director of Branch & Workplace Transformation at Nationwide said, “Even more than getting a good ‘deal’ from a building society, the quality of our welcome, or our renowned level of service, we make sure our members feel safe with us, enough to trust us with their greatest assets. We are doing everything we can to evolve our business and focus our efforts on providing the best and most secure services that people value.” Key management systems Traka has supported Nationwide with the introduction of dedicated key management systems So committed to its branch network, it has pledged to its 15 million members that every town and city with a Nationwide branch, will still have one for at least the next two years. A bold statement in today’s climate. Traka has supported Nationwide with the introduction of dedicated key management systems, moving its branch network into a more digital system. Keys no longer need to leave site and the audit trail capability has helped to remove the manual paper recording, allowing status of keys to be established instantly, at any time. Changes in retail market This example, together with Traka’s portfolio of high street brands and globally renowned department stores that cannot be named for security reasons, demonstrates the need for retailers to embrace the need for change, both from a product offering and operational running perspective to achieve aspirations of resonating with customers. They also prove the opportunities for success, in an unquestionable difficult market environment. If retailers can listen to customers and respond accordingly, taking into consideration staff safety and security, alongside an ability to respond quickly to personalised enquiries and expectations. This way, perhaps, the current environment can be seen as an opportunity to innovate and embrace technology to form the high street of the future.
The healthcare sector is a crucial part of a functioning society as it provides life-saving care and reassurance to the population. A key part of ensuring the professionals in this industry have the best work environment is the ongoing security of the facilities. Overcoming environmental challenges Hospitals are challenging environments for security integrators. There is little room for mistakes because staff, patients and assets cannot be compromised. Medical centres and their facilities can be vast complexes and security teams must be confident in their ability to identify and nullify threats as soon as possible. Chubb provided Queensland Children’s Hospital's security team with a simple and easy-to-use tool Chubb Fire & Security offers a range of intelligent video and access control systems to solve these challenges. The Queensland Children’s Hospital in Australia, formerly named Lady Cilento Children’s Hospital, is the major specialist children’s hospital for families living in Queensland and Northern New South Wales. The facility not only provides care to the local families but also the state’s sickest and most critically injured children who need highly specialised care. This state-of-the-art hospital, coupled with a leading academic and research facility and the high calibre staff, provides a platform to continue to develop as a leader in paediatric health care, education and research. Comprehensive security solution Chubb developed a solution for Queensland Children’s Hospital that included access control, video management, communications and asset tracking. By creating a common infrastructure for all security systems managed through a comprehensive user interface, Chubb provided the hospital’s security team with a simple and easy-to-use tool that enables them to resolve situations as they happen and action events automatically on command. Chubb also developed a 3D model of the building that allows the security team to respond quickly to a wide variety of events. The protection of patients and staff is naturally a hospital's number one priority Also crucial to the implementation of security systems in a hospital is minimal disruption to its everyday operations. Professionals in hospitals are working 24/7 so there is little time when it comes to disabling security systems for maintenance or repairs. Continued maintenance and upgrades are vital elements to Chubb’s work and key to this is a great deal of collaboration with clinical and operational stakeholders. Securing mission-critical environment Hospital facilities are not always state-of-the-art and often face the slow upgrade process that a limited budget imparts. However, through the audit and update of security systems, steps can be taken to ensure continued operations without external disruption. The protection of patients and staff is naturally a hospital's number one priority and Chubb shares the same commitment to making sure the environment is safe and secure. Carrying out a technically demanding project in a large, mission-critical environment like a hospital takes strong teamwork, including expert strategic partners, and collaboration between stakeholders.
Edge devices (and edge computing) are the future. Although, this does seem a little cliché, it is the truth. The edge computing industry is growing as quickly as technology can support it and it looks like we will need it to. IoT global market The IoT (Internet of Things) industry alone will have put 15 billion new IoT devices into operation by the year 2020 according to a recent Forbes article titled, “10 Charts That Will Challenge Your Perspective of IoT’s growth”. IoT devices are not the only edge devices we have to deal with as the total number of connected edge devices includes the likes of devices like security devices, phones, sensors, retail sales devices, and industrial and home automation devices. The IoT (Internet of Things) industry alone will have put 15 billion new IoT devices into operation by the year 2020 The sheer number of devices begins to bring thoughts of possible security and bandwidth implications into perspective. The amount of data that will need to be passed and processed with all of these devices will be massive. There needs to be consideration taken by all business owners and automation engineers into how this amount of data and processing will be conducted. Ever-expanding edge devices market As the number of edge devices in the marketplace and their use among consumers and businesses rises, the need to be able to handle the data from all of these devices is no longer going to be suitable for central server architectures. We are talking about hundreds of billions and even trillions of devices. According to IHS Markit researchers’ study, there were 245 million CCTV cameras worldwide. One has to imagine there are at least 25% of that many access control devices (61.25 million devices) based on a $344 million market cap also calculated by IHS Markit’s researchers. If all the other edge devices mentioned earlier are considered then one can see that trying to route them all through servers for processing is going to start to become difficult if it hasn’t already, -which arguably it already has, as is evidenced by the popularity of cloud-based solutions amongst those businesses that already use a lot of edge devices or are processing a lot of information on a constant basis. Cloud computing The question is whether cloud computing the most effective and efficient solution as the IoT industry grows The question is this; is cloud computing the most effective and efficient solution as the IoT industry grows and the amount of edge devices becomes so numerous? My belief is that it is not. Taking the example of a $399 USD device that is just larger than the size of a pack of cards and runs a CPU benchmarked at the same level as a mid-size desktop. This device has 8GB RAM and 64GB EMMC built-in and a GPU that can comfortably support a 4K signal at 60Hz with support for NVMe SSDs for add-on storage. This would have been unbelievable five years ago. As the price of edge computing goes down, which it has done in a dramatic way over the last 10 years (as can be seen with my recent purchase), the price to maintain a central server that can perform the processing required for all of the new devices being introduced to the world (due to the low cost of entry for edge device manufacturers) becomes more expensive. This introduces the guarantee that there will be a point where it will be less expensive for businesses, and consumers alike, to do the bulk of their processing at the edge as opposed to in central server architectures. Cloud computing is now being overtaken by edge computing, the method of processing data at the edge of the network in the devices themselves Edge computing There are a plethora of articles discussing and detailing the opposition between the two sides of the computing technology coin, cloud computing and edge computing. The gist of it is that “cloud computing” was the hot new buzzword three years ago and is now being overtaken by “edge computing.” The truth is that cloud computing is a central server architecture hosted at someone else’s location. Edge computing is going to be a necessary development in the technology industry Edge computing is the method of processing data at the edge of the network (in the devices themselves) and allowing for less resources required at a central location. There is certainly a use case for both, however the shift to edge computing amongst the general public and small to mid-sized businesses will not be a surprise to those players, who have been paying attention. One article titled, “Next Big Thing In Cloud Computing Puts Amazon And Its Peers On The Edge” by Investor’s Business Daily takes the stance that edge computing is going to completely displace centralised cloud computing and even coins the phrase, “Cloud computing, decentralised” to explain edge computing. It speaks for the stance that most experts in technology seem to be taking, including Amazon Web Services’ VP of Technology, Marco Argenti according to the same article. We know that edge computing is going to be a necessary development in the technology industry, and it is happening as I write this, and quickly at that. Cost efficiency of edge processing As time goes on, the intersection between the prices of network bandwidth, edge processing and maintaining super powerful central servers will cause edge processing to be the most efficient and cost-effective way to maintain a scalable network in any environment, including datacenters. Owning a central server or utilising edge computing become the better options As it currently stands, most residential users can only achieve a 1Gbps WAN (internet) connection, and small to medium-sized business can’t get much more but seem to get much less, based on my personal experience. When more than 1Gbps needs to be processed, cloud computing becomes very expensive at which point, owning a central server or utilising edge computing become the better options. Then you look a total cost of ownership and when the cost of edge computing is less expensive than the cost of maintaining central server architectures, edge computing becomes the single best option. So, I’ll say it again, edge devices (and edge computing) are the future.
The devil is in the details. The broader implications of the U.S. Government ban on Chinese video surveillance manufacturers are being clarified in the federal rule-making process, and a public hearing in July gave the industry a chance to speak up about the impact of the law. Ban on equipment The hearing centered on Section 889 of Title VII of the National Defense Authorisation Act (NDAA) for FY 2019, specifically paragraph (a)(1)(B). The paragraph "prohibits agencies from entering into a contract (or extending or renewing a contract) with an entity that uses any equipment, system, or service that uses covered telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system." “Covered equipment” refers to products and services from Huawei, ZTE Corp., Hytera, Hikvision and Dahua “Covered equipment” refers to products and services from Huawei Technologies Co., ZTE Corp., Hytera Communications Corp., Hangzhou Hikvision Digital Technology Co. and Dahua Technology Co. Hikvision and Dahua are two of the largest manufacturers of video surveillance equipment, and Huawei manufactures HiSilicon chips widely used in video cameras. ‘Chinese ban’ provision The public hearing was part of the rule-making process for paragraph (a)(1)(B), which the industry has informally referred to as the “blacklist” provision of the NDAA. However, the “Chinese ban” provision [Paragraph (a)(1)(a)] is not at issue, was not covered by the public hearing, and is already scheduled to go into effect a year after the law was signed by President Trump (August 13, 2018). There were seven presentations at the public hearing. Presenters included the Security Industry Association (SIA), two Hikvision integrators, a representative of communications manufacturer Hytera, an economist and an attorney on behalf of telecommunications company Huawei, and Honeycomb Secure Systems, a federal contractor. There was no livestream or transcription of the meeting, although PowerPoint summaries of the 10-minute presentations were published. SIA emphasises on clarity In its presentation, the Security Industry Association (SIA) emphasised that contractors need clarity, i.e., that paragraph (a)(1)(B) applies to an entity's use of covered equipment or services in the performance of federal contracts, but NOT to non-federal sales or use of covered equipment by a contractor that is unrelated to federal work. SIA also focused on the distinction (and contrasting risk profiles) between video surveillance equipment, which are endpoint devices that may or may not be on the Internet, and telecommunications equipment. In contrast, telecommunications equipment is essential to Internet infrastructure and manages all data on a network, encrypted or not. Fully-compliant video surveillance products Security equipment suppliers and integrators doing federal work can offer fully compliant video surveillance products" SIA's presentation included the following "outcome" statement: "Security equipment suppliers and integrators doing federal work can offer fully compliant video surveillance products in the federal market, while offering other products tailored to technical requirements, price points and specific customer needs that vary widely for non-government commercial sectors – e.g. malls, banks, convenience stores, etc.” In other words, involvement in government contracts should not restrict an integrator’s flexibility to offer any and all products and services (included those from the listed Chinese companies) to non-government customers. The two integrators made similar points, specifically about their business with Hikvision. One presenter was Rick Williams, General Manager of Selcom, a systems integrator in Selma, Ala., with 10 employees. They have been a Hikvision partner since 2012 with a year-to-date revenue from Hikvision products of approximately $400,000. Hikvision integrators speak out A second integrator at the hearing was Mark Zuckerman of Clear Connection Inc., a security company in Beltsville, Md., with 32 local employees, that focuses on electronic security, telecommunications and IT. Clear Connection designs, installs and services systems throughout Metro DC and Baltimore, including commercial entities, schools and non-profit organisations. They do about $120,000 a year in business as a Hikvision partner and have over $500,000 in business awaiting federal NSGP [Nonprofit Security Grant Program] approval. In two almost identical presentations, the integrators sought clear guidance on how to comply with the language of the law as written, specifically confirmation that Section 889 of the NDAA does not apply to non-federal sales or use of covered equipment. "This is critical to my company as I provide integrated security solutions across multiple government and commercial markets, using a mix of products from different manufacturers tailored to the technical requirements, price points and customer needs that vary widely for each sector," said Williams. Hytera speaks at hearing It is not clear what Section 889 means, who it applies to, or how far its prohibitions extend" "It is not clear what Section 889 means, who it applies to, or how far its prohibitions extend," commented Zuckerman. "If interpreted broadly, some of my customers would be barred from entering into a federal contract because they have covered products installed in their facility to protect their property and staff.” Also presenting at the hearing was Hytera, a manufacturer of open standard digital mobile radio technology. The presentation emphasised that Hytera does not sell to U.S. telecommunications carriers, and does not supply 5G components or video surveillance equipment. Hytera equipment is used by federal customers such as the National Gallery of Art, National Archives, National Zoo and the Holocaust Museum. Impact on clients and commerce "These federal entities do not play a role in national security, and the Hytera systems do not connect to any critical systems," says the company. "However, the lack of clarity in the implementation of the NDAA has a significant impact on Federal, state and commercial clients, impacting competition and choice." Hytera's presentation continues: "Hytera has never been informed by any U.S. government entity that its equipment posed a national security risk and as such has not been given the opportunity to respond to any concerns. The result of Section 889 is the creation and circulation of misinformation in the marketplace." Hytera also said that the federal proposed rules and regulations should exempt federal agencies that do not include a national security component, and equipment not interconnected with the public network. Impact on cybersecurity Consolidating the number of equipment suppliers hinders rather than helps cybersecurity" James E. Gauch, an attorney with James Day speaking on behalf of Huawei, offered a global argument that could be applied to any of the banned companies: “Virtually all equipment manufacturers rely on a global supply chain and face security risks from a wide range of sources, excluding may be one or two vendors based on their national origin will not address these risks.” He adds, “However, consolidating the number of equipment suppliers hinders rather than helps cybersecurity. Creating a small number of dominant suppliers, regardless of national origin, reduces the incentives of those suppliers to embrace industry-leading standards and creates greater exposure to vulnerabilities of a single supplier.”
Physical security has been stuck in a forensic and siloed mindset for decades, while the rest of the enterprise has evolved and transformed into proactive, connected operations. A new security management platform based on artificial intelligence (AI) seeks to change that status quo by using modern tools for unification, analytics and controls. AI-based security management “Security teams are managing more moving parts than ever,” says Clayton Brown, Co-Founder of ReconaSense. “As it stands today, the industry can’t keep pace with the digital transformation and the ‘smart’ movement. Physical security must transition from forensic security to proactive, risk-adaptive security.” ReconaSense says the company is changing the physical security industry with AI-based technology and a risk-adaptive approach ReconaSense says the company is changing the physical security industry with AI-based technology and a risk-adaptive approach. “We’re focused on making security integrated, adaptive and proactive,” says Brown. The flagship product, ReconAccess, is a risk-adaptive physical access control system. It controls who can go where, when, in a building. Taken a step further, ReconAccess analyses risk to prevent an authorised person from entering a room if there is a danger or threat present. It also can spot abnormal activity that may warrant further investigation, i.e., insider threats. ReconAccess unification security solution ReconAccess is part of a unification platform that includes geospatial AI, mobile apps and analytics. ReconaSense helps organisations to mitigate risk effectively in two ways. First, the system pulls in data from disparate systems into a unified language. And then, it enables users to proactively identify risk and threats before they become issues. “We provide actionable guidance and unprecedented visibility so that they can implement appropriate controls for quick remediation and risk mitigation,” says Brown. In general, ReconaSense will improve life safety, future-proof physical security, and provide enhanced situational awareness, he says. Application programming interfaces (APIs) By creating a database translation layer through application programming interfaces (APIs), ReconaSense normalises diverse data into a common language, or database. Previous unification platforms have presented data from different systems into a common presentation layer. ReconaSense goes deeper by extracting, transforming and loading these diverse languages into a common format for humans and machines alike to understand what is going on across their operation in real-time. ReconaSense was honoured with the Security Industry Association (SIA) New Product Showcase Award for Access Control Software at ISC West 2019 Security and risk unification The ReconaSense security and risk unification platform integrates and translates siloed data across systems, devices and applications into a common language, which makes it easier to focus on what matters most and keep risk at bay. “We can change permissions in real time based on any individual behavior or environment,” says Brown. “Being able to assess risk on both sides of the door enables organisations to not only improve security but also improve life safety. We are also positioned to detect insider threats and to streamline operations overall.” Security and data integration ReconaSense provides a common operating picture integrating all the incoming security and relevant data across an organisation ReconaSense provides a common operating picture integrating all the incoming security and relevant data across an organisation. The security intelligence platform can detect early warning signs and abnormal events and implement remediation actions swiftly. The platform can more deeply integrate 3rd-party data systems, analyse and score the data for risk trends, and then activate changes with a native access control system based on this intelligence. ReconaSense works with traditional security integrators as its exclusive channel. They are actively adding more dealers to the network. At this point, distribution is not on the roadmap, but could be beyond the current horizon as the industry matures. Intelligent approach to physical security "The market is ready for the new technology", says Brown. “We must continue to educate integrators and end users on the need to move to a more proactive, intelligent and integrated approach for physical security,” he says. “We have to help demonstrate that AI is not as scary or far away as you think. It’s here today.” In one year, ReconaSense expects to grow its team and partner network significantly and to be deployed in a variety of sites across North America. The current team consists of technologists, engineers, IT and physical security experts and data scientists. ReconaSense is headquartered in Austin, Texas, and has a technology center in New York.
All schools and universities need to address three different levels of security when considering access control. The first level is the least vulnerable of the three and concerns the perimeter entry and exit points. Here, incorporating some level of electronic access control should be a consideration, whether that is a combination of electronic and mechanical door hardware, or a complete electronic solution. An electromechanical solution, such as electric strikes, can be beneficial in the effectiveness of perimeter security as they provide greater visitor management and traffic control. Data capture form to appear here! Facilitating visitor entry Electric strikes are able to control access via keypads, cards and proximity readers Electric strikes are able to control access via keypads, cards and proximity readers. When combined with mechanical locks, they provide the benefits of unrestricted egress. The second level is more vulnerable than the first and relates to the point at which people are screened before entering the interior of the school. As this area will be designed primarily to facilitate visitor entry, it will require adequate monitoring of access control. To do this, the latches used on access-controlled egress doors can be electronically controlled from the reception area or school office. Exit or entry doors can be opened by a push from the inside and, if the entry area is also an emergency exit, electronically-powered panic bars can also provide an effective solution. More and more schools are installing visitor management systems to control who can and cannot get into the building. Access control solutions Finally, the third level – and the most vulnerable – refers to the core of the school that both students and staff occupy. These are internal hallways, corridors, stairwells, entry points and restricted areas (such as staff lounges and science laboratories). These are the areas where a school must foster the safest environments for pupils, while also providing protection as they often contain confidential information, expensive equipment or chemicals. The access control system is linked to all doors within the school building A number of different access control solutions are beneficial, whether electronic, mechanical or a combination of the two. For electronic solutions, there are two options available: remote or centralised systems. With remote lockdown systems, individual locks are activated by remote control within proximity to the door. With integrated centralised systems, the access control system is linked to all doors within the school building and locked at the touch of a button. Prevent unauthorised persons Mechanical solutions, which include a cylinder lock and key, are also suitable for places such as classrooms, as doors can be locked externally with a key or internally with a thumbturn, to prevent unauthorised persons from entering. At one university in the United States, a smart RFID wire-free access control solution has been installed At one university in the United States, a smart RFID wire-free access control solution has been installed. The SALTO Virtual Network (SVN) wire-free system pushes and pulls data from the university’s ‘hot spot’ entry points to all their offline locks. By choosing a wire-free solution, the university only had to run wires to their exterior doors. The interior doors do not require wiring as these locks are stand-alone wire-free locks. Student accommodation block Securing access to student accommodates is another concern among colleges. One university in the United Kingdom wanted a security system to protect their student accommodation; in particular, a keyless system that would grant 24/7 access to its students while also enabling campus security to monitor these activities remotely. They chose Vanderbilt’s ACT365, which keeps audit trails by monitoring and recording fob activity. When another English university sought electronic locks for its newest student accommodation block, it turned to Aperio wireless locking technology from ASSA ABLOY. They used the wireless locks to extend the Gallagher Command Centre access control system to a student residence with 231 en suite rooms separated into flats for between 8 and 13 postgraduates. Aperio wireless locks are battery-powered and use less energy than wired magnetic security locks.
HID Global, globally renowned trusted identity solutions provider, has announced support for Seos-enabled student IDs in Apple Wallet. Beginning this fall, students, faculty and staff at Clemson University will be able to add their IDs to Apple Wallet and use their iPhone and Apple Watch to access buildings on campus, purchase meals and much more. Seos-enabled student IDs “HID Global is excited to play an important role in creating transformative connected university experiences that make it easy for students to simply use their iPhone or Apple Watch to enjoy all that daily campus life has to offer,” said Stefan Widing, President and CEO with HID Global. HID’s technology and electronic locks from our parent company ASSA ABLOY are helping Clemson University students" Stefan adds, “HID’s broad range of technology and electronic locks from our parent company ASSA ABLOY are helping Clemson University students, faculty and staff take full advantage of convenient mobility applications. This fall, their Apple devices can be used for everything from entering buildings – such as residence halls and individual rooms – to buying meals, accessing the gym, and using secure print services and numerous other university resources.” iCLASS SE reader modules To support student IDs in Apple Wallet on iPhone and Apple Watch, HID provides Seos-enabled credentials, HID iCLASS SE and HID OMNIKEY readers, embedded HID iCLASS SE reader modules, and Corbin Russwin and SARGENT electronic locks from ASSA ABLOY. Through HID’s support of student IDs in Apple Wallet, Clemson students will be able to seamlessly access residence halls, libraries and fitness centers, buy lunch, make purchases at the university store, print documents and more by placing their iPhone or Apple Watch near a reader where contactless student ID cards are accepted. Contactless student IDs Contactless student IDs are supported on iPhone 6 and later and iPhone SE. On iPhone XS, iPhone XS Max, and iPhone XR, student IDs may still be used for up to five hours in power reserve mode when the iPhone battery needs to be charged. Student IDs in Apple Wallet are not only convenient, they also provide an extra level of security as students no longer have to worry about misplacing their physical card. School credential provisioning is protected by two factor authentication.
Health services and their funding have long been in the news, with social care and mental health coming in for particular attention. Both of these core areas are seeing a growing need for their services. While nationally this is a problem, there is good news in East Anglia with the opening of the 16 bedroom Samphire Ward at Chatterton House, a new acute care mental health facility in King’s Lynn, Norfolk. The build comprised of a refurbishment of two redundant wards linked to create one modern compliant 16 bed facility at a cost of £4m which is operated by North and West Norfolk Care Group, part of Norfolk and Suffolk NHS Foundation Trust (NSFT). NSFT provides inpatient and community-based mental health services in both Norfolk and Suffolk. It is also commissioned to provide in some of its localities, learning disability services, along with other specialist services including medium and low secure services and wellbeing. Continuim access control system Many of these sites use a legacy building access control system called Continuim The new facility is one of many sites across Norfolk and Suffolk that fall under management of the trust. Managing over 4,000 staff and controlling over 1500 access controlled doors across multiple sites. Many of these sites use a legacy building access control system called Continuim which is a bolt on module to Trend BMS, where all doors on this system are required to be wired on-line. Several years ago the trust wanted a more modern contactless access control solution for their facilities in Norfolk and Suffolk. They specifically wanted a solution that offered cost savings by not having to wire all doors. SALTO access control was chosen for fitting to new and refurbishment projects, with a view to possibly retro-fitting the new solution across all the existing sites on a rolling upgrade basis as time and future budgets allow. SALTO access control solution Security and Infrastructure Manager for the Strategic Estates department at the trust, Paul Evans, says “By choosing SALTO the trust were able to specify a mix of online and offline equipment. The cost saving for offline equipment enables the trust to specify more internal offline doors to become controllable as part of the access control system, thus giving us greater flexibility and security for our facilities.” Evans continues “Given the nature of our work and that some of our service users can have really challenging behaviour issues, it is vital that for their safety and that of the staff, we are able to control access simply and easily yet securely into and around the many different areas of the ward, the administration area and indeed the rest of the rooms in the building.” Contactless smart access control Reduced-ligature hardware working with contactless smart access control was needed in the user areas A standard off-the-shelf access control solution was not suitable as reduced-ligature hardware working with contactless smart access control was needed in the user areas together with anti-barricade doors, vision panels, automatic lockdown abilities, locker locks and a host of other special items and so we wanted a company with specialist experience in this field to carry out the supply and installation.” After going out to a competitive open tending process, local security specialist and certificated SALTO partner AC Leigh, based in Norwich, won the contract to secure the new facility. One of their lead designers, Simon Clarkson, worked with Paul and his team to design and deliver the system. Central monitoring system Clarkson, Health and Safety Director at AC Leigh says “We listened to what Paul and his team needed and especially how they wanted to manage and control the building and delivered a completely focused solution that allows central administration of the facility using hardware and software from SALTO Systems as the core of the solution.” On-line wall readers are used to control access into and around the building and these have been installed on main entry points, alongside bedroom doors and in ‘airlocks’ to control access from one area to another. SALTO slave control units Paul Evans says, “The latest SALTO online CU4200 control units were used on this project where data can be shared to SALTO slave control units via a single master control unit. This reduced the load on the already exhausted IT infrastructure which has meant that more online doors can be added to the SALTO system.” Bedroom doors are all fail secure with mechanical key override and are also anti-barricade. The facility has the bespoke ability to operate a standard 8 male, 8 female bedroom configurations. However, the trust wanted the flexibility to extend either male or female bedrooms to 10 bedrooms. This was achieved by two swing corridor doors. Electro-magnetic locks In standard operation, these powered swing doors are held open with electro-magnetic locks In standard operation, these powered swing doors are held open with electro-magnetic locks. In their swing scenario a key switch can be operated which releases the hold open magnet and energises the SALTO system powering a separate electronic locking device on the door. This enables the trust to easily maintain the required gender separation within the bedroom areas. Paul Evans comments “AC Leigh were able to configure the required solution easily and train the staff in its operation accordingly.” Aelement Fusion smart locks Other doors are fitted with Aelement Fusion smart locks. AC Leigh worked closely with the trust to design and manufacture special reduced ligature handles and reader covers to ensure that ligature points were reduced in conjunction with DHF technical specification TS001:2013 enhanced requirements and test methods for anti-ligature hardware. “The consultation between AC Leigh and the trust took several months with multiple prototypes being presented to the trust for approval.”, Evans says, adding “After looking at all the various options, the trust is happy that the best solution for this type of battery operated offline door has been chosen and installed at Chatterton house.” He also confirms that the bespoke design would be used as their preferred solution on future projects for this type of door. XS4 Mini locks Meanwhile in staff areas XS4 Mini locks are fitted. In open common areas, lockers are equipped with smart XS4 locker locks enabling each service user to have a secure storage place for their individual personal items. To operate the various doors, staff use their smartcard ID badges to gain access while service users use wristbands to access their bedroom, locker and certain permissible doors. SALTO SPACE electronic locking Tying all this together is SALTO SPACE a flexible, fully integrated electronic locking and software platform Tying all this together is SALTO SPACE a flexible, fully integrated electronic locking and software platform that enables operators to effectively manage every door and user access plan on-site via powerful web-based access control management software. Audit trail information from the doors is held for 31 days before deletion in accordance with the trust data policy. Simon Clarkson concludes “The client needed precise tailoring of access levels and the SALTO access control solution has empowered them with an intuitive, easy to use but adaptive system. The use of this standalone largely battery operated access control system will provide significant cost savings over the years to come compared with other systems, and will deliver a reduction in engineer call-outs and simplify system administration making for a long term secure and reliable access control solution for the trust.”
In the aging trend of 21th century with rapid aging population and high healthcare costs are creating a growing demand for care at home, especially for seniors with long-term health conditions. Home care is moving towards tele-health monitoring and telemedicine, including video conferencing and remote monitoring technology to help increase caregiver efficiency while still providing constant convenience to the patients. Living independently and aging gracefully are the ideals that every individual seeks to pursue, and the challenge is to ensure that all people can age with dignity and security. Climax’s GX Cubic Smart Care Medical Alarm is an all-in-one wellness, and personal safety medical alarm solution, designed to help the elderly to manage their long-term health conditions, bridging medical health monitoring information to care providers/hospitals and create points of care to keep them safe in their own homes. GX Cubic medical alarm GX Cubic can be flexibly connected with third-party Bluetooth (BLE) healthcare sensors GX Cubic can be flexibly connected with third-party Bluetooth (BLE) healthcare sensors, like blood glucose monitor, pulse oximeter, blood pressure monitor, or weight for tracking health data and providing customised alerts to meet individual needs. The measurements can be automatically sent to a health professional who can review the results and continuously keep an eye on the patient’s health needs and provide early treatment as necessary. In addition to medical health monitoring, GX Cubic is also compatible with Pivotell Advance Automatic Pill Dispenser to keep secure of all pills, and remind the user to take the correct medicine at the pre-set time. The solution allows health professionals to monitor pill taking timely results and keep an eye on the patients’ treatment as needed. For situation when remote monitoring care given is insufficient and the user requires onsite assistance, GX Cubic can raise an emergency alarm to inform the caregiver or medical personnel for immediate action. Seniors can be assured that they are always being taken care of, and provide their family members with a peace of mind. Voice recognition solution Voice recognition has innovated over time and continues to advance, allowing products to become even more intuitive and easier to use. GX Cubic has built-in voice recognition and can activate an emergency call to care provider or central monitoring center by preset vocal commands or keywords. This allows seniors to receive emergency attention even in situations where they are immobilised or cannot manually reach the panic button. Working with the leading voice ecosystems Amazon Alexa and Google Home via cloud, GX Cubic also features voice control to activate home electronic devices, complete daily tasks, and seek help during emergencies. Voice over Internet Protocol With the VoIP (Voice over Internet Protocol) feature, GX Cubic users can also initiate two-way voice callsWith the VoIP (Voice over Internet Protocol) feature, GX Cubic users can also initiate two-way voice calls to contact their caregivers or family members at any time. With the additional add-on of DECT, GX Cubic can pair with voice extenders, talking pendants, call points, and voice extenders placed strategically around the home to create a safety net. Smart Home Automation Comprehensive elderly-friendly health care should also have a focus on preventive action to maintain a healthy ageing process. To realise independent living in a smart way, GX Cubic pairs with Zigbee or Z-Wave sensors to enable the whole-home control with various protocol-of-choice. GX Cubic can be programmed to turn on the hallway lights automatically when a sensor reports a senior’s movement in the middle of the night, to reduce a chance of falling; or automatically adjusting air conditioning when there is a sudden temperature-drop. The scenarios are unlimited to fit individual requirements, ensuring a safest living experience for the senior users. GX Cubic can also integrate IP security cameras and camera PIR motion sensors to deliver real-time visual monitoring and verification. When an emergency occurs, alerts are immediately sent to family members, and Monitoring Center to verify the event and sending immediate assistance as needed. Lastly, GX Cubic can support wireless sensor devices, allowing users to add in smoke detectors, water leakage sensors, and gas sensors to monitor environmental emergencies; and motion sensors, door contacts, sensor pad transmitters for inactivity monitoring, to build a healthier, safer independent living.
Crossword Cybersecurity plc, has announced that Stevenage Borough Council, Peterborough City Council and East Hertfordshire District Council (‘the Councils’), will use Rizikon Assurance to manage compliance with the GDPR (General Data Protection Regulation) with their suppliers and for wider information governance. GDPR compliance GDPR makes many requirements of organisations, including taking adequate steps to ensure data is both encrypted and anonymised, so that in the event of a breach, the data cannot be exploited. Infringements under GDPR can lead to fines of €20 million, or 4% of annual global turnover for an organisation. Data breaches can be accidental, through the loss of a laptop for example, or as a result of an intentional breach or cyber-attack With a combined residential population of over 430,000, the Councils have a duty to ensure that the personal information of all residents is adequately protected against the risk of data breach, either by the Councils themselves or the third-party suppliers and agencies with which they work. Data breaches can be accidental, through the loss of a laptop for example, or as a result of an intentional breach or cyber-attack. GDPR risk exposure Using Rizikon Assurance, the Councils will improve the process and accuracy of securing third party assurance. This will support compliance with GDPR, and establish a way to manage on-going assurance checks when needed at regular intervals. Additionally, the Councils will be in a position to identify GDPR risk exposure across their supplier portfolio, so that remedial action can be taken to improve the protection of citizen data. Jake Holloway, Director responsible for Rizikon Assurance, commented, “The role of every public service organisation is to serve its citizens, often holding personal information about them on many sensitive topics such as health, benefits and education. With that comes the responsibility of ensuring that information is protected, especially when it needs to be shared with partner organisations.” Rizikon Assurance Jake adds, “Rizikon Assurance will help any organisation dramatically improve the speed and reliability of its third-party assurance processes, covering areas such as GDPR, health & safety, the Modern Slavery Act and any other requirements that they may have. It moves third party assurance from a siloed and reactive activity, to a connected, proactive continuous process that delivers a complete view of third-party risk.”
Round table discussion
One impact of Chinese companies entering the physical security market has been an erosion in product pricing, creating what has been called the "race to the bottom". However, political forces and cybersecurity concerns have presented new challenges for Chinese companies. Adding cybersecurity increases costs, and the addition of more functionality to edge devices is another trend that has impacted product pricing. We asked this week's Expert Panel Roundtable: Has price erosion ended (or slowed down) in the security market?
When it comes to security and to ensuring the integrity of gaming operations, today’s casino market is risk-averse. Regulations direct the required surveillance of table games and slot machines, while modern casinos are often sprawling complexes that have a variety of other risks to be addressed, too. We asked this week’s Expert Panel Roundtable: What are the challenges of the casino market relating to security and surveillance technology?
People are an essential component of any physical security system. Automation hasn’t taken over completely yet! But how has innovation changed the skillsets security operators need to operate systems effectively? The two elements – technology and manpower – must operate seamlessly and hand-in-glove to ensure that modern systems live up to their full potential. We asked this week’s Expert Panel Roundtable: How does technology innovation in security systems impact the skillsets needed by security operators and officers?
Electronic access control: Manufacturers & Suppliers
- CyberLock Electronic access control
- Alpro Electronic access control
- HID Electronic access control
- TDSi Electronic access control
- SALTO Electronic access control
- Morse Watchmans Electronic access control
- Vanderbilt Electronic access control
- BQT Solutions Electronic access control
- DSC Electronic access control
- Linear Electronic access control
- Dahua Technology Electronic access control
- ASSA ABLOY - Aperio® Electronic access control
- Gallagher Electronic access control
- Sargent Electronic access control
- Corbin Russwin Electronic access control
- Parabit Electronic access control
- EVVA Electronic access control
- Baxall Electronic access control
- CEM Electronic access control
- Traka Electronic access control