GDPR

Cyberattacks targeting IoT devices and consequently video systems as well are growing more frequent at an unprecedented rate. The things users should consider in their security strategy are highlighted in an information package from the Regensburg-based video equipment manufacturer with information and specific recommended measures. They show that the essential aspects extend beyond the classic instruments of cybersecurity. Security specialists at many banks in several different countries were undoubtedly completely blindsided in 2013 when Russian hacker groups ‘purloined’ a sum totalling more than a hundred million euros in the course of the ‘Carbanak’ campaign: Comprehensive strategy Video systems also make excellent targets in ‘Denial of Service’ attacks, as was demonstrated by the infamous ‘Mirai’ and ‘Persirai’ campaigns In these attacks, surveillance cameras inside the financial institutions were compromised, allowing the perpetrators to secretly view screen contents and keyboard entries and identify employees as spear phishing targets from their name tags or employee IDs, for example. Video systems also make excellent targets in ‘Denial of Service’ attacks, as was demonstrated by the infamous ‘Mirai’ and ‘Persirai’ campaigns. If a company wants to protect itself successfully from attacks of this kind, it is essential to implement a fully comprehensive strategy. The Regensburg-based video technology company Dallmeier identifies five crucial aspects which must function in harmony: consideration of security issues as early as the planning phase, integration in the IT strategy, cybersecurity functions in the systems, data protection, and not least the credibility of the manufacturer. Hardened operating systems Due consideration of security questions should be included in the planning stage, for example by intelligent use of 3D technology. Secondly, it is important to ensure that the planned system is consistent with the company's IT strategy: More and more often, essential resources such as server capacities, or even the entire video security system fall within the purview of the IT department. The fourth aspect should really be practically self-evident since the entry into force of the GDPR For the actual core function ‘cybersecurity’, it is important that systems are equipped with all the requisite "IT security" functions, from hardened operating systems to capabilities for separating networks and up to and including encryption technologies and attack detection capabilities. The fourth aspect should really be practically self-evident since the entry into force of the GDPR, that is to say consideration of data protection issues. Finally, customers should also think very carefully about the manufacturer itself: What steps are taken to safeguard the systems during development and production, is the manufacturer potentially exposed to political pressure, and what provisions are made for security aspects when integrating the systems with each other and integrating third party systems?

Cyberattacks targeting IoT devices and consequently video systems as well are growing more frequent at an unprecedented rate. The things users should consider in their security strategy are highlighted in an information package from the Regensburg-based video equipment manufacturer with information and specific recommended measures. They show that the essential aspects extend beyond the classic instruments of cybersecurity. Security specialists at many banks in several different countries were undoubtedly completely blindsided in 2013 when Russian hacker groups ‘purloined’ a sum totalling more than a hundred million euros in the course of the ‘Carbanak’ campaign. In these attacks, surveillance cameras inside the financial institutions were compromised, allowing the perpetrators to secretly view screen content and keyboard entries and identify employees as spear phishing targets from their name tags or employee IDs. Video systems also make excellent targets in ‘Denial of Service’ attacks, as was demonstrated by the infamous ‘Mirai’ and ‘Persirai’ campaigns. Due consideration of security questions should be included in the planning stage, for example by intelligent use of 3D technologyPreventing cyberattacks If a company wants to protect itself successfully from attacks of this kind, it is essential to implement a fully comprehensive strategy. The Regensburg-based video technology company Dallmeier identifies five crucial aspects which must function in harmony; consideration of security issues as early as the planning phase, integration in the IT strategy, cybersecurity functions in the systems, data protection, and not least the credibility of the manufacturer. Due consideration of security questions should be included in the planning stage, for example by intelligent use of 3D technology. Secondly, it is important to ensure that the planned system is consistent with the company's IT strategy: More and more often, essential resources such as server capacities, or even the entire video security system fall within the purview of the IT department. Encryption and attack detection capabilities For the actual core function ‘cybersecurity’, it is important that systems are equipped with all the requisite ‘IT security’ functionsFor the actual core function ‘cybersecurity’, it is important that systems are equipped with all the requisite ‘IT security’ functions, from hardened operating systems to capabilities for separating networks and up to including encryption technologies and attack detection capabilities. The fourth aspect should really be practically self-evident since the entry of the GDPR, that is to say, consideration of data protection issues. Finally, customers should also think very carefully about the manufacturer itself: What steps are taken to safeguard the systems during development and production, is the manufacturer potentially exposed to political pressure, and what provisions are made for security aspects when integrating the systems with each other and integrating third-party systems? The manufacturer's information package is intended to provide answers to these and other questions and with a ‘Best Practice Guide’ offers an extensive collection of practical tips and configuration notes for IT and security officers and administrators. The information package also includes the latest issue of ‘Video Extra’ and the Dallmeier data protection and data security brochure.

Police Crime Prevention Initiatives (PCPI) has become the accreditation body for Business Crime Reduction Partnerships (BCRPs), which seek to reduce crime and anti-social behaviour in towns and cities around the country. Working closely with Police and Local Authorities, BCRPs bring businesses together to make their communities safer and to combat the adverse impact on profitability caused by crime and the fear of crime. BCRPs share intelligence to deter and prevent crimes like shoplifting and theft through violence and disorder to create safer shopping and business environments for both the day and night-time economies. PCPI, which is often referred to by its most successful crime prevention initiative, Secured by Design, will be accrediting BCRPs on a set of standards owned by the National Business Crime Centre (NBCC). Recognising good practice and professionalism The standards include good management practices and procedures such as membership agreements, data securityThe standards have been created over the last 18 months by a group of industry professionals led by Martin Blackwell, former Chief Executive Officer, of the Association of Town and City Management, and including representatives from the NBCC, leading staff from the BCRP sector and business. The aim of the BCRP accreditation process is to recognise good practice and professionalism to ensure they are functioning in an ethical manner and within the law, specifically checks to ensure compliance with the General Data Protection Regulation. The standards include good management practices and procedures such as membership agreements, data security and compliance with current legislation. It includes having robust information for members and partner organisations that is up to date as well as making it easily accessible 24/7. For some BCRPs, the standards will include the use of CCTV and radio links with members. Data sharing to reduce criminal activity It is expected that accreditation will enhance the level of partnership working nationally and encourage continued, significant, national business investment in BCRPs. In addition, the intention is that it will provide reassurance to Police Forces that data shared with BCRP partner organisations will be utilised in a responsible manner to reduce criminal activity. Jon Cole, PCPI Chief Operating Officer, said: “We want BCRPs and their businesses, including their management and employees, to feel confident and empowered to take action to work with Police Forces and Local Authorities to make their local communities safer and stronger.” The standards provide a solid starting point and we intend to review them regularly to ensure that they remain fit for purpose" Georgina Barnard, NBCC Operational Lead, said: “The standards provide a solid starting point and we intend to review them regularly to ensure that they remain fit for purpose.” “We want to promote better and more consistent working between Police Forces and their local BCRPs. By demonstrating that accredited partnerships meet the national standard, we will give Police Forces the confidence to ‘dare to share’ information and act on the information they receive from BCRPs to promote collaborative working.” Making local communities safer BCRPs are subscription-based, business-led, non-profit making action groups, often associated with Business Improvement Districts (BIDs), working with Police Forces and Local Authorities to gather intelligence and share information to tackle crime and disorder affecting businesses from multi-chain retailers and small independent shops through to pubs and restaurants and nightclubs. There are believed to be approximately 400 BCRPs operating in the UK. They seek to make their local communities safer places to live, work and visit. BCRPs are encouraged to contact one of the two Assessing Organisations working with the NBCC that have been authorised to carry out assessments leading to accreditation. They are the National Association of Business Crime Partnerships and Revive & Thrive.

Video analytics capabilities and privacy protection enhancements are among several highlights that Honeywell has added to its equIP® Series Cameras line, and MAXPRO® network video recorders (NVR) and video management system (VMS). The expanded capabilities are designed to help protect complex building environments, while improving user friendliness for operators and reducing overall cost of operation.  The updated camera technology and new analytic features include Tripwire, Intrusion, and Abandoned Object and Missing Object Notification on all models. Low-light models will also include automatic behavioural detection, analysis, tracking and classification of people and vehicles as they move through a scene with Xtralis LoiterTrace, Smart Impressions and People Counter. The new cameras, NVRs and VMS help customers meet General Data Protection Regulation (GDPR) requirements from product perspective. Updated video management system Both MAXPRO NVR and MAXPRO VMS have been updated to support the latest equIP camerasBoth MAXPRO NVR and MAXPRO VMS have been updated to support the latest equIP cameras and new features for broader applications. Updates include: New POE switch (HPOE3X) and AUX ports to reduce maintenance, installation storage costs, and resources for providing lower total cost of ownership Storage overheads and required bandwidth is also reduced (by up to 40%) by theadoption and use of H.265 video compression  For MAXPRO VMS R500 specifically, body pixellation and blurring in live view from the new equIP models for enhanced privacy protection The new editions enhance Honeywell’s growing line of IP video technologies to deliver scalable high-quality video solutions for any business need. In addition, the equIP Series and MAXPRO solutions integrate with a variety of Honeywell products, including Pro-Watch® access systems, to provide a comprehensive connected building platform.  

Eagle Eye Networks announced the addition of a data centre in Germany expanding its global network of video surveillance data centres. The new data centre is located in Frankfurt and will support customers across the European Union as well as German customers’ GDPR requirements to store video within Germany. With this new addition, Eagle Eye Networks now operates EU data centres in the UK, Germany, and the Netherlands. Eagle Eye also operates data centres in California, Texas, Canada, Japan, India, Singapore, and the United Arab Emirates. Providing maximum data security The Eagle Eye Cloud video surveillance system (VMS) is the leading global cloud-based video solution addressing the needs of businesses, alarm companies, security integrators, and individuals. Eagle Eye’s state of the art infrastructure has been specifically designed for high volume video traffic, processing, storage and is managed directly by Eagle Eye personnel to provide maximum security, performance, and availability. Adding a local data centre in Frankfurt is evidence of our commitment to the German market as well as our commitment to adhere to localised privacy and regulatory requirements" Eagle Eye Networks is committed to expanding rapidly in the German market. Eagle Eye’s commitment is evidenced by the addition of a data centre in Frankfurt, along with the German translation of all product interfaces. “Eagle Eye takes privacy and data security very seriously,” stated Rishi Lodhia, Eagle Eye Networks’ Managing Director for EMEA. “Adding a local data centre in Frankfurt is evidence of our commitment to the German market as well as our commitment to adhere to localised privacy and regulatory requirements.” Key features of the Eagle Eye Cloud VMS: Complete Privacy Encryption. Eagle Eye Networks’ encrypted video recording – both at rest and in transit – keeps customers compliant with privacy regulations. The Eagle Eye Security Camera VMS is compatible with a wide array of IP and analogue cameras, allowing companies to retrofit old systems with cloud video surveillance system when their existing DVR or VMS needs replacement. Secure remote access. With smartphone usage overtaking laptop usage in Germany, Austria, and Switzerland, secure remote access is critical. The Eagle Eye Security Camera VMS has cyber-secure access from all iOS and Android mobile apps and from all major web browsers, including Internet Explorer, Chrome, Safari, and Firefox. Exhibiting at Security Essen 2018 Eagle Eye Networks operates its European headquarters in Amsterdam, NL, and has offices in Austin, Texas US, and Tokyo, JP. Eagle Eye Networks will be exhibiting at Essen Security 2018 at stand 7C24.

The latest advances in secure surveillance technology, engineered entirely in Korea, are being demonstrated by IDIS at Security Essen (25-28 September), on booth E10, Halle 5. The IDIS Total Solution is increasingly being preferred by major users globally because it offers the advantages of secure, exclusively Korean design and manufacturing, as well as outstanding performance in all applications. Important innovations on show at Security Essen include: IDIS’ flagship DirectIP solution; a full array of IP cameras (including full-HD and 4K), network video recorders, network accessories and monitors; new privacy masking features to support user compliance with data protection regulations (such as GDPR); IDIS Center, which typically delivers 50% cost savings on centralised monitoring systems in comparison with server-based solutions; and game-changing AI. Advanced deep network IDLA is easy to set up and use, with no calibration required, simply by setting the region of interest and sensitivity Proving to be the biggest draw for visitors is the latest iteration of IDIS Deep Learning Analytics (IDLA) technology that has opened a new door to the future of video analytics with ground-breaking 96% accuracy combined with a 200ips speed allowing for the analysis of 32 channels simultaneously. These exciting advances in video analytics makes IDLA more accurate, faster, and more scalable than competitive offerings. It provides agile appearance searching, object detection and classification (for example people, cars, and bicycles) intrusion detection, and loitering detection—all adapted to fit a 16:9 ratio. The IDLA engine offers this unrivalled accuracy thanks to its advanced deep network architecture. Yet, IDLA is easy to set up and use, with no calibration required, simply by setting the region of interest and sensitivity. Powerful AI solution Further, since IDLA does not require additional processing power users can progress legacy hardware and cameras to transform their existing surveillance system into a powerful AI solution. Version 2.0 will be commercially available early next year, and users will be able to access both standard and advanced functionality, such as appearance search, through a single and affordable licence. Object detection and classification, intruder detection and loitering analytics are already available for users of IDIS Solution Suite video management software. Making its major exhibition debut in Germany, IDIS DirectIP is a true plug-and-play, end-to-end IP surveillance platform which offers industry-leading ease of use and performance. Consisting of IP cameras, NVRs, network equipment and totally cost-effect IDIS Center software IDIS DirectIP is a complete package that is easy to install, secure, flexible and scalable. Dynamic privacy masking IDIS Dynamic Privacy Masking securely masks areas of interest without transcoding, allowing users to protect the privacy of selected individuals It is compatible with legacy systems and supports third-party and ONVIF protocols, for maximum installation flexibility. DirectIP provides users with best-in-class performance, that when combined with the seven year IDIS Ultimate Warranty, is affordable and cost effective to run. Visitors to booth E10, Hall 5 are also learning how IDIS Dynamic Privacy Masking is supporting users in complying with privacy legislation such as GDPR. IDIS Dynamic Privacy Masking securely masks areas of interest without transcoding, allowing users to protect the privacy of selected individuals, for example by-standers, in video which is being used as evidence. Significant cost advantages Together these advances offer end-users, installers, consultants and distributors new levels of system-building flexibility and security with significant cost advantages. Commenting, Joon Jun, President of the IDIS Global Business Division, said his team was excited to be sharing these latest advances with customers at Security Essen. “IDIS technology is now recognised as a trusted, premium brand and it is being adopted by major users around the world. This success is thanks to our commitment to highly secure manufacturing - which is exclusively Korean - and innovative design which keeps us at the very forefront of the video surveillance sector.”

We’re here again. The end of another calendar year, and a time when many organisations are assessing their performance over the past 12 months and finalising strategic plans for 2019. Taking time to reflect on where our industry is at – and what’s likely to happen in the future – is important for all organisations as they set out their long-term goals and tactics. Here are some of the key trends to watch in the months to come and some predictions on their potential to influence, or disrupt, in 2019 and beyond. Providing value with A.I. computer vision No one will be surprised to see artificial intelligence (A.I.), computer vision and similar content analytics listed as a major trend shaping the physical security industry. Solutions employing A.I. (performing a task that would normally require human intelligence) and/or computer vision (extracting, analysing and understanding information extracted from digital images or video) are everywhere. And most would agree our industry has only scratched the surface in terms of their potential. We’re seeing organisations working hard to develop content analytics that perform in an effective, efficient and accurate manner While many companies are focussed on the efficacy of these analysis technologies, there’s been less discussion about how to best leverage them in real-world applications. Ensuring the accuracy of these products is certainly a must, as no one wants to repeat the cycle we saw with security analytics a decade ago, when their promise initially fell far short of expectations. Identifying the real benefit of analytics With A.I., computer vision and similar content analytics, it will be interesting to watch the companies that take the next step beyond proving viability for security purposes to deliver true business applications to the market. Right now, we’re seeing organisations working hard to develop content analytics that perform in an effective, efficient and accurate manner. Many of these organisations are true A.I. and/or computer vision companies, and they are spending a lot of money developing very advanced algorithms. However, there’s still work to be done identifying the real benefit of these analytics for customers as part of comprehensive business intelligence solutions. Until that happens, and customers understand how those benefits apply to them directly, adoption will continue to be lower than all the marketing hype would suggest. Hybrid solutions for data storage Expect to see more hybrid solutions on offer in 2019, incorporating both on-premise storage and cloud storage Another trend that will continue this year is the push toward centralised cloud storage, particularly in enterprise organisations. Expect to see more hybrid solutions on offer in 2019, incorporating both on-premise storage and cloud storage for the retention of more critical data for longer periods. Despite the buzz around cloud solutions the last few years, uptake has not been significant to date for several reasons. A majority of cloud solutions in the physical security space have been pure cloud solutions as opposed to hybrid solutions, and many organisations have yet to embrace the costs and understand the benefits. Most corporations considering a cloud solution are focussed on leveraging cloud storage as a back-up to on-premise storageMost corporations considering a cloud solution today are focussed on leveraging cloud storage as a back-up to on-premise storage in case of a hard drive failure or for archiving video for an extended period. But that’s only the starting point for the power of centralised data. The real benefits will be clear when organisations start applying cloud-based analytics to enhance business intelligence and improve operations including inventory management, marketing and customer service. Expect this to be a growing theme in 2019.  Access to affordable bandwidth will also help with cloud adoption. While bandwidth remains an issue for some organisations, it’s becoming less of a barrier as enterprise customers continue to update their networks and capacity. Impact of GDPR on organisations Data protection was another key focus this past year, especially as Europe’s General Data Protection Regulation (GDPR) came into effect on May 25, 2018. The GDPR has impacted not only European organisations but most organisations doing business in Europe. Whether you’re a bank based in Dubai or a retailer headquartered in the U.S., more than likely you’re touching European soil at some point, and therefore you must follow GDPR legislation. The GDPR has impacted not only European organisations but most organisations doing business in Europe It’s now clear that the regulation is casting a much wider net that some anticipated. Expect to see a stream of announcements from manufacturers in 2019 as they continue to enhance and offer new features to customers to support GDPR compliance, or play catch up in some instances. In addition, we will certainly see other jurisdictions issuing their own versions of data protection legislation. California, for example, passed a similar Consumer Privacy Act in June 2018. Often considered a bellwether state, California’s Act likely signals the start of more data privacy legislation to come across the U.S. New companies entering the AI and analytics sector There are a number of startup companies focussed on A.I., computer vision and similar analytics emerging in our marketA final industry shift to track in 2019 is the entry of new companies in the physical security space. As I noted above, there are a number of startup companies focussed on A.I., computer vision and similar analytics emerging in our market. While the majority of them likely won’t make it as standalone companies, many of them will be acquired by larger organisations looking to enter the video-based business intelligence space and/or accelerate market penetration. Because data analytics are becoming such a significant component of today’s ‘big data’ solutions, watch for a number of large, enterprise software companies to start focussing on the security industry. This shift will create a huge disruption in our industry and cause further consolidation. Those are my top predictions for 2019, following what I would consider to be a pivotal past 12 months. It’s a time ripe with opportunity for those companies with a clear vision that correctly anticipates future market demand, and the ability to execute. I look forward to seeing how these next few months unfold.

The security marketplace is talking about a lot of different subjects. Our website’s Expert Panel Roundtable discussions in 2018 reflected some of the “hot topics” in the industry.  The very most-clicked-on Expert Panel Roundtable discussion in 2018 was about privacy issues and GDPR’s impact on physical security systems. Other hot topics that made the Top-10 list of roundtable discussions included obstacles to adoption of mobile credentials, what’s new “on the edge,” and the value of physical security data. Here is a listing of the Top 10 Expert Panel Roundtable discussions posted in 2018, along with a “sound bite” from each discussion, and links back to the full articles. Thanks to everyone who contributed to Expert Panel Roundtable in 2018 (including the quotable panelists named and linked below). 1. How do privacy issues and GDPR impact physical security systems? "GDPR specifically restricts the capture and use of EU residents’ personal data and is in direct conflict with the adoption of artificial intelligence (AI) platforms to track individual activities. The challenge for manufacturers will be to design solutions capable of capturing valuable information for security or business intelligence purposes while simultaneously anonymising retained data.” - Peter Strom, March Networks 2. What are the security challenges of the hospitality market? "The primary challenge the hospitality industry faces is the fine balance between the delivery of exceptional customer service and maintaining a safe and secure environment. The industry sees a range of threats, including theft, terrorism and natural disasters, and more modern risks, such as those related to cybersecurity, liability and compliance." - Jumbi Edulbehram, Oncam 3. Where is it inappropriate to install video cameras? "The most obvious examples would be in bathrooms or bedrooms, but the more interesting cases are those that are not so obvious – such as religious institutions like a church or a mosque. An increase in the boldness of would-be thieves has led to a recent rise in surveillance outside of houses of worship." - Stuart Rawling, Pelco by Schneider Electric 4. What technology will impact security most in the rest of 2018? "The hottest trend we are currently seeing in 2018 is the continued adoption of intelligent devices and automation into the security framework. We have embraced a model where our software and hardware components continually get smarter and easier for security and IT teams to manage and deploy." - Stuart Tucker, AMAG Technology 5. What are the obstacles to adoption of mobile credentials for access control? "Mobile credentials have been slow to take off because legacy readers traditionally did not have Bluetooth or NFC capacity. However, upgrade kits will soon be available from some access control vendors, and customers will be able to easily upgrade their readers." - Derek Arcuri, Genetec 6. What’s new “on the edge” of security and video surveillance systems? "As more powerful in-camera chipsets are developed, edge devices are capable of even more powerful analytics that can inform operators in real-time of events requiring attention. Part of this significant evolution is from a form of artificial intelligence (AI) called deep learning." - Paul Kong, Hanwha Techwin America 7. Are integrators and end users overwhelmed by too many choices? "Being proactive in tracking new developments and networking with like-minded professionals are critical. Find out what your colleagues are using or testing, and get their feedback on what is working well, especially if their organisation is similar to yours. Join local groups, attend industry conferences, and connect on social media to compare notes on emerging technologies." - Brandon Reich, Pivot3 8. What role does social media play in promoting security? "Social media can help us reduce false police dispatches by drawing in a personal circle of people that can validate an alarm, whether it be a neighbour looking out their window to see what’s going on, or a family member that knows your travel plans and is taking care of your house." - Wayne Jared, 3xLOGIC 9. How should your security company measure total cost of ownership (TCO)? “When looking at TCO you need to consider the obvious initial capital cost – compared to alternatives – and also the operational costs across the lifespan of the systems, across one, three and five years. On top of this, though, security can add additional value through integration.” - John Davies, TDSi 10. What is the value of physical security data? "While active protection is the primary job of a security system, the data generated by today’s networked solutions can provide a wealth of intelligence to help organisations optimise both their security strategies and their business operations.” - Mark Perkins, Boon Edam

There are two types of people in the world as it relates to privacy. Those that care about their privacy and sadly, those that don't. This divide continues to be further separated with the constant flood of cyber security breaches that we hear about. We, as consumers, can no longer get a cheap hamburger without hearing that once again, the information we want to be kept secret, has been breached. The old phrase of "you can lead a horse to water but you cannot make him drink" rings true as we approach helping consumers take charge of their digital and personal privacy. Governmental regulations for privacy Law makers have started taking up the charge to help protect the privacy of consumers Law makers have started taking up the charge to help protect the privacy of consumers. This has been executed with the newly European General Data Protection Regulation (GDPR) which went into effect on May 25th, 2018. The core premise is the consumer owns their data. Despite any company which uses, stores, or profits from a consumer's data, the consumer still owns it. This is a major shift away from how businesses are forced to protect the consumer's data. Even though many of us have likely heard about GDPR, it is not the only privacy law that's taking the world's stage. In fact, in California there is a new law called the California Consumer Privacy Act of 2018 which is focused around the same principles GDPR. This new California law goes into effect in 2020 and goes one step further by considering privacy as an alienable right for all consumers. Encouragement for consumers to take charge of their digital and personal privacy is becoming ever more important  Taking ownership of privacy Despite the new regulations due to a corporation's lack of controls around consumer privacy data, the truth is that even though these regulations provide consumers with a mechanism to take ownership with how their personal data is used, doesn't mean they will. It's at this point we, as the security industry, need to step back to consider how we can improve the problem. Just because laws have paved a way, we still need to help consumers travel down the road to better privacy. For the privacy of consumers to truly be considered an inalienable right, we need to stand up for our rightsThere are two further mechanisms that we still need, governmental social programs and continued passionate discussions from the security industry. Governmental social programs will help provide free or low-cost classes for consumers to learn about how they can protect their privacy. However, governmental programs can only go so far and this by itself will not be enough. History has shown that social progress is often accomplished by a passionate minority that stands up against the oppression of human rights. For the privacy of consumers to truly be considered an inalienable right, we need to stand up for our rights. Not only do we need to exercise the capabilities new GDPR laws has created for us, but we should tell the important people in our lives. We need to stand up for our privacy because if we don't, we'll end up losing even more of our privacy. 

The initials GDPR have become synonymous with the need for companies within the European Union to provide consumers greater transparency and better control over their personal data. The General Data Protection Regulation (GDPR) has also increased awareness of privacy concerns around the world. It’s not the only factor highlighting a need for greater privacy – high-profile privacy breaches by companies such as Facebook are also driving the trend. But GDPR’s global impact cannot be denied. In fact, no company should assume that the need to address “GDPR-style” requirements is limited to the EU. As awareness has extended to the four corners of the globe, it has emboldened a new wave of laws and regulations that physical security companies ignore at their own peril. GDPR has increased awareness of privacy concerns around the world, and encouraged other areas to take notice GDPR also regulates how and if data about EU citizens can be transferred outside EU member states’ borders; the receiving country should have equal or better data protection laws in place. This factor also expands the potential impact of GDPR globally.   California's Consumer Privacy Act 2020 California, which has the world’s fifth largest economy, passed a law this year that some have called “GDPR Lite.” The law gives the state’s 40 million residents the right to view private data held by companies, to correct it, to request that it be deleted and to keep it from being sold to third parties. California’s Consumer Privacy Act takes effect in 2020 and could be amended in the interim. The California law was passed quickly – and unanimously – by the state Assembly and Senate and was signed by Gov. Jerry Brown when it became clear that a ballot initiative was being organized to address the issue of privacy. In California, initiatives can be placed on the ballot by collecting signatures to require a direct vote by the electorate. Once passed, ballot initiatives are difficult to amend, requiring a two-thirds vote of state lawmakers. By passing the law, California’s legislature averted a proposed privacy initiative on the fall ballot.  GDPR also regulates how and if data about EU citizens can be transferred outside EU member states’ borders There are differences in the California law and the European Union’s GDPR. For example, the California law only applies to companies that have annual gross revenues in excess of $25 million, that hold data on more than 50,000 people or that derive more than 50% of their annual revenues from the sale of personal information. Therefore, most small businesses are immune to the law’s requirements. However, the existence of the California law is a harbinger of more regulations to come, on the state or federal level.   In another development related to the physical security industry, California has passed an Information Privacy: Connected Devices bill that requires electronics manufacturers to equip Internet of Things devices with “reasonable” security features – no more passwords such as “admin,” “password,” or “1234.” California’s Consumer Privacy Act is modeled under the General Data Protection Act  Expanding the definition of personal information  Other states are also getting involved. All 50 U.S. states have enacted breach notification laws requiring businesses to notify consumers if personal information is compromised. For example, Alabama’s new law, passed in June, applies to “unauthorised acquisition of sensitive personally identifying information in electronic form.” Many state laws are expanding the definitions of personal information and increasing cybersecurity requirements as they relate to that information. Globally, rapidly growing adoption of data protection laws is often modeled on regulations such as GDPR The problem with a “patchwork” of state requirements is the possibility that businesses may be caught unaware when state laws have different specific requirements addressing the same general mandate. At the federal level, there have been calls for a data breach notification bill that would provide a single set of rules for organisations to follow.   In general, privacy is seen differently in the U.S. than in the E.U., due in part to history and a U.S. commitment to the First Amendment. The U.S. also tends to address privacy rights based on the category of information being considered; i.e., HIPAA requirements cover health information and the Gramm-Leach-Bliley Act regulates financial information. Globally, rapidly growing adoption of data protection laws is often modeled on regulations such as GDPR or on the Organization for Economic Co-operation and Development (OECD) Guidelines on the Protection of Privacy and Transborder Flows of Personal Data. According to the United National Conference on Trade and Development, more than 100 countries around the world now have data protection legislation in place. Protecting and managing data All 50 U.S. states have enacted breach notification laws requiring businesses to notify consumers if personal information is compromisedWhen you consider the impact GDPR has had on the physical security market, the possible new hurdles can boggle the mind as additional privacy requirements take hold in the U.S and around the world. Challenges range from worries about management of access control and video surveillance data to concerns about biometrics. The success of new technologies using artificial intelligence (AI) depend on access to large data sets, so ensuring that data is protected and managed correctly is paramount. The genie is out of the bottle. GDPR may be driving the first wave of privacy concerns, but there is much more to come. Anyone who dismissed GDPR as a “European” factor is missing an opportunity to address issues proactively and to ensure optimum management of data privacy and transparency in the future.

Security Essen 2018, held in Messe Essen, Germany, promised attendees a newly modernised trade show with a simplified layout and more interactive experience. Compared to previous years, halls were reorganised by technology area, with aisles laid out to make more direct pathways for attendees. The fair welcomed 950 exhibitors and more than 36,000 trade visitors from the global security market. Several manufacturers mentioned that footfall had been lighter than expected, but that the show had delivered on its promise to welcome more international visitors, in particular from the Middle East region. Exhibitors also grumbled about higher costs for booth space. Key security industry exhibitors Exhibitors expressed concern that the absence of key players reduced overall foot traffic Exhibitors praised the bigger aisles, which made it easier for visitors to navigate the show. However, some were unsure whether this was due to a better layout or simply because the show was missing key exhibitors. Notably absent were access control provider Dormakaba, security solutions company Honeywell, and surveillance providers Geutebruck and Dallmeier. Exhibitors expressed concern that the absence of key players reduced overall foot traffic. Security Essen hosted a particularly strong access control presence. Halls 2 and 3 were home to companies from across the access control and mechatronics spectrum. Sponsorship by EVVA covered the west entrance. The locking systems manufacturer, which celebrates its 100th anniversary next year, boasted significant floorspace. Exhibitors were pleased with the large access and locking presence, commenting that London-based IFSEC International tends to be dominated by video surveillance providers. EVVA, which celebrates its 100th anniversary next year, boasted significant floorspace Deep learning and artificial intelligence The push toward artificial intelligence (AI) in physical security continues, although the tone at Security Essen seemed to be shifting beyond hype and more toward how the technology can actually add value. For example, Hikvision’s cameras boasted more intelligence and processing power, and the company emphasised faster-paced product cycles. Customers ultimately do not buy AI – they buy benefits and solutions VIVOTEK embraced artificial intelligence as the biggest trend in the industry. The company demonstrated its latest deep learning technology for crowd detection applications. For Dahua, artificial intelligence allows users to easily search metadata in a video, including age and behaviour. Dahua demonstrated its solution for the transportation market, which is able to learn if a bus or train driver is falling asleep at the controls. However, some manufacturers chose not to focus on artificial intelligence. Representatives from Brivo and Eagle Eye Networks highlighted that customers ultimately do not buy AI – they buy benefits and solutions. Historically, video analytics were oversold and underdelivered, and the same could happen to AI if the term is overused in marketing security solutions. VIVOTEK embraced artificial intelligence as the biggest trend in the industry The German market & GDPR While the fair welcomed an increase in international visitors, many stands offered a distinctly German flavour. Exhibitors catered to German customers’ preference for data protection and high levels of privacy. Visitors were welcomed to the show by banners from Genetec, emblazoned with the slogan “Privacy matters… So, remember to forget me.” The video security provider’s stand demonstrated this concept more tangibly, via its Privacy Protector Module.  The surveillance software, which is certified with the European Privacy Seal (EuroPriSe), monitors events while automatically pixelating people and vehicles in real time. If an incident occurs, an authorised operator can securely access the unaltered video. Visitors were welcomed to the show by banners from Genetec Other companies also acknowledged issues of privacy and cybersecurity. Hikvision noted that Europe is more regulated, which limits the implementation of the company’s products compared to those used in China. Dahua emphasised that its data for the German market is stored in Frankfurt to meet demands for data protection. IDIS made a point of saying there are no backdoors to their products. The deep learning products are easy to use and 96% accurate, says the company. FLIR has developed a cybersecurity hardening document, and strives to be transparent about cyber issues, including a web landing page where customers can raise any concerns. Vanderbilt is also pushing the cloud as a way forward with its ACT365 cloud-based access and video solution. Users are not intimidated by the cloud anymore since we all use it in our personal lives, says the company. Also on the access control side, EVVA were clear on the security of their AirKey mobile access system, which uses technology based on internet banking, double encryption and high-quality hardware. As well as demonstrating its SAROS thermal camera, FLIR strived for cybersecurity concerns to be addressed by customers Taking a broader view Nedap views security as being about allowing people to focus on their daily lives and work, safe in the knowledge that security is being taken care of. At the show, Nedap launched its new slogan ‘Security for Life’, stating that “true security is when you don’t have to think about it”. Nedap’s global client program represents a long-term commitment to projects. They are having more discussions with clients about risk management through standardisation and centralised policy.Solutions – as opposed to products – were also a focus at Security Essen, as at IFSEC before it Clients remain with Nedap because they keep investing in the platform, constantly updating the code and simplifying it to improve scalability for organisations, says the company. Nedap had one of the few double-decker booths at Security Essen. Solutions – as opposed to products – were also a focus at Security Essen, as at IFSEC before it. HID Global touted their extensive use of partnerships to provide solutions. SeeTec highlighted their move away from products to a more solution-based approach. FLIR, perhaps best known as a thermal camera company, were pushing their solutions approach to markets including intelligent traffic, smart city, video management and PSIMs.  Nedap had one of the few double-decker booths at Security Essen Vertical markets in focus As vertical markets go, retail was big, and several players were offering some type of retail solution. Retail – along with banking, finance and transportation – was among Hikvision’s vertical markets of choice. Dahua's new panoramic cameras stitch together the image inside the camera instead of on the server SeeTec’s retail solution combines EAS with business intelligence and heat mapping. Dahua’s retail offerings include people counting and emotion detection, which can correlate with weather data, for example. Genetec also showcased a range of retail solutions. Technology improvements announced at Security Essen include FLIR's more robust FB6 series thermal line, Promise Technology's SMARTBOOST technology improved playback performance, and Videotec's cameras with better night performance. The extended 50m range of Optex's intrusion detection laser sensor reduces the need for cameras. Dahua's new panoramic cameras stitch together the image inside the camera instead of on the server. The Hanwha Techwin booth featured Korean flags and a “Korean at heart” motto to set the company apart Signs of the U.S. congressional ban There were signs at Security Essen of an impact of the recent U.S. ban on use of Hikvision and Dahua equipment in government installations, although both big Chinese manufacturers maintained a high profile at the German show. For example, the Hanwha Techwin booth featured Korean flags and a “Korean at heart” motto to set the company apart. Chinese camera manufacturer Uniview were keen to stress that they are not owned by Chinese government (neither is Dahua). Uniview’s all-IP camera line offers high resolution, low-light, multisensor and fisheye options, and AI software provides facial recognition, object detection, and fire and smoke detection at the edge. The company aims to increase its global presence with more international branch offerings and international factories.

Data was always bound to be a hot topic at this year's IFSEC International event. Artificial Intelligence (AI) has been a buzzword since last year's show. This year, manufacturers are ready to demonstrate solutions capable of processing and analysing large volumes of information to bolster security and provide business intelligence. Organisers deliberately positioned IFSEC as a converged security event, highlighting the inherent link between the security of physical assets and the security of data. In the wake of the recent passing of the European General Data Protection Regulation (GDPR), visitors to the London-based show sought reassurance that physical security systems could help them comply to stricter rules regarding the collection and protection of personal information. Analysing Big Data Seagate Technology, known for providing the surveillance industry with hard disk drives and storage solutions, showcased its Skyhawk AI hard disk drive, its first drive created specifically to enable artificial intelligence (AI) applications for video surveillance. Seagate's drive is designed for data-intensive workloads associated with recording large volumes of footage The drive is designed for data-intensive workloads associated with recording and analysing large volumes of video surveillance footage. According to Seagate's Sales Manager Andy Palmer, AI-enabled analytics at the edge can avoid the latency associated with cloud-based systems. This makes the solution suitable for smart city applications requiring 24/7 intelligence from multiple cameras.  The company also highlighted its strategic partnership with video surveillance provider Dahua Technology, with the latter seeking to leverage Seagate's technology to boost its own AI solutions. The Digital Barriers solution allows organisations to optimise how video data is transmitted depending on their particular needs Video transmission and privacy One manufacturer addressing the challenges of data transmission was Digital Barriers. The company demonstrated the integration of its EdgeVis Live platform with Milestone's XProtect video management system (VMS). The platform is designed for safe city applications, in which law enforcement and security professionals may need to stream incidents and events in real time over a limited bandwidth. The Digital Barriers solution allows organisations to optimise how video data is transmitted depending on their particular needs. For example, while some applications may favour a high clarity of video, others necessitate low data usage or a quick turnover of frames. The full, high quality video can then be downloaded later, meaning no intelligence is lost.While some applications may favour a high clarity of video, others necessitate low data usage or a quick turnover of frames The company also demonstrated its deep-learning facial recognition software, which can be used to identify suspects or vulnerable persons. To maximise accuracy, the deep learning system is trained on a wide range of images with varying angles and lighting. The solution is designed around data protection and privacy, explained Product Manager Fernande van Schelle, as all information is encrypted, and the system only identifies faces of known individuals on a pre-defined watch-list. Daniel Chau, Overseas Marketing Director at Dahua; Adam Brown, security Solutions Manager at Synopsys; Udo Scalla, Global Head Centre of Excellence - IOT Privacy, TÜV Rheinland Group GDPR for physical security professionals Dahua Technology addressed data protection concerns with an expert panel dedicated to the cybersecurity questions posed by the new European General Data Protection Regulation (GDPR). Speakers included Daniel Chau, Overseas Marketing Director at Dahua; and Adam Brown, security Solutions Manager at Synopsys. Chau explained that Dahua encourages customers to address cybersecurity by undertaking independent audits and penetration tests. Brown elaborated that for any organisation, cybersecurity must be a boardroom issue. Stakeholders must avoid a 'tick box' methodology for assessing cybersecurity, and instead integrate the concept into the company's overall strategy so that best practices can cascade through the organisation.Stakeholders must avoid a 'tick box' methodology for assessing cybersecurity  The panel also included insights from Udo Scalla, who specialises in data protection for IoT and smart home devices at TÜV Rhineland Group. Scalla proposed that manufacturers must avoid focusing on how best to capture data, and instead ask why the data is being collected, and whether it should even be collected in the first place. Integrators must ask why the customer intends to install the system, and what they want to do with the data – only then can they begin to assess the GDPR requirements. While the possibilities for collecting data are now endless, explained Scalla, not everything that is technologically possible ought to be made into a business reality. MOBOTIX highlighted its Cactus Concept cybersecurity campaign with a large blue cactus Protecting video surveillance systems Video surveillance manufacturer VIVOTEK also tackled cybersecurity, with a presentation on 'Security within Security.' The company showcased its partnership with cybersecurity software provider Trend Micro, which enables VIVOTEK to provide cybersecurity-enhanced cameras. The cameras include embedded anti-intrusion software to prevent and mitigate cyber-attacks by detecting hacking attempts and blocking the source IP address. Should a camera be compromised, explained Shengfu Cheng, VIVOTEK's Director of Marketing and Product Planning, it can be quarantined to stop the spread of the attack, thus controlling the damage and reducing the cost of the infection. The Cactus Concept campaign aims to educate partners and customers on how to build a cyber-secure video surveillance system Cybersecurity was also a key theme at the MOBOTIX stand. The stand played host to a large blue cactus, a very literal representation of the German manufacturer's Cactus Concept. The campaign, launched earlier this year, aims to educate partners and customers on how to build a cyber-secure video surveillance system. According to the concept, every element of the system, from image capture through to video management, must be encrypted. These are the digital "thorns" which prevent the entire system –the cactus – being compromised. Exhibitors at IFSEC 2018 made a conscious effort to address customers' challenges around the collection, transmission and protection of security system data. As solutions become more powerful, with increasing numbers of connected sensors, this is a theme which is unlikely to go away anytime soon.

Genetec Inc., a technology provider of unified security, public safety, operations and business intelligence solutions, announces its solutions have been selected by the Royal Borough of Windsor and Maidenhead (RBWM) for region-wide CCTV monitoring and community safety purposes. The new system will result in better coverage across the borough and enable information to be quickly shared with regional police as and when required. At the heart of the programme is a completely refurbished monitoring centre, equipped with the Genetec flagship unified security platform Security Center and other complementary Genetec security solutions. KiwiVision privacy protector The open federated architecture of the Genetec infrastructure provides the foundation for a system that can scale and evolve as needs change These include the KiwiVision Privacy Protector to simplify GDPR compliance, Genetec Mission Control to guide operators in providing a consistent response to incidents and Genetec Clearance for the easy and secure sharing of evidence with local law enforcement. The open federated architecture of the Genetec infrastructure provides the foundation for a system that can scale and evolve as needs change. It also allows RBWM to protect its past investments by retaining the majority of its existing cameras, alongside the 200 that will be added, upgraded or relocated. “The safety of residents and visitors in the borough is a priority, and we are pleased to be installing a new-state of the art system that delivers this,” said Cllr. Mike Airey, cabinet member for environmental services. Improved information sharing “We not only benefit from reduced operating costs and improved information sharing with local police, but we also gain access to cutting edge privacy controls that make it far simpler for us to maintain our compliance with the EU GDPR and other data protection regulations.” The project began when specialist town centre video surveillance consultancy firm Global MSC Security (MSC) was called in to assess the Royal Borough’s existing analogue video surveillance system, its fitness for purpose and how it could be cost-effectively improved. This resulted in a competitive tendering exercise won by Computerised & Digital Security Systems Ltd. Cost-effective response (CDS) who designed a state-of-the-art wireless camera system to support the Genetec open architecture video management system (CDS) who designed a state-of-the-art wireless camera system to support the Genetec open architecture video management system. Some of the key technical benefits delivered by CDS include full HD recording, advance graphical mapping, advanced incident response, customisable and extended video storage retention, and various features to aid data protection regulation compliance such as automated pixelisation of images and end-to-end encryption to enhance privacy controls “Genetec is delighted to see our solutions chosen by the Royal Borough of Windsor & Maidenhead for this well thought out upgrade that will benefit the council, local police and citizens”, added Dan Meyrick, Regional Sales Manager, Genetec Inc. “I would like to thank and congratulate our partner CDS for producing a high quality and cost-effective response that delivered against the customer’s requirements.”

There is no expectation of privacy in a public space. That’s the premise on which most video surveillance applications are justified. But new concerns about privacy, specifically the General Data Protection Regulation (GDPR) in Europe, are changing expectations. And what if a camera must be positioned where a private area happens to be within its range? Fortunately, there are technology approaches to solving these dilemmas, as our Expert Panellists explain. We asked: What new technologies are helping video systems overcome concerns about privacy?

Using a smart phone as an access control credential is an idea whose time has come – or has it? The flexible uses of smart phones are transforming our lives in multiple ways, and the devices are replacing everything from our alarm clocks to our wallets to our televisions. However, the transformation from using a card to using a mobile credential for access control is far from a no-brainer for many organisations, which obstacles to a fast or easy transition. We asked this week’s Expert Panel Roundtable: When will mobile credentials dominate access control, and what are the obstacles to greater adoption?

You could say concerns about privacy are “trending” in our increasingly data-driven world. Unease about how Facebook and other high-tech companies use and share data dominates the news, and the full impact of new European Union (EU) regulations is about to be felt around the world. By May 25, companies that collect data on EU citizens will need to comply with strict new rules around protecting customer data, as enumerated in the General Data Protection Regulation (GDPR). But how do the new regulations, and broader concerns about privacy, affect the physical security market? We asked this week’s Expert Panel Roundtable: How do privacy issues and regulations, such as GDPR, impact physical security systems and how they are managed?