Internet of Things (IoT)
Today, more and more video security cameras are increasingly connected to the internet and transitioning into intelligent sensors that collect significantly more data than video security images alone. However, as this level of connectivity and collection of business-sensitive data becomes more widespread, the threat from cybercrime also rises. This is clearly an issue that affects everyone. After all, nobody is immune from cybercrime, not even the experts, which raises the question: What is the...
Pulse Secure, the provider of Secure Access solutions to both enterprises and service providers, announced the release of Pulse Policy Secure (PPS) 9.0R3 to extend its Zero Trust Security model to IIoT devices and smart factories. The new version enables factories to streamline machinery repairs and diminish costly production downtime through IT-managed secure access. It also secures networks by expanding its behavioural analytics to IoT devices, detecting anomalies and preventing their compromi...
Doug Dickerson has joined Razberi Technologies as CEO to propel its growth in the video surveillance security arena. He brings more than 25 years of technology industry experience to the role. Founder and former CEO Tom Galvin has been appointed chief product officer to spearhead continued development of the technology he originally invented. “I’m excited to be joining Razberi at this opportune time, because we see in the news every day the importance of securing our digital and phy...
IP communications enabler Softil today releases its Outlook 2019 for the Mission Critical Communications industry. For Softil, enabling Mission Critical Communications (MCC or MCX) will be its fundamental mission for the year ahead accelerating the transition to 21st century technologies for people whose jobs help and save the lives of others. "Softil sees 2019 as the year when MCC solutions and services finally get into the hands of First Responders be they the armed forces, police, ambulance...
The concept of how security systems can contribute to the broader business goals of a company is not new. It seems we have been talking about benefits of security systems beyond “just” security for more than a decade. Given the expanding role of technologies in the market, including video and access control, at what point is the term “security” too restrictive to accurately describe what our industry does? We asked the Expert Panel Roundtable for their responses to this p...
Ping Identity, the provider of Identity Defined Security, announced the public preview of PingOne for Customers. The cloud-based Identity as a Service (IDaaS) offering is built for the developer community and provides API-based identity services for customer-facing applications. It can help large enterprises launch apps faster, replace custom identity services that are difficult to maintain, and facilitate the transition from on-premises deployments to cloud-hosted services. By making it easy t...
Cyberattacks targeting IoT devices and consequently video systems as well are growing more frequent at an unprecedented rate. The things users should consider in their security strategy are highlighted in an information package from the Regensburg-based video equipment manufacturer with information and specific recommended measures. They show that the essential aspects extend beyond the classic instruments of cybersecurity. Security specialists at many banks in several different countries were undoubtedly completely blindsided in 2013 when Russian hacker groups ‘purloined’ a sum totalling more than a hundred million euros in the course of the ‘Carbanak’ campaign: Comprehensive strategy Video systems also make excellent targets in ‘Denial of Service’ attacks, as was demonstrated by the infamous ‘Mirai’ and ‘Persirai’ campaigns In these attacks, surveillance cameras inside the financial institutions were compromised, allowing the perpetrators to secretly view screen contents and keyboard entries and identify employees as spear phishing targets from their name tags or employee IDs, for example. Video systems also make excellent targets in ‘Denial of Service’ attacks, as was demonstrated by the infamous ‘Mirai’ and ‘Persirai’ campaigns. If a company wants to protect itself successfully from attacks of this kind, it is essential to implement a fully comprehensive strategy. The Regensburg-based video technology company Dallmeier identifies five crucial aspects which must function in harmony: consideration of security issues as early as the planning phase, integration in the IT strategy, cybersecurity functions in the systems, data protection, and not least the credibility of the manufacturer. Hardened operating systems Due consideration of security questions should be included in the planning stage, for example by intelligent use of 3D technology. Secondly, it is important to ensure that the planned system is consistent with the company's IT strategy: More and more often, essential resources such as server capacities, or even the entire video security system fall within the purview of the IT department. The fourth aspect should really be practically self-evident since the entry into force of the GDPR For the actual core function ‘cybersecurity’, it is important that systems are equipped with all the requisite "IT security" functions, from hardened operating systems to capabilities for separating networks and up to and including encryption technologies and attack detection capabilities. The fourth aspect should really be practically self-evident since the entry into force of the GDPR, that is to say consideration of data protection issues. Finally, customers should also think very carefully about the manufacturer itself: What steps are taken to safeguard the systems during development and production, is the manufacturer potentially exposed to political pressure, and what provisions are made for security aspects when integrating the systems with each other and integrating third party systems?
Cyberattacks targeting IoT devices and consequently video systems as well are growing more frequent at an unprecedented rate. The things users should consider in their security strategy are highlighted in an information package from the Regensburg-based video equipment manufacturer with information and specific recommended measures. They show that the essential aspects extend beyond the classic instruments of cybersecurity. Security specialists at many banks in several different countries were undoubtedly completely blindsided in 2013 when Russian hacker groups ‘purloined’ a sum totalling more than a hundred million euros in the course of the ‘Carbanak’ campaign. In these attacks, surveillance cameras inside the financial institutions were compromised, allowing the perpetrators to secretly view screen content and keyboard entries and identify employees as spear phishing targets from their name tags or employee IDs. Video systems also make excellent targets in ‘Denial of Service’ attacks, as was demonstrated by the infamous ‘Mirai’ and ‘Persirai’ campaigns. Due consideration of security questions should be included in the planning stage, for example by intelligent use of 3D technologyPreventing cyberattacks If a company wants to protect itself successfully from attacks of this kind, it is essential to implement a fully comprehensive strategy. The Regensburg-based video technology company Dallmeier identifies five crucial aspects which must function in harmony; consideration of security issues as early as the planning phase, integration in the IT strategy, cybersecurity functions in the systems, data protection, and not least the credibility of the manufacturer. Due consideration of security questions should be included in the planning stage, for example by intelligent use of 3D technology. Secondly, it is important to ensure that the planned system is consistent with the company's IT strategy: More and more often, essential resources such as server capacities, or even the entire video security system fall within the purview of the IT department. Encryption and attack detection capabilities For the actual core function ‘cybersecurity’, it is important that systems are equipped with all the requisite ‘IT security’ functionsFor the actual core function ‘cybersecurity’, it is important that systems are equipped with all the requisite ‘IT security’ functions, from hardened operating systems to capabilities for separating networks and up to including encryption technologies and attack detection capabilities. The fourth aspect should really be practically self-evident since the entry of the GDPR, that is to say, consideration of data protection issues. Finally, customers should also think very carefully about the manufacturer itself: What steps are taken to safeguard the systems during development and production, is the manufacturer potentially exposed to political pressure, and what provisions are made for security aspects when integrating the systems with each other and integrating third-party systems? The manufacturer's information package is intended to provide answers to these and other questions and with a ‘Best Practice Guide’ offers an extensive collection of practical tips and configuration notes for IT and security officers and administrators. The information package also includes the latest issue of ‘Video Extra’ and the Dallmeier data protection and data security brochure.
Barox, the manufacturer of professional standard switches, media converters and IP extenders specifically designed for video applications, is promoting sophisticated personalised encryption techniques to provide important safeguards for protecting sensitive data networks. In the age of the Internet of Things and Industry 4.0, companies are increasingly relying on IP security to protect themselves from cyber attacks. However, when video technicians log onto video switch servers with their PC or laptop, it is possible for cybercriminals to quickly catch the password. In many cases, the communication between server and browser is insufficiently encrypted. High-security barrier To provide professional protection against phishing and man-in-the-middle attacks, an additional level of security is required So in order to lock this gateway, dedicated video switch manufacturer barox, has come up with a solution: Double encryption that transforms video into a high-security barrier. The first security measure employed by barox is the introduction of Hypertext Transfer Protocol Secure (HTTPS), an established high-end transport encryption that is also used to protect online banking registration. barox uses HTTPS to encrypt the password on the way from the user's browser to the server of the switch. However, barox do not rely on this barrier alone. To provide professional protection against phishing and man-in-the-middle attacks, an additional level of security is required. Using personalised encryption, barox instils an additional security feature for video browsers that offer double security. Personalised authentication key How it works: The video network manager creates individual certificates for employees, a kind of security key in the form of a Privacy Enhanced Mail (.PEM) file, which is stored on employees’ computers. In addition to the pure certificate, this format can also include root CAs, intermediate certificates and private keys, to ensure maximum security. When logging into the Graphical User Interface (GUI) of the Video Switch server, employees simply enter their password. The system then automatically matches the .PEM file with a copy stored on the server. If both keys are identical, access to the switch is released, whereas remote access via the Internet is excluded. Only through the combination of a password protected by HTTPS and the personalised authentication key can employees access the video network. Personalised encryption technology This combination is easy to handle in the day-to-day business environment and makes it virtually impossible for hackers to gain access to the network This combination is easy to handle in the day-to-day business environment and makes it virtually impossible for hackers to gain access to the network. "As a dedicated switch manufacturer for the video sector, in the age of growing cybercrime, we take our responsibility to enhance the network security of our customers seriously," explains Dieter Hiestand, a graduate in audio and video electronics, and Product Manager at barox. "With the personalised encryption technology used in the barox range of RY Switch Series, we’re offering our customers an additional security measure that makes unauthorised access impossible. Users of this powerful technology include automotive manufacturers, prisons, and operators of motorway and tunnel systems.” The barox RY Series switches with Device Management System (DMS), a practical and useful management tool, is extremely popular with video network installers. Via a GUI, the user can survey the entire network topology, including all switches, end devices and newly connected cameras - with IP addresses automatically recognised by the system. Providing additional network flexibility, data transmission and power supply are via Power over Ethernet (PoE), with up to 60 watts power per port.
GlobalPlatform, the standard for secure digital services and devices, has reported a 25 percent increase in the number of Trusted Execution Environment (TEE)-enabled processors being shipped quarterly, year-on-year. At this rate, it is expected some 10 billion devices will feature TEE-enabled processors by the end of 2018. “The TEE is not a new concept, and standardisation of the technology has been driven by our organisation to support mass market deployment,” explains GlobalPlatform’s Technical Director, Gil Bernabeu. “The fragmentation caused by the deployment of proprietary TEEs makes life hard for app and service developers as they need to launch and maintain multiple versions of their apps and evaluate the security of each TEE platform. “This is resource intensive and unsustainable. Our specifications and certification program give device manufacturers a standardised way to embed security that meets the needs of service providers; app developers assurance that services will be protected from attacks; and end users confidence that their data is safe.” Balancing user experience with security The TEE isolates trusted applications, keeping them away from any malware in the device OS and separate from other apps stored in the TEEEnterprise IT environments, delivery of premium multimedia content, mobile payments, the internet of things, enterprise and government identification programs and more seek to balance user experience with security. The TEE isolates trusted applications, keeping them away from any malware in the device OS and separate from other apps stored in the TEE. Because of this, the TEE is an essential environment within all devices as the secure services market evolves. By 2025, the installed base of IoT devices will be over 75.4B devices. GlobalPlatform technology is implemented across a wide range of markets globally, including payments, telecoms, transportation, automotive, smart cities, smart home, utilities, healthcare, premium content, government, and enterprise ID. Protected devices include connected cars, set top boxes, smartphones, tablets, wearables, and other IoT devices. To enable device manufacturers to proactively market their products as meeting the needs of digital service providers, GlobalPlatform manages functional and security certification programs for TEEs. These objectively illustrate that a device manufacturer’s GlobalPlatform-based secure component and digital service management capabilities are interoperable and meet required security levels, providing reassurance that it will protect digital services and enable them to perform as intended in the field. Ensuring appropriate level of security Device manufacturers and service providers must work together to ensure suitable security is the foundation of end-user services"“Device manufacturers and service providers must work together to ensure suitable security is the foundation of end-user services,” adds Kevin Gillick, Executive Director of GlobalPlatform. “GlobalPlatform technology empowers stakeholders to interact seamlessly when deploying digital services, regardless of industry, sector or device type. This resulting collaboration makes mass marketing of digital services possible, while ensuring the appropriate level of security and supporting privacy requirements.” Last month, GlobalPlatform announced it had conservatively calculated that more than 5.5 billion Secure Elements (SEs) deployed in 2017 were based on its specifications, an increase of over 1.5 billion from the previous year. Additionally, over the last three years, in excess of 1 billion SEs were embedded within mobile devices, 100% of which were based on GlobalPlatform technology.
ABP Technology, a value-add specialty distributor for IP technology solutions, launches MxMSP – the Remote Monitoring and Management (RMM) platform that can improve MOBOTIX video surveillance camera deployments and boost profits by increasing Recurring Monthly Revenue (RMR). The innovative MxMSP platform has just been given the ‘New Business Idea of 2018’ award at the MOBOTIX Global Partner Conference held in Germany this week. Powered by ABP Technology’s IPTechView RMM platform, MxMSP is designed specifically for MOBOTIX installations and gives integrators and technology partners the capability to remotely and securely monitor and manage deployments. Maintaining secure connections MxMSP makes MOBOTIX installations easier and faster which can help our partners increase business by completing more projects with fewer resources" “MxMSP makes MOBOTIX installations easier and faster which can help our partners increase business by completing more projects with fewer resources,” said Robert Messer, APB Technology President. “Plus, MxMSP provides the added opportunity for integrators to improve customer service and increase monthly revenue.” The cloud-based MxMSP platform acts as an Element Management System (EMS) and RMM all-in-one and works by maintaining secure connections to all cameras, all network attached storage (NAS) and other connected IoT devices at all times to enable secure access to authenticated partners and users. It enables the capability to remotely manage and view video from cameras, local NAS or associated video stored in the MxMSP cloud. Cloud-based viewing Since MOBOTIX IP video surveillance cameras are available MxMSP-ready, camera equipment is pre-configured for easy setup. Partners can remotely connect to all devices as soon as they are plugged in and remotely finalise a project via MxMSP, regardless of network equipment and with no local server. MxMSP allows integrators and partners to create their own branded Video Surveillance as a Service (VSaaS), providing end-users cloud-based viewing via the MxLINQ companion WebApp; video storage and analytics; alerts and video verification. Real-time account and subscriber information is also available to easily manage subscription and users. Quality of experience The New Business Idea award recognises innovation and quality from among MOBOTIX partners worldwide Messer was on hand at the Global Partner Conference in Germany to accept the ‘New Business Idea of 2018’ award from MOBOTIX. “We are honored that MOBOTIX has recognised MxMSP’s capability to improve the level of service that integrators can provide customers and the quality of experience for MOBOTIX end users,” said Messer. “Using MxMSP to remotely manage MOBOTIX video surveillance camera deployments is simple, scalable and secure and can boost the end-user experience while increasing partner profits.” The annual MOBOTIX Global Partner Conference hosts hundreds of participants from dozens of countries and includes presentations covering market trends, sales strategy and technical sessions. The New Business Idea award recognises innovation and quality from among MOBOTIX partners worldwide.
DigiCert, Inc., the provider of TLS/SSL, PKI and IoT security solutions, has been selected by USB Implementers Forum (USB-IF) to operate registration and certificate authority services for the USB Type-C Authentication specification. Using cryptographic-based authentication, the optional security protocol is designed to further strengthen USB Type-C’s position as the global standard for connecting and charging devices. USB Type-C Authentication gives OEMs the opportunity to use certificates that enable host systems to confirm the authenticity of a USB device or USB charger, including such product aspects as the descriptors, capabilities and certification status. This protects against potential damage from non-compliant USB chargers and the risks from maliciously embedded hardware or software in devices attempting to exploit a USB connection. Advance secure authentication “USB Type-C adoption continues to grow and the interface is quickly establishing itself as the solution of choice for connecting and charging an endless variety of devices,” said Jeff Ravencraft, USB-IF President and COO. “USB-IF is eager to work with DigiCert to manage our certificate authority for USB Type-C Authentication, which will further support the USB ecosystem.” “DigiCert is excited about being chosen to provide PKI services for the USB-IF, and the opportunity to advance secure authentication for the USB Type-C Authentication specification,” said Deepika Chauhan, executive vice president of emerging markets at DigiCert. “DigiCert looks forward to working with the more than 1,000 member companies of the USB-IF and the industry as a whole.” Certificate-based security programs DigiCert has proven to be the provider of choice for IoT device consortiums implementing certificate-based security programs. In addition to USB-IF, DigiCert is also in use by the WiMAX Forum, CI Plus, GSMA, WinnForum/CBRS, the Open Connectivity Foundation and AeroMACS. DigiCert’s scalability has stood the test of time, having already issued billions of certificates globally for IoT devices.
The term Internet of Things (IoT) has almost been beaten to death at this point, as more and more security integrators, manufacturers and customers take advantage of the ability to increase connectivity between devices (and therefore take on the dangers this introduces). But the methods by which we interact with the IoT and protect its devices are still catching up, which means security manufacturers must take part in shifting their focus toward safeguarding data, engaging in vulnerability testing of products and incorporating stringent protections at every stage of the product development process. One small leak or breach on a single connected device can potentially cause significant damage across an organisation Who is responsible for IoT security? One small leak or breach on a single connected device can potentially cause significant damage across an organisation, creating a disruption within a company, affecting its assets, employees and customers. The continued question seems to be: Who is ultimately responsible for the security of IoT devices? In a recent survey from Radware, a provider of application delivery and cybersecurity solutions, there was no clear consensus among security executives when asked this question. Thirty-five percent of respondents placed responsibility on the organisation managing the network, 34 percent said the manufacturer and 21 percent chose the consumers using the devices as being primarily responsible. Several schools of thought exist for each: The Organisation It's not surprising that most people see the organisation as the main stakeholder for IoT security responsibility; after all, if a company is managing a network, one would expect it to protect the network as well. One way that the organisation can embrace this responsibility is by adopting a user-centric design with scalability, tactical data storage and access with appropriate identification and security features (for example, the use of multilevel authentication through biometrics in access control). Organisations must also use their IT team to strengthen the overall cybersecurity of the IoT by keeping up with the latest software updates, following proper data safety protocols and practicing vulnerability testing. The Manufacturer Manufacturers that provide IoT-enabled devices as part of a security system must be fully knowledgeable of the risks involved and effectively communicate them to the integrator or end user. Providing the education necessary and dedication to protecting users of its equipment makes a manufacturer more trustworthy and understanding in the eyes of an end user. Ensuring encryption between devices is a key step that manufacturers can take to work toward achieving complete protection in the IoT. The User Despite the protection delivered by the organisation and manufacturer, there's always the option for IoT security to be enhanced or possibly even diminished by the individual user. It's critical that best practices for data protection are in place every time an individual uses a device that is connected to the network. These include disabling default credentials, proper password etiquette, safe sharing of sensitive information and the instinct to avoid any suspicious activity or requests. Manufacturers that provide IoT-enabled devices as part of a security system must be fully knowledgeable of the risks involved The short answer to the responsibility question is this: everyone. Each sector has a responsibility to contribute to the protections needed for IoT-enabled devices. However, as a manufacturer, it is imperative that our teams think about each level of protection when developing products for public consumption, including how the organisation implements the technology and how the integrator engages in training with users. Organisations must also use their IT team to strengthen the overall cybersecurity of the IoT by keeping up with the latest software updates Manufacturer vulnerability testing One way that manufacturers can implement added protections against outside threats is by boosting their attention to security protocols in the product development stage. For some, this requires a different approach in the design and development of security systems. Identifying vulnerabilities is at the core of this. A security vulnerability in a product is a pattern of conditions in the design of a system that is unable to prevent an attack, resulting in weaknesses of the system such as mishandling, deleting, altering or extracting data. Increased connectivity makes these vulnerabilities more of a liability, as IP-enabled (or networked) devices are more likely to be breached by outsiders looking to permeate an organisation and collect valuable data. A security vulberability in a product is a pattern of conditions in the design of a system that is unable to prevent an attack, resulting in weaknesses of the systemWhile some of these hacks are a little more “simple” in nature — such as outsiders trying to guess a password using manufacturer-set passwords — others are more complex, such as a denial-of-service, where attackers attempt to overload the system by flooding the target with excessive demands and preventing legitimate requests from being carried out. This makes it virtually impossible to stop the attack by blocking a single source. As a result of these potential threats — and to help manufacturers deliver best-in-class products — it's imperative that vulnerability testing is done throughout a product's development, starting at phase one in the process. This includes analysis of the type of cyberattacks that can potentially attach, breach and disable a system. Many manufacturers attempt to hack their own products from within the organisation — or even go as far as hiring a third-party professional group to do it for them. Success in a volatile technology landscape This kind of development puts a product through rigorous levels of testing, and once weaknesses are exposed, they can be patched up and the cycle of attack-and-defense can take place until the product is protected fully and ready for market. Skipping this step in the development process can open manufacturers up to significant liability, so it's important for this testing to take place and corrective actions be taken to rectify gaps in security. The more extensive an organisation's security testing approaches are, the better are its chances of succeeding in an increasingly volatile technology landscape. But the testing doesn't stop in the development stage. Attacks on a system continue long after the product has been introduced to market, requiring continued updates to be made available in an effort to protect customers. Manufacturers are tasked with implementing further firmware updates to keep a product in the field readily prepared to revoke the latest critical bugs that can affect the market. What end users demand from security We're seeing a significant shift in the education and demand from a customer perspective. In the past, consumers took the advice of integrators and consultants as far as the “right” security systems to install for their needs. Today, the self-education of end users is on the rise as more and more IT departments become involved in the selection and investment of physical access control systems. We're seeing a significant shift in the education and demand from a customer perspective A larger number of end users are demanding security products that meet IT standards of network protection, and they take these considerations into account when working with integrator partners on the selection of systems to meet their needs. As a result, manufacturers are tasked with not only developing robust IoT-centric products, but also continuing to be involved on a regular basis in an effort to continuously keep organisations safe. A comprehensive security strategy from manufacturers must involve multiple levels of product selection, testing and integration — centered on the team-based approach to implementing training and protocols within an organisation. While manufacturers are stepping up their game in the development of robust products, this remains a team effort that must be addressed every week — not something you implement, then forget about. The safety of data — and the entire organisation — depends on it.
Managing IT and data risk is a challenging job. When we outsource our IT, applications and data processing to third-parties more and more every day, managing that risk becomes almost impossible. No longer are our data and systems contained within an infrastructure that we have full control over. We now give vendors our data, and allow them to conduct operations on our behalf. The problem is, we don’t control their infrastructure, and we can never fully look under the hood to understand and vet their ability to protect our data and operations. We have to fully understand how important this issue is, and ensure we have the right governance, processes and teams to identify and mitigate any risks found in our vendors. No longer are our data and systems contained within an infrastructure that we have full control over Today, everything is connected. Our own networks have Internet of Things (IoT) devices. We have VPN connections coming in, and we aren’t always sure who is on the other end of that connection. It is a full-time job just to get a handle on our own risk. How much harder, and how much larger should our teams and budgets be, to truly know and trust that our vendors can secure those devices and external connections? For every device and application we have internally, it is very difficult to even keep an accurate inventory. Do all of our vendors have some special sauce that allows them to overcome the traditional challenges of securing internal and vendor-connected networks? They are doing the same thing we are – doing our best with the limited human and financial resources allocated by our organisation. Risk stratification and control objectives The benefits of outsourcing operations or using a vendor web application are clear. So how can we properly vet those vendors from an IT risk perspective? The very first thing we need to put in place is Risk Stratification. Risk Stratification presents a few targeted questions in the purchasing process. These questions include – what type of data will be shared? How much of this data? Will the data be hosted by a vendor? Will this hosting be in the US or offshored? Has the vendor ever had a data breach? These questions allow you to quickly discern if a risk assessment is needed and if so, what depth and breadth. Risk stratification allows you to make decisions that not only improve your team’s efficiency, but also ensure that you are not being a roadblock to the business Risk stratification allows you to make decisions that not only improve your team’s efficiency, but also ensure that you are not being a roadblock to the business. With risk stratification, you can justify the extra time needed to properly assess a vendor’s security. And in the assessment of a vendor’s security, we have to consider what control objectives we will use. Control objectives are access controls, policies, encryption, etc. In healthcare, we often use the HITRUST set of control objectives. In assessing against those control objectives, we usually use a spreadsheet. Today, there are many vendors who will sell us more automated ways to get that risk assessment completed, without passing spreadsheets back and forth. These solutions are great if you can get the additional budget approved. Multi-factor authentication Even if we are using old-fashioned spreadsheets, we can ensure that the questions asked of the vendor include a data flow and network/security architecture document. We want to see the SOC2 report if they are hosting their solution in Amazon, etc. If they are hosting it within their own datacentre, we absolutely want to see a SOC2 Type II report. If they haven’t done that due diligence, should that be a risk for you? Today, we really need to be requiring our vendors to have multi-factor authentication on both their Internet-facing access, as well as their privileged internal access to our sensitive data. I rate those vendors who do not have this control in place as a high risk. We’ve recently seen breaches that were able to happen because the company did not require administrators or DBAs to use a 2-factor authentication into sensitive customer data sources. In the assessment of a vendor’s security, one has to consider what control objectives to use This situation brings up the issue of risk acceptance. Who in your organisation can accept a high risk? Are you simply doing qualitative risk assessment – high, medium and low risks? Or are you doing true quantitative risk analysis? The latter involves actually quantifying those risks in terms of likelihood and impact of a risk manifesting, and the dollar amount that could impact your organisation. So is it a million dollars of risk? Who can accept that level of risk? Just the CEO? These are questions we need to entertain in our risk management programs, and socialised within your organisation. This issue is so important – once we institute risk acceptance, our organisation suddenly starts caring about the vendors and applications we’re looking to engage. If they are asked to accept a risk without some sort of mitigation, they suddenly care and think about that when they are vetting future outsourced solutions. Quantitative risk analysis involves quantifying risks in terms of likelihood and impact of a risk manifesting Risk management process In this discussion, it is important to understand how we think of, and present, the gaps we identify in our risk management processes. A gap is not a risk. If I leave my front door unlocked, is that a control gap or a risk? It is a gap – an unlocked door. What is the risk? The risk is the loss of property due to a burglary or the loss of life due to a violent criminal who got in because the door was unlocked. When we present risks, we can’t say the vendor doesn’t encrypt data. The risk of the lack of encryption is fines, loss of reputation, etc. due to the breach of data. A gap is not a risk. Once we’ve conducted our risk analysis, we must then ensure that our contracts protect our organisation? If we’re in healthcare, we must determine if the vendor is, in fact, a true HIPAA Business Associate, and if so we get a Business Associate Agreement (BAA) in place. I also require my organisation to attach an IT Security Amendment to these contracts. The IT Security Amendment spells out those control objectives, and requires each vendor to sign off on those critical controls. We are responsible for protecting our organisation’s IT and data infrastructure – today that often means assessing a 3rd-party’s security controls One final note on risk assessments – we need to tier our vendors. We tier them in different ways – in healthcare a Tier 1 vendor is a vendor who will have our patient information on the Internet. Tiering allows us to subject our vendors to re-assessment. A tier 1 vendor should be re-assessed annually, and may require an actual onsite assessment vs. a desk audit. A tier 2 vendor is re-assessed every 2 years, etc. We are responsible for protecting our organisation’s IT and data infrastructure – today that often means assessing a 3rd-party’s security controls. We must be able to fully assess our vendors while not getting in the way of the business, which needs to ensure proper operations, financial productivity and customer satisfaction. If we truly understand our challenge of vendor risk management, we can tailor our operations to assess at the level needed, identify and report on risks, and follow-up on any risks that needed mitigated.
There’s growing noise around smart homes and smarter security. You’ve probably heard it. But there is a place where access control and more have been smart for decades: the workplace. Home automation and IoT are still playing catch-up with the commercial sector. A new insights report from ASSA ABLOY and IFSEC Global — “The Smart Door Locks Report 2018” — measures just how fast consumer smart technology is running. According to a survey conducted for the report, 61% of households now claim to own at least one smart home device or system. Energy monitors, home CCTV cameras, intruder alarms and smart door locks are the most popular, according to the report. All these functions, of course, have been available to businesses for years.61% of households now claim to own at least one smart home device or system Educating the smart home consumer Paradoxically, report data also questions how much consumers really know about their smarter home. A surprising 42% of those surveyed, for example, were unaware they could control a smart door lock from their phone. In fact, many leading smart door lock models offer this feature, delivered by Wi-Fi or Bluetooth and an app. Despite a wealth of features offered by the latest smart door locks — remote and location-based locking/unlocking; voice activation; timed access; emailed entry alerts; and integration with smart camera and lighting systems — most people still have limited knowledge of their capabilities. Smart technology is increasingly becoming the new norm in terms of home security Only 14% of survey respondents described themselves as “very familiar” with what a smart lock can do. Even though most of them probably use smart access control solutions at their workplace. Secure homes through smart technology Monitoring and security are not the only drivers for smart home adoption. We humans also love convenience, and modern living presents us with problems that smart home technology can solve. Ironically, given the report’s findings, it takes a smartphone to really unlock the convenient possibilities of smarter living. The device that’s “always to hand” is central to the newest generation of smart door locks.A smart door lock is a convenient way for a landlord or agency to offer round-the-clock check-in and check-out If homeowners wish to remotely manage property access for friends and family, many smart door locks oblige. You let in guests remotely, send them a virtual digital key, or provide a temporary or single-use PIN to unlock the door. It is just as easy to revoke a digital key, if you don’t want its owner to come around anymore. This is a significant improvement over sharing physical keys — or hiding one under the doormat. We cannot be totally sure where a metal key ends up and have no way to track or cancel it once it’s “out in the wild”. Commercial access control offers such functionality as standard, of course. In addition, smart door locks offer more than just stand-alone operation and clever functions. In a domestic setting, magic happens when locks work in harmony with a home automation system, connected by protocols like Z-Wave, ZigBee or Wi-Fi. "Smart" security on the move The smartphone is becoming a remote control for managing a connected life beyond just home (and even workplace) security. According to Accenture, the parcel delivery services market will grow by $343 billion by 2020. Just like home security, convenience is a major driver of change. Homeowners can send guests a virtual digital key to their phones, or provide a temporary or single-use PIN to unlock the door A recent PostNord pilot in Sweden aimed to remove the inconvenience of waiting home for a postal delivery. Selected customers of some major Scandinavian e-retailers could choose to have parcels delivered inside their front door, if it was equipped with a Yale smart door lock. Home delivery is among potential smart services covered in “The Smart Door Locks Report 2018 ”. When asked whether the ability to receive parcels securely in a porch or lobby would make them more likely to invest in a smart door lock, 79% said it would.It is easy to revoke a digital key, if you don’t want its owner to come around anymore Holiday rentals and smart home tech ASSA ABLOY research published in 2017 forecasts continued growth in the European holiday rentals sector (at 5.8% CAGR). Smart door locks are also making an impact here, at both ends of the market: for service providers — agents and homeowners — and for travellers. A smart door lock is a convenient way for a landlord or agency to offer round-the-clock check-in and check-out, without creating extra work or staff costs. Both Intersoft, in Croatia, and Hoomvip in Spain have built holiday rentals management systems around an app and the ENTR® smart door lock. Agents issue, revoke, track and manage virtual keys for all their guests, saving everyone time and hassle. Travellers use their phones and an app to unlock their apartment. For these visitors the smartphone is already an essential travel accessory. It is a boarding pass, a credit card, a travel guide, and a postcard home... why not a door key, too? And if this key is backed by a trusted home security brand — and a company with vast experience in the mature market for commercial “smart” security — better still.
The initials GDPR have become synonymous with the need for companies within the European Union to provide consumers greater transparency and better control over their personal data. The General Data Protection Regulation (GDPR) has also increased awareness of privacy concerns around the world. It’s not the only factor highlighting a need for greater privacy – high-profile privacy breaches by companies such as Facebook are also driving the trend. But GDPR’s global impact cannot be denied. In fact, no company should assume that the need to address “GDPR-style” requirements is limited to the EU. As awareness has extended to the four corners of the globe, it has emboldened a new wave of laws and regulations that physical security companies ignore at their own peril. GDPR has increased awareness of privacy concerns around the world, and encouraged other areas to take notice GDPR also regulates how and if data about EU citizens can be transferred outside EU member states’ borders; the receiving country should have equal or better data protection laws in place. This factor also expands the potential impact of GDPR globally. California's Consumer Privacy Act 2020 California, which has the world’s fifth largest economy, passed a law this year that some have called “GDPR Lite.” The law gives the state’s 40 million residents the right to view private data held by companies, to correct it, to request that it be deleted and to keep it from being sold to third parties. California’s Consumer Privacy Act takes effect in 2020 and could be amended in the interim. The California law was passed quickly – and unanimously – by the state Assembly and Senate and was signed by Gov. Jerry Brown when it became clear that a ballot initiative was being organized to address the issue of privacy. In California, initiatives can be placed on the ballot by collecting signatures to require a direct vote by the electorate. Once passed, ballot initiatives are difficult to amend, requiring a two-thirds vote of state lawmakers. By passing the law, California’s legislature averted a proposed privacy initiative on the fall ballot. GDPR also regulates how and if data about EU citizens can be transferred outside EU member states’ borders There are differences in the California law and the European Union’s GDPR. For example, the California law only applies to companies that have annual gross revenues in excess of $25 million, that hold data on more than 50,000 people or that derive more than 50% of their annual revenues from the sale of personal information. Therefore, most small businesses are immune to the law’s requirements. However, the existence of the California law is a harbinger of more regulations to come, on the state or federal level. In another development related to the physical security industry, California has passed an Information Privacy: Connected Devices bill that requires electronics manufacturers to equip Internet of Things devices with “reasonable” security features – no more passwords such as “admin,” “password,” or “1234.” California’s Consumer Privacy Act is modeled under the General Data Protection Act Expanding the definition of personal information Other states are also getting involved. All 50 U.S. states have enacted breach notification laws requiring businesses to notify consumers if personal information is compromised. For example, Alabama’s new law, passed in June, applies to “unauthorised acquisition of sensitive personally identifying information in electronic form.” Many state laws are expanding the definitions of personal information and increasing cybersecurity requirements as they relate to that information. Globally, rapidly growing adoption of data protection laws is often modeled on regulations such as GDPR The problem with a “patchwork” of state requirements is the possibility that businesses may be caught unaware when state laws have different specific requirements addressing the same general mandate. At the federal level, there have been calls for a data breach notification bill that would provide a single set of rules for organisations to follow. In general, privacy is seen differently in the U.S. than in the E.U., due in part to history and a U.S. commitment to the First Amendment. The U.S. also tends to address privacy rights based on the category of information being considered; i.e., HIPAA requirements cover health information and the Gramm-Leach-Bliley Act regulates financial information. Globally, rapidly growing adoption of data protection laws is often modeled on regulations such as GDPR or on the Organization for Economic Co-operation and Development (OECD) Guidelines on the Protection of Privacy and Transborder Flows of Personal Data. According to the United National Conference on Trade and Development, more than 100 countries around the world now have data protection legislation in place. Protecting and managing data All 50 U.S. states have enacted breach notification laws requiring businesses to notify consumers if personal information is compromisedWhen you consider the impact GDPR has had on the physical security market, the possible new hurdles can boggle the mind as additional privacy requirements take hold in the U.S and around the world. Challenges range from worries about management of access control and video surveillance data to concerns about biometrics. The success of new technologies using artificial intelligence (AI) depend on access to large data sets, so ensuring that data is protected and managed correctly is paramount. The genie is out of the bottle. GDPR may be driving the first wave of privacy concerns, but there is much more to come. Anyone who dismissed GDPR as a “European” factor is missing an opportunity to address issues proactively and to ensure optimum management of data privacy and transparency in the future.
Security and Safety Things GmbH (SAST) is a new company that has announced its vision for an Internet of Things (IoT) platform for the next generation of security cameras. The Bosch startup plans to build a global ecosystem for the development of innovative security camera applications. Based on the Android Open Source Project (AOSP), SAST provides libraries, an API framework, and codecs for developers to work with. The SAST App Store will allow developers to build and market new applications, similar to today’s app stores for smartphone applications. We presented some questions to Nikolas Mangold-Takao, VP Product Management and Marketing, about the new venture, and here are his responses: Q: Why a new company now? What technology innovations have made this a good time to launch this company? The time is right to bring market needs and technological innovations together on one platform"Mangold-Takao: From a technical perspective we see two main drivers: increasing computing power at the edge and increasing internet connectivity, which will enable devices to directly communicate with each other and bring new technologies such as artificial intelligence also to the security and safety industry. At the same time, we see that this industry and its users are hungry for more innovative solutions – addressing new security needs while at the same leveraging the possibility to improve business operations for specific verticals, e.g. retail and transportation. The time is right to bring market needs and technological innovations together on one platform for this industry. Q: Why does SAST need to be a separate entity from Bosch? Mangold-Takao: SAST is setup as a wholly owned subsidiary of the Bosch Group. We wanted to make sure that SAST is able to underline its role as an industry standard platform across multiple players. SAST is open to get additional investors and is being setup as a startup in its own offices in Munich to foster the environment where speed and innovation can more easily take place. Having said that, several entities of the Bosch Group are very interesting partners for SAST. The SAST App Store will allow developers to build and market new applications, similar to today’s app stores for smartphone applications Q: Please explain your "value proposition" to the industry. Mangold-Takao: We will bring new innovations and possibilities to the security and safety industry by providing an open, secure and standardised Operating System for video security cameras, to also address pressing issues such as cyber security and data privacy concerns. Devices that run then with the SAST operating system will work with an application marketplace provided and operated by SAST. Integrators and users can then use these apps from this marketplace to deploy additional functionality on these devices. With our platform we will be able to build up a community of app developers, including the ones not yet developing for this industry who have expertise in computer vision and artificial intelligence. Q: It seems what you are doing has parallels with the Apple and Android "app" stores. How is your approach the same (and how is it different) than those approaches? We are setting up SAST as a user-centric company and involve selected users very early on in the process"Mangold-Takao: The approach is similar in the way that we plan to generate revenue by operating the application marketplace and thus participate in the app revenue. The difference is that there is much more needed than apps and cameras to create a complete working solution addressing a user problem in this industry – we need to make sure that our own platform as well as the new applications being created will work as a part of an end-to-end solution. Q: "Critical mass" and wide industry participation seem to be requirements for your success. How will you achieve those goals? Will you involve integrators, consultants, or other parties in addition to manufacturers (to drive awareness)? How? Mangold-Takao: SAST is in close exchange with device manufacturers, integrators and consultants, as well as application developers and large end-users at the moment to ensure that we are building the right platform and ecosystem for this industry. We are setting up SAST as a user-centric company and involve selected users very early on in the process. We will run dedicated programs and hackathons to attract app developers, already active and new to our industry. We will also run selected pilots with end-users throughout 2019 to ensure we have all partners involved early on. SAST sees the industry is hungry for more innovative solutions – with the retail vertical market a target for these solutions Q: What timeline do you foresee in terms of implementing these initiatives? Mangold-Takao: While we start with first app development programs and plan our first pilots already for this year, we are planning our commercial launch for end of 2019. Q: How does your new company relate to the new Open Security & Safety Alliance (OSSA)? Mangold-Takao: The Open Security and Safety Alliance has been working very closely with SAST over the past year, defining some important concepts and elements required. One of the most important elements is an open and standardised Operating System, specific to this industry, which will then bring forward new innovative technologies and solutions. SAST is actively working on this Operating System, based on Android Open Source Project (ASOP), but is evolved and hardened with industry-specific features. Q: What's the biggest thing you want the security industry to understand about SAST? What is your "message" to the industry? Mangold-Takao: Our message is simple: let’s build better security and safety systems – together! But for real, innovating an industry is a joint effort, we can only bring new innovation to this industry with partners who share our vision and are excited about new technology. At the same time, we strongly believe that our platform allows every partner to bring forward what they do best but also invite new partners to our industry.
The last day of Global Security Exchange (GSX) in Las Vegas proved to be the calm after the storm. But a slower third day could not undermine a largely successful 2018 show for exhibitors and attendees. Sometimes the success of a trade show isn’t measured by numbers of attendees (which were reportedly down again this year). Sometimes it’s the individual successes that make an impression. “Just learning about this made the whole trip worthwhile,” said one GSX attendee at the Johnson Controls booth, referring to the company’s new PowerSeries Pro intrusion devices. It’s the kind of feedback that makes the expense of exhibiting at a big trade show worthwhile. The new PowerSeries Pro is an extension of Johnson Controls’ existing line that is expressly designed for the commercial security market. The ‘hybrid’ (wired or wireless) device offers ease of installation and full cybersecurity including 128bit AES encryption with spread spectrum for no jamming or interference. It employs frequency hopping technology first developed for the Israeli defence force. Wireless technology for cybersecurity PowerG eliminates the need for wires by providing ‘invisible wired technology’, a marketing term that emphasises the cybersecurity of the product PowerSeries Pro uses PowerG wireless technology and expands the portfolio of PowerG devices from residential through commercial. For use in a wired solution, the main advantage is ease of installation; terminal blocks ‘pop out’ easily and can be wired and plugged back in. Alternatively, PowerG eliminates the need for wires by providing ‘invisible wired technology’, a marketing term that emphasises the cybersecurity of the product – wireless at the same level of cybersecurity as wired. Johnson Controls addresses three big factors with the product line: cybersecurity, user control, and easy installation and dependability. It’s part of Johnson Controls’ broader approach to provide ‘one-stop shopping’, enabling an end user to control their environments, video and access, and protect their contents, according to the company. Need for more security in K-12 schools In addition to reaching end users, lock company Allegion sees the show as an opportunity to meet with technology partners. “It’s great to bring together a concentration of people in the industry,” said Brad Aikin, Channel Led Business Leader, Integrator Channel. “We have had good conversations with technology companies here at the show in terms of partnering, both physical access control and OEM partners. We have also had good conversations with the integrator channel.” From speaking with education end users at GSX, Aikin sees a large unmet need for security in K-12 schools, more so than in colleges and universities. “K-12 is underserved,” he says. “They need to identify their priority of needs, and now they can serve needs they couldn’t before, both layering levels of security and phasing in implementation over time. Now things can be applied and tried out without disrupting the environment.” An example is the Von Duprin RU RM (Remote Undogging and Remote Monitoring) door exit devices, which are being integrated by access control partners Sielox, IDenticard and Vanderbilt. Intelligence is added to the door exit device to enable inexpensive monitoring of secondary, previously unconnected doors. The doors can be monitored and locked or unlocked at various points in the day. Lock company Allegion sees the show as an opportunity to meet with technology partners Bridging the gap between IT and physical security One exhibitor – ADT – noticed more information technology (IT) professionals accompanying their physical security counterparts at this year’s GSX exhibition. “They come along to kill dreams on the spot,” said Morgan Harris, Senior Director Enterprise Solutions, noting the IT department’s frequent hesitancy to add untrustworthy elements to the network. ADT is looking to transform and expand its 144-year-old brand in the commercial security space and has completed eight acquisitions in the last year to accomplish the goal. Some of the acquisitions build on ADT’s expanding cybersecurity initiative, which is both a fully-functioning stand-alone business and an effort to bridge the divide between IT and physical security. ADT is positioning itself to manage enterprise risk in the broadest sense. Combining IT and cybersecurity The Internet of Things (IoT) is fuelling convergence but are we missing out on how to talk to each other and communicate effectively between IT and security?" “The Internet of Things (IoT) is fuelling convergence but are we missing out on how to talk to each other and communicate effectively between IT and security?” asked Harris. “Projects have failed because information was lost in translation.” ADT seeks to have skillsets, experience and certifications on both sides of the issue. “It enables us to be the in-between,” says Harris. “We can blend the two together and be the translator. It’s great for both sides, advocating for security counterparts and for the network simplifies deployment and processes.” Harris sees a trade-off between cybersecurity and convenience in the industry. For example, if a manufacturer says they have a simplified process and only offers firmware updates once a year, cybersecurity suffers, he said. Lack of third-party testing is another way that manufacturers sometimes trade cybersecurity for convenience, at heightened risk to integrators and end users. Training courses for integrators and partners Milestone Systems is expanding its level of involvement with integrator partners, and now provides Partner Business Reviews (PBR) to assess an integrator’s activities, sales and training, pipeline and marketing initiatives. The partner reviews often uncover issues that can be easily rectified through additional training, says Megan McHugh, Milestone’s Training Marketing Manager, Learning and Performance. Milestone uses a dashboard to track each integrator’s completed training courses and can point out additional courses needed to ensure an integrator partner’s success. Milestone offers a variety of in-person, e-learning and YouTube video courses to train installing partners, systems integrators and self-integrators on best practices Milestone offers a variety of in-person, e-learning and YouTube video courses (in 12 different languages) to train installing partners, systems integrators and self-integrators on best practices. ‘Cloud Labs’ are instructor-led online classes. All courses are linked to a variety of support resources. Sometimes a simple checklist accessed on a smart phone can ensure that every aspect of an install is performed and can instil added confidence in customers. The open platform company’s new agile development cycle – releasing multiple versions of XProtect software throughout the year – creates extra challenges to keep learning initiatives up to date. Along with each new release, various existing courses are updated. The concepts of “training and certification” are being replaced at Milestone with “learning and performance,” says McHugh. Milestone is also looking to hire 170 new R&D staff and open a new centre in Barcelona (in addition to current R&D centres in Copenhagen and Sofia, Bulgaria). Making camera installation easy Hanwha Techwin is another company that is seeing more interest in cybersecurity, as well as concern about whether a product is supported professionally. They have doubled-up production in South Korea and added capacity in Vietnam to avoid manufacturing in China. Thinking about their integrators, Hanwha Techwin is putting more emphasis on making installation easy. Installation costs may be up to 50 percent of a job, so easier installation frees up money to buy more or better cameras. With a new design of their cameras, an electrical contractor can now install the camera base and conduit, and then the integrator can easily plug in the camera later. Camera bases are common across multiple models, so a customer could switch out a 5-megapixel for a 2-megapixel camera later on if they want to (same housing plate). ‘Skins’ allow the colour of cameras to be changed to match surrounding décor. “We are changing the idea of how people approach selling a camera, and it’s a whole new idea of how to install cameras,” said Tom Cook, Senior Vice President, North American Sales, Hanwha Techwin. Hanwha cameras can include a sound classification analytic to detect sounds such as gunshots Cameras with sound detection technology Hanwha offers more flexibility in the field – interchangeable parts are packed together to enable configuration on site. And there is no need to stand on a ladder to position cameras; stepper motors help with remote camera positioning. Multi-sensor cameras have modules (combining lenses and sensors) that can be switched out at installation. Hanwha Techwin cameras can also include a sound classification analytic to detect sounds such as gunshots, screams or glass breaks, especially useful in K-12 education environments. Unification and the customer journey were a key emphasis for Genetec at GSX 2018. Unification for Genetec means combining multiple functions on one platform, from one vendor and using one source code. The company approaches the market by analysing each customer’s journey as it relates to Genetec products. A typical customer journey involves (1) a company looking for standalone systems; (2) the need to centralise systems through integration and unification; (3) increasing automation and workflow; and (4) adding intelligence for more informed decision-making. “Genetec wants to get more in-depth with customers, be more comfortable with their business, and understand their challenges,” said Derek Arcuri, Product Marketing Manager. “We want to get naked with our customers.” Machine learning engine for crime prevention In the city of Chicago, Citigraf detects patterns in crime behaviour and determines where a crime is likely to occur There was a big crowd at the Genetec booth, and not because the comment was applied literally. Genetec has divided itself into multiple parts, each focussed on a vertical market such as retail or transportation. The approach is to operate as a ‘federation of startups’, with each market sector accountable to fill in the gaps in the portfolio to meet the specific needs of each vertical. For example, Genetec’s Citigraf is an unsupervised machine learning engine with an algorithm to detect anomalies and trends from a large pool of data in a municipal environment. In the city of Chicago, Citigraf detects patterns in crime behaviour and determines where a crime is likely to occur. The system alerts operators in a bureau or area that has a higher risk level and should beef up the number of first responders. Chicago has seen a 39 percent decrease in average response time of first responders as a result. In the retail market, Genetec leverages the security infrastructure to analyse shopping trends and provide data for merchandising and operations. “Each customer is getting a portfolio of products tailored to the industry they are in,” says Arcuri. Demonstrating IoT devices Axis Communications displayed its range of products at GSX, demonstrating its almost total transformation from an IP camera company to a supplier of a full range of Internet of Things (IoT) devices. “Axis is broadening its portfolio to include more solutions,” said Scott Dunn, Senior Director, Business Development Systems and Solutions. “Our success is driven by continuing to innovate our portfolio. The market is continuing to grow, and Axis is continuing to expand its market share.” Eight ‘Axis Customer Experience Centers’ around the United States help Axis stay close to their integrators, customers, partners and prospects. IP addressable audio speakers from Axis can provide music as a service, and then can be interrupted for audio messages on behalf of physical security Axis has offered access control IP edge devices since 2013, and now has a new A1601 door controller being sold with partner-only software (no embedded Axis software like previous A1001 devices). In audio products, Axis has a portfolio of speakers, intercoms, and public address systems. Acquisition of IP door intercom company Enhancing the audio line was acquisition in 2016 of 2N, an IP door intercom company headquartered in Prague, Czech Republic. In North America, the 2N team is now fully part of Axis. The line emphasises simple architecture, programmability, and the ability to integrate widely. The products use Session Initiation Protocol (SIP) to integrate through the cloud or peer-to-peer. IP addressable audio speakers from Axis can provide music as a service, and then can be interrupted for audio messages on behalf of physical security. Retail, education and enterprise customers are gravitating to IP audio. An IP bridge can tie existing analogue components into the IP system. For perimeter security, Axis offers a radar device to help eliminate false alarms, as well as thermal cameras.
Videowall technology supplied by Ultimate Visual Solutions (formerly eyevis UK) is at the heart of a new customer experience centre unveiled by independent system integrator Capula. UVS videowall technology The installation allows Capula to showcase a wide range of software technologies, including the latest IoT solutions, to clients from within the energy, manufacturing and utilities sectors at its headquarters in Stone, Staffordshire. Ultimate Visual Solutions (UVS) installed four eyevis EYE-LCD-5500-XSN-LD-FX 55-inch LCD displays to make up the videowall, along with a custom-made sound bar and a Netpix 4900 video wall controller. Netpix 4900 videowall controller We are delighted to have been chosen to complete such an important project for Capula" The installation also includes two 65-inch Samsung DM-65E touch interactive whiteboards; which give the Capula team the ability to show content from the Netpix videowall controller and allow them to annotate over it mid-discussion and feed content back to any display. UVS managing director Steve Murphy said: “We are delighted to have been chosen to complete such an important project for Capula, which will showcase the solutions we provide to visitors to their headquarters.” Capula Business Manager, Neil White commented: “We are very pleased with the service provided by Ultimate Visual Solutions. The expertise, guidance and follow on support was second to none. The technology installed in our prestigious customer experience centre has provided an excellent showcase for our business’ solutions.” Video wall and audio-visual solutions Burnley-based UVS, formerly eyevis UK, provides video wall displays and audio-visual solutions to a range of clients across the UK. Capula specialises in industrial control, instrumentation and automation and has decades of expertise, having worked in some of the most complex and demanding industrial environments. The Netpix 4900 is a network-based graphic controller for the management of video wall systems, single displays or projectors. The controller creates a big joined desktop for network-applications, video and graphic sources.
HID Global, a worldwide provider of trusted identity solutions, was selected by Skanska, one of the world’s project development and construction groups with operations in Europe and North America, to incorporate HID’s mobile solution for secure access to its new office complex in Warsaw. Powered by Seos, HID Mobile Access improves the user experience and increases security throughout the entire building – from the parking lot and elevators to areas with limited access to the public. Located at 173 Solidarności Avenue in Warsaw, the new Spark office complex is not only the new headquarters of Skanska, but a large part of the 70,000 square-meter office building has also been set aside for other tenants. Because the building is intended to be a mixed-tenant space, it was crucial to restrict access to secure areas from unauthorised visitors. Using smartphones for access The Spark building was designed to enable mobile access so that employees can now use their smartphones to open doors and enter secure areas. Skanska, with help from system integrator Sharry Europe, created a new system for building occupants that integrates numerous building applications, including HID Mobile Access. As a result, all building applications have been incorporated into an integrated mobile app, which marked an advancement in creating a more streamlined and convenient experience for the users. HID Mobile Access enhances the security for accessing our entire building" Both Spark building employees and their guests can now move throughout the building with nothing more than a smartphone, without the risk of them gaining access to restricted areas – unless the proper access rights are granted. When users arrive at the door, they simply tap their iOS and Android devices to an iCLASS SE reader using Near-Field Communications (NFC) or Bluetooth Low Energy (BLE) and HID’s ‘twist and go’ feature to gain access from a distance. Any changes to the user’s access rights are remotely managed by the administrator through a cloud-based portal. Integrating all building applications into one “HID Mobile Access enhances the security for accessing our entire building. In one application, we have integrated all building applications, such as parking, virtual reception and other Internet of Things functionality, bringing the whole user experience to a new level,” said Renata Nowakowska, Innovation Manager at Skanska. “One of the most pressing objectives for facility managers in smart buildings is to crack the code on how to enable as many building applications and services on mobile devices as possible in order to simplify how occupants move through a facility and interact with building services,” said Hilding Arrehed, Vice President of Cloud Services, Physical Access Control. “Skanska’s integration of HID Mobile Access into their mobile platform is a perfect example of how organisations are leveraging the power of mobile credentials and the cloud to realise the full potential of creating a connected and more intuitive experience for their users, while increasing security at the same time.”
Rasilient Systems, Inc., the pioneer in video surveillance systems purposely architected for IP video recording, has been chosen to provide video surveillance server and storage solutions for Zero 6 Mall, the impressive new-generation shopping destination that opened in April this year in Sharjah, United Arab Emirates. Zero 6 is a 16,000 square-metre complex that offers a diverse selection of dining, retail and entertainment attractions. Strategically located in Al Juraina, in close proximity to prominent city landmarks like University City and Sharjah International Airport, Zero 6 celebrates Sharjah’s evolving lifestyle community experience. Security integration software “Security is always the top concern in designing and developing a popular tourist and resident destination like Zero 6 Mall. Rasilient is honored to have been chosen to help secure this impressive and unique facility,” said Sean Chang, CEO of Rasilient Systems. Rasilient worked with UAE-based system integrator Exceed Communications, LLC, on the Zero 6 Mall project. Exceed Communications is a leading provider of IT infrastructure and security system needs including network design, installation and management and video surveillance and IPTV systems. Video surveillance at Zero 6 is managed by SeeTec Video Management Software (VMS). An OnSSI Company, SeeTec is one of the leading solution providers for video surveillance in Europe. Unmatched data integrity “Video surveillance storage is critical for security point of view and we are fortunate to have the services of Rasilient Systems, which is a trusted name for unmatched data integrity and storage reliability,” said Issa Ataya, Managing Director, Alef Group. We are confident that Rasilient Systems will provide the most innovative and state-of-the-art technology for Zero 6 Mall" “Zero 6 Mall is a one-stop destination in Sharjah that appeals more to a new generation as it’s a premier lifestyle-oriented place. We are confident that Rasilient Systems will provide the most innovative and state-of-the-art technology for Zero 6 Mall,” Ataya said. Video management software Rasilient provided video surveillance storage for Zero 6 that offers unmatched data integrity, storage reliability and scalability to address future growth. Rasilient’s purpose-built technologies lower CAPEX and OPEX by extending product life expectancy and enabling scheduled maintenance instead of reactive maintenance as systems age. The video surveillance system in place at the mall provides petabytes of storage using Rasilient’s fully redundant ApplianceStor AS85R Server and PS5000 Rackmount IP Storage. Rasilient’s ApplianceStor AS85R is a modular server system which packs four high performance server modules in a single 2U rack mount platform providing unmatched performance and density. Each module can be used to integrate VMS, failover, archive, administration and access control servers in a single high density 2U system. The AS85R significantly reduces cost over a separate VMS server, reduces cabling and the ordeal of integrating VMS, OS, commodity server and storage. Because the AS85R is ideally suited for use in conjunction with Rasilient’s PS5000 Rackmount IP storage, the Zero 6 project also utilises the PS5000. Rasilient’s PS5000 Rackmount IP storage provides a simple-to-use, high performance, and large capacity video surveillance solution Large surveillance installations Rasilient’s PS5000 Rackmount IP storage provides a simple-to-use, high performance, and large capacity video surveillance solution. The purpose-built storage array is optimised for high performance megapixel and large video surveillance installations – both key characteristics of the video solution used at the Zero 6 Mall. Rasilient's patented advanced video caching technology – VAN, FlowThrough, StreamAlign – enables no recording gaps and data locking and increases read/write performance. This allows the capability of using both high resolution megapixel cameras and heavy camera loads. With Rasilient’s video surveillance storage solutions, every single camera frame is processed and recorded – which is essential for the variety of mall security scenarios that might call for video retrieval. The Rasilient system is also engineered to monitor its own “health” and operations to ensure that the system doesn’t fail when it’s most needed. This Proactive technology monitors the health of every disc drive in the system to enable cloning right before an actual drive failure. Reliable video surveillance solutions Zero 6 Mall is just one of many projects Rasilient has completed in the UAE and surrounding areas over the last few years, said Chang. “With the successful implementation of quality and reliable video surveillance solutions for projects like Zero 6, Rasilient continues its growth in the very important Middle East market,” he added.
HID Global, a worldwide provider in trusted identity solutions, announced that 85-year-old fire protection provider RAEL Automatic Sprinkler Company and integrator Automated Decision have deployed HID Trusted Tag Services at one of Manhattan’s most iconic skyscrapers. The combined solutions help secure, digitise, automate and streamline inspection and maintenance of the building’s massive fire and safety sprinkler system. "HID Trusted Tag Services are a real competitive differentiator for us when we bid for projects now," said David Israel, President, RAEL Automatic Sprinkler Company. "We plan to deploy it in other noteworthy buildings and we’re exploring using it for other mission-critical equipment we inspect and repair as well." The RAEL solution incorporates HID Trusted Tag Services into Automated Decisions’ work order management system and mobile inspection app HID Trusted Tag Services HID Trusted Tag Services empower robust Internet of Things (IoT) applications by attaching unique and trusted identities to virtually any object that can be read by mobile devices. Smartphones and other devices can then be used for innovative use cases, without compromising the privacy of end users. The RAEL solution incorporates HID Trusted Tag Services into Automated Decisions’ work order management system and mobile inspection app. The deployment includes HID’s trusted and tamper-evident NFC tag using dual NFC and QR code technology; unique cryptographic authentication and a unique QR code placed on every component of the RAEL sprinklers. After authenticating to HID’s cloud authentication service, RAEL technicians move through the building, tapping each applied tag with their mobile devices to authenticate upon completion of their component inspection or repair. Proof of presence Each individual tap generates a unique encrypted code appended to a URL to provide proof of presence. This process confirms the technician was physically at the site and conducted the required sprinkler inspections and repairs. "Proof of presence was critical for us,” said Israel, “as property managers are now expected to deliver a much higher level of compliance reporting." The solution also logs the user, tap time and date into the Automated Decisions work order management platform. Mobile online access provides inspectors with service request maintenance records, sprinkler part specifications, diagrams and photographs. Combined HID and Automated Decisions solution has enabled faster, more efficient inspections and repairs Combined tag services and mobile devices "That RAEL and Automated Decisions are leveraging our offering for fire and safety at an immense, iconic skyscraper reinforces the breadth of IoT use cases that our identification and sensing portfolio addresses," said Mark Robinton, Director of Business Development & Strategic Innovation, Identification Technologies with HID Global. "Facility managers are also increasingly seeking to combine the use of HID Trusted Tag Services and mobile devices to automate other safety and security functions, including guard tour and key management, as buildings become more intelligent and connected." In addition to providing peace of mind to RAEL and their property management clients, RAEL also reported the combined HID and Automated Decisions solution has enabled faster, more efficient inspections and repairs, improved first-time fix rates and fewer repeat visits.
The Palacio de Congresos, celebrating its 20th anniversary, is a state-of-the-art conference and exhibition centre in the heart of Valencia, Spain. Also known as the Palace of Light, due to its glass-fronted façade and distinctive roof design, the Palacio regularly accommodates large-scale international conferences organized by multinationals, trade associations and government organisations. Most events gravitate around the main auditorium with room for up to 1,481 participants, as well as smaller auditoria with capacities for 467 and 270 people. If needed, an IP-based video and audio network can connect up to 2,250 participants across these separate conference rooms. Bosch - DICENTIS Conference System Given the international character of most of the conferences it hosts, simultaneous interpretation is essential at the Palacio. The building management sought a solution that would take this into account, along with the facility’s existing architecture and infrastructure. Two of its three auditoria are equipped with fixed interpreter booths. Although the smallest auditorium and the conference centre’s ten smaller meeting rooms do not include interpreter booths, simultaneous interpretation is also often required in these spaces. It was also important that the new conferencing system would not require any additional investment for wiring or cable connections. The OMNEO Interface allows transportation of the language channels via the IT network from the auditoria with fixed interpreter booths The DICENTIS Conference System from Bosch provided the perfect solution. Because the system is IP-based and Ethernet compatible, the existing IT infrastructure of the Palacio de Congresos could be used. The OMNEO Interface allows transportation of the language channels via the IT network from the auditoria with fixed interpreter booths to the meeting areas that don’t have these facilities. DICENTIS streams the language channels from the interpreter desks to the DICENTIS Conference devices in the main auditoria, and also to all the active conference devices in the Palacio’s smaller meeting areas. The floor languages of the active conference devices, regardless of their location, are streamed back to the interpreter desks. Mobile installation To serve the smaller meeting areas, the DICENTIS central equipment is installed in a small mobile rack for easy transportation and setup. Additionally, the DICENTIS Conference devices with channel selector can be transported from one room to another in specially made, high-quality, lightweight and sturdy cases for protection during transit. The mobile rack simply connects to the room’s IT network plug to connect to the equipment in the various meeting rooms. This smart, mobile DICENTIS solution meets the requirements of all the meetings held in the Palacio de Congresos. The capacity for simultaneous interpretation in all the meeting areas means 2,250 participants can be connected across all conference areas big and small.
Pulse Secure, the provider of secure access solutions to both enterprises and service providers, has announced that Entegrus has successfully deployed Pulse Policy Secure advanced network access control (NAC), to strengthen overall visibility and access security across their hybrid IT infrastructure. Entegrus, a Canadian energy company, leveraged their existing Pulse Secure virtual private network (VPN) implementation to expedite NAC deployment and fortify their infrastructure in accordance with National Institute of Standards and Technology (NIST) and North American Electric Reliability Corporation (NERC) guidelines. As a result, their security organisation extended visibility for remote and on-premise users and devices, as well as enhanced endpoint compliance and Internet of Things (IoT) risk mitigation. With a widely distributed IT infrastructure, we considered NAC as an effective way to improve our security posture without dramatically altering how we operate" Role of IT security in energy delivery Entegrus serves over 58,000 customers throughout Ontario. They bring electricity, renewable energy and water across three large regions, with a workforce spread out over 2,300 square miles. Entegrus’ objective is to provide safe, reliable and cost-effective provision of energy and related billing services, while providing high levels of service to its customers, partners and the communities it serves. IT security plays a critical role in protecting their delivery of energy and data services. “The threat landscape is constantly evolving, forcing us to always consider how we can go one step further. With a widely distributed IT infrastructure, we considered NAC as an effective way to improve our security posture without dramatically altering how we operate,” said Dave Cullen, manager of information systems for Entegrus. “We have a long-standing relationship with Pulse Secure. The level of integration between Pulse Secure secure sockets layer (SSL) and NAC, as well as the extended feature set, made it a straightforward choice for us. Perhaps the two most important things are that we have increased our security posture, and for the most part, there has been zero impact on our end users.” NAC provides foundational endpoint intelligence, resource access enforcement and IoT defences that support industry and regulatory compliance guidelines Endpoint intelligence and IoT defences Ensuring always active control while maintaining flexible, seamless access to network and application resources is an essential requirement for utility providers. Within such highly regulated industries, best practices dictate a constant cycle of security readiness review and improvement to meet an increasingly potent threat posed by cyber threat actors. NAC provides foundational endpoint intelligence, resource access enforcement and IoT defences that support industry and regulatory compliance guidelines. These compliance requisites apply to both regional and large national critical infrastructure providers. For stretched IT departments, Pulse Secure’s Secure Access solutions are designed to streamline deployment and on-going administration using an easy, integrated, policy-driven platform that works with a customer’s existing installed base and network infrastructure. In addition, Pulse Secure’s VPN solution utilises the same endpoint client, policy engine and appliance management as the NAC solution. Multiple advantages with single management console Entegrus took advantage of this platform capability to rapidly implement NAC. As a result, they gained dynamic intelligence, unified policy management, automated enforcement and threat response through a single management console. We needed to make sure our secure access technologies could adapt to new regulatory requirements and new business needs" Cullen highlights numerous benefits, including a simplified method of managing complex policies and user access rights, as well as an enforceable method of checking end-point devices to ensure that only properly patched operating systems can connect to the network. Another advantage of Pulse Policy Secure was evident after Entegrus recently merged with London, Ontario-based St. Thomas Energy. “We needed to make sure our secure access technologies could adapt to new regulatory requirements and new business needs, as the recent merger added new, unqualified infrastructure and grew our customer base by around a third, which also led to the hiring of 28 new staff members,” Cullen added.