HID Global, a pioneer in trusted identity solutions, announces that users of its cloud-based PKIaaS offering can now automate the lifecycle management of digital certificates used with devices managed via the Microsoft Intune mobile device and application management service.
The HID solution eliminates the need for human intervention when issuing and renewing certificates that enable employees to use their mobile devices to easily access their organisation’s resources through Wi-Fi networks or virtual private network (VPN) connections, without passwords.
Simple subscription model
WHO: HID Global, whose PKIaaS platform offers the advantages of a simple subscription model for automating digital certificate management across large numbers of mobile devices using Microsoft’s Intune service.
WHAT: The HID PKIaaS offering adds a rich suite of certificate automation capabilities to the Microsoft Intune mobile device onboarding and management process. HID is a Microsoft-approved third-party certification authority (CA) partner supporting the Intune service and its use of the Simple Certificate Enrollment Protocol (SCEP).
WHY: Out-of-the-box integration with Intune, Azure AD, and third-party SCEP servers enables the HID service to seamlessly automate all certificate provisioning and renewal. The HID service also enables users to scale their PKI-based strong authentication and encryption capabilities so they can secure hundreds of applications and up to tens of thousands of workstations, mobile devices and other endpoints.
HOW: The HID PKIaaS service is integrated with Microsoft’s Azure Active Directory (Azure AD) and is listed on the Azure Marketplace.
Providing complete control
Microsoft Intune is a cloud-based mobile device management (MDM) and mobile application management (MAM) service that integrates with Azure AD to control how organisations’ devices are used. It also allows administrators to push digital certificates to mobile phones and tablets (iOS/IPadOS and Android) as well as laptops (MacOS/Windows) to provide the easiest, most secure way to access Wi-Fi networks and VPNs.
HID’s cloud-based PKIaaS platform is unique in supporting both privately issued and trusted Transport Layer Security/ Secure Socket Layer (TLS/SSL) certificates, and also hosts private Intermediate Certificate Authorities (ICAs). It offers the industry’s broadest range of certificate automation features under a single annual subscription fee, including providing complete control, delegated administration, and on-demand auditing and reporting.
ASSA ABLOY’s presence at the 2021 Global Security Exchange (GSX) will focus on helping attendees identify opportunities to improve the safety, security and health of their facilities. Visit Booth #1353 to see the latest innovations in comprehensive door security and access control.
“Amid the health, economic, natural, and social crises we’ve experienced in the past 18 months, the role that security plays in creating safe and healthy environments is more critical than ever,” said Sean McGrath, Head of US Commercial Sales and Marketing, ASSA ABLOY Opening Solutions Americas. “Today’s dynamic environment requires creative approaches, innovative solutions, and ongoing collaboration to meet this challenge.”
Most frequent touchpoints
There are many examples of what can be done to upgrade the health, safety and security of a facility, including:
Mitigating the spread of germs by reducing touchpoints at the door - Brought to the forefront because of the COVID-19 pandemic, preventing the spread of germs in a facility has become the new standard for healthy spaces. With doors and door hardware being some of the most frequent touchpoints in a building, creating low-touch or touchless openings is an effective way to accomplish this goal. At GSX, ASSA ABLOY will highlight their full range of Safer2Open™ products that allow doors to operate in a hands-free or touchless manner, including the newest addition:
Alarm Controls NTB battery-powered wave-to-open sensor: The NTB Series can be used to quickly upgrade existing applications to code compliant no-touch solutions using existing wiring, extending touchless access and egress in an easy and affordable way.
Wireless access control
Utilising wireless access control to efficiently manage spaces - Wireless technologies continue to be an important option for upgrading the security of a facility. The ability to add access control to doors at a fraction of the cost of traditional solutions makes it even more valuable at a time when security requirements are growing and budgets are limited. Facilities can use this expanded access control footprint to improve safety by managing the flow of people, limiting the number of people in a particular area, and quickly changing how a space is used. Some of the latest developments in wireless access control include:
HES ES100 integrated electric strike and card reader: As the newest addition to the Aperio® family of real-time wireless solutions, the HES ES100 combines a concealed electric strike with a surface-mounted wireless reader to provide yet another easy, affordable retrofit solution for remote control and monitoring.
Adams Rite DL100 wireless deadlatch: Coming soon to the Aperio line of real-time wireless solutions, the DL100 offers cost-effective retrofit access control capabilities utilising the industry-standard Adams Rite MS® Door Prep for Deadlocks & Deadlatches for single or double narrow stile aluminium mechanical and automatic door applications.
Providing flexibility to adapt to changing requirements - Whether this means upgrading to the latest, high-security credentials or taking the necessary precautions to protect against cybersecurity risks, flexibility is key to creating resilient, future-proof environments. ASSA ABLOY offers many solutions that support this growing need, including one of the newest products that will be featured at GSX:
SN Series: Available from ASSA ABLOY Group brands Corbin Russwin and SARGENT, the SN Series offers the latest in security and versatility with a choice of Wiegand communication protocol or Open Supervised Device Protocol (OSDP) that allows for secure channel, serial communication between the reader and Physical Access Control System (PACS). Featuring Signo™ reader technology from HID Global®, the SN Series is ideal for mixed credential environments and enables easy migration to higher security credentials and mobile access.
Door opening solutions
ASSA ABLOY Booth #1353 will feature a new product showcase with all of these new products
ASSA ABLOY Booth #1353 will feature a new product showcase with all of these new products, as well as the award-winning Medeco 4 (M4) high-security key system that offers the highest level of protection against physical attack and unauthorised key duplication.
It will also feature the latest complete door opening solutions, such as the multi-solution blast and hurricane opening that is designed to provide extra protection against explosions and hurricane-force winds and the RITE Slide integrated barn sliding door system that combines a sleek profile with an STC 34 rating for maximum privacy.
Vertical market solutions
In addition, the booth will showcase vertical market solutions and a new virtual 360° tour that helps universities visualise how door security solutions can be used to address everyday challenges on campus.
The Global Security Exchange (GSX) 2021 will take place September 27-29 in-person at the Orange County Convention Center in Orlando, FL and online via the GSX digital platform. ASSA ABLOY’s sister companies will also be onsite, including Ameristar (booth #1363), LifeSafety® Power (booth #1463), and Traka (booth #1147).
New video-led hiring platform Seesy joins major players in the £42bn+ hiring industry. Encouraging users to “Shred their CV”, Seesy replaces traditional written job descriptions and CVs with 60-second videos. The AI-backed platform allows candidates to search for and apply to their next role using video for the first time.
“We’re moving on from written CVs, Seesy represents a bold step into the future for recruitment,” said Melanie Postepski, Recruitment Industry expert & Seesy advisor.
Flexible and efficient hiring
As the UK faces pressure from the ongoing staffing shortage, the need for a flexible and efficient hiring solution has never been greater. Over the past 12 months, Seesy has been designed from the ground up to make hiring easier, cheaper, and more engaging than ever.
Using video “Job-vids” and “C-MEs” allows both employers and candidates to see each other face-to-face from the start of the application process, expediting the first interview stage. Making the hiring process up to 8x faster, Seesy saves hiring managers time and money.
Seesy offers the lowest standard pay-per-post rate in the market, with the option to subscribe to varying packages
Seesy will support candidates looking for work through several initiatives. Pre-registered candidates will be given the chance to win a month’s salary (1 winner, capped at £2,000) as well as exclusive access to Seesy for the first week of launch. The first 100 currently unemployed candidates attending person interviews arranged via Seesy will be eligible to have their travel costs reimbursed, easing the burden of finding a new role.
1,000 pre-registered businesses will be given 3 months of unlimited, free job postings. A move set to see businesses save £1,000s in recruitment costs as many industries enter their busiest quarter of the year. After the initial 3 months, Seesy offers the lowest standard pay-per-post rate in the market (at least 45% cheaper than the industry leader), with the option to subscribe to varying packages which bring costs down even further.
Having secured the backing of notable, established businesses worldwide, Seesy is proud to work with hiring partners which include:
St James’s Place Wealth Management – A leading FTSE 100 listed firm
A leading middle-eastern airline
The UK’s largest Costa Coffee franchise group
The Timpson Group – A British high-street institution
“I love this innovation and can’t wait to do business with Seesy!”
Damian Bradbury, Establishment Director, St. James’s Place Wealth Management said, “Seesy’s diverse founding team is made up of experts from across the tech, lifestyle, and recruitment industries. With experience scaling and exiting various start-ups, the team has several successful exits and NASDAQ listings to their name.”
Launching to pre-registered users on 8th November, Seesy will be available to download on the Apple App Store and Google Play Store.
Ontic, the protective intelligence software innovator digitally transforming how companies actively identify, investigate, assess, watch and manage physical security threats, has announced a strategic integration with Flashpoint, the globally renowned company in actionable threat intelligence, enabling organisations to protect their assets and stakeholders from malicious activity, across the internet.
Rise in cyber and physical threats
“Cyber and physical threats are increasing at exponential rates and because they are more often than not connected, companies need to address them holistically,” said Manish Mehta, the Chief Product Officer, Ontic.
Manish Mehta adds, “Flashpoint is a leader in the cyber security space, and our integration helps our mutual clients break down security data silos, allowing them to gain more visibility into the threat landscape and proactively combat risk.”
Ontic - Flashpoint integration
Insider threats that are difficult to detect are growing in frequency and causing great damage to businesses
Insider threats that are difficult to detect are growing in frequency and causing great damage to businesses. With the integration of Flashpoint Alerting, Ontic’s Fortune 500 and emerging enterprise clients will be able to augment their data, with Ontic’s existing dark web and cyber intelligence, to paint an even fuller picture of potential physical and cyber threats.
As the threat landscape dramatically evolves, companies are focusing on convergence of physical and cyber security operations. This integration will enable the automatic flow of Flashpoint Alerting concerning cyber and dark web-related data, to physical security teams, thereby improving visibility, and the efficiency of security personnel, to act on critical intelligence, in a proactive manner.
Critical threat intelligence for security teams
“The integration of Ontic and Flashpoint provides critical threat intelligence to physical and cyber security teams, so that they can quickly identify and act on harmful threats that can impact an organisation,” said Flashpoint’s Chief Executive Officer (CEO), Josh Lefkowitz.
Josh Lefkowitz adds, “We’re excited to partner with Ontic to provide deeper insights into cyber threats and help corporate security teams protect their largest assets.”
Access control and management of trusted identities are the building blocks of security, safety, and site management policies for many businesses and organisations. The current pandemic has compounded this with the introduction of new policies and regulations, particularly around social distancing and contact tracing.
Most organisations will have some form of legacy access control in place, ranging from the most simplistic options, such as locks and keys, to technology-based systems. The issue with legacy systems of any type is that risks, just like technology, evolve. What was secure, convenient, and efficient a few years ago is often found wanting as the threat landscape changes.
The standards governing the development and testing of physical access control systems (PACS) have also evolved to improve security and product interoperability. An example is the Open Supervised Device Protocol (OSDP), introduced 10 years ago as an alternative to the antiquated and vulnerable Clock-and-Data and Wiegand protocols. However, when it comes to planning infrastructure upgrades or implementing new tools, businesses must carry out due diligence to ensure the solutions are future-proof and deliver the expected level of security.
Vulnerabilities and challenges
In the early 1980s, Clock-and-Data and Wiegand protocols were widely adopted as the de-facto standard for interoperability between access control readers and physical access controllers. Those de-facto standards were later formalised and adopted into industry standards by the Security Industry Association in the 1990s.
Wiegand is unencrypted and unable to protect from “man in the middle” attacks and vulnerabilities
There were weaknesses, though, Wiegand is unencrypted and unable to protect from “man in the middle” attacks and vulnerabilities from the reader to the controller. Not only that, but Wiegand delivers limited range options and is operationally inefficient. It is also easy to target via its learnable language and a host of hacking devices available via online sources.
Furthermore, the retrofitting installation alongside a legacy system is complicated for integrators and expensive for organisations, as most readers require dedicated home-run wiring. Extensive wiring on a large-scale project, such as a school or corporate campus, results in considerable — often prohibitive — costs for the installation of a PACS.
Legacy access control protocol
Despite the well-publicised vulnerabilities and weaknesses, Wiegand is still one of the most common protocols in legacy access control, with estimates indicating it is used in more than 90 percent of installed systems.
This not only presents issues about physical security but also raises concerns relating to the protection of personal data. Access control systems not only contain information about who can and cannot use certain doors.
OSDP is a communication standard
Modern systems include a wide range of personal data, ranging from qualifications and certifications of individuals, home contact details, and even medical conditions or HR and employment information. With the potential fines associated with GDPR breaches, companies need to take this concern seriously.
These weaknesses pushed the security industry to adopt a new protocol: Open Supervised Device Protocol (OSDP). This access control communications standard was developed by Mercury Security (now part of HID Global) and HID Global in 2008, and donated, free of intellectual property, to the Security Industry Association (SIA) to improve interoperability among access control and security products.
Since then, it has been adopted as a standard by SIA, becoming the first secure, bidirectional reader/controller protocol to be governed by a major standards body in the security industry. In 2020 OSDP reached an additional milestone in becoming an International Electrotechnical Commission (IEC) standard.
Why implement OSDP as a standard?
OSDP is the only protocol that is secure and open for communication between readers and controllers
The growth of networked devices, such as video and access control products, has led to an increased demand for converged solutions. Businesses and organisations recognise the value of implementing an integrated solution to enhance security and add value to technology investment.
OSDP is the only protocol that is secure and open for communication between readers and controllers and is also being widely adopted by industry-leading reader and controller manufacturers. It is an evolving, ‘living standard,’ making it a safer, more robust, future-proof option for governing physical access control systems. OSDP offers important benefits:
1) Increased security
Implementing OSDP standards can increase security, as OSDP with Secure Channel Protocol (SCP) supports AES-128 encryption that is required in U.S. federal government applications. Additionally, OSDP constantly monitors wiring to protect against tampering, removing the guesswork since the encryption and authentication are predefined.
2) Bidirectional communication
Early on, communication protocols such as Wiegand were unidirectional, with external card readers sending information one way to a centralized access control platform. OSDP has transformed the ability for information to be collected, shared, and acted upon with the addition of bidirectional communication for configuration, status monitoring, tampering, and malfunction detection, and other valuable functions. In fact, OSDP is the only open, non-proprietary, bidirectional, secure protocol for communication between card reader and physical access controller.
3) Open and interoperable
OSDP adds new technology that enhances its ability to protect incoming and outgoing data collection OSDP supports IP communications and point-to-point serial interfaces, enabling customers to flexibly enhance system functionality as needs change and new threats emerge. They also can proactively add new technology that enhances their ability to protect incoming and outgoing data collection through a physical access control system.
4) Reduced installation costs
OSDP’s use of two wires (as compared to a potential of 11 wires with Wiegand) allows for multi-drop installation, supervised connections to indicate reader malfunctions, and scalability to connect more field devices.
Daisy-chaining accommodates many readers connected to a single controller, eliminating the need to run home-run wiring for each reader, and the use of a four-conductor cable achieves up to 10x longer distances between reader and controller than Wiegand while also powering the reader and sending/receiving data.
5) User friendly
OSDP gives credential holders greater ease of use, with audio and visual feedback such as coloured lights, audible beeps, and the ability to display alerts on the reader.
For security administrators, managing and servicing OSDP-enabled readers also becomes increasingly convenient, as OSDP-enabled readers can be remotely configured from network-connected locations. Users can poll and query readers from a central location, eliminating the cost and time to physically visit and diagnose malfunctioning devices.
Unlimited application enhancements
OSDP streamlines installations and upgrades while saving organisations the expense of replacing readers
OSDP supports advanced smartcard technology applications, including PKI/FICAM and biometrics, and other enhanced authentication protocols used in applications that require Federal Information Processing Standards (FIPS) compliance and interactive terminal capabilities. Audio-visual user feedback mechanisms provide a rich, user-centric access control environment.
OSDP offers advantages for users, administrators, and integrators, alike. It adds security and real-world efficiencies, and its interoperability ensures that organisations can use systems from numerous manufacturers as they invest in infrastructure that maximises the protection of critical data.
For our part, HID Global’s range of HID Signo readers is OSDP verified, ensuring they offer the intended interoperability and security for secure bidirectional communication and provide an easy migration from Wiegand devices. In a campus environment, OSDP streamlines installations and upgrades while saving organisations the expense of replacing readers if a new access control solution is implemented. There are also service and maintenance benefits as OSDP encourages continuous monitoring of system uptime and allows for remote configuration of -- or upgrades to -- a reader.
Cost savings upon system upgrade
Integrators can also capitalise on the introduction of OSDP by encouraging open standards, which can, in turn, help them build new customer relationships and win more projects.
Although upgrading to access control systems that adhere to OSDP standards is a significant initiative, the range of benefits outweighs the cost of upgrading. Increased security coupled with business efficiencies adds value for those administering the system and a high level of interoperability ensures users can deploy systems from numerous third-party manufacturers.
Integrators who understand the benefits of OSDP can also help their customers support both current and future technology requirements. When a site’s needs change, OSDP offers significant cost savings as the open functionality makes adding new devices easier and reduces the expense of requiring all readers to be replaced if a new solution is installed. Businesses and organisations transitioning to OSDP will also enhance value in terms of operational costs such as servicing and maintenance.
Recent cyber-attacks have disabled and even shut down physical assets. Robust foundational security and training staff, able to recognise an attack can help mitigate the threat, as ABB’s Rob Putman explains.
Edge devices and data analytics
As cyber security specialists, we must navigate an ever-changing threat landscape, one that is made even more complex by the increased interconnectivity between Operational Technology (OT) and Information Technology (IT), as companies look to leverage edge devices and data analytics, as well as remote connectivity, in the wake of the COVID-19 pandemic.
As the threat surface evolves, the industry must guard against attacks on key physical infrastructure, carried out by a range of malicious actors, including nation states and criminals intent on blackmail.
The chemicals sector, a high-value target for cyber-criminals
Cyber-criminals view the chemicals sector, as a high-value target, because of the potential cost
In 2017, not long after a ransomware attack that targeted Maersk, the world’s largest shipping firm, made the news around the world. Another cyber-attack, this time targeting physical industrial assets, generated fewer headlines, and yet could have resulted in both real, as well as financial, damage.
Cyber-criminals view the chemicals sector, as a high-value target, because of the potential cost, both financial and reputational, to the operator, should production be interrupted or stopped entirely.
Cyber security vulnerabilities put physical assets at risk
The attack in question, a ‘Triton’ custom malware attack on a petro-chemical facility in Saudi Arabia, targeted a safety system, taking over system controllers. Bugs in the code triggered an emergency shutdown, but could have led to the release of toxic and explosive gases. It was a vivid reminder of how cyber security vulnerabilities are increasingly putting companies’ key physical assets at risk.
Two more-recent high-profile incidents illustrate my point. In February, a Florida water treatment plant was hacked. The malicious actor remotely accessed the system for three to five minutes, during which time they opened various functions on the screen, including one that controls the amount of sodium hydroxide (NaOH) in the water. The hacker changed the NaOH from about 100 parts per million to 11,100 parts per million, which could have resulted in a mass poisoning event.
Colonial Pipeline cyber-attack incident
Then, in May, the Colonial Pipeline system that originates in Houston, Texas and carries gasoline, and jet fuel, suffered a ransomware attack. Using a VPN, hackers targeted back-office IT systems, forcing Colonial to shut down IT hosts and network infrastructure, severing communication with those OT systems that are responsible for communicating ‘transactional data’ associated with fuel delivery.
In this instance, a single compromised password disrupted Colonial’s ability to invoice its customers. This dependency on OT data stopped pipeline and business operations, and the company was elected to pay the hackers an initial ransom of US$ 4.4 million, in order to restore operations. The Colonial attack was multi-dimensional, in that it not only impacted Colonial’s business, but also the wider US economy and national security, since the pipeline transports nearly half of the east coast's fuel supplies.
Outdated IT system elevates physical risk
The increased interconnectivity between IT and OT can also create vulnerabilit
Attacks such as these prove that, armed with little more than a laptop, an email account and access to the dark web, determined hackers can cause disproportionate damage to physical infrastructure.
As mentioned at the outset, the increased interconnectivity between IT and OT can also create vulnerability. Producers often want to know: Is it risky to connect a production asset or their operational environment to the Cloud? My answer is, if you do so without having done any risk audits around people, processes and technology, or without enhancing and maintaining that environment, then yes, that is risky.
For example, we often observe that the life cycle of a production asset far outlasts the IT systems that are used to run it. Take a cement kiln. Several generations of plant operators may have come and gone, but that asset may still run, using legacy software, such as Windows XP and why not?
Need to replace aging distributed control systems
Well, that’s fine, if you are not concerned about having that asset compromised, and all that entails. A ‘flat’ IT network, an aging distributed control system, and machines with legacy versions of Microsoft Windows, all these elements, which are still commonplace in many industries, make it much easier for attackers to find and infiltrate a company, without needing sophisticated tools.
The age-old mantra of not interfering with a piece of equipment or software that appears to be working, often applies to the individual assets. For example that cement kiln that are still controlled by the same Windows XP-based control software.
However, if we’re honest, things have changed quite a bit, not because something was broken, but because innovation came in. That same kiln control system is most likely connected to other systems, than when first commissioned and that opens it to exposure to threats that it was never designed for.
The human element
There is a misconception that IoT-connected devices can open companies to risk
There is a misconception that IoT-connected devices can open companies to risk, but many recent, high-profile cyber-attacks have been conducted from a laptop, by hacking someone’s VPN, or are a simple phishing/malware attack. In all these cases, the human element is partly to blame.
Take the Florida attack. The compromised computer at the water treatment facility was reportedly running an outdated Windows 7 operating system and staff all used the same password, in order to gain remote access via the Teamviewer app, which the hacker was then able to use.
Physical and human assets, key to robust cyber security
Discussion on the best way to mitigate the threat is often framed solely around specific technical solutions and ignores the fact that robust foundational cyber security is really driven by two very different, but equally important, types of capital: physical assets (e.g. production machinery), and human assets.
The truth is that smart digital software and industry-renowned cyber security applications, while critical, are in many cases, only as good as the weakest human link in the chain. Industry would, therefore, do well to ask itself the following question: Do we have a security problem, or a complacency problem?
At this juncture, it is important to point out that the majority of companies that ABB works with, are at least aware of the threat posed by cyber attackers, and the potential impact of an attack, on their revenues, reputation and bottom line.
User error and human-generated exposures
Making sure staff are aware of the threat and training them to respond properly, if they are targeted, is vital
However, user error and human-generated exposures are where most of these attacks occur. Those human failures are mostly not due to malicious intent from employees, but to the lack of training of the employees on secure behavior.
Making sure staff are aware of the threat and training them to respond properly, if they are targeted, is vital. However, there are also age demographics at play here. Much of the operations employee base is heading towards retirement and often, there is no plan or ability to backfill these people.
Need to invest in new digital and automated technologies
If you think you don't have enough people now, in order to stay on top of basic care and feeding of the OT environment, with regards to security, what is that going to be like in 20 years?
For this reason, there must be a major industry reset, when it comes to its workforce. Companies must invest in new digital and automated technologies, not only to ensure that they stay ahead of the curve and mitigate risk, but also to attract the next generation of digitally literate talent.
Robust cyber security is built on solid foundations
When we talk about foundational cyber security, we mean fundamentals, such as patching, malware protection, high-fidelity system backups, an up-to-date anti-virus system, and other options, such as application allow-listing and asset inventory. These basic controls can help companies understand their system setup and the potential threats, identify vulnerabilities, and assess their risk exposure.
The Pareto principle states that around 80% of consequences come from 20% of the causes. In the context of cyber security, that means 80% of exposure to risk comes from 20% of the lack of security. If companies do the foundational things right, they can manage out a significant amount of this risk.
Importance of maintaining and upgrading security controls
However, having basic security controls, such as anti-virus software in place, is just the first step on that journey. Equally important is having someone within the organisation, with the requisite skill set, or the extra labour bandwidth, to operate, maintain and update those security controls, as they evolve.
Educating, training and recruiting existing employees, and the next generation of talent, along with forging partnerships with trusted technology providers, will ensure that industry can leverage the latest digital technologies, in order to drive business value, and secure physical assets against cyber-attacks.
The COVID-19 pandemic is only accelerating the expansion of Automation, Robotics, Machine Learning (ML) and Artificial Intelligence (AI), and changing how people live their daily lives. This expansion leads the way with technologies that are developed to solve problems, improve operations, streamline processes and assist people, to focus on learning new skills, creativity, and imagination.
Transformation of the physical security industry
One of the latest industries to be permanently transformed is physical security. The era of utilising security cameras is slowly changing into more advanced and more efficient technological applications - security robotic solutions.
SMP Robotics is a California-based company, which is a pioneer in developing robotic technologies, powered by AI, to assist, improve and deliver on new expectations in today’s world. One of their services is smart surveillance systems. This represents a proactive approach to security. The company, SMP Robotics’ Founder and Chief Executive Officer (CEO), Leo Ryzhenko, stated “Autonomous robotic technologies will become a driving force in future security solutions.”
Robotics and AI in autonomous security solutions
The robots can patrol 24/7, counteracting intrusion and communicating via voice message with guards
The company uses robotics and AI technology to implement autonomous security solutions, which reduce liability and overhead, as well as improving the quality of services. Robotic guards are capable of patrolling all types of facilities, in both urban and rural contexts.
The robots can patrol 24/7, counteracting intrusion and communicating via voice message with guards. The inspection robots, deployed by SMP Robotics, are easily integrated with many existing security technologies, armed with obstacle avoidance and anti-collision measures, automatically recharge, and can recognise faces up to 50 metres. As the world grows increasingly complex, technology like this is essential to ensure safety for all.
AI-enabled autonomous video monitoring ground vehicles
The advancements in technological breakthroughs of SMP Robotics position the company and its AI-powered, autonomous video monitoring ground vehicles, to be the most adaptable to any industry, cost-effective for clients’ business needs, in providing various types of services from public safety, crime prevention, to asset protection and physical security.
SMP Robotics continues to implement new innovative solutions and groundbreaking technologies in its latest generation of autonomous models. Currently, many were already deployed or in a process to be delivered to a number of key clients, in various industries throughout the globe, from oil & gas, nuclear power plants to data centers, healthcare facilities, and amusement parks.
Smart security robots
Tal Turner, the Vice President (VP) of Business Development and Partnerships, SMP Robotics, said “We provide autonomous, artificial intelligence, all-weather, all-surface, smart security robots that are turnkey and operate independently on their own, using real-time obstacle avoidance, face recognition, and other cutting-edge technological advancements.”
According to Coherent Market Insights, the Robots as a Service (RaaS) market direction will grow by 15.9% by 2028 and reach the threshold of 41.3 billion dollars. SMP Robotics stands at the forefront of the security robotic revolution, making an impactful change to make the world a safer place.
Sooner or later (hopefully sooner), the novel coronavirus global pandemic will allow workplaces to reopen. But as we move into this recovery phase, there are many questions surrounding the transition. How can companies ensure facilities are in acceptable working order to reopen? How do they decide who is coming back and when? How will social distancing impact the operation of a company’s physical access control system? How can companies ensure that both visitors and employees are aware of the policy changes and extra controls?
For answers to these and other salient questions, we called on Ian Lowe, Product Marketing Director of HID SAFE Identity and Access Management (IAM) solutions.
“There’s no doubt about it: the global pandemic will change the way we live, work, and conduct business for some time,” says Lowe. “Over the past several weeks, we have been working with customers to enable a safe return to the workplace. We have observed that the number of challenges in the mid-to-long-term level and the associated complexity vary by location.”
Lowe shares some of the proactive measures and best practices that can assist in a safe return to the workplace as we settle into a “new normal”.
Challenge 1: Ensuring building readiness
After being unoccupied for weeks or months, building readiness must be addressed completely before welcoming anyone inside. Even though employees may be eager to return, the workplace itself may not be ready. Companies may want to consider continuing remote work while facility operations are prepped.
Challenge 2: workforce management
There’s no doubt about it: the global pandemic will change the way we live, work, and conduct business for some time
While it is dependent on location and industry, taking a phased approach is the best course of action when allowing employees, contractors and visitors back into facilities. First, facilities management will want to survey the property for readiness and then provide an estimate as to when employees may begin reporting back into the office.
Next, it’s important to consider that office density needs are interrelated to the facility architecture. It is possible to accommodate a higher capacity of workforce in an airy, open office space than in a constrained one. A good rule of thumb is to start by introducing no more than 30% of employees back into the workplace at first. This could be a rolling group model in which the population total remains controlled and constant, but specific individuals vary from day to day. This option is good for a workforce that needs to be together in person but not necessarily all at the same time due to office density concerns.
Welcoming visitors or customers into the office should be delayed as long as possible. If that’s not feasible, visitor numbers should be factored into the total density count. A cloud-based visitor management system can help with implementation.
Challenge 3: Controlling access
The ability to vet staff, employees, contractors and visitors before and during the return will vary greatly depending on the location. Policies should be implemented that require employees to be screened regularly — and for an extended amount of time. Look to answer the following questions:
Where have you visited in the days since last entering the workplace?
Have you come into contact with anyone else who has recently visited high-risk areas?
Have you shown any symptoms of infection in the past xx number of days?
Policies should be implemented that require employees to be screened regularly — and for an extended amount of time
If there is cause for concern, refuse the visitor and/or supplement the screening process with additional steps. Temperature checking is mandatory in many organisations— often multiple times a day. This applies to interactions at delivery bays, too.
A policy-based physical identity and access management solution integrated with existing physical access controls makes it possible to enforce, monitor and report this type of activity.
Challenge 4: Social distancing and contact tracing plan
Social distancing may continue within the office, which will impact restrictions and guidelines related to access control. The office layout may be reworked for proper distance between cubicles, workplace positions and employees. Specific entrances, exits and pathways may be designated as one-way-only.
Assigning Bluetooth LE beacons to employees once they are inside the workplace will allow companies to monitor proximity to others and measure localised density in real-time by using location services, contact tracing, and surge response technologies.
Challenge 5: Reduced physical touchpoints
Contactless technologies can help enforce social distancing and reduce touchpoints on common surfaces
Reducing the number of physical touchpoints is desirable throughout a workplace. Contactless technologies can help enforce social distancing and reduce touchpoints on common surfaces such as faucets, doorknobs, coffee pot handles, etc. While introducing additional security checks and screenings, it’s important to not increase touchpoints and further infection risks. There have been more requests for a contactless experience to secure workplace access, including automatic doors and turnstiles, contactless cards and mobile access.
Challenge 6: Communicating for confidence
Proactive communication is key to provide reassurance that appropriate safety measures have been taken and that both visitors and employees are aware of the policy changes and extra controls. Equally important is to communicate a policy change – and the reasoning behind it – before it happens. While there may not be an exact expiration date on these new policies, ensuring that impacted individuals will have a safer experience is universally appreciated.
Following its recent acquisition, Vidsys will continue to operate, now as an ‘An ARES Security Company’. The Vidsys brand is known worldwide for its PSIM (physical security information management) solution and the acquisition will accelerate the next generation of products that incorporate Artificial Intelligence (AI) to enhance their value to Vidsys clients and the overall market.
ARES Security Corporation has developed and deployed security and public safety software solutions for the past 20 years, solving complex physical security challenges. Their AVERT security software solution supports the full lifecycle of physical security operations: risk and technology assessment and design, training, and intelligent real-time incident response.
AVERT security software
AVERT security software helps clients by increasing security effectiveness and reducing cost
AVERT security software helps clients by increasing security effectiveness and reducing cost. Clients are in many market segments including Corporate, Military, Government, Power, Data Centres, Transportation and Ports. Vidsys’ PSIM will immediately be improved by incorporating AVERT C2 (Command & Control), allowing clients access to expanded capabilities and an advanced technical roadmap.
“Over time we will migrate the Vidsys technology to our state-of-the-art, multi-tenant SaaS architecture that includes secure, multi-site data sharing, an updated library of connectors, and integration to the AVERT digital twin, artificial intelligence/machine learning and automation capability,” said Ben Eazzetta, ARES Security Corporation’s Chief Executive Officer (CEO).
Technical roadmap for upgrading to AI-PSIM platform
“We are a client-centric company, and we will continue to support Vidsys clients,” stated Ben Eazzetta, adding “We will focus initial efforts towards closing any required and promised capability gaps and offer a significantly improved technical roadmap for the platform to be upgraded to AI-PSIM.”
Additional AVERT products will be made available to Vidsys clients in a ‘cost-effective way’. They include technology for assessment and design, virtual tabletop and virtual reality training and enhanced AI and robotics capability surrounding the digital twin. A ‘digital twin’ is a digital representation of a physical object.
Rapid incident response and robotic sentries interfaces
ARES/Vidsys solution offers capabilities with extremely high levels of automation for rapid incident response
ARES has a strong market position in several verticals that require a robust and automated next-generation AI-PSIM. The ARES/Vidsys solution offers capabilities with extremely high levels of automation that enable rapid incident response and incorporate advanced features, such as interfaces to robotic sentries.
“These capabilities, along with a more automated deployment process, will allow Vidsys to scale their acquisition of customers across key verticals in which ARES is already active. This automated deployment process will also open new opportunities to work with system integrators who have shied away from PSIM projects in recent years,” stated Ben Eazzetta.
Optimising security operations
ARES believes the physical security market is underserved by technology that optimises operations. Ben Eazzetta adds, “All of our products are designed to optimise security operation, and the acquisition of Vidsys allows us to accelerate the development of the next generation PSIM that is adaptive and intelligent, powered by AVERT’s AI, and Modelling and Simulation system.”
Vidsys pioneered PSIM in the security industry and created a robust library of connectors, providing an integrated real-time incident response system powered by a rules engine. Together, the AVERT/Vidsys solution seeks to transform the way security operations centres (SOCs) operate and respond to emergencies.
Vidsys pioneered PSIM in the security industry and created a robust library of connectors
Managing security at multiple sites
Ben Eazzetta said, “There’s no denying that some in the security industry see PSIM as a four-letter word. But PSIM exists because it meets a need in the security operations centre that cannot be met by either video management or incident management systems. It is critical that PSIM evolves to meet the rapidly changing demands of enterprise clients.”
He adds, “Our clients need to manage security at multiple sites, each with different security plans and threats, they need adaptive rules engines to manage complex incidents and emergency responses, and they need automation to seamlessly command and control all security assets, including robotic assets.”
Flexible and intelligent software
Future of command-and-control will need to be flexible, intelligent software with extremely high levels of automation
“The future of command-and-control will need to be flexible, intelligent software with extremely high levels of automation that enables very rapid incident response and incorporates advanced capabilities such as interfaces to robotic sentries,” said Ben Eazzetta.
He adds, “To achieve this, we are replacing the brittle, difficult-to-configure rules engine of today’s PSIM with machine learning and AI capabilities that can produce automated/optimised responses or recommendations in near real time.”
SaaS-enabled and remotely hosted system
The systems will be SaaS-enabled, remotely hosted and easily configurable to reduce the cost and time of deployments for large enterprise implementations and easily supported by end-users, and system integrators.
In a post-Covid-19 world, it is critical that enterprise security software solutions be adaptive, intelligent, automated and offer the ability for disparate teams to share information and collaborate in a meaningful way, while responding to incidents and emergencies in real-time. The ARES/Vidsys offering is a lifecycle solution that meets the needs of enterprise security operations.
Next-generation of AI-PSIM
“ARES has always pushed the needle of what is possible with our AVERT solution, ever since development of our digital twin technology began in 1999 to protect our nation’s nuclear stockpiles,” said Ben Eazzetta, adding “Today, we continue to innovate with the next generation of AI-PSIM.”
So what’s ahead for ARES and Vidsys in 2021? “A lot of Zoom calls!” laughs Eazzetta, adding “We are excited to leverage the decades of hard work that both teams have put into our solutions. We all realise the fantastic opportunity we have been given to create a next-generation AI-PSIM and to open new markets for all of our products and solutions.”
He adds, “Combining the two companies will lead to improved development/support capability and significantly improved roadmaps for our clients. We will provide immediate ROI for clients by lowering deployment costs and leveraging the entire suite of products to provide more immediate value while continuing to deliver as promised, like ARES always does.”
Even though ISC West 2020 was cancelled, many of the product introductions planned for the trade show still happened. For example, physical security and secure identification company Identiv introduced the Hirsch Velocity Cirrus and MobilisID.
Hirsch Velocity Cirrus is a cloud-based Access Control as a Service (ACaaS) solution. It is an optimal solution for both end-users and integrators, with lower upfront costs, reduced maintenance, enhanced portability, and the future-proof assurance of automatic security updates and feature sets.
Smart mobile physical access control solution
Identiv’s MobilisID is a smart mobile physical access control solution that uses Bluetooth and capacitive technologies to allow frictionless access to a controlled environment without the need to present a credential.
We caught up with Jason Spielfogel, Identiv’s Director of Product Management, to discuss the new products and other topics.
Q: How is Identiv positioned in the market as a whole? What philosophy drives your product offerings? What vertical markets do you target?
Every customer needs every one of these components
Spielfogel: Identiv provides a total solution. Our platforms provide access control hardware and software, video surveillance and analytics, door access readers, and ID credentials, both cards and mobile, for a variety of vertical markets: Federal government, state, local and education government agencies (SLED), healthcare, schools, banks/financial services, retail, airports and transportation, and infrastructure. Every customer needs every one of these components in every physical security deployment, and we ensure that all parts are working together at all times, even as technology continues to evolve.
With that said, our philosophy is very customer-centric, and we position ourselves as a trusted partner. Our products and technology platform always strive to reflect and anticipate the environment our customers are facing, both in terms of technical requirements and functional capabilities.
Q: How does the MobilisID system eliminate "friction?"
Spielfogel: Identiv’s MobilisID eliminates the “friction” of access control by forgiving the user from presenting a physical credential to the reader. A simple wave of their hand over the MobilisID reader establishes a connection, and the reader reads their mobile device’s credential from the MobilisID app. No badge or access card to read, and no contact with the reader, makes this a frictionless access control experience. Administrative friction is also eliminated because there is no physical credential to issue or withdraw; it’s all done via the MobilisID Manager.
Hirsch Velocity Cirrus is a cloud-based Access Control as a Service (ACaaS) solution
Q: Discuss the advantages of Bluetooth over competing technologies.
Bluetooth offers a blend of reliability and specificity
Spielfogel: There are two primary competing technologies: WiFi and Near Field Communication (NFC). The problem with WiFi is that it’s not location-specific. In other words, the WiFi router can’t tell which door the user is near. NFC has the opposite problem in that it’s impossible to get credential reads unless the phone is presented within an inch or two of the reader. Bluetooth offers a blend of reliability and specificity to create frictionless access.
Q: "Touchless" has always been a big selling point. Doesn't the coronavirus improve the outlook for these systems even more?
Spielfogel: The coronavirus certainly highlights the value of frictionless access. But the vast majority of access systems today use proximity which was already touchless. But for systems using touchpads or contact-based credentialing, certainly frictionless is offering some alternatives that would help keep employees and visitors safer in the current climate.
Q: How else might the current pandemic change the security market forever (i.e., more teleworking?)
Spielfogel: Permanent changes are not likely, but it does force security directors to rethink how their employees interact physically with systems for both physical and logical access. As a result, we might see accelerated adoption of some emerging technologies, such as greater use of mobile logical access solutions, as well as frictionless physical access control. We’ve already seen an uptick in our smart card reader and token line and our Thursby enterprise and personal mobility offering during the coronavirus pandemic.
Q: There are a lot of cloud systems in the access control space. How is your Cirrus cloud product different?
Velocity already has all those features
Spielfogel: Cirrus is different from many others in that it’s built on one of the most mature, feature-rich, secure physical access solutions available today – Hirsch hardware and Velocity Software. While many competitors are scrambling to add features to their relatively new ACaaS platforms, Velocity already has all those features. While they are building up their encryption capabilities and cybersecurity testing, we’ve already been doing that for two decades. We certainly have some more development ahead of us for Cirrus, but most of it is just surfacing features we already have into the Cirrus interface.
Q: How do you guide customers as their needs change?
Spielfogel: Whether users want solutions that are on-prem, in the cloud, or anything in between, Identiv’s full architecture ensures that customers can adopt and migrate to new solutions as they see fit. No two customers are alike, so providing the flexibility to gradually update or change systems is a real differentiator. Our competitors either want customers to jump all at once to the cloud or push to keep everything on-prem/legacy. CSOs and CISOs live in a different world: they've got it all to deal with. We're there with them across all of it, because that's the true reality.
Embracing the benefits of touchless access using smartphones, Vanderbilt University expanded its investment into campus safety and security, by leveraging HID Mobile Access to deploy campus IDs on iPhone and Apple Watch via Apple Wallet.
The enhancement builds upon the university’s initial investment in mobile-enabled technologies from HID Global. These technologies capitalised on the ubiquitous nature of smartphones and mobile devices among students, 90 percent of whom reside on campus throughout their Vanderbilt education and faculty, to create a campus-wide identity and access management programme.
HID Mobile Access
The investment continues to pay dividends. “Keeping students safe is our top priority. HID Mobile Access was the optimal solution for protecting students and allowing Vanderbilt to move to a mobile solution for securely accessing our campus and services. The integration of campus IDs on iPhone and Apple Watch brings added convenience for our entire campus community,” said Mark Brown, Director of Business Services Technology with Vanderbilt University.
Mark Brown adds, “Beyond the convenience and security, two very important considerations, this mobile solution gives us the freedom to provision and modify credentials remotely, which has been significant for protecting the health of our students and staff, during the worst of the COVID-19 pandemic in 2020.”
Compatible with NFC and Bluetooth technologies
Vanderbilt initially tapped HID Global to implement a mobile credential solution compatible with NFC and Bluetooth
Vanderbilt initially tapped HID Global to implement a mobile credential solution compatible with Near Field Communication (NFC) and Bluetooth technologies. HID Mobile Access, powered by Seos credential technology, was deployed alongside a reader infrastructure, comprising HID Signo Readers, HID iCLASS SE readers, and OMNIKEY desktop readers, in order to manage access to buildings.
It complements the ecosystem by facilitating the usage of the already issued credentials for all other adjacent use cases. The solution allowed Vanderbilt administration to issue mobile credentials that let students, faculty, and staff access buildings and services with their mobile devices, as well as efficiently provision/de-provision credentials remotely, without person-to-person contact.
HID Reader Manager
Next, the university wanted to add support for credentials in Apple Wallet, without compromising the existing access infrastructure or its security. This was easily accomplished by using HID Reader Manager to upgrade firmware on the university’s physical access control readers, so as to extend support for NFC-based credentials in Apple Wallet.
The university uses the flexible HID Origo Mobile Identities API integrated with CS Gold, a higher education transaction system from CBORD, for credential lifecycle management.
Commodore campus ID cards
With campus IDs in Apple Wallet, students can complete any action that would have previously required a physical ID card, both on and off campus, with just their iPhone and Apple Watch. Students simply present their device to a reader to enter dorms, libraries, and fitness centres, buy lunch, make purchases at campus stores, and pay for laundry, print documents, and more.
The university’s Commodore campus ID cards on iPhone and Apple Watch provide an extra level of security
The university’s Commodore campus ID cards on iPhone and Apple Watch provide an extra level of security and privacy, so students do not need to worry about misplacing their physical card, when they are enjoying campus life. Transaction history is never shared with Apple or stored on Apple servers. If a student misplaces their iPhone or Apple Watch, they can use the Find My app to immediately lock their device and help locate it.
Safe and secure mobile access solution
HID Global is pleased to support Vanderbilt University in achieving its goal of delivering a safe, secure, and convenient mobile access solution, with the added flexibility of supporting the Apple Wallet platform.
With integrated HID Mobile Access, issuing credentials to new users is as easy as having them download the app, validate identity, and seamlessly add their credentials to Apple Wallet.
HID Global, a pioneer in trusted identity solutions announced that the Arcos Bosques Torre 1 (Tower 1) has deployed its access control solutions to heighten security and better manage visitor entry.
Located in the Bosques de las Lomas neighborhood of Mexico City, the center is comprised of six buildings. The complex includes two skyscrapers and is home to high-profile law firms, industrial, mining, media, and technology companies, and one of the city’s most recognised shopping centers.
HID readers and smart card technologies
With the help of system integrator Logen, Arcos Bosques Corporate Center chose HID Mobile Access® solutions as well as HID readers and smart card technologies for tenants and visitors to securely pass through its 16 turnstiles and use the 32 elevators that lead to their offices.
The HID solutions also give tenants the choice of using their mobile devices or physical smart cards for entry.
Touchless and safe entry
HID’s mobile access solution enables administrators to remotely manage credentials by cloud-based infrastructure “Accessing the building by simply presenting a mobile phone makes a lot of sense as we look for ways to eliminate touching things during the global pandemic,” said Santiago Morett, Project Manager at Servicon, facilities manager for Arcos Bosques.
“HID Mobile Access has given us touchless entry and safer building security, which is more important than ever for our tenants.”
Mobile access solution
HID’s mobile access solution also enables administrators to remotely create, issue, manage and revoke credentials through the cloud-based infrastructure.
Servicon, the facility management company for Arcos Bosques, now has continuous building access visibility through a unified, up-to-the-minute database of the tower’s tenant names, affiliated companies, and work locations.
"Building security today extends not only to who has access but also to how individuals can enter a facility,” said Harm Radstaak, Senior Vice President and Head of Physical Access Control Solutions with HID Global. “HID’s access control solutions provide the foundation for optimal oversight and control while also keeping people healthy and safe.”
Positive Technologies researchers, Vladimir Kononovich and Alexey Stennikov have discovered vulnerabilities in the Wincor Cineo ATMs, with the RM3 and CMD-V5 dispensers (Wincor is currently owned by Diebold Nixdorf).
With access to the dispenser controller’s USB port, an attacker can install an outdated or modified firmware version (for example, with disabled encryption), to bypass the encryption and make cash withdrawals. Diebold Nixdorf (Diebold Incorporated) has more than 1 million of its ATMs installed worldwide, making it one of the largest ATM manufacturers, with a 32 percent share of the global market.
Most previous generations of ATMs could not withstand black-box attacks. In such cases, a hacker connects to the dispenser, via a computer or mobile device, and sends a special code, which results in the ATM dispensing money. In research performed by Positive Technologies in 2018, 69 percent of ATMs turned out to be vulnerable to such attacks and could be hacked in minutes.
Modern ATMs with built-in protection against black-box attacks
Modern ATMs, including Wincor Cineo, have built-in protection against black-box attacks
Modern ATMs, including Wincor Cineo, have built-in protection against black-box attacks. This protection is achieved by using end-to-end encryption between an ATM computer and the dispenser. The computer sends encrypted commands to the dispenser and a hacker cannot withdraw money, without encryption keys stored on the ATM computer.
Vladimir Kononovich, Senior Specialist of ICS Security, at Positive Technologies, said “In the case of Wincor Cineo, we managed to figure out the command encryption used in the interaction between the PC and the controller, and bypass the protection against black-box attacks. At a popular website, we bought the same dispensing controller, as the one used in Wincor's ATMs.”
Issues of bugs in controller code and old encryption keys
Vladimir Kononvich adds, “Bugs in the controller code and old encryption keys allowed us to connect to an ATM, using our own computer (as in a classic black-box attack) and bypass the encryption, and make cash withdrawal. Currently, the attack scenario consists of three steps - Connecting a computer to an ATM, loading outdated and vulnerable firmware, and exploiting the vulnerabilities to access the cassettes, inside the safe.”
According to Vladimir Kononovich, some manufacturers rely on security through obscurity, with proprietary protocols that are poorly studied and the goal of making it difficult for attackers to procure equipment, in order to find vulnerabilities in such devices. However, the research shows that such equipment is not difficult to find on the open market and analyse, which can be used by criminal groups.
CVE-2018-9099 and CVE-2018-9100 vulnerabilities
The first flaw, CVE-2018-9099, was detected in the firmware of the CMD-V5 dispenser
Both vulnerabilities received a CVSSv3.0 score of 6.8. The first flaw, CVE-2018-9099, was detected in the firmware of the CMD-V5 dispenser (all versions up to and including - 141128 1002 CD5_ATM.BTR and 170329 2332 CD5_ATM.FRM). The second, CVE-2018-9100, was detected in the firmware of the RM3/CRS dispenser (all versions up to and including - 41128 1002 RM3_CRS.BTR and 170329 2332 RM3_CRS.FRM).
To fix the vulnerabilities, credit organisations must request the latest firmware version from ATM manufacturers. Moreover, as an additional security factor, the vendor should enable physical authentication for the operator during firmware installation.
hardwear.io security conference
On October 29, Vladimir Kononovich will talk about the detected vulnerabilities at the hardwear.io hardware security conference, taking place in The Netherlands. In 2018, Positive Technologies experts helped eliminate vulnerabilities in ATMs of another major ATM machines manufacturer, NCR (NCR Corporation).
Type of site: Grade A multi-tenant office
Location: The Bailey, 16 Old Bailey, London, UK
Site size: 115,000 sq. ft over ten floors
Easy access for users
Touch-free and digital sign-in
Free flowing movement through reception, avoiding crowds and queues
Fast access to other floors via lifts
Visitor management system that can be used by multiple tenants and reception staff easily
Secure and clear intercom/entry phone and door automation for out-of-hours, deliveries and trades people access
Easy access and parking for disabled users
Reliable and resilient security, including CCTV monitoring of strategic locations
Integriti intelligent integrated access control system
Inner Range’s enterprise-level intelligent integrated access control system, Integriti, provides robust security, as well as seamless integration, to an array of other building management systems. Some of the key features of Integriti include:
Easy to use proximity card entry for users and tenants
Forge Bluepoint, powered by Yardi, visitor management system to create secure, but easy to use credentials for visitors, including via smartphone
High-level lift integration, by Mitsubishi that reads user credentials and directs users to the quickest lift, for their desired destination
Integrated CAME BPT video entry phone and access control to automate doors, for disabled access near dedicated parking bay, for disabled users, as well as for out-of-hours access, deliveries and trades people
Hard-wired IP closed circuit television system (CCTV) with Hikvision cameras, to monitor strategic locations
End-to-end encrypted messaging, through every interface and integration, by Inner Range’s Integriti for high-level security
Provision for future entry turnstiles/speed lanes
Richard Harvell, Engineering Director at Knight Harwood, who managed the refurbishment at The Bailey, said “Our key requirement was to be able to move users, including visitors, swiftly through reception, to their correct floors, with minimal or no touch points. And, all of this, without compromising security.”
High-level lift integration
Antron Security’s solution, centered on Inner Range’s intelligent access control system, Integriti"
Richard Harvell adds, “Antron Security’s solution, centered on Inner Range’s intelligent access control system Integriti, more than delivers. The high-level lift integration automatically directs users to the fastest lift for their floor and only allows access beyond reception, for those with bona fide credentials. We have been impressed with Integriti’s sophistication and integration capabilities, as well as Antron Security’s expertise and diligence in designing and installing our bespoke access and security system.”
The Client - The Bailey
UK property firm Endurance Land, which is a member of the Hong Kong-based property conglomerate, Nan Fung Group, owns The Bailey. The property, which is situated directly opposite the famous Old Bailey High Court in London, was originally built in the early 20th Century for the Chatham and Dover Railway Company.
Its Grade II listed Edwardian Baroque façade features classical reclining figures, while a larger ‘western extension’ was built in 1999, to modern city office standards.
Knight Harwood commissioned for refurbishment
Knight Harwood was recently commissioned to refurbish the whole site, along with architect, Orms and building design consultancy, GDM Partnership.
The commercial site meets Grade A office specifications and offers exceptional internet reliability, and speed for tenants. It achieved a platinum connectivity rating, by WireScore, the Mayor of London’s digital connectivity rating scheme, in 2020.
Sophisticated access and security management system
A new and sophisticated access and security management system was part of the refurbishment brief. Knight Harwood stipulated an access and security management system that would ensure a free flow of users and tenants through reception, without crowding or queues.
This would need to include integrating intelligent lift controls, so as to ensure users were swiftly taken to their designated floor, as well as a good visitor management system that all tenants could use, without the need for a central security team to manage requests.
Touchless access and digital sign-in for users
Touchless access, as well as digital sign-in for users was also important for the client
Touchless access, as well as digital sign-in for users was also important for the client. An intercom or entry phone and access control operated doors were needed for disabled users, who would be accessing the building from the dedicated disabled parking bay, as well anyone arriving ‘out of hours’, or for trades people and deliveries.
High-levels of physical and cyber security were needed to keep all legitimate users and the site safe, without hindering access. CCTV monitoring would be needed in strategic locations. Future proofing, including laying under-floor cables ready for entry turnstiles/speed lanes, was desired.
Antron Security managed the project
Antron Security project managed the design, supply and installation of the access control and security system for The Bailey and acted as the ‘go to’ contact for Knight Harwood.
Antron Security is a globally renowned installer of bespoke security solutions and has been providing security installations for the past 30 years. Taking care of the supply, design, installation and maintenance of security systems, Antron Security is NSI and Safe Contractor approved, meaning all staff and systems installed comply with the latest industry standards and are regularly inspected.
Bespoke security solutions
Inner Range provided the core access and security management system, Integriti, which enabled Antron Security to build the bespoke solutions needed for The Bailey. Inner Range has been a globally renowned company in the design and manufacture of intelligent security solutions, since it was established in 1988.
Inner Range systems have been installed in over 25 countries. Its flagship product, Integriti, offers enterprise-level intelligent security and integrated smart building controls, for single sites through to global estate portfolios.
Inner Range’s powerful Integriti intelligent access control system integrates with Mitsubishi’s high-level lift controls
Inner Range’s powerful Integriti intelligent access control system, known for its breadth of integration options, integrates with Mitsubishi’s high-level lift controls and Bluepoint’s visitor management system, to ensure all users and visitors can access their floors, and designated areas with ease.
The Mitsubishi lifts are able to read credentials from proximity cards, or mobile phones, at a user check-in point, at the reception, or in the lift lobby itself.
High-level lift controls to reduce crowding and queues
The high-level lift integration with ‘destination control’ means the lift software takes into account, where each of the building’s lifts are, where the user’s ‘home floor’ is, as well as where other users are going/due to go, and instantly calculates the quickest lift for the new user.
The user is immediately directed to the most efficient lift via a display screen at reception, or in the lift lobby. If users are able to go to more than one floor, they can update their preference in the lift itself. This integration ensures users move through reception quickly and efficiently, with no unnecessary stops.
Fully integrated visitor management
Inner Range’s Integriti intelligent access control system also allowed Bluepoint’s visitor management system to integrate with the Mitsubishi lifts.
For visitors to access tenanted floors within the building, the following has to take place:
A tenant creates the meeting via Bluepoint
An email is generated and sent to the visitor’s inbox, where they can create a mobile QR code pass and save it to their smart phone wallet
When the visitor arrives, they use their mobile phone to scan the QR code in the Bluepoint invite, at the reception desk to check-in
The reception team can then direct them to the Mitsubishi lifts, which display the lift car that they need to get to their meeting
To leave, the visitor presents their QR code at the lift or door reader, which tells the system they’re leaving
The QR codes are only valid for one entry and one exit, and only on the appointment date and at the planned appointment time. Afterwards, the QR code becomes invalid and is deleted from the system
CAME BPT entry panels and video intercom system
The QR code gives the visitor the ability to access everything they will need, including the lifts and any locked doors en-route. The integration between Integriti and Bluepoint’s visitor management system was achieved using the Bluepoint API. Bluepoint is cloud-based, hosted on the Microsoft Azure platform.
CAME BPT entry panels were installed to allow disabled users to access the building, near the dedicated disabled parking bay, as well as for any visitors entering the facility out-of-hours, to contact the security team, or for deliveries and trades people to use, in order to access doors at the rear of the building. The entry panels allow for a reliable and intuitive video entry intercom system.
Hikvision CCTV cameras installed
CCTV cameras from Hikvision have been installed throughout the site, to create a hard-wired IP CCTV system
CCTV cameras from Hikvision have been installed throughout the site, to create a hard-wired IP closed circuit television (CCTV) system. They are integrated with the Integriti access control system, which allows for intelligent ‘cause and effect’ monitoring.
System protocols automatically bring up specific camera feeds for security managers to view, in response to alerts and footage can be viewed together with additional information from Integriti, such as if a door has been left open.
Intelligent access control
Inner Range’s enterprise product, Integriti, provides seamless integration with a multitude of other smart building management systems, underpinned by robust security. This includes encrypting all communications through every device and interface, and providing intruder detection to European standard EN50131.
Integriti helps building managers create greener and more energy efficient sites, by tracking how tenants use the building, and amending heating and lighting settings, as a result. Integriti also provides trace reporting, that can identify a user’s movements, if they have become unwell and identify who else has been near them.
System benefits for users include:
Touch-free entry and digital sign-in for users and visitors
No unnecessary stops for users on their way into the building
Reduced risk of crowding or queues in reception area
Easy to use visitor management system
Robust security that doesn’t impinge on access
Future proofing with cabling provision for speed lanes/entry turnstiles in place
Since the advent of the physical security industry, access control has been synonymous with physical cards, whether 125 kHz ‘prox’ cards or the newer smart card alternatives. However, other credentials have also come on the scene, including biometrics and even smart phones. Some of these choices have distinct cost and security advantages over physical cards. We asked this week’s Expert Panel Roundtable: How soon will the access control card become extinct and why?
A new generation of security professional is waiting in the wings. They will be faced with unprecedented challenges, as they seek to transform the security marketplace to the ‘next level’. Technology changes ensure the market will be very different 10 years from now and the fresh labour pool will need to be able to meet the host of new challenges.
We asked our Expert Panel Roundtable: What exciting career opportunities in the security industry await the next generation?
Residential security and smart homes are rapidly changing facets of the larger physical security marketplace, driven by advances in consumer technology and concerns about rising crime rates. During the COVID-19 pandemic, many people spent more time at home and became more aware of the need for greater security.
As workplaces opened back up, returning workers turned to technology to help them keep watch over their homes from afar. We asked this week’s Expert Panel Roundtable: What are the trends in residential security in 2021?