At the end of the June 2019, two major technology events took place in Asia. The first was Seamless Asia, which focussed on the future of finance and commerce. The second, MWC Shanghai, centred around ‘Intelligent Connectivity’ – bringing together topics from 5G to AI. The events may have had different focusses but the key trends in fintech echoed across them. So, what can we take away from two of the biggest technology events in Asia? Accepting payments via mobile phones So...
Kingdom Services Group pledges their support for the London Mayor’s Women’s Night Safety Charter. Launched by the Mayor’s Night Czar, Amy Lamé, it aims to make London a city where all women feel confident and welcome at night. Women’s night safety It is asking businesses who operate during the night to sign-up to some simple pledges including: Nominate a champion to actively promote women’s night safety Demonstrate to staff and customers that we take wo...
Cook Security Group (CSG) successfully unveiled its privately branded video surveillance solution, Piko VMS, during their 2019 Technology & Innovation Summit in Portland Oregon. Health monitoring Cook named Razberi Technologies as their hardware partner to provide the intelligent appliance and health monitoring component to the new VMS brand. “While we still have strong relationships with our traditional video partners, we wanted to provide an open cloud-enabled platform to deliver...
Amthal partners with CAME BPT on a number of prestigious projects to create bespoke door entry systems that operate using integrated smart technology for the benefit of residents across the UK. Renowned intercom specialists CAME BPT has continued to specify use of Amthal, operating with leading real estate consultants to design and integrate door entry solutions in line with high-end specification. Specialist networked systems This minimises the supply chain and ensures a more efficient works...
NEC Corporation announces its participation in INTERPOL World 2019 at Sands Expo & Convention Centre, Singapore, from Tuesday, July 2 to Thursday, July 4, 2019. At NEC's booth (booth# F11), a broad range of public safety solutions for law enforcement and government organisations will be displayed. Visitors will be able to experience a variety of NEC solutions, including its multi-modal biometric immigration gate and AI-driven video analytic platform. Biometric authentication processes As...
Mobile security provider Trustonic announces a partnership with Rubean AG, an established mobile security-focused fintech, and CCV, an European payment solution provider, to develop an mPOS solution that accepts higher value transactions by enabling hardware-protected PIN entry on a range of commercial off-the-shelf (COTS) smartphones. Using a smartphone as a mobile point of sale (mPOS) solution enables traders, small retailers and SMBs to save money on costly payment acceptance hardware, impro...
Shepherd Lock, a new keyless smart lock for the home, launched on Kickstarter. Shepherd Lock uses the same technology found in the automotive industry and is the first smart lock that detects lock-picking attempts to protect homes against burglaries. Shepherd Lock is equipped with a keyless entry system, making it convenient to enter the home. The lock’s automotive grade touch™ technology allows users to unlock their door with just a touch. Shepherd Lock also transforms existing lock hardware into a smart sensor that uses artificial intelligence to identify and notify the homeowner of any threat. Intelligent authentication zone “My team and I come from the automotive industry, where we designed keyless entry systems for cars,” said Kabir Maiga, the founder of PassiveBolt Inc., the makers of Shepherd Lock. “Shepherd Lock brings the same true and tested automotive touch technology to people’s homes.” Shepherd Lock creates the smartest door on the market with its Intelligent Door Status™ and Intelligent Authentication Zone™. A Wi-Fi bridge enables the homeowner to control and monitor the lock remotely A Wi-Fi bridge enables the homeowner to control and monitor the lock remotely. Once the bridge is plugged into the wall, it can be paired with the lock using the mobile app. On the app, homeowners can use the lock’s Intelligent Door Status™ technology to check whether their door is open, closed or locked with ease. Similar to automotive keyless entry systems, the Shepherd Lock will only unlock if the user has a keyfob or smartphone key within the Intelligent Authentication Zone™. Single cylinder deadbolt The homeowner can also use the mobile app to manage access to their home. Temporary or permanent encrypted keys can be shared with family members or friends, and homeowners can schedule access time windows to allow people to enter the home. Installation of Shepherd Lock is simple as there is no drilling required. Shepherd Lock is compatible with any single cylinder deadbolt. Keeping the exterior hardware in place, remove the thumb-turn, install the mounting bracket, screw in the module and snap on the magnetic cover. Shepard Lock retrofits the existing hardware, so the homeowner will not need a new set of keys. Powered with four AA batteries, homeowners will never have to worry during storms or power outages that their homes are unsecure.
Airbus’ new development, Dabat Hybrid Roaming, makes its grand entrance during the Critical Communications World 2019 in Kuala Lumpur. The new solution, a unique combination between Airbus’ Tactilon Dabat hybrid terminal and the Tactilon Agnet 800 Solution, will bring ease and simplicity to daily operations thanks to state-of-the-art seamless switchover technology. The new solution will extend and secure end users’ operations by maximising the benefits of hybrid network communication. Airbus Tactilon Dabat hybrid terminal The Airbus Tactilon Dabat hybrid terminal combines and offers both Tetra and LTE radio technologies in one unique terminal The Airbus Tactilon Dabat hybrid terminal combines and offers both Tetra and LTE radio technologies in one unique terminal. The end user can finally perform their daily duties without being restricted solely to the Tetra radio coverage available. Tactilon Agnet 800 is an app for smart devices such as the Tactilon Dabat. It enables use of features such as push-to-talk, status notifications, text messaging, and emergency calls on the Tactilon Dabat. Group communication with other professional radio carriers or the control room is also possible. Dabat Hybrid Roaming extends Tetra radio coverage by switching to LTE coverage through the Tactilon Agnet 800 application installed on the device. This enables a seamless network change which supports public safety operations and maximises the benefits of hybrid communications. The security of the solution is preserved because all Tactilon Agnet traffic is securely protected via the secure client VPN. Transition between Tetra and LTE technologies These technologies are designed by Airbus to function in a completely transparent and fluid manner. Initially, Tactilon Dabat’s primary mode of operation is to use the Tetra network. In the event of lack of coverage, the end-users can now benefit from an instant and seamless switchover from Tetra to LTE to maintain their mission and business critical operations. On top of the smooth transition between both Tetra and public or private LTE Public Safety solutions proposed by the new feature, the user can benefit from all the fundamental Tactilon Dabat characteristics, such as individual voice calls and messaging with status reports, group calls, group messaging, and emergency calls.
HID Global, a provider of trusted identity solutions, announces it has extended the capabilities of its HID goID mobile identity solution that enables government agencies to move from physical documents to mobile IDs on citizens’ smartphones. The latest addition to HID’s mobile identity offering, the HID goID Simple Verifier, is a small device that can be used by anyone seeking to quickly verify the age of citizens carrying an HID goID mobile ID on their smartphones—all with just one click. Digital verification tool “The Simple Verifier is ideal for institutions and private sector establishments such as bars, clubs and any entity that must verify customers’ ages before permitting entry or the purchase and consumption of alcohol,” said Steve Warne, Senior Director, Product Marketing, Citizen ID business with HID Global. The latest addition to HID goID is a powerful digital verification tool" “In addition to enabling the private sector to combat fake ID attempts, the latest addition to HID goID is a powerful digital verification tool that supports governments’ broader age-restricted products and services initiatives geared towards protecting the health, safety and well-being of minors.” Large-scale applications After connecting via Bluetooth to the HID goID Simple Verifier, the device confirms age by securely sending a random code to the citizen’s mobile ID on their smartphone. The citizen’s age is confirmed with no scanning, tapping or any other action required. Because the solution only verifies the age of the mobile ID holder, the process is quick and efficient. It also protects citizen privacy since no additional information beyond the legal age of the citizen is shared. Easily carried in a pocket or on a keyring, the new device joins a family of HID goID verification options that include solutions for PCs and servers, and purpose-built mobile verifiers for large-scale applications.
Manchester-based security tech scale-up, Broadstone, is celebrating unprecedented growth as it reports a 300% increase in revenue in the past five months and a 700% increase in its user community in the past six months (up from 2,500 users in October 2018 to 20,000 users this month). They predict that transactions via their platform (people looking for temporary work) will be in excess of £1m per month by 2020. As a result, the high growth firm is looking to expand its headcount by 50% over the next three months, as it enters a period of major fundraising and active investment. To support its rapid growth and enable further scalability, Broadstone is also moving to new, state-of-the-art premises at The Garages in Allied London’s XYZ building in Spinningfields, Manchester. Accelerate growth strategy Moving to The Garages in the XYZ building will ensure we are well positioned to continue to grow at pace" Tom Pickersgill, founder and CEO, said: “Since we launched just over 12 months ago, we’ve experienced incredible success, from securing contracts with some of the UK’s major corporations to growing month-on-month in every aspect of our business. And our future plans are even more ambitious, as we look to undertake a Series A fundraise later in the year to accelerate our growth strategy both here in the UK.” “Moving to The Garages in the XYZ building will ensure we are well positioned to continue to grow at pace, while providing a high spec environment for our valued team. Being part of the Allied London portfolio provides the flexibility we need as a high growth scale up, and means we are able to double or even triple headcount without any major disruption to our office space.” Highly streamlined process Launched in January 2018 by founders Tom Pickersgill, James Doyle and Nick Groves, Broadstone is successfully challenging the archaic temporary staffing market within the regulated services industry, currently focused on the security sector. Tom says “The worker landscape has changed dramatically over the past decade. More people are looking for work that fits around their life, yet traditional recruiters and bricks and mortar staffing agencies have not adapted to this and tech giants like Uber and Deliveroo are reaping the rewards of engaging with these labour pools as a result.” Our unique labour-as-a-service approach is democratising recruitment" “Our unique labour-as-a-service approach is democratising recruitment; providing companies with much needed instant access to a pool of verified and vetted workers, and providing candidates with access to fair and flexible temporary work, resulting in a fast and highly streamlined process.” Vast user community Broadstone launched their InstantPay feature late last year – which enables workers to instantly draw down on their pay. They have seen a 55% increase in uptake in the past three months, reinforcing the firm’s belief that handing increased control and flexibility to the employee is the future of the workforce. In the next 12 months, Broadstone predicts its transactions to be in excess of £1m per month with a vast user community of 40,000 people looking for temporary work via their platform.
SALTO is excited to be showcasing the latest in access control technology at IFSEC, the UK’s premier security event, taking place at ExCeL London 18-20 June. SALTO is on Stand IF2810. SVN-Flex provides access management with increased security, more convenience and at lower cost. It makes hard-wired update point’s obsolete, thus introducing completely wire-free access control with online functionalities. It provides a range of benefits to operators and end users, especially by removing the need to go to specific doors or locations to update cards. Now users can update their access rights anytime and anywhere as any wireless door can be activated as an SVN-Flex updater. Making mobile keys SVN-Flex is based on two core technologies, the SALTO Virtual Network and SALTO BLUEnet SVN-Flex is based on two core technologies, the SALTO Virtual Network and SALTO BLUEnet. Since all new SALTO escutcheons are equipped with Bluetooth for mobile access, SVN-Flex combines SVN and BLUEnet in such a way that updated access rights can be transferred wirelessly via Bluetooth to defined escutcheons and cylinders. SALTO has also strengthened its position as the cloud access provider with additional functionality in its SALTO KS app. Now, with new SALTO KS Mobile keys and any SALTO BLE lock, SALTO KS users can select a floating button in the app and just tap their smart phone on the lock to securely open a door. It enables their smart phone to operate as a tag, opening the lock without the need for an active internet connection; making Mobile Keys as secure and easy to use as a physical tag. Cloud-based technology Other innovations at the show include the brand new SALTO NEO Cylinder which is built with the absolute latest in technology. Compatible SALTO SVN, SALTO BLUEnet Wireless and SALTO KS – Keys as a Service – cloud-based technology, it enables users to decide which technology fits better with their security, operational and IT needs. The SALTO NEO Cylinder is one of the few; if not the only, electronic cylinder to be BLE enabled which makes it compatible with both with iOS and Android mobile phones. So whether you use Salto KS in a co-working space or are a student in a university that uses JustIN mobile, you will be able to use your mobile phone to get access into the door you need. Communication technology What’s really impressive is that one set of batteries can last for up to four years The SALTO NEO Cylinder will be available in a variety of local standards including European, ANSI, UK, Swiss, Australian, RIM, Deadbolts, etc. It will also be available for different applications like padlocks, swing handles for server racks, cam locks, and the like and is also IP66 rated meaning its built to withstand even the harshest environments. But what’s really impressive is that one set of batteries can last for up to four years! Joining these innovations are updates to the SALTO KS product platform, which is now more complete than ever with the integration of SALTO BLUEnet communication technology and a new opening mode based on Personal Identification Number Codes (PIN) in order to offer more convenience to users. With these new features SALTO KS now offers 4 different ways to access a building: SALTO KS tag, Mobile key, Remote opening and PIN code.
Pulse Secure, the provider of software-defined Secure Access solutions, announces that it has published its ‘2019 State of Enterprise Secure Access’ report. The findings quantify threats, gaps and investment as organisations face increasing hybrid IT access challenges. The survey of large enterprises in the US, UK and DACH uncovers business risk and impact resulting in a pivot towards extending Zero Trust capabilities to enable productivity and stem exposures to multi-cloud resources, applications and sensitive data. Audit access security The survey data showed all enterprises have ongoing data center dependencies While enterprises are taking advantage of cloud computing, the survey data showed all enterprises have ongoing data center dependencies. One fifth of respondents anticipate lowering their data center investment, while more than 40% indicated a material increase in private and public cloud investment. According to the report, the shift in how organisations deliver Hybrid IT services to enable digital transformation must also take into consideration empowering a mobile workforce, supporting consumer and IoT devices in the workplace and meeting data privacy compliance obligations – all make for a challenging environment to ensure, monitor and audit access security. Empower corporate leadership “What was consistent across enterprise sizes, sectors, or location was that secure access for hybrid IT is a current and growing concern with cyberthreats, requirements and issues emerging from many sources. The reporting findings and insights should empower corporate leadership and IT security professionals to re-think how their organisations are protecting resources and sensitive data as they migrate to the cloud,” said Martin Veitch, editorial director at IDG Connect. IDG Connect and Pulse Secure will share research findings in a webcast entitled ‘State of Enterprise Secure Access – Issues, Initiatives and Tech,’ on June 13 at 7 a.m. PT / 10 a.m. ET / 2 p.m. GMT. Authorisation access controls 61% of respondents indicated modest confidence in their security processes The survey found the most impactful incidents were contributed by a lack of user and device access visibility and lax endpoint, authentication and authorisation access controls. Over the last 18 months, half of all companies dealt with malware, unauthorised/vulnerable endpoint use and mobile or web apps exposures. Nearly half experienced unauthorised access to data and resources due to insecure endpoints and privileged users, as well as unauthorised application access due to poor authentication or encryption controls. While a third expressed significant confidence, 61% of respondents indicated modest confidence in their security processes, human resources, intelligence and tools to mitigate access security threats. Device configuration compliance The survey revealed the top access threat mitigation deficiencies: Defining app, data and resource access and protection requirements Defining, implementing and enforcing user and device access policy Provisioning, monitoring and enforcing BYOD and IoT device access When survey participants were asked what they perceive as their largest operational gaps for access security, the majority identified hybrid IT application availability; user, device and mobile discovery and exposures; weak device configuration compliance; and inconsistent or incomplete enforcement. Correspondingly, the participants stated that their organisations are stepping up their access security initiatives: 48% improving endpoint security, remediation prior to access 46% enhancing IoT discovery, isolation and access control 44% fortifying network and cloud access visibility and resource segmentation Software defined perimeter Larger companies have about 30% more tools than smaller enterprises The cited incidents, threat mitigation deficiencies and operational gaps are among reasons for the interest in a Zero Trust approach for access security. A Zero Trust model authenticates, authorises and verifies users, devices, applications and resources no matter where they reside. It encompasses proving identity, device and security state before and during a transaction; applying a least privilege access closest to the entities, applications and data; and extending intelligence to allow policies to adapt to changing requirements and conditions. Adding to management complexity, the report also found that organisations employ three or more secure access tools per each of 13 solutions presented in the survey. Larger companies have about 30% more tools than smaller enterprises. Correspondingly, nearly half of respondents were open to exploring the benefits of consolidating their security tools into suites. With the migration to cloud, one tool of interest cited by respondents as being implemented or planned over the next 18 months is Software Defined Perimeter (SDP). Secure access tool 91% of enterprises plan to increase secure access expenditure over the next 18 months; 30% anticipate an increase spend between 15% to 25% 44% of enterprises use data center in conjunction with public cloud, 30% in conjunction with private cloud, and 26% utilise all three delivery environments 46% of large enterprises prefer data center and private cloud; primarily preferred by financial services and U.K.-based companies 49% or more cited significant access incidents due to malware, unauthorised and vulnerable endpoint use and mobile and web app exposures - healthcare organisations experienced greater mobile and web app exposures 81% expressed gaps in hybrid IT application availability - financial services experienced the most business impact related to application availability 78% indicated need for greater visibility of users, endpoints and mobile devices; more evident in large enterprises and those in the DACH region 42% will focus on refining privileged user or service account-based access – a top priority in financial services and manufacturing 48% stated a willingness to explore secure access tool consolidation into suites 56% stated a project or pilot of Software Defined Perimeter technology over the next 18 months Over 38% of respondents outsource secure access capabilities to Managed Security Service Providers (MSSPs) with additional MSSP usage to grow 10% by 2021 Secure access priorities We are pleased to sponsor the 2019 State of Enterprise Secure Access Report" The independent research for the report, which offers key insights into the current access security landscape and the maturity of defences, was conducted by IDG Connect. Survey respondents included more than 300 information security decision makers in enterprises with more than 1,000 employees across U.S., U.K. and DACH regions, and covered key verticals including financial services, healthcare, manufacturing and services. “We are pleased to sponsor the 2019 State of Enterprise Secure Access Report. The independent research provides a useful litmus test for the level of exposure, controls and investment regarding hybrid IT access,” said Scott Gordon, chief marketing officer at Pulse Secure. “The key takeaway from this report is hybrid IT delivery has expanded security risks and necessitates more stringent access requirements. As such, organisations should re-assess their secure access priorities, capabilities and technology as part of their Zero Trust strategy.”
In the next three years, software as a service ‘SaaS’ is likely to grow by around 23%. That’s according to reports by Cognizance. It’s growth rests on the adoption of cloud public, private and hybrid. Without the cloud applications can’t truly pervade an organisation, nor can operational or customer benefits be derived. But there’s no point in adopting the cloud if it’s not secure - the proliferation of SaaS demands security, none more so in a GDPR world. Large cloud environment But modern applications are difficult to secure. SaaS based, web, mobile, or custom made all work on different platforms and frameworks. It’s a headache managing all the APIs needed to automate and sync tools. This introduces risk. The greater the number of apps the broader the attack surface and therefore the greater the chance there will be blind posts. Keeping up to date with updates and new security policies is never easy There are also added hazards. Applications are always changing. Keeping up to date with updates and new security policies is never easy, but especially hard in a large cloud environment. Failure to adopt changes puts the organisation and customers at further risk. But the biggest obstacle is keeping applications and APIs out of harm’s way. It’s a near on impossible task when attack methods and sources are constantly changing. More advanced threats To be specific there are four emerging challenges when it comes to protecting apps. Firstly, managing the good and the bad bots and spotting which is which, secondly securing APIs as IoT adoption intensifies, thirdly the relationship between securing apps and DevOps and ensuring ownership of security, and finally denial of service attacks that use newer tactics such as brute force. Basic security hygiene dictates that security teams refer to the OWASP Top 10. It’s considered the ‘ten commandments’ in security circles, providing a starting point for ensuring the most common threats and vulnerabilities are managed, detected and mitigated. Web Application Firewalls also come into the fray with guidance on testing for the ways hackers exploit vulnerabilities. However, though the basics are good to have in place, there are always more advanced threats to take care of. Bots being a big one. Bot management The more sophisticated bots will go as far as to mimic human behaviourAstonishingly about half of internet traffic is bot generated. Half of it is from bad bots. Discerning the good from the bad isn’t easy though and explains why around 80% of organisations can’t make a clear distinction between the two. Bad bots can do a lot of damage like take over user accounts and payment information, scrape confidential data, or hold up inventory and skew marketing metrics. The more sophisticated bots will go as far as to mimic human behaviour and bypass tools like CAPTCHA and even device fingerprinting based protection ineffective. Securing APIs Then there’s the complications derived from machine-to-machine and internet of things (IoT) communications. The more integrated ‘things’, the more data there is, the more events there are report on, and the more activity there is reliant on APIs to make the ‘things’ useful and agile. That’s what makes them a target and the threats to API vulnerabilities include injections, protocol attacks, parameter manipulations, invalidated redirects and bot attacks. There’s the risk that business will grant access to sensitive data, without inspecting nor protecting APIs to detect cyberattacks. There’s the risk that business will grant access to sensitive data, without inspecting nor protecting APIs to detect cyberattacks Denial of service (DoS) You might think there’s little to add to the swathes of denial of service warnings. Yet when businesses are still being targeted and feeling the ill effects it’s worth mentioning again that different forms of application-layer DoS attacks are still very effective at bringing application services down. Even the greatest application protection is worthless if the service itself can be knocked down This includes HTTP/S floods, low and slow attacks (famous examples being Slowloris, LOIC, Torshammer), dynamic IP attacks, buffer overflow, Brute Force attacks and more. The IoT botnets are the culprits and have made application-layer attacks so popular that they have become the preferred DDoS attack vector. Even the greatest application protection is worthless if the service itself can be knocked down. Continuous security It may seem easy to say but for modern DevOps, agility is valued at the expense of security. We see time and again examples of where development and roll-out methodologies, such as continuous delivery, mean applications are exposed to threats each time they are modified. There’s no doubt it is extremely difficult to maintain a valid security policy and protect sensitive data in dynamic conditions without creating a high number of false positives. But we now find that this task has gone way beyond the capability of humans. Organisations now need machine-learning based solutions that map application resources, analyse possible threats, and create and optimise security policies in real time. Reaching this level in security planning should be a big wake-up call that security automation is an essential not a nice to have. Running security plans The board needs to know that investment is critical to protect their profits It’s critical that the security solution your company adopts protects applications on all platforms, against all attacks, through all the channels and at all times. The board needs to know that investment is critical to protect their profits. As such there are six things they need to know: Application security solutions must encompass web and mobile apps, as well as APIs. Bot management solutions need to overcome the most sophisticated bot attacks. DDoS mitigation must be an essential and integrated part of application security solutions. A future-proof solution must protect containerised applications, severless functions, and integrate with automation, provisioning and orchestration tools. To keep up with continuous application delivery, security protections must adapt in real time. A fully managed service should be considered to remove complexity and minimise resources. No amount of human power will beat the bots. That last point is the most critical. Skill is essential in designing and running security plans and policies that work. But the plans can’t be executed without automated tools. There are just too many decisions to make in a split second. Combining both is the path to an effective app protection strategy and a stronger brand to boot.
It’s not surprising that people are nervous about the security of newer technologies, many of which are part of the Internet of Things (IoT). While they offer greater efficiency and connectivity, some people still hesitate. After all, there seems to be a constant stream of news stories about multinational corporations being breached or hackers taking control of smart home devices. Both of these scenarios can feel personal. No one likes the idea of their data falling into criminal hands. And we especially don’t like the thought that someone can, even virtually, come into our private spaces. The reality, though, is that, when you choose the right technology and undertake the proper procedures, IoT devices are incredibly secure. That said, one of the spaces where we see continued confusion is around access control systems (ACS) that are deployed over networks, particularly in relation to mobile access, smartcards, and electronic locks. These technologies are often perceived as being less secure and therefore more vulnerable to attacks than older ACS systems or devices. In the interest of clearing up any confusion, it is important to provide good, reliable information. With this in mind, there are some myths out there about the security of ACS that need to be debunked. The fact that these devices communicate with an ACS via Bluetooth or Near Field Communication (NFC) leads to one of the main myths we encounter Myth #1: Mobile credentials are not secure The first myth we have to look at exists around mobile credentials. Mobile credentials allow cardholders to access secured doors and areas with their mobile devices. The fact that these devices communicate with an ACS via Bluetooth or Near Field Communication (NFC) leads to one of the main myths we encounter about the security of credentialed information. There is a persistent belief that Bluetooth is not secure. In particular, people seem to be concerned that using mobile credentials makes your organisation more vulnerable to skimming attacks. While focusing on the medium of communication is an important consideration when an organisation deploys a mobile credentialing system, the concerns about Bluetooth miss the mark. Bluetooth and NFC are simply channels over which information is transmitted. Believing that Bluetooth is not secure would be the same as suggesting that the internet is not secure. In both cases, the security of your communication depends on the technology, protocols, and safeguards we all have in place. So, instead of wondering about Bluetooth or NFC, users should be focused on the security of the devices themselves. Before deploying mobile credentials, ask your vendor (1) how the credential is generated, stored, and secured on the device, (2) how the device communicates with the reader, and (3) how the reader securely accesses the credential information. When you deploy smartcard technology as part of your ACS, you should choose the latest generation, such as MiFARE DesFIRE EV1 or EV2 and HID iCLASS SEOS Myth #2: All smartcards are equally secure The question “how secure are my smartcards?” is a serious one. And the answer can depend on the generation of the cards themselves. For example, while older smartcards like MiFARE CLASSIC and HID iCLASS Classic offer better encryption than proxy cards and magstripe credentials, they have been compromised. Using these older technologies can make your organisation vulnerable. As a result, when you deploy smartcard technology as part of your ACS, you should choose the latest generation, such as MiFARE DesFIRE EV1 or EV2 and HID iCLASS SEOS. In this way, you will be protecting your system as well as your buildings or facilities. Some traditional readers and controllers can also pose a serious risk to your organisation if they use the Wiegand protocol, which offers no security. While you can upgrade to a more secure protocol like OSDP version 2, electronic locks are a very secure alternative worth considering. It is also important to understand that not all smartcard readers are compatible with all smartcard types. When they are not compatible, the built-in security designed to keep your system safe will not match up and you will essentially forego security as your smartcard-reader will not read the credentials at all. Instead, it will simply read the non-secure portion—the Card Serial Number (CSN) —of the smartcard that is accessible to everyone. While some manufacturers suggest that this is an advantage because their readers can work with any smartcard, the truth is that they are not reading from the secure part of the card, which can put your system and premises at risk. Using electronic locks can help protect facilities and networks through various security protocols, including encryption and authentication Myth #3: Electronic locks are more vulnerable These days, there are still many who believe that electronic locks, especially wireless locks, are more vulnerable to cybercriminal activity as compared to traditional readers and controllers. The concern here is that electronic locks can allow cybercriminals to both access your network to get data and intercept commands from the gateway or nodes over the air that would allow them access to your buildings or facilities. The reality is that using electronic locks can help protect facilities and networks through various security protocols, including encryption and authentication. Additionally, because many of these locks remain operational regardless of network status, they provide real-time door monitoring. This means that many electronic locks not only prevent unauthorised access but also keep operators informed about their status at all times, even if a network goes down. Outdated technology and old analogue systems are more vulnerable to attacks When it comes to deploying electronic locks, it is important to remember that, like any device on your network, they must have built-in security features that will allow you to keep your information, people, and facilities safe. Be prepared to unlock future benefits Ultimately, the information in your IP-based ACS is at no greater risk than any other information being transmitted over the network. We just have to be smart about how we connect, transmit, and store our data. In the end, maintaining the status quo and refusing to move away from old technology is not a viable option. Outdated technology and old analogue systems are more vulnerable to attacks. The reason it is so important to debunk myths around ACS and, at the same time, get people thinking about network security in the right way is that network-based systems can offer an ever-increasing number of benefits. When we deploy new technology using industry best practices and purchase devices from trusted vendors, we put ourselves and our networks in the best possible position to take full advantage of all that our increasingly connected world has to offer.
With the coming of a New Year, we know these things to be certain: death, taxes, and… security breaches. No doubt, some of you are making personal resolutions to improve your physical and financial health. But what about your organisation’s web and mobile application security? Any set of New Year’s resolutions is incomplete without plans for protecting some of the most important customer touch points you have — web and mobile apps. Every year, data breaches grow in scope and impact. Security professionals have largely accepted the inevitability of a breach and are shifting their defense-in-depth strategy by including a goal to reduce their time-to-detect and time-to-respond to an attack. Despite these efforts, we haven’t seen the end of headline-grabbing data breaches like recent ones affecting brands such as Marriott, Air Canada, British Airways and Ticketmaster. App-level threats The apps that control or drive these new innovations have become today’s endpoint The truth of the matter is that the complexity of an organisation’s IT environment is dynamic and growing. As new technologies and products go from production into the real world, there will invariably be some areas that are less protected than others. The apps that control or drive these new innovations have become today’s endpoint — they are the first customer touch point for many organisations. Bad actors have realised that apps contain a treasure trove of information, and because they are often left unprotected, offer attackers easier access to data directly from the app or via attacks directed at back office systems. That’s why it’s imperative that security organisations protect their apps and ensure they are capable of detecting and responding to app-level threats as quickly as they arise. It’s imperative that security organisations protect their apps and ensure they are capable of detecting and responding to app-level threats as quickly as they arise In-progress attack detection Unfortunately, the capability to detect in-progress attacks at the app level is an area that IT and security teams have yet to address. This became painfully obvious in light of the recent Magecart attacks leveraged against British Airways and Ticketmaster, among others. Thanks to research by RiskIQ and Volexity, we know that the Magecart attacks target the web app client-side. During a Magecart attack, the transaction processes are otherwise undisturbed Attackers gained write access to app code, either by compromising or using stolen credentials, and then inserted a digital card skimmer into the web app. When customers visited the infected web sites and completed a payment form, the digital card skimmer was activated where it intercepted payment card data and transmitted it to the attacker(s). Data exfiltration detection During a Magecart attack, the transaction processes are otherwise undisturbed. The target companies receive payment, and customers receive the services or goods they purchased. As a result, no one is wise to a breach — until some 380,000 customers are impacted, as in the case of the attack against British Airways. The target companies’ web application firewalls and data loss prevention systems didn’t detect the data exfiltration because those controls don’t monitor or protect front-end code. Instead, they watch traffic going to and from servers. In the case of the Magecart attacks, the organisation was compromised and data was stolen before it even got to the network or servers. Today’s proven obfuscation techniques can help prevent application reverse engineering, deter tampering, and protect personal identifiable information and API communications Best practice resolutions The Magecart attacks highlight the need to apply the same vigilance and best practices to web and mobile application source code that organisations apply to their networks—which brings us to this year’s New Year’s resolutions for protecting your app source code in 2019: Alert The key to success is quickly understanding when and how an app is being attacked First, organisations must obtain real-time visibility into their application threat landscape given they are operating in a zero-trust environment. Similar to how your organisation monitors the network and the systems connected to it, you must be able to monitor your apps. This will allow you to see what users are doing with your code so that you can customise protection to counter attacks your app faces. Throughout the app’s lifecycle, you can respond to malicious behavior early, quarantine suspicious accounts, and make continuous code modifications to stay a step ahead of new attacks. Protect Next, informed by threat analytics, adapt your application source code protection. Deter attackers from analysing or reverse engineering application code through obfuscation. Today’s proven obfuscation techniques can help prevent application reverse engineering, deter tampering, and protect personal identifiable information and API communications. If an attacker tries to understand app operation though the use of a debugger or in the unlikely event an attacker manages to get past obfuscation, threat analytics will alert you to the malicious activity while your app begins to self-repair attacked source code or disable portions of the affected web app. The key to success is quickly understanding when and how an app is being attacked and taking rapid action to limit the risk of data theft and exfiltration. Protecting encryption keys is often overlooked but should be considered a best practice as you forge into the new year with a renewed commitment to app security to ensure your organisation’s health and well-being in 2019 Encrypt Finally, access to local digital content and data, as well as communications with back office systems, should be protected by encryption as a second line of defense, after implementing app protection to guard against piracy and theft. However, the single point of failure remains the instance at which the decryption key is used. Effective encryption requires a sophisticated implementation of White-Box Cryptography This point is easily identifiable through signature patterns and cryptographic routines. Once found, an attacker can easily navigate to where the keys are constructed in memory and exploit them. Effective encryption requires a sophisticated implementation of White-Box Cryptography. One that combines a mathematical algorithm with data and code obfuscation techniques transforming cryptographic keys and related operations into indecipherable text strings. Protecting encryption keys is often overlooked but should be considered a best practice as you forge into the new year with a renewed commitment to app security to ensure your organisation’s health and well-being in 2019. Protecting applications against data breach According to the most recent Cost of a Data Breach Study by the Ponemon Institute, a single breach costs an average of $3.86 million, not to mention the disruption to productivity across the organisation. In 2019, we can count on seeing more breaches and ever-escalating costs. It seems that setting—and fulfilling—New Year’s resolutions to protect your applications has the potential to impact more than just your risk of a data breach. It can protect your company’s financial and corporate health as well. So, what are you waiting for?
Nexkey says its mission is to disrupt the access control market and ‘change the way people experience access to physical places’. The startup is embracing the latest buzzword for access control – frictionless – while also enabling electronic access control for doors currently protected by mechanical locks. The system is simple with only three components – a controller, an electronic replacement lock core, and a smart phone app. The ‘controller’, a combined reader and access control panel, is used to connect to existing electric strikes, mag locks, electronic push bars and other hardware components at the door. It also communicates via Bluetooth with a smart phone credential. Users approach a door, choose the door they want to open in the app, and wait for the app to say ‘unlocked’. Replacing key cards and fobs with app Access rights are customised for each user, and doors can be unlocked remotely to allow a delivery guy or guest to enterThe electronic ‘core’ device can be switched out with existing mechanical lock cores to provide electronic access control in locks such as deadbolts, mortise locks, Euro-cylinders, levers and camlocks. It is compatible with 95 percent of mechanical locks, using a changeable tail piece to adapt to various configurations. The core communicates via Bluetooth with a smart phone credential that links to a cloud system. Users approaching a door open the app, tap the core, and wait for the app to say ‘unlocked’. A Nexkey goal is to ‘replace all keys, key cards and fobs with one app’. The Nexkey app recognises which ‘key’ goes to which door and reveals the right key as you approach. ‘Keys’ are created and access rights are assigned from a smart phone, using email addresses and phone numbers to verify identity. Temporary codes can be texted for one-time entrance for cleaning crews or contractors. Access rights are customised for each user, and doors can be unlocked remotely to allow a delivery guy or guest to enter the building. The Nexkey Portal provides a snapshot of system operation, who enters which door at what time, and logs that can be reviewed and downloaded for audit reports. Affordable access control systems for SMBs Nexkey is targeting the small- and medium-sized business (SMB) market, basically companies with 20 to 500 employees, which are looking for access control systems that are affordable and easier to manage. The Nexkey controller costs $999, and the core is $499. Monthly fees start at $15 to $29 per month per door, but the prices go down as additional doors are added. Nexkey is targeting the SMB market, which are looking for access control systems that are affordable and easier to manage Larger enterprises tend to want out-of-the-box integration with alarm systems and video, which Nexkey does not offer, so SMB is their “sweet spot,” says Eric Trabold, CEO. There is an API (application programming interface) that integrates with third-party applications. According to Nexkey’s customer surveys, 30 percent of customers say they bought Nexkey to have a simpler access control credential (a smart phone instead of a key, card or fob). Another 30 percent favour simplified management and quick access through the app. Some 17 percent like the ‘unified’ experience to manage shared, single and multiple workspaces using smartphone credentialing and a cloud-based system. Involving security dealers and integrators Nexkey announced a ‘dealer program’ at the recent ISC West trade show in Las Vegas, and interest was highIn the early days, Nexkey looked to work directly with businesses to foster communication and to gain understanding of how the product can best be deployed. Having gained that insight, the ‘next level’ is to engage security dealers and systems integrators to install the system, says Trabold. Nexkey announced a ‘dealer program’ at the recent ISC West trade show in Las Vegas, and interest was high. Trabold says 134 integrators/dealers sought to engage. In coming weeks, the company will be finalising that program, enhancing the dashboard to enable dealers to manage the system on behalf of their customers, for example. “We will be looking at how we can go from that amazing level of interest to being actively engaged with partners in the channel,” says Trabold. Using NPS to measure product quality Nexkey uses the Net Promoter Score (NPS) as a benchmark for how well the product is accepted in the marketplace. NPS measures the quality of a product by analysing how likely customers are to recommend it to a friend or colleague. As an example, Apple currently has an NPS of 65%. In comparison, Nexkey has achieved a score of 60 percent, and is looking to improve it even more. “A year from now, we want to get the same positive feedback from our dealer/integrator community,” says Trabold. “That’s the challenge, engaging with partners and scaling the business forward. We still have work to do.”
There are many new technologies at ISC West this year. There are also some tried-and-true solutions on display. More mature products have the benefit of being fully vetted and battle-tested, which may make them a more comfortable choice for security customers. I had a couple of discussions on Day 2 of the show about the advantages, and possible drawbacks, of new products. “To a security director, when you say ‘new,’ he translates that into ‘risk,’” says Bill Spence, VP of Sales, U.S., Canada and Western Europe for HID Global’s Lumidigm biometrics brand. “Anytime you say new, there is a probability of risk. The key is to educate. Education quantifies risk, and an educated customer can make an intelligent decision about risk versus reward.” “We have to take customers from where they are to help them understand new technologies,” says Spence. “We must give them a bridge to that understanding, and education is the bridge.” Lumidigm biometrics integrations An app provides graphics that take installers step-by-step through the installation process HID Global is incorporating Lumidigm biometrics into the new iClass SE RB25F fingerprint reader being highlighted at the show. Two-factor authentication can use either a card or mobile credential along with biometrics; there is no latency; and templates can be stored on a card. Another new offering at the HID Global booth is an augmented reality tool to simplify installation of newer systems that incorporate the more secure OSDP protocol. An app provides graphics that take installers step-by-step through the installation process. Also highlighted at the HID Global booth — and at the booths of turnstile manufacturers throughout the show — are embedded readers that provide tested and certified mobile access control for turnstiles. IClass SE technology is embedded in the iRox-T Turnstile Reader from Essex Electronics. Innovative security technologies There’s a delicate balance at any trade show between creating excitement about new products and educating customers to be comfortable with new technologies. There is some of both at ISC West 2019. In the future, hardware will be a delivery device, not the core of systems “We are on the cusp of change in the industry, and it’s closer than ever,” says Jennifer Doctor, Johnson Controls’ Senior Director, Project Management - Intrusion. “We will see the impact of promised technologies that will come from other industries, such as artificial intelligence. The very definition of security is changing. We are an industry that needs to be risk-averse, and we need to prove out the technology. There is innovation, but we just need to make sure technologies are what the market wants and expects.” “In the future, hardware will be a delivery device, not the core of systems, which will come from intelligence in the software and from services,” she adds. “The products we deliver will enable that.” Have 30 percent of service companies in the U.S. security market jumped into the cloud? PowerSeries Pro intrusion portfolio Johnson Controls is highlighting the commercial PowerSeries Pro intrusion portfolio, which features PowerG encrypted technology that enables wireless systems that are cyber-secure. The cloud is coming on strong, and one company finding success in cloud systems is Eagle Eye Networks, which has seen 93% compounded annual growth over the past three years. Economies of scale have enabled them to lower subscription prices by 35%, with an extra 10% decrease for customers that pay annually. Ken Francis, President of Eagle Eye Networks, says they are signing up 50 new dealers a month for the cloud video offering. Francis estimates that 30 percent of service companies in the U.S. security market have jumped into the cloud “It’s really heating up,” says Francis. “The general cloud is driving increases in the surveillance cloud.” Jumping to cloud Embracing the cloud and recurring monthly revenue (RMR) requires that dealers transform their businesses to ensure success. Francis says dealers should dedicate sales resources to cloud offerings rather than expect everyone to sell the cloud, and there should be a base commission plan on RMR services in lieu of upfront project fees. March Networks is also showing integration of video with the Shopify cloud-based point-of-sale (POS) system “Talk to professionals about your cash flow and understand how to capitalise on financing partners to ensure cash flow while investing in the RMR stream,” he adds. “And look for ways to reduce your costs to serve the customer base as your RMR increases.” For example, use of remote site diagnostics, configuration and support can avoid the need for expensive “truck rolls” that can undermine profitability. Francis estimates that 30 percent of service companies in the U.S. security market have jumped into the cloud. Alarm companies, which are accustomed to the RMR model, are generally ahead of the curve, while traditional security integrators are lagging. “It’s a requirement to change or die,” he notes. Insight hosted managed service Also, in the area of managed services, March Networks is highlighting its Insight hosted managed service that can provide instant information on video systems located at remote sites, including visibility into firmware versions, camera warranty information, and cybersecurity status of systems. The ability to dive deeply into system status empowers a new recurring revenue stream for integrators. Color-coded icons summarise system status and show pending issues and clicking on the icons provides detailed workflow information. The system can also be offered for smaller systems such as those at convenience stores and quick-serve restaurants. March Networks is also showing integration of video with the Shopify cloud-based point-of-sale (POS) system. The integration enables managers to evaluate POS information, especially anomalies, to determine possible employee theft and other shrinkage issues.
Recent technology advances – from the cloud to artificial intelligence, from mobile credentials to robotics – will have a high profile at the upcoming ISC West exhibition hall. Several of these technologies were recently designated by the Security Industry Association as the Top 8 security technologies for security and public safety. Some of them will also be a focus at the ISC West conference program, SIA Education@ISC, April 9-11 at the Sands Expo Center. This article will highlight some of those conference sessions. Topic: Cloud Systems and Video Surveillance as a Service (VSaaS) Managed Video Services are saving TD Bank $500K annually, April 9, 2:45 to 3:45 p.m. Why TD Bank decided to roll out a managed services solution, what it took to deploy and how the bank is saving an astounding $500,000 annually. IT 4.0 and Video Surveillance: A Guide to the New Terminology and What It Means to You and Your Customers, April 11, 1:15 to 2:15 p.m. How IT 4.0 can enhance or change video surveillance, and consequently deliver additional value to customers, including explanations of terms such as cloud data centers, personal clouds, the edge, IoT sensors and data analytics. One of the sessions to cover how IT 4.0 can enhance or change video surveillance, and consequently deliver additional value to customers Topic: Artificial Intelligence (AI) In Video and Other Systems The Challenges and Opportunities of AI in Physical Security, April 10, 3:45 to 4:45 p.m. Looking toward what the future may hold for AI in physical security; the challenges and opportunities the technology has created; and how participants can leverage AI and machine learning with existing customers to grow their business. Deep Learning Demystified: Next-Generation AI Applied to Video, April 11, 9:45 to 10:45 a.m. Dispelling the myths of the terms “deep learning” and “artificial intelligence,” and what the technologies can do in practical terms. Modern cameras find and identify faces and vehicles, analyse behavior and organise and control assets Neural Processing and Smart Cameras, April 9, 8:30 to 10 a.m. Deep learning-capable hardware is evolving at a frantic pace, and GPU and NPU (neural processing unit) co-processors are commonly embedded in cameras and video management systems. Modern cameras find and identify faces and vehicles, analyse behavior and organise and control assets. Analytics in the Video Central Station: Proper Deployment, Programming and Configuration to optimise operational and cost efficiencies, April 11, 3:45 to 4:45 p.m. How analytics plays a critical role in reducing alarm traffic in a central station environment, allowing them to save money and realise other operational and performance efficiencies. Topic: Robotics and Autonomous Devices Robotic Aerial Security – Growth Trends and Best Practices, April 10, 11 a.m. to noon The lion’s share of growth in the robotic aerial security sector will come from autonomous systems and changing FAA regulations will soon allow companies to monitor and secure remote facilities with no human guards present. Racing drones are difficult to detect as they do not use GPS or radio frequency signals to identify the location of other devices How to Adapt to Address Drone Security, April 11, 1:15 to 2:15 p.m. Drone industry professionals and a physical security design engineer will cover the realistic applications of drone systems and counter-drone solutions that can protect organisations and facilities. Next Generation Threat: Racing Drones, April 11, 2:30 to 3:30 p.m. Racing drones are difficult to detect as they do not use GPS or radio frequency signals to identify the location of other devices. This session will identify the potential risks these drones can pose to facilities, special events, and critical infrastructure. Establishing a Corporate Drone Program, April 10, 9:45 to 10:45 p.m. Is a corporate drone program an appropriate addition to an existing security program? How to understand and navigate the regulatory challenges and processes associated with starting up a commercial-use drone program. The Rise of Intelligence in Physical Security, April 11, 9:45 to 10:45 a.m. “Intelligence” incorporates a variety of subdomains from artificial intelligence to machine learning and contextual analysis. It is rapidly becoming a focus in the realm of IT security – and increasingly in the realm of physical security, too. Changing FAA regulations will soon allow companies to monitor and secure remote facilities with no human guards present Topic: Mobile Credentials Finding Their Place in Access Control How Biometrics Are Enabling the Convergence of Physical and Information Security, April 10, 1:45 to 2:45 p.m. At the center of convergence is one crucial building block: strong irrefutable identity powered by biometrics. Driving the Future: How Interoperability Standards in Access Control Can Enable Smart Building Success, April 9, 1:30 to 2:30 p.m. Growing user demand is driving new open platform approaches and the adoption of interoperability standards Growing user demand for unfettered and unlimited third-party integrations is now driving new open platform approaches and the adoption of interoperability standards. They are changing the dynamic of access control and its role within the smart building environment. Topic: Facial Biometrics in Professional Solutions How Biometrics Are Enabling the Convergence of Physical and Information Security, April 10, 1:45 to 2:45 p.m. Securing workstations, virtual desktops, turnstiles, front doors, mobile devices and more, biometric authentication is helping enterprises and governments worldwide to realise a more secure future. Topic: Voice Control in the Smart Home Environment Delivering the Smart Home of the Future, April 11, 3:45 to 4:45 p.m. With the proliferation of connected smart devices, including voice control devices, consumers have a growing array of options for defining what their Smart Home experience could be.
Frequentis was selected for phase two of the modernisation and standardisation of control centre technology (Program MVL) for the police in the German state of North Rhine-Westphalia (NRW). NRW police selected the Frequentis multimedia communication platform, 3020 LifeX, to meet the requirements for future emergency call and broadband radio communications. Phase one of the modernisation project was carried out by Thales Deutschland GmbH. To prepare for future multimedia emergency call and broadband radio communications, the NRW police selected Frequentis AG for the continuation of the modernisation. Reliable technology partner The intensive and successful cooperation between Frequentis and Thales over the last two years – as well Frequentis’ previous success completing the project ‘digital radio concentrator’ – convinced the NRW police that Frequentis was a reliable technology partner. NRW is the largest police organisation in Germany, covering 50 police authorities NRW is the largest police organisation in Germany, covering 50 police authorities which ensure the protection and security of a population of approximately 18 million. To cope with this challenging task, and to live up to its self-acclaimed title as the most innovative police force in Germany, the NRW police relies on forward-thinking technologies for state-of-the-art control centre solutions that will meet future demands of the service. Multimedia communication platform Phase two of the program MVL includes 50 police control centres with approximately 400 operator working positions. In the future, these will be hosted in a virtual cloud-based solution available in five networked technical centers across the region. The Frequentis multimedia communication platform, 3020 LifeX, will ensure efficient emergency call handling and operation on the public safety digital radio network as well as the interconnection of both channels. “We are very proud to be able to continue to work with, and deepen, our long-term cooperation with the North Rhine-Westphalia Police Department, helping them to achieve their goals for innovation. We see this customer as a very important strategic partner.” Norbert Haslacher, CEO Frequentis AG.
At the University of Tennessee, Knoxville, the Technology Integration Services department provides infrastructure, customer service and web application support to the faculty, staff, students, and units of the College of Business. Its focus is to facilitate the use of the campus infrastructure and support while adding complementary infrastructure and services to meet the unique needs of the college. The college took a very innovative approach to operating and securing its 174,000sq ft state of the art Haslam Business Building. The technologically advanced facility incorporates over 40 meeting rooms and needed a way to efficiently schedule and fill classrooms and conference space, yet maintain security and control. Physical access control CSC identified the Gallagher security management platform as the best fit for the foundation of the system The university had previously used an antiquated access control and security system across the campus, and realised it did not meet the demands of this new high-tech facility. Ramsey Valentine, Director of Technology for the College of Business, turned to WWR Engineering of Knoxville, and Coactive Systems (CSC) of Canton, Ohio to design and deploy a state-of-the-art integrated security business solution. The difficulty involved in deploying this solution was that certain components, like physical access control, were readily available, but other components such as digital signage information kiosks and the integration of all components of the system, were not off-the-shelf. CSC’s Brad Green and John Kortis worked with Director Valentine to understand the college’s specific needs and develop a solution that exceeded their expectations. CSC identified the Gallagher security management platform as the best fit for the foundation of the system. Application programming interface Gallagher systems are installed in approximately 90 percent of Australia’s and New Zealand’s universities. With proven strength in the tertiary market internationally, the Gallagher system was selected because of its open architecture, application programming interface, and published software developer’s kit. CSC also teamed with the local office of Simplex Grinnell. Led by Mitch Hall, Simplex was the contractor responsible for the assembly and installation of the Gallagher security system and the kiosks provided by CSC. WWR was responsible for the engineering drawings and interface to the existing security systems. The College utilises Meeting Room Manager from NetSimplicity for room scheduling; CSC created an integration from Meeting Room Manager with Gallagher Command Centre software. CSC also designed and custom manufactured the 42 kiosks that the college uses at each classroom and in meeting room areas. Door position switches Use of the kiosk requires a valid access card carried by all students and faculty The kiosks are the user-interface to the ‘system’ for room access and scheduling. Use of the kiosk requires a valid access card carried by all students and faculty. Each touch-screen kiosk contains digital signage showing the classroom name and detailed information about the room schedule and its status. Users can also access current weather, news, and stock information via the touch screen. The kiosk may be programmed to display emergency messages and egress data if needed. The kiosks are connected to the college’s network on which Gallagher Command Centre resides. The Gallagher system controls and monitors the door functionality including electric lockset and door position switches. Meeting Room Manager is utilised by staff to schedule rooms for classes and assign students via the campus intranet. Gallagher server and controller application programming interfaces extend the functionality and flexibility of the Gallagher system as the platform for integration. Providing technology solutions Utilisation of the integrated system provides continuous communications security and access control for the college, while allowing students unencumbered access to the meeting rooms and classrooms. Gallagher would like to acknowledge the support of the University of Tennessee and their security partners Coactive Systems of Canton and Simplex Grinnell, Knoxville in the development of this in-site study. CSC is a full service IT integration company providing technology solutions for audio, video, data, voice, dispatch, asset management, inventory, kiosks, security, communication, insurance, retail and medical systems. CSC’s services include custom software development, system installation, maintenance and cabling. Photos reproduced with permission from University of Tennessee.
Everbridge, Inc., the global pioneer in critical event management, announced that it has been awarded a multi-year contract to support the deployment of Australia’s next-generation national early warning system. In combination with Australia’s major telecommunications companies, the Everbridge Public Warning solution will be used to power Emergency Alert in Australia, providing population-wide alerting to help reach the country’s over 25 million residents and approximately 9 million annual visitors. If residing within an area where a sudden, critical event occurs such as fire, extreme weather or a terror attack, residents and visitors to Australia will receive location-based SMS notifications on their mobile phones, in addition to smart phone mobile app notifications and fixed line voice alerts, among other modalities. Supports first responder communications Everbridge Public Warning leverages telecom infrastructure to reach everyone within a geographic area Everbridge Public Warning leverages existing telecom infrastructure, with no opt-in required, to reach everyone within a geographic area to reduce disaster risk, support first responder communications, and analyse disaster communication effectiveness for subsequent mitigation activities. “Our Public Warning solution enables government organisations and public safety agencies to immediately connect with every person in an affected area during a critical event regardless of nationality, residency or mobile telephone handset type,” said Jaime Ellertson, Chief Executive Officer and Chairman of Everbridge. “Australia has served as a model example for population-wide alerting and emergency preparedness over the past decade, and we are honoured to support them on the evolution of their national system.” The next-generation system is scheduled to become operational in 2020.
Everbridge, Inc., the global pioneer in critical event management software that helps keep people safe and businesses running, announced that its mass notification solution will be used to power alerts for Nashville and Davidson County, Tennessee in times of emergency. The Metro Emergency Alert & Notification System (MEANS) will deliver safety instructions via cell phone, landline, and SMS for localised emergencies such as flooding, public health emergencies or active shooter situations. “This is an important way for us to keep the community updated on incidents happening in Nashville and Davidson County,” said Chief William Swann, Director, Nashville Fire Department. “The Everbridge system will be leveraged by Metro Government to communicate directly to the public. Residents and visitors can feel confident that when they receive alerts, they are getting accurate information straight from a Metro public safety agency.” Everbridge Mobile App delivers alerts to cell phones based on a user’s physical location during emergency Receiving alerts on cell phones Metro officials also urge residents to download the Everbridge Mobile App, which brings the added security of delivering alerts to cell phones based on a user’s physical location at the time of an emergency. “The Everbridge app provides Metro with a key alerting capability because it enables us to send safety instructions to residents who happen to be in the vicinity of an emergency in real time,” said Department of Emergency Communication’s Director Michele Donegan. Nashville joins a growing list of America’s largest cities, counties, and entire states that have rolled out the Everbridge platform including the cities of New York, Philadelphia, New Orleans, Atlanta, Houston, Phoenix, San Francisco, Tampa, and Washington, DC; hundreds of counties including Napa, Sonoma, Ventura, Miami-Dade, Palm Beach, Cook, Harris, and Maricopa; and the states of Florida, Connecticut, Vermont, and New York.
As increasing digital engagement powers forward in the hospitality industry, SALTO Systems has joined forces with the KeezApp technology platform to offer hotels an unrivalled guest experience. Property management systems The KeezApp platform provides a range of solutions for any property that hosts guests and is able to integrate with most PMS (Property Management Systems) on the market. Guests can check in from anywhere, receiving a virtual key straight to their smart phone and getting an alert when their room is ready for occupation. The front desk is then alerted when the guest has used the mobile key to enter their room even for doors equipped with offline electronic locks. The virtual app provides for access to all permitted areas of the hotel during their stay and when the time comes to check out, guests can again use KeezApp removing the need to queue at reception. KeezApp – SALTO software integration KeezApp has implemented JustIN Mobile key access technology and interfaced it with SALTO front desk management software ProAccess SPACE Additional tools include live chat with the front desk. This provides a better, more efficient way for guests to talk and interact with the front desk whether they are in the hotel or out and about. Guests can also choose different departments to contact such as reception, concierge, housekeeping or room service depending on their needs. KeezApp has implemented JustIN Mobile key access technology and interfaced it with SALTO front desk management software ProAccess SPACE. SALTO Hospitality add-ons include functionalities such as mobile keys (BLE), group check-in; real-time re-rooming and real-time extended stay. These plus other key hotel features make it easy to control all the offline and online rooms and back-of-house doors from different front desk guest workstations. SALTO electronic locks Both companies are driven by the opportunity for hotels to provide a superior guest experience to their clients, whether by offering mobile functionalities or superior management standards like quick check-in and check-out, online billing, live chat with reception, housekeeping and concierge or auto Wi-Fi connection for guests. SALTO welcomes new partnerships with industry leaders like KeezApp that will result in improved hospitality management and the guest experience. SALTO also continuously adds integrations with other technology providers so that those in the hospitality industry have a choice when it comes to which platform, they use to control SALTO’s robust line of electronic locks and supporting products.
The retail industry is constantly looking to find new ways to be relevant in the ever-increasing shadow of online shopping. Researchers have predicted a 17.5 percent growth in the ecommerce share of global retail sales in 2021, rising from 13.7% in 2019. When designer brand Miniso opened new shops in Poland, they used Hikvision technology to give them the edge. The management team at Miniso had a number of specific questions they needed answers to in order to make the stores successful in the cut-throat high street environment. Best-selling products They resorted to sending people to individual stores to manually count the people – a very time-consuming and costly exercise How do we know if our marketing strategy is working? What is the conversion rate of purchases? What are the ‘hot areas’ of the store, and do these actually represent best-selling products? Originally, with no access to significant information, they relied on experience and conversation with staff. But there was no way to verify these findings. They also needed to be able to get this information remotely – i.e. management in their HQ in Warsaw wanted to be able to see the situation in the other four stores without having to visit them separately. Sometimes, they resorted to sending people to individual stores to manually count the people – a very time-consuming and costly exercise. Tailor-made solution Miniso turned to Hikvision AI products, with a solution built by Polish reseller Volta, including people counting cameras, fisheye cameras and NVRs. These were all coordinated using the HikCentral software platform. A people counting camera in each store counts people passing by, while another counts people entering and leaving. With this tailor-made solution management could calculate how many people were passing by to see a purchasing conversion rate. This also helps them to know whether marketing strategy is working. They can analyse the information further to see whether the rate of people entering the store is dropping, and whether that relates to the number of those passing outside. Miniso’s management can then look into the causes of these numbers, along with sales figures, to form a picture. For example, whether there is an external factor affecting shoppers either to pass by, or to enter. Video management platform The professional video management platform allows managers to access the information from different offices and mobile applications anywhere Because Miniso have the same technology set up in all the stores in Poland, they can compare different locations. This also comes in useful when it’s time to negotiate rent with shopping malls. Using ceiling installation of several fisheye cameras, the system can generate heat maps. This helps managers to see where ‘hot areas’ are, helping them to allocate products in the optimal place for promotion. Hot areas can also be compared with sales figures to provide further insights into shopping patterns. All the information provided by the system is coordinated, and business information on both layout and original image can be overlaid in Miniso’s HQ in Warsaw. The professional video management platform allows managers to access the information from different offices and mobile applications anywhere. This makes life a lot easier for the operations team as they need to check the situation in all stores. Fiercely competitive environment It also means that everything can be viewed simultaneously, so they can identify trends throughout the network of stores. Byron Zeng, Vice President of Miniso Poland, says: “The high accuracy of conversion rate the solutions provides really solves a number of our management issues. We can now easily see what’s going on in the other stores, including heat mapping, which makes management of the whole networks so much more efficient.” This is a great example of how AI surveillance products can change the landscape of business decision-making. In a fiercely competitive environment, like a shopping mall or high street, shopping trend data can help a retailer to survive. In fact, this worked so well for Miniso, they decided to use the solution in their stores across the whole of Europe – potentially about 200 stores in the next year.
Round table discussion
What is a business, or an industry, but a collection of people and the results of their work? People make all the difference in the destiny of a business or industry. And the people involved in a business reflect the impact of demographic changes – and the passage of time. The security industry has been largely built by Baby Boomers, who are getting older and increasingly stepping aside to make way for younger folks. We asked this week’s Expert Panel Roundtable: Is there a “new generation” of employees and managers entering the physical security marketplace, and what will be the impact?
The year ahead holds endless promise for the physical security industry, and much of that future will be determined by which technologies the industry embraces. The menu of possibilities is long – from artificial intelligence to the Internet of Things to the cloud and much more – and each technology trend has the potential to transform the market in its own way. We tapped into the collective expertise of our Expert Panel Roundtable to answer this question: What technology trend will have the biggest impact on the security market in 2019?
The new year 2019 is brimming with possibilities for the physical security industry, but will those possibilities prove to be good news or bad news for our market? Inevitably, it will be a combination of good and bad, but how much good and how bad? We wanted to check the temperature of the industry as it relates to expectations for the new year, so we asked this week’s Expert Panel Roundtable: How optimistic is your outlook for the physical security industry in 2019? Why?