Network / IP security

It seems like every day there is another school or public shooting incident in the US. It dominates the news and has become a point of stress and fear for many Americans. According to the US Department of Justice Federal Bureau of Investigation, in 2018 alone, there were 27 incidents across 16 states resulting in 213 casualties. There is a great deal the security industry can do to prevent such violent incidents and preserve life. Protection layers In general, protection should be built in layers focusing on the outer perimeter, the building perimeter (entry points) and interior spaces. Electronic access control can provide preventive measures to reduce access in these layers Electronic access control can provide preventive measures to reduce access in these layers. In fact, the National Training School’s Electronic Access Control 14-hour online course has been recently updated with active shooter preparedness in mind. Building security In commercial buildings, this entails having different levels of access throughout the building to prevent individuals from going where they shouldn’t. All visitors should be directed to a single monitored entry point, preferably an area that restricts access to the rest of the building. Security access can be restricted to certain times of day to prevent employee access to the building when they should not be there. Temporary badging should provide limited and timed access that automatically disables when no longer needed. Implementing electronic access control When implementing electronic access control or any security system, installers need to work with the owner and authorities to develop policies and procedures for building lockdowns and evacuations. They can then work to create secure paths of exit. Even in public access buildings, many of the same requirements could be applied and buildings could use alarms to engage added security in the event of a shooter. Life safety systems When designing systems, installers will need to work with the local Authority Having Jurisdiction (AHJ) to ensure that they do not create additional life safety concerns, especially as it relates to fire. Imagine having the ability to limit a shooter’s access to other parts of a building and restrict how they move When creating secure exit paths, installers will likely need to provide egress access to all doors to allow emergency exit. Also, most AHJs will require a Knox Box, or something similar, to provide keyed access for emergency responders. When designing access control systems to be secure, always remember code states, ‘No Special Knowledge Required.’ - NFPA 101, 7.2.1.5.3 [‘18] -IBC 1010.1.9 [‘18] Limiting shooter access Imagine having the ability to limit a shooter’s access to other parts of a building and restrict how they move. This could give individuals what could be lifesaving extra moments. As an industry, we should keep these ideas in mind as we tackle security scenarios for job proposals and design. ESA’s National Training School has updated its online Electronic Access Control course — a 14-hour course, followed by a two-hour examination, providing broad training and information to successfully design and install electronic access control systems.

Genetec Inc., globally renowned technology provider of unified security, public safety, operations, and business intelligence solutions, has announced that it is now offering multiple FICAM-(Federal Identity, Credential, and Access Management) certified options for its Security Center Synergis access control system. Personal Identity Verification In a market that has been traditionally weighed down by limited solutions that are often proprietary, these new options offer non-proprietary, open-architecture choices to efficiently validate Personal Identity Verification (PIV and PIV-I) for federal employees and contractors. By unifying all systems in the Security Center Synergis platform, security teams can better mitigate risks" “Older physical security technology no longer meets federal standards or complies with the latest regulations, that’s why government agencies are looking to modernise their operations. By unifying all systems in the Security Center Synergis platform, security teams can better mitigate risks, increase operator efficiency and reduce cybersecurity efforts all while remaining compliant with the latest FIPS standards” said Justin Himelberger, Enterprise Systems Business Development Manager—Federal & DOD at Genetec. Genetec offers two FICAM-certified options: Onboard authentication using Mercury LP4502 controller: Ideal for new installations, this option is an efficient and cost-effective approach to achieving FIPS 201 compliancy. By embedding pivCLASS authentication firmware into a Mercury LP4502 controller, users reduce their hardware expenditure and benefit from a speedy authentication process. Authentication using HID PAM: Ideal for retrofits, customers can upgrade their existing systems by adding a dedicated pivCLASS Authentication Module (PAM) from HID to their installation. Genetec – Mercury Security partnership “Genetec and Mercury Security have been close partners for years and we are pleased to offer our US Federal market customers FICAM-compliant solutions that are nonproprietary and based on an open-architecture. The Mercury LP4502 controller with Genetec Synergis access control system enable customers to comply with the most stringent access and identity federal standards with the minimum amount of disruptions,” said Matt Barnette, President of Mercury Security.

IronYun, an AI-based video surveillance software company and Razberi Technologies, an open-platform video surveillance hardware company entered into a technology partnership, marking a turning point for IronYun’s physical security video surveillance solutions. With the introduction of IP cameras, physical security has become a strain on network bandwidth. Security response times can mean the difference between life or death. The technology required to store and quickly retrieve 4 mega pixel video used to identify threats, would not be possible without a high-quality surveillance storage server like Razberi Core. Razberi Core is IronYun’s technology solution for industries that require centralised video recording, hardened server-class appliances, and cybersecurity protection. Some of IronYun’s most demanding security customers are within government and military industries. Partnership to benefit customers We are excited to include Razberi’s video recording products in IronYun’s portfolio of video surveillance solutions"The next generation artificial intelligence video surveillance software company, IronYun, will begin deploying their video surveillance solutions with Razberi Core’s server storage hardware in Q3 of this year. Many of IronYun’s customers stand to benefit from the technology partnership. Razberi’s physical security video storage solution paired with IronYun’s artificial intelligence video surveillance software is pending deployment in smart city projects utilising centralised recording networks. “IronYun invests heavily in R&D and secures our intellectual properties, working hand in hand with industry leaders like Razberi Technologies,” said Paul Sun, CEO, IronYun. “We are excited to include Razberi’s centralised video recording products in IronYun’s portfolio of video surveillance solutions and anxious to deploy in smart city projects.” Enables real-time alerts for use cases The combined solution best equips end users to safeguard their facilities with the least amount of manual effortRazberi’s open platform configuration makes it easy for companies like IronYun to deploy Core units into a centralised video network in a plug-and-play fashion. Paired with IronYun’s high-accuracy AI video analytics, the solution eliminates false alarms, enables real-time alerts for various use cases, and decreases search and monitoring time to only seconds, which help business and investigators proactively respond in all situations. The combined solution best equips end users to safeguard their facilities with the least amount of manual effort. “IronYun has been a great partner,” commented Will Melendez, VP of Sales, Razberi Technologies. “We are proud to work closely with them on a variety of projects and utilise their expertise in AI video surveillance.”

Boon Edam Inc., a pioneer in security entrances and architectural revolving doors, announces they are emphasising the theme of tailgating mitigation and integration in booth #1103 at the GSX (formerly ASIS) exhibition in Chicago, Illinois from September 10-12. GSX is an annual event that brings together over 20,000 participants from across the security profession for a week of networking, educational opportunities and discovering the latest security solutions. Boon Edam is also the official turnstile sponsor of the show. Appropriate entrance solution Security entrances coupled with access technologies provide a complete solution Access technologies, such as card readers and biometric devices, are critical for controlling entry to secure areas within a building. However, these solutions are only effective at mitigating tailgating when coupled with the appropriate entrance solution. Swinging doors do not stop one authorised person from opening the door and then holding it open for a number of others. Security entrances coupled with access technologies provide a complete solution that ensures only one person can enter per valid authorisation. The following solutions will be on display in Boon Edam’s booth: Lifeline Speedlane Swing Optical Turnstile: The industry’s slimmest optical turnstile will feature a custom, integrated pedestal that incorporates the MorphoWave™ touchless fingerprint technology from IDEMIA. This solution enables high throughput with the enhanced security of rapid biometric identification, all in a stylish, cohesive design. New! Lifeline Boost Access Control Pedestal: The Boost is a brand new, stylish access control pedestal designed by Boon Edam to complement the popular Lifeline optical turnstile series. The Boost will include the latest version of Essex’s credential card reader, now with optical Bluetooth and OSDP capability, the iRox-T with BLE expands for HID Global’s Mobile Access solutions. Tourlock 180+90 Security Revolving Door: The entrance of choice for the Fortune 500, the Tourlock will feature an AMAG Symmetry card reader to demonstrate access control integration paired with the door’s uniquely high, bi-directional throughput and its ability to prevent tailgating and piggybacking without manned supervision. Circlelock Mantrap Portal: Offering the highest level of security available in an entrance, the Circlelock security portal prevents intrusion into the most sensitive areas such as data centers. The portal will be configured to demonstrate two-factor authentication: an AMAG Symmetry card reader on the outside of the portal conducts the initial authorisation, while facial recognition provides instant authentication inside the portal. The secure, edge-based facial recognition access control device by Alcatraz, called the Rock, can also be experienced at their booth (GSX booth #1047). BoonConnect Software: An IP-addressable, proprietary software system providing diagnostic and configuration tools for the Tourlock security revolving door and Circlelock mantrap portal. Users can remotely access door operations and events using devices such as a tablet, laptop or smartphone via a secured corporate network. Upcoming tailgating season Boon Edam is celebrating its position as the market pioneer for security entrances, according to a report by IHS Markit®, with a tailgating-themed prize giveaway. All visitors to GSX are invited to participate by visiting booth #1103 during show hours. Participants will have the opportunity to win a variety of prizes that will help them make the most of the upcoming tailgating season: the Big Green Egg® grill, a YETI® cooler and more. Winners will be selected at random after the exhibition, and an announcement will be made to all participants via email by Friday, September 27.

Digital Defense, Inc. announces Frontline Network Map, an innovative feature offering IT security and operations professionals enhanced visibility of vulnerabilities and threats found on small, medium, and large networks. Frontline Network Map is accessible within Frontline.Cloud, the company’s SaaS security assessment platform and is being demonstrated at Black Hat 2019 conference currently underway in Las Vegas, Nevada. Risk network segments Through the Network Map capability, Fronline.Cloud users are able to view the relationships and interconnectivity of assets through a variety of clustering algorithms to pinpoint at risk network segments and areas of key vulnerability and active threat.   “Our Network Map feature is a powerful tool for information security blue team members to quickly visualise the security of the networks and connected assets for which they defend from cybercriminal attacks,” states Mike Cotton, SVP, Engineering. “Frontline.Cloud users receive an accurate graphic depiction of their risk that enables rapid response to those assets or network clusters that present the greatest exposure.” Learn more about Frontline Network Map by visiting the Digital Defense booth #2411 at Black Hat and request for a demonstration.

The Dallmeier 5000 series single sensor cameras are equipped with a new encoder technology. The new versions of the dome, IR and fisheye cameras support H.265 HEVC (High Efficiency Video Coding) and offer improved object classification with camera-based, AI-enhanced Video Content Analysis (VCA). H.265 compression By its nature, the constantly improving resolution of video images demands high bandwidths and large amounts of memory. With the new generation H.265 encoder in the Dallmeier cameras, data rate can be reduced by up to 50% compared with an H.264 stream without sacrificing resolution or image quality. When used in conjunction with the latest Dallmeier recording systems, a significant reduction in network and memory capacity can be achieved. Another advantage of the new 5000 series cameras is the new generation of Video Content Analysis (VCA) Another advantage of the new 5000 series cameras is the new generation of Video Content Analysis (VCA). Neural networks are implemented in the camera, supporting the classic VCA and thus enabling significantly more efficient object classification in the camera itself. After a short learning phase, the system is capable of delivering still more precisely defined analysis of the recordings and more effective use of automatic video analysis functions such as lossless and multiple auto tracking. Dallmeier Camera Series 5000 The camera models DDF5250HDV-DN and DDF5450HDV-DN (dome), DF5250HDV-DN/IR and DF5450HDV-DN/IR (box IR) and SDF5450HD-DN (fisheye) can be ordered now and will be ready for delivery from 19 August 2019 onwards.

With the recent news headlines about store closures and the collapse of well-known chains, alongside clear adjustments in business strategy amongst established high street favourites, there is no denying that the UK retail industry is under huge pressure. A recent report suggests growing issues are leading some retailers to increase risk-taking in the supply chain. But here, Steve Bumphrey, Traka UK Sales Director, looks at ways to help retailers embrace the storm, including paying attention to security, management processes and efficient customer focus. Challenges plaguing retail industry It’s been an awful year to date for UK retail if you believe the cacophony of negative headlines about the health of the UK economy and the confidence levels of the UK consumer. The sector is facing huge challenges in dealing with the evolution in on-line and smart mobile retailing The sector is undoubtedly facing huge challenges in dealing with the evolution in on-line and smart mobile retailing. Further concerns include an unwillingness of policymakers to address the changing retail environment and how business rates and general business taxation and regulation is making a difficult situation worse. Supply Chain Risk Report According to the latest Global Supply Chain Risk Report, published by Cranfield School of Management and Dan & Badstreet, those under pressure, are now facing increased exposure to risk if they are forced to cut costs in their supply chain. The report cites data for the retail sector that shows increased levels of risk-taking since Q4 2018, with retailers reporting high levels of dependency on suppliers and indicating a propensity to off-shore to low-cost, high-risk countries where suppliers are more likely to be financially unstable. In-store technology revolution The underlying evolution of technology taking hold of the retail industry and consequential changing consumer behaviour is what is really forcing the industry to step up and act. This is not only in the shift to online and smart mobile purchases, but also with the increased use of technology in store. Self-scanning and checkouts In a bid to enhance the physical shop experience, especially in supermarket outlets across the UK, retailers are increasingly giving customers autonomy with self-scanners and checkouts and need to be able to trust them to ensure an honest transaction. And for the shoppers, this dependency on technology and not human interaction to complete a shop means scanners must be instantly available and ready for use. Many different underlying competing challenges impact the retail industry Compensators At the recent British Retail Consortium’s ‘Charting the Future’ conference, looking at retail crime and security, Dr Emmeline Taylor, a criminologist at the City University of London identified in self -service shops, several new types of ‘offenders’ such as so-called ‘compensators’ including the atypical ‘frustrated consumer’ who, “fully intended to pay but were unable to scan an item properly”, adding to the security challenge. There are clearly many different underlying competing challenges impacting the retail industry. Arguably, the increase in technology and autonomous shopping, where less staff are present (or staff cuts planned) throws up more vulnerabilities, such as the opportunity for store theft. Use of body cameras Staff needs emerging technology such as body cameras to act as a deterrent to crime and keep employees safe Furthermore, staff may need greater use of emerging technology such as body cameras to act as a deterrent to crime and help keep employees safe. In essence, prevention is better than cure, and it’s certainly cheaper. Whether combating crime physically or online, or looking to find ways to counter the high street trends, working together, sharing information and taking a more holistic approach will help the development of a shared language between retailers. Retail banking It is also here where common approaches can help to deliver on efficiencies, in time, resource and budget that can serve to operate right through the supply chain, and minimise, or even negate the need to take any risks. It can even serve to enhance the customer experience, increasing confidence in the shopping environment. Of course, when discussing the high street, it is not just the department stores and chains that are feeling the impact. Well known banks are also having to redefine their priorities and role on the high street, with customers (especially younger generations) demanding a more efficient service than ever before. Well known banks are also having to redefine their priorities and role on the high street Asset protection Leading the way is Nationwide, globally renowned building society, which prides itself on being one of the largest savings providers and mortgages provider in the UK, promoting itself as running purely for the benefit of its customers, or ‘members.’ Richard Newland, Director of Branch & Workplace Transformation at Nationwide said, “Even more than getting a good ‘deal’ from a building society, the quality of our welcome, or our renowned level of service, we make sure our members feel safe with us, enough to trust us with their greatest assets. We are doing everything we can to evolve our business and focus our efforts on providing the best and most secure services that people value.” Key management systems Traka has supported Nationwide with the introduction of dedicated key management systems So committed to its branch network, it has pledged to its 15 million members that every town and city with a Nationwide branch, will still have one for at least the next two years. A bold statement in today’s climate. Traka has supported Nationwide with the introduction of dedicated key management systems, moving its branch network into a more digital system. Keys no longer need to leave site and the audit trail capability has helped to remove the manual paper recording, allowing status of keys to be established instantly, at any time. Changes in retail market This example, together with Traka’s portfolio of high street brands and globally renowned department stores that cannot be named for security reasons, demonstrates the need for retailers to embrace the need for change, both from a product offering and operational running perspective to achieve aspirations of resonating with customers. They also prove the opportunities for success, in an unquestionable difficult market environment. If retailers can listen to customers and respond accordingly, taking into consideration staff safety and security, alongside an ability to respond quickly to personalised enquiries and expectations. This way, perhaps, the current environment can be seen as an opportunity to innovate and embrace technology to form the high street of the future.

We live in an information and data-led world, and cybersecurity must remain top-of-mind for any organisation looking to both protect business operation critical assets. Businesses without proper cyber measures allow themselves to be at risk from a huge list of threats - from cybercriminals conducting targeted spear-phishing campaigns - like the 2018 Moscow World Cup vacation rental scam, to nation-state actors looking to collect intelligence for decision makers - no organisation is safe from innovative cyber threats. Security solutions enterprises Organisations can then set the groundwork necessary to stop malicious activity and keep their business’ data safe The evolving threat space means organisations need to ensure they have the most innovative prevention and detection frameworks in order to withstand adversaries using complex and persistent threats. When implementing new security solutions enterprises must start by assuming that there is already a bad actor within their IT environment. With this mindset, organisations can then set the groundwork necessary to stop malicious activity and keep their business’ data safe. As there is no one silver bullet that truly stops all cyberattacks, organisations must adopt a multipronged approach to be widely adopted to stop adversaries. This must include tracking, analysing and pinpointing the motivation of cyber actors to stay one step ahead through global intelligence gathering and proactive threat hunting. In addition, deploying new technologies leveraging the power of the cloud give a holistic view of the continuously evolving threat landscape and thereby secure data more efficiently. Traditional security approach In today’s landscape, the propagation of advanced exploits and easily accessible tools has led to the blurring of tactics between statecraft and tradecraft. Traditional security approaches are no longer viable when it comes to dealing with the latest trends in complex threats. To make defending against these threats even more complicated, adversaries are constantly adapting their tactics, techniques and procedures (TTPs), making use of the best intelligence and tools. CrowdStrike’s latest Global Threat Report tracked the speed of the most notable adversaries including Russian, Chinese, North Korean and Iranian groups. As the adversaries’ TTPs evolve into sophisticated attack vectors defenders need to recognise we are amidst an extreme cyber arms race, where any of the above can become the next creator of a devastating attack. Russian efficiency is particularly high; they can spread through an enterprise network in 18 minutes 48 seconds on average, following the initial cyber-intrusion. Sophisticated cyber weapons Actors tend to use a simple trial and error technique where they test the organisation's network So, reacting to threats in real-time is a priority. Bad actors are extremely vigilant and committed to breaking down an organisation’s defences, and speed is essential to finding the threats before they spread. Actors tend to use a simple trial and error technique where they test the organisation's network, arm themselves with more sophisticated cyber weapons, and attack again until they find a vulnerability. This has highlighted the need for tools that provide teams with full visibility over the entire technology stack in real-time in order to meet these threats head-on. Traditional solutions are scan-based, which means they don’t scale well and can’t give the security teams context around suspicious activity happening on the network. They lack full visibility when a comprehensive approach is needed. Businesses without proper cyber measures allow themselves to be at risk from a huge list of threats - like the 2018 Moscow World Cup vacation rental scam Malicious behaviour Through leveraging the power of the cloud and crowdsourcing data from multiple use cases, security teams can tap into a wealth of intelligence collated from across a vast community. This also includes incorporating threat graph data. Threat graphs log and map out each activity and how they relate to one another, helping organisations to stay ahead of threats and gain visibility into unknowns. Threat graph data in conjunction with incorporating proactive threat hunting into your security stack creates a formidable 360-degree security package. Managed threat hunting teams are security specialists working behind the scenes facing some of the most sophisticated cyber adversaries through hands on keyboard activity. Threat hunters perform quickly to pinpoint anomalies or malicious behaviour on your network and can prioritise threats for SOC teams for faster remediation. In-depth knowledge Security teams need to beat the clock and condense their responseIt is key for security teams to have an in-depth knowledge of the threat climate and key trends being deployed by adversaries. The TTPs used by adversaries leave are vital clues on how organisations can best defend themselves from real-life threats. Intrusion ‘breakout time’ is a key metric tracked at CrowdStrike. This is the time it takes for an intruder to begin moving laterally outside of the initial breach and head to other parts of the network to do damage. Last year, the global average was four hours and 37 minutes. Security teams need to beat the clock and condense their response and ejection of attackers before real damage is done. Next-generation solutions When managing an incident clients need to be put at ease by investigations moving quickly and efficiently to source the root of the issue. Teams need to offer insight and suggest a strategy. This can be achieved by following the simple rule of 1-10-60, where organisations should detect malicious intrusions in under a minute, understand the context and scope of the intrusion in ten minutes, and initiate remediation activities in less than an hour. The most efficient security teams working for modern organisations try to adhere to this rule. As the threat landscape continues to evolve in both complexity and scale, adequate budget and resources behind security teams and solutions will be determining factors as how quickly a business can respond to a cyberattack. To avoid becoming headline news, businesses need to arm themselves with next-generation solutions. Behavioural analytics The solution can then know when to remove an adversary before a breakout occurs Behavioural analytics and machine learning capabilities identify known and unknown threats by analysing unusual behaviour within the network. These have the ability to provide an essential first line of defence, giving security teams a clear overview of their environment. With this at hand, the solution can then know when to remove an adversary before a breakout occurs. Attackers hide in the shadows of a network’s environment, making the vast volume and variety of threats organisations face difficult to track manually. The automation of responses and detection in real-time is a lifeline that organisation cannot live without as adversaries enhance and alter their strategies. Adversaries continue to develop new ways to disrupt organisations, with cybersecurity industry attempting to keep pace, developing new and innovative products to help organisations protect themselves. These technologies empower security teams, automating processes and equipping security teams with the knowledge to respond quickly. Organisations can set themselves up for success by integrating the 1-10-60 rule into their security measures, giving them an effective strategy against the most malicious adversaries.

In the next three years, software as a service ‘SaaS’ is likely to grow by around 23%. That’s according to reports by Cognizance. It’s growth rests on the adoption of cloud public, private and hybrid. Without the cloud applications can’t truly pervade an organisation, nor can operational or customer benefits be derived. But there’s no point in adopting the cloud if it’s not secure - the proliferation of SaaS demands security, none more so in a GDPR world. Large cloud environment But modern applications are difficult to secure. SaaS based, web, mobile, or custom made all work on different platforms and frameworks. It’s a headache managing all the APIs needed to automate and sync tools. This introduces risk. The greater the number of apps the broader the attack surface and therefore the greater the chance there will be blind posts. Keeping up to date with updates and new security policies is never easy There are also added hazards. Applications are always changing. Keeping up to date with updates and new security policies is never easy, but especially hard in a large cloud environment. Failure to adopt changes puts the organisation and customers at further risk. But the biggest obstacle is keeping applications and APIs out of harm’s way. It’s a near on impossible task when attack methods and sources are constantly changing. More advanced threats To be specific there are four emerging challenges when it comes to protecting apps. Firstly, managing the good and the bad bots and spotting which is which, secondly securing APIs as IoT adoption intensifies, thirdly the relationship between securing apps and DevOps and ensuring ownership of security, and finally denial of service attacks that use newer tactics such as brute force. Basic security hygiene dictates that security teams refer to the OWASP Top 10. It’s considered the ‘ten commandments’ in security circles, providing a starting point for ensuring the most common threats and vulnerabilities are managed, detected and mitigated. Web Application Firewalls also come into the fray with guidance on testing for the ways hackers exploit vulnerabilities. However, though the basics are good to have in place, there are always more advanced threats to take care of. Bots being a big one. Bot management The more sophisticated bots will go as far as to mimic human behaviourAstonishingly about half of internet traffic is bot generated. Half of it is from bad bots. Discerning the good from the bad isn’t easy though and explains why around 80% of organisations can’t make a clear distinction between the two. Bad bots can do a lot of damage like take over user accounts and payment information, scrape confidential data, or hold up inventory and skew marketing metrics. The more sophisticated bots will go as far as to mimic human behaviour and bypass tools like CAPTCHA and even device fingerprinting based protection ineffective. Securing APIs Then there’s the complications derived from machine-to-machine and internet of things (IoT) communications. The more integrated ‘things’, the more data there is, the more events there are report on, and the more activity there is reliant on APIs to make the ‘things’ useful and agile. That’s what makes them a target and the threats to API vulnerabilities include injections, protocol attacks, parameter manipulations, invalidated redirects and bot attacks. There’s the risk that business will grant access to sensitive data, without inspecting nor protecting APIs to detect cyberattacks.   There’s the risk that business will grant access to sensitive data, without inspecting nor protecting APIs to detect cyberattacks Denial of service (DoS) You might think there’s little to add to the swathes of denial of service warnings. Yet when businesses are still being targeted and feeling the ill effects it’s worth mentioning again that different forms of application-layer DoS attacks are still very effective at bringing application services down. Even the greatest application protection is worthless if the service itself can be knocked down This includes HTTP/S floods, low and slow attacks (famous examples being Slowloris, LOIC, Torshammer), dynamic IP attacks, buffer overflow, Brute Force attacks and more. The IoT botnets are the culprits and have made application-layer attacks so popular that they have become the preferred DDoS attack vector. Even the greatest application protection is worthless if the service itself can be knocked down. Continuous security It may seem easy to say but for modern DevOps, agility is valued at the expense of security. We see time and again examples of where development and roll-out methodologies, such as continuous delivery, mean applications are exposed to threats each time they are modified. There’s no doubt it is extremely difficult to maintain a valid security policy and protect sensitive data in dynamic conditions without creating a high number of false positives. But we now find that this task has gone way beyond the capability of humans. Organisations now need machine-learning based solutions that map application resources, analyse possible threats, and create and optimise security policies in real time. Reaching this level in security planning should be a big wake-up call that security automation is an essential not a nice to have. Running security plans The board needs to know that investment is critical to protect their profits It’s critical that the security solution your company adopts protects applications on all platforms, against all attacks, through all the channels and at all times. The board needs to know that investment is critical to protect their profits. As such there are six things they need to know: Application security solutions must encompass web and mobile apps, as well as APIs. Bot management solutions need to overcome the most sophisticated bot attacks. DDoS mitigation must be an essential and integrated part of application security solutions. A future-proof solution must protect containerised applications, severless functions, and integrate with automation, provisioning and orchestration tools. To keep up with continuous application delivery, security protections must adapt in real time. A fully managed service should be considered to remove complexity and minimise resources. No amount of human power will beat the bots. That last point is the most critical. Skill is essential in designing and running security plans and policies that work. But the plans can’t be executed without automated tools. There are just too many decisions to make in a split second. Combining both is the path to an effective app protection strategy and a stronger brand to boot.

An interim Federal Acquisition Rule (FAR) detailing how the U.S. Federal government will implement a ban on government use of video surveillance products from Chinese manufacturers has been released just days before the August 13, 2019, deadline for the ban to take effect. The interim rule will take effect immediately; it notes there are "urgent and compelling reasons… to promulgate this interim rule without prior opportunity for public comment". After the interim rule is published in the Federal Register, 60 days will be allowed for public comments to be submitted (tag comments and correspondence ‘FAR Case 2018-017’). The final rule will follow. The agencies issuing the interim rule are the Department of Defense (DoD), the General Services Administration (GSA), and the National Aeronautics and Space Administration (NASA). Banning Chinese video surveillance equipment The interim rule provides details about implementation of Section 889(a)(1)(A) of the NDAA for fiscal year 2019The interim rule provides details about implementation of Section 889(a)(1)(A) of the National Defense Authorization Act (NDAA) for fiscal year 2019, which the President signed into law on August 13, 2018, to take effect a year later. It bans government uses of telecommunications and video surveillance equipment produced by Hikvision and Dahua, among other companies. The interim rule also applies to telecommunications equipment produced by Huawei Technologies Company or ZTE Corp. (or any subsidiary or affiliate). Huawei manufactures HiSilicon chips widely used in video cameras. The interim rule requires inclusion of a clause prohibiting the listed telecommunications and video surveillance services on solicitations and/or resulting contracts that occur on or after August 13, 2019. Contractors who identify covered equipment during the performance of a contract are required to report it within one business day; and to report mitigation actions within 10 business days. The requirement is included in contracts with subcontractors. Identifying telecommunications equipment The rule requires submission of a ‘representation’ with each offer (government bid) to identify any covered telecommunications equipment or services that will be provided to the Government. The interim rule states: “DoD, GSA, and NASA recognise that some agencies may need to tailor the approach to the information collected based on the unique mission and supply chain risks for their agency.” The head of an executive agency can grant a one-time waiver on a case-by-case basis for up to a two-year period There is an option for contractors to "represent annually whether they sell equipment, systems, or services that include covered telecommunications equipment or services". A ‘no’ answer then applies to any contracts during the year. If a contractor answers ‘yes’, they are required to specify that each individual bid does not include the covered equipment. The head of an executive agency can grant a one-time waiver on a case-by-case basis for up to a two-year period. Waivers require a compelling justification, that the equipment be listed/reported, and that a phase-out plan is implemented. The Director of National Intelligence can also provide a waiver. Prohibits purchase of COTS items The interim rule also applies to purchase of commercial off-the-shelf (COTS) items: "Th[e] level of risk is not alleviated by the fact that the equipment or service being acquired has been sold or offered for sale to the general public... nor by the small size of the purchase." It prohibits ‘micro-purchases’ of covered products and services delegated by agency heads. The interim rule covers the NDAA Section 889(a)(1)(A), which is the ‘Chinese ban’ provision. It does not cover the ‘blacklist’ provision [Section 889(a)(1)(B)], which was the subject of a public hearing in July. According to the interim rule: "The prohibition in section 889(a)(1)(B) is not effective until August 13, 2020, and will be implemented through separate rulemaking." The ban also applies to current government installations, and there are questions about whether agencies and departments will comply in time.

The devil is in the details. The broader implications of the U.S. Government ban on Chinese video surveillance manufacturers are being clarified in the federal rule-making process, and a public hearing in July gave the industry a chance to speak up about the impact of the law. Ban on equipment The hearing centered on Section 889 of Title VII of the National Defense Authorisation Act (NDAA) for FY 2019, specifically paragraph (a)(1)(B). The paragraph "prohibits agencies from entering into a contract (or extending or renewing a contract) with an entity that uses any equipment, system, or service that uses covered telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system." “Covered equipment” refers to products and services from Huawei, ZTE Corp., Hytera, Hikvision and Dahua “Covered equipment” refers to products and services from Huawei Technologies Co., ZTE Corp., Hytera Communications Corp., Hangzhou Hikvision Digital Technology Co. and Dahua Technology Co. Hikvision and Dahua are two of the largest manufacturers of video surveillance equipment, and Huawei manufactures HiSilicon chips widely used in video cameras. ‘Chinese ban’ provision The public hearing was part of the rule-making process for paragraph (a)(1)(B), which the industry has informally referred to as the “blacklist” provision of the NDAA. However, the “Chinese ban” provision [Paragraph (a)(1)(a)] is not at issue, was not covered by the public hearing, and is already scheduled to go into effect a year after the law was signed by President Trump (August 13, 2018).   There were seven presentations at the public hearing. Presenters included the Security Industry Association (SIA), two Hikvision integrators, a representative of communications manufacturer Hytera, an economist and an attorney on behalf of telecommunications company Huawei, and Honeycomb Secure Systems, a federal contractor. There was no livestream or transcription of the meeting, although PowerPoint summaries of the 10-minute presentations were published.   SIA emphasises on clarity In its presentation, the Security Industry Association (SIA) emphasised that contractors need clarity, i.e., that paragraph (a)(1)(B) applies to an entity's use of covered equipment or services in the performance of federal contracts, but NOT to non-federal sales or use of covered equipment by a contractor that is unrelated to federal work. SIA also focused on the distinction (and contrasting risk profiles) between video surveillance equipment, which are endpoint devices that may or may not be on the Internet, and telecommunications equipment. In contrast, telecommunications equipment is essential to Internet infrastructure and manages all data on a network, encrypted or not.    Fully-compliant video surveillance products Security equipment suppliers and integrators doing federal work can offer fully compliant video surveillance products" SIA's presentation included the following "outcome" statement: "Security equipment suppliers and integrators doing federal work can offer fully compliant video surveillance products in the federal market, while offering other products tailored to technical requirements, price points and specific customer needs that vary widely for non-government commercial sectors – e.g. malls, banks, convenience stores, etc.” In other words, involvement in government contracts should not restrict an integrator’s flexibility to offer any and all products and services (included those from the listed Chinese companies) to non-government customers. The two integrators made similar points, specifically about their business with Hikvision. One presenter was Rick Williams, General Manager of Selcom, a systems integrator in Selma, Ala., with 10 employees. They have been a Hikvision partner since 2012 with a year-to-date revenue from Hikvision products of approximately $400,000. Hikvision integrators speak out A second integrator at the hearing was Mark Zuckerman of Clear Connection Inc., a security company in Beltsville, Md., with 32 local employees, that focuses on electronic security, telecommunications and IT. Clear Connection designs, installs and services systems throughout Metro DC and Baltimore, including commercial entities, schools and non-profit organisations. They do about $120,000 a year in business as a Hikvision partner and have over $500,000 in business awaiting federal NSGP [Nonprofit Security Grant Program] approval. In two almost identical presentations, the integrators sought clear guidance on how to comply with the language of the law as written, specifically confirmation that Section 889 of the NDAA does not apply to non-federal sales or use of covered equipment. "This is critical to my company as I provide integrated security solutions across multiple government and commercial markets, using a mix of products from different manufacturers tailored to the technical requirements, price points and customer needs that vary widely for each sector," said Williams. Hytera speaks at hearing It is not clear what Section 889 means, who it applies to, or how far its prohibitions extend" "It is not clear what Section 889 means, who it applies to, or how far its prohibitions extend," commented Zuckerman. "If interpreted broadly, some of my customers would be barred from entering into a federal contract because they have covered products installed in their facility to protect their property and staff.” Also presenting at the hearing was Hytera, a manufacturer of open standard digital mobile radio technology. The presentation emphasised that Hytera does not sell to U.S. telecommunications carriers, and does not supply 5G components or video surveillance equipment. Hytera equipment is used by federal customers such as the National Gallery of Art, National Archives, National Zoo and the Holocaust Museum. Impact on clients and commerce "These federal entities do not play a role in national security, and the Hytera systems do not connect to any critical systems," says the company. "However, the lack of clarity in the implementation of the NDAA has a significant impact on Federal, state and commercial clients, impacting competition and choice." Hytera's presentation continues: "Hytera has never been informed by any U.S. government entity that its equipment posed a national security risk and as such has not been given the opportunity to respond to any concerns. The result of Section 889 is the creation and circulation of misinformation in the marketplace." Hytera also said that the federal proposed rules and regulations should exempt federal agencies that do not include a national security component, and equipment not interconnected with the public network. Impact on cybersecurity Consolidating the number of equipment suppliers hinders rather than helps cybersecurity" James E. Gauch, an attorney with James Day speaking on behalf of Huawei, offered a global argument that could be applied to any of the banned companies: “Virtually all equipment manufacturers rely on a global supply chain and face security risks from a wide range of sources, excluding may be one or two vendors based on their national origin will not address these risks.” He adds, “However, consolidating the number of equipment suppliers hinders rather than helps cybersecurity. Creating a small number of dominant suppliers, regardless of national origin, reduces the incentives of those suppliers to embrace industry-leading standards and creates greater exposure to vulnerabilities of a single supplier.”

After a period of rapid international expansion, the next step for Ajax Systems is to set deeper roots in each market and become more sustainable. The manufacturer of wireless security equipment will continue to extend the range of Ajax products and capabilities by responding to local requests. Smart home management options and automation scenarios will be a significant focus for the next year. Wireless security equipment The systems are resistant to false alarms, regularly update over the air Established in 2011 in Kyiv, Ukraine, Ajax Systems produces wireless security equipment for end users and small-medium-sized businesses. Ajax is a complete eco-system. The devices are ready to work out of the box. There are 24 devices for protecting residential and commercial properties from intrusion, fire, and floods as well as a set of automation modules. Users treat them as gadgets that make their homes smarter. Ajax wireless systems are easier to maintain, configure, and monitor for installers as well as for security companies, according to Ajax. The systems are resistant to false alarms, regularly update over the air, and can be easily expanded to cover premises of any size. IoT-based security systems “Our IoT-product approach to security systems, gadget-like industrial design, and user-friendly interfaces disrupted the market in 2016,” says Valentine Hrytsenko, Chief Marketing Officer at Ajax Systems. “After receiving global recognition in the security market, the company grew 80-fold.” Today, Ajax IoT-based security systems protect more than 200,000 people in 80 countries around the world from break-ins, fires, leaks and other threats. “Our mission is to reshape security and make it a common attribute of every household,” says Hrytsenko. Ajax wireless systems are easier to maintain, configure, and monitor for installers Ajax smart technology Ajax smart technology features a combination of reliable hardware and intelligent software. A proprietary Jeweller two-way radio protocol allows placing devices at a distance of up to 2000 meters from the hub in an open space. The system is encrypted, resistant to jamming and code grabbing. Ajax detectors feature false alarm-preventing algorithms: Haze Flow, ZOE, LISA, SmartDetect. The hubs run on a real-time operating system, Malevich OS that processes the commands and sends the alarms. Ajax Cloud service helps to control the system from anywhere in the world using native apps. Easy and seamless installation Ajax features system scalability, flexible management of administrative rights"Easy installation facilitates Ajax on-boarding. The company says 67% of Ajax users purchase additional security devices within the first six months. And an average system configuration consists of nine items. “We focus primarily on the residential, small and medium-sized businesses,” says Hrytsenko. “In the residential segment, Ajax covers the needs to detect break-ins, prevent fires and floods. Ajax devices are visually appealing to fit any home and business interior seamlessly. For the small and medium-sized business, Ajax features system scalability, flexible management of administrative rights, informative notifications, professional maintenance software, as well as integration of the security camera streams for centralised monitoring.” Route-to-market approach Ajax Systems’ route-to-market approach is two-fold. First, they develop strategic partnerships with the local professional security equipment distributors in each country. From the distributors, Ajax equipment goes to the installers, system integrators, security companies, etc. In addition, Ajax seeks to build brand recognition and actualise the concept of security by weaving it into the daily routine of a general audience. “We form a good understanding of their security needs,” says Hrytsenko. As with any new technology, there is an adoption curve for both B2B and B2C clients. Thus, the educational challenge is persistent for Ajax from country to country. Ajax Systems’ route-to-market approach is two-fold Wireless security systems “On a professional market, new products are often met with understandable suspicion,” says Hrytsenko. However, a huge misconception is that user-friendly equipment is either hard to customise or unreliable. Not true, he says. After testing in five accredited laboratories, Ajax devices successfully earned Grade 2 certification for compliance with the requirements of the international standard EN50131-1:2006. Grade 2 is the highest reliability grade a wireless security system can get.

HID Global, globally renowned trusted identity solutions provider, has announced support for Seos-enabled student IDs in Apple Wallet. Beginning this fall, students, faculty and staff at Clemson University will be able to add their IDs to Apple Wallet and use their iPhone and Apple Watch to access buildings on campus, purchase meals and much more. Seos-enabled student IDs “HID Global is excited to play an important role in creating transformative connected university experiences that make it easy for students to simply use their iPhone or Apple Watch to enjoy all that daily campus life has to offer,” said Stefan Widing, President and CEO with HID Global. HID’s technology and electronic locks from our parent company ASSA ABLOY are helping Clemson University students" Stefan adds, “HID’s broad range of technology and electronic locks from our parent company ASSA ABLOY are helping Clemson University students, faculty and staff take full advantage of convenient mobility applications. This fall, their Apple devices can be used for everything from entering buildings – such as residence halls and individual rooms – to buying meals, accessing the gym, and using secure print services and numerous other university resources.” iCLASS SE reader modules To support student IDs in Apple Wallet on iPhone and Apple Watch, HID provides Seos-enabled credentials, HID iCLASS SE and HID OMNIKEY readers, embedded HID iCLASS SE reader modules, and Corbin Russwin and SARGENT electronic locks from ASSA ABLOY. Through HID’s support of student IDs in Apple Wallet, Clemson students will be able to seamlessly access residence halls, libraries and fitness centers, buy lunch, make purchases at the university store, print documents and more by placing their iPhone or Apple Watch near a reader where contactless student ID cards are accepted. Contactless student IDs Contactless student IDs are supported on iPhone 6 and later and iPhone SE. On iPhone XS, iPhone XS Max, and iPhone XR, student IDs may still be used for up to five hours in power reserve mode when the iPhone battery needs to be charged. Student IDs in Apple Wallet are not only convenient, they also provide an extra level of security as students no longer have to worry about misplacing their physical card. School credential provisioning is protected by two factor authentication.

Health services and their funding have long been in the news, with social care and mental health coming in for particular attention. Both of these core areas are seeing a growing need for their services. While nationally this is a problem, there is good news in East Anglia with the opening of the 16 bedroom Samphire Ward at Chatterton House, a new acute care mental health facility in King’s Lynn, Norfolk. The build comprised of a refurbishment of two redundant wards linked to create one modern compliant 16 bed facility at a cost of £4m which is operated by North and West Norfolk Care Group, part of Norfolk and Suffolk NHS Foundation Trust (NSFT). NSFT provides inpatient and community-based mental health services in both Norfolk and Suffolk. It is also commissioned to provide in some of its localities, learning disability services, along with other specialist services including medium and low secure services and wellbeing. Continuim access control system Many of these sites use a legacy building access control system called Continuim The new facility is one of many sites across Norfolk and Suffolk that fall under management of the trust. Managing over 4,000 staff and controlling over 1500 access controlled doors across multiple sites. Many of these sites use a legacy building access control system called Continuim which is a bolt on module to Trend BMS, where all doors on this system are required to be wired on-line. Several years ago the trust wanted a more modern contactless access control solution for their facilities in Norfolk and Suffolk. They specifically wanted a solution that offered cost savings by not having to wire all doors. SALTO access control was chosen for fitting to new and refurbishment projects, with a view to possibly retro-fitting the new solution across all the existing sites on a rolling upgrade basis as time and future budgets allow. SALTO access control solution Security and Infrastructure Manager for the Strategic Estates department at the trust, Paul Evans, says “By choosing SALTO the trust were able to specify a mix of online and offline equipment. The cost saving for offline equipment enables the trust to specify more internal offline doors to become controllable as part of the access control system, thus giving us greater flexibility and security for our facilities.” Evans continues “Given the nature of our work and that some of our service users can have really challenging behaviour issues, it is vital that for their safety and that of the staff, we are able to control access simply and easily yet securely into and around the many different areas of the ward, the administration area and indeed the rest of the rooms in the building.” Contactless smart access control Reduced-ligature hardware working with contactless smart access control was needed in the user areas A standard off-the-shelf access control solution was not suitable as reduced-ligature hardware working with contactless smart access control was needed in the user areas together with anti-barricade doors, vision panels, automatic lockdown abilities, locker locks and a host of other special items and so we wanted a company with specialist experience in this field to carry out the supply and installation.” After going out to a competitive open tending process, local security specialist and certificated SALTO partner AC Leigh, based in Norwich, won the contract to secure the new facility. One of their lead designers, Simon Clarkson, worked with Paul and his team to design and deliver the system. Central monitoring system Clarkson, Health and Safety Director at AC Leigh says “We listened to what Paul and his team needed and especially how they wanted to manage and control the building and delivered a completely focused solution that allows central administration of the facility using hardware and software from SALTO Systems as the core of the solution.” On-line wall readers are used to control access into and around the building and these have been installed on main entry points, alongside bedroom doors and in ‘airlocks’ to control access from one area to another. SALTO slave control units Paul Evans says, “The latest SALTO online CU4200 control units were used on this project where data can be shared to SALTO slave control units via a single master control unit. This reduced the load on the already exhausted IT infrastructure which has meant that more online doors can be added to the SALTO system.” Bedroom doors are all fail secure with mechanical key override and are also anti-barricade. The facility has the bespoke ability to operate a standard 8 male, 8 female bedroom configurations. However, the trust wanted the flexibility to extend either male or female bedrooms to 10 bedrooms. This was achieved by two swing corridor doors. Electro-magnetic locks In standard operation, these powered swing doors are held open with electro-magnetic locks In standard operation, these powered swing doors are held open with electro-magnetic locks. In their swing scenario a key switch can be operated which releases the hold open magnet and energises the SALTO system powering a separate electronic locking device on the door. This enables the trust to easily maintain the required gender separation within the bedroom areas. Paul Evans comments “AC Leigh were able to configure the required solution easily and train the staff in its operation accordingly.” Aelement Fusion smart locks Other doors are fitted with Aelement Fusion smart locks. AC Leigh worked closely with the trust to design and manufacture special reduced ligature handles and reader covers to ensure that ligature points were reduced in conjunction with DHF technical specification TS001:2013 enhanced requirements and test methods for anti-ligature hardware. “The consultation between AC Leigh and the trust took several months with multiple prototypes being presented to the trust for approval.”, Evans says, adding “After looking at all the various options, the trust is happy that the best solution for this type of battery operated offline door has been chosen and installed at Chatterton house.” He also confirms that the bespoke design would be used as their preferred solution on future projects for this type of door. XS4 Mini locks Meanwhile in staff areas XS4 Mini locks are fitted. In open common areas, lockers are equipped with smart XS4 locker locks enabling each service user to have a secure storage place for their individual personal items. To operate the various doors, staff use their smartcard ID badges to gain access while service users use wristbands to access their bedroom, locker and certain permissible doors. SALTO SPACE electronic locking Tying all this together is SALTO SPACE a flexible, fully integrated electronic locking and software platform Tying all this together is SALTO SPACE a flexible, fully integrated electronic locking and software platform that enables operators to effectively manage every door and user access plan on-site via powerful web-based access control management software. Audit trail information from the doors is held for 31 days before deletion in accordance with the trust data policy.  Simon Clarkson concludes “The client needed precise tailoring of access levels and the SALTO access control solution has empowered them with an intuitive, easy to use but adaptive system. The use of this standalone largely battery operated access control system will provide significant cost savings over the years to come compared with other systems, and will deliver a reduction in engineer call-outs and simplify system administration making for a long term secure and reliable access control solution for the trust.”

In the aging trend of 21th century with rapid aging population and high healthcare costs are creating a growing demand for care at home, especially for seniors with long-term health conditions. Home care is moving towards tele-health monitoring and telemedicine, including video conferencing and remote monitoring technology to help increase caregiver efficiency while still providing constant convenience to the patients. Living independently and aging gracefully are the ideals that every individual seeks to pursue, and the challenge is to ensure that all people can age with dignity and security. Climax’s GX Cubic Smart Care Medical Alarm is an all-in-one wellness, and personal safety medical alarm solution, designed to help the elderly to manage their long-term health conditions, bridging medical health monitoring information to care providers/hospitals and create points of care to keep them safe in their own homes. GX Cubic medical alarm GX Cubic can be flexibly connected with third-party Bluetooth (BLE) healthcare sensors GX Cubic can be flexibly connected with third-party Bluetooth (BLE) healthcare sensors, like blood glucose monitor, pulse oximeter, blood pressure monitor, or weight for tracking health data and providing customised alerts to meet individual needs. The measurements can be automatically sent to a health professional who can review the results and continuously keep an eye on the patient’s health needs and provide early treatment as necessary. In addition to medical health monitoring, GX Cubic is also compatible with Pivotell Advance Automatic Pill Dispenser to keep secure of all pills, and remind the user to take the correct medicine at the pre-set time. The solution allows health professionals to monitor pill taking timely results and keep an eye on the patients’ treatment as needed. For situation when remote monitoring care given is insufficient and the user requires onsite assistance, GX Cubic can raise an emergency alarm to inform the caregiver or medical personnel for immediate action. Seniors can be assured that they are always being taken care of, and provide their family members with a peace of mind. Voice recognition solution Voice recognition has innovated over time and continues to advance, allowing products to become even more intuitive and easier to use. GX Cubic has built-in voice recognition and can activate an emergency call to care provider or central monitoring center by preset vocal commands or keywords. This allows seniors to receive emergency attention even in situations where they are immobilised or cannot manually reach the panic button. Working with the leading voice ecosystems Amazon Alexa and Google Home via cloud, GX Cubic also features voice control to activate home electronic devices, complete daily tasks, and seek help during emergencies. Voice over Internet Protocol With the VoIP (Voice over Internet Protocol) feature, GX Cubic users can also initiate two-way voice callsWith the VoIP (Voice over Internet Protocol) feature, GX Cubic users can also initiate two-way voice calls to contact their caregivers or family members at any time. With the additional add-on of DECT, GX Cubic can pair with voice extenders, talking pendants, call points, and voice extenders placed strategically around the home to create a safety net. Smart Home Automation Comprehensive elderly-friendly health care should also have a focus on preventive action to maintain a healthy ageing process. To realise independent living in a smart way, GX Cubic pairs with Zigbee or Z-Wave sensors to enable the whole-home control with various protocol-of-choice. GX Cubic can be programmed to turn on the hallway lights automatically when a sensor reports a senior’s movement in the middle of the night, to reduce a chance of falling; or automatically adjusting air conditioning when there is a sudden temperature-drop. The scenarios are unlimited to fit individual requirements, ensuring a safest living experience for the senior users. GX Cubic can also integrate IP security cameras and camera PIR motion sensors to deliver real-time visual monitoring and verification. When an emergency occurs, alerts are immediately sent to family members, and Monitoring Center to verify the event and sending immediate assistance as needed. Lastly, GX Cubic can support wireless sensor devices, allowing users to add in smoke detectors, water leakage sensors, and gas sensors to monitor environmental emergencies; and motion sensors, door contacts, sensor pad transmitters for inactivity monitoring, to build a healthier, safer independent living.

Traka has launched a new downloadable white paper to open a discussion on the changing nature of retail banking in the UK, using latest case examples to consider branch management and shifting customer expectations. The white paper, titled ‘Shaping the retail banking industry’ looks at several factors influencing the sector, including the increasing expectations and values of customers demanding a more personalised branch experience. Key and equipment management Incorporating analysis from globally renowned financial services, including PwC, Accenture and Deloitte, the paper highlights the opportunities for innovation, together with collaboration and adoption of new operational processes. This incorporates key and equipment management to enable retail banks to deliver on top quality service. The future for retail banking could arguably also be cited as bleak and in a state of industry disruption" Says Mike Hills, Traka UK Market Development Manager and Author of the white paper: “Against a backdrop of negative press concerning the state of UK high streets, the future for retail banking could arguably also be cited as bleak and in a state of industry disruption, as customers move towards a more mobile-connected lifestyle.” Staff and customer security “However, our research in putting together this white paper tells a different story. That actually, the sector has a real chance to embrace the changes occurring and entice their customers, meeting demands for personal service. We found that brands riding the storm are taking small yet significant steps to tailor their services and make operational differences that are proving key to their success.” The white paper focusses on Traka’s experience with Nationwide Building Society to demonstrate how supporting operational efficiency can benefit banking staff and ensure they can focus on serving their customers, without compromising on security.  Retail Banking security Mike concluded, “We have brought this white paper together using the latest research and intrinsic market reports, together with case evidence on the future of the retail banking industry and the issues faced by the sector to ensure long term success.”  “Within this, we wish to stimulate debate and encourage views and contributions from as many different voices as possible. We look forward to your opinion, experience or comment on this matter of growing importance so together, we can look to support and shape the future of retail banking.”

As prominent in Belfast’s history as its cranes are on the city’s skyline, it’s hard to imagine Belfast without Harland and Wolff. Once the world’s greatest shipbuilder, Harland and Wolff today has evolved into a company that provides over 150 years of engineering excellence to the maritime, offshore, and renewable energy sectors. The Harland and Wolff facilities on Queen’s Island are now used to maintain some of the world’s largest ocean-going vessels, ranging from offshore platforms and cruise liners to offshore wind farms. The company is spread over two sites in Belfast and covers over 200 acres. Its main facility has a public-facing perimeter of no less than 1.5 kilometers. With safety as a primary consideration in the execution of projects, the company goes to great lengths to protect its investments from unwanted visitors, intruders, and vandalism. FLIR VMS solution For over 15 years, Harland and Wolff has been using FLIR’s United VMS to manage a wide variety of security cameras For over 15 years, Harland and Wolff has been using FLIR’s United Video Management System (VMS) to manage a wide variety of security cameras. As technology innovations and features were being added onto the United VMS over the years, Harland and Wolff has always remained loyal to the FLIR brand. But with the increasing development of Queen's Island as an industrial, commercial, and tourist area came a greater public presence and an increased safety and security threat. That is why in recent years Harland and Wolff has been continuously investing in the latest security camera technology from FLIR, including enterprise security cameras, PTZ cameras, intelligent thermal cameras, and mobile and wearable cameras. Optical and thermal cameras “Today, over 140 FLIR cameras on-site and along the site’s perimeter make sure that we can detect any irregularity,” said Chris Neill, security operations manager at Harland and Wolff. “Whenever one of our cameras picks up an incident – an intruder for example – an alarm is generated and sent to our security control room, who can then follow up the incident. This ensures us that our investment and that of our customers is safe and secure at all times.” Due to the high impact and risk associated to a possible incident on site, the company’s security department follows a proactive approach for possible intruders. Even in complete darkness, in perimeter areas where there is no additional lighting, thermal analytic cameras can pick up the presence of intruders, animals, or vehicles automatically based on their heat signatures. Intruder detection While thermal camera footage does not allow actual identification of intruders, it can still be used as evidence for insurance companies or law enforcers, especially when an intrusion pattern can be seen over different cameras. United VMS is FLIR’s enterprise-level software solution for video surveillance operations United VMS is FLIR’s enterprise-level software solution for video surveillance operations. The software is currently used at Harland and Wolff by four control room operators and eight managers, all of which have dedicated user rights. One of the strengths of the United VMS system is that it can connect with nearly any security camera on the market and that video streams and detection alerts can be presented on any screen, be it on a video wall, a PC, or a smartphone. United VMS But Harland and Wolff has been using United VMS for far more applications. “We also use the United VMS platform to monitor alarms coming from fire sensors on oil rigs, for example,” said Neill. “Another example is the detection of failed pumps on one of our drydocks. This information also comes in on United VMS, where we generate alarms and notify key staff in real time.” Harland and Wolff has indeed managed to make use of United VMS's flexibility and deploy it for much more than security applications only. "We are not in a static business," said Neill. "At Harland and Wolff, we are always taking on new challenges and solving new problems; FLIR’s United VMS platform helps us do that.” TruWITNESS mobile sensor technology Harland and Wolff will also make use of TruWITNESS, the latest mobile and wearable sensor technology from FLIR. TruWITNESS will allow guards on patrol to stream video directly to the control room in real time and from anywhere on the Harland and Wolff sites. Harland and Wolff needs to comply with a minimum security level imposed by the UK Department of Transport" Guards will be able to bookmark events so that incidents or irregularities can be reported and can be followed up more efficiently. In case of incidents, camera footage from the TruWITNESS wearable devices can be used as evidence. In addition, control room operators will be able to track members of staff via the United VMS and display their location on a map. Security technology advancements “Our yellow gantry cranes have become a national icon,” said Neill. “Unfortunately, this also means that they are an attractive target for political messages or, as in the past, terrorism. As a port facility, Harland and Wolff needs to comply with a minimum security level imposed by the UK Department of Transport. But in reality, we always exceed these requirements. We owe this to our continuous investments in security technology, which we also consider as a commitment to our customers.” Maybe this is what connects Harland and Wolff with FLIR. “As committed as we are to our customers, we expect the same from our suppliers as well,” said Neill. “As someone with a technical background, I have always been convinced of the quality of FLIR security products. But there will always be a time when you need to rely on technical support, and that’s where FLIR really makes a difference.”

Abu Dhabi is a major cultural and commercial centre in the United Arab Emirates (UAE), accounting for roughly two-thirds of the UAE’s economy. While oil and natural gas make up a large portion of its GDP, Abu Dhabi has positioned itself as a premiere tourist destination, with major investments in luxury resorts and business hotels. Consequently, public safety is a top priority — and FLIR Systems is playing a critical role in the city’s long-term safe city initiative. Recently, the Abu Dhabi Monitoring and Control Center (ADMCC) was tasked with integrating all public access cameras onto a single platform to provide fully uninterrupted coverage of the city. This is in compliance with the Safe City 2030 vision of His Highness Sheikh Mohammed bin Zayed Al Nahyan, Crown Prince of Abu Dhabi and President of the UAE. As part of this initiative, ADMCC launched the Falcon Eye project, where surveillance cameras and sensors would be installed across the city to enable real-time situational awareness, threat detection, data collection, data sharing among public safety organisations, and crime prevention. Updating video management system To manage such an extensive system under the Falcon Eye project, ADMCC needed to update its VMS softwareFalcon Eye expands Abu Dhabi’s existing surveillance system to thousands of license plate recognition cameras and surveillance cameras, with cameras equipped with video analytics and/or facial recognition capabilities. To manage such an extensive system under the Falcon Eye project, ADMCC needed to update its video management system (VMS) software. ADMCC sought a VMS that would provide enhanced image quality, as well as increased storage and integrity of streamed video. The VMS also needed to be able to incorporate current, emerging and future technologies, such as Big Data, cyber protection, smart cameras, analytics at the edge, and automated camera management. Additionally, ADMCC required a cost-effective VMS that would seamlessly integrate with the existing physical security management information (PSIM) without compromising any data or operations from subsystems. Reliable software solution for video surveillance Previously, ADMCC had a strong relationship with FLIR, having deployed an older FLIR United VMS version for several years. After careful research and evaluation, ADMCC chose to continue partnering with FLIR as the industry leader in advanced video solutions in the safe city sector. ADMCC selected the most recent FLIR United VMS release as its VMS for the Falcon Eye initiative. FLIR United VMS is a reliable, enterprise-level software solution for video surveillance supporting an unlimited number of cameras over IP networks. Complying with ONVIF Profile S, Latitude ensures greater compatibility between cameras and the VMS Part of FLIR’s award-winning United VMS platform, Latitude features enhanced cyber security protocols. Its distributed server architecture enables unlimited scalability, multi-site deployments and sophisticated network topologies. Latitude’s open platform functionality provides advanced edge device integration, bringing together hundreds of third-party technologies. Complying with ONVIF Profile S, Latitude ensures greater compatibility between cameras and the VMS. Integrating Latitude and PSIM solution ADMCC upgraded to the recent United VMS version in June 2017. With special support from the FLIR team, the integration of Latitude and ADMCC’s in-house PSIM solution was successfully completed without any data loss. Adding value to the integration was the presence of an in-house FLIR engineer, who provided insight and guidance throughout the process. “FLIR is considered one of ADMCC’s trusted vendors, delivering regular upgrades and specialist support to our operations when needed,” said His Excellency Saeed Al-Neyadi, Director General at ADMCC. “The on-site FLIR engineer provided an immeasurable value to ADMCC.” Ensures maximum integrity and reliability One of the defining characteristics of United VMS is its simplicity and easy user interface. United VMS offers simplified access in managing and controlling video operations for the support staff. For all safe city projects, the preservation and availability of data is paramount. United VMS ensures maximum integrity and reliability with exceptional failover, disaster recovery capabilities" “The use of actionable information through data collection is vital in running such a huge scale operation such as Safe City initiatives,” Mr. Khalfan Al Hassani (ICT Director) said. “United VMS ensures maximum integrity and reliability with exceptional failover, disaster recovery capabilities, and 24/7 redundant recording.” Day/night safety of city and residents ADMCC oversees one of the world’s leading safe city solutions that utilises license plate recognition, facial recognition, video analytics and video management from over 45,000 sensors spread across the Emirate. United VMS serves as the central operational platform for all data of this unified platform, providing an efficient combination of video software and server hardware. By utilising the state-of-the-art technologies and subsystems brought together by United VMS, ADMCC ensures the safety of the city and its residents at all hours of the day and night. “United VMS has given ADMCC a reliable, stable, robust and secure platform for the past six years,” said Al Hassani. “It underpins a custom PSIM solution that supports various government agencies in Abu Dhabi helping the city to be ranked the ‘Safest City in the World.’”

Driven by technology developments such as voice recognition, smart devices and the Internet of Things, our homes are getting “smarter” all the time. Increasingly, we expect our residential environments to be responsive to our voice commands, whether we are adjusting a thermostat, turning on a light, or lowering the window shade. Smarter home integration yields new opportunities and challenges for home security, too, which contributes an element of safety and protection to the convenience aspects of smart homes. We asked this week’s Expert Panel Roundtable: How are new smart home systems impacting security?

One impact of Chinese companies entering the physical security market has been an erosion in product pricing, creating what has been called the "race to the bottom". However, political forces and cybersecurity concerns have presented new challenges for Chinese companies. Adding cybersecurity increases costs, and the addition of more functionality to edge devices is another trend that has impacted product pricing. We asked this week's Expert Panel Roundtable: Has price erosion ended (or slowed down) in the security market? 

In the digital age, software is a component of almost all systems, including those that drive the physical security market. A trend toward hardware commoditisation is making the role of software even more central to providing value to security solutions. Software developments make more things possible and drive innovation in the market. We asked this week's Expert Panel Roundtable: How do software improvements drive physical security?