Network / IP security

Arecont Vision Costar, the pioneer in network-based video surveillance solutions, announces the addition of GT Reps, LLC to its Authorized Manufacturer’s Representative Program. GT Reps will deliver pre-sales support across the US Great Lakes Region, which includes the states of Ohio, Michigan, Kentucky, and Indiana. “We’re excited to add GT Reps to our sales organisation to broaden our coverage with skilled professionals,” said Kyle Parker, Vice President, Americas, Arecont Vision Costar. “We have a well-established and growing customer base throughout the territory that will benefit from the quality pre-sales support that GT Reps will bring to the territory.” Cost-effective infrastructure solutions Our customers will benefit from the company’s award-winning single-, dual-, and multi-sensor megapixel cameras"GT Reps is a manufacturer’s representative agency based in Avon Lake, Ohio. The company brings strong knowledge of emerging standards and technology improvements to assist and guide customers in choosing cost-effective infrastructure solutions for datacom and security that will perform to the highest standards. “GT Reps is pleased to add Arecont Vision Costar and their Total Video Solution to our product portfolio,” stated Leigh Taylor, Principal, GT Reps. “Our customers will benefit from the company’s award-winning single-, dual-, and multi-sensor megapixel cameras, cloud-enabled video management system and web services, and cloud-managed video recorders for even the most demanding surveillance needs.” Cyber-secure video surveillance offerings John Bujarski, Arecont Vision Costar’s Senior Sales Director, Eastern USA & Canada, agreed, “Leigh Taylor and the GT Reps team are already assisting customers and sales partners across the territory. We expect that they will be important members of the Arecont Vision Costar regional sales organisation by increasing our pre-sales coverage throughout the region for years to come.” Members of Arecont Vision Costar’s Manufacturer’s Representative Partner Program like GT Reps are focussed on bringing the industry’s best, cyber-secure video surveillance offerings to their assigned regions. Participants in the program extend the reach of Arecont Vision Costar by providing expert pre-sales assistance while interfacing with and educating customers, system integrators, and distributors on available solutions for even the most challenging video surveillance requirements.

Forescout Technologies, Inc., the pioneer in device visibility and control, announced insights from 75 real healthcare deployments with more than 10,000 virtual local area networks (VLANs) and 1.5 million devices contained within the Forescout Device Cloud, with a specific focus on 1,500 medical VLANs with more than 430,000 devices. Launched in July 2017, the Forescout Device Cloud is one of the world’s largest crowdsourced device repositories and now contains more than eight million devices from more than 1,000 customers who share anonymised device insights. Diverse and complex IT environments Our findings reveal that healthcare organisations have some of the most diverse and complex IT environments"“The Forescout Device Cloud provides us with game changing data from millions of devices around the world, and what we are releasing today is just the tip of the iceberg,” said Elisa Costante, head of OT and Industrial Technology Innovation at Forescout. “Our findings reveal that healthcare organisations have some of the most diverse and complex IT environments, which are compounded due to compliance risks. Every time a patch is applied, there is concern around voiding a warranty or impacting patient safety. These organisations are dealing with lifesaving devices and extremely sensitive environments.” Increased device intelligence The convergence of IT, IoT and OT makes it more difficult for the healthcare industry to manage a wide array of hard-to-control network security risks. IoT and OT devices are rapidly increasing in numbers, but traditional IT still represents the most vulnerable attack surface. Forescout uses the Device Cloud data to analyse more than 150 attributes per device to bring increased device intelligence and improved auto-classification to its customers. Forescout will leverage the increasing amount of data and intelligence gathered from the Device Cloud to generate future insights on the characterisation and risk posture of connected devices across industries. Forescout Device Cloud Report key findings: The most common devices on medical networks are still traditional computing devices followed by IoT devicesHealthcare OT increases attack surface The most common devices on medical networks are still traditional computing devices (53 percent) followed by IoT devices (39 percent), including VoIP phones, network printers, tablets and smart TVs. OT systems, including medical devices, critical care systems, building automation systems, facilities, utilities and physical security, comprise eight percent of the devices on medical networks. Within the OT device category, the three most common connected medical devices found were patient tracking and identification systems (38 percent), infusion pumps (32 percent) and patient monitors (12 percent). Considering the growing number of vulnerabilities in OT environments, we can see an increase in the attack surface in healthcare environments. Healthcare organisations riddled with devices running legacy Windows operating systems The report highlights that 71 percent of Windows devices within these healthcare deployments are running Windows 7, Windows 2008 or Windows Mobile, with Microsoft support planned to expire on January 14, 2020. Running unsupported operating systems poses a risk that may expose vulnerabilities and has the potential to impact regulatory compliance. Diversity of operating systems and vendor sprawl creates headaches Forescout’s research found that 40 percent of healthcare deployments had more than 20 different operating systemsThe diversity of device vendors and operating systems present on medical networks adds to the complexity and increases security challenges. Forescout’s research found that 40 percent of healthcare deployments had more than 20 different operating systems. When looking at the different types of operating systems found on medical VLANs, 59 percent were Windows operating systems and 41 percent were a mix of other variants, including mobile, embedded firmware and network infrastructure and many more. In addition, more than 30 percent of healthcare deployments had 100 or more device vendors on their network. Patching in healthcare environments, especially acute care facilities, can be challenging and require devices to remain online and available. Some healthcare devices cannot be patched, may require vendor approval or need manual implementation by remote maintenance personnel. Vulnerable protocols are leaving a door open Eighty-five percent of devices on medical networks running Windows OS had Server Block Messaging (SMB) protocol turned on, allowing uncontrolled access for attackers to get beyond the perimeter and move laterally. Device manufacturers sometimes leave network ports open by default — often unbeknownst to IT and security staff.

Mobile security provider Trustonic announces a partnership with Rubean AG, an established mobile security-focused fintech, and CCV, an European payment solution provider, to develop an mPOS solution that accepts higher value transactions by enabling hardware-protected PIN entry on a range of commercial off-the-shelf (COTS) smartphones. Using a smartphone as a mobile point of sale (mPOS) solution enables traders, small retailers and SMBs to save money on costly payment acceptance hardware, improve staff efficiency and increase customer satisfaction. Payment platforms and solution providers also benefit, as they can eliminate the costs associated with procuring and managing traditional POS terminals. The ease of adding new functionalities to smartphone apps will also shorten time to market for innovative new digital marketing and customer loyalty features. Software security technologies The platform includes Trustonic’s Trusted User Interface (TUI), which isolates and protects sensitive input The Trustonic Application Protection (TAP) platform protects mobile applications by securing sensitive code, data and processes in a heavily protected environment. The environment also constantly upgrades over the course of an app’s lifecycle to take advantage of the most advanced hardware and software security technologies available on smartphones. The platform includes Trustonic’s Trusted User Interface (TUI), which isolates and protects sensitive input and display interactions – like PIN entry – in app UIs. The TAP development toolkit enables developers to easily develop and deploy apps, delivering the best protection available whatever the user’s device. Through CCV’s server platform ‘acCEPT’, both payment intelligence and security-critical elements can be mapped to smartphones via an app, as the payment processing takes place predominantly in the secure PCI-DSS cloud. Payment terminal client Rubean protects, personalises and monitors CCV’s payment terminal client on smartphones in compliance with the payment schemes’ security requirements. As an essential part of Rubean’s infrastructure, TAP protects cardholder’ PIN entry, enabling higher-value transactions and increasing convenience for merchants and consumers. Ben Cade, CEO of Trustonic, says: “Using smartphones to make payments instead of your card is already widely adopted by consumers, and using the same devices as contactless mPOS terminals for merchants is one of the most exciting and disruptive trends in the payment technology space.” Multiple card networks The top payment schemes have supported the concept of a ‘smartphone-only’ payment terminal since 2017" “Using a TUI secured by a hardware-based Trusted Execution Environment is widely regarded as best practice for app-based mPOS implementations and, by using TAP, this is exactly what developers can achieve. This is nuanced security delivering simpler, richer and faster user experiences. We are committed to supporting the development of CCV & Rubean’s hardware-protected PhonePOS solution and its rollout on some of the world’s largest smartphone brands.” Hermann Geupel, CEO of Rubean AG, comments: “The top payment schemes have supported the concept of a ‘smartphone-only’ payment terminal since 2017. In response to increasing demand from banks and merchants, Rubean & CCV plan to launch a smartphone-only payment terminal with card PIN entry functionality with multiple card networks and partners throughout Europe. Trustonic’s TAP toolkit provides us with the most advanced and secure user interface for enabling secure PIN entry on COTS smartphones.”

Enterprises are challenged with security basics, according to Panaseer’s first Security Leader’s Peer Report. Data from an external survey of 200 enterprise security leaders, conducted by Censuswide, reveals concerns on visibility and access to trusted data, leaving organisations open to attack. Fuelling this issue is an inability to receive timely visibility across a multitude of installed security technologies. The vast majority (89%) of security leaders at large enterprises are struggling with visibility and insight into trusted data. Nearly a third (31%) are concerned that a lack of visibility will impact their ability to adhere to regulations. Complex and fragmented IT environments have compounded the visibility challenges for security teams. These issues are being exacerbated by the sheer number of security tools in use. On average, enterprise security teams are grappling to manage an average of 57.1 discreet security tools. Over a quarter of respondents (26.5%) claimed to be running 76+ security tools across their organisation. Understanding cyber security posture The survey results indicate that as well as obfuscating visibility, the security tools aren’t helping to make the organisation saferPanaseer, a Continuous Controls Management platform provider, commissioned the research and developed the report to get insight into the key challenges security teams face in understanding their true cyber security posture. The survey results indicate that as well as obfuscating visibility, the security tools aren’t necessarily helping to make the organisation safer. When asked about the key drivers for new security initiatives and tools, the majority (55%) are being driven by external factors, such as regulations and internal factors (32%), such as board driven initiatives. However, when asked how effective the current security tools were, nearly three quarters (70.5%) of security leaders admitted that they do not evaluate a security tool based on its impact on reducing cyber risk. More tools impair visibility Nik Whitfield, CEO, Panaseer: “Ultimately we are buying tools and not switching them on, because we lack visibility across security controls and technical assets. Buying more tools does not equate to enhanced security. Ironically, in many cases, they impair visibility and cause bigger headaches as they often integrate poorly, have overlapping functionality and gaps in coverage." Security leaders are having to direct their staff to spend an inordinate amount of time compiling manual reports To help overcome these visibility issues and satisfy requests for information from internal and external parties, security leaders are having to direct their staff to spend an inordinate amount of time compiling manual reports, across their large number of discreet tools. This has resulted in security teams now spending over a third of their time (36%) manually producing reports.  Time wasted in manual reporting When asked how they spend manual reporting time, the biggest task is formatting and presenting data (38.46%), followed by moving data (34.62%) across spreadsheets. 70% of security teams use manually compiled data for reporting to the Board, 57% claim they send manual reports to regulators and half (50%) said that they shared manually collated reports with auditors. Nik Whitfield continues: “Manual reporting creates a huge overhead for the business. It also means that during a cyber skills shortage, we have specialist staff wasted doing very basic work. Manual reports are so prone to error, as they can only give a single snapshot in time and are then out of date almost immediately. Automation is an opportunity to enable greater speed, error reduction and crucially enhanced visibility.”

DW (Digital Watchdog) Complete Surveillance Solutions, globally renowned manufacturer of digital video recorders, surveillance cameras and management software solutions, has announced the release of our new 5MP complete Universal HD over Coax (UHDoC) surveillance solution. The new products include 5MP Star-Light Plus color in ultra-low-light UHDoC cameras, VMAX A1 Plus UHDoC digital video recorders (DVR) and C3 CMS, a brand new remote management software for DW’s VMAX A1 Plus DVRs and VMAX IP Plus NVRs. The complete solution and individual products are ideal for users looking to discover new ROI by utilising their existing coaxial infrastructure and upgrade to HD multi-megapixel resolution image quality. Star-Light Plus Universal HD over Coax cameras 5MP Star-Light Plus Universal HD over Coax cameras offer image enhancement features such as Star-Light Plus ultra-low-light technology for clear color or monochromatic images in almost zero light, true WDR and Smart DNR 3D digital noise reduction. The new cameras come in a variety of housing options, including new vandal ball cameras with true 90° field-of-view angles and zero IR distortion. All DW Universal HD over Coax cameras are engineered to work with our new VMAX A1 Plus Universal HD over Coax DVRs to easily get new ROI from existing coaxial infrastructure.  The DVR’s powerful capabilities are easily managed with an intuitive and simple-to-operate User Interface A VMAX A1 Plus DVR can record cameras with up to 5MP resolution, including 1080p video at real-time 30fps. The DVRs simplify camera installation and adjustment through Up the Coax (UTC) remote configuration, available with all compatible cameras. The DVR’s powerful capabilities are easily managed with an intuitive and simple-to-operate User Interface. Unique and dynamic features include P2P Pathfinder remote connection, camera event group recording, auto channel signal swap and live system monitoring. VMAX A1 Plus DVRs The VMAX A1 Plus DVRs can be controlled remotely via a built-in web server, our new powerful and easy-to-use C3 CMS software, DW mobile apps including the new state-of-the-art DW Mobile Plus app for iOS and Android smartphones or tablets, as well as on Apple TV with the DW Site Viewer app. The VMAX A1 Plus models are available with up to 20TB of storage. The C3 client and event server make up a remote management software suite for DW VMAX A1 Plus and VMAX IP Plus embedded recording solutions. It provides users a powerful and easy-to-use new way to monitor a system from anywhere. Full-featured yet lightweight, the software delivers simultaneous live views and playback of recorded video. The C3 client and versatile event management software support hundreds of devices simultaneously. C3 CMS provides actionable information in real-time, helping users to make more informative decisions as events happen. HD video over coaxial infrastructure “HD video over coaxial infrastructure is one of the fastest growing segments in the video surveillance industry,” said Mark Espenschied, Director of Marketing, DW. “DW makes it easy to breathe new life into that investment in cabling by swapping recorders and cameras for an instant HD upgrade. Our development of the C3 software has made it possible for us to offer powerful remote management features at no charge for which users would expect to pay a premium.”

The TH9 has now added 800MHz to its band portfolio of operation. The 800 MHz version was presented to the public during the opening day of Critical Communications World exhibition in Kuala Lumpur on the 18th June. TH9 Tetra radio The TH9 is a renowned Airbus Tetra radio for field use and specially designed for mission critical users such as police forces and security staff whom require rugged radios for their daily operations. This robust radio allows sharp, powerful and stable secure communication between users. Thanks to the integration of a global navigation satellite system (GNSS) receiver supporting the Beidou positioning system, the TH9 is prepared for positioning technologies used in Asian markets. The enhanced global navigation satellite system allows users to benefit from accurate and autonomous geo-spatial positioning. Ideal for mission critical operations Further to its demonstrated success on 380-430 MHz band, Airbus’ TH9 is now equally available for the 800 MHz band. The latter will allow the customers using this frequency band to benefit from the added value that the radio can bring to mission critical operations such as excellent radio performance, high audio quality, and long battery autonomy.

In the next three years, software as a service ‘SaaS’ is likely to grow by around 23%. That’s according to reports by Cognizance. It’s growth rests on the adoption of cloud public, private and hybrid. Without the cloud applications can’t truly pervade an organisation, nor can operational or customer benefits be derived. But there’s no point in adopting the cloud if it’s not secure - the proliferation of SaaS demands security, none more so in a GDPR world. Large cloud environment But modern applications are difficult to secure. SaaS based, web, mobile, or custom made all work on different platforms and frameworks. It’s a headache managing all the APIs needed to automate and sync tools. This introduces risk. The greater the number of apps the broader the attack surface and therefore the greater the chance there will be blind posts. Keeping up to date with updates and new security policies is never easy There are also added hazards. Applications are always changing. Keeping up to date with updates and new security policies is never easy, but especially hard in a large cloud environment. Failure to adopt changes puts the organisation and customers at further risk. But the biggest obstacle is keeping applications and APIs out of harm’s way. It’s a near on impossible task when attack methods and sources are constantly changing. More advanced threats To be specific there are four emerging challenges when it comes to protecting apps. Firstly, managing the good and the bad bots and spotting which is which, secondly securing APIs as IoT adoption intensifies, thirdly the relationship between securing apps and DevOps and ensuring ownership of security, and finally denial of service attacks that use newer tactics such as brute force. Basic security hygiene dictates that security teams refer to the OWASP Top 10. It’s considered the ‘ten commandments’ in security circles, providing a starting point for ensuring the most common threats and vulnerabilities are managed, detected and mitigated. Web Application Firewalls also come into the fray with guidance on testing for the ways hackers exploit vulnerabilities. However, though the basics are good to have in place, there are always more advanced threats to take care of. Bots being a big one. Bot management The more sophisticated bots will go as far as to mimic human behaviourAstonishingly about half of internet traffic is bot generated. Half of it is from bad bots. Discerning the good from the bad isn’t easy though and explains why around 80% of organisations can’t make a clear distinction between the two. Bad bots can do a lot of damage like take over user accounts and payment information, scrape confidential data, or hold up inventory and skew marketing metrics. The more sophisticated bots will go as far as to mimic human behaviour and bypass tools like CAPTCHA and even device fingerprinting based protection ineffective. Securing APIs Then there’s the complications derived from machine-to-machine and internet of things (IoT) communications. The more integrated ‘things’, the more data there is, the more events there are report on, and the more activity there is reliant on APIs to make the ‘things’ useful and agile. That’s what makes them a target and the threats to API vulnerabilities include injections, protocol attacks, parameter manipulations, invalidated redirects and bot attacks. There’s the risk that business will grant access to sensitive data, without inspecting nor protecting APIs to detect cyberattacks.   There’s the risk that business will grant access to sensitive data, without inspecting nor protecting APIs to detect cyberattacks Denial of service (DoS) You might think there’s little to add to the swathes of denial of service warnings. Yet when businesses are still being targeted and feeling the ill effects it’s worth mentioning again that different forms of application-layer DoS attacks are still very effective at bringing application services down. Even the greatest application protection is worthless if the service itself can be knocked down This includes HTTP/S floods, low and slow attacks (famous examples being Slowloris, LOIC, Torshammer), dynamic IP attacks, buffer overflow, Brute Force attacks and more. The IoT botnets are the culprits and have made application-layer attacks so popular that they have become the preferred DDoS attack vector. Even the greatest application protection is worthless if the service itself can be knocked down. Continuous security It may seem easy to say but for modern DevOps, agility is valued at the expense of security. We see time and again examples of where development and roll-out methodologies, such as continuous delivery, mean applications are exposed to threats each time they are modified. There’s no doubt it is extremely difficult to maintain a valid security policy and protect sensitive data in dynamic conditions without creating a high number of false positives. But we now find that this task has gone way beyond the capability of humans. Organisations now need machine-learning based solutions that map application resources, analyse possible threats, and create and optimise security policies in real time. Reaching this level in security planning should be a big wake-up call that security automation is an essential not a nice to have. Running security plans The board needs to know that investment is critical to protect their profits It’s critical that the security solution your company adopts protects applications on all platforms, against all attacks, through all the channels and at all times. The board needs to know that investment is critical to protect their profits. As such there are six things they need to know: Application security solutions must encompass web and mobile apps, as well as APIs. Bot management solutions need to overcome the most sophisticated bot attacks. DDoS mitigation must be an essential and integrated part of application security solutions. A future-proof solution must protect containerised applications, severless functions, and integrate with automation, provisioning and orchestration tools. To keep up with continuous application delivery, security protections must adapt in real time. A fully managed service should be considered to remove complexity and minimise resources. No amount of human power will beat the bots. That last point is the most critical. Skill is essential in designing and running security plans and policies that work. But the plans can’t be executed without automated tools. There are just too many decisions to make in a split second. Combining both is the path to an effective app protection strategy and a stronger brand to boot.

Edge devices (and edge computing) are the future. Although, this does seem a little cliché, it is the truth. The edge computing industry is growing as quickly as technology can support it and it looks like we will need it to. IoT global market The IoT (Internet of Things) industry alone will have put 15 billion new IoT devices into operation by the year 2020 according to a recent Forbes article titled, “10 Charts That Will Challenge Your Perspective of IoT’s growth”. IoT devices are not the only edge devices we have to deal with as the total number of connected edge devices includes the likes of devices like security devices, phones, sensors, retail sales devices, and industrial and home automation devices. The IoT (Internet of Things) industry alone will have put 15 billion new IoT devices into operation by the year 2020 The sheer number of devices begins to bring thoughts of possible security and bandwidth implications into perspective. The amount of data that will need to be passed and processed with all of these devices will be massive. There needs to be consideration taken by all business owners and automation engineers into how this amount of data and processing will be conducted. Ever-expanding edge devices market As the number of edge devices in the marketplace and their use among consumers and businesses rises, the need to be able to handle the data from all of these devices is no longer going to be suitable for central server architectures. We are talking about hundreds of billions and even trillions of devices. According to IHS Markit researchers’ study, there were 245 million CCTV cameras worldwide. One has to imagine there are at least 25% of that many access control devices (61.25 million devices) based on a $344 million market cap also calculated by IHS Markit’s researchers. If all the other edge devices mentioned earlier are considered then one can see that trying to route them all through servers for processing is going to start to become difficult if it hasn’t already, -which arguably it already has, as is evidenced by the popularity of cloud-based solutions amongst those businesses that already use a lot of edge devices or are processing a lot of information on a constant basis. Cloud computing The question is whether cloud computing the most effective and efficient solution as the IoT industry grows The question is this; is cloud computing the most effective and efficient solution as the IoT industry grows and the amount of edge devices becomes so numerous? My belief is that it is not. Taking the example of a $399 USD device that is just larger than the size of a pack of cards and runs a CPU benchmarked at the same level as a mid-size desktop. This device has 8GB RAM and 64GB EMMC built-in and a GPU that can comfortably support a 4K signal at 60Hz with support for NVMe SSDs for add-on storage. This would have been unbelievable five years ago. As the price of edge computing goes down, which it has done in a dramatic way over the last 10 years (as can be seen with my recent purchase), the price to maintain a central server that can perform the processing required for all of the new devices being introduced to the world (due to the low cost of entry for edge device manufacturers) becomes more expensive. This introduces the guarantee that there will be a point where it will be less expensive for businesses, and consumers alike, to do the bulk of their processing at the edge as opposed to in central server architectures. Cloud computing is now being overtaken by edge computing, the method of processing data at the edge of the network in the devices themselves Edge computing There are a plethora of articles discussing and detailing the opposition between the two sides of the computing technology coin, cloud computing and edge computing. The gist of it is that “cloud computing” was the hot new buzzword three years ago and is now being overtaken by “edge computing.” The truth is that cloud computing is a central server architecture hosted at someone else’s location. Edge computing is going to be a necessary development in the technology industry Edge computing is the method of processing data at the edge of the network (in the devices themselves) and allowing for less resources required at a central location. There is certainly a use case for both, however the shift to edge computing amongst the general public and small to mid-sized businesses will not be a surprise to those players, who have been paying attention.  One article titled, “Next Big Thing In Cloud Computing Puts Amazon And Its Peers On The Edge” by Investor’s Business Daily takes the stance that edge computing is going to completely displace centralised cloud computing and even coins the phrase, “Cloud computing, decentralised” to explain edge computing. It speaks for the stance that most experts in technology seem to be taking, including Amazon Web Services’ VP of Technology, Marco Argenti according to the same article. We know that edge computing is going to be a necessary development in the technology industry, and it is happening as I write this, and quickly at that. Cost efficiency of edge processing As time goes on, the intersection between the prices of network bandwidth, edge processing and maintaining super powerful central servers will cause edge processing to be the most efficient and cost-effective way to maintain a scalable network in any environment, including datacenters. Owning a central server or utilising edge computing become the better options As it currently stands, most residential users can only achieve a 1Gbps WAN (internet) connection, and small to medium-sized business can’t get much more but seem to get much less, based on my personal experience. When more than 1Gbps needs to be processed, cloud computing becomes very expensive at which point, owning a central server or utilising edge computing become the better options. Then you look a total cost of ownership and when the cost of edge computing is less expensive than the cost of maintaining central server architectures, edge computing becomes the single best option. So, I’ll say it again, edge devices (and edge computing) are the future.

Where are video surveillance cameras headed? At the core of next-generation Internet Protocol (IP) cameras are advanced chips with artificial intelligence (AI) at the edge, enabling cameras to gather valuable information about an incident: scanning shoppers at a department store, monitoring city streets, or checking on an elderly loved one at home. Thanks to advanced chip technology, complex analytics operations are becoming more affordable across the full spectrum of surveillance cameras —professional to consumer — fueling the democratisation of AI in the IP camera market. Complex analytics operations are becoming more affordable across the full spectrum of surveillance cameras Expanding the global IP camera market  The video surveillance equipment market grew to $18.5 billion in 2018 and is expected to increase this year, according to IHS Markit. The latest research points to video everywhere, edge computing, and AI as the top technologies that will have a major impact in both commercial and consumer markets in 2019. Computing at the edge means that the processors inside the camera are powerful enough to run AI processing locally, while still encoding and streaming video, and are able to do it all at the low-power required to fit into the limited thermal budget of an IP camera. New SoC chips will be able to perform all of the processing on camera and provide accurate AI information, with no need to send data to a server or the cloud for processing. Instead, data can be analysed right in the camera itself, offering high performance, real-time video analytics, and lower latency — all critical aspects of video surveillance. This new AI paradigm is made possible by a new generation of SoCs, a key driver behind the market growth of IP cameras. Complex analytics operations are becoming more affordable across the full spectrum of surveillance cameras to fuel the advent of AI in the IP camera market Micro-processor-enabled video analytics Next-generation video cameras will be able to create heat maps of stores to see where people spend the most time Microprocessor-enabled analytics allow users to more easily extract valuable data from video streams. How about an insider’s view into retail customer behavior? Consider video cameras at a department store, monitoring shoppers’ behavior, traffic patterns, and areas of interest. Next-generation cameras will recognise how long a shopper stays in front of a specific display, if the shopper leaves and returns, and if the shopper ultimately makes a purchase. Next-generation video cameras will be able to create heat maps of stores to see where people spend the most time, so retailers will be able to adjust product placement accordingly. Analytics will also help identify busy/quiet times of the day, so retailers can staff accordingly. By understanding customers’ behavior, retailers can determine the best way to interact with them, target specific campaigns, and tailor ads for them. Cue the coupons while the shopper is still onsite! Analytics will also help identify busy/quiet times of the day, so retailers can staff accordingly Fast processing for rapid response at city level City surveillance and smart cities are depending on advanced video surveillance and intelligence to keep an eye on people and vehicles, identify criminals, flag suspicious behavior, and identify potentially dangerous situations such as loitering, big crowds forming, or cars driving the wrong way.Quick local decisions on the video cameras are also used to help analyse traffic situations Quick local decisions on the video cameras are also used to help analyse traffic situations, adjust traffic lights, identify license plates, automatically charge cars for parking, find a missing car across a city, or create live and accurate traffic maps. Real-time HD video monitoring and recording When it comes to home monitoring, what will next-generation video surveillance cameras offer? Real-time monitoring and notification can detect if a person is in the back yard or approaching the door, if there’s a suspicious vehicle in the driveway, or if a package is being delivered (or stolen). Advanced video cameras can determine when notifications are and aren’t required, since users don’t want to be notified for false alerts such as rain, tree branches moving, bugs, etc. Next-generation video camera capabilities can also help monitor a loved one, person or pet, helping put families at ease if they are at work or on vacation. For example, helpful analytics may be used to detect if someone has fallen, hasn’t moved for a while, or does not appear for breakfast according to their typical schedule. City surveillance and smart cities are depending on advanced video surveillance and intelligence to keep an eye on people and vehicles, identify criminals, flag suspicious behavior, and identify potentially dangerous situations Next-gen IP cameras When evaluating next-generation IP cameras (cameras on the edge), look at the brains. These cameras will likely be powered by next-generation SoCs chips. Here is what this means to you:       Save on network bandwidth, cloud computing and storage costs. There is no need to constantly upload videos to a server for analysis. Analysis can be performed locally on the camera, with only relevant videos being uploaded. Faster reaction time. Decisions are made locally, with no network latency. This is critical if you need to sound an alarm on a specific event. Privacy. In the most extreme cases, no video needs to leave the camera. Only metadata needs to be sent to the cloud or server. For example, the faces of people can be recognised in the camera and acted upon, but the video never reaches the cloud. The cameras can just stream a description of the scene to the server “suspicious person with a red sweater walking in front of the train station, has been loitering for the last 10 minutes, suggest sending an agent to check it out.” This could become a requirement in some EU countries with GDPR rules. Easier search. Instead of having to look through hours of video content, the server can just store/analyse the metadata, and easily perform searches such as “find all people with a red sweater who stayed more than five minutes in front of the train station today.” Flexibility/personalisation. Each camera at the edge can be personalised to work better for the specific scene it is looking at, compared to a generic server. For example, “run a heat map algorithm on camera A (retail) as I want to know which sections of my store get the most traffic; and run a license plate recogniser on camera B (parking lot) as I want to be able to track the cars going in/out of my parking lot.” No cloud computing required. For cameras in remote locations or with limited network bandwidth, users have the ability to perform all analytics locally, without relying on uploading video to a server/cloud. Higher resolution/quality. When AI processing is performed locally, the full resolution of the sensor can be used (up to 4K or more), while typically the video streamed to a server will be lower resolution, 1080p or less. This means more pixels are available locally for the AI engine so that you will be able to detect a face from a higher distance than when the video is streamed off camera. AI at the edge Professional-level IP cameras capable of performing AI at the edge are coming soon with early offerings making their debut at this year’s ISC West. As we enter 2020, we will begin to see the availability of consumer-level cameras enabling real-time video analytics at the edge for home use. With rapid technology advancement and increased customer demand, AI is on the verge of exploding. When it comes to image quality and video analytics, IP cameras now in development will create a next-generation impact at department stores, above city streets, and keeping an eye on our loved ones.

Krowd is an app that connects people together based on geography; that is, if they are at the same place at the same time. Users sign into the app using the local WiFi, identify themselves by username, and are placed immediately in a group chat comprising anyone else at the location who has signed into the app. An enhancement of the Krowd app, known as Krowdsafe, leverages the technology to achieve and promote security and safety. Specifically, Krowdsafe enables users to interact directly with security personnel at a public place to report any crimes or security infractions and to enable rapid response. Think of it as “crowdsourcing” security – the app provides more eyes and ears to keep a venue safer. In effect, it enables each of its users to be an extension of the security presence at a venue or event. Krowdsafe improves crowd resilience. “Crowdsourcing” security – the app provides more eyes and ears to keep a venue safer Krowdsafe security app Krowdsafe also opens a channel of communication for the security team to provide ad-hoc security information reminders or messages. Krowdsafe can be used at a variety of venues, including stadiums, transport hubs, office blocks, retail malls, college campus and major events organisers. The app does not access identities, violate privacy, or track the movements of users. Other app users only know the information fellow users disclose. Still, group chats, one-on-one engagement, and other social media interactions can ensue, whether about a favourite football team or the excitement of a rock concert. The system fosters digital engagement that centers around a physical space. Krowdsafe applies those capabilities to promoting better security. Enhancing crowd safety and management The elements of Krowdsafe beat out 67 competitors to win the Defence & Security Accelerator Competition to Innovate Crowd Safety, launched by the UK Home office after terror events in 2017. Key areas of interest in the competition were to improve the detection of threats from explosives and weapons within a range of crowded places with high footfall and so reduce the chance of future attacks. Krowdsafe provides a prioritised, readily accessible and simple way for members of a crowd to communicate with a security team charged with keeping them safe. The £250,000 government award has helped the product move forward commercially at a faster pace. Krowdsafe app does not access identities, violate privacy, or track the movements of users Krowdsafe users can tap a red button, prominent on the Krowd app, that says “Report.” They may then choose from a listing of common threat types – from suspicious activity or unattended activity to medical emergency or fire services. The list is configurable by venue and corresponds to any specific threat models. The list corresponds to the nature of any situation security wants to address, such as “anti-social behavior” at a football club. Users in the crowd can anonymously report racist chanting, for example. In a children’s sporting event, the app can be used to facilitate lost-and-found children. If a child gets lost, a user can share a photo with the security team, who can alert the “public” (other Krowdsafe users) and find the child within minutes or seconds. Encrypted identifier code A user taps the “Report” button, selects an issue, and an alert goes directly to the security team A user taps the “Report” button, selects an issue, and an alert goes directly to the security team, who can respond because they have the encrypted identifier code from which the message came. For that point, the security team communicates one-on-one with the user, who can then choose to share their current location with the security team to facilitate response. (The “legitimate interest” of knowing the location negates any privacy concerns.) Once location is enabled, the security team can follow the precise positioning of threats on a map, using GPS and other technologies, or even on a three-dimensional digital map of a multi-story building. Another security benefit of Krowdsafe is prevention. Event organisers and venue managers can promote the use of Krowdsafe on posters or in announcements throughout the venue. Additional eyes and ears are the equivalent of CCTV coverage on every inch of a venue and use of the system makes the environment more hostile to mischievous, malicious and/or terrorist activity. In effect, bad guys will go somewhere else. Enhancement to Krowd app Krowdsafe is an enhancement to the Krowd app, which has been around for a couple of years and is available in app stores for iOS and Android. The app approximates in the digital world the experience of being a stranger in the crowd in the real world. Users can join a conversation based on their username, and then disclose to the crowd whatever they wish (or not). Event managers/organisers can promote hashtags to help identify others in the crowd (such as #ManUnited to identify fans of the same football team). In general, users can identify themselves (voluntarily) according to common interests using hashtags.  “Krowd is a group chat that connects people together at the same place at the same time in a group, but without anyone having to disclose personal information,” says Geoff Revill, Managing Director, Krowdthink Ltd. “You have a digital presence in the same place with other people at the same time.” Wireless connectivity Users connect initially into the system through WiFi, access to which serves to approximate presence at a venue Users connect initially into the system through WiFi, access to which serves to approximate presence at a venue. Once someone signs in, information about them is merely a grouping of “hash” numbers, which are used to identify them as they communicate with others in the location. However, the “hashing” cannot be hacked to find a user’s location, thus ensuring greater privacy. Because Krowd does not collect personal data (which is a revenue source for most social media companies), the company generates revenue by providing the service to venue owners who wish to interact with and manage a crowd. Data security Location data is considered sensitive under General Data Protection Regulation (GDPR), and tracking locations can help to identify where someone lives, works, who they associate with, etc. By not tracking location, Krowd avoids the related privacy issues. After initially signing in on WiFi, Krowd communications can also use 2G, 3G and other cellular networks in addition to WiFi. Addressing privacy concerns is essential to encouraging involvement in the Krowd app, and in Krowdsafe. “If you want people to participate in keeping the crowd safe, you have to get their trust and respect them, that’s a building block behind the behavioral science,” says Revill. By not tracking location, Krowd avoids the related privacy issues Privacy protection Because Krowd users remain anonymous (except for the information they choose to share), user data is not collected (and/or sold or used for future marketing purposes). Krowd’s paying customers are event venues and public places that provide the Krowd service and can promote their commercial messages or provide other information to their populations while on site. Krowdsafe can provide immediate security benefits to a venue. Even if only 25 staff members use the app in a given location, for example, that’s 25 more sets of eyes and ears to help the security department. In a retail mall, if the staffs of 200 tenant businesses use the app, that’s another 500 or so people watching out for security. Among the general public, use of the app can be promoted in customer newsletters, or by posting group discussions on big screens around a venue. Wide marketing scope It enables members of a crowd to report any broken doors, water leaks or blocked toilets Security is a secondary benefit for some Krowd users, who are drawn to the app because of marketing opportunities, such as the ability to provide discounts or promotional offers to customers while they are on site. The app also encourages social media interaction, while maintaining the venue’s ability to “manage” the crowd by moderating any discussions. The Krowd app also provides management benefits to a venue. For example, it enables members of a crowd to report any broken doors, water leaks or blocked toilets. In general, the app helps to promote a better brand experience for the customer. Incident management One of the UK government’s concerns about Krowdsafe was its possible use by terrorists or other to cause incidents in a public venue. Think of the case of Olly Murs, a U.K. singer, whose mistaken tweets about hearing gunshots caused a brief panic at a department store on a busy shopping day. Might Krowd be uses similarly by a terrorist or other evil-doer to cause chaos or a distraction? No, says Revill, who points to a higher level of control over content exchanged in Krowd versus Twitter, for example. The security team can censor content or limit its propagation. They can also disable or block a user from communicating on the app. Messages containing dangerous or troubling content, such as racist terms, can trigger alerts to enable security teams to respond quickly.

As political winds present new challenges for Chinese companies doing business in the U.S. market, the countdown is under way to implementation of a ban on sale of Chinese manufacturers’ video surveillance products to the Federal government. Some good news is a delay enacting the wider-reaching “blacklist” aspects of the ban. Meanwhile, possible sanctions to prevent U.S. manufacturers from selling components to Chinese companies are posing immediate public relations difficulties – and the possibility of eventual more tangible ones. Chinese ban imposed by U.S. government The “Chinese ban” provision [[Paragraph (a)(1)(a) of section 889 of Title VII of the National Defense Authorisation Act (NDAA) for FY 2019] prohibits Federal government procurement of “equipment, systems, or services provided by specified entities.” The “specified entities” are Huawei Technologies Co., ZTE Corp., Hytera Communications Corp., Hangzhou Hikvision Digital Technology Co. and Dahua Technology Co. Hikvision and Dahua are two of the largest manufacturers of video surveillance equipment, and Huawei manufactures HiSilicon chips widely used in video cameras. NDAA specifies that the ban be implemented within a year of the law taking effected The “Chinese ban” provision is an open Federal Acquisition Regulations (FAR) Case, and a proposed FAR draft rule is due in early June. NDAA specifies that the ban be implemented within a year of the law taking effected (signed by President Trump on August 18, 2018). Blacklisting integrators that sell Chinese products Implementation of a “blacklist” provision has been spun off into a separate FAR Case, and enactment has been delayed allowing time for public comments on its ramifications. The provision [Paragraph (a)(1)(B) of section 889 of Title VII of the National Defense Authorisation Act (NDAA) for FY 2019] addresses “entities that use covered equipment.” As it relates to the video surveillance market, this provision has been interpreted to mean, for example, that an integrator that sells Hikvision equipment to anyone (e.g., to a small retailer) would be banned even from selling non-Hikvision equipment to the U.S. government or ‘recipients of Federal loan or grant funds.’ Obviously, this represents a broader impact on the industry compared to the Chinese equipment sale ban. The government’s stated reasons for the delay include concern about a dramatic reduction in the available industrial base Reduction in available industrial base The government’s stated reasons for the delay include concern about a dramatic reduction in the available industrial base (including small business suppliers), who will no longer be able to sell to the government, either because their non-government business is more valuable, or due to the cost of the potential regulatory burdens associated with compliance. Another concern is that Federal grant recipients in rural areas may be ‘disproportionally impacted … due to the limited number of market options in rural areas.’ The delay will allow time for a public meeting to solicit input on the proposed rulemaking The delay will allow time for a public meeting to solicit input on the proposed rulemaking. In fact, the Department of Defense (DoD), General Services Administration (GSA) and NASA (National Aeronautics and Space Administration) are hosting a public meeting on July 19 from 9 a.m. to 3 p.m. at the Department of Interior (DOI) Auditorium in Washington, D.C. Interested parties may also attend virtually via the Internet. NDAA ban on Chinese technology, equipment Furthermore, a proposed rule of implementation will be published, followed by a second public meeting. The Office and Management and Budget will solicit feedback on proposed changes to existing grants and loans and consider public comments and feedback prior to finalising changes. The White House has sent a legislative proposal to Congress to "adjust certain implementation deadlines to allow for additional stakeholder engagement." The Federal Acquisition Security Council would be tasked with submitting a report “containing a discussion and recommendations regarding any changes required for effective implementation of that section.” Do these processes represent hope for leniency? Hikvision targeted in ban The NDAA ban is one of several issues facing Chinese companies in the U.S. market The NDAA ban is one of several issues facing Chinese companies in the U.S. market. Another is snowballing backlash about the involvement of surveillance companies in human rights abuses at detention camps in the Xinjiang region of China. For example, a number of Congressmen and Senators have sent a letter asking the U.S. State Department and Treasury to impose sanctions, export controls and financial disclosures to counter the human rights abuses. In response, Hikvision has retained human rights expert and former U.S. Ambassador Pierre-Richard Prosper to advise the company regarding human rights compliance. According to a company spokesperson: “Hikvision takes these concerns very seriously and has engaged with the U.S. government regarding all of this since last October.” (See Hikvision USA’s full statement here.) Furthermore, Hikvision expressed optimism at the ISC West trade show.  The Trump administration has also singled out Hikvision and is considering seeking limits on the video surveillance giant’s ability to buy American technology, similar to a ban already implemented against chipmaker Huawei. HiSilicon chips, manufactured by Huawei, currently run millions of security cameras across the United States, and several video camera manufacturers are rethinking their use of HiSilicon chips in wake of the ban.

While most security teams are focused on preventing malicious outsider attacks, recent data suggests that close to 30 percent of confirmed breaches today involve insiders. Today’s increasingly complex networks across physical, information technology (IT) and operational technology (OT) systems make it difficult for security teams to detect and prevent insider threats. This is compounded by the proliferation of data, devices, applications, and users accessing networked resources. Rising insider malicious attacks threat As the threat landscape evolves rapidly, CISOs need to step up their game According to the 2017 U.S. State of Cybercrime Survey, 50 percent of organisations experience at least one malicious insider incident per year. And the Verizon 2018 Data Breach Report found that close to 30 percent of confirmed breaches today involve insiders. In August 2018, a tragic crash involving a Seattle airplane stolen by an employee raised awareness for the need for physical insider threat awareness (as well as more psychological screening before employment). As the threat landscape evolves rapidly, CISOs need to step up their game, says Aamir Ghaffar, Director of Solutions Engineering at AlertEnterprise. They should implement security controls that protect their company’s people, physical assets, data, intellectual property, and reputation both inside and out. And they need to do it while simultaneously satisfying industry compliance requirements. In response to our questions, Aamir Ghaffar offered some additional insights on the timely topic of insider threats. Q: We are hearing discussion about the emergence of cyber-physical security systems. What are they and how do they help organisations address insider threats? Threats now originate not only in the physical space but also in cyber environments Ghaffar: The concept of convergence has evolved in response to risk and the overall threat landscape. Threats now originate not only in the physical space but also in cyber environments – this is what is commonly referred to as blended risk. These blended risks require a converged approach and a converged view of security as a whole; connecting data, building new capabilities and gaining new insights to allow security teams to better defend against attacks. Q: How are organisations responding? Ghaffar: They are shifting towards centralisation – from the security operations center all the way to the executive level, where one C-Suite executive manages all security across physical, IT and OT domains. According to Gartner by 2023, 75% of organisations will restructure risk and security governance to address new cyber-physical systems (CPS) and converged IT, OT, Internet of Things (IoT) and physical security needs, which is an increase from fewer than 15% today. Q: How does the shift impact insider threats? Ghaffar: Unifying cyber and physical unlocks powerful new capabilities. For example, cyber-physical teams faced with a threat such as an intrusive device planted within their network environment, can quickly connect the cyber footprint to a physical location – understanding where the threats originate and identify those responsible for bringing it in. Converging physical and cyber identity through platforms that connect physical access control, IT and OT systems is an example of how organisations can better prepare for blended security threats An AI-enabled automated system is the most practical and human error-proof solution today Q: How is AI being used to protect against insider threats? Ghaffar: With increased security convergence we are now collecting such a large volume of data that relying on manual detection of insider or external threats is no longer a viable solution. An automated system, powered by artificial intelligence used with digital identities, is now the most practical and human error-proof solution today. AI and machine learning (ML) technology helps organisations map complex patterns of user behavior, process tens of millions of events within seconds to detect threats in near-real-time and respond swiftly. This benefits security operations personnel to go from distraction to action, allowing them to focus on what really matters, which are their most critical security events. Q: Sometimes the threat is about human error. Oftentimes we think the most harmful insider threats are intentionalGhaffar: Oftentimes we think the most harmful insider threats are intentional; however, unintentional user behavior and negligence could have serious ramifications for an organisation. Organisations should deploy technology that delivers automation and active policy enforcement to prevent employees from making inadvertent yet critical errors. Organisations should also do regular risk assessments – not one and done. Don’t implement a process and think you’re secure. Automated identity and access management technology can provide scheduled access reviews to help detect high-risk user profiles with accumulated or a toxic combination of access, as well as segregation of duties violations due to department change or job transfers. Q: What are the biggest misconceptions about insider threats? Ghaffar: First, that the biggest threats originate outside my company. Or that insider threats are a problem for government agencies and highly sensitive organisations, not “regular” companies like us. A company may also mistakenly think that they have limited assets that could be exposed, or that the assets are of little value; therefore, a large-scale breach is less likely to happen. And even if it does, it probably won’t have a big impact. Risk management leaders should start by developing a compelling visionQ: So, they think “it can’t happen here.”? Ghaffar: Yes, and they think their employees are inherently trustworthy, and that with basic security measures in place, the risk is small. They think that insider threats are always intentional. Or they think “it’s not my job.” Q: What next steps should security leaders take in addressing insider threats in their organisation? Ghaffar: Security and risk management leaders should start by developing a compelling vision and strategy that will resonate with key company stakeholders. They can expand the visibility they have into user activity beyond things that happen on the network. Go beyond a data-centric approach to a people-centric approach through identity behavior analysis. Improving visibility into user activity and taking a more preventive approach are the best ways to manage risk of an incident. Develop an inside-out approach to security. By converging physical, cyber and OT security you’ll gain a holistic view of your enterprise-wide security landscape.

King Chulalongkorn Memorial Hospital (KCMH) is a public medical facility in Bangkok, Thailand. The hospital is operated by the Thai Red Cross Society and functions as the teaching/training medical center for Chulalongkorn University’s Faculty of Medicine as well as the Thai Red Cross College of Nursing. With 1,479 in-patient beds, it is one of the largest hospitals in Thailand. Bhumi Siri Mangalanusorn Building (BSMB) is the largest Centre for Medical Excellence in Thailand. The building has 34 floors and total area of 225,000m. Gallagher security solution benefits Can integrate with other systems, such as Symphony video management software, building automation, parking and fire alarm systems Has a user-friendly Graphical User Interface (GUI) Is highly reliable and scalable, to meet future security needs Can meet increasing compliance requirements Supported IT industry standards for integration, XML, SQL, OPC, BACnet, etc Gallagher and AES Group Ltd, the local Gallagher system integrator, worked closely with the designer to ensure that the proposed system met the tender requirements of securing the hospital and protecting staff, patients and assets. The system is fully integrated, scalable and expandable, digital-based, user-friendly and crucially, a combination of enhanced operational efficiency and cost saving. Gallagher Command Centre Through Command Centre, Gallagher’s site management solution, KCMH is able to integrate multiple systems Through Command Centre, Gallagher’s site management solution, KCMH is able to integrate multiple systems, including fire alarm, video management system, building automation and parking, and feed the information into Command Centre. KCMH Security Manager, Adul Karutbumrung, says having one central monitoring platform ensures operational staff quickly identify, locate and respond to any risks on site. “The Gallagher system provides us with a higher level of validated access control in critical areas”. Centralised operation platform Gallagher’s system streamlines operations for KCMH to lower total cost of operation through its centralised operation platform. The user-friendly GUI also delivers the best value to reduce training time. In addition to meeting KCMH’s requirements for security, privacy and compliance, Gallagher provides additional benefits and features not available in other systems. Its scalability ensures that future expansion requirements can be addressed in a cost effective manner.

Two years ago, LABS opened up its new co-working facilities in Camden Market and has a number of locations centered around this iconic area of London. LABS isn’t just popping up in random locations but creating a co-working ecosystem of interconnected buildings and communities. Many companies who hire space are high tech, therefore they expect the facilities they work in to include the latest technology. The challenge LABS faced when developing a co-working environment was to offer a safe and secure working environment that is easy to use by both the clients and staff and uses the latest technology features and provides flexibility and future proofing. Gallagher Command Centre The Gallagher solution was specified for the project because of the central hub it provides The Gallagher solution was specified for the project because of the central hub it provides as well as its ability to integrate with a number of products, such as visitor management software (VMS) and CCTV. The Gallagher Channel Partner was able to offer a tailored security package that ensured LABS premises are safely monitored, guaranteeing smooth day-to-day operation. The buildings are managed by Community Managers, whose role is to understand all the companies and people who work within the LABS buildings. With this understanding the managers can bring the community together and help create beneficial relationships. Community Manager at Camden, Fran, is able to use Gallagher Command Centre for a number of tasks such as monitoring who enters the building including visitors, checking which meeting rooms are reserved, what hospitality is required etc. Bluepoint Real-Time Access Management LABS also use Bluepoint Real-Time Access Management (RAM), which integrates with the Gallagher Visitor Management system to create and modify cardholders and groups. Commands sent from the integration provide muster functionality and enables Community Managers, like Fran, full visitor and staff journey awareness. In order to attract new clients, the building runs open events and also allows people to book a tour. Guests will receive a QR code on their mobile phone so they can enter the building. Fran will receive a notification to say her guest has arrived so she can meet them and show them round. People within the building can also use the same functionality for visitors. Mobile access control Leases can be short, medium or long term and range from the occupation of offices to desks Everyone who works within a LABS building has access to an app so they can book meeting rooms seamlessly, find talent, swap skills, and engage with the community. This is the customer facing tool which links to Command Centre to ensure when someone books a room the relevant people are notified, and the system is updated. Leases can be short, medium or long term and range from the occupation of offices to desks. This means there are lots of leases starting and ending at different times making it difficult to keep track. By integrating with Command Centre access can be instantly revoked should a lease lapse, saving Community Managers time by not having to manually deny access.

New Covent Garden Market is a London icon with a history dating back to medieval days. Now the largest wholesale market in the UK, it has been feeding and flowering London every day for over 40 years. Brand New Covent Garden Market is the next evolution of the market, transforming the site into a 46,500m2 better, modern trading space during a phased build between 2015-2021. As a place of significance in a highly sought-after central London location, with hundreds of food and flower traders, suppliers and customers operating in the early hours every day, Brand New Covent Garden Market required an access control system that offered more than just granting door access. Gallagher access control solution Having successfully used a Gallagher access control solution for over 20 years in New Covent Garden Market, the decision to stay with Gallagher to meet the unique requirements of the new development was simple. New Covent Garden Market has worked with a Gallagher certified channel partner for a number of years, so facilities manager Jo Breare said they trusted their advice when deciding which access control system to go with. “The Gallagher card reader system has always worked for us,” says Jo. “With the developments in Command Centre, including the ability to customise features such as reporting, and integrating with CCTV and Nedap Transit Readers, we knew we had a system that suited our requirements. There were also fewer problems as we moved to the new site because staff and card users already understood how the system worked, causing minimum disruption.” Integration between Gallagher’s access control solution and Nedap technology has provided great benefit to the market Integration with Nedap technology Integration between Gallagher’s access control solution and Nedap technology has provided great benefit to the market. Each trader pays an annual fee to trade and enter the market. They are then given a tag so when they drive into the car park the market knows who does and doesn’t have access. Parking without a permit is very costly at £200 for 24 hours, so permits are an important part of the traders’ membership. During renewal time at the end of October each year, Gallagher Command Centre makes it easy to produce a report detailing the permit holders, which is then used as the basis for a mail merge to email renewal notifications to all traders. “Permits are one of the biggest sources of vehicle site management information and control for the market,” said Jo. He adds, “The renewal period could be a busy and stressful time, but the reporting function in Command Centre makes it quick and simple for all involved.” Groups have been created to allow access to different parking areas. Flower traders and suppliers park in their designated car park, while food traders and suppliers only have access to their designated car park. Parking lot access control Several customisations have also been created to support the unique operating environment of the market. Zone counting of underground parking spaces hired to local companies mean if an allocation is full, anyone trying to badge in from that company will not be granted access. A report on vehicle sizes to map car park sizes was also created and although this was not implemented, the data can be captured if needed in future. Traders contact the New Covent Garden Market Authority to revoke access for former employees and check if they have accessed the car park since leaving. They can also check if anyone is parking out of hours. This information can be easily pulled from Gallagher Command Centre and put into a simple report, saving time and providing value for traders. FLIR CCTV system The CCTV footage will be shown in the Command Centre workspace, keeping all security and access control in one place. When planning Brand New Covent Garden Market, the commercially-savvy organisation designed the New Covent Garden Market Authority’s office area to include office space available for rent. With a Gallagher access control solution in place, tenants will be able to easily enter their offices, manage users and grant parking access, with the peace of mind that their office is safe and secure. The next stage of the project is to connect Gallagher Command Centre with Flir CCTV, which is a well-established integration. The CCTV footage will be shown in the Command Centre workspace, keeping all security and access control in one easy to manage place. “The Gallagher system has provided us with everything we need and more,” says Jo. “It sees the most use during renewal times but on a day to day basis the system works happily in the background.”

Siklu, the pioneer in 5G mmWave wireless network solutions, announced that its radios have been deployed in the City of Cambridge, located roughly 100km West of Toronto in Ontario, to provide outdoor video security and support potential public Wi-Fi network services. The city has fibre connections connecting several municipal buildings and continues to deploy more where it makes economic sense. Fibre is used to connect fire stations to City Hall, for example. However, this particular application, outdoor video security, was one that needed more flexibility to accommodate the necessary camera locations. Most parking lots, Intersections and pedestrian walkways do not have a fibre POP (‘point of presence’) nearby. This meant the answer would almost certainly have to be a wireless solution. Need of flexible video security solution The wireless network would need to be able to backhaul gigabit per second public Wi-Fi APs with no additional truck rollsThe solution to be chosen had several additional requirements. It needed to be flexible when it came to expanding the video security coverage, it had to be secure and it also had to have enough capacity that it could support additional high bandwidth applications, such as the deployment of Public Wi-Fi. The wireless network would then need to be able to backhaul gigabit per second public Wi-Fi APs (‘access points’) with no additional truck rolls. The successful bidder on the project was Alliance Security Systems. Alliance investigated 5 GHz solutions as well as 60 GHz and determined that only 60 GHz products could meet current and future requirements. The ‘EtherHaul 600’ point-to-point 60 GHz solution from Siklu features plenty of capacity (from 100Mbps up to 1Gbps, software upgradeable), flexible deployment options (up to 1km “link” range), small size (mountable on street light poles) and immunity to radio interference (e.g., 5 GHz systems are subject to the ever increasing Wi-Fi noise floor).    Deployment of P3717 multi-lens cameras Phase 1 of the program supported ten multi-lens camera deployments, and the network design had six 1-Gbps Siklu V-Band radios collocated at the city Clock Tower. This dense colocation was a result of the very narrow 60GHz radio beams and the abundant spectrum (14GHz) available. Deployment of the Siklu radios was accomplished within a week and incorporated an Axis Communications P3717 multi-lens cameras managed by a Genetec Security Center unified security platform. Since the installation of the video security network, a car theft ring was apprehended and there has been a reduction in crimeTom Hackett, Alliance Security Systems stated: “By utilising the point to point technology in such a way where we co-locate the head end, we end up approaching a cumulative speed of over 10Gbps per second once Phase 2 is commissioned. That’s just an astounding wireless speed in today’s world. The network has been such a success that beyond expansion plans with Cambridge, we are in discussions with other municipalities.” Reduction in crimes The City also operates the Phase 1 network to provide access to police as requested for specific incidents or investigations. Since the installation of the video security network, a car theft ring was apprehended and there has been a noticeable reduction in crime. Beginning in June 2019 or as soon as light poles become available, Phase 2 will add seven new cameras and will be supported by Siklu’s V-Band ‘EtherHaul 600’ radios. The EtherHaul 600 units feature 1 Gbits of capacity and can accommodate future expansions of the system. “The network was installed and is delivering in all aspects – high up time and excellent video quality,” said Trevor McWilliams, Manager of Business Development for the City of Cambridge Ontario Economic Development. “We are confident that the network deployed will operate for many years and be able to support new applications as needed.”

As a major transportation hub in Northeastern China, Changchun Longjia International Airport processes a huge amount of passengers every year. In response to massive economic growth in the region, the airport – with a total volume of almost 13 million passengers in 2018 – needed an additional terminal. Built over the course of three years, the state-of-the-art Terminal 2 building covers a total area of 55,600 square meters. Since its opening in October 2018, the expansive Terminal 2 building has been serving all domestic flights from 22 airlines including Air China, Shenzhen Airlines and Shandong Airlines while international flights are now concentrated in Terminal 1. Meeting airport security guidelines Bosch received the contract based on a proven track record of large-scale airport security installationsLooking to safeguard this vital new infrastructure, the airport security managers wanted to integrate video security, intrusion detection, public address and access control for staff within one platform while meeting current government security guidelines for airports. Since 2017, these laws include mandatory storage of all video data for a 90-day period, which puts a premium on adequate data storage in a space covered by over 1,000 cameras around the clock. Given the project’s massive scale, managers wanted to work with a one-stop provider to ensure seamless integration of all solutions and delivery according to stringent timelines with end-to-end security intact on opening day. After diligent market research, Bosch received the contract based on a proven track record of large-scale airport security installations and the ability to connect all components – video security, intrusion alarms, access control and public address systems – on the Building Integration System (BIS). Installation of IP dome cameras Outdoor cameras are able to withstand temperatures down to -40 °C during Changchun’s harsh wintersFor video security, Bosch experts installed nearly 1,500 cameras inside and outside Terminal 2, including moving cameras such as the AUTODOME IP 4000i and IP 5000i and FLEXIDOME IP 6000 VR series. All IP-based cameras are centrally managed on the Bosch Video Management System (BVMS) and support security personnel by detecting threats and triggering automated alerts via built-in Essential Video Analytics. Outdoor cameras are able to withstand temperatures down to -40 °C during Changchun’s harsh winters. And to maintain a small data footprint while meeting the legal obligation for 90-day data storage, the cameras use efficient H.265 compression technology, thereby reducing bandwidth to a low 2 Mbps and storage space by up to 50 percent compared to other cameras. As a direct result, security managers in Changchun have been able to achieve savings in the number of networked storage units as well as energy consumption and cooling cost for the server room. Unified management of access control “The reduced bandwidth leading to a fewer number of storage cabinets in the server room was a major reason why our client opted for the Bosch solution,” said Mustaine Hu, Technical Support Manager at Bosch Building Technologies. The Building Integration System supports unified management of access control for airport personnel at 350 doorsMeeting another key customer requirement, the Building Integration System (BIS) from Bosch supports unified management of access control for airport personnel at nearly 350 doors. A combination of card reader and video security eliminates the risk of non-employees accessing critical areas with a stolen card and creates a seamless passage for authorised staff without additional screening. Bringing security full circle, the installed public address system allows security personnel to broadcast real-time announcements via more than 1,200 ceiling loudspeakers. The system ensures controlled evacuation in emergency situations and also sounds alarms triggered by connected intrusion sensors to alert personnel. Security for travellers and personnel Fully operative since the grand opening of Terminal 2, the Bosch system now provides end-to-end security for travellers, personnel and property at Changchun Longjia International Airport. As a scalable and IP-based system, it is future-proof to accommodate further expansions and has delivered cost savings on video storage and power consumption since day one. In face of China’s rapid economic growth, about 200 of the country’s 497 airports will require similar expansions over the coming years, making Changchun an important reference for Bosch Building Technologies in the region.

NEC Corporation has announced that NEC Technologies India (NECTI), a pioneer in the integration of IT and network technologies, has partnered with the Centre for Development of Advanced Computing (C-DAC) to deploy its industry-leading automated fingerprint identification system (AFIS) for the Kerala State Police in India. The new AFIS will be used by the Kerala State Police to match unknown fingerprints against a central database of known fingerprints for criminal investigation. More than 600 police/enforcement facilities across the state, including police stations and the district police headquarters, will have access to the system for verification and new registration of fingerprints. Faster and accurate fingerprint verification The new system is able to enhance the quality of fragmented fingerprints captured at crime scenesThis new system will help state police accelerate investigations more efficiently by providing a faster and more accurate fingerprint verification. The new system is able to enhance the quality of fragmented fingerprints captured at crime scenes and makes it possible to match the prints against the central database. NEC's AFIS boasts the world's no. 1 authentication accuracy and is a core technology of the company's portfolio of leading biometric solutions, ‘Bio-Idiom’. Mr. Takayuki Inaba, Managing Director, NECTI, said, "NEC has always been at the forefront of public safety. As a world leader in biometrics technologies, we are delighted to be working with C-DAC and the Kerala State Police to implement a new fingerprint recognition infrastructure, and are committed to building safer and smarter cities in India."

The definition of a standard is “an authoritative principle or rule that usually implies a model or pattern for guidance, by comparison with which the quantity, excellence, correctness, etc., of other things may be determined.” In technology markets, such as physical security, standards are agreed-upon language, specifications or processes that are used across the board by multiple stakeholders to enable easier interconnectivity and smoother operation of systems. We asked this week’s Expert Panel Roundtable: How are standards shaping change in the physical security market?

Cybersecurity has become the ultimate buzzword in the physical security market. And it also represents one of the industry’s most intractable challenges. Several years ago, the problem with cybersecurity was lack of awareness among physical security practitioners. It’s now safe to say that awareness has increased. Everyone today talks about cybersecurity, but has it helped the larger problem? We asked this week’s Expert Panel Roundtable: Is greater awareness helping to increase the cybersecurity of physical security systems?

Technology advancements often come with new terms and definitions. The language of our marketplace evolves to include new words that describe innovations in the industry. In the skilled hands of marketers, terms intended to be descriptive can also take a new element of ‘buzz,’ often presaging exciting developments that will drive the future. We asked this week’s Expert Panel Roundtable:  What new buzzword have you heard, and what does it mean for the industry?