Security education

The doors have closed on this year’s Global Security Exchange (GSX), held at Chicago’s McCormick Place this week. Presented by ASIS International, an association for security management professionals, the event offered six days filled with education and networking for the global security community. Attendance was strong with 20,000 registrants from more than 125 countries and 550+ exhibitors packing the convention centre. Security professionals also engaged in sessions around the world via Global Access LIVE! streaming—with participants in more than 15 countries. “GSX serves as a powerful forum for convening security leaders across the globe to learn, share information and network,” said Christina Duffey, CPP, 2019 ASIS President. “I leave this year’s GSX more energised about our association, our profession, and our industry. I am eternally grateful to our Chicago Chapter and host committee for their strong support and look forward to GSX 2020, which will take place in Atlanta.” Four key factors affecting perceptions GSX 2019 launched on Saturday, 7 September, with ASIS member certification reviews and the start of continuing education workshops in support of professional accreditations. Sunday, September 8, brought a lively Town Hall providing attendees with an open discussion forum with ASIS volunteer leaders. Monday, 9 September, the keynote address was delivered by geopolitical expert and author Ian Bremmer, Ph.D., covering the most pressing risks, trends and economics around the world. More than 3 million people are moving into urban environments every week” He described four key factors that are affecting global perceptions and can stoke conflict and uncertainty, including the decline of the ‘social contract’ (i.e., flat wages, scandals involving privileged class, and sense that government and employers no longer represent the needs of the people they serve), immigration, the ‘forever’ wars (i.e., the 18-year conflict in Afghanistan), and the role of social media in stoking division and fears. He also cited news headlines, including the consequences of Brexit, China’s global investments in Western Democracies, and the lack of a “Plan B” in dealing with Iran. New innovations in security profession The GSX Exhibit Hall opened Tuesday, 10 September with more than 550 exhibitors and innovative feature areas including the GSX Disruption District, X-Learning stages, and the D3 (Drones, Droids, Defense) Learning Theater, and new this year, the Startup Sector pavilion, highlighting new innovations in the security profession. Tuesday’s General Session speaker, Steve Demetriou, Chair and CEO, Jacobs, spoke on changing times. According to Demetriou, “Today, more than half the world’s population lives in urban environments, and more than 3 million people are moving into urban environments every week.” John F. Kelly, retired four-star general, former U.S. Secretary of Homeland Security and White House Chief of Staff, kicked off Military and Law Enforcement Appreciation Day on Wednesday, 11 September. General Kelly also touched on changes in Department of Homeland Security (DHS) agency structures and policies since 9/11 and described how the dramatically increased collaboration across the intelligence and enforcement agencies in recent years has made the country much safer. Evolving world needs security practitioners Tarah Wheeler emphasised that the world requires security practitioners to continue to update their thinking New to GSX this year and a first for the security industry, 12 companies were selected to compete in the first-ever GSX Pitch Competition. The closing general session featured Tarah Wheeler, Cybersecurity Policy Fellow at New America, who emphasised that the evolving world requires security practitioners to plan ahead and continue to update their thinking. “We are at GSX because we want to be fierce protectors,” she told the audience before providing valuable guidance on how to prepare before an incident response is required. “I think like a bad guy so I can keep people safe—and you should start thinking like a bad guy too.” Deviant Ollam, Physical Penetration Specialist with the CORE Group, gave the closing Game Changer session alerting the audience to the many ways that potential “bad actors” can gain access to sensitive company data, resources, and facilities. Ollam described three distinct attack surfaces—physical, digital, and human—and pointed out that attackers often find the most vulnerable points at the intersections of these areas, where the responsibility may not be clear and protective procedures may be weak. Free access to security education He emphasised the potential value of penetration testing, and encouraged testers to help make the world safer, saying “if you’re not making the blue team better, you’re not doing your job.”  Expanded for 2019, the Security Cares program was created to empower and positively impact the local communities serving as GSX host cities. Now in its fourth year, the program connected leaders of Chicago area community organisations and small- to medium-sized businesses with free access to valuable security education, networking, funding opportunities, and resources. GSX 2020 will take place September 21-23 in Atlanta.

Professionals from the cyber security industry have identified the rate of change, not only in regard to the variety and nature of attacks but also when considering regulation and legislation within the sector, as one of the biggest current threats to cyber security in the UK. The challenges were identified by industry experts discussing the current status of UK cyber security in the run up to Cyber Security Connect UK, (CSCUK), the conference and industry forum for CISOs. On-going employee engagement and education The number of businesses reporting cyber-attacks has increased and the cost to UK businesses has been recorded as being in excess of £17 billion a year. With this in mind, clear identification of the biggest threats to the UK’s Cyber Security is seen as key to on-going protection from the consequences of breaches. Other key threats identified during the discussions were the need for on-going employee engagement and education, as well as AI and machine learning being used by criminal organisations. This will be one of the key areas covered during CSCUK which takes place from 13- 15 November in Monaco.

A survey of UK GDPR decision-makers conducted on behalf of Egress, the provider of people-centric data security solutions, reveals that 52% of businesses are not fully compliant with the regulation, more than a year after its implementation. The survey also found that 37% of respondents had reported an incident to the ICO in the past 12 months, with 17% having done so more than once. Interestingly, the results showed that over half (53%) of mid-size companies had reported data breaches to the ICO in the past 12 months, compared with 36% of small companies and only 23% of enterprise organisations. Handling of sensitive data These figures indicate an evident gap in compliance performance among mid-size companies Similarly, a notably lower percentage (39.5%) of mid-sized companies reported full GDPR compliance compared with 56% of large and 51% of small companies. Taken together, these figures indicate an evident gap in compliance performance among mid-size companies. Other key survey findings include: Only half of decision-makers (48%) reported that their business was fully compliant 42% rated their organisation as ‘mostly compliant’ Over one-third (35%) said GDPR has become less of a priority for their organisation in the last 12 months Implementing new processes around the handling of sensitive data has been the greatest area for compliance investment in the last 12 months, cited by 28% of those surveyed Compliance investment priorities were then split across better auditing of what data is collected and why (18%), employment of a Data Protection Officer or other compliance personnel (18%), and new technology (17%). 7% said user education and training had been their biggest area of investment. Making GDPR a top priority We now appear to be seeing an ‘almost compliant is close enough’ attitude towards GDPR" A significant proportion (35%) of GDPR decision-makers said that the majority of compliance activity had taken place in the lead up to the May 2018 deadline and had since dropped down the priority list and remained less important. Only 6% said that the ICO’s recent high-profile announcements of its intention to fine British Airways and Marriott had subsequently shocked the business back towards greater awareness. While 70% of decision-makers surveyed said that their organisation felt very positively about GDPR, less than two thirds (62%) said their business had made GDPR a top priority over the past year. Tony Pepper, CEO, Egress comments: “Since the rush to meet last May’s deadline, we now appear to be seeing an ‘almost compliant is close enough’ attitude towards GDPR, with a significant percentage of decision-makers indicating that focus has waned in the past 12 months.” Taking necessary steps towards protecting data “The wait of more than a year between implementation and the first action taken by the ICO under GDPR seemed to lead to a perception outside the security industry that the regulation was ‘all bark and no bite’. Although the authority’s announcement that it intends to fine British Airways and Marriott such staggering sums sent shockwaves through the security community, it is concerning only 6% of organisations have taken action to avoid the full potential of the legislation. These announcements should definitely have acted as a clearer warning that organisations cannot risk compliance complacency.” “This is important for businesses in the small and mid-market segments, where our survey found lower compliance levels being reported. Although the ICO’s action to date has focused on two well-known enterprise organisations, GDPR demands compliance from businesses of all sizes and they need to take all necessary steps towards protecting data.” End-user education and training When asked about their single greatest area of compliance investments, decision-makers chose: Implementing new processes around the handling of sensitive data (28%) Better auditing around what data we collect and for what reasons (18%) Employment of a Data Protection Officer or other additional compliance staff (18%) New technology (17%) Implementing new procedures around incident reporting (8%) End-user education and training (7%) Security-related personal data breach incidents Over one-third of respondents (37%) have reported at least one incident to the ICO in the last 12 months Yet despite these investments, over one-third of respondents (37%) have reported at least one incident to the ICO in the last 12 months. According to analysis of ICO data, 60% of security-related personal data breach incidents in the first six months of 2019 were caused by human error. Pepper adds: “The majority of respondents (96%) acknowledged their organisation has made investments in GDPR compliance in the last 12 months, with implementing new processes the most common top priority. Yet despite this, we continue to see data breach incidents being reported and we know from the ICO that the primary cause is human error – so clearly strategies need to shift if we are going to turn the tide against data breaches.” Latest advances in security and DLP technology “Reliance on people to follow processes and protect data is only going to get organisations so far: people are always going to make mistakes or behave unexpectedly, and more must be done to provide a safety net that protects sensitive information.” GDPR is here to stay, and we’re only going to see more companies penalised for data breaches" “It’s positive to see that almost one-fifth (17%) of respondents are looking to technology as a way to mitigate breaches, but they must ensure these solutions tackle human error as the root causes of many of these incidents.” “They must look to the latest advances in security and DLP technology that can map a user’s behaviour to prevent the array of mistakes that put data at risk – from falling for phishing attacks that can lead to malware or stolen credentials, to misdirecting emails or attaching the wrong documents. GDPR is here to stay, and we’re only going to see more companies penalised for data breaches unless we’re able to overcome these issues.”

Amid ongoing identity theft and privacy-related breaches, new research published by cybersecurity company, BullGuard, revealed substantial gaps between consumers’ privacy concerns and their actual behaviours. The study shows 53% of Americans, 48% of Brits and 62% of Germans are concerned about privacy, but 74% of Americans, 80% of Brits, and 86% of Germans don’t use a VPN (Virtual Private Network) when accessing public Wi-Fi, with convenience trumping privacy and security risks in their rush to get online. A VPN empowers consumers with a highly effective, easy way to safeguard themselves when using public Wi-Fi from their smartphone, tablet or laptop, and adds an extra layer of security and privacy when used on the home network. Accessing users data by hacking public Wi-Fi Two-thirds of all survey respondents stated they are most worried about their banking information being hacked and stolenUnbeknownst to most consumers, hackers can easily spoof and set up malicious open Wi-Fi networks that appear to be legitimate (e.g. ‘Free Airport Wi-Fi’), but in fact intercept and record all network traffic, including people’s intimate personal data, and allow fraudsters to steal usernames, passwords, credit card details, bank account information and more. Alarmingly, approximately one in five Americans (19%) used a credit card while connected to public Wi-Fi, 17% of Brits performed online banking, and 14% of Germans accessed an insecure website – even though 53% of Americans, 48% of Brits and 62% of Germans believe their data is not secure while on a public Wi-Fi network and two-thirds of all survey respondents stated they are most worried about their banking information being hacked and stolen. Ignoring risks of financial and identity theft “Consumers are playing Russian Roulette with their personal data and privacy, opting for convenience over safety when using public Wi-Fi,” said Paul Lipman, CEO of BullGuard. “The research findings clearly indicate that Americans, Brits, and Germans do not feel safe online, yet they are ignoring their fears and risking financial theft, identity theft, account fraud and more in their quest to use public Wi-Fi. Accessing public Wi-Fi without the use of a VPN is akin to driving your car without insurance – sooner or later you’re going to end up paying the price for being negligent.” Pros and cons of antivirus software AV software prevents, detects and removes malware and helps protect users from other threats such as ransomwareThe research also revealed 48% of Americans, 62% of Brits and 69% of Germans are only using antivirus (AV) software to protect their online information on their home Wi-Fi. AV software prevents, detects and removes malware and helps protect users from other threats such as ransomware, malicious URLs, phishing scams, botnet DDoS attacks and more, but it does not hide a consumer’s origin IP address or prevent others – including ISPs (Internet Service Providers) and government organisations – from monitoring a consumer’s online browsing activity, including what websites they visit, what they download or what services and applications they use. Safeguarding online security and privacy “A disconnect currently exists in the minds of consumers between the benefits and differences of AV software and VPN. The research findings indicate a need to educate consumers that VPN is not simply a useful tool for streaming geo-locked content, but an integral component to safeguard their overall online security and privacy,” stated Lipman. “While antivirus software is essential for detecting and removing malware from your PC, smartphone and tablet devices, it offers no protection from having your personal data intercepted by a malicious hotspot or blocking your ISP from monitoring your online browsing activity.” Relying on ISP and browser for information security Many individuals use no additional methods and rely solely on their ISP and browser to keep online information privateAdditionally, a significant number of individuals (19% of Americans, 12% of Brits and 7% of Germans, respectively) use no additional methods and rely solely on their ISP and browser to keep their online information private and secure. This despite results that show consumers believe the following entities are tracking their online activities: Search engines such as Google (56% Americans, 63% Brits and 71% Germans) Internet Browser (51% Americans, 57% Brits and 57% Germans) Internet Service Provider (53% Americans, 58% Brits and 44% Germans) Online retailers like Amazon (46% Americans, 54% Brits and 61% Germans) Social media platforms such as Facebook (55% Americans and 62% Brits) Messenger apps such as Facebook Messenger and WhatsApp (42% Americans and 51% Brits) Social media platforms and messengers, e.g. Facebook and WhatsApp (65% Germans) US government (52% Americans and 36% Brits) UK government (15% Americans and 55% Brits) German government (34% Germans) The BullGuard-commissioned survey was conducted in August 2019 and queried a total of 5,000 adult consumers across the US, the UK, and Germany (2000 each in the US and UK, and 1000 in Germany).

Vantage Controls, a brand of Legrand | AV Residential Solutions, announced that it will exhibit its end-to-end human-centric lighting (HCL) solutions at an interactive demonstration at CEDIA Expo 2019. In Legrand | AV's booth 905, the company will showcase load controls, user interfaces including the new EasyTouch Glass, and programming software that comes together to provide precise dimming for tunable light fixtures utilising the Lumenetix araya5 light engine – delivering the benefits of ‘Lighting for Life’ in residential spaces. Intelligent lighting control with LED lamps HCL systems render these conditions indoors by combining intelligent lighting control with tunable LED lamps and fixturesOur internal clocks – or circadian rhythms – are daily cycles of biological activity based on a 24-hour period and influenced by regular variations in the environment, primarily the Earth's natural lighting cycle. We depend on this cycle for hormone production, metabolism, and sleep/wake cycles – basically our entire well-being. The optimal lighting conditions for humans are what we see outside. HCL systems render these conditions indoors by combining intelligent lighting control with tunable LED lamps and fixtures that have the ability to change their colour tone or intensity to match the dynamic range of light. Integration with automated shading systems "'Lighting for Life' means not only enhancing the aesthetics of a space, but the physical, emotional, and mental well-being of its occupants," said Fritz Werder, vice president and general manager of Legrand Residential AV Systems. "Vantage's HCL solutions make it easy for integrators to meet the growing demand for this experience in residential spaces by reducing the complexity of the design, installation, and operation of tunable LED lighting systems. In addition, they offer seamless integration with QMotion's automated shading systems for the optimal balance of natural and artificial light." EasyTouch Glass modular keypad station Vantage's EasyTouch Glass modular keypad station combines powerful functionality with a sleek, contemporary designMaking its debut at CEDIA Expo 2019 is Vantage's new EasyTouch Glass modular keypad station, which combines powerful functionality with a sleek, contemporary design. Available with up to five programmable buttons for different scenes – such as ‘Welcome’, ‘Away’, or ‘Party’ – not only does the EasyTouch Glass allow users to set the lighting in a space with one touch, it can also incorporate control over shades, speakers, garage doors, and more. Completely customisable to each project, the keypad allows installers to mix and match colours for trims, buttons, and faceplates, while an inner-surface ink layering process ensures consistent colour definition and reflectivity. Buttons are laser-engraved in a TrueType font, with the letters illuminated by adjustable RGB backlighting in the user's colour of choice. An ambient light sensor automatically adjusts the backlighting based on the time of day, and users can easily determine which scenes are active based on the button's colour or intensity. DMX-DALI-GATEWAY and InFusion Controller II Also on display at CEDIA Expo 2019 will be Vantage's DMX-DALI-GATEWAY and InFusion Controller II. For today's complex lighting system, the gateway provides 512 DMX channels, as well as 64 channels of DALI control. The Vantage controller is programmed to match the daily sunrise/sunset schedule shift throughout the year that best supports people's natural circadian rhythm based on the location of each installation. The controller integrates with QMotion advanced automated shading solutions for a human-centric experiencearaya5-enabled fixtures that are demonstrated to work with the Vantage controller include LF Illumination, WAC Lighting, and more. Vantage also works well with new LED light sources including Lumsatream low voltage lighting and other innovative colour-tuning manufacturers. In addition, the controller seamlessly integrates with QMotion advanced automated shading solutions for a complete human-centric experience. Equinox glass LCD touchscreen controllers Other highlighted user interfaces will include Vantage's Equinox line of glass LCD touchscreen controllers for a smartphone-type navigation experience, and EasyTouch II keypads with up to five programmable buttons for control of lights and shades individually or in user-defined scenes. To quickly program complete HCL systems, Vantage's Design Center will be on display. The software makes it fast and simple for integrators to configure the intensity, hue, saturation, and correlated colour temperature (CCT) of tunable lighting, while creating automated schedules and timers. At booth 905, visitors will also have an opportunity to experience how all Legrand | AV Residential Solutions brands – Chief, Da-Lite, Luxul, Middle Atlantic Products, Nuvo, On-Q, QMotion, SANUS, and Vantage – come together to deliver amazing AV experiences that transform the smart home. The company has also planned sweepstakes and giveaways at its booth, as well as several educational opportunities for integrators.

Tamworth-based trade association, DHF (Door & Hardware Federation), has published a new downloadable document for the building and hardware sector, named TS 007 - 2:2019 - Enhanced security for mechatronic cylinders and/or associated hardware. Security for mechatronic cylinders New door assemblies are covered by PAS 24 and complete mechatronic lock assemblies by DHF TS 621DHF's new Technical Specification (produced in association with the Glass and Glazing Federation) has been prepared following the emergence of an attack method focused on cylinders used in locks. New door assemblies are covered by PAS 24 and complete mechatronic lock assemblies by DHF TS 621. The ‘TS 007 - 2:2019’ publication aims to provide a level of security for mechatronic cylinders comparable to that specified in BS 3621 and PAS 24.  The document provides information on enhanced security mechatronic cylinders and security hardware intended to be used on dwellings and other buildings requiring similar levels of security.  Rim and mortice locks The specification includes a classification method and references test methods and acceptance criteria for the assessment of enhanced security mechatronic cylinders and associated security hardware. It covers replaceable cylinders intended for use with rim locks, and/or mortice locks, (including euro profile, oval and threaded cylinders) and associated security hardware intended to give these cylinders protection from attack.  The publication covers such cylinders and associated security hardware supplied either as a package or separately. In the document, which is an extension of DHF’s original specification first published in 2014, both DHF and the Glass and Glazing Federation strongly recommend that manufacturers of TS 007-rated cylinders and security door handles/escutcheons carry out third-party certification of every product claiming compliance with this specification. Third-party certification BSI offers third-party certification against TS 007 using its Kitemark brand This is of particular importance because the TS 007 specification employs human testing, and certification ensures that this gives, as far as is reasonably practicable, consistent and reproducible results.  BSI offers third-party certification against TS 007 using its Kitemark brand. In this case, the TS 007 star-rating is displayed alongside the Kitemark logo on both products and packaging.  Enhanced security performance “We have worked closely with the Glass and Glazing Federation to produce part two of our TS 007 specification which offers information on levels of security for mechatronic cylinders comparable to that specified in BS 3621 and PAS 24,” explains DHF’s Commercial Manager, Patricia Sowsbery-Stevens.  “We hope that it provides the basis for a greater element of clarity for those working in the security hardware sector, and most importantly, improved security performance and protection for mechatronic cylinders.”

Artificial intelligence (AI) is improving everyday solutions, driving efficiency in ways we never imagined possible. From self-driving cars to intelligent analytics, the far-reaching impacts of Deep Learning-based technology empower human operators to achieve results more effectively while investing fewer resources and less time. By introducing AI, solutions are not merely powered by data, but they also generate valuable intelligence. Systems which were once leveraged for a narrow, dedicated purpose, can suddenly be engaged broadly across an organisation, because the previously under-utilised data can be harnessed for enhancing productivity and performance. Video analytics software The video intelligence software processes and analyses video to detect all the people and objects that appear When it comes to physical security, for instance, video surveillance is a standard solution. Yet, by introducing AI-driven video analytics software, video data can be leveraged as intelligence in previously inaccessible ways. Here are some examples of how diverse organisations are using AI-based video intelligence solutions to enhance security and performance with searchable, actionable and quantifiable insights. Law enforcement relies on video surveillance infrastructure for extracting investigation evidence and monitoring people and spaces. Instead of manual video review and live surveillance – which is prone to human error and distraction – police can harness video content analysis to accelerate video investigations, enhance situational awareness, streamline real-time response, identify suspicious individuals and recognise patterns and anomalies in video. The video intelligence software processes and analyses video to detect all the people and objects that appear; identify, extract and classify them; and then index them as metadata that can be searched and referenced. Maintaining public safety For law enforcement, the ability to dynamically search video based on granular criteria is critical for filtering out irrelevant details and pinpointing objects of interest, such as suspicious persons or vehicles. Beyond accelerating video evidence review and extraction, police can leverage video analysis to configure sophisticated real-time alerts when people, vehicles or behaviours of interest are detected in video. Instead of actively monitoring video feeds, law enforcement can assess triggered alerts and decide how to respond. In this way, officers can also react faster to emergencies, threats and suspicious activity as it develops. Video analysis empowers cities to harness their video surveillance data as operational intelligence Empowering law enforcement to maintain public safety is important beyond the benefit of increasing security: A city with a reputation for effective, reliable law enforcement and enhanced safety is more likely to attract residents, visitors and new businesses, exponentially driving its economic development. Furthermore, in cities where law enforcement can work productively and quickly, time and human resources can be reallocated to fostering growth and building community. Video surveillance data Video analysis empowers cities to harness their video surveillance data as operational intelligence for optimising city management and infrastructure. When video data is aggregated over time, it can be visualised into dashboards, heatmaps and reports, so operators can identify patterns and more seamlessly detect anomalous behaviour. A city could, for instance, analyse the most accident-prone local intersection and assess the traffic patterns to reveal details such as where cars are dwelling and pedestrians are walking; the directional flows of traffic; and the demographic segmentations of the objects detected: Are cars lingering in no-parking zones? Are pedestrians using designated crosswalks – is there a more logical location for the crosswalk or traffic light? Do vehicles tend to make illegal turns – should police proactively deter this behaviour, or should the city plan new infrastructure that enables vehicles to safely perform these turns? Finally, does the rise in bike traffic warrant implementing dedicated biking lanes? With video intelligence, urban planners can answer these and other questions to facilitate local improvements and high quality of life. By leveraging the video insights about citywide traffic, public transit organisations can make data-driven decisions about scheduling and services Enhancing situational awareness Insight into traffic trends is also critical for transport companies, from public transit services to transportation hubs and airports. By leveraging the video insights about citywide traffic, public transit organisations can make data-driven decisions about scheduling and services. Analysing video surveillance around bus stops, for instance, can help these companies understand the specific hours per day people tend to dwell around bus stops. Correlating this information with transactional data for each bus line, bus schedules can be optimised based on demand for individual bus lines, shortening waiting times for the most popular routes. Similarly, the traffic visualisations and activity heatmaps derived from the video of major transit hubs, such as international airports and central stations, can be beneficial for increasing security, enhancing situational awareness, identifying causes of congestion, improving throughput and efficiency and, ultimately, solving these inefficiencies to provide a streamlined customer experience for travellers. Large education campuses Campus law enforcement can leverage video data to increase situational awareness and public safety Much like a city, large education campuses have internal transportation services, residential facilities, businesses and law enforcement, and video content analysis can support the campus in intelligently managing each of those business units, while also providing video intelligence to these individual groups. Campus law enforcement can leverage video data to increase situational awareness and public safety, driving real-time responses with the ability to make informed assessments and accelerating post-event investigations with access to easily extractable video data. When campuses are expanding or developing additional infrastructure, they can plan new crosswalks, traffic lights, roads, buildings and entrances and exits based on comprehensive video intelligence. By understanding where pedestrians and vehicles dwell, walk, cross or even violate traffic laws, the campus can inform construction projects and traffic optimisation. Countless business operations The campus can leverage video business intelligence to justify leasing pricing for different retailers across campus Finally, the campus can leverage video business intelligence to justify leasing pricing for different retailers across campus, demonstrating property values based on traffic trends that can be correlated with retailer point of sale data. Whether its empowering security, productivity or decision-making, the insights generated by AI-based technology can drive significant optimisation – especially when data is fused and cross-referenced across smart sensors and systems for even deeper intelligence. In the case of AI-backed video analytics, diverse organisations can harness video surveillance impactfully and dynamically. Whereas once video technology investments could be justified for their security value – with the introduction of AI capabilities – procurement teams can evaluate these solutions for countless business operations, because they offer broadly valuable intelligence. And video surveillance and analytics is merely one example of AI-driven solutions’ potential to disrupt business as we know it.

In 2017, IoT-based cyberattacks increased by 600%. As the industry moves towards the mass adoption of interconnected physical security devices, end users have found a plethora of advantages, broadening the scope of traditional video surveillance solutions beyond simple safety measures. Thanks in part to these recent advancements, our physical solutions are at a higher risk than ever before. With today’s ever evolving digital landscape and the increasing complexity of physical and cyber-attacks, it’s imperative to take specific precautions to combat these threats. Video surveillance systems Cybersecurity is not usually the first concern to come to mind When you think of a video surveillance system, cybersecurity is not usually the first concern to come to mind, since digital threats are usually thought of as separate from physical security. Unfortunately, these two are becoming increasingly intertwined as intruders continue to use inventive methods in order to access an organisation's assets. Hacks and data breaches are among the top cyber concerns, but many overlook the fact that weak cybersecurity practices can lead to physical danger as well. Organisations that deploy video surveillance devices paired with advanced analytics programs often leave themselves vulnerable to a breach without even realising it. While they may be intelligent, IoT devices are soft targets that cybercriminals and hackers can easily exploit, crippling a physical security system from the inside out. Physical security manufacturers Whether looking to simply gain access to internal data, or paralyse a system prior to a physical attack, allowing hackers easy access to surveillance systems can only end poorly. In order to stay competitive, manufacturers within the security industry are trading in their traditional analogue technology and moving towards interconnected devices. Due to this, security can no longer be solely focused on the physical elements and end users have taken note. The first step towards more secured solutions starts with physical security manufacturers choosing to make cybersecurity a priority for all products, from endpoint to edge and beyond. Gone are the days of end users underestimating the importance of reliability within their solutions. Manufacturers that choose to invest time and research into the development of cyber-hardening will be ahead of the curve and an asset to all. Wireless communication systems Integrators also become complicit in any issues that may arise in the future Aside from simply making the commitment to improve cyber hygiene, there are solid steps that manufacturers can take. One simple action is incorporating tools and features into devices that allow end users to more easily configure their cyber protection settings. Similarly, working with a third party to perform penetration testing on products can help to ensure the backend security of IoT devices. This gives customers peace of mind and manufacturers a competitive edge. While deficient cybersecurity standards can reflect poorly on manufacturers by installing vulnerable devices on a network, integrators also become complicit in any issues that may arise in the future. Just last year, ADT was forced to settle a $16 million class action lawsuit when the company installed an unencrypted wireless communication system that rendered an organisation open to hacks. Cybersecurity services In addition, we’ve all heard of the bans, taxes and tariffs the U.S. government has recently put on certain manufacturers, depending on their country of origin and cybersecurity practices. Lawsuits aside, employing proper cybersecurity standards can give integrators a competitive advantage. With the proliferation of hacks, malware, and ransomware, integrators that can ease their client's cyber-woes are already a step ahead. By choosing to work with cybersecurity-focused manufacturers who provide clients with vulnerability testing and educate end users on best practices, integrators can not only thrive but find new sources of RMR. Education, collaboration and participation are three pillars when tackling cybersecurity from all angles. For dealers and integrators who have yet to add cybersecurity services to their business portfolios, scouting out a strategic IT partner could be the answer. Unlocking countless opportunities Becoming educated on the topic of cybersecurity and its importance for an organisation is the first step Physical security integrators who feel uncomfortable diving headfirst into the digital realm may find that strategically aligning themselves with an IT or cyber firm will unlock countless opportunities. By opening the door to a partnership with an IT-focused firm, integrators receive the benefit of cybersecurity insight on future projects and a new source of RMR through continued consulting with current customers. In exchange, the IT firm gains a new source of clients in an industry otherwise untapped. This is a win for all those involved. While manufacturers, dealers and integrators play a large part in the cybersecurity of physical systems, end users also play a crucial role. Becoming educated on the topic of cybersecurity and its importance for an organisation is the first step. Commonplace cybersecurity standards Below is a list of commonplace cybersecurity standards that all organisations should work to implement for the protection of their own video surveillance solutions: Always keep camera firmware up to date for the latest cyber protections. Change default passwords, especially those of admins, to keep the system locked to outside users. Create different user groups with separate rights to ensure all users have only the permissions they need. Set an encryption key for surveillance recordings to safeguard footage against intruders and prevent hackers from accessing a system through a backdoor. Enable notifications, whether for error codes or storage failures, to keep up to date with all systems happenings. Create/configure an OpenVPN connection for secured remote access. Check the web server log on a regular basis to see who is accessing the system. Ensure that web crawling is forbidden to prevent images or data found on your device from being made searchable. Avoid exposing devices to the internet unless strictly necessary to reduce the risk of attacks.

In the age of massive data breaches, phishing attacks and password hacks, user credentials are increasingly unsafe. So how can organisations secure accounts without making life more difficult for users? Marc Vanmaele, CEO of TrustBuilder, explains. User credentials give us a sense of security. Users select their password, it's personal and memorable to them, and it's likely that it includes special characters and numbers for added security. Sadly, this sense is most likely false. If it's anything like the 5.4 billion user IDs on haveibeenpwned.com, their login has already been compromised. If it's not listed, it could be soon. Recent estimates state that 8 million more credentials are compromised every day. Ensuring safe access Data breaches, ransomware and phishing campaigns are increasingly easy to pull off. Cyber criminals can easily find the tools they need on Google with little to no technical knowledge. Breached passwords are readily available to cyber criminals on the internet. Those that haven’t been breached can also be guessed, phished or cracked using one of the many “brute-force” tools available on the internet. It's becoming clear that login credentials are no longer enough to secure your users' accounts. Meanwhile, organisations have a responsibility and an ever-stricter legal obligation to protect their users’ sensitive data. This makes ensuring safe access to the services they need challenging, particularly when trying to provide a user experience that won’t cause frustration – or worse, lose your customers’ interest. After GDPR was implemented across the European Union, organisations could face a fine of up to €20 million, or 4% annual global turnover Importance of data protection So how can businesses ensure their users can safely and simply access the services they need while keeping intruders out, and why is it so important to strike that balance? After GDPR was implemented across the European Union, organisations could face a fine of up to €20 million, or 4% annual global turnover – whichever is higher, should they seriously fail to comply with their data protection obligations. This alone was enough to prompt many organisations to get serious about their user’s security. Still, not every business followed suit. Cloud security risks Breaches were most commonly identified in organisations using cloud computing or where staff use personal devices According to a recent survey conducted at Infosecurity Europe, more than a quarter of organisations did not feel ready to comply with GDPR in August 2018 – three months after the compliance deadline. Meanwhile, according to the UK Government’s 2018 Cyber Security Breaches survey, 45% of businesses reported breaches or attacks in the last 12 months. According to the report, logins are less secure when accessing services in the cloud where they aren't protected by enterprise firewalls and security systems. Moreover, breaches were most commonly identified in organisations using cloud computing or where staff use personal devices (known as BYOD). According to the survey, 61% of UK organisations use cloud-based services. The figure is higher in banking and finance (74%), IT and communications (81%) and education (75%). Additionally, 45% of businesses have BYOD. This indicates a precarious situation. The majority of businesses hold personal data on users electronically and may be placing users at risk if their IT environments are not adequately protected. Hackers have developed a wide range of tools to crack passwords, and these are readily available within a couple of clicks on a search engine Hacking methodology In a recent exposé on LifeHacker, Internet standards expert John Pozadzides revealed multiple methods hackers use to bypass even the most secure passwords. According to John’s revelations, 20% of passwords are simple enough to guess using easily accessible information. But that doesn’t leave the remaining 80% safe. Hackers have developed a wide range of tools to crack passwords, and these are readily available within a couple of clicks on a search engine. Brute force attacks are one of the easiest methods, but criminals also use increasingly sophisticated phishing campaigns to fool users into handing over their passwords. Users expect organisations to protect their passwords and keep intruders out of their accounts Once a threat actor has access to one password, they can easily gain access to multiple accounts. This is because, according to Mashable, 87% of users aged 18-30 and 81% of users aged 31+ reuse the same passwords across multiple accounts. It’s becoming clear that passwords are no longer enough to keep online accounts secure. Securing data with simplicity Users expect organisations to protect their passwords and keep intruders out of their accounts. As a result of a data breach, companies will of course suffer financial losses through fines and remediation costs. Beyond the immediate financial repercussions, however, the reputational damage can be seriously costly. A recent Gemalto study showed that 44% of consumers would leave their bank in the event of a security breach, and 38% would switch to a competitor offering a better service. Simplicity is equally important, however. For example, if it’s not delivered in ecommerce, one in three customers will abandon their purchase – as a recent report by Magnetic North revealed. If a login process is confusing, staff may be tempted to help themselves access the information they need by slipping out of secure habits. They may write their passwords down, share them with other members of staff, and may be more susceptible to social engineering attacks. So how do organisations strike the right balance? For many, Identity and Access Management solutions help to deliver secure access across the entire estate. It’s important though that these enable simplicity for the organisation, as well as users. Organisations need an IAM solution that will adapt to both of these factors, providing them with the ability to apply tough access policies when and where they are needed and prioritising swift access where it’s safe to do so Flexible IAM While IAM is highly recommended, organisations should seek solutions that offer the flexibility to define their own balance between a seamless end-user journey and the need for a high level of identity assurance. Organisations’ identity management requirements will change over time. So too will their IT environments. Organisations need an IAM solution that will adapt to both of these factors, providing them with the ability to apply tough access policies when and where they are needed and prioritising swift access where it’s safe to do so. Importantly, the best solutions will be those that enable this flexibility without spending significant time and resource each time adaptations need to be made. Those that do will provide the best return on investment for organisations looking to keep intruders at bay, while enabling users to log in safely and simply.

Ethics is a particularly important subject in an industry such as fire and security because the result of unethical actions might make the difference in life and death. For example, if an employee acts unethically when servicing a fire extinguisher, the result could be to burn down the building. Although ethics is not a common topic of discussion in the fire and security industry, perhaps it should be. Chubb Fire and Security is a company that provides an example of how an emphasis on ethics can benefit a company, their employees, their customers and the whole world. Fire safety and security risks “The fire and security industry is different than others because lives and people’s safety are on the line,” says Harv Dulay, Director of Ethics and Compliance at Chubb Fire and Security. “Our purpose is to protect clients from fire safety and security risks. This is a business where no one should take short cuts. It is important to do the right thing all the time, every time, and it’s about protecting lives and property.” At Chubb, we have a code of ethics, our ‘bible,’ that is issued to employees when they start" “At Chubb, we have a code of ethics, our ‘bible,’ that is issued to employees when they start,” says Dulay. “Within the bible are core fundamental rules about what’s acceptable and not acceptable. We lay it out for employees very specifically. They understand and embrace the code of ethics, which is based on trust, integrity, respect, innovation and excellence.” “If you get those right, the business moves in the right direction. A key piece of our ethics policy is based on trust. We relate to others with openness, transparency, and empathy. It makes Chubb a better place to work and enables us to provide better service to customers.” Fire audit For Chubb, ethics is not just theoretical, but ethical concepts play out every day in practical ways. An example might be an engineer who goes to a customer’s site and is asked to do a task that is outside his or her duties and/or not allowed under the ethics policy. The pressure might be even greater if the employee is struggling to meet a sales figure. The code of ethics addresses specific situations and outlines the behaviour that is expected. In another example, a customer asked a Chubb technician to forge a certificate saying the customer had previously passed a fire audit in order to validate his previous year’s insurance. Showing ethical integrity, the technician was able to cite the company’s Code of Ethics and refuse to do it. The technician also reported the situation to his Ethics and Compliance Officer. Customers benefit, too. Delivering ethics excellence It’s a message heard from the top down, from everyone in the company" One of Chubb’s sales associates immediately reporting a situation in which all the tenders and competitors’ prices were visible as they prepared a tender for upload to a customer portal. Not only did the sales associate deliver ethics excellence by reporting the issue, he also helped a grateful customer who thereby avoided anti-trust issues, says Dulay. “Ethics is not just a current issue,” says Dulay. “It’s embedded in our values and has been since the beginning. Ethics is making sure people do the right things.” Ethics is integrated into the Chubb business model, and everyone knows what is expected of them. “It’s a message heard from the top down, from everyone in the company.” On-line training modules Ethics discussions begin for employees at Chubb when they join the company; clear instructions about ethics are included as part of employee induction. There are nine modules of ethics training during employee orientation, and a discussion with an Ethics and Compliance Officer is part of the onboarding process. The training program includes information about ethics, company expectations around ethics, where to go for questions about ethical issues, and details of the anonymous ombudsman program. Additionally, field staff are trained by their supervisors via regular face-to-face ethics toolbox talks. Office staff complete a series of on-line ethics training modules regularly. A series of supervisor-led trainings encourage managers to deliver face-to-face ethics training to their team, citing real-life examples. Healthy discussions are encouraged to deal with any ‘gray areas.’ Worldwide implementation of data security Some 14,000 employees globally have multiple options when it comes to reporting an issue Dulay estimates that ethics and compliance officers spend about half their time answering questions and clarifying for employees what’s expected in the code of ethics. Some 14,000 employees globally have multiple options when it comes to reporting an issue, and there are full-time Ethics and Compliances Officers in every country where Chubb does business. A reflection of Chubb’s global approach to compliance is their worldwide implementation of data security requirements of Europe’s General Data Protection Regulation (GDPR); the company saw the benefits of the program for any jurisdiction. Training and education are part of Chubb’s investment in ethics. For example, a recent module on ‘respect in the workplace’ covered the need to create a company culture in which everyone feels respected. “Training and continuous communication are embedded in the organisation,” says Dulay. Managing potential conflicts proactively “We invest in the process,” says Dulay. “We have had employees who left the company and then come back. They realised the importance of ethics and rejoined us. We start with the foundation that we would rather lose business than give up our ethical standards,” says Dulay. Some business is not worth getting if you don’t adhere to your values" “We won’t abandon our policies even if there is money at stake. Some business is not worth getting if you don’t adhere to your values. We manage potential conflicts proactively by creating and instituting methods in which employees have access to tools they can use to be successful and adaptable in times of change,” says Dulay. “Also, we will not tolerate retaliation against any employee who reports wrongdoing – regardless of the outcome of the investigation.” Forming good ethics behaviour And while there is no specific monetary value assigned to good ethical practices, success can be measured. “We measure it by people’s conduct, the number of cases we have, and awareness,” says Dulay. “It’s good for employee morale, and it’s good for customers and our business. It’s not measurable, but it is fundamental for business and customers.” “The work we do as a company can impact people’s lives so it is important that everyone has an understanding of the importance of their role,” says Dulay. A common misconception about ethics is: “If no one is watching, it must be ok.” However, Dulay says it is the things employees do when no one is watching or checking in on them that form good ethics behaviour. During training, Chubb emphasises that ethics is about doing the right thing, all the time even if no one is watching.

For the security market, the ‘fine ranging’ capabilities of ultra-wideband (UWB) technology opens up a range of new uses based on the ability to determine the relative position and distance of two UWB-equipped devices with pinpoint accuracy – within centimetres. UWB is more accurate and secure, even in challenging environments full of interference, compared to narrow band wireless technologies. UWB technology transmits a large amount of data over short distances using a small amount of energy. It will be used in seamless access control, location-based services, and device-to-device services across industries including smart homes, cities, retail services, and healthcare. Increasing the accuracy of ranging measurements UWB technology will support any application that benefits from knowing the precise location of a connected deviceUltra-wideband is a mature radio technology that transmits information spread over a large bandwidth, as described by the IEEE 802.154 standard. A new, enhanced amendment to the standard – IEEE 802.15.4z – focusses on improvements to existing modulations to increase the integrity and accuracy of ranging measurements. Moving forward, UWB technology will support any application that benefits from knowing the precise location or presence of a connected device or object. This reflects a move from data communication to secure sensing. New capabilities of UWB are largely unfamiliar to the market, but a new Consortium – the FiRa Consortium – has a mission to educate the market, provide use cases, and promote UWB technology. Delivering interoperability across devices “With a consortium, we can better deliver interoperability across devices, software, and chipsets,” says Ramesh Songukrishnasamy, Director and Treasurer of the FiRa Consortium, and SVP & CTO of HID Global. “This creates a frictionless experience for the user, which is vitally important with a new technology. People are more likely to adopt emerging technology when it runs smoothly without interruptions or errors.” The FiRa consortium is ensuring new use cases for fine ranging capabilities can thrive" An industry consortium can create a UWB ecosystem of interoperable technologies instead of individual companies launching products that consumers struggle to make work together, says Songukrishnasamy. “Simply, the FiRa consortium is ensuring new use cases for fine ranging capabilities can thrive.” Founding members of the FiRa consortium ASSA ABLOY and HID Global, pioneers in secure access and identity solutions, are founding members of the consortium. Their technology manages access to physical and digital places, things, and identities. Another founding consortium member, NXP Semiconductors, is a pioneer in secure connectivity solutions for embedded applications. Other founding members are Samsung, which creates top-of-the-line TVs, smartphones, wearables, and other connected devices; and the Bosch Group, a global supplier of technology and services that is at the forefront of IoT innovations. Sony Imaging Products & Solutions Inc., LitePoint and the Telecommunications Technology Association (TTA) are the first companies to join the newly formed organisation. Immune to radio frequency interference UWB is also immune to radio frequency interference, so it functions in high traffic settingsUWB introduces higher levels of accuracy in positioning capabilities and increased security for ranging data exchange compared to existing technologies. Fine ranging with UWB technology can localise devices and objects to 10 centimetres of accuracy with or without line of sight. UWB is also immune to radio frequency interference, so it functions in high traffic settings. These capabilities will enable a variety of use cases like secure, hands-free access control in hospitals, location-based services for ride sharing, and targeted marketing for retailers. FiRa will demonstrate UWB technology at upcoming trade shows. The FiRa Consortium aims to build on IEEE’s work with an interoperable high rate physical layer (HRP) standard, including defining an application layer that discovers UWB devices and services and configures them in an interoperable manner. The consortium also plans to develop service-specific protocols for multiple verticals and define necessary parameters for applications including physical access control, location-based services and device-to-device services. Promoting the adoption of UWB solutions     As a consortium, FiRa is not just setting standards but actively championing use cases for UWB technology. Creating the consortium addresses the need to develop interoperability and implementation standards; brings key players together to create a rich UWB ecosystem; allows for the sharing of intellectual property; and promotes the adoption of UWB solutions. The FiRa Consortium is committed to educating and promoting new use cases" “Since UWB is a mature technology with new potential uses, there is a general lack of awareness of potential applications that take advantage of the technology,” says Songukrishnasamy. “The FiRa Consortium is committed to educating and promoting new use cases.” The FiRa name comes from Fine Ranging to highlight UWB technology’s use cases and distinction from older UWB technologies and solutions. Enhanced security in challenging environments Fine ranging powered by UWB can outperform other technologies in terms of accuracy, power consumption, robustness in wireless connectivity, and security, especially in challenging, high density environments. UWB previously served as a technology for high data rate communication and as such was in direct competition with Wi-Fi. Since then, UWB has undergone several transformations: UWB has evolved from an OFDM-based data communication to an impulse radio technology specified in IEEE 802.15.4a (2ns pulses with Time of Flight); and A security extension being specified in IEEE 802.15.4z (at PHY/MAC level) makes it a unique secure fine ranging technology. Moving from data communication to secure ranging allows ‘spatial context capability’ to be utilised by a variety of applications: seamless access control, location-based services, and device-to-device (peer-to-peer) services. Information is available at firaconsortium.org.

Global Security Exchange (GSX) 2019 will blow into the Windy City this fall, combining a tradeshow, a full schedule of professional education sessions, plenty of industry networking opportunities, and an annual reunion of the top professionals from around the world tasked with protecting people, property and assets. GSX – the trade show and industry event 'formerly known as' the ASIS Annual Seminar and Exhibits – will be Sept. 8-12 at Chicago’s McCormick Place. The show promises to 'elevate the event experience with modern education learning experiences, revitalised networking opportunities, and a reimagined trade show floor.' More than 550 exhibitors will be featured in the expo hall (open Sept. 10-12), according to ASIS International. Chicago is a great location for GSX, as evidenced by the successful 2013 ASIS show. Cutting-edge solutions X1 Stage sessions are designed to highlight cutting-edge solutions and increase contextual understanding GSX seeks to attract more attendees to the exhibition hall with education events positioned alongside the industry’s latest-and-greatest equipment and technology exhibits. On the expo floor, the GSX: Disruption District will include new and enhanced programs such as the X Learning stages, the D3 (drones, droids, defence) Learning Theater, the Pitch Competition and the Innovative Product Awards. X Learning is a series of experiential sessions. X1 Stage sessions are designed to highlight cutting-edge solutions and increase contextual understanding of new technology. GSX: Startup Sector highlights new companies with emerging technologies; and GSX: Pitch Competition brings together entrepreneurs, investors and industry leaders to feature early-stage startup pitches. Career HQ will provide free resume reviews, career coaching, professional development and networking opportunities. A Sharpshooter Contest sponsored by Smart Simulators and SB Tactical will allow contestants donating $20 to compete for $500 in prizes each day. Pre-conference certification courses More than 300 security courses, plus pre-conference certification courses, will provide security professionals expertise to enhance their career development. Programming will be led by ASIS and InfraGard subject matter experts. (InfraGard is a non-profit organisation serving as a public-private partnership between U.S. businesses and the Federal Bureau of Investigation.) Seventeen education tracks will serve the needs of security professionals interested in topics from business continuity to crime/loss prevention, law and ethics to national security, information security to physical and operational security. The show also provides opportunities for dealers, installers, integrators, consultants, specifiers, architects and engineers 'Game Changer' sessions will address hot and controversial topics, including 'The Ever-Changing Drone Landscape: What You Need to Know' and 'Accelerating Digital Transformation: Insights and Applications.' Ian Bremmer of Eurasia Group will speak on navigating the geopolitical landscape; Steve Demetriou and Joe Olivarez of Jacobs, a global professional services company, will speak about harnessing technology and big data to make strategic decisions. Providing new opportunities Wednesday morning, General John F. Kelly of the U.S. Marine Corps (Ret), will provide insight into the evolving geopolitical landscape around the world. His keynote presentation on Sept. 11 will kick off Military and Law Enforcement Appreciation Day. Tarah Wheeler, cyber security researcher, will speak on protecting assets in the age of cybersecurity leaks and scandals. More than 20,000 registered attendees are expected from 110-plus countries across the entire industry Although the attendee emphasis is on security end-users, the show also provides opportunities for dealers, installers, integrators, consultants, specifiers, architects and engineers. More than 20,000 registered attendees are expected from 110-plus countries across the entire industry, according to ASIS International. Networking events will include an ASIS Town Hall Meeting on the afternoon of Sept. 8, aimed at opening communication between ASIS staff and membership. There will be an Opening Night Celebration Sept. 8 centred on the theme 'Chicago on the Silver Screen' at Revel Motor Row, a popular Chicago landmark originally home to the Illinois Auto Club. Emphasis on education On Monday (Sept. 9) a networking luncheon will be followed by the Awards Reception later in the day. A reception in the evening will present the Karen Marquez Honors Award, recognising a female security professional. Tuesday (Sept. 10) will have a Happy Hour at the exhibit hall, followed later by a Women in Security and Young Professionals Happy Hour. Wednesday evening will be the President’s Reception at Wintrust Arena, with a 1980s theme. The annual trade show has declined in recent years, and ASIS International has implemented changes that seek to reinvigorate the show, culminating in the rebranding last year. One challenge is that the show’s emphasis on education keeps attendees engaged for hours of the day, making it harder to meet the expectations of exhibiting companies who want more booth traffic. More attractions on the show floor, including the Tuesday happy hour, are aimed at increasing overall foot traffic in the hall.

H-Farm has a strong track record supporting innovation and creativity in European start-ups. The company focuses on skills development, new approaches to education and digital transformation. Its most recent transformation project involved an access control system — for its own offices. H-Farm needed a solution to streamline access management for lots of people at a growing portfolio of sites and buildings. H-Farm experiences rapid turnover of users, both because new businesses join regularly and because they organise up to 300 events every year. Battery-powered locks Any new locks would need to extend an existing Axis system, but without adding complexity for day-to-day administration. To meet their needs, H-Farm selected a combination of Aperio® handles, security locks and escutcheons, each easy to retrofit, so day-to-day work at their busy offices would not be disrupted by intrusive installation. So far, 40 Aperio® Online H100 wireless door handles, 6 Aperio® Online L100 wireless locks and 4 Aperio® Online E100 wireless escutcheons have been fitted across multiple H-Farm locations in northern Italy. All Aperio® battery-powered locks are wireless, so no ugly cabling runs to H-Farm’s doors. Because Aperio® offers wide range of battery-powered devices, H-Farm can choose the precise wireless lock for every application: the L100 lock protects doors with high security demands; robust H100 handles suit interior doors with high traffic. Wireless access control Aperio® H100 enables customers to add doors to their access control solution because cost per door is lower H-Farm interior doors are mostly secured with the new Aperio® H100 wireless handle — Intersec’s Access Control Product of the Year in 2018. The Aperio® H100 packs the flexibility and affordability of Aperio® wireless access control into a slim, cleverly designed door handle. Its standard battery slots inside the handle, ensuring a minimal footprint. ASSA ABLOY’s device design team incorporated electronics into the handle lever on the outside of the door, without jeopardising security. Design has become a major feature of the H100’s appeal. H-Farm wanted devices to blend with the contemporary architecture of their new €101m H-Campus development. “Aperio® wireless access control hardware is solid, nice looking and perfectly fits our environment — solving our access problem,” says Alberto Aldrigo at H-Farm. The H100 and other Aperio® devices are easy to install; for the H100, basically two screws complete the job. Going forward, this will enable H-Farm to quickly bring new buildings into the same access system as they expand to fresh locations. The H100 fits around 90% of target doors with two main models: one for left-handled doors, the other right-handed. “The Aperio® H100 also enables customers to add more doors to their access control solution because the cost per door is lower,” says Tania Amico, Aperio® Sales Manager at ASSA ABLOY Italy. Seamless integration H-Farm managers want to control access to site doors, or bring entirely new premises into their access system The open architecture underpinning Aperio® devices enabled easy online integration with their existing Axis system via PRYSM AppControl. Remote operation from a single, central software interface is seamless, which makes administering the system easy. “The PRYSM AppControl software utilizes the integration Axis completed with Aperio®,” says Piergianni Marana, Key Account Manager at Axis. “And the AXIS A1001 Door Controller is based on open hardware, which makes installing and configuring an Aperio® wireless lock easy and seamless.” An Aperio® RS-485 Hub coordinates up to 8 Aperio® locks within a typical range of 15 to 25 meters, communicating with the admin system via the powerful AXIS A1001 IP Network Controller. One AXIS A1001 Door Controller can manage one wired door and one Aperio® hub, up to 9 doors per hub. AES 128-bit encryption ensures communication between lock and system is secure. Online Aperio® integration gives facility managers real-time status information about their premises. Aperio® locks are wireless, so there was no expensive or time-consuming cabling. The AXIS A1001 uses Power over Ethernet (PoE), which eliminates the need for power cables to the controllers, too. If needs change at a facility — perhaps H-Farm managers want to control access to more site doors, or bring entirely new premises into their access system — it’s quick, efficient and easy for an installer to fit Aperio® locks and integrate the doors with the AXIS Entry Manager control panel. To discover whether your existing security system is ready for wireless Aperio® locks, download a free, fast Compatibility Checker at https://campaigns.assaabloyopeningsolutions.eu/aperio-upgrade

Traka has launched a new downloadable white paper to open a discussion on the changing nature of retail banking in the UK, using latest case examples to consider branch management and shifting customer expectations. The white paper, titled ‘Shaping the retail banking industry’ looks at several factors influencing the sector, including the increasing expectations and values of customers demanding a more personalised branch experience. Key and equipment management Incorporating analysis from globally renowned financial services, including PwC, Accenture and Deloitte, the paper highlights the opportunities for innovation, together with collaboration and adoption of new operational processes. This incorporates key and equipment management to enable retail banks to deliver on top quality service. The future for retail banking could arguably also be cited as bleak and in a state of industry disruption" Says Mike Hills, Traka UK Market Development Manager and Author of the white paper: “Against a backdrop of negative press concerning the state of UK high streets, the future for retail banking could arguably also be cited as bleak and in a state of industry disruption, as customers move towards a more mobile-connected lifestyle.” Staff and customer security “However, our research in putting together this white paper tells a different story. That actually, the sector has a real chance to embrace the changes occurring and entice their customers, meeting demands for personal service. We found that brands riding the storm are taking small yet significant steps to tailor their services and make operational differences that are proving key to their success.” The white paper focusses on Traka’s experience with Nationwide Building Society to demonstrate how supporting operational efficiency can benefit banking staff and ensure they can focus on serving their customers, without compromising on security.  Retail Banking security Mike concluded, “We have brought this white paper together using the latest research and intrinsic market reports, together with case evidence on the future of the retail banking industry and the issues faced by the sector to ensure long term success.”  “Within this, we wish to stimulate debate and encourage views and contributions from as many different voices as possible. We look forward to your opinion, experience or comment on this matter of growing importance so together, we can look to support and shape the future of retail banking.”

PerpetuityARC Training, part of the Linx International Group recently delivers a risk and crisis management workshop for Lafarge Egypt (part of the LafargeHolcim Group) in Cairo. The training provided senior managers from across the organisation with the knowledge and skills needed to manage resources during a crisis and operate within the organisation’s crisis management and compliance framework. The intensive programme was built collaboratively between PerpetuityARC Training and Lafarge Egypt and specifically tailored to its operating environment in the construction materials industry. Achieve successful resolution It was great to see them solving problems in a pressured, but safe environment" In a series of practical and theoretical exercises, Linx International Group Director, Angus Darroch-Warren, assessed and enhanced the ability and confidence of participants to apply their new skills to manage complex and evolving crisis scenarios, each requiring close collaboration between team members, in order to achieve a successful resolution. Security Director at Lafarge, Magdy Khorshid, stated: “The course was amazing, very practical and interesting to all and I received much positive feedback from all learners.” Angus commented: “The Lafarge teams engaged fully with the workshop scenarios. It was great to see them solving problems in a pressured, but safe environment, that allowed them to think through issues and respond using identified resources and procedures.” The workshop is the latest collaboration in a five year relationship between Lafarge Egypt and PerpetuityARC Training. During this time PerpetuityARC Training has delivered its security and risk related courses to employees and stakeholders in Egpyt and the UK.

Wintec (The Waikato Institute of Technology), established in 1924 is a major New Zealand Government-funded tertiary institution, which has three Hamilton campuses; a city site overlooking the central business district, Avalon campus on the northern outskirts of the city, and a horticultural campus at Hamilton Gardens. In addition, it has regional operations at Te Kuiti and Thames and also an office in Beijing. The Avalon campus, a ten-minute drive from the city, is home to specialist trades training facilities, a state-of the-art sport and exercise complex and custom designed facilities for the School of International Tourism, Hospitality and Events. The third Hamilton campus, the Horticultural Education Centre, is situated amidst the 58 hectares of Hamilton Gardens. On-line distance education Wintec’s programmes and qualifications are nationally and internationally recognised Wintec is one of the largest institutes of technology in New Zealand, and has more than 35,000 full-time and part-time students, more than 500 full and part time staff and eleven schools within its academic faculty. International enrolments exceed 1000 from 47 countries. A range of student services provide its domestic and international students with a high level of support so they enjoy a positive, safe and secure study experience. Wintec’s programmes and qualifications are nationally and internationally recognised and its degrees have equal status to those from universities. The degree programmes include Media Arts, Midwifery, Nursing, Occupational Therapy, Early Childhood Education, Business Studies, Engineering, Technology, Information Technology, and Sport and Exercise Science and a wide range of full and part time courses for those already in the workforce. Wintec is also recognised nationally in the delivery of on-line distance education for those unable to attend regular classes for reasons of geographical access or other constraints. Electronically controlled doors Wintec strives for a balance of unobtrusive yet robust control of site activity, essential for maintaining an open campus environment. Shane Goodall, Security Manager at Wintec, describes the approach to security as highly proactive and collaborative: “by focusing on preventing issues arising, we now have a minimal policing role and the crime resolution rate is high”. This environment is underpinned by Gallagher’s security system, a core access control, intruder alarms and integration platform. Wintec first installed the Gallagher system (formerly Cardax FT) in 1999 and has since migrated this legacy system to Gallagher’s latest security technology platform. Security for the entire organisation, including satellite sites, is managed and monitored centrally from Wintec’s single Gallagher security system. Since initial installation, Wintec’s Gallagher access control system has grown from 7 to 240 electronically controlled doors in 2009, with another 40 planned - testimony to the scalability and flexibility of the system. Network friendly system communications The organisation first installed 6 cameras in 2004 which has increased to 7 DVRs and 85 cameras Wintec has integrated its imaging system to the Gallagher system delivering a visual record which can be matched to the audit trail of events in Gallagher Command Centre software. The organisation first installed 6 cameras in 2004 which has increased to 7 DVRs and 85 cameras (both analogue and IP). Another compelling aspect of the system for Wintec is the scalability and TCP/IP network friendly system communications. As well as monitoring and controlling staff and student access, equipment including computers, TVs, printers, audio visual resources at Wintec are also monitored through the Gallagher system. The ‘Gallagher Hub’, a new computer laboratory offering comprehensive IT resources is open 24 hours. The Hub contains 125 workstations, and there are plans to extend that number. Active monitoring of equipment though the Gallagher system has significantly reduced theft. Students and staff have scheduled access to shared IT resources, classrooms and lecture theatres. Manage cardholder data ‘Cardholder Import’, an XML Interface, supports the importation of cardholder data including course enrolments from their student record system to Gallagher Command Centre. Shane comments, “Student card issuing is an automated process which is enrolment-driven – a student’s access privileges are assigned according to their enrolled courses.” “To implement this, we defined a rules-based allocation of access groups in the Gallagher system using the XML interface. The interface is ‘live’ so that changes in the student enrolments database are immediately reflected in the Gallagher system. The student’s updated access privileges come into effect without delay.” Staff that interact directly with students are now empowered to manage cardholder data enabling the security team to focus on security. Students and staff utilise Mifare SmartCard functionality extensively, embracing them as an integral multiapplication tool in their modern educational environment – SmartCards are used to issue resources from the library and as pre-stored value cards enabling prepaid printing and photocopying. In the near future they will also be used in Wintec’s Pay and Display car-park and potentially as passes onto city council buses. Electronic access control At Wintec, security is not viewed as a discrete functional activity relegated to security staff only Stewart Brougham, Director of Internationalisation at Wintec, says students have given very positive feedback about their ID cards. In particular, the ability to verify the identity of staff members from their ID access cards provides peace of mind for students. The end result is a people-friendly campus. Future enhancements of Wintec’s security may include the utilisation of the CommCard solution from Gallagher to manage and monitor access to student accommodation. CommCard is a unique high level integration between the Gallagher Command Centre software and Salto off-line readers, delivering offline, non-monitored electronic access control for lower security doors. An overriding philosophy of collaboration has seen Wintec take a lateral approach to security, the value of which many organisations have yet to realise. At Wintec, security is not viewed as a discrete functional activity relegated to security staff only. The ongoing management of security is a joint effort between the security services team and the information services team. Increasing operational security The security services team manages the Gallagher system while IT looks after back end functions such as installation on the network and backup. Wintec has leveraged the convergence of security (access control) and other operational business functions recognising the tremendous potential for reducing risk and increasing operational security, safety, performance and efficiency. Looking beyond simply controlling and monitoring who goes where and when on site, Wintec is harnessing the reporting capabilities of Gallagher Command Centre to meet regulatory requirements. The Gallagher system enables the institution to report on actual space utilisation (not just space booking). Decisions are made for best use, and also to substantiate funding, based on these reports. “The key to space utilisation reporting are the frequency of reporting and the integrity and reliability of information,” states Stewart Brougham. It’s a national issue for educational institutes in New Zealand. Extending external partnerships “For Wintec, reporting is about ensuring compliance with regulatory requirements and is also a staff time management issue – reducing the administration load on lecturers, who would otherwise have to track student attendance manually.” Brian Fleming, Director of Gallagher Channel Partner, Concord Technologies, sites this lateral application of a security system as key to maximising the value of Gallagher to Wintec. Wintec has a strong relationship with Gallagher in the ongoing development of its technologies This collaborative philosophy extends to proactive external partnerships with their Gallagher Channel Partner, Concord Technologies, for the installation and maintenance of the Gallagher system, and with system designer and manufacturer, Gallagher. Having signed an agreement to continue in the capacity of a Gallagher field test site, Wintec has a strong relationship with Gallagher in the ongoing development of its technologies. Wintec’s success, in the last 5 years, as a test site reflects the competence of both its IT and security staff and the institute’s commitment to edge student services. Minimal training has been required. Software maintenance agreement There is open communication and information sharing between all internal and external parties involved, which means any issues that arise can be quickly addressed. Wintec has committed to a site maintenance plan with their security partner, Concord Technologies. The plan incorporates both software and hardware maintenance to ensure the system is maintained on the latest operating platforms within a known cost structure. A Software Maintenance Agreement also ensures enhanced ongoing system performance and reliability of the Gallagher system. Acknowledgements Gallagher would like to acknowledge the support of Wintec and security partner, Concord, with the development of this in-site study. Gallagher would also like to particularly acknowledge and thank Shane Goodall for the pivotal role he plays in championing the collaboration of these parties and for his outstanding support of the Northern Region Cardax User Group (NZ) in the capacity of Chairman of the group.

Located in the buzzing heart of England’s capital city, University College London is one of the top ranking establishments for higher education in the world. Founded in 1826, London’s first university institution, the College now has an estimated 28,600 enrolled students and 14,600 members of staff. Including agency staff, academic associates, and other visitors, UCL currently has a system of over 48,000 valid cardholders. Based primarily in the Bloomsbury area, UCL’s main campus is situated on Gower Street and includes departments such as biology, chemistry, economics, engineering, geography, history, languages, mathematics, philosophy, politics, physics, architecture and the Slade School of Fine Art, as well as the preclinical facilities of the UCL Medical School and the London Centre for Nanotechnology. Electronic access control UCL has been used as a location for a number of high profile film and television productions While the UCL Cancer Institute and Faculty of Laws are also nearby, notable College buildings include the original Wilkins Building and Gower Street’s Cruciform Building, previously home to University College Hospital. The University has further sites based elsewhere in and around London, such as the UCL Institute of Ophthalmology, the UCL Institute of Orthopaedics and Musculoskeletal Science, The Royal Free Hospital Medical School, and also the UK’s largest university-based space research group, the Mullard Space Science Laboratory, and UCL’s own astronomical observatory at Mill Hill. Due to its position within London and the historical nature of its buildings, UCL has been used as a location for a number of high profile film and television productions, including Gladiator, The Mummy Returns, The Dark Knight and Inception. The sheer scale of the University’s operations, with thousands of occupants fluctuating between its numerous facilities, has dictated the need for a comprehensive electronic access control security system – one which has evolved over many years. Physical locking controls UCL’s Security Systems Manager, Mike Dawe explains that while adhering to the University’s culture of ‘general openness’ on campus, Gallagher systems have been introduced as “a progressive response to the need for more security control on site.” Security throughout the University is managed by the Security Department of the Estates Division, which has responsibility for all the physical locking controls and electronic systems, as well as the provision of the security guarding service. By and large an open campus, a number of university buildings are free to visitors from the general public, while others are controlled by turnstiles accessible by valid cardholders only. Many other research areas are available only to those with specific security passes. Gallagher’s systems have been in place with the University since 1993 and were originally chosen for the Gallagher Commander Hardware’s ability to communicate effectively over long distances between buildings. Key industry challenges Following were the key industry challenges involved: Ensuring appropriate access to students/staff onsite Implementation of lockdown and evacuation procedures Controlling access to key University areas Protecting University property Providing unobtrusive but robust security Control and management of multiple systems Visitor time and access management Central records systems Full data integration was achieved in 2006 when the system was linked to UCL’s central HR Recognised by Mike as the ‘next important direction for the University’, the subsequent introduction of the Gallagher Access Control system (formally Cardax FT) in 2003 enabled Gallagher’s main security system to be integrated with UCL’s other data systems. Additionally, Mike highlights how “Gallagher’s ‘building blocks’ approach to programming the software also provided greater flexibility when using the system, while the network infrastructure enabled us to move away from our own discrete wiring.” Full data integration was achieved in 2006 when the system was linked to UCL’s central HR, student records and visitor records databases. Combining the regular ID card with a single access control card then followed, and validity is kept fully updated by the University’s central records systems. Currently the University has 101 buildings on the Gallagher system, which controls 939 doors, 32 turnstiles and 15 lifts. General perimeter control Typically, Gallagher security is used for the general perimeter control of the buildings, such as those with both turnstile access and a reception at the entrance, as well as additional control within College buildings to divide public and semi-public areas from departmental spaces. Gallagher systems also control UCL’s top security areas such as high risk research space and data centres. Describing UCL’s security operation, Mike explains how the Gallagher solution has been integrated with the inhouse HR, student and visitor records systems and filters duplications to ensure a single identity. This information is then fed through the Gallagher system to update cardholder records using an ‘import/export’ function. The Gallagher technology is also used to automatically send barcode information to the Library systems and update the student records system with student photos. Scheduled email notification reports are also sent regularly which, according to Mike, “has proved very useful for UCL’s high value areas.” Security operations team We routinely use reports and produce these in response to departmental concerns and requests" “We routinely use reports and produce these in response to departmental concerns and requests”, he explains. “Typically this is done by the security operations team, which analyses the information, along with CCTV data to investigate suspected crimes.” UCL is planning to integrate the Gallagher Security system with its existing CCTV system and will use this, in addition to the new Command Centre Premier client, to improve the provision of site information to the Security Control room staff. The University is also currently developing its import/ export process to automatically provide access levels based on person-type information, such as department, course etc. Gallagher would like to thank Mike Dawe, UCL’s Security Systems Manager, for his support with the production of this site profile. We would also like to acknowledge the support of our security partner, Reach Active Limited who has contributed significantly to the successful implementation of the Gallagher system at University College London.

After a period of decline, the number of pupils being expelled from mainstream schools is increasing, placing more pressure on the need for Pupil Referral Units and the security at these premises, which is vital for managing student and staff safety. ASSA ABLOY High Security & Safety Group offers a range of locks and doors suited to the sensitive needs of Pupil Referral Units and pupils in care. Fire resistance integrity All doorsets in the Secure Education range are independently tested and certified The breadth of doorset solutions means the High Security & Safety Group can specify products for every area and need of a secure education environment. From classroom doors and personnel doors to circulation doors and high-performance doors. All doorsets in the Secure Education range are independently tested and certified to achieve 60minute fire resistance integrity and insulation to BS EN 1634 from both sides of the door. In addition, all doors within the offering are tested in line with the Department of Health’s environmental design guide attack test for secure services, as well as meeting with DD171 & BS EN 1192 severe duty performance and strength, and are tested to PAS 24 enhanced security performance requirements. Secure educational facilities This guaranteed and certified level of performance gives building owners and users the peace of mind that all doorsets are fit for purpose, as well as providing the added level of security and safety often needed in secure educational facilities. Mike Dunn, Commercial Director for ASSA ABLOY High Security & Safety Group, said: “A recent report by the think tank IPPR, found the total number of children being taught in ‘alternative provision’ for excluded children is far higher than the total number of reported exclusions. This will inevitably mean increasing pressure on facilities, such as Pupil Referral Units, and the safety of staff and pupils within those buildings.” Added level of security Pupil Referral Units are first and foremost a place of education" “Pupil Referral Units are first and foremost a place of education and therefore doors and locks must allow for this, grant access, as well as restricting permissions. However, an added level of security and safety must be considered and handled sensitively within these premises.” “Our experience and wide product range means we can advise on and supply doors and locks for every aspect of a secure education environment, mitigating any risk and ensuring a smooth specification process.” Doors within the Secure Education range come in a variety of materials and finishes, giving specifiers improved design flexibility.

Technology advancements often come with new terms and definitions. The language of our marketplace evolves to include new words that describe innovations in the industry. In the skilled hands of marketers, terms intended to be descriptive can also take a new element of ‘buzz,’ often presaging exciting developments that will drive the future. We asked this week’s Expert Panel Roundtable:  What new buzzword have you heard, and what does it mean for the industry?

ISC West 2019 is in the industry’s rear-view mirror, and what a show it was! The busy three days in April offered a preview of exciting technologies and industry trends for the coming year. We asked this week’s Expert Panel Roundtable: What was the big news at ISC West 2019?

The new year 2019 is brimming with possibilities for the physical security industry, but will those possibilities prove to be good news or bad news for our market? Inevitably, it will be a combination of good and bad, but how much good and how bad? We wanted to check the temperature of the industry as it relates to expectations for the new year, so we asked this week’s Expert Panel Roundtable: How optimistic is your outlook for the physical security industry in 2019? Why?