Training services

Open Options, global provider of access control solutions, has announced the launch of a new Learning Management System (LMS), “ConnectEd” for integrators, installers and system users to easily obtain certification in DNA Fusion. ConnectEd LMS platform The ConnectEd platform will be a new tool for Open Options customers to view course calendars and class status as well as register for upcoming classes. The Open Options training team currently offers classroom learning at their headquarters, on-site training, regional classes, and web-based training through WebEx.  “We are extremely excited to introduce this program to our partners,” said Open Options’ Director of Training and Education Services,  Sherinda  Barrow. "The new ConnectEd portal extends our education efforts and introduces another level of connection and benefits to educate our loyal community.” Online learning center Our primary objective with this new LMS platform is to offer all our customers the ability to easily access educational courses" As the new online learning center expands, customers of Open Options will have access to a wide variety of learning opportunities through the ConnectEd partner portal including distance learning. Customers can enroll in scheduled classroom instruction, quarterly webinars, regional trainings, and/or live training events. It’s access that connects to high-quality training. “Our primary objective with this new LMS platform is to offer all our customers the ability to easily access educational courses”, says Benjamin Vestal, Vice President, Sales and Business Development at Open Options. “All potential customers of DNA Fusion will be able to access our experts and high-quality educational content irrespective of their location at anytime, anywhere.” 

Pulse Secure, global provider of software-defined Secure Access solutions to both enterprises and service providers, has announced that it has become a member of the MSPAlliance, the oldest managed services group and the only accrediting and standards based body created specifically for the managed services provider industry. Secure Access services Recognising the push towards utility computing and an expectation for workforce mobility, multi-cloud performance and Zero Trust defenses, organisations are increasingly relying on MSSPs – fueling double digit growth for Secure Access services. Through its Access Now program, Pulse Secure works with Managed Security Service Providers (MSSPs) and Cloud Service Providers (CSPs) to enable Secure Access as a service. Pulse Secure helps partners cost-effectively accelerate differentiation and build out their service portfolios By offering versions of its award-winning Pulse Access Suite packaged specifically for service providers, Pulse Secure helps partners cost-effectively accelerate differentiation and build out their service portfolios to meet the massive demand for protected connectivity to cloud applications and hybrid IT resources. Pulse Secure Pulse Secure has invited its current and prospective partners to join a panel of service provider experts in a webcast entitled “Zero Trust Access as a Managed Service: What, Why, How,” on Wednesday, August 21, 2019 at 9 a.m. PT / 12 a.m. ET / 4 p.m. GMT.  “We’re pleased to be a member of the MSPAlliance and lend our voice to the evolution of the managed services and cloud services industry,” said Matt Weaver, vice president at Pulse Secure. “As digital risks grow, security solutions that support hybrid IT growth and strengthen overall security posture are increasingly critical to the acceptance and success of managed services and cloud solutions.” Protected connectivity The Pulse Access Suite delivers protected connectivity, operational intelligence and threat response across mobile, network and multi-cloud environments in order to provide easy, compliant access for end users and single-pane-of-glass management for administrators. Pulse Secure partners can help their customers centrally manage Zero Trust Secure Access to applications, resources and services that are delivered on-premise, in private cloud and public cloud environments. The company’s Access Suite comprises VPN and cloud access, Mobile Device Management (MDM), Single Sign-on (SSO), endpoint and IoT device visibility, Software Defined Perimeter (SDP), Network Access Control (NAC) and virtual Application Delivery Controller (vADC) solutions. Integrated Software Defined Perimeter Pulse Secure offers integrated Software Defined Perimeter functionality for its Secure Access solution Pulse Secure also offers integrated Software Defined Perimeter (SDP) functionality that complements its Secure Access solution set by offering direct device-to-application/resource secure connectivity only after successful user, device and security state verification, including geo location and behavior-based anomaly detection. In effect, SDP extends Zero Trust capabilities while delivering provisioning simplicity, security posture fortification and lower total cost of ownership. “We are delighted to have Pulse Secure as a member of our global association,” said Celia Weaver, MSPAlliance president. “By upholding the MSPAlliance Managed Service Provider’s Code of Ethics, Pulse Secure will work with MSPAlliance, as well as their industry peers, to help ensure the integrity of the managed services and cloud profession.” Managed Security Service Provider Pulse Secure previously announced new Managed Security Service Provider (MSSP) packaging of its award-winning Pulse Access Suite. The solution offers service providers an accelerated, cost-effective means to differentiate and build out their service portfolio to meet the massive demand for protected connectivity to cloud applications and hybrid IT resources. Pulse makes a full range of Authorised Education Training Courses available to Pulse Secure customers and partners through its network of global education partners.

The ASSA ABLOY Door Hardware & Access Control Group has released the latest dates for its free Aperio technical training course, which provides an invaluable insight into the innovative wireless locking technology’s many benefits. Aperio technical training course Offering an informative overview of the Aperio system’s capabilities, the free course covers its intelligent hardware features, product specifications, operating processes, best installation practice and other technological advantages. Attendees are also given a demonstration of the system’s wireless hub configuration, how to install, configure and commission Aperio devices. The course then finishes with a meeting focused on troubleshooting, and a question and answers session. Smart wireless locking technology Aperio is a smart technology that enables the wireless linking of mechanical locks to existing access control systems A straight-forward, convenient and cost-effective alternative to wired, high-end access control solutions, Aperio is a smart technology that enables the wireless linking of mechanical locks to existing access control systems. The technology uses a card-based solution to eliminate the logistical challenge associated with lost keys. Richard Hall, Technical Sales Support Manager at the ASSA ABLOY Door Hardware & Access Control Group, explains: “The Aperio course gives installers an invaluable opportunity to see how integrating the technology into their existing access control systems can cut energy and maintenance costs, while removing the frustration and administration involved with lost keys. Access control training course He adds, “We continue to hold the course at a centre of excellence for training – our dedicated ASSA ABLOY Academy in Willenhall. Over 100 attendees benefitted from the course in 2018, and we hope to host many more in 2019. The course is suitable for access control manufacturers, installers, and engineers.” The available training dates for the second half of 2019 are as follows: Tuesday 30 July Wednesday 14 August Wednesday 25 September Wednesday 30 October Wednesday 27 November Wednesday 18 December Refreshments are provided throughout the day, as well as lunch. Larger companies wishing to book onto the Aperio training course may be able to specify a separate training date.

Eaton’s SecureConnect™, a smart security management system for residential and commercial buildings, now has 4G capabilities. This secure plug-on module is a cloud communicator which enables a control unit to connect to the cloud using both 4G and 2G technology over mobile networks. Configuring the 4G cloud communicator as a back up to the panels Ethernet connection allows for dual path communications, ensuring that there is no loss of connection through power cuts or poor internet service. The unit is also an ideal solution for premises without an internet connection as it can provide fully independent mobile connectivity. Cloud-based systems SecureConnect™ enabled control panels are designed for use in for residential and commercial buildings, and when linked to the cloud, enable remote maintenance, monitoring and control via user-friendly web and mobile interfaces. All SecureConnect™ products are designed from the outset to deal with the increasingly sophisticated attacks that are targeting cloud-based systems, regular security updates deliver protection against the ever-changing threats. The secure cloud-based smart security management system has been thoroughly tested by Eaton’s Cyber-Security Centre of Excellence. Every new web-connected device provides a potential pathway for hackers" Glenn Foot, Scantronic Security Product Manager at Eaton, said: “SecureConnect represents an exciting development, making the installation, programming and monitoring of systems much faster and simpler for installers, and enabling end-users to benefit from greater convenience, control and peace-of-mind. However, every new web-connected device provides a potential pathway for hackers.” Potential cyber threats “It is therefore essential that cyber security is built-in from the very beginning and that best practice is correctly observed by technicians and homeowners. The new 4G cloud communicator further enhances the robustness of cloud connected systems providing dual path cloud connectivity when used as a back-up to a to a router connection. If an installer prefers have solution that is independent of the premises infrastructure, then module can also provide single path connectivity without the need of a router.” In addition to the product and technology solutions, Eaton offers training courses for installers to raise awareness of potential cyber threats and how to apply best practices. Eaton’s whitepaper, Protecting Home Security Systems from the Cyber Threat, explores the risks associated with cyber security, the challenges confronting installers and ways in which these can be addressed.

The ASSA ABLOY Door Hardware & Access Control Group is encouraging installers to sign-up to one of its upcoming training courses on its innovative wireless access control system, SMARTair. The course is free to attend and offers installers everything they need to know to help sell and install SMARTair, while also providing an informative overview of the wireless access control system’s capabilities and benefits. SMARTair system SMARTair delivers real-time access control, so organisations can stay in control of who has entered a building, where and when Taking place at the ASSA ABLOY Academy in Willenhall, the course will cover the technical aspects of how to install, set up and commission a SMARTair system. It also provides guidance on site surveys and how to identify and resolve common faults, meaning security professionals can offer a complete solution to their customers. SMARTair delivers real-time access control, so organisations can stay in control of who has entered a building, where and when. Multiple user groups can be easily managed with minimum fuss, with features such as time schedules and permissions calendars ensuring access rights are only allowed when needed. Wireless access control system The wireless access control system is offered with a robust range of devices – covering electronic locks, cylinders, escutcheons, wall readers and products for cabinets, lifts, vending machines and lockers – in an award-winning design. Finally, ASSA ABLOY’s new OpenowTM app also gives security administrators the ability to open electronic door locks remotely, so access control for SMARTair can be managed at any time and from any place. OpenowTM essentially transforms a smartphone into a secure virtual key, with users able to send, revoke and update virtual keys in seconds. SMARTair training course Suitable for an extensive range of sectors, installers can fit SMARTair in varied environments" Richard Hall, Technical Sales Support Manager at the ASSA ABLOY Door Hardware & Access Control Group, explains: “We have designed this course for professional security installers, system integrators and those responsible for installing and managing their own access control systems.” “Suitable for an extensive range of sectors, installers can fit SMARTair in environments such as hospitals, universities, offices, national parks, laboratories, libraries and many other settings. We would invite any installers or individuals responsible for their site’s security to attend this free course at our dedicated training academy in Willenhall, to find out more about the opportunities that SMARTair can help deliver to their business.” The available SMARTair training course dates for the second half of 2019 are: Wednesday 21 August Tuesday 17 September Tuesday 22 October Tuesday 19 November Thursday 12 December Refreshments are provided throughout the day, as well as lunch. Larger companies wishing to book onto the SMARTair training course may be able to specify a separate training date.

John Coursey joined the access control and video intercom company in May, having previously worked in the technology industry, training users of smart devices and wireless products. He will be providing practical, hands-on training for Paxton’sNet2 system at distributor locations and dealers' premises. He said, “In the move from smart devices to the security industry, I chose Paxton because of the world-class team I’d be joining. The array of user-friendly and aesthetically appealing products, plus the company’s devotion to creating a positive culture and work environment, made it top of my list.” Increasing demand for dealer training John’s appointment comes at a time of increasing demand for Paxton’s dealer training - 2018 was a record year globally, which saw over 3,000 dealers trained in the United States alone. Already this year, over 1,500 dealers have gone through free Net2 installation workshops – good news for dealers who boost their knowledge of the products, and for Paxton, who know that 9 out of 10 trained dealers go on to regularly install Paxton products for their clients. Eileen Reed, US Field Training Manager commented, “We’re excited to have John join our team. He’ll be working closely with our dealers on the West coast by providing them with the training they need to offer their customers with the best solutions.”

In 2017, IoT-based cyberattacks increased by 600%. As the industry moves towards the mass adoption of interconnected physical security devices, end users have found a plethora of advantages, broadening the scope of traditional video surveillance solutions beyond simple safety measures. Thanks in part to these recent advancements, our physical solutions are at a higher risk than ever before. With today’s ever evolving digital landscape and the increasing complexity of physical and cyber-attacks, it’s imperative to take specific precautions to combat these threats. Video surveillance systems Cybersecurity is not usually the first concern to come to mind When you think of a video surveillance system, cybersecurity is not usually the first concern to come to mind, since digital threats are usually thought of as separate from physical security. Unfortunately, these two are becoming increasingly intertwined as intruders continue to use inventive methods in order to access an organisation's assets. Hacks and data breaches are among the top cyber concerns, but many overlook the fact that weak cybersecurity practices can lead to physical danger as well. Organisations that deploy video surveillance devices paired with advanced analytics programs often leave themselves vulnerable to a breach without even realising it. While they may be intelligent, IoT devices are soft targets that cybercriminals and hackers can easily exploit, crippling a physical security system from the inside out. Physical security manufacturers Whether looking to simply gain access to internal data, or paralyse a system prior to a physical attack, allowing hackers easy access to surveillance systems can only end poorly. In order to stay competitive, manufacturers within the security industry are trading in their traditional analogue technology and moving towards interconnected devices. Due to this, security can no longer be solely focused on the physical elements and end users have taken note. The first step towards more secured solutions starts with physical security manufacturers choosing to make cybersecurity a priority for all products, from endpoint to edge and beyond. Gone are the days of end users underestimating the importance of reliability within their solutions. Manufacturers that choose to invest time and research into the development of cyber-hardening will be ahead of the curve and an asset to all. Wireless communication systems Integrators also become complicit in any issues that may arise in the future Aside from simply making the commitment to improve cyber hygiene, there are solid steps that manufacturers can take. One simple action is incorporating tools and features into devices that allow end users to more easily configure their cyber protection settings. Similarly, working with a third party to perform penetration testing on products can help to ensure the backend security of IoT devices. This gives customers peace of mind and manufacturers a competitive edge. While deficient cybersecurity standards can reflect poorly on manufacturers by installing vulnerable devices on a network, integrators also become complicit in any issues that may arise in the future. Just last year, ADT was forced to settle a $16 million class action lawsuit when the company installed an unencrypted wireless communication system that rendered an organisation open to hacks. Cybersecurity services In addition, we’ve all heard of the bans, taxes and tariffs the U.S. government has recently put on certain manufacturers, depending on their country of origin and cybersecurity practices. Lawsuits aside, employing proper cybersecurity standards can give integrators a competitive advantage. With the proliferation of hacks, malware, and ransomware, integrators that can ease their client's cyber-woes are already a step ahead. By choosing to work with cybersecurity-focused manufacturers who provide clients with vulnerability testing and educate end users on best practices, integrators can not only thrive but find new sources of RMR. Education, collaboration and participation are three pillars when tackling cybersecurity from all angles. For dealers and integrators who have yet to add cybersecurity services to their business portfolios, scouting out a strategic IT partner could be the answer. Unlocking countless opportunities Becoming educated on the topic of cybersecurity and its importance for an organisation is the first step Physical security integrators who feel uncomfortable diving headfirst into the digital realm may find that strategically aligning themselves with an IT or cyber firm will unlock countless opportunities. By opening the door to a partnership with an IT-focused firm, integrators receive the benefit of cybersecurity insight on future projects and a new source of RMR through continued consulting with current customers. In exchange, the IT firm gains a new source of clients in an industry otherwise untapped. This is a win for all those involved. While manufacturers, dealers and integrators play a large part in the cybersecurity of physical systems, end users also play a crucial role. Becoming educated on the topic of cybersecurity and its importance for an organisation is the first step. Commonplace cybersecurity standards Below is a list of commonplace cybersecurity standards that all organisations should work to implement for the protection of their own video surveillance solutions: Always keep camera firmware up to date for the latest cyber protections. Change default passwords, especially those of admins, to keep the system locked to outside users. Create different user groups with separate rights to ensure all users have only the permissions they need. Set an encryption key for surveillance recordings to safeguard footage against intruders and prevent hackers from accessing a system through a backdoor. Enable notifications, whether for error codes or storage failures, to keep up to date with all systems happenings. Create/configure an OpenVPN connection for secured remote access. Check the web server log on a regular basis to see who is accessing the system. Ensure that web crawling is forbidden to prevent images or data found on your device from being made searchable. Avoid exposing devices to the internet unless strictly necessary to reduce the risk of attacks.

Last week, the Schedule 84 Suppliers Research Panel participated in reviewing the 2018 contracting year with the GSA Schedule 84 leadership team. Our panel group consists of experienced contractors and consultants meeting for a monthly conference call. Schedule 84 is the GSA Schedules Contract for Total Solutions for Law Enforcement, Security, Facilities Management, Fire and Rescue. Our opinions are part of a research programme to provide valuable feedback to the GSA Schedule 84 programme and on to the GSA central office. The director of GSA Region 7 Schedules Program, the Schedule 84 Branch Chief and the Category Manager Subject Matter Expert who manages our suppliers' panel gave us their full attention as we discussed the successes of the programme, hot topics, problems and the future. We determined 2018 under the Schedule 84 team to be a year of innovative thoughts, cooperative effort and renewed enthusiasm Innovative review team We determined 2018 under the Schedule 84 team to be a year of innovative thoughts, cooperative effort, renewed enthusiasm and productive changes building upon the successes of 2017. There was high praise for the accessibility to the Schedule 84 staff. Their consistent quick response to questions and concerns, thinking outside the box and supporting the programme by partnering with their contractors was much appreciated. There has been a renewed spirit of partnering to cooperatively bring the best to agency customers. It seems to be working as per the Centre Director sales are growing for GSA Schedule 84. Advocating for the security industry In my experience, business development starts with the Administrator from Region 7 in Ft. Worth, TX. As the annual Schedule 84 Industry Day at the SSAC begins he is shaking every hand and passing out his cards looking folks right in the eye asking, “how can I help you?” They have the best practices and most organised paperwork. The SSAC director has chosen well in her staff and is hands-on in every endeavour to direct things along when challenges occur or to improve the programme. The new 84 Branch Chief is knowledgeable, innovative, tireless and has been heavily involved in advocating for the security industry It continues with the centre’s CASE Manager encouraging the contractors at events, visiting agency customers and promoting the GSA Schedules Program by helping coordinate the partnering. The new 84 Branch Chief is knowledgeable, innovative, tireless and has been heavily involved in advocating for the security industry for adding new technology, meeting with industry associations, understanding the complexity and challenges of Homeland Security Presidential Directive 12 (HSPD12) and advocating for the purchasing Physical Access Control Systems (PACS) utilising the appropriate standards and the GSA Program among other innovations. As far as the supplier panel, we gave our GSA Schedule 84 team and leaders high praise for 2018. GSA also added new categories or SINs for clearly identifying Physical Access Control Products that appear on GSA’s Approved Product List Changes in the GSA programme Some changes this year in certain GSA programmes included the creation of a new category of products/services Special Item Number (SIN) for Order Level Materials (OLM) developed to assist with solution procurements. This new SIN was added to Schedules 03FAC, 56, 70, 71, 00Corp, 738X and 84. Under Schedule 84 it is SIN 84-500. GSA Schedule 84 consolidated many Special Items Numbers (SINs) to make finding products and services less complex Essentially this SIN allows agencies procuring under the aforementioned GSA Schedules’ programmes to purchase and the contractor to add items and services not known prior to the task as a Contract Line Item Number (CLIN) not to exceed 33% of the order. For more information and FAQs on OLMs go to www.gsa.gov/olm. This is not to take the place of “Open Market” items for adding products only that are not listed on a company’s GSA Contract. Physical access control products Previously, GSA Schedule 84 consolidated many Special Items Numbers (SINs) to make finding products and services less complex for the agencies. GSA also added new categories or SINs for clearly identifying Physical Access Control Products that appear on GSA’s Approved Product List according to the standards created under FIPS201. These products appear under SIN 246 35-7 after being tested and approved by GSA. To be qualified to install these products under the GSA Program at least one individual from the GSA Contractor company must complete the class and be CSEIP certified before applying for labour SIN 246 60-5. Additionally, the company must demonstrate certain qualifications and have past performance for this type of work. The Security Technology Alliance offers the training class and certification. Certified individuals and approved products are listed at www.idmanagement.gov. Companies listed with SIN 246-35 7 and SIN 246-60 5 may be found by searching at www.gsaelibrary.gsa.gov. Updates to guidance for procurement Updates to guidance for procurement of PACS will continue to be posted to the GSA PACS Ordering Guide Updates to guidance for procurement of PACS will continue to be posted to the GSA PACS Ordering Guide. The ordering guide posted at www.gsa.gov/firesecurity is a valuable support tool created to assist agencies with understanding the requirements of FIPS201 and procuring a PACS. The guide includes relevant regulations, FAQs, sample systems designs, sample statements of work, a list of key points of contract for additional help and questions. In partnership with GSA and guided by the GSA Ombudsman group, the Security Industry Association and the Security Technology Alliance members and their contractor companies participated in a GSA Reverse Industry PACS Training Day on September 17, 2018. We presented from an industry perspective important fact on PACS system requirements, procurement planning, providing information on resources and further educating with panel discussions, individual presentations and amusing skits to over 300 Government agency staff and acquisition specialists. You can find some of the unedited recording of the PACS Reverse Industry Day Training on YouTube. Some changes included the creation of a new category of products/services Special Item Number (SIN) for Order Level Materials (OLM)  GSA Schedules Program A hot topic about the GSA programme for 2018 was also an issue for the prior year. The GSA Schedules Program is a streamlined contracting vehicle incorporating specific Federal Acquisition Regulations for more efficiently purchasing commercial items. Companies may apply per a continuous open season for a 5-year contract with three 5-year options to renew. Contractors are vetted for past performance, corporate experience and financial capability. Products and services are considered for offering to Federal, State and Local customers (for Schedule 84) with pricing that is determined to be fair and reasonable through negotiations with GSA. To make the determination for fair and reasonable pricing GSA carefully reviews the commercial practices of the contractor To make the determination for fair and reasonable pricing GSA carefully reviews the commercial practices of the contractor as well as the competition of identical or similar item pricing. The most vocal complaint of concern from the contractors was regarding the consideration of competitor contractors offering identical items with out-of-date pricing or holding a Letter of Supply not authorised by the manufacturer. GSA pricing tool Since the GSA utilises a pricing tool to determine if the pricing offered is competitive, a rogue competitor can cause a pricing action to possibly be rejected due to out of date information even as the manufacturer offers an update of the product. This is an issue on all GSA Contracts that the supplier panel hopes will be reconsidered by GSA policymakers at the central office. Most of us believe the Letters of Supply should only be issued by the manufacturer or with documented specific permission of the manufacturer to a reseller. Manufacturers may want to have a better understanding of the Letter of Supply, how it is considered by GSA and more carefully choose their Government partners for experience and compliance. Another challenge for the security community is regarding the lack of accessibility of participating dealers to GSA eBuy Overcoming challenges for the security community Contractors may only see RFQs which are posted under the Special items Number(s) that were awarded to their GSA Contract Another challenge for the security community is regarding the lack of accessibility of participating dealers to GSA eBuy. GSA eBuy is an online Request for Quotation (RFQ) programme that is for GSA Contract holders only. Agencies will post their requirements by Special Item Number for at a minimum 48 hours. Contractors may only see RFQs which are posted under the Special items Number(s) that were awarded to their GSA Contract. GSA Participating Dealers may take orders on behalf of a manufacturer if they are authorised under the manufacturer’s GSA Contract. They may also have an online PO Portal to receive orders. But they have no access to GSA eBuy to response to RFQs. Usually, under these arrangements, the manufacturers do not respond directly, so there is a problem using GSA eBuy for opportunities as their GSA Participating Dealers have no access to respond. GSA Schedule 84 leadership In some instances, a contracting officer may allow an emailed quotation. However, with the use of the electronic ordering system, this has become a common problem we hope to bring to the attention of policymakers. Some changes to the programmes may make the presentation of documentation more effective going forwardThe GSA Schedule 84 leadership has been helpful to explain the challenges to the agencies to try and resolve such issues. So, what’s up for 2019? GSA modernisation is coming. There will be improvements to their tools and more consolidations of SINs and more. There have been discussions of a revival of the GSA Expo. The Expo offered training for contracting staff both Government and private industry. Valuable tools for vendor training Equally important is the networking, meetings and the exhibits of the contractors. Expos have been discontinued since 2012 but smaller events have been growing as well as online webinar training. Webinars are valuable tools for GSA and vendor training, but they do not take the place of being able to meet your customers face-to-face. GSA online eOffer and eMod programme have made processing actions more efficient. Some changes to the programmes may make the presentation of documentation more effective going forward. The GSA online website for viewing the items on the GSA Contract and for purchasing items, GSA Advantage could definitely use an update as it has been basically the same for 20 years. Keep an eye on GSA Interact for the latest happenings with GSA.

PenTesting, also known as “ethical hacking” or “white-hat hacking,” has always been viewed as the “sexy” side of cybersecurity, a task that is far more exciting than monitoring systems for intrusions, shoring up defenses, or performing compliance audits. Numerous security conferences are devoted to the fine art of attempting to hack into systems – with an owner’s full knowledge and permission – and reporting on the results. At an organisational level within businesses, they also value PenTesting under the premise that it allows them to identify security vulnerabilities before cyber criminals can. There are some regulatory requirements like PCI-DSS that require penetration assessments as part of their PCI compliance. However, many organisations have come to over-rely on PenTesting, thinking that if all the issues were identified in a PenTest, they’re good to go. Not only is this not helping them improve their security posture, it is also leaving them with a false sense of security. A penetration test is a simulated, live attack on your environment by a white-hat hacker What is PenTesting? A penetration test is a simulated, live attack on your environment by a white-hat hacker, customised to address specific problem areas, such as web-based applications, mobile applications and infrastructure services like border VPNs and firewalls. The PenTest may include different types of attacks based on the requested scope from an organisation so that the tester attempts to come at each system from all sides, the way a cyber-criminal would. The goal is to identify which systems and data the tester was able to access and how an organisation can address the vulnerabilities that allowed them to get in. The limitations of PenTesting There is great value in performing periodic PenTests, which is why PCI DSS and other security standards mandate them. However, PenTesting has three significant limitations: PenTesting does not provide solutions Let’s be honest: No one likes reading technical reports, but typically, that's the only deliverable provided by a PenTester. The value of a PenTesting report varies wildly based on the scope of the testing, the PenTester’s technical expertise and their writing ability. The tester may miss some things, or not clearly convey their findings. Additionally, a PenTest is a snapshot in time and the PenTester could miss changes in the systems, configurations, attack vectors and application environments. Even if your system “passes” a PenTest, will it crumble in the face of a brand new, more powerful attack vector that emerges a week later? The worst type of “PenTest report” consist of an analyst producing nothing more than the results of a vulnerability scan. Even if the PenTester produces a well-written, comprehensive report filled with valuable, actionable information, it’s up to your organisation to take the action, which leads to the next limitation of PenTesting. The value of a PenTesting report varies wildly based on the scope of the testing, the PenTester’s technical expertise and their writing ability PenTesters only exploit vulnerabilities and do not promote change PenTesting does not highlight the missing links in your organisation's technology stack that could help you address your security vulnerabilities. This is often in the guise of being agnostic to the technologies that exist because their expertise is only offensive security – unless, of course, the performing company has “magic software” to sell you. PenTests also do not help to develop your organisational processes. Additionally, they do not ensure that your employees have the knowledge and training needed to treat the identified fixes. Worst of all, if your in-house expertise is limited, any security issues that are identified during a PenTest aren't validated, which leads to a misrepresentation of their magnitude and severity while giving your team a false sense of security. PenTesters are self-serving Too often, PenTesting pits the assessment team against the organisation; the goal of the assessment team is to find the best way to "shame" the business into remediation, purchasing the testing company’s “magic software”, then call it a day. Once the PenTesters find, for example, a privilege escalation or a way to breach PII, they stop looking for other issues. The testers then celebrate the success of finding a single “flag”. In the meantime, the business is left in a precarious situation, since other unidentified issues may be lurking within their systems. Shifting the paradigm of PenTesting The goal of PenTesters is to find the best way to "shame" the business into purchasing the testing company’s “magic software”, then call it a day Penetration testing can uncover critical security vulnerabilities, but it also has significant limitations and it’s not a replacement for continuous security monitoring and testing. This is not to say that all PenTesting is bad. PenTesting should be integrated into a comprehensive threat and vulnerability management programme so that identified issues are addressed. The purpose of a mature vulnerability management programme is to identify, treat and monitor any identified vulnerabilities over its lifecycle. Vulnerability management programme Additionally, a vulnerability management programme requires the multiple teams within an organisation to develop and execute on the remediation plan to address the vulnerability. A mature threat and vulnerability management plan takes time and is helpful to partner with a managed security services provider (MSSP) to help you in the following areas: Improve your cyber-risk management program so that you can identify and efficiently address vulnerabilities in your infrastructure, applications and other parts within your organisation’s ecosystem on a continuous basis; Perform retests to validate any problems identified through a vulnerability scan or a PenTest assessment; Ensure that your in-house staff has the knowledge, skills and tools they need to respond to incidents. Cyber risk management and remediation is a "team sport." While periodic testing conducted by an external consultant satisfies compliance requirements, it is not a replacement for continuous in-house monitoring and testing. To ensure that your systems are secure, you must find a partner who not only performs PenTesting but also has the engineering and development experience to assist you in fixing these types of complex problems in a cost-effective manner and ensuring that your systems are hardened against tomorrow’s attacks.

While security salesmen are touting megapixels and anti-passback features, they are missing an opportunity to communicate the role of technology in the broader context of risk management and incident response – and in saving lives. That’s the message of Gerald Wilkins, PSP, Vice President of Active Risk Survival. Incident response is at the core of how an enterprise reacts to risk and is a standardised approach to the command, control, and coordination of emergency response. Effective incident response requires integrating a combination of facilities, equipment, personnel, procedures, and communications operating within a common organisational structure. All the elements must work together to achieve the desired outcome – to mitigate a risk using countermeasures. Capabilities of systems during emergencies I want to see us have more meaningful conversations with security directors and emergency operations planners"Equipment such as CCTV, access control and mass notification systems can provide effective countermeasures, but salesmen in the physical security market are not ‘connecting the dots’ between equipment specifications and its capabilities as part of the broader incident command system. “Historically, purchases of security technologies have not been considered in that context,” says Wilkins. “Rather, the industry’s sales pitches have been about features and capabilities – pixels or communication distances or intelligence – not about how those capabilities are useful in the specific context of emergency response.” “My goal is to change the industry,” says Wilkins. “I want to see us have more meaningful conversations with security directors and emergency operations planners.” Focusing on the Emergency Operations Plan “We are in the life safety business, and we need to have more conversations about where technology fits into the Emergency Operations Plan (EOP). When was the last time you [as a security salesman] asked a client to look at their Emergency Operations Plan? No one knows the technology better than we do.” What’s missing, however, is attention to how technology is applied to risk management and response“There are so many folks in our industry who are technology gurus, who ‘get’ the technology, and are good at selling it,” he says. What’s missing, however, is attention to how technology is applied to risk management and response. “As an industry, even guys who have been in the business a long time have never heard about incident command,” says Wilkins. “How are we weaponising technology to maximise the outcome? We don’t talk about it. We want to talk about megapixels and wide dynamic range. But when are we going to talk about how we can apply that technology to mitigate our tangible and intangible risks?” Importance of security equipment In the wake of each active shooter or other incident in the news, Wilkins looks back to consider the missed opportunities and how security equipment could have saved lives. “What technology did we have to help first responders – video, access control and paging – but they weren’t used?” he asks. An example is the San Bernandino shooting in 2015, when police officers were heard asking “has anybody found that access control card?” In effect, a law enforcement officer was asking for technology that should have been included as part of the emergency plan. Situational awareness, such as that provided by video systems, can help responders judge which areas are safe fasterSituational awareness, such as that provided by video systems, can help responders judge which areas are safe faster and provide Emergency Medical Services (EMS) personnel more time to save lives. However, video is not being viewed in that light as a part of the broader life-saving mission. “Our industry needs to sit down with a security director or operations manager and ask: How are you using technology as a resource tool that will become part of your critical response?” says Wilkins. Understanding how equipment works Technology is often not being incorporated in emergency planning, even with something as simple as a fire drill. Most fire drills are ‘one size fits all’ – every person knows where they should go and how they should exit. But what if there is a fire in a particular part of the building? Today’s fire alarms operate in zones to communicate the location of a fire, but this capability is not being used to practice a variety of resulting scenarios that could save lives.  “We need to understand as an industry how our partners in law enforcement and EMS do their jobs,” says Wilkins. “We can help stakeholders in a building understand how our equipment works every day and how they can use it in a critical incident. We need to understand Emergency Operations Plans (EOPs), how incident command works, and how we can help emergency responders.” Security training for salespeople I want to know everything I can know to help guys sell things that can change the outcome if something bad happens"“If a guy wants to talk about his pixels or his anti-passback, he should instead consider having a meaningful conversation with the client about best practices and how to mitigate risk. This creates a different position [for the salesman], and if there is a critical incident, something you said or did might save someone’s life.” When it comes to training and taking a more strategic approach to sales, to some extent, the security technology industry has been a victim of its own success. When business is good, security companies are less likely to look for ways to train their salespeople. “We’re in the life safety business, not in the ‘stuff’ business,” says Wilkins. “I want to know everything I can know to help guys sell things that can actually change the outcome if something bad happens.” Another problem is “we don’t know what we don’t know.”

As physical security systems increasingly resemble the architecture of an IT (information technology) network, the cybersecurity risks are increasing. Sometimes hacks in physical security go unrecognised because of poor detection. Here's part two of our Cybersecurity series.  Going forward, the physical security industry should adopt the same principles as the information security market, embracing new elements such as risk assessment and certifications. A change in culture is needed to align and embrace cybersecurity and make necessary improvements, says Terry Gold of D6 Research. Independent testing and access control There are signs of progress. Increasingly, access control systems today are designed to be more cyber-resilient and are tested extensively to discover and address any vulnerabilities. Data capture form to appear here! For example, the latest version of Tyco’s C-Cure 9000 undergoes independent testing to discover and address any critical vulnerabilities, and new firmware and software updates are tested to ensure they do not open any ‘back doors.’ Tyco’s Cyber Protection Program is part of the company’s ‘holistic approach’ to supplying customers with quality solutions. If cybersecurity is managed properly, the new wave of access control systems are as secure as previous systems. In some cases, more secure. For example, the new generation of smart cards, such as MiFARE DesFIRE EV1 or EV2 and HID iCLASS SEOS, use protocols that are much safer than the last generation Wiegand systems. New secure protocols such as OSDP version 2 are a better alternative to Wiegand. The new wave of access control systems are more secure than previous systems and use protocols that are much safer than the last generation Protocols for wireless electronic locks Wireless electronic locks use security protocols such as encryption and authentication that prevent cybercriminals from accessing the network to get data and intercept commands. In short, the information in an IP-based access control system is at no greater risk than any other information being transmitted over the network, as long as smart decisions are made on how systems are connected and data is transmitted and stored. Standards are one approach to ensure a minimum level of cybersecurity for physical security products and systems. For example, Underwriters Laboratories (UL) seeks to work with manufacturers to up their game on cybersecurity and to certify compliance to a minimum level of cybersecurity ‘hygiene.’ Requirements for software cybersecurity The UL Cybersecurity Assurance Program (CAP) has developed the UL 2900-1 standard, which offers General Requirements for Software Cybersecurity for Network-Connectable Products. It was published in 2016 and in July 2017 was published as an ANSI (American National Standards Institute) standard. The standard was developed with cooperation from end users such as the Department of Homeland Security (DHS), U.S. National Laboratories, and other industry stakeholders. UL 2900-2-3 – the standard that focuses on electronic physical security/Life Safety & Security industry, was published in September 2017. Cybersecurity should be an element in physical security as the risk for data to be physically removed from a building is greater than ever Physical security integral to cybersecurity Not only should cybersecurity be an element in physical security, the reverse is also true: Physical security should be seen as integral to cybersecurity. Looking at the intersection of cybersecurity and physical security from this opposite angle uncovers a world of opportunity to make the enterprise safer. Physical risks to cybersecurity include insider and outsider threats, poor or non-existent screening, and the presence of a seemingly innocent personal item. Off-the-shelf devices such as SD cards, external hard drives, audio recorder and even smart phones can be used to transport audio, video and/or computer data into and out of a building. For the private and public sectors, the risk for data to be physically removed from a building is greater than ever, and physical security systems can protect against this vulnerability. Missed part one of our Cybersecurity series? Click here. Part three, coming soon.

Newly modernised halls with lots of daylight will house hundreds of exhibitions and conference events at the upcoming Security Essen 2018 at Messe Essen, Germany. A new layout and hall numbering system will be unfamiliar to past attendees but promises to simplify the experience as it brings together attendees and exhibitors. European physical security market Security Essen is an international trade fair, but the emphasis is more on German, Austrian and Swiss companies. In all, Security Essen will feature 1,000 exhibitors from 40 nations. The trade fair has more of a continental European “flavour” compared to IFSEC, which focuses more on the U.K market. At the last Security Essen in 2016, organisers reported about 40,000 visitors including conference participants, VIP guests, members of various delegations and journalists. Security Essen 2018 has more of a continental European “flavour” compared to IFSEC, which focuses more on the U.K market  “This year, we have sharpened the profile of Security Essen,” says Oliver P. Kuhrt, CEO of Messe Essen, a trade fair, congress and event organiser with its own exhibition grounds. “The trade fair has become considerably more digital, more modern and more interactive. Due to the optimised hall layout, we are offering our exhibitors and visitors the best possible experience with short paths and direct communication.” Newly modernised Messe Essen The newly modernised site of Security Essen will encompass eight halls, newly renumbered and with the subject areas reorganised, too. Visitors will find Services in Hall 1; Access, Mechanatronics, Mechanics and Systems in Halls 2 and 3 and the Galeria; Perimeter Protection in Hall 3; Video in Halls 5 and 7; and Fire, Intrusion and Systems in Halls 6 and 7. A helpful smart phone app, downloadable free from the Google Play Store (Android) or the Apple App Store (iOS), will be available two weeks before the event and include a show floor plan; the exhibitor list with booth numbers and contact information; and an overview of the supporting programme. A separate hall – Hall 8 – will house new Cyber Security and Economic Security categories. Cyber Security Conference At the new Cyber Security Conference, located prominently at the new East Entrance, experts will share their knowledge about the more pressing challenges and potential of cybersecurity. The programme opens and closes on 25 and 28 September with the main topic “Opportunities and Risks of Cyber Security”. On 26 September, discussions and lectures will centre on “Entry, Admission, Access: Identification Options”.A helpful smart phone app, downloadable free will be available two weeks before the event and include a show floor plan On 27 September, the topic will be smart homes and focus on “Connected Building, Security in the Buildings of the Future”. Speakers will include the president of Germany’s Federal Office for Information Security, who will address cybersecurity as a challenge for politics, business and society. The fair organises the conference in cooperation with the BHE Federal Association of Security Technology and the technical support of the Federal Office for Information Security. In Hall 8, a new Public Security Forum will enable visitors to experience digital security technologies for public spaces from the areas of sensors/IoT, cyber security and surveillance. The products and solutions will be installed in four different building scenarios (town hall, school, hospital and library) and it will be possible to test them extensively. The forum, including lectures and discussions, will target municipal decision makers and planners of public spaces. Comprehensive programme A Security Expert Forum in Hall 2 will present a continuous programme with more than 90 presentations during the period of the fair. Visitors will obtain information and solution ideas about all six subject areas covered at the fair, and the programme will begin with a keynote lecture each morning and finish with a live demonstration in the evening. On the first day of the fair (25 September), Security Essen’s Career Forum will introduce retrainees, students, trainees and graduates to companies from the security industry. Targeted and professional communication will be established between companies and job applicants to facilitate making contacts, developing networks, and filling actual vacancies. Thursday (27 September) will be observed as Fire Prevention Day, and a Drone Course will be provided each day in Hall 7. One day admission to Security Essen is €41; a four-day ticket is €105. Advance sale tickets are discounted.

PerpetuityARC Training, part of the Linx International Group recently delivers a risk and crisis management workshop for Lafarge Egypt (part of the LafargeHolcim Group) in Cairo. The training provided senior managers from across the organisation with the knowledge and skills needed to manage resources during a crisis and operate within the organisation’s crisis management and compliance framework. The intensive programme was built collaboratively between PerpetuityARC Training and Lafarge Egypt and specifically tailored to its operating environment in the construction materials industry. Achieve successful resolution It was great to see them solving problems in a pressured, but safe environment" In a series of practical and theoretical exercises, Linx International Group Director, Angus Darroch-Warren, assessed and enhanced the ability and confidence of participants to apply their new skills to manage complex and evolving crisis scenarios, each requiring close collaboration between team members, in order to achieve a successful resolution. Security Director at Lafarge, Magdy Khorshid, stated: “The course was amazing, very practical and interesting to all and I received much positive feedback from all learners.” Angus commented: “The Lafarge teams engaged fully with the workshop scenarios. It was great to see them solving problems in a pressured, but safe environment, that allowed them to think through issues and respond using identified resources and procedures.” The workshop is the latest collaboration in a five year relationship between Lafarge Egypt and PerpetuityARC Training. During this time PerpetuityARC Training has delivered its security and risk related courses to employees and stakeholders in Egpyt and the UK.

Surveillance solutions business Synectics develops and delivers a solution to help enhance safety and security monitoring at Nottingham Trent University. With more than 28,000 students and 3,100 staff to protect, surveillance footage at Nottingham Trent University (NTU) is captured by over 1,300 cameras covering the estate of 75 buildings. Each of the university’s three main campuses has a 24/7 control room and its own security team, ensuring that safety measures enable free movement while protecting the community from both external and internal threats. Integrated surveillance solution Synectics deployed a tailored solution based around its Synergy 3 command A progressive development plan, coupled with the need to optimise legacy technology, meant the university required an integrated surveillance solution that would enable teams based at each control room to monitor and manage footage from both IP and analogue cameras, supporting a gradual transition to digital solutions and full-IP ambitions. In one of the UK’s first cloud-based surveillance contracts, and in collaboration with integrator PFS, Synectics deployed a tailored solution based around its Synergy 3 command and control platform to support NTU’s long-term objectives. Interactive camera map Mark Stacey, Security Systems Operational Manager, NTU, said: “Moving the university onto a sophisticated surveillance monitoring platform has significantly improved the provision of student security, saving our team vital minutes in the event of emergencies.” “As well as supporting both analogue and IP inputs, where many solutions on the market do not, Synectics’ Synergy 3 offers impressive functionality and is easy to use. The ability to import an interactive camera map means we can now bring up footage in just seconds, where operators previously had to spend time manually correlating sensor triggers to the relevant cameras – an enhancement that keeps our students safe in real time.” Cloud-based system “Synectics even created a new feature at our request, which enables us to circle an area of the on-screen map and immediately view up to nine local cameras in that zone. Furthermore, opting for a cloud-based system means we don’t have to look after a physical server, freeing up space and our resources.” The system will help us in our mission to provide an ever-safer environment for our students" “Throughout the process, Synectics has gone the distance to deliver, as highlighted by the tailored training sessions provided for the team and its commitment to support us throughout the life of the system. We’re delighted with the results and sure the system will help us in our mission to provide an ever-safer environment for our students.” Future-proof solutions Martin Bonfield, Sales Manager at Synectics, commented: “We passionately believe that command and control systems should be flexible enough to allow for the evolution of customer needs. Only then can you provide seamless, future-proof solutions that improve safety both now and in the long term.” “Working closely with the team at NTU to understand their needs, the Synergy 3 platform has been designed to ensure they have an intuitive system that saves staff-hours and significantly improves incident response times. Nottingham Trent University is nationally recognised, having received the University of the Year award three years in a row. I’m delighted that we’ve provided them with this leading-edge solution, along with support, and ongoing training, to help safeguard their students, staff, and premises.”

Located in the middle of the deep forests of Småland in the south of Sweden, the Strandudden Gated Community has been designed to provide a safe environment for homeowners who wish to enjoy a high quality of life. The first phase of the development has seen the construction of 18 apartments which have stunning lake views. The materials and features of each apartment have been carefully selected to ensure sustainable energy consumption. When the development is completed, over 100 Wisenet cameras manufactured by Hanwha Techwin, will enable security personnel to closely monitor the movements of people and vehicles as they enter and move around the public areas of the gated community. Ensure strict compliance Equally important, the massive processing power of the chipsets of the open platform cameras means that our client is able to run specialist applications" 6 Wisenet cameras were initially installed during the construction of the apartments. These have been used to ensure strict compliance with the site’s healthy & safety regulations and to keep a close eye on valuable plant and machinery. “We evaluated products from a number of different manufacturers, but the superb quality of the images captured by the Wisenet cameras made it a very easy decision for us to recommend that they should be deployed throughout the Community,” said Henrik Carlsson, CCTV Product Manager for Elajo, one of Sweden’s electrical, mechanical, engineering and energy installation companies who were awarded the contract to manage the project. “Equally important, the massive processing power of the chipsets of the open platform cameras means that our client is able to run specialist applications, such as licence plate recognition (ANPR), in order to control vehicle access to the Community.” High quality images The Hanwha Techwin Europe pre-sales and technical teams have worked closely with Elajo to ensure the best camera types have been specified for each of the carefully chosen camera locations. 6 different Wisenet models have been selected to ensure high quality images can be captured day or night and that there are no blind spots. Among these is the Wisenet IP network PNP-9200RH 4K PTZ dome which has built-in IR illumination. The PNP-9200RH, which is IP66 and IK10 rated for vandal-resistance and outdoor use in the harshest environments, utilises Progressive Scan technology to provide sharp edges on moving subjects and vehicles. The PNP-9200RHs which have been installed at the entrance to the Community are equipped with the Wisenet Group ANPR solution which provides the opportunity to automatically control the movement of white listed cars through barriers via camera relay outputs. Drag and drop tool Images from all 100 cameras will be displayed in the Community’s control room via Wisenet WAVE video management software (VMS) Developed by Hanwha Techwin in partnership with analytics experts, FF Group, the solution uses camera-to-camera IP communication technology to enable up to 4 Wisenet Group ANPR cameras to work together, with data from each simultaneously transmitted to a single web based display. Images from all 100 cameras will be displayed in the Community’s control room via Wisenet WAVE video management software (VMS). An intuitive ‘drag & drop’ tool makes it extremely easy for operators to set up a display of live and recorded images on a single screen or video wall, with customisable layouts and sizes. Other key features include a virtual PTZ which, with just simple clicks of a mouse, enables operators to zoom in to see close up detail of any suspicious activity, whilst motion detection and video analytics support can be configured to generate alerts when user defined incidents occur. Auto-discover feature “Wisenet WAVE has proved to be extremely easy to use and it is a significant bonus that, with minimal training, operators are able to take maximum advantage of its wide range of innovative features,” said Henrik Carlsson. “It has also helped reduce installation costs as it has an auto-discover feature which means connected cameras can be addressed and set up within just minutes.” In addition to the images being displayed in the Community’s control room, should an incident occur that needs a rapid response, security personnel on patrol will be able to remotely view any activity via a smartphone or tablet with the help of the secure Wisenet Mobile App. PNP-9200RH: Wisenet P 4K PTZ IR dome camera PNM-9020V: Wisenet P 7.3 megapixel multi-sensor 180˚ Panoramic camera PNV-9080R: Wisenet P 4K Vandal-Resistant IR dome camera PNO-9080R: Wisenet P 4K IR Bullet Camera QND-7080R: Wisenet Q 4 megapixel IR dome camera XNO-6120R/FNP: Wisenet X ANPR camera

With a mission to provide and maintain good quality homes for Blackpool Council’s tenants and leaseholders, BCH has won a number of awards and accreditations for housing, repairs, customer services and community projects. The safety and security of residents is a high priority for BCH, which is why it has used products from STANLEY Products & Solutions for many years. During this time the primary system was made up of a GDX5 door entry system, along with an Indigo 1000 access control system, which were fully integrated. “We have a policy of continual improvement in the service we provide,” explains Anthony Walker, Mechanical & Electrical Officer at BCH. “Although the previous configuration performed well, I was convinced that the business and operational benefits of remote monitoring and the cloud could be utilised by upgrading the Indigo 1000 with a PAC 512 access control system.” Innovative remote monitoring platform The PAC 512 devices control all aspects of two secure doors, with up to two card readers installed as entry and exit readers on each doorAn upgraded system was specified for a BCH site comprising 80 blocks. It utilises the existing GDX5 front panels, which have been integrated with the PAC 512 controllers to create a highly innovative remote monitoring platform that can be accessed via a PC, tablet or smartphone. This is achieved using a general packet radio service (GPRS) platform, which is a faster and cost-effective means of connecting remote sites via a mobile network. It provides an enhanced service over traditional mobile/landline telephone connections and makes administration of the system more flexible. The PAC 512 devices control all aspects of two secure doors, with up to two card readers installed as entry and exit readers on each door. Each door also has a programmable auxiliary input that may be used for alarm system integration, and an auxiliary output that enables a buzzer or strobe to activate when security is breached or a door is left open. Email alerts during equipment failure In the event of communication loss, the PAC 512 allows all local functionality to continue until the server connection is restored, while the system features an auto-dial or email alert program that, in the event of an equipment failure at one of the locations, sends a notification so that the issue can be quickly rectified. In the event of communication loss, the PAC 512 allows all local functionality to continue until the server connection is restoredExplaining the benefits of using PAC 512, Andrew Burton, area sales manager at STANLEY Products & Solutions, says, “The cloud revolution has had a dramatic effect on the physical security equipment industry. Its development into access control technology means that not only can a system be managed remotely, specific personnel can even be granted or denied access to certain areas at different times, making it not only good for security but also for health and safety. “Furthermore, in the event of a theft or antisocial behaviour, it is possible to pinpoint exactly who was where and initiate appropriate action, using the live events and reporting.” Remote diagnostics and servicing BCH can also access information via the PAC Residential Cloud – helping to further enhance its remote monitoring operation. Remote diagnostics, technical issues and servicing can be carried out, and it’s also possible to remotely view status, set and unset a system and access an event log. For instance, if someone loses a key fob, BCH can access their information, carry out an authorisation check, let them into their abode and, if necessary, deactivate the missing device. It also allows the incumbent installer to remotely access the system’s software to physically input any special information such as extended door release times for specific residents. Programming key fobs remotely BCH worked with STANLEY to generate reports which show when a key fob hasn't been used for a specific period of timeWith a number of vulnerable residents, BCH worked with STANLEY Products & Solutions to generate reports which show when a key fob hasn't been used for a specific period of time. Anthony Walker comments, “If the report indicates non-use of a fob, we can take measures to deactivate it, and/or can send someone over to check on the person concerned and, if necessary, notify next of kin or the relevant authorities. “In extreme circumstances, we can also remotely open doors to allow access to the emergency services. Having the ability to immediately and remotely program fobs has been particularly beneficial to our customers who previously would have had to travel to our offices for this to be completed - saving both time and money and making best use of our resources.” Seamless migration to cloud With a large number of residents, each with their own key fobs, Anthony Walker was keen to avoid any disruption during the upgrade and wanted to ensure that the process was achieved as seamlessly as possible. Configuring the physical hardware was helped by the installation team’s existing knowledge of STANLEY Products & Solutions’ technology. On-site training was also provided by experts from STANLEY Products & Solutions and, on the very rare occasion when there was a problem, a full support and advice package was available. The use of the PAC Residential Cloud meant that the migration of tenant fob information into new system was straightforwardInstalling a new access control system can often result in replacing existing key fobs with new ones – not only is this costly and inconvenient but there is also an administrative burden associated with transferring all the information to the new devices. However, all these issues were circumvented, as the use of the PAC Residential Cloud meant that the migration of tenant fob information into new system was straightforward – so much so that tenants didn't even realise any change had taken place. In addition, having access control data in the cloud means that it is always backed up. Enhanced safety and security BCH’s Anthony Walker considers the installation a total success and concludes, “I initiated this upgrade project because I firmly believed that it would improve tenant satisfaction and make our overall operation more efficient.” He further added, “I’m delighted that both of these objectives have been achieved and that STANLEY Products & Solutions’ access control technology has improved security, safety and protection across our estate.”

One of the UK’s top business and management schools, the Bloomsbury Institute, has upgraded its access control capabilities to the award-winning ASSA CLIQ Remote wireless locking technology from ASSA ABLOY, the global leader in door opening solutions. Based in central London and formerly the London School of Business and Management, the Bloomsbury Institute delivers full-time undergraduate and postgraduate courses in business, accounting, finance and law, which are awarded by the University of Northampton. ASSA CLIQ Remote wireless locking technology The Bloomsbury Institute has to contend with a high turnover of students each academic year, as well as any changes to staff. The sheer number of people using the Institute’s buildings meant that its existing mechanical master key system was simply no longer feasible, unable to provide adequate protection for areas that might hold sensitive information, such as exam scripts. As a result, the Bloomsbury Institute needed a flexible access control system that would be easy to maintain, granting secure access to individuals as and when needed, while delivering greater key control too. Electromechanical locking system Providing an easy-to-use electromechanical locking system, the ASSA CLIQ Remote solution uses high-end micro-electronics and programmable keys The answer was ASSA CLIQ Remote, which has been installed throughout the Bloomsbury’s Institute’s 7 Bedford Square teaching site, and selected areas within the institute’s 99 Gower Street building. Providing an easy-to-use electromechanical locking system, the ASSA CLIQ Remote solution uses high-end micro-electronics and programmable keys and cylinders to offer flexible control over access rights. The Bloomsbury Institute can now programme and update each key remotely, removing or granting access privileges for the key holder in real time. This allows only those with the necessary authority to obtain access to private areas without inconveniencing others and removes the security risks associated with lost or stolen keys. Remote Key Access ASSA CLIQ Remote also provides a full audit trail for assured peace of mind and has the functionality to create time-defined user keys, only allowing access to an individual for a specified period. This feature is proving invaluable to the Bloomsbury Institute, which plans to eventually convert all cylinders at its 99 Gower Street site to ASSA CLIQ Remote, as part of its expansion plans. Stephane Middleton, Estates & Facilities Manager at the Bloomsbury Institute, explains: “We are committed to the security and safety of student data, which led us to consider upgrading the mechanical master key system that we previously had in place. Using ASSA CLIQ Remote could not be easier. It is saving us countless hours of key cutting and changing cylinders, while significantly improving our key control.” ASSA CLIQ Remote key for enhanced security When a new employee joins the team, the ASSA CLIQ Remote key is the only one they will need"“When a new employee joins the team, the ASSA CLIQ Remote key is the only one they will need, irrespective of how many rooms they may occupy or how many areas they may need access to during their time with us. In addition, the system provides robust security; if a key is lost or stolen, we can cancel it, safe in the knowledge that we are completely secure.” “The service from ASSA ABLOY has been outstanding. The company really made the effort to understand our business and its requirements. During the implementation phase, ASSA ABLOY provided comprehensive training on how to use the system to all staff that have administration rights, while working with our IT team to ensure the systems’ software is uploaded onto their machines.” High-security physical master key system “The best part of the service has been having a dedicated contact that has been onboard since the start, providing us with new updates, support and guidance. This part of the service is proving to be of great value, filling us with confidence to continue using ASSA ABLOY products in the future. Indeed, as we look to expand the sites we operate in, we envisage that all the cylinders will one day be converted to this system.” Simon Wilson, National Sales Manager for ASSA CLIQ Remote at ASSA ABLOY, said: “Our ASSA CLIQ Remote solution combines all the benefits of access control with a high-security physical master key system. The system was easily retrofitted, meaning there was very little disruption to the university during the installation process, and the institute no longer has to worry about the security concerns that come with a misplaced key. Data security “The fact that ASSA CLIQ Remote also offers the capability to log and provide a record of who has entered and exited an area is helping to ensure rooms that hold confidential papers or sensitive information remain secure.” “We’re delighted to help the Bloomsbury Institute revolutionise its key management systems, delivering greater security, flexibility and key control.”

Ulaanbaatar is the capital and the largest city of Mongolia, with a population of over 1.3 million, which is almost half of the country's total population. Over the past decade, the number of vehicles in Ulaanbaatar has risen by more than 300,000. As the political and cultural center of Mongolia, the increasing number of inhabitants and vehicles within the city has caused a series of social, environmental, and transportation problems. Dahua’s sophisticated ITS (Intelligent Transportation System) solution has integrated advanced software and hardware including sensors, information and data processing and physical electronics and communication technologies to assist the transportation department of Ulaanbaatar, in enhancing the safety and efficiency of its transportation system. Intelligent Transportation System In recent years, the government of Ulaanbaatar has prioritised the improvement of traffic management and has identified the need of a cost-effective solution towards speeding, traffic light violations and other road safety related issues, to create a more secure environment for citizens. Due to the high-latitude geography of the city, this project is particularly demanding on the monitoring equipment withstanding harsh environments. Based on advanced intelligent algorithms, Dahua has provided the city with its cutting-edge ITS solution consisting of the ANPR (Automatic Number Plate Recognition) system for 28 main roads, the E-police system for 8 junctions, 2 mobile speed measurement systems as well as 15 high spot PTZ surveillance units. The project took only three months from the initial analysis of the client’s demands and solution design to, the final delivery, overcoming various tough issues along the way. The Dahua team worked in collaboration with a partner to customise a Mongolian license plate recognition algorithm ANPR system As there are no current systems for license plate recognition in Mongolia, the Dahua team worked in collaboration with a partner to customise a Mongolian license plate recognition algorithm. This was then integrated into Dahua’s traffic cameras, achieving a reliable recognition rate, much to the satisfaction of the client. Dahua’s traffic cameras installed at the significant main roads of the city, are able to function between a temperature of - 40 ℃ ~ + 80 ℃ and a 10%~90% humidity environment. The cameras will actively monitor and inspect each suspicious vehicle, and automatically capture their license plates in real time, sending out an automatic alert when blacklisted vehicles pass by. E-police monitoring system The monitoring equipment set up at the eight junctions can help the Ulaanbaatar transportation authorities in making quick responses to traffic accidents that are caused by running red lights. When a violation occurs, the Dahua all-in-one capture camera takes a series of images of the vehicle’s license plate number, along with the status of the traffic signal and an aerial image of the scene as evidence. Afterwards, the DSS management and storage platform collects the data from each camera and distributes it to operators for further processing. The mobile speed measuring system detects vehicles that surpass the speed limit in all weather conditions Mobile speed measuring system The mobile speed measuring system detects vehicles that surpass the speed limit in all weather conditions. The system features an all-in-one design, making it easy to use and install at different locations at a moment’s notice. This portability allows traffic police to move the system to different places whenever necessary. It consists of an 8MP CCD camera with a multi-target tracking radar, allowing for an accurate instant speed measurement of each passing vehicle and crystal-clear imaging. The IR flash lamp also ensures excellent imaging capabilities even during the dark of night. Technical security training To better serve the client, Dahua’s team has provided the operators of the local transportation department, with relevant technical training and demonstrated to them, the installation and deployment of devices. Additionally, all three systems are unified on a single platform within the control center, further enabling the end user to more efficiently monitor and manage road safety. Dahua’s ITS solution facilitates road safety and keeps the traffic flowing smoothly, raising the safety awareness of drivers, resulting in a more pleasant journey for drivers.  Advanced technologies such as LPR and fuzzy search, actively reduces manpower demands on the police force, while increasing the efficiency of current enforcement. Furthermore, Dahua’s solution has assisted the government of Ulaanbaatar to finance a sustainable, growing, and well-maintained system of security and safety.

What is a business, or an industry, but a collection of people and the results of their work? People make all the difference in the destiny of a business or industry. And the people involved in a business reflect the impact of demographic changes – and the passage of time. The security industry has been largely built by Baby Boomers, who are getting older and increasingly stepping aside to make way for younger folks. We asked this week’s Expert Panel Roundtable: Is there a “new generation” of employees and managers entering the physical security marketplace, and what will be the impact?

The retired police officer who takes a cushy job as a security director is almost a cultural cliché. Like any cliché, the idea has roots in the real world, where police departments have often been a rich source of the security industry’s leadership talent. Former military personnel often find their way to the security industry, too, and realise that the familiar elements of discipline and command structure translate well. We wondered about the impact of this historic trend and whether it is changing as the security industry itself evolves. We asked our panel: What effect has the traditional recruitment of corporate and institutional security leaders from the law enforcement and/or military communities had on the security marketplace? Is the tradition changing and why?