April 19, 2026
image
Home Articles posted by a&s Adria (Page 186)

Putting intelligent keys to work in our public services

London, June 2020 — Resilience and efficiency have become watchwords for our public institutions, before, during and after the ongoing health crisis. In delivering services fit for the modern world, these institutions need more than just innovation and accountability. They require flexibility and agility, too, including in how they approach security.

The lock and key have enjoyed public trust for a long time. Keys were used in Ancient Egypt and Assyria, and warrant a mention in the Christian Old Testament. As a technology the key is familiar and proven, user-friendly and dependable. It can also be inflexible and time-consuming to manage.

The security challenges of delivering public services do not stand still, but standard mechanical keys cannot move with you. Filtering access intelligently and dynamically has become part of security’s job description.

Yet there is no need to dispose of the key altogether. We can adapt it, rather than throw it out. Intelligent, programmable keys combine the powerful features of electronic access control with the convenience of a mechanical key. They are keys, familiar and user-friendly… but evolved.

When your key has a brain, you can do more with less. These efficiencies are critical in a world where demands on our public institutions are at levels not seen in generations.

Cut workload and solve the problem of lost keys
Lost keys present mechanical security with its most intractable problem. When a key goes missing, time and budget are expended to remedy the situation. Extensive rekeying and reissuing to relevant keyholders are complex and expensive. Programmable keys, however, solve the problem quickly.

The French town of Villiers-le-Bel, north of Paris, faced these familiar key management challenges. Each person in their Municipal Technical Centre carried approximately 40 physical keys. If one was lost or stolen, all compromised cylinders had to be changed. To prevent unauthorized access, all the keys had to be replaced, too — at great expense. Key duplication costs were mounting.

“One [lost] key cost from €3,000 to €4,000 for changing cylinders and replacing the keys,” explains Fabrice Girard, Territorial Technician at the town’s Municipal Technical Centre.

To fix this expensive lost key problem, Villiers-le-Bel city administrators chose to combine trusted mechanical security with new electromechanical key-operated locking, all managed within the same flexible, wireless access control system. Now lost or stolen electronic keys are cancelled instantly using secure cloud software which works inside a standard browser, no software installation required. Administrators can program access rights for any key, padlock or cylinder. They filter access to specific sites and doors according to the precise requirements of every municipal employee.

Keep residents safe in their own homes
In Aalborg, Denmark, around 3,000 citizens in home care now have programmable locking cylinders installed at their front door. This replaces a cumbersome mechanical master-key system. Aalborg’s installation was tailored to meet the needs of this vulnerable group of city residents. If a home care resident loses their key, its access rights can be deleted from the system without the need for a lock replacement — keeping the keyholder’s home safe and saving the city time and money on rekeying.

Managing Aalborg’s system is straightforward. Lock installation was quick and easy: certified technicians simply replaced each old cylinder with a programmable cylinder — with no wiring and no major alterations to the door. Aalborg’s fire brigade quickly took over the maintenance process. Brigade staff now grant or revoke access, and tailor permissions for different users or locations according to defined needs.

In Skellefteå, Sweden, electromechanical locking has given local firefighters faster, safer access to any building. To speed up emergency response times and improve firefighter safety, the local service fitted houses with secure façade key cabinets. Property keys are stored inside the cabinets, so authorized firefighters get rapid building access if there is a fire.

When the emergency call comes, firefighters update their individual, programmable key at the station or while on the move, using a remote key updater kept in the fire engine. There’s no longer any need for fire stations to hold multiple sets of keys or for off-site firefighters to divert to the station to collect the right key.

More rapid response means a better chance to prevent a fire spreading. Safety is improved for everyone, Skellefteå residents at home and firefighters at work.

Clear workflow bottlenecks in public housing
With crime against empty properties on the rise, public authorities in the English city of Rotherham aimed to minimise the time a council house stands vacant. However, workers from multiple departments require access to prepare a property for a new tenant. Passing keys securely between all relevant staff members was a major cause of delay.

At Rotherham Metropolitan Borough Council (RMBC), intelligent key technology helped streamline these workflows, upgrading security and saving money at the same time. RMBC identified physical key handover as a major bottleneck in their workflow. They needed a solution to speed up the process.

Now, each relevant RMBC staff member is issued with their own programmable key. Using simple online software, security managers issue the precise permissions which every staff member needs. The access rights of any key can be amended or revoked at any time.

Physical handover of mechanical keys — and the time and money spent coordinating this process — has been eliminated.

Preserve the fabric of historic buildings — and the design integrity of new spaces
Building type can make a big difference to the access control you choose. Public spaces inside protected heritage buildings often cannot opt for card- and reader-based access control. Here, wireless electronic cylinders which simply replace existing mechanical locks solve the problem, preserving doors which may be centuries old.

The issue of aesthetics also affects modern public spaces, albeit differently. In Stuttgart, innovative design was a key element of the city’s new library building. Door security should be discreet and not disrupt the vision of Korean architect, Eun Young Yi. This was the first public building in Stuttgart’s Europaviertel, a unique creation with a double façade with glass bricks, a brightly lit atrium four storeys high, and public entrances on all four sides.

Almost as soon as it opened, the building was declared an architectural icon — “instantly one of the world’s most beautiful libraries.”* Intelligent key security is hardly noticeable for the library’s many visitors, yet critical for protecting Stuttgart’s precious public heritage

Save time and money managing keys for a mobile workforce
Many public services involve managing and directing a mobile or contractor workforce. Mileage expense mounts up when workers must return to base to collect keys or update their access rights. Mobile workers use more fuel and increase a carbon footprint. You make a business more sustainable quickly if you reduce the mileage they travel.

Reducing miles while maintaining security is not easy, if you rely on mechanical keys to secure remote or dispersed sites. Bluetooth-enabled intelligent keys eliminate the need for workers to return to headquarters to collect or return a mechanical key**.

With a Bluetooth-powered solution, everyone carries their own programmable key and keeps its access rights up to date on the move, simply by making an encrypted connection to a secure smartphone app — meaning fewer miles driven and less money wasted on unnecessary fuel.

One technology powers all these solutions
All the installations referenced above — and many, many more across the full spectrum of public services — run on the same technology: CLIQ® from ASSA ABLOY.

CLIQ combines electronic and mechanical security in a range of wireless cylinder applications, including a full range of mechatronic and electronic cylinders and padlocks. CLIQ locks are installed without wires: every cylinder’s power is supplied by a battery inside the CLIQ key. These keys are physically identical and programmable by a system administrator using a desktop updater; by keyholders with a portable programmer; or in the case of CLIQ Connect Bluetooth-enabled keys, via an encrypted connection to a secure smartphone app, minimizing both wasted journeys and unnecessary social contact between workers and office staff. Intuitive software makes it simple to manage access rights, enable and disable keys and customize access schedules, on site or on the go.

To learn how you can put CLIQ intelligent key technology to work in agile, flexible, secure public services, download a free introductory guide at https://campaigns.assaabloyopeningsolutions.eu/eCLIQ

Axis Talk 2020 digital conference

The Axis Talk 2020 – first online conference in Eastern Europe will take place on June 25, 2020 in four languages ​​- English, Czech, Polish and Russian. The full day program will offer, among other sessions, keynote from Martin Green, the inventor of the first IP-camera and the co-founder of Axis Communications or other international experts.

Axis Communications’ is introducing a new event format for the whole Eastern Europe – digital conference broadcasted online, which will take place on June 25 from 9.50 to 16.00 (UTC +1). Participants can register either for individual sessions or spend the whole day at the online conference.

Everything important about security, video surveillance and IP-technologies
The online conference is intended not only for Axis partners and system integrators, but also for all interested end users. It will bring the latest information about IT and security solutions, smart IP-technologies and surveillance industry as such.

The main featured presentations will include following keynotes:

10.00–10.20
Evolution of Security IoT – a dialog about the past, present and future
What were the beginnings of the Internet of Security Things? What we face today and what awaits us in future developments? These topics will be discussed between Martin Gren and Magnus Zederfeldt

11.00–11.30
AI analytics in the surveillance industry
AI and deep learning bring opportunities for a new generation of video analytics. For many use cases expectations are very high, at the point of being inflated. How do we take advantage of the new opportunities for system solutions and operator efficiency while balancing these expectations?

13.40–14.10
Axis end-to-end solutions for surveillance
Introducing the benefits with an end-to-end solution from Axis with emphasis on AXIS Camera Station. We will introduce Axis range of network video recorders, demonstrate solution ease-of-use and special capabilities, and highlight how AXIS Site Designer helps you to easily design your solution.

14.50–15.20
Audio for security – amplify your surveillance offering with IP audio
Deterring crime by speaking directly to the intruder? Yes, you can. There are many situations when network audio can enhance a security solution. Get to know network audio and its benefits.

The entire Axis Talk 2020 conference program and free registration can be found on the dedicated conference website.

ISE looks forward to Barcelona debut

Momentum builds towards an exciting and secure exhibition, a diverse conference programme and debut of The Next Web’s Growth Quarters

MUNICH 19 JUNE 2020: Planning for Integrated Systems Europe 2021 is well underway with its organisers, Integrated Systems Events, committed to delivering a compelling and safe exhibition for the world’s audiovisual integrated systems community.

The 17th edition of ISE is set to take place at its new home at the Fira de Barcelona, Gran Vía, 2-5 February 2021. The world class exhibition centre plans to reopen for business in September. This will follow the successful completion of a collaboration with risk mitigation consultancy AON and the Hospital Clinic of Barcelona which will determine the specific security criteria for holding B2B events at the venue later this year.

Over 850 world leading technology and solutions providers have already committed to participate at ISE 2021. Over 55,000 sqm of exhibition floor-space has been confirmed for nine dedicated technology zones. This represents a 5% increase on the total floorspace booked for the 2020 show.

The state-of-the-art exhibition centre will house a new-look ISE featuring nine dedicated technology zones, in an easy to navigate layout. These are: Audio, Broadcast and Content Creation (new), Digital Signage & DooH, Education, Live Events (new), Residential, Smart Building, Unified Communications and VR/AR/XR.

A significant development for ISE 2021 is the strategic partnership with The Next Web (TNW), a world-leading technology media brand with extensive reach among global start-ups and technology businesses in general. In conjunction with ISE, TNW will present Growth Quarters – four days of keynotes and presentations addressing all aspects of business growth and scale-up, presented by inspiring technology innovators and experts. TNW will also present Fast Lane, where start-ups create solutions that address specific ‘pain points’ within AV businesses.

In addition, a five-day solutions-themed series of 14 conferences will cover a wide range of topics including digital signage, design and build, control rooms and XR. The extensive programme has been devised in association with ISE co-owners AVIXA and CEDIA. Both associations will also produce their own dedicated series of training sessions and themed events.

ISE will also be developing the show’s digital reach to help engage with a bigger audience than ever before. This will include a wide selection of cross-platform live ISE content being made available, along with many other engaging digital opportunities to help attendees connect with the world’s leading technology innovators as well as hear from thought-leaders and experts.

Mike Blackman, Managing Director of Integrated Systems Events, commented: “ISE is committed to delivering an engaging in-person event in Barcelona and is taking all necessary steps to deal with the new post-pandemic reality that will impact those attending exhibitions and conducting international business.

“The Fira de Barcelona has partnered with AON and the Hospital Clinic de Barcelona and other experts to create a set of safety protocols that are designed to guarantee health and safety around the conditioning of spaces and the regulation of visitor flows. This work started in April and involves risk evaluation, the creation of mitigation strategies and an action plan. Once completed, guidelines for event organisers and exhibitors will be communicated.

“We are listening and adjusting to ensure the show continues to provide the connections the industry needs to grow brands and business. We are determined and confident that we can deliver a compelling show in a safe and secure environment.”

ISE 2021 will take place at the Fira de Barcelona, Gran Vía on 2-5 February 2021.

For more information please visit: www.iseurope.org and www.firabarcelona.com

ZKTeco Europe signs a Strategic Distribution Partnership with Antenall d.o.o.

We are proud to announce ZKTeco Europe and Antenall d.o.o. have signed a Strategic Distribution Partnership to further develop ZKTeco’s market presence of Access Control, Time Attendance and Security solutions in the Serbian market.

As a Distribution Partner, ZKTeco Europe welcomes Antenall d.o.o. as a new key partner in Serbia to broaden ZKTeco’s relevance and increase our presence in the addressable Adria market. This partnership expands the development of opportunities by being exposed to new perspectives and expertise. We hope customers benefit from the strengths and offerings each organization brings to the Security industry.

About Antenall d.o.o.

Antenall d.o.o. was established in 2003 in Belgrade, Serbia. The company has been developing along with new global trends and as one of the leaders in the security business, they successfully provide complete solutions to their customers and meet all business challenges.

About ZKTeco
ZKTeco is a multinational enterprise, that specializes in the manufacture and development of time and attendance and access control technology. With over 20 years’experience in the global market, it benefits from a highly qualified team of over 3500 employees worldwide with its own manufacturing plants that, together with its R&D and engineering departments, ensures complete in-house production of all aspects of its hardware, firmware and software. One of the pioneers in multibiometric and RFID technology, ZKTeco’s products are present around the world, with over 180 million users worldwide, and we continue to grow.

For further information of the products and services we can offer you, please contact us at sales@zkteco.eu.

D-Link’s thermal camera

In addition to the already expanded range of IP cameras, D-Link has the answer to the needs of the market in this crisis situation by presenting a new series of thermal IP cameras.

The DCS-9500T Group Temperature Screening Camera is an all-in-one fever screening solution, ideal for entrances at schools, hospitals, transportation hubs and offices buildings. It provides rapid skin-surface temperature detection for up to 30 individuals under 30 ms with a ±0.3°C accuracy. It allows you to detect feverish people with elevated skin temperature quickly and precisely in flowing crowds so that you can be notified instantaneously to intercept related individuals and take appropriate action. The wide-angle thermal lens means you can monitor a wider area, and the uncooled IRFPA microbolometer high-resolution thermal sensor allows for sharper thermal imaging. The kit comes with a blackbody calibrator that enables the system to calibrate in real-time to ensure constant accuracy.
Additional built-in IVA functions allow the DCS-9500T to detect human shapes, boundary/ perimeter crossing and missing objects. While PoE support allows the camera to be powered and connected through a single cable, giving additional deployment flexibility, especially at locations where a power socket is not available.

Product Highlights

All-In-One Fever Screening Solution
Complete kit that includes thermographic camera with intelligent temperature detection, blackbody calibrator and management software, no additional hardware or software required
Simultaneous Multiple People Detection
Screen up to 30 people at the same time with a rapid response time of less than 30 ms and accuracy within 0.3°C
Flexible Integration
ONVIF compatible for easy integration with optional CGI and SDK support

Features

• On-board temp-detection algorithm
• One IP address two channels
• Effective pixels 400×300
• Sensitivity 40mK
• Thermal: 8mm Fixed lens, Visible: 2.7-12mm motorised lens
• Accuracy ≤0.3°C
• Body detection, up to 30 Targets
• Response Time ≤30ms
• 17 color control

Pandemic signals growth for contactless biometrics market

The global contactless biometrics technology market size is expected to reach USD 30.15 billion by 2027, registering a compound annual growth rate of 20.3% from 2020 to 2027, according to a new study by Grand View Research, Inc.

The latest information from the research company suggests that, rising demand for security and surveillance due to an increasing threat of terrorist attack and penetration of contactless biometrics solutions in enterprise applications is anticipated to propel the market growth. Additionally, the demand is steadily increasing amid the COVID-19 outbreak. This pandemic has also influenced various digital businesses, which are now developing facial recognition systems to secure their online platforms.

A rise in digital banking across the globe is creating major impetus behind the introduction of voice and facial recognition in the banking and financial sector. For instance, in June 2016, Citigroup Inc. introduced voice biometrics to verify customer’s identities. The use of contactless biometrics authentication for banks offers an additional, convenient, and user-friendly way of verifying their customers, thus delivering a consistent and superior user experience with strong and secure authentication across channels.

Moreover, software vendors are providing various development kits to the market, allowing technology providers to offer advanced contactless biometrics software for their hardware. By way of example, according to Grand View, in January 2020, Facefirst, launched a software development kit (SDK) for identity verification product developers to integrate advanced facial recognition into their systems. The SDK works offline or online, runs in a docker container, and supports Linux OS to enable easy integration into any IoT device.

Some of the key organisations named by the analysts as major players in this market include Aware Inc.; Fingerprint Cards AB; Fujitsu Limited; Gemalto N.V.; HID Global; Idemia; M2sys Technology; NEC Corporation; Nviasoft; and Touchless Biometric Systems AG.

HID collaborates with Fidesmo on access control wearables

HID Global, a worldwide leader in trusted identity solutions, announced a collaboration with Fidesmo, a provisioning company that makes it possible to connect contactless services to wearables. Fidesmo has integrated HID’s next generation Seos credential technology into secure element chips that are used in a wide variety of wearables.

“As wearables grow in popularity, organizations of all types will be confronted with the need to support new form factors for physical access and other popular applications,” said Steve Currie, VP and Managing Director of Extended Access Technologies with HID Global. “Working with Fidesmo to bring more use cases to wearables delivers on the promise of Seos credential technology to provide users the freedom to use their preferred device, whether it’s a phone, card or wearable, to easily navigate their daily life.”

Because Seos credential technology is designed for flexibility, Fidesmo can load the Seos applet into the tamper-resistant secure elements (SE) produced by the most prominent chipmakers in the world. This will enable wearables manufacturers using the broadest range of SE chips to add building and parking access as well as complimentary applications to their smart watches, watchbands, rings and other devices. Authentication to PCs, IT systems and cloud applications, secure print job collection, time and attendance, point of sale, and automated cashless vending, are some of the numerous additional applications supported by Seos credential technology.

“The Fidesmo team is honored to join HID’s partner network and looking forward to our mutual journey as we provision HID’s secure access credentials over our platform,” said Mattias Eld, CEO, Co-Founder of Fidesmo. “Working with HID we are forwarding our vision to enable people to choose their favorite wearable and connect and use it with any contactless service they need – anytime, anywhere.”

The partnership makes it possible for employees to use their personal wearable device to add the access control service, and companies can also order a number of wearables for their dedicated use, in special areas or even adding more services to them, like payment or their employees’ public transit job ticket.

Fidesmo’s integration process allows wearables manufacturers to add contactless services to the tamper-resistant secure element in their devices. This also makes it possible for contactless service providers to distribute their services to many devices without the need for hardware. For wearables users, no pre-configuration is needed. They simply connect to the services and applications that have been provisioned to their wearable, easily and securely.

Adding access control capabilities to wearables also addresses environmental constraints, such as a clean room with specific gear and uniforms that preclude using smart cards and/or biometric identification—making it ideal for pharmaceutical production environments, as well as operations rooms, mining, car and food production, and anywhere where sanitization compliance is a priority.

Integrating cyber-physical: Security in Banks without Breaking it

Cyberattacks on financial institutions are becoming more prevalent. Some media reports suggest that more malware was targeted at banks in 2019 than any other industry. Cyberattacks are also becoming diverse, ranging from simple phishing attacks to complex attempts to access credit cards and bank accounts. This is hardly news anymore though, banks, by the very nature of what they handle, make an attractive threat. But what is concerning is the increasing number of ways in which cyber and physical security threats converge. Integrated digitalized solutions for operational, as well as security purposes, are increasingly becoming a normacross industries. The downside of it all is this emerging security threat. In this article, we take a look at the new kinds of security threats that customers in the banking vertical should be aware of in 2020, how these can be mitigated with a proper framework, the role of systems integrators and how the right solutions can be used in the right ways.

What Kind of Cyber and Physical Security Threat to Expect in 2020?

In Britain, some of the largest retail banks have been forced to halt processing foreign currency orders after a cyberattack on exchange provider Travelex. In Africa, operations at several banks were affected after attack by Russian hackers.

There is no doubt that there will be more incidents taking place in the future, given the nature of the technology and how hackers continue to successfully exploit vulnerabilities. But even more, concerning is how physical security is now connected to cybersecurity. With physical security solutions becoming more and more digitalized and integrated, an attack on either of the domains could have wide-ranging repercussions.

“Financial organizations are battling a growing number of physical and digital security threats,” said James Somerville-Smith, Global Customer Marketing Leader – End-User Programs at Honeywell Commercial Security. “According to new research from Honeywell Commercial Security, which surveyed 1,000 large financial institutions across the UK and North America, physical security incidents in large financial institutions have increased across all access points, with half of respondents reporting that incidents affecting employee access systems, physical safety of staff and data centers have gone up over the last year.”

Sophisticated Attacks and Higher Loss
According to Joon Jun, President of the Global Business Division at IDIS, we are likely to see organized cybercriminals continuing to find and target any weakness they can exploit.

“With increased global political instability, we can also expect more state-sponsored cyberattacks on banks and other critical infrastructure where an attack can damage productivity and result in major disruption and financial losses,” Jun said.

On the cybersecurity front, major attacks and threats to the banking sector are focused in three areas, sensitive data exfiltration, ransomware attacks, and denial of service attacks targeting IoT devices, along with risks induced by third party vendors with weak internal cyber hygiene, according to Kevin Sheridan, Director of Financial Institution Services for Convergint.

Convergence of Attacks
Alarmingly, several attackers have taken advantage of physical security solutions that are in place. For instance, hackers gaining access to surveillance cameras at ATMs are able to access the pin codes that customers enter. Jun pointed out that theft of biometric data as hackers look to bypass multi-factor authentication (MFA). This danger was
highlighted last year when Kaspersky Lab researchers identified the selling of digital fingerprints together with
associated personal data on the dark market.

Finding Method in The Madness
To tackle these growing problems of attacks on integrated security systems and avoid security breaches of any kind, banks must plug the gaps between standalone platforms by integrating their physical and digital security systems across the entire enterprise.

“As many financial institutions are both multisite and multiregional, such as retail banks with HQs and then branches, this means striking a careful balance between global central integration control and different regions using different systems and equipment – or locally monitored systems with global remote management as a possibility,” Somerville-Smith said.

However, an even major issue is that while cyber and insider threats make for more fascinating stories, physical security can often be overlooked. Jun explains that these risks have not gone away though and include bank and ATM robbery, cash-in-transit attacks, social engineering to gain access to restricted areas, and corporate espionage.

Plus, banks should also be considering the safety of their airspace, with drones posing not only a terrorist threat to corporate enterprises but cyber threats too as they have the capability to Wi-Fi spoof and trick employees and visitors into thinking they are connecting to a trusted network in order for hackers to gain access into a bank’s corporate network as well as harness personal data including banking details.

Creating a Framework for Cyber-Physical Integration in Banks

In the UK and North America, financial institutions are shifting towards a global management system of physical security. Asurvey from Honeywell Commercial Security shows that half of the respondents (47 percent) said their company’s security is managed at a global level, with all branches under the same enterprise or integrated system, and a further third (32 percent) said they were planning to shift to a global model.

With integration playing an important role across both security measures and markets, enterprise solutions featuring remote oversight and management are going to grow in popularity.

A Holistic Approach

“The keyword is ‘integrated’,” explains Martin Koffijberg, Director, Business Development, Banking and Finance at Axis Communications. “A failure to look holistically at both physical and cybersecurity – to connect the physical with the logical – will inevitably create vulnerabilities. It is important to adopt some form of Enterprise Security Risk Management or Converged Security approach.”

Both physical and IT security should follow the same cybersecurity principles and be evaluated in the same way, Koffijberg added. The first step has to be an acknowledgment from physical security practitioners that these security devices are connected to the network and, while performing security operations, create new risks to a business that hasn’t been seen with older technologies.

Framework Components

First, thorough and continued risk assessments need to be part of every physical security manager’s playbook. Today, many banks in the West have implemented sophisticated physical identity and access management (PIAM) policies, which control not only access into buildings but into the corporate network too.

“These feature useful functions like shutting down access to networks when an employee leaves their laptop, desk or building,” Jun said. “Other functions include enforcing two-factor authentication before login and the use of analytics to flag suspicious network access or unusual activity.”

Speaking about his company’s experience in dealing with the situation, Kevin Sheridan, Director of Financial Institution Services for Convergint, said that their larger financial clients are focused on four key elements of securing their operational security systems to mitigate the risk of any potential vulnerabilities. These are:

1. Device Identification
With the volume of connected devices integrated into physical security systems at financial institutions, awareness of what devices are deployed, where they are deployed, and what their operational status has become more important than ever.

2. Device Hardening Protocols
Password management is a focal point of our most sophisticated clients. Changing default passwords, while seemingly a rather basic activity, is something that many institutions have struggled to achieve given the volume
of IoT devices deployed.

3. End-to-End Encryption
Physical security system architectures are increasingly having this level of network architecture as a requirement of physical security system design.

4. Patch Management
Keeping your systems up to date with the latest firmware patches and software updates, when combined with the aforementioned elements, reduces the attack surface significantly.

The Human Factor And AI
When designing a comprehensive security solution with a holistic approach, technology is only part of the problem to be dealt with. The other part is the people who use the technology. To mitigate physical breaches, human error, and surveillance monitoring, it’s also important to address the problem of fatigue.

“That’s where deep learning and AI solutions can transform control rooms operations for major financial institutes, including those that operate 100s or even 1000s of cameras across large and multiple sites,” Jun said “Because deep learning learns over time, it distinguishes between environmental factors versus actual threats, such as an intruder or suspicious loitering. This translates into fewer false alarms and reduces the chance of control room operators shut down alarms, resulting in a quicker, more appropriate response to incidents.”

Solutions Critical to Fighting Cyber-Physical Threats in 2020

Physical security systems and devices that are connected to the network are endpoints that can potentially introduce significant cyber risk into an organization. Physical security devices are frequently overlooked by IT departments and oftentimes, are not properly patched, updated, or managed.

“These devices are typically configured with default passwords, open ports, and protocols, and they run legacy firmware versions with known vulnerabilities,” explained Kevin Sheridan, Director of Financial Institution Services for
Convergint. “Hostile actors can exploit these vulnerabilities, allowing them to gain an initial foothold into an organization’s network. These compromised devices can then be used as a foothold within the network to pivot to other devices or systems.”

Properly hardening camera, card reader, video management, and other connected systems prior to their initial deployment, and properly managing them throughout their lifecycle, will significantly reduce the attack surface that can be exploited, thereby reducing risk.

Major Factors to Consider
According to James Somerville-Smith, Global Customer Marketing Leader – End-User Programs at Honeywell
Commercial Security, there are four key considerations to bear in mind when integrating cyber and physical security systems:

1. You must ensure that all physical hardware components are cyber secure in their own right
2. All intelligence and data must be protected behind a strong and comprehensive firewall
3. Access to sensitive areas such as data rooms needs to be protected by multilayered accreditation
4. Systems in sensitive areas are protected via local security so that personnel is not able to access systems unless they have properly badged into the restricted area. This will avoid giving system access to personnel in areas that they have got into illegally (e.g., by tailgating), with any breaches being flagged immediately to a central control room so that a response team can be sent to check the breach

Sheridan added that besides properly managing the cybersecurity of the actual physical security devices deployed at a client’s site, it is also imperative that the integrator itself has a strong internal cybersecurity program to ensure the integrator is not the vector for sensitive client data to be compromised.

From Technology to a Process
Martin Koffijberg, Director, Business Development, Banking and Finance at Axis Communications is of the opinion that the concept of cybersecurity should be looked at as a process rather than a technology. You can have the best security-related features built into technology, but if they haven’t been enabled or set up correctly your investment in this is lost and the associated risk increased.

This is no different for physical security technologies than any other IT device connected to a network. This has recently been highlighted by the UK Surveillance Camera Commission’s Secure by Design, Secure by Default certifications for manufacturers.

Balancing Costs and Efficiency
It’s not unusual for global banks to now hand over their technical physical security deployments to ICT departments. Cybersecurity risks are making convergence happen in some sectors, including banking, far more rapidly than the advent of IP surveillance did. It’s not unusual now to see surveillance decisions made by heads of IT and cybersecurity (or those people at least being major influencers on purchasing decisions) but this trend is occurring more in the west than elsewhere.

“However, these set-ups are out of the reach of many banks and are seen as too expensive to implement and maintain,” Jun said. “This is compounded by the fact cybersecurity experts in some parts of the world are hard to come by.”

Jun stressed on the importance of cost-efficiency, concluding that banks need the most cost-effective local NVR and centralized serverbased solutions available, and ones that use proprietary protocols and custom file structures which make them unfamiliar to cybercriminals and therefore very difficult to hack. Plug-and-play solutions could also play a key role, as they are easier to install compared to traditional systems.

Bank Security Challenges and the Role of Systems Integrators

There is no question on the need to come up with a comprehensive security framework that would integrate cyber and physical systems in the banking sector. Unfortunately, to implement such an effective framework, banks must overcome certain challenges.

For instance, legacy operating systems can be difficult for financial clients to justify replacing. If an access control platform, for example, isn’t investing in the cybersecurity feature set of their system, it can put clients in a tough position. A well-connected integrator with scale can help a client make sense of both the capabilities of their existing systems, as well as alternative platforms.

“In addition, there are many operating silos within financial institutions, with their own operating mandates and business objectives,” said Kevin Sheridan, Director of Financial Institution Services for Convergint. “Coordinating the cyber posture of those operating entities is absolutely essential. ATM/ITM groups, facilities, physical security
departments, and IT might have different priorities, but they all utilize physical security systems to deliver services to their internal and external stakeholders.”

In the past, many of these operating silos used a variety of integrators, both regionally and within lines of business, but in today’s environment, the most risk-aware clients are single sourcing integration services such that the security protocols are uniform across the entire enterprise.

The Human Factor
Some of the other challenges include the lack of understanding, at a high-level, concerning the risks posed by insecure IoT devices, including IP cameras. Confusion is fueled by mixed messages from vendors about “strong cybersecurity credentials” when in truth some have cameras that are far from secure- with even some devices listed on websites revealing vulnerabilities or backdoors that can be exploited.

“Security is still too often seen as a cost, and therein lies the danger – it is a mistake to just provide a budget for a surveillance upgrade without fully considering cybersecurity threats,” said Joon Jun, President of the Global Business Division at IDIS. “Equally dangerous may be avoiding decisions about upgrades or even maintenance, because strong security is not seen as a business asset. After disaster strikes, it’s too late for boards to discover that a successful cyber-attack via an IoT device, just like a physical attack, can be both disastrous and costly.”

What The Systems Integrator Can Do
Having seen the challenges, it is obvious that constant education, training, and skilling are essential. Every individual can essentially create a potential vulnerability, and a chain is only as strong as its weakest link. According to Martin Koffijberg, Director, Business Development, Banking and Finance at Axis Communications, this means that systems integrators (SI) need to work closely with the manufacturers of physical security equipment to stay abreast of both cybersecurity enhancements and potential vulnerabilities (and, critical, the action required to mitigate these).

“The way that security systems have been designed and manufactured has fundamentally changed over recent years,” Koffijberg said. “The importance of installation and commissioning security systems, combined with an understanding of how corporate networks need to be configured to protect the integrity of the device and network has changed, and human error poses the biggest risk.”

In other words, SI should prepare themselves by investing in technologies and top cyber talent on both the offensive and defensive sides, to better understand the risks that physical security devices can introduce into an organization’s network.

Kevin Sheridan, Director of Financial Institution Services for Convergint, explained that technology investments in credential management, scalable enterprise patch management, and firmware deployment platforms, as well as detection and response capabilities, are some of the tools needed to help reduce the risks often associated with
physical security devices.

“Follow a tried and true published standard; the National Institute of Standards and Technology’s (NIST)
Cybersecurity Framework,” Sheridan added. “It provides a common language that allows staff at all levels within an organization – and at all points in a supply chain – to develop a shared understanding of their cybersecurity risks. The Framework not only helps financial organizations understand their cybersecurity risks (threats, vulnerabilities, and impacts) but how to reduce these risks with customized measures.”

Apartment access without mobile app (Top 4 apartment access challenges)

Thanks to Booking.com and Airbnb, apartment rent has been the fastest growing hospitality market segment up until the Covid19 outbreak. Although many say that “nothing will be the same”, once the pandemic is over, it is safe to assume that the trend will continue. That is good news for the smart lock and mobile access control vendors. Their market niche has been lately enjoying extraordinary demand due to the need to remotely manage the apartment access.

It turns out there is a wide range of managed access solutions targeting the apartment rent market, with vast variety of smart locks and almost equal number of approaches to access management. The differences can be huge, and often hard to figure out quickly due to the abundance of mechanical, electrical, communication and software possibilities. Yet in most cases, the users are confronted with some considerable challenges.

One company, Spica from Ljubljana, Slovenia is tackling these challenges by offering the alternative solution. They run Door Cloud, a general-purpose, cloud-based and mobile-friendly commercial access control service. This is how they tackle the four major apartment access challenges:

  1. Mechanical – There are countless shapes and forms of door locks, some smart locks need full replacement, some are mechanical add-ons, some are partial replacements. Finding a mechanical fit for a particular door is not an easy task.

Solution: Instead of locks, Door Cloud works with generic electric strikes, which can coexist with almost any type of conventional lock. Electric strikes are well known and widely used with intercom door access devices. 

  1. Electrical– Majority of smart locks are battery operated, and the quoted battery life is rarely realistic. So batteries will need some regular attention if we want to avoid nasty surprises.

Solution: Electric strikes are mounted on the door frame allowing for conventional wired power supply, so there are no battery worries. 

  1. Communication– Majority of smart locks communicate with smart phones locally via WiFi or Bluetooth. Such setup itself is rarely easy, it is often prone to glitches and may require occasional resetting or even reconfiguration from scratch. As with other WiFi and Bluetooth devices, the reliability is not exactly rock solid.

Solution: Door strike is wired to the door controller which is hooked to the apartment router. The ethernet cable provides rock solid, trouble-free communication with Door Cloud servers. The smartphone communication is separate and independent, via mobile data network or apartment WiFi. 

  1. Application– Apps clutter the phone, need space and require more or less annoying registration process. So there is understandable resistance to installing “yet another” app, more so if it is needed only temporarily.

Solution: The app can be replaced with something they call Key Link. It is a simple URL (web link) which can be used by guests to access the apartment. All they would need is some online device, usually a smartphone. 

So, how it’s done? Using the mobile app, the apartment manager can remotely open the door at any time. More interestingly, she can generate the Key Link which allows anyone to open the same door during the set time period. She then sends the link to the guest via email or chat – just like any other web link. Once the link is received, the guest is able to use it simply by clicking on it – the url will open the browser at the door opening page. One button press on the page, and the door opens.

Key Link may be used for the 1st guest access only or even for the entire duration of the stay. Key links can also be used for cleaners, deliveries and similar. The security is not personal and can be compared to that of a long PIN code, which should be good enough for less-than-permanent use.

For more about Door Cloud go to www.doorcloud.com.

UNV thermographic fever screening solution

As the emergence spreading globally and the cases of Coronavirus rapid growing in Europe, the national economy in each country is hit hard. Thus resumption of work and production as well as back to school becomes serious challenge to economic recovery currently. For this epidemic situation, abnormal body temperature is one of the symptoms of pneumonia, it is essential to effectively detect and control the flow of people from areas with high incidence of the epidemic.

In order to help organizations respond to the epidemic situation, Uniview recently releases the latest thermographic fever screening products and solutions which will make a fast preliminary human skin-surface temperature screening without any contact and better to prevent infection from entrance area.

For the UNV newly thermographic fever screening solution, it consists of optical & thermal bi-spectrum camera, blackbody, AI NVR and tripods, which is an all- in- one delivery solution with easy to install and available for rapid and temporary deployment. The bi-spectrum camera adopts 4MP 1/8 inch optical sensor and 384*288 thermal detector to provide clearer image and measure temperature differences in people entering the field of view, besides the camera is built in mic and speaker and red & blue alarm flash light which is easy to warn personnel on site when cases happen. UNV solution uses blackbody device to help calibrate the temperature measurement, making it more accurate and stable especially in less controlled environments where the elements can influence the reading. At the back-end, the AI NVR will allow two bi-spectrum cameras to access in and record simultaneously, and it can provide intuitive demonstration interface to visually display temperature status, mask wearing status, abnormal (elevated) temperature counts, not wearing mask counts and total counts, etc. Moreover, in this smart solution, AI technology ensures thermographic cameras only detect human skin-surface temperature based on face detection, which will filter false alarm caused by other heat source, such as hot water or food.

With its sophisticated component in hardware and excellent performance in image and software, UNV thermographic fever screening solution can support no more than ±0.3℃(with blackbody)deviation at recommended range of 3~6 meters, and be widely applied to multiple scenes such as schools, hospitals, commercial buildings, transportation hubs, etc.

ISSUES

Global Security d.o.o.

Hasiba Brankovića c, 71000 Sarajevo, Bosna i Hercegovina
Tel: +387 (0)33/788-985
Fax: +387 (0)33/788-986
Web site: www.asadria.com
Marketing: marketing@asadria.com
Subscription: pretplata@asadria.com
VAT no: 201142740001
ID no: 4201142740001
ISSN 1986-5

a&s Adria – professional security magazine for providing total security solutions is a monthly circulating publication and a licenced representative of Messe Frankfurt New Era Business Media for Adriatic region, which consists of following countries: Bosnia and Herzegovina, Croatia, Kosovo, Montenegro, FYR Macedonia, Slovenia and Serbia.