Intelligent Video

/in , /by

As brick and mortar companies continue to drive the level of competition up in the retail market space as they compete against online companies offering free shipping and very low prices, they must seek every possible advantage so as to grow their revenues while still addressing conventional security threats such as inventory loss through internal and external theft, also known as “shrinkage”.

Fortunately for those working in a retail space, the security industry has developed products allowing for greatly enhanced security in addition to a whole range of features that are useful in tracking customers and streamlining various processes. There are five key areas associated with the concept of “Intelligent Video”: People counting, traffic pattern analysis, customer satisfaction, the reduction of theft, and monitoring the exterior. Here we will look at these aspects of “Intelligent Video”, more commonly known as analytics enhanced video surveillance.

 

Unlike a company that operates strictly online, traditional storefronts have a difficult time determining just how many people visited their location each day. Counting visitors can enhance efficiency and make it easier to make decisions which could affect conversion rates and per-customer transactions. Cameras at the entrance should use WDR or “Wide Dynamic Range” so as to bring the clearest images to the analytics software.

Using analytics to monitor and analyze traffic patterns can involve heat mapping, which visually shows a hot and cold flow on screen based on customer flow. Regional people counting analysis helps show how people move through the store. Data like this can be used in determining where to place products, how high on the shelf, and etc. This software can also show how much visitors look at any particular display. Ultimately, all this data can be combined to get a very clear picture of what your customers do on average, and therefore what your best options are for the store.

 

As far as improving customer satisfaction goes, it simply follows from the implementation of changes based on analytics information. Line times can be reduced or eliminated in the store. On a broad scale, analytics will determine how many people to bring onto staff on any given day and what hours they should work. HD cameras can also be used to individually capture transactions at the register.

As for reducing theft, a wide range of options is available. IR cameras for very low light areas to motion detection or more advanced tech such as tripwire or removed object analysis will enhance overall effectiveness in managing inventory and reducing theft. PTZ (Pan, Tilt, Zoom) cameras are useful in monitoring the exterior of the building. Having a camera for every corner and corridor also eliminates the possibility of false injury claims and confirms facts in the case of a burglary.

 

One offering for upgrading existing systems comes through a company called Avigilon. Avigilon is a Vancouver based security equipment designer and manufacturer, perhaps most well known for the software they have developed to analyze raw video data, with no input other than the pixels streamed through an HD camera setup.

“Open Video Management” using what they term “Self-Learning” video analytics is the cornerstone of any modern video analytics solution. The company also manufactures several lines of high quality HD cameras and access control gear, but it is not a requirement that all equipment be from Avigilon. Avigilon analytics is performed on-site with a proprietary set of hardware and software, and is effectively limited only by the quality of the video input.

When combined, the elements of a professionally installed video analytics system work in concert to reduce risk and bring new potential to a business.

 

Security Technology offers the integration of security solutions such as these, along with analytics to get the best overall picture of what goes on in your storefront.

Please contact us through email at admin@gostst.com on our website or via phone at  210-446-4863   24/7

Sources: Security Today Magazine

IoT Moving Into 2020

/in , /by

 

The term “Internet of Things” was coined in 1999, gaining significant traction in 2011 after a report by Gartner added it to a list of emerging technologies. As more companies worked on advancing and creating new applications for IoT, the technologies involved gained ongoing global coverage. In its inception people often referred to the IoT as “embedded internet” due to its increasingly pervasive nature and presence in many aspects of our lives. Of course with any emerging technology there are associated risks, and these threats will grow and evolve as the technology does. In this article we will look into these risks, where IoT is moving, and the ways in which organizations are mounting defenses for their networks.

 

IoT is an umbrella term to include all devices with IP addresses connected to the internet. There are presently five types of IoT applications.

These include:

  • Consumer IoT–e.g. Light fixtures, connected thermostats and alarms, and systems such as Nest

  • Commercial IoT–these applications include healthcare and transport, connected pacemakers and other medical implants or wearables, and vehicle to vehicle communication

  • Industrial IoT–including network connected control systems, smart agriculture, and big data

  • Infrastructure IoT–this aspect of the IoT deals with network connectivity of smart city applications such as surveillance cameras, facial recognition, and traffic analysis devices

  • Military IoT–including application of IoT technologies in the military and police, to include network connected robotics and wearable biometrics for police and infantry

 

The technology underpinning the IoT allows users and systems to connect seamlessly to a wide array of networks and expands connectivity between physical and digital systems. With organizations and governments prioritizing this move into the cloud, the technology and protective measures must race to keep up with demand.

The number of IoT devices worldwide have been growing at a rapid pace from the late teens:

  • 2018–7 billion IoT devices

  • 2019–the number of devices more than triples to over 26 billion

  • 127 Devices are connected to the web every second

  • By 2025–more than 75 billion devices are expected to be connected

 

In the year 2020 it is predicted that 93 percent of enterprises will adopt IoT technology, 90 percent of cars will be web connected using IoT technology, and 3.5 billion cellular IoT connections will be installed.

 

According to the 2018 Open Web Application Security Project (OWASP), the most significant vulnerabilities for IoT technology include:

 

  1. Weak, guessable, or hardcoded passwords—such as short, simple, and publicly available passwords.

  2. Insecure or unneeded network services—which are installed on the device and may expose data such as sensitive and financial information to theft and eavesdropping.

  3. Insecure ecosystem interfaces—external interfaces that connect to the device. The connection may compromise the device and its components.

  4. Lack of secure update mechanism—such as un-encrypted data moving from outward sources towards the device, and poor security monitoring.

  5. Use of insecure or outdated components—such as open-source and third-party components that weren’t scanned for vulnerabilities.

  6. Insufficient privacy protection—failure to protect private information that is stored on the device and connected ecosystems.

  7. Insecure data transfer and storage—such as the lack of access control and encryption during the movement of data.

  8. Lack of device management—on devices deployed in production; results in poor security support.

  9. Insecure default settings—the inability to fix insecure settings creates exploits in devices and systems.

  10. Lack of physical hardening—creates a larger attack surface, which threat actors can leverage to take control of a device or system.

More IoT components mean a greater attack surface is exposed. The more points connected to the network, the greater the risk. Endpoint Detection and Response (EDR) tools can be employed to monitor endpoints and send alerts for critical security events. It is also important to scan devices before allowing connection to your network in order to prevent the introduction of vulnerabilities. Vulnerability scans on a regular basis help to ensure the health of the network.

It is also important to segregate network infrastructure to allow least exposure to the internet. This can be done by creating a dedicated network for IoT with limited access.

Moving into the new decade we can expect IoT devices to become more and more embedded in many aspects of our lives, both personal and professional. The technology enables a move towards digital transformation with many industries moving into the cloud. From the protection of personal devices to the defense of an entire network, it is critical that IoT security be taken seriously. With more connectivity comes increased risk of exposure. The more we entangle the physical and the digital, the more real the results of an attack or security leak become.

Moving Into 2020: Video and IoT Trends

/in , /by

             As 2019 comes to a close and we begin to look forward to the next decade, we can now reflect on the year and the trends that have begun to influence both video surveillance and the physical security industries. December tends to be the start of a lull in business, including for the end user. Many businesses can be reluctant to make new purchases in security, or of any kind at the close of the year, and so those in the security industry also feel this slowdown. Still, this time offers us the chance to look forward and prepare for the coming year and beyond.
Here we will look into the security trends we expect in the near future.
—————————————————————————————————————————————————————————-
Cybersecurity for IoT
            IoT device security will continue to be a major focus, as it has been throughout 2019. Threat actors will continue to target IoT devices at the enterprise level in order to attack business infrastructure. In fact, more than 30 percent of denial of service attacks are targeting enterprise IoT devices already. Because these threats continue to evolve, the IoT and physical security industries must make an effort to keep up with cybersecurity trends and take measures to implement defenses against these threats. Still, many integrators continue to ignore this aspect of the field simply out of a lack of knowledge and a failure to properly gauge the severity of the threat.
             One of the best solutions here are automated tools, which are more advanced than ever. These tools can seamlessly integrate IoT hardening without  requiring a significant level of cybersecurity knowledge. These tools can give a complete asset inventory, secure those assets, and then insure compliance through ongoing monitoring. Automated tools also offer reports to the end user which can be helpful in filling in security gaps and determining where weaknesses and potential breaches in infrastructure are at. It is critical for the modern integrator to adopt such hardening tools to implement security from the beginning and throughout the life cycle of a system.
—————————————————————————————————————————————————————————-
Device Monitoring
               With IP cameras and other IoT security devices continuing to proliferate and expected to grow to billions of connected devices with IPv6, the demand for services that can assure and track physical security assets will grow alongside them. These device monitoring services track physical assets, monitor the performance of physical security and help with life-cycle management. Real-time management can be achieved through software platforms offering remote connections. These platforms help security integrators to assure system compliance, increase system up-time and performance, all while lowering the overall cost of maintenance. Such services also offer the benefit of RMR to the integrator through remote monitoring service contracts.
—————————————————————————————————————————————————————————-
The Cloud
                      Much has been said about cloud computing, and it is perhaps one of the most important pieces of the modern internet, allowing off-site data storage and processing using the resources of cloud service companies rather than requiring traditional on-site server setups. Ease of use, reduction in cost, and the simple fact that cloud computing has been critical for the last several years all lead to the end-user wanting these services.
                      Decision makers want to move hardware off premises and are looking for cloud-based solutions to video, access control, device management and monitoring. This demand will increase with time as the cost of entry goes down and cloud computing becomes the gold standard for IoT security platforms. Access control software will be hosted in the cloud, with the data from IP cameras and other security infrastructure fed into it, processed, and stored.
                     There is the issue of upstream bandwidth limitations for some larger commercial security and surveillance deployments. But with 5G coming in the early 2020s, and storage becoming cheaper every year, this is something that will likely be solved in time. In the very near future however, expect some video storage for larger facilities to remain on-site along hybrid solutions involving the use of the cloud for analytics and event video archiving.
                      Another advantage of the cloud is that it streamlines software updates for applications and firmware. Failure to manually manage such updates has historically been a problem in maintaining a hardened network. The cloud allows both these updates as well as new features to be deployed rapidly and securely, all while reducing the costs for integrators.
                        These are all security themes we can expect to continue to grow into the coming years, and the opportunity to remotely service security systems through improved wireless and cloud infrastructure will be leading the way. We can expect the key security changes of the last 5 years to be predictors, ultimately leading us to an age of extremely fast and hardened wireless security that is fully scalable and as cost efficient for both the end-user and integrator as possible.
—————————————————————————————————————————————————————————-

STST Inc. is South Texas’ source for professionally designed and integrated security and access control systems.

To set up an appointment to get a quote on your project,

Call us at 210-446-6306
or send an email through our website:

Why Smaller Businesses Can Be More Susceptible to Hacks

/in /by

 

 

The last few years have seen major breaches at sprawling corporations such as Facebook, Yahoo, and Marriott Hotels. The list continues indefinitely, and the total losses amount to many billions.

Between overreaching government surveillance, ISPs monitoring us, and the world of cyber-crime, online privacy continues to shrink. Today’s children will never have known the Internet of the past before the total control of tech monopolies and so-called “bulk” data collection efforts of both domestic and foreign governments. Because many of these tech giants do not adequately protect against hacking efforts, even with their massive budgets, the small to medium business owner might feel that these outcomes are unavoidable, and therefore take no proactive measures against them.

Corporation tend to ignore the signs leading up to a hack even though attacks have been steadily rising through the years. They instead prefer to mop up afterwards, and so have set a trend for poor information security. Still, these megacorporations do possess the resources to strengthen their cybersecurity, and so the online criminal element often decides to target the smaller players.

In fact, many dozens of smaller businesses are targeted each month with the attacks being launched from all over the world, many times from overseas. This is despite some smaller business owner’s argument that their small size alone is enough deterrent. They tend to imagine a hack that pulls off something more extreme, such as a ransom on their networks, but most attacks aim to steal and sell people’s data and identity.

Today’s attacks are carried out with robust yet freely available and highly automated tools such as Metasploit and the Kali Linux operating system. It is often not necessary to have knowledge of programming or the ability to write your own scripts in order to lead an effective attack against a network, and as much as 80 percent of all data breaches are a result of weak password security.

Many people and companies will reuse the same weak passwords across several sites, platforms, and networks. Once one of these is compromised, the rest tend to follow. Passwords can be compromised in any number of ways, with the weakest susceptible to simple brute force attacks or rainbow table attacks against stolen hashes (an encryption technique) of the passwords.

It is not uncommon for CEOs and owners to be unaware of exactly the password policies their management have set. Experts in information security have long emphasized that although these policies must necessarily stem from upper-management, everyone must be on-board and playing their part. Frequently changing passwords and making sure to eliminate permissions for any ex-employees right away is critical, as there are many online grey-markets where sensitive network information can be sold.

A common assumption is that an effective cybersecurity infrastructure is by its nature expensive.  A company does not need thousands in budget to make themselves at least less attractive to criminals however. Keeping online credentials private and not sharing login information between employees goes a long way.

Effective security often operates on a “need-to-know” basis. VPN services are cheap, easy to use, and grant so many benefits that not using one is a mistake. From avoiding ISP throttling and surveillance, thwarting region restrictions, and creating an encryption tunnel between you and the Internet, these services can be invaluable. Certainly you should not connect to a public WiFi without going through your VPN. Finally, many enterprises use password management apps and software, which by default provide security.