Methods for Enhancing Building Access Control

Whether you have a building that has successfully used the same access control protocols for years or one that needs change, this coming quarter of 2019 is a good time to consider reassessing the system and procedures you use. Critically, if you are not using any form of access control, consider adding it as part of your security plan sooner rather than later.

Having a solid access control system and policies in place will help keep your occupants, assets, and property safe by ensuring secure access for the right people to the right segments of your property.

Sitting next to surveillance and maintaining a human presence on-site, a system of electronic access control completes a triad of safety, and will be designed to take into account the design of the building, any complementary security systems, and training for those who will use it. Following are three things to think about when working with a security integrator to design and implement electronic access control on your properties.

 

1. Setting Access Levels

Borrowing a page from the “Zero-Trust” doctrine of info-sec administrators, it is important to think with the mind of the potential aggressors you are implementing the system to protect yourself against. There will be people who simply do not need access to all levels of a building, and before deciding who should have what level of access, the building itself should be examined to determine points of exposure.

It can be useful to take a map of the structure and break it down into zones of different colors according to the access or security level needed. Then you can decide who can have access and associate time and date restrictions to those identities.

It will generally make sense for the majority of employees to enter and exit through a single point of entry, so as to more easily monitor who is in and out of the building. From there, branch out and look at the rooms inside. Set a protocol in place to make sure everyone has the right level of access for their needs, but nothing more. Modern systems will create a “digital fingerprint” for each person granted access, able to track their movements and any times they accessed specific areas.

 

2. Audit Access

A common trap to fall into is an over-issuing of key fobs or cards over time. As people report losing cards or forget them, it is often simplest to issue another right then and there. Of course, this creates significant security concerns overtime with duplicate access cards potentially being available for malicious use. To manage this, facility admins must either audit the system regularly or set automatic time-out features to the cards.

 

These features could include:

-Access denied if the card has not been used within a set amount of time

-Self-expiration of the card

-The direct connection of the card to a database that will be managed personally or by an administrator

 

In the event that third-party employees require access, a separate database can be created. Using a specific search term for these contractors will differentiate them within the database.

 

3. Perform Periodic Testing and Protocol Assurance

Just like any other electronic system, regular testing and updating of drivers is necessary. Security flaws are repaired through patches by the vendor, and if you fail to update, the potential for threat actors to take advantage of that failure exists.

Furthermore, without the assurance of procedures and protocols surrounding the use of these systems, their value is greatly reduced. For instance, a simple but popular method of building intrusion called “tailgating” relies upon our social tendency towards politeness over security assurance. In this attack, the threat actor simply follows closely behind someone accessing the building and relies on them holding the door for them.

This is actually one of the most difficult to control threats to an access control system due to its simplicity and zero-tech approach. Having multiple layers of security, man-traps, and other fail-safes massively reduces the success rate of “tailgating”. Protocol should assume anyone who cannot present a card or other provided identifier to be a potential threat.

 

Security Technology of South Texas is happy to offer
custom access control and surveillance solutions to the
business security market, designed either turn-key and from the ground up,
or integrated into an already existing series of cameras and access control
structures.

Please contact us through email at admin@gostst.com

or by phone at 210-446-4863 24/7 to schedule a consultation.

GV-VD8700 “Face”

The VD8700 8MP face recognition analytic camera, recently released by Geovision, a world leader in surveillance, features on-board analytics as well as a facial recognition program. The device is able to capture faces and store those images to allow it to initiate alerts to the user if a certain person enters its view.

Geovision’s GV-VD8700  is a ‘Vandal Proof’ IP Dome camera featuring industry leading face recognition technology. Unlike some off-the-shelf solutions, this device features not only person/vehicle detection modes with analytics capabilities, but the power to identify personnel from a database. Up to 10,000 face profiles can be defined in the camera’s database. This database can also be categorized to meet various other needs in the corporate environment, including facilitating customer service, security management and more.

This camera’s facial recognition mechanism is effective within a relatively short distance of 4 meters, and is meant to be used in points of entrance to a facility, but it is able to detect up to 10 faces at a time. A recognition time of just 2 seconds allows quick identification of both VIP guests and potential intruders. Integrated with Geovision’s GV-VMS, this IP camera can also be used to trigger alerts based upon predefined rules, providing improved and reliable security management.

In its outdoor version, the camera features IK10 vandal resistance with IP66 ingress protection. In order to  achieve a better compression ratio while still maintaining high-quality imaging at reduced network bandwidths, the camera supports the H.265 video codec. If intended to be used for night operations, this version of the camera is equipped with an IR effective distance of up to 40 meters. Wide Dynamic Range and Backlight Compensation allow the camera to detect faces in environments with drastic light contrast.

It is able to pan, tilt, and rotate on a 3-axis mechanism; pan 0-350 degrees, tilt 0-75, and rotate 0-340 degrees. It runs on Windows 10 and has support for mobile device access for iOS and Android. Storage is at 2GB for RAM, and 8GB for ROM. The camera can run stand-alone or connected to a Video Management Software (VMS).

Facial recognition and analytics gives an existing system a new edge. Large retail chains use this technology to identify shoplifters, capturing their face when they steal the first time, so that security can be alerted immediately to any time that individual returns. It could also be used on a door, front porch, or any place where you might want to know if a specific person is coming to, and if so, whether you would like to receive an immediate alert about it.

 

To learn more about how facial recognition cameras can help protect your commercial facility, please contact Security Technology of South Texas, Inc. at 210-446-4863 or through the website form: www.securitytechnologyofsouthtexas.com/contact-us

 

Learning to Leverage Biometrics in Access Control Environments

The biometrics ecosystem is evolving at a rapid pace and providing incredible benefits to enterprises that adopt the technology, especially when these now-commonplace features are applied for cybersecurity.

Although people are already familiar with using a thumbprint or facial recognition to unlock their mobile device or complete an online purchase with it, the real power of biometrics extends far beyond these simple features and experiences.

As massive data breaches spilling millions of user passwords and shared secrets become a familiar part of our everyday lives, so does the reality of malicious hackers leveraging these credentials to cause widespread damage. Due to the sheer number of compromised user credentials available from these spills identity theft is at an all-time high, potential GDPR fines loom over many organizations, and there is an atmosphere of distrust.

This is where biometrics can provide an answer because these features we rely on for convenience can also have a groundbreaking impact on security and privacy. Providing that we follow a hard and fast rule — that biometrics are combined with public-key cryptography.

In order to properly leverage biometrics, however, IT and security teams should first understand the key elements that make it such a powerful tool to combat today’s ever-evolving threat landscape and, how to begin implementing it without requiring a complete overhaul of security infrastructure.

The Biometrics Ecosystem

One of the most powerful aspects of the biometrics ecosystem as it relates to cybersecurity is that it replaces the shared “something you know” factor of user authentication with the difficult to reproduce “something you are” factor. Whereas passwords and shared secrets can be stolen and duplicated, every person’s biometrics are completely unique.

In turn the devices that match biometrics to their enrolled templates have grown in sophistication and are already in our hands. The vast majority of sensors on modern mobile devices have a 1/50,000 minimum false acceptance rate (FAR) which makes it extremely difficult to mimic a biometric template.

Using these sensors paired with standards-based authentication such as Fast IDentity Online (FIDO) protocols that eliminates shared secrets creates significant friction for the bad actors who weaponize credentials for fraud through account takeover. It also disrupts a hacker’s attack vector (and thus their economic model) as they can no longer focus on huge server stockpiles of user credentials and must instead go to individual devices to attempt to obtain a single user’s credentials.

This shift makes it virtually impossible to have the mass credential breaches like the ones we are experiencing on an almost daily basis today.

Select a Use Case and a Secure Model

When launching a biometrics strategy, IT and security teams should look for areas where biometrics can have the greatest effect while creating the least amount of friction, and begin deploying the capabilities there. Oftentimes this is with internal facing applications that don’t directly impact customers. Or, they can take the route of securing consumer-facing apps since biometrics are so popular with their users and consumer devices with advanced capabilities are readily available.

Even the most forward-thinking organizations can balk at biometrics when they think it requires an unmanageable set of changes, such as the addition of special hardware, gutting of associated solutions or the taking on of unacceptable kinds of risk such as custodianship of biometrics.

However, the best way to implement biometrics into the security framework is through a deliberate and gradual process using a solution that is built upon mobile-centric FIDO standards. FIDO-based solutions are built to play nicely with security products already in place, and the strength of the standard ensures that users — not the enterprise — are the stewards of biometrics.

Make User Experience A Top Priority

Finally, despite all of the security benefits the biometrics ecosystem provides, if the user experience is clunky it will be difficult for users to adopt. The good news is that providing an easy-to-use, uniform experience for biometrics is rather simple due to the sophistication of today’s mobile devices. Every employee already has a company or personal smartphone and experience using biometrics to unlock the phone make a payment.

The biometrics ecosystem provides incredible opportunity to create a more secure online world while building upon the experience smartphones have proven to deliver their users. Enterprises that want to roll out biometrics-based services today are poised to fully capitalize on it.

Thanks to the sophistication and ubiquity of the devices, and to the availability of solutions built upon open standards-based decentralized architectures, migrating to a true password-less state is within reach. Once it’s deployed — even on a limited basis — my guess is that the enterprise will begin to see other areas for implementation across the enterprise.

 

Security Technology of South Texas is an authorized integrator for many surveillance and access control manufacturers and has designed systems with this kind of functionality. Biometrics is particularly useful in enterprise scale operations, various campuses, as well as car dealerships or any other large property where tight security is necessary.

Please contact us at  admin@gostst.com on our website
or via phone at  210-446-4863   24/7

Intelligent Video Solutions: Why Not Go DIY For Your Security

In the same way that in order to keep our health, most recognize the value of seeing a medical practitioner regularly for checkups and necessary tests. Perhaps somewhat surprisingly, many enterprises do not carry this philosophy with them and into their security environments. They might budget for product yet not budget for professional services and assess performance of those products to determine the risk of a breach.

Taking a “set and forget” attitude to security systems can cause a system of sub-optimally configured and deployed security tools. Not properly integrating, testing, and re-integrating is a part of why some of today’s enterprises find “themselves with massively complex, disparate and expensive-to-manage security infrastructures that, when all is said and done, are largely ineffective against modern adversaries.”

Some organizations assume that original equipment manufacturers (OEM) should be the best resource and point of contact for deploying, optimizing, and fine-tuning their security services and platforms. But OEMs are simply the manufacturers and not security systems integrators (SSIs).

This tends to limit their knowledge to only their particular suite of technology, and because it is typical for a mid-range and larger commercial project to require integration between the equipment of multiple manufacturers. This is the kind of work that we do here at STST and through our professional integrations services, we can “provide strategic guidance on infrastructure rationalization and optimization.”

Adopting a DIY approach or trying to have a tech-savvy employee handle it all internally is one of the quickest ways to fall prey to a data breach. Using existing, internal staff to deploy and integrate new tech can lead to problems from configuration issues, sub-optimal overall performance, to of course all out system failure. Some studies from OEMs suggest that as many as 95% of clients who experience a data breach set up and integrated their systems themselves.

Aside from all this, using an SSI to plan-out, source, design, implement, and test your access control and/or surveillance project is much more likely to save you money in the long or even short run.

Having a company of specialists such as STST always in your contacts gives you the peace of mind that the people who built your system, and therefore have a much more intimate knowledge of it, will be around to service your project moving into the future.

A poorly installed “DIY” system may not only waste money in that it may simply be of poor quality or poor design implementation, but also keeps your company at risk to the attacks and break ins you were trying to prevent in the first place.

From schools, offices, clinical facilities, HOA pools and much more, STST has the knowledge and experience to install or effectively upgrade existing infrastructure in a meaningful way that will hold together and ultimately, get results.

Even though huge volumes of video data are collected every day, most statistics indicate that only 10 percent of this data is ever used. The majority of data collected loses its value very quickly after being generated. The reason for this? Our primary focus tends to be delivering the correct information in a crisis or providing it as evidence after criminal activity has taken place. This causes much data to be “wasted” in the sense that we lose our on the opportunity to perform useful analytics.

Video analytics is an increasingly powerful tool. It helps to improve usability of these vast amounts of video information. Analytics software acts as the “brain” of a surveillance system and is built into IP cameras themselves or processed in separate computing infrastructure. This creates a smarter system that “knows” what it sees and alerts guards to potential threats as soon as an alarm rule or condition is met. Analytics gives operators the chance to act faster and more efficiently with better intel.

Video analytics is like an ever-vigilant system operator within the security system itself. It captures data like a panopticon, seeing all in every monitored scene around the clock. Content analysis information, a form of video metadata, is stored as well. As they reduce operating costs and increase efficiency, intelligent cameras deliver a solid return on investment which can be measured in tangible results to the business or other setting in which it operates.

Let’s take a look at what exactly is possible using intelligent video:

Smart IP cameras are able to classify the objects they see on their own. Objects entering or leaving the scene can be identified as a person, car, bike, truck, or other object. Because the camera can differentiate objects, it can be told to only alert in the case of a break-in, ignoring things like leaves in the wind or animals wondering through. New low-light cameras allow color-filtering even in scenes with very little ambient light. Even at night, color detection is possible in this way.

Alarm detection can be set to be even more specialized. Rules can be configured to look for specialized behavior patterns such as fighting, running, loitering, path following, abandoned luggage, entering an area, and more. The alarm engine in each camera coordinates with the others in a logical way to interpret this information and determine threat status. All this allows for a very robust alarm condition solution and prevents false and missed alarms.

What’s more, stored metadata enables forensic analysis at a later time. This means that retroactive searches for a specific car or person is possible even if it was not a determined item of interest until well after the event was recorded. Metadata is compact and only barely adds to the size of recordings. It is quick and easy to search through to find a specific event.

The logical next step is to continue to improve analytics for video metadata until we approach 100 percent practical use. Predictive analysis of human traffic patterns can predict shoplifting and identify potential events before they take place, and the more data that can be made useful the more accurate these types of predictions will be.

The same technology can monitor customer dwell time at different displays in a store and determine the effectiveness of in-store advertising and product locations. Analyzing customer engagement with these displays can help increase customer engagement with products and lead to increased sales and revenue. As the IoT expands, this type of technology will be more and more critical as there will be many more points of data to analyze. There is no way to fully anticipate the eventual effects this will have on our industry or the world at large.

 

Please contact us through email at admin@gostst.com

Through our website form

Or via phone at  210-446-4863   24/7