By HID Global
From the August 2013 issue of Today’s Facility Manager
Technology advances, escalating security threats, and the desire to put more applications on access control solutions, while also moving these capabilities to mobile devices enabled with near field communications (NFC) functions, are prompting many organizations to upgrade their infrastructure. Migration to new solutions pays off in a much higher level of security for people and property, plus operational efficiencies and cost-effectiveness, and an improved user experience.
The NFC Forum describes NFC technology as a short-range wireless connectivity technology (also known as ISO 18092) that provides intuitive, simple, and safe communication between electronic devices. As the NFC Forum describes, communication occurs when two NFC compatible devices are brought within four centimeters of one another. Payment is the most prominent initial NFC application, but by no means the only one. NFC is fully compliant with the ISO standards governing contactless smartcards, making access control an ideal next application for the technology.
Eyeing The Perimeter: Shopping Malls
By Paul Such
Shopping malls are open, inviting spaces—a respite from everything but fun and avid consumerism. Facility professionals know, however, that these spaces also afford criminals a myriad of temptations, from theft to credit card scams, even to unimaginable horrors such as occurred at the Century movie theater in Aurora, CO. Because the threats differ widely, those involved in mall security must balance the need for a visible police presence against the public’s need to feel at ease. To that end, cameras have been and continue to be indispensable tools.
Today’s malls cover massive amounts of square footage and usually have long “arms and legs” that grow out of open spaces and corridors, providing many nooks and crannies for criminal activities. Labyrinths like these mandate the need for surveillance technology that provides 100% coverage. For maximum effectiveness, cameras must be able to track suspects in real time and see in a full 360° arc, as well as allow for retrospective analysis and portability—and, the scene must be available for panning, tilting, and zooming by multiple users in both real time and in review.
To accomplish this, it is necessary to use the widest range of video technologies available. Immediately after 9/11, most large malls were equipped with a multitude of cameras, many of which were fixed, pan-tilt-zoom (PTZ). But this approach isn’t cutting it anymore. Retail crime, like shoplifting, is the tip of the iceberg. According to a 2012 National Retail Federation report, 96% of retailers are experiencing escalating retail crime ($12 billion a year in the U.S. alone).
Another common example of nefarious behavior is credit card fraud, during which a group of people enter separately, meet up, and share information. In these cases, law enforcement isn’t immediately looking for the detail of their faces, but they need the ability to track the group, and if they have to switch from one camera to another, the trail is lost. Wider views provide security pros with situational awareness; they can see 10 to 15 shop doors with one camera, making it easier to understand an incident live or retrospectively. The same need applies to parking lots, so cameras are ubiquitous because that’s where most armed robberies occur.
“Organized retail crime deals with merchandise,” says Joe Marcello, executive vice president of IPC International, a security firm that specializes in the protection of retail centers and business properties. “They use the same modus operandi as a credit card scammer; they come in from the parking lot, use distraction as a tool, and maximize their take,” he adds.
For parking lots, a 360° camera can be placed on the external corner of a building to give the ability, in effect, to see around corners. When mounted on a light post, the field of view could be upwards of 300′ in any direction. With current technology, if an incident is reported quickly, cameras can find and follow criminals right out the door, which could lead to an immediate arrest. And the ability to follow criminals back to their cars reveals their license plates.
In today’s world the very worst fear of those protecting our malls is an active shooter. “There aren’t any principles or best practices with these guys,” says Marcello. “It could be a person with issues, a lone wolf in a real sense but not necessarily for ideological reasons, or it could just be illness. With these people, there isn’t a lot of forethought so it’s impossible to do pre-operational security, only retrospective analysis. But cameras are a deterrent, and 360° cameras catch everything all the time.”
Marcello believes that as malls upgrade, they’ll use 360° equipment with retrospective abilities. “When 360 is more commonly used, evidence will be gained and prosecutions made,” he says. “[These] cameras will always be in the right place.”
Such is vice president of sales for Europe and the Middle East at Global technology firm Oncam Grandeye.
Meanwhile, high frequency contactless technology provides greater card and reader protection, plus encrypted data storage for additional card data security. This can be used for a variety of applications, from opening doors, accessing computers, and using time and attendance and secure print management systems, to paying for meals or transit fares and making cashless vending purchases.
Current high frequency contactless systems improve security through mutual authentication and cryptographic protection mechanisms with secret keys and secure messaging protocol delivered on a trust-based platform of interoperable products. These solutions feature multi-layered security and privacy support that prevent cloning and tampering and are also portable to NFC enabled mobile devices.
This mobile capability will enable a more streamlined and hassle free security experience for users who can carry all of their credentials on their phones. Mobile access control will be implemented within a secure mobile identity environment, including a communications channel for transferring identity information between validated phones, their secure elements, and other secure media and devices. Users will be able to receive digital keys on smartphones that operate with the infrastructure’s readers and locks and support numerous security levels and associated access rules. NFC enabled locks could give time limited access to sensitive areas.
And when higher security is necessary, two factor authentication could be dynamically invoked. An application could be pushed to the phone that, for instance, requires the user to enter a four digit PIN or to perform a gesture swipe before the door will open.
Whether on a card or mobile device, there are advantages to giving users a single solution for securing everything from the cloud to data to doors. It enables strong, multi-factor authentication throughout the IT infrastructure on key systems and applications, rather than just at the perimeter. It also enables an organization to leverage its existing credential investment to add logical access control for network log-on and create an interoperable, multi-layered security solution across company networks, systems, and facilities. And it simplifies the addition of future applications that further improve security, such as fingerprint, iris, hand geometry or other biometric templates that can be stored on the card for additional factors of authentication.
Making the Move
An investment is required when migrating to higher security, but there is the return on investment (ROI). The ROI may be tangible, such as through improved insurance premiums due to better risk management. Benefits can also be intangible, such as the cost savings associated with security breaches—something that could impact an organization’s workforce or customers, and present legal and reputation issues.
The benefits of a single card for multiple applications also yields long-term cost savings from greater convenience and improved management efficiencies, along with the ability to preserve access control infrastructure investments as organizations move to new features, regulatory compliance, and/or other capabilities without a “rip and replace” infrastructure overhaul.
ASIS 2013: Spotlight On Security Best Practices
Facility managers (fm) are very aware of the evolving importance of security for their regular occupants and visitors as well as their physical information assets. Even if physical security or cybersecurity is not an fm’s primary responsibility, it is critical to have an understanding of key facets of the functions and the role they play in ensuring the overall safety of a property.
The ASIS International 59th Annual Seminar and Exhibits (ASIS 2013) is set to take place September 24-27 at the McCormick Place in Chicago, IL. This event is a comprehensive place to access the tools and techniques required to protect life, property, and information. And for the third consecutive year, (ISC)2, the largest not-for-profit membership body of certified information security professionals worldwide, will co-locate their Security Congress with ASIS 2013. Education sessions and exhibits are open to registrants of either event.
Fms who attend will have access to a broad scope of security management knowledge, best practices, and experienced practitioners through more than 200 educational sessions and networking events. The exhibit floor will showcase products and services from 700+ providers and will feature free learning opportunities at the Solutions Theater, poster sessions, and Tech Trends, non-vendor specific 30-minute presentations.
A new benefit this year for “Exhibits Only” registrants is free admission to the ASIS keynotes on Wednesday and Thursday, which include Silicon Valley icon and philanthropist Steve Wozniak and The Honorable John Winston Howard, the 25th Prime Minister of Australia.
For information about registration, program details, and housing, visit www.asis2013.org.
There are several prerequisites for moving to a high frequency contactless smart card platform. The first is to choose a platform with an open architecture, including open application programming interfaces (APIs). This helps to ensure easier system integration, more procurement flexibility, simplified expansion, and scalability.
The second requirement is a multi-technology solution that limits disruption to day-to-day workflow. Multi-technology cards bridge the gap between legacy systems and secure contactless technology, while multi-technology readers deliver flexibility to support various types of credentials. Facility managers (fms) should also make sure their standards based smart card system is interoperable for portable to NFC mobile phones.
It is also critical to consider secure issuance. Fms should plan ahead for multi-layered validation and system security capabilities. Printers, card materials, and software can incorporate critical visual and logical technologies for more trustworthy authentication and to help deter tampering and forgery. Besides card security, it is also important to protect the integrity of the overall issuance system by taking into consideration the physical components, the system’s electronic security, and the data on the print ribbon panels.
In addition, it is important to select the right migration partner and to conduct a thorough site survey. The site survey should cover a number of issues, from the security needs of specific facility areas, to whether there will be applications beyond opening doors, to future requirements for interoperability, upgrades, and/or compliance driven risk management.
Also important to evaluate are mobile plans, including how the organization envisions deployment and whether it will be using the Bring Your Own Device (BYOD) mobility model. [To read about considerations for BYOD policies for facility staff, see the Professional Development article from the August 2013 issue of Today's Facility Manager. It will be available September 10, 2013.]
High frequency next generation smart card technology not only increases security, but also provides cost and efficiency benefits, while paving the way for mobile solutions that provide even better protection for people and property, along with a hassle free security experience for users.
HID Global, an ASSA ABLOY brand, provides secure identity solutions for a variety of facility types and applications.