Identity management

LuxTrust, a European specialist in trust services and digital identities, and Shanghai Genyan Network Technology, a pioneering provider of digital identity management, electronic signature and electronic seal solutions in China, announce their partnership and create a unique market offering. This new service - focused on data sovereignty - provides secure and compliant electronic signature solutions for businesses operating under the jurisdictions of the European Union and China. The result? Transcontinental contractual processes are facilitated, accelerated and secured. Addressing international compliance challenges LuxTrust, Shanghai Genyan Network Technology and Whale Cloud, the integrator of Qiyuesuo, joined forces to simplify electronic signature processes in complex legal environments. This partnership enables companies to easily navigate between EU and Chinese regulations, ensuring compliant signatures despite stringent legal processes. The current lack of solutions makes electronic signatures between a Chinese and a European The current lack of solutions makes electronic signatures between a Chinese and a European company overly complex, requiring costly travel and local regulations that are not always straightforward to understand and navigate. Unique in its regulatory coverage, this interface offers a seamless user experience, integrating electronic signature flows into existing business ecosystems. It also spares users the need to switch platforms, improving efficiency and reducing errors. Legal sovereignty and reliability Thanks to this collaboration, companies benefit from jurisdictional sovereignty. For each contract, companies sign within the appropriate jurisdiction: in China for Chinese contracts and in the EU for European contracts. Companies use their usual platform (COSI for the EU, Qiyuesuo for China) to sign, ensuring compliant and legal signatures regardless of location. This partnership is unique as it ensures mutual digital identities for each region This partnership is unique as it ensures reciprocal digital identities for each region - Chinese companies use a LuxTrust digital identity to sign in the EU via Qiyuesuo, while EU companies use a Qiyuesuo digital identity to sign in China via COSI. This approach ensures legal compliance, thereby enhancing the reliability and legality of international transactions. EU and Chinese legal requirements For Fabrice Aresu, CEO of LuxTrust: "This partnership, in collaboration with Shanghai Genyan Network Technology and Whale Cloud, is a real asset for European and Chinese companies. It combines the experience and expertise of pioneering players in their respective fields, addressing a wide range of use cases from the military sector to banking, for small and large enterprises alike." "We look forward to leveraging the professional expertise of both LuxTrust and Whale Cloud through our collaboration to provide electronic seals and contracts that comply with EU and Chinese legal requirements for business interactions between Chinese and European companies. Together, we aim to offer legally valid electronic signature products and solutions to global clients," said Tang Xingkun, CEO of Shanghai Genyan Network Technology. Financial benefits for increased efficiency In addition to operational and legal advantages, the alliance between LuxTrust and Shanghai Genyan Network Technology also offers significant financial benefits for businesses. By streamlining contractual processes, companies can reduce their administrative costs while maintaining a high level of efficiency and security. This profitability-focused approach allows companies to achieve substantial savings while improving their productivity and competitiveness in the international market. "As an expert in digital transformation, Whale Cloud is delighted to drive the integration of Qiyuesuo and LuxTrust in the electronic signature sector, leveraging our technological expertise and industry experience. This collaboration aims to drive global technological innovation and foster seamless integration, setting new standards for digital trust services worldwide," added Wu Pan, General Manager of Whale Cloud for the European region.

Telaeris, Inc., a pioneering provider of handheld solutions for Physical Access Control Systems (PACS), announces its new XPressEntry handheld badge and biometric reader support for all HID Mobile Access® solutions including HID employee badge and Student ID in Apple Wallet. Traditional credentials are easily lost or forgotten creating a variety of physical security risks. In response to these challenges, organisations can now improve physical security and convenience by issuing mobile credentials on smartphones which are always in their users’ possession and are less likely to be lost in workplace and educational settings. Implementations of digital credentials Safety and physical security professionals can rely on Telaeris and XPressEntry to solve XPressEntry is a critical component of the mobile credential revolution and ensuring identity has never been easier and more secure with a digital wallet. Most campus or facility implementations of digital credentials will be incremental, with both legacy badges and new mobile credentials being used and deployed in parallel.  Without the ability to visually inspect traditional credentials like before, the need to challenge and communicate with mobile credentials, as well as legacy badges using the identity information on record in the access control, becomes even more important. Safety and physical security professionals can rely on Telaeris and XPressEntry to solve these new and unique opportunities. Credentials in digital wallets In higher education settings, existing mobile campus one-card credentials are similarly being transitioned to credentials in digital wallets. These credentials stored in the digital wallet are utilised at universities and colleges as an integrated ID, payment, and access solution. This means that XPressEntry can be used by guards and administrators to track students for event entry, attendance, emergency accountability and more. Existing mobile campus one-card credentials are similarly being transitioned to credentials in digital wallets "The smartphone will be the home for any credentials in the future; credit cards, government IDs, student IDs, passports, and access control credentials are all moving into the digital wallet, and we are ready," said Dr. David Carta, CEO of Telaeris. "We are thrilled that XPressEntry is among one of the first handheld, mobile readers to work with HID employee badge and Student ID in Apple Wallet. Telaeris is a proud, longtime HID partner and we will continue to innovate and add value to this important relationship." Specific safety and security challenges Telaeris‘ XPressEntry handheld badge and biometric readers enhance access control and security management by providing a flexible, mobile solution that goes beyond traditional door readers and addresses specific safety and security challenges. Handheld Badge Verification: Superior security with handheld authentication to confidently control access to and manage any secured space plus ENTRY/EXIT tracking. Emergency Evacuation Mustering: Ensure everyone is safely accounted for during a true emergency to improve evacuations, employee safety and OSHA/regulatory compliance. Corporate Events & Training: Use existing security badges for access management to manage attendees and deny access when necessary to events and training. Handheld Biometric Verification: Superior security with biometrics and multi-factor authentication to deliver enhanced identity authentication in high-security areas. Workplace Surveys: Pre-screen workers with questions and deny access when necessary to help prevent the spread of illness and to keep the workplace safe. Other Use Cases: Time and Attendance, Confined Space Management, Bus Entry Validation, Guest / Visitor Tracking, Remote Parking, Mobile Enrolment, and more. Solution for access control systems “The Telaeris‘ XPressEntry handheld badge readers with HID credential support including HID Mobile Access and HID employee badge and Student ID in Apple Wallet is a game changer in the handheld verification market”, said Rick Winter, Sr. Manager & Embedded Mobile BDM of Extended Access Technologies at HID. “Real-time personnel image verification and ACS integration provide the customer flexibility and convenience to manage emergency evacuation mustering, corporate events & tracking of training, and on-prem/campus employee/visitor management validation, which enhances the security and safety of their facility.” XPressEntry handheld readers proudly lead the industry with the most access control integrations, proudly lead the industry with the broadest support for badge technologies plus biometrics and facial recognition, and the industry's first handheld solution for access control systems with Android 13 revealing enhanced security and performance.

Israeli startup company Revealense has unveiled a groundbreaking AI-based technology platform called Illuminator, designed to identify the behvaioural DNA of individuals using video analysis. The system has the potential to transform decision-making processes for managers, investigators, psychologists, and researchers by providing high-quality bias-free, and precise insights, with accuracy rates of up to 92%.  Human behvaiour analysis The technology is a significant advancement in the analysis of human behvaiour and has been patented for several breakthroughs in the field. Founded in November 2021 by Dov Donin, the CEO, Revealense has assembled a team of experts in psychology, neuropsychology, mathematics, AI, computer vision, and neural networks. AI-based illuminator system The illuminator system utilises artificial intelligence to analyse the behvaiour of individuals captured on video Every individual possesses unique personality lines and emotional and cognitive responses like a fingerprint. The illuminator system utilises artificial intelligence to analyse the behvaiour of individuals captured on video, whether live or recorded. It can accurately identify the specific context of the video, such as a job interview, credibility check, investigation of a hostile person, or diagnosis of a mental state, and activate the appropriate algorithms for the situation. Real-time monitoring The system also provides real-time monitoring of physiological characteristics, such as changes in skin pigmentation, blood flow, pulse, voice, eye blinking, facial expressions, and signs of neural discharge. These indicators allow the system to assess the emotional and mental state of the individual and identify the specific content that triggered a nervous reaction or stress. Mental DNA signature The technology produces a unique "mental DNA signature" of the individual, enabling managers, investigators, psychologists, and researchers to make bias-free, fair, accurate, and high-quality decisions. Unlike other solutions on the market, the illuminator integrates a neural network that cross-references various parameters to verify findings, ensuring consistency and calibration of results. This approach addresses the limitations of existing solutions that track only one or a few indices without mutual checking between them. Unbiased insights The technology used is a breakthrough in the analysis of human behvaiour and has been patented Because Illuminator incorporates ethical, responsible, and fair AI that neutralises cultural influences, it provides unbiased insights without the influence of geographic region, religion, language, nationality, or race. The technology used is a breakthrough in the analysis of human behvaiour and has been patented for several innovations in this field. Identifying behvaioural profiles “AI provides new opportunities for improving the lives of people around the world. However, existing AI solutions often base their analysis on inaccurate and missing data leads." "With Illuminator, we provide a comprehensive solution for identifying behvaioural profiles and personality characteristics of individuals. This gives decision-makers powerful tools to understand others and make accurate, fair, and equitable decisions,” said Dov Donin, the founder and CEO of Revealense. SaaS model “The system is easy to implement through a cloud service model (SaaS) and can scale according to any need. For example, it can examine the development of mental trauma, identify the potential for violence, diagnose reliability, and many other use cases." Due to the need for a responsible way of analysing human behvaiour, Revealense already has several customers around the world, with significant growth potential in several market segments. Institution and Homeland Security applications Revealense identifies mental states, assists in the treatment process, and identifies causes of trauma For mental health institutions, Revealense identifies mental states, assists in the treatment process, and identifies causes of trauma and anxiety. This market is expected to grow by 30% annually to reach $20 billion in the US by 2027. Homeland security organisations can use the Illuminator platform to fulfill several requirements. These include interrogation rooms and remote checking of people's reliability and profiles. This market is expected to reach $20 billion in the US by 2025. Cyber defence market With a 550% increase in deep fake attacks since 2019, the reputational and financial damage caused by these videos is significant. In the US, the cyber defence market against deep fake content is expected to reach $40 billion by 2030 across governmental, media, finance, and other industry segments. Revealense's illuminator technology is poised to make a significant impact in these markets, providing valuable insights and solutions for a wide range of applications.

Next DLP (Next), a pioneer in insider risk and data protection announced the launch of Secure Data Flow, a groundbreaking capability within the Reveal Platform that uses the "What, Where, Who and How" of data’s origin, movements and modifications to provide unparalleled protection. Revolutionising data protection In a rapidly evolving digital landscape, legacy data protection technologies are falling short. They rely heavily on pattern matching, regular expressions, keywords, user-applied tags, and fingerprinting, which can only cover a limited range of text-based data types. Secure Data Flow overcomes the limitations and complexities of legacy Data Loss Prevention (DLP) by complementing traditional content and sensitivity classification-based approaches with origin-based data identification, manipulation detection, and data egress controls. This results in an all-encompassing, 100% effective, false-positive-free solution that simplifies the lives of security analysts. Secure Data Flow Employees download an average of 30GB of data each month from SaaS applications to their endpoints Recent studies show that employees download an average of 30GB of data each month from SaaS applications to their endpoints, including mobile phones, laptops, and desktops​ (Productiv)​​ (Vendr)​. This staggering volume underscores the critical need for advanced data protection measures. By tracking data from its origin as it flows to sanctioned and unsanctioned egress channels within an organisation, Secure Data Flow equips security teams to prevent data theft and misuse effectively. Data protection and risk management “Secure Data Flow is a novel approach to data protection and insider risk management,” said Ken Buckler, Research Director at Enterprise Management Associates. “It not only boosts detection and protection capabilities but also streamlines the overall data management process, enhancing the fidelity of data sensitivity recognition and minimising endpoint content inspection costs." "This advancement is particularly vital given the limitations and inefficiencies of traditional legacy DLP solutions, providing a much-needed capability to more effectively safeguard sensitive data in today’s diverse technological environments." Key benefits of Secure Data Flow Comprehensive Data Tracking: Secure Data Flow secures the flow of critical business data from any SaaS application, including Salesforce, Workday, SAP, and GitHub, ensuring that sensitive information is always protected. Enhanced Data Protection: By using data origin and sensitive data identification, Secure Data Flow safeguards your company’s intellectual property and sensitive data from accidental loss and malicious theft. Insightful Investigations: Security analysts investigating malicious data exfiltration gain invaluable contextual insights into data origin, manipulation, and lineage, enabling them to identify, investigate, and report on data security risks and incidents with unprecedented accuracy. A new era in data loss prevention "In current IT environments, Intellectual Property (IP) commonly resides in an organisation’s SaaS applications and cloud data stores,” said John Stringer, Head of Product at Next DLP. "The risk here is that high-impact data in these locations cannot be easily identified based on its content. With Secure Data Flow, we help organisations protect their IP by capturing the data’s origin and using that information to track data movement and prevent data theft.”  Powerful and easy to use With Secure Data Flow, Reveal sets a new standard for data protection, offering a solution that is both powerful and easy to use. It ensures that organisations can confidently protect their most critical data assets with confidence, regardless of their location or application.

SailPoint Technologies, Inc., a pioneer in unified identity security for enterprises, launches innovative AI-powered application onboarding capability. This new capability will be seamlessly integrated into SailPoint Identity Security Cloud and will simplify the process of integrating critical business applications. By automating the onboarding process, SailPoint will simultaneously deliver faster time to value, critical security of business applications, and improve the user experience. Identity security solution Most organisations have hundreds to thousands of applications, and onboarding those applications into an identity security solution can be costly and time-consuming, particularly if the organisation lacks the personnel or technical expertise to handle the process in-house. This challenge has traditionally forced businesses to prioritise onboarding only their business-critical applications, such as Salesforce or Workday while leaving the rest of their applications unmanaged and vulnerable to exposure. Visibility  The capability automatically discovers applications, increasing visibility across the environment The SailPoint application onboarding capability leverages the power of AI to automate this process, reducing time and the complications typically associated with application onboarding. The capability automatically discovers applications, increasing visibility across the environment. After applications are discovered, administrators can easily choose the connection method from hundreds of options, or get smart, AI-driven recommendations based on SailPoint application usage insights and best practices to select and deploy an effective connector or integration to fulfill access security needs for each application. AI-powered recommendations SailPoint application onboarding also generates AI-powered recommendations that can help map identities to accounts. Identifying these correlations can be time-consuming and automating the process will dramatically streamline the onboarding process and is expected to reduce the mapping time by up to 70% on average. This helps free up IT and security professionals to engage with more business-critical tasks. SailPoint Identity Security Cloud Business SailPoint’s new application onboarding capability will be added to SailPoint Identity Security Cloud Business and Business Plus at no extra cost to existing customers, dramatically enhancing the value of what SailPoint believes is an already best-in-breed solution. The time and cost associated with application onboarding have traditionally been a significant roadblock for businesses seeking to implement an identity security solution. These new capabilities will allow customers to enjoy the full value of SailPoint Identity Security Cloud across their business applications as quickly as possible.   Manual application onboarding Applying core identity security functionality to applications that businesses use every day is key to a solid security posture Applying core identity security functionality to applications that businesses use every day is key to a solid security posture. Finally, because application onboarding is automated, it is highly scalable and capable of integrating new applications with minimal need for human intervention. “Manual application onboarding can be an arduous process for today’s businesses, sometimes taking weeks or even months to complete,” said Grady Summers, EVP, Product, SailPoint. Digital ecosystem “Our new capability is expected to allow customers to shorten that process to hours or days, enabling their business-critical applications to be brought safely under their identity security umbrella with a minimal investment of time or energy." "Automating this process will make it easier for customers to implement effective identity security capabilities across their entire digital ecosystem.” Resources SailPoint’s new application onboarding capabilities will go live on June 30 for SailPoint Identity Security Cloud Business and Business Plus customers.

SailPoint Technologies, Inc., a pioneer in unified identity security for enterprises, unveiled a series of new features and capabilities in its Data Access Security and Non-Employee Risk Management offerings within SailPoint Identity Security Cloud. Updates to these add-on capabilities offer customers increased visibility and security across all varieties of identity types and their access to critical data, enabling a strong enterprise-class identity security programme. Data Access Security Designed as a cloud-native solution on the Atlas platform, SailPoint Data Access Security provides customers with holistic visibility of access to unstructured data such as text files, presentations, IOT logs, PDFs, and more. SailPoint continues to expand its Data Access Security capabilities with integrated data access certification, activity monitoring, and sensitive and regulated data classification. With new resources at their fingertips, customers gain improved visibility and deeper context on critical data to help secure sensitive information as a core component of their identity security programme. Updates include Organisations can review and certify access to sensitive, regulated, and critical data. These expanded certification capabilities help organisations easily identify over-provisioned access, meet complex compliance requirements and regulations, and ensure that only authorised users can access critical data – all while proactively managing secure access.  Activity Monitoring: New activity monitoring capabilities enable organisations to track and analyse activities taking place on data assets in real-time, giving security teams improved visibility along with the tools they need to identify anomalous activity. Organisations can monitor activities and better inform governance decisions to minimise risky access and holistically reduce their attack surface. Sensitive and Regulated Data Classification: Customers can leverage out-of-the-box data classification policies and predefined classification rules within their environment to automatically classify and catalog regulated and sensitive data. This includes personally identifiable information (PII), payment card information (PCI), medical records regulated under HIPAA, and information covered under data protection laws like GDPR. Organisations can also catalog content based on internal identifiers and dynamic policies to secure intellectual property, parented information, and classified restricted content.    Non-Employee Risk Management Non-Employee Risk Management enables customers to better manage identities and access for third-party non-employees SailPoint Non-Employee Risk Management enables customers to better manage identities and access for third-party non-employees, an emerging threat vector for enterprises. New updates drive better time-to-value and productivity for customers, helping to rapidly establish configurations for common non-employee identity types. Updates include Non-Employee Risk Management QuickStart Templates: Customers can use QuickStart templates, pre-configured setups, to address their non-employee onboarding, modifying, and offboarding identity requirements to drive efficiencies. Enterprises can instantly focus on managing non-employee identities effectively, enabling enterprises to reallocate critical IT resources. New Language Expansion: Non-Employee Risk Management offers additional language support for Traditional Chinese, Brazilian Portuguese, and Korean, providing additional global support for the non-employee identity solution. Improving security “SailPoint’s Non-Employee Risk Management solution has given us a single source of truth for a range of identities, from fixed-term contractors to machines,” said Evan Fraser, Enterprise Architect, Absa Bank Limited. “This complements our identity management processes for employees, streamlining onboarding and provisioning while also improving security.” Additional enhancements to SailPoint Identity Security Cloud Recent updates to SailPoint Identity Security Cloud help customers better manage and secure identities, with a keen focus on strengthening inactive identity management.   New features include Management of Inactive Identities: Users can classify and define inactive identities via designated identity states within SailPoint Identity Security Cloud to better mitigate the risk of delivering access to the wrong identities. The new feature allows customers to designate identities “inactive” from select functionality in the product, improving user experience and performance. SailPoint expects customers will benefit by having an increasingly accurate view of their managed identities and better security in their solution. Account User Interface (UI) Improvements: SailPoint has a redesigned Identity UI to give users a scalable and comprehensive way to manage and access items through a single pane of glass. This compact and configurable new experience offers added capabilities, such as the attribute-copy tool, and is auditor-friendly, delivering an enhanced identity management experience to all customers. Enterprise-class solution “Enterprises need a holistic view into their vast and varied identity landscape and their complex access needs across every application, and the data within those apps,” said Grady Summers, EVP, Product, SailPoint. "These new Data Access Security and Non-Employee Risk Management updates further underscore our continued commitment to supporting our customers with an accelerated, enterprise-class solution, driven by the strong and dynamic governance needed to help safeguard every type of enterprise identity.” Availability All capabilities will be available to current customers this month (June 2024).

As we head into a new year, it’s fair to say that it isn’t easy out there for the security integrator community. That’s understandable given the big ruptures felt in the market for physical security in 2023. Typically, Commercial Real Estate (CRE) landlords are the biggest and most influential buyers of physical security hardware and software, but this is starting to wane as heightened borrowing costs and biting inflation cause real estate valuations to plunge. Building security upgrades A lot of CRE landlords are in a fight for survival which unfortunately doesn't leave much room for budget spend on building security upgrades. This state of affairs is a problem for security integrators with extensive connections in the CRE space. Where do they pivot their services to keep their business growing in 2024? From the conversations I’ve been having with integrators and customers alike over the past few months – the answer is that the growth potential lies in the enterprise space. The trajectory of enterprise IT and physical security Aren’t enterprises carrying out cost-cutting efficiency drives and downsizing office space to reflect hybrid working It might initially feel unnatural to see the enterprise segment as a potential driver of demand for physical security services and products. Aren’t enterprises carrying out cost-cutting efficiency drives and downsizing office space to reflect hybrid working habits? These things are true but also present an opportunity for the right physical security proposition. Standardisation of enterprise IT Take efficiency drives as an example. A key element of such efforts is an acceleration towards the standardisation of enterprise IT platforms, hardware, and solutions, using the cloud. What was once a focus on moving on-prem systems and workloads to the cloud has shifted to efforts to keep cloud OpEx costs down by centralising as much as possible. Practically, this means utilising APIs to plug disparate IT applications and services into central platforms that boast a “single pane of glass” view. APIs APIs drive consumption, open new business models, and foster cross-industry partnerships APIs aren’t anything new to enterprises. They drive consumption, open new business models, and foster cross-industry partnerships. However, the use of APIs in the physical security sphere has been surprisingly slow to take off. There are multiple elements to this but a key reason is that some security software products on the market aren’t cloud-based. Adding cloud-based solutions to network Others are cloud-based, however, and these are the solutions that security integrators need in their portfolio to serve the influential enterprise market segment and its approach to IT networks. Selling the value of these solutions requires integrators to take it a step further by speaking the language of the enterprise IT buyer and understanding their goals. The power of cloud-based access control in the enterprise Hybrid working and the occupancy rate fluctuations it brings require closer monitoring of access events The continued relevance of physical security for enterprises can’t be understated. After all, hybrid working and the occupancy rate fluctuations it brings require closer monitoring of access events – not less. Despite the discourse around office downsizing, the reality for most enterprises is that the office can’t be done away with completely and there’s always going to be growth experienced by successful companies that require an upgrade in physical square footage. Physical security  Access control systems that are cloud-based will be preferred by the enterprise to fulfill the essential function of physical security. That’s because they align with the push towards centralisation in the cloud that enterprises are carrying out business-wide. Access control has the potential to result in lots of disparate dashboards and apps. Think video management, license plate recognition, building management software, elevator monitoring, hot desking solutions, guest booking software, room booking functions, and more. Uniting all of these functions in one platform suits enterprise security teams well. Access control solutions Linking employee databases to an IAM solution, or creating seamless experiences by tying access credentials But this only scratches the surface. Access control solutions that can be integrated with hugely popular corporate software applications like Okta, Azure Active Directory, and Google Workspace quickly catch the eyes of enterprise IT security teams by pulling in the same direction as the broader tech stack. Whether it’s applying AI analytics to anomaly detection, linking employee databases to an Identity Access Management (IAM) solution, or creating seamless experiences by tying access credentials to things like meeting room bookings, it’s through APIs that cloud-based access control can thrive in an enterprise setting. Security integrators It’s worth also noting that as enterprises grow, access control gets harder. Managing the access requirements of thousands of employees across a global real estate footprint requires the scale that cloud computing is best placed to bring. Security integrators who can join the dots to make that link are well positioned to pivot toward the enterprise. Broadening horizons Concepts like smart access and applying AI to access data to automate the monitoring of occupancy rates This pivot is understandably a daunting prospect but the potential for natural synergy shouldn’t be overlooked. Concepts like smart access and applying AI to access data to automate the monitoring of occupancy rates and security anomalies won’t be completely alien to cloud-first enterprises. That’s an opportunity for integrators to upsell more sophisticated security set-ups in a way that they may have found more difficult with CRE clients and prospects. Tailored propositions It would be remiss to avoid mentioning that ‘enterprise’ is a very loose term that encompasses businesses across multiple industry verticals. To better pivot, security integrators need to offer tailored propositions specific to set verticals that cover all bases as opposed to offer, for example, piecemeal alarm or video product solutions. Enterprise industry verticals Security integrators should be weary of all-encompassing narratives in 2024. Whether or not the global economic picture darkens, there are always going to be pockets of growth within certain enterprise industry verticals. Plus, anecdotally, the indicators point to enterprises being the driver of demand for cloud-based access control as we head into the new year. Integrators who can dial into that shift have a lot to gain and nothing to lose.

When a bomb detonated in the Port of Beirut, I had hundreds of employees under my care inside the blast zone. Within just two hours, I was able to determine who was impacted, understand their safety conditions, and share resources for on-the-ground support—all thanks to mobile technology. For Chief Security Officers, receiving calls like these launches a variety of protocols and necessary decision-making with the safety and security of people and assets as a top priority. And these calls are only becoming more common. Dependence on threat intelligence Mobile phones have dominated the post-COVID environment where people work from anywhere Threats ranging from natural disasters to geopolitical conflicts are becoming more frequent and complicate the responsibility organisations have in keeping their people safe. To meet these needs CSO’s are staying ahead of negative outcomes through creating a greater dependence on threat intelligence. In these times, effective, real-time risk management depends on hyper-local data from technology that is accessible, portable, and dynamic–such as cell phones. Mobile phones have revolutionised the way people live and work. They allow us all to walk around with a computer in our pocket, bringing the world to our fingertips and eliminating digital borders for over 90% of the world's population. Mobile phones have dominated the post-COVID environment where people work from anywhere and have geographically distributed teams but are also more vulnerable to threatening events. Mobile-friendly risk management platforms Mobile technology assigns workers with easy entry to data that can help keep them and their teams safe As we approach 2024, many organisations are adopting comprehensive risk management tools that empower personnel across the organisation with the intelligence and knowledge they need to stay safe wherever they are.  Mobile-friendly risk management platforms, such as Crisis24 Horizon, provide always-on awareness, on-hand threat intelligence, and immediate communications and distress signalling through location monitoring. Users receive location risk assessments and push notifications directly to their devices about nearby issues and threats no matter if they are on or off the job. While only select risk managers have complete control of the platform and all sensitive employee data is protected through encryption, the app distributes critical intel to foster a culture of shared awareness and responsibility. Thus, mobile technology empowers employees with easy access to information that can help keep them and their teams safe. Creating a culture of mobile technology adoption In the last few years, the world has proven the importance of being well-informed of risks and mitigation plans to minimise harm. However, psychological barriers tend to trump physical barriers when it comes to accessing the vast array of tools our mobile devices offer. World has proven the matter of being well-informed of risks and relief plans to minimise harm Adopting this technology and establishing a culture that enforces risk management across an organisation is a daunting challenge that demands substantial commitment from leadership to be successful. Some companies have tackled this challenge by positioning security technology as part of the organisation’s employee benefits package, such as commuter benefits and health insurance, to encourage people to take advantage of these resources and learn how to use them.   Cohesive risk management culture Technology is only as effective as the people whose actions it informs, which is why adoption and integration are so important. When a cohesive risk management culture meets a powerful technology platform, individuals are enabled to receive threat alerts and counter their impacts, letting others know when and how to take the necessary precautions to protect themselves and their team.  For more information on mobile technology and other security trends, check out the Global Risk Forecast, an annual report by Crisis24 that provides a comprehensive analysis of key events around the world most likely to affect operations in the coming year.

These days, business is more collaborative, adaptable and connected than ever before. In addition to offering new identities and access privileges, new applications and data also increase the attack surface available to cyber criminals, hacktivists, state actors and disgruntled insiders. These new identities need to be handled carefully. CISOs must develop an identity management strategy that is consistent across on-premises, hybrid and cloud systems. Good security is built on solid identity governance and administration (IGA) principles. From ransomware to supply chain intrusions, high-profile cybersecurity events frequently take advantage of weak identity and access management procedures. The Identity Defined Security Alliance found that 84% of organisations experienced an identity-related breach during its one-year study period. Robust IGA system Consequently, organisations need to find best-of-breed solutions for each section of the fabric Some of the most well-known cyber-attacks have not been made possible by a nation-state exploiting a remote zero-day vulnerability; rather, they have been made possible by something as basic as a hacked orphaned account. This resulted in lateral movement from an insecure platform to a high-value system, illegitimate privilege escalation or unsanctioned access to a computer system. To safeguard against such attacks, organisations must be aware of who has access to their systems and apps, and guarantee that access is revoked when it is no longer required. Here, a robust IGA system is helpful. It is not the whole picture, though; IGA is part of a larger identity fabric. A report by KuppingerCole noted that “Identity Fabrics are not necessarily based on a technology, tool or cloud service, but a paradigm for architecting IAM within enterprises.” The report pointed out that the paradigm is created using several tools and services. That’s because, contrary to marketing claims, no one vendor has a platform that provides all the needed elements. Consequently, organisations need to find best-of-breed solutions for each section of the fabric. Threats to the new corporate landscape Due to their exclusion from the corporate firewall and the security culture that comes with working on-site, remote employees and third parties are desirable targets for hackers. The transition to online office suites is another vulnerability that hackers are taking advantage of–for instance, through bogus authentication login dialogues. Additionally, hackers are using technologies like machine learning and artificial intelligence to circumvent current security tactics. A cyberattack powered by AI will imitate human behaviour and develop over time. Even publicly available information might be used by this "weaponised AI" to learn how to get past a target’s defences. CISO and the business users Attackers will finally find an entryway, but firms can protect the new perimeter–their identities It's no longer possible to secure the traditional perimeter. Attackers will eventually find an entryway, but businesses can protect the new perimeter–their identities. To defeat these threats, organisations must look again at identity and access management tools and how they are weighed against the impact on the organisation. Should you mandate multi-factor authentication (MFA) more often and earlier? Should only company-owned devices have access to networks, or should access be restricted to specific business hours or regions? Should access to sensitive information and critical systems be given just temporarily or should it be offered on a task-by-task basis? Both the CISO and the business users they assist should be asking these questions. Staying ahead of threats with identity Access control limits decrease dangers but can come with a cost. If you give your users too much access, your organisation becomes susceptible; if you give them too little, productivity suffers. But there are ways to strike a balance with security, compliance and productivity. More CISOs are turning to Zero Trust–which is based on the principle of maintaining strict access controls and not trusting anyone by default–to protect their systems from new attack types. However, Zero Trust is reliant upon having a thorough and baked-in strategy that underpins it.  Other actions that companies can take include implementing automation for identity management, such as automating workflows for approval. This would significantly lessen the administrative burden and friction that security solutions like multifactor authentication (MFA) or time-restricted access to critical systems have on business users. This might include restricting access to particular devices, capping access hours during the day or enforcing MFA based on user behaviour. Identity fabric: Putting it all together Make sure your identity architecture is scalable, secure, and provides a seamless user experience These are just two elements of the identity fabric approach. Most organisations today have implemented pieces of an identity fabric, which is basically an organisation’s identity and access management (IAM) infrastructure and typically includes a mix of modular IAM solutions for multi-cloud and/or hybrid environments. Now, organisations need to define, enhance and develop this infrastructure. They must also institute guiding principles for how it should operate, meet current and future business requirements as well as identity-related cybersecurity challenges. In doing so, businesses can move past identity platforms and adopt an identity fabric perspective. The key is to make identity governance the starting point of your identity fabric strategy, ensuring seamless interoperability within your identity ecosystem. Make sure your identity architecture is scalable, secure, and provides a seamless user experience. Aligning security with business Due to the increase in knowledge workers using the cloud and working remotely, attackers are focusing on this group. These employees are easier to compromise, give access to valuable data and offer more attack targets. Knowledge workers also lack an administrator’s level of security expertise. Therefore, as part of their security fabric strategy, enterprises require a scalable IGA system. It is easier to comply with security and access regulations and takes less time for IT teams to do normal administrative activities when they invest in IGA, a crucial tenet of identity security. CISOs and boards, though, are currently looking at more than identity management. IGA is at the centre of the debate about security and governance. Taking an identity fabric-based approach, with a foundation built on modern, cloud-based IGA, will safeguard identities, increase productivity, and make staff adherence to organisational procedures easier.

Companies at GSX 2023 emphasised new ways that technologies such as artificial intelligence (AI) and the cloud can address long-standing issues in the security market. Among the exhibitors at the event in Dallas were companies seeking creative ways to apply technology, lower costs, and make the world a safer place. Reflecting on the exhibition, here are some additional takeaways. Expanding AI at the edge  i-PRO is a company reflecting the continued expansion of edge AI capability in the security market. Today, more than half of the company’s lineup supports AI at the edge so the customer has a wide choice of form factors when seeking to leverage the feature set.  AI processing relay, extended warranty i-PRO is increasing their warranty period from 5 to 7 years, which could be a lifetime warranty in some cases I-PRO also has an “AI processing relay” device that accepts non-AI video streams and applies edge analytics. AI has progressed from a high-end technology to a feature available in a variety of cameras at different price points. i-PRO is also increasing its warranty period from 5 to 7 years, which could be a lifetime warranty in some cases depending on a customer’s refresh schedule and lifecycle management. Active Guard, MonitorCast The company’s video management system (Video Insight) is continuing to build new features including “Active Guard,” an integrated metadata sorter. Their access control platform, MonitorCast, is a Mercury-based solution that is tightly integrated with Video Insight. Their embedded recorders now have PoE built in.  “We can move at a faster pace to fill out our product line since leaving Panasonic,” says Adam Lowenstein, Director of Product Management. “We can focus our business on adapting to the market.” Emphasis on retail and other verticals  Shoplifting is a timely issue, and retail is a vertical market that got a lot of attention at GSX 2023. “We see a lot of retailers who are primarily interested in protecting employee safety, but also assets,” says Brandon Davito, Verkada’s SVP of Product and Operations. “Shrinkage is a CEO-level priority.”  “Retailers are getting more engaged with security posture, instead of letting perpetrators walk,” Davito adds. Intrusion detection Verkada has an intrusion product that will notify a central station if there is an alarm On the alarm side, Verkada has an intrusion product that will notify a central station if there is an alarm, and operators can review videos to confirm the alarm. Other capabilities seeking to discourage trespassers include sirens, strobes, and “talkdown” capabilities.  International expansion Verkada continues to expand internationally with 16 offices in all, including Sydney, Tokyo, and London. The core value proposition is to enable customers to manage their onsite infrastructure more simply, including new elements such as PTZ cameras, intercoms, and visitor management. Verkada emphasises ease of use, including a mobile application to allow access to be managed across the user base. Forging partnerships “We are committed to the channel and industry, and we continue to build relationships and expand our reach,” says Davito. Among the industry relationships is a new partnership with Convergint, which was hinted at during the show and announced later the same day. They are also expanding their partnerships with Schlage, Allegion, and ASSA ABLOY.  Working with other verticals They offer new features for K -12 schools, and a new alarm platform is easier to deploy and manage Verkada has also found success across multiple other verticals, notably healthcare, where they integrate with an electronic medical records system. They offer new features for K-12 schools, and a new alarm platform is easier to deploy and manage. They are integrating wireless locks to secure interior doors in schools, looking to secure the perimeter, and installing guest management systems. Transitioning the mid-market to the cloud  Salient is squarely focused on the “mid-market,” a large swath of systems somewhere between small businesses and enterprise-level systems. Pure cloud systems are not as attractive to this market, which has a built-out infrastructure of on-premise systems. Adding a camera to an existing system is easier and less expensive than tying it to the cloud. Benefits of cloud It’s a market that may not be ready for the pure cloud, but there are benefits to be realised from adding a cloud element to existing systems. “We are continuing to augment our premise-based solutions with added cloud capabilities and flexibility,” says Sanjay Challa, Salient’s Chief Product Officer.  The feedback Salient hears from their customers is “I want to own my data.” The hybrid cloud approach offers the right mix of control, flexibility, and unit economics. Cloud add-on capabilities We want to provide the flexibility for customers to go full-cloud as it becomes more economically attractive" Cloud add-on capabilities include bringing more intelligence about system operation to the user via the cloud. Over time, Salient expects to sell more cloud-centric offerings based on feedback from integrators and customers. “We want to provide the flexibility for customers to go full-cloud as it becomes more economically attractive over time,” says Challa.  Vaidio AI technology Salient seeks to be a transition pioneer to help customers realise the path to the cloud. Their approach is “crawl, walk, run,” and helping customers make the transition at each stage. Salient has added AI to its product offering, incorporating Vaidio AI technology from IronYun into a powerful suite and broad array of on-premise analytics, which are gaining traction. The seamless approach makes it easy for customers to embrace AI analytics, although Salient remains broadly committed to open systems. Addressing ‘soft’ features for integrators AMAG is in the process of enhancing its product line with the next generation of access control panels. However, “product” is just part of the new developments at AMAG. In addition to “hard” features (such as products), the company is looking to improve its “soft” features, too; that is, how they work with the integrator channel. Integrator channel Rebuilding a process to make your organisation more efficient, is relatively easy; it just takes a lot of persistence" “We have the depth of our legacy customer base we can learn from, we just need to close the feedback loop quicker,” says Kyle Gordon, AMAG’s Executive Vice President of Global Sales, Marketing, and commercial Excellence, who acknowledges the value of reinstating face-to-face meetings after COVID. “We are laser-focused on nurturing our integrator channel,” he says.  “Developing new features takes time, but rebuilding a process to make your organisation more efficient, that’s relatively easy; it just takes a lot of persistence,” says Gordon. More cohesive internal communication is another useful tool, he says.  Disrupting the cloud based on price  Wasabi is working to make cloud applications less expensive by offering a “disruptive” price on cloud storage, $6.99 per terabyte per month (80% less than hyperscalers). Contending “hyperscalers” like AWS are charging too much for cloud storage, Wasabi is using its own intellectual property and server equipment co-located in data centres around the world. Wasabi sells “hot cloud storage,” which refers to the fact that they only have one tier of storage and data is always accessible. In contrast, a company such as AWS might charge an “egress fee” for access to data stored in a “colder” tier.  Cloud storage “We saw that several video surveillance companies had not yet adopted cloud storage, and we saw an opportunity to make it easy to use,” said Drew Schlussel, Wasabi’s Senior Director of Product Marketing. “We just install a little bit of software that allows them to store data in the cloud and bring it back from the cloud.” Performance, protection (cybersecurity), and price Wasabi works with integrators, resellers, and distributors and also integrates with VMS companies Wasabi works with integrators, resellers, and distributors and also integrates with VMS companies such as Genetec and Milestone. Emphasising performance, protection (cybersecurity), and price, their data centres are certified to SOC 2 and ISO 27001 standards.  Faster throughput for weapons detection Xtract One is a young company focusing on weapons detection in a time of accelerated concern about gun issues post-COVID. Founded in Canada and based on technology developed at McMaster University, Xtract One has found a niche in providing weapons detection at stadiums and arenas. These customers already have budgets, and it is easy to shift the money to a newer, faster technology. Madison Square Garden in New York City is among its customers.  Cost savings solution Xtract One can increase throughput to 30 to 50 people per entrance per minute (compared to 5 to 6 people per minute when using metal detectors). The solution doesn’t require anyone to empty their pockets and the system alarms on items beyond guns and knives. Using Xtract One allows customers to reduce the number of screening lanes and security staff, providing additional cost savings, all while getting fans through the screening process in half the time. Purpose-built sensors The system uses purpose-built sensors looking for specific characteristics, such as reflective and density properties In addition to stadiums and arenas, Xtract One, formerly Patriot One, is also getting “inbound” interest from schools, hospitals, manufacturers, and other verticals that makeup 50% of their business. “We’re on a rocket ride, mainly because the weapons issues are not going away,” says Peter Evans, CEO and Director at Xtract One. The system uses purpose-built sensors looking for specific characteristics, such as reflective and density properties, all correlated by an AI engine.  Providing early warning of violence ZeroEyes is another company focused on weapons detection. Their AI gun detection system works with video images to identify if someone is “brandishing” (carrying) a weapon. In other words, the system does not detect concealed weapons. Identifying someone carrying a weapon provides early warning of a possible violent act. Increased response with AI-enables images Images are identified by AI and sent to a monitoring centre where a human confirms the image before contacting first responders. Knowing the location of a shooter enables staff to lock entry points, move people to safety, and direct first responders. The company was founded to leverage existing camera views to stop mass shootings and gun violence by reducing response times. 

A pioneer in the access control sector since 1971, AMAG Technology is looking to the future and the next generation of products that will expand its services to customers. “In our vision, we have advanced approaches that will not only provide our partners with advanced technologies but also ones that are easier to install with tools to expand their services,” says David Sullivan, who was appointed President of the venerable access control company in September 2022. New challenges at AMAG Sullivan brings a new outlook to the AMAG business, a part of Allied Universal, and a new vision to lead the company into the future. We caught up with David Sullivan to discuss his new challenges at AMAG and the journey ahead as the company looks to the future. Q: How does your background inform your approach to leading AMAG? I believe that it helps me to define a vision for AMAG that will be unique and on the leading edge of our industry David Sullivan: With the exception of only a few short years, my career has been in access control. I have experience with several systems and have had the privilege to manage several successful access control companies. As a result, I bring a great deal of experience into my role at AMAG. I believe that it helps me to define a vision for AMAG that will be unique and on the leading edge of our industry. Q: How would you describe AMAG’s journey over the last several years and how do you see the future? Sullivan: Prior presidents of AMAG always shared their leadership vision and direction with senior leaders located in the United Kingdom. This had an impact on the full direction of the business, sometimes limiting its ultimate success. Before I became a part of AMAG, these senior leaders that were located in the UK retired, placing for the first time the full management responsibilities of the president. This has allowed me to integrate the business into a single team, with single objectives, and a single vision. We expect to begin to reveal this new vision in the coming weeks. We are excited about the future of AMAG and believe we will surprise the industry with our new products and approach in the coming months and years. Q: How important is it that a manufacturer provides both hardware and software solutions? How does AMAG’s approach (in general) differentiate it in the market? We can design the complete solution, providing functionality that others may find more difficult to accomplish Sullivan: Regardless of the manufacturer, we all provide hardware and software. An access control solution is not complete without both. Some of us choose to make our panels, and others do not. Those who are dependent on third-party suppliers are restricted to the developments and direction of that company, and while it might be perceived to be an open technology, it still is proprietary to the hardware manufacturer. AMAG has controlled its manufacturing of panels from day one. The result means that we can design the complete solution, providing functionality that others may find more difficult to accomplish. Q: How does the breadth of AMAG’s product suite provide advantages to customers and/or integrators? Sullivan: AMAG’s product portfolio is unique and provides the end user with an end-to-end identity management solution from one company. Our Control Room PSIM, Symmetry CONNECT Identity Management Solution, Symmetry Access Control, and Symmetry GUEST solutions all integrate to provide the user with a broad set of features and capabilities from a single provider. There is no finger-pointing when we come to support your system. We hold full responsibility for making it work and can quickly provide a resolution to any application difficulties the user may be experiencing. Q: How does AMAG address the divide between on-prem and cloud systems? How do you help customers make the transition and/or plan for the future? We are in the early stages of developing our next generation of access control in which we intend to provide on-prem Sullivan: In our current product portfolio, we have three products that are cloud-based. Our mobile credential platform (Symmetry Mobile), our visitor management solution (Symmetry GUEST), and our physical identity and access management solution (Symmetry CONNECT) are all offerings that operate in the cloud. We are in the early stages of developing our next generation of access control in which we intend to provide on-prem, web client, and cloud-based offerings. One of the primary objectives is to ensure that the large installed base of systems that are out there today will be able to migrate not only to our next generation but as well to the cloud if the client so desires. Q: What is AMAG’s approach to mobile credentialing? Sullivan: As an access control provider, adding Symmetry Mobile credentialing to our portfolio just made sense. We want our customers to have a forward-thinking solution with the opportunity to save money not only on the physical badges but the cost of printing and distributing badges. Mobile credentials can be easily issued and revoked remotely, reducing administrative overhead, and eliminating the need for physical inventory management. Organisations can centrally configure what devices are used and the read range for each type of device and operating system, thus providing flexibility. Symmetry Mobile offers a customised questionnaire that controls access and reduces liabilities. Q: What has surprised you the most in your first year or so leading AMAG? Not many companies are blessed with such a broad portfolio that is supported by a resource-rich company Sullivan: I wouldn’t say I was surprised by this as much as happy to see, but I would say that the quality of our people was a pleasant surprise. As well, the AMAG product offering is broad and has some unique elements. When coupled with the depth of the resources that we have in AMAG, I know that we are second to none. Not many companies are blessed with such a broad portfolio that is supported by a resource-rich company that has so many talented people. Q: Please describe your dealer channel, and how you are seeking to expand it. Sullivan: The AMAG products are sophisticated and typically are installed for higher-end applications. With this sophistication comes a need to be well able to install such a solution. We have a strong group of certified and loyal partners who help us to deliver these enterprise solutions. We desire to provide our existing partners with updated and competitive systems to offer to their end users. Q: What is the security industry’s (and/or AMAG’s) biggest challenge in the next five years? We need to find ways to provide both our channel partners and the customers with solutions that are easily integrated Sullivan: I believe that the advancements that we are seeing in technology provide our industry with the opportunity to truly change how security is provided to our collective customers. As we advance these solutions, we will need to do so responsibly and in a way that helps the channel’s abilities. We need to find ways to train our partners to both install and support these more complex solutions. At the same time, we need to find ways to provide both our channel partners and the customers with solutions that are easily integrated, moving away from proprietary closed systems to open and cohesive solutions. This will ensure that the users get the best, and most complete solutions. Q: What does the industry as a whole misunderstand about AMAG -- time to set the record straight! Sullivan: Well, I am not ready to openly share where we are heading. We are in the process of putting together some advanced approaches to how we will do business with our partners. We are focused on providing tools that will enhance their services to their customers, and with products that are leading edge. I can only state that all should keep their eyes on AMAG, because over the next few years, we are going to surprise some people, and more importantly make our loyal partners quite powerful.

Matter is a new open-source interoperability standard that will simplify the connectivity of smart home systems, including security.  The growing popularity of the Matter 1.0 standard was evident at the large Consumer Electronics Show (CES) in January in Las Vegas, where the standard was heavily promoted by companies including Google, Amazon, and Samsung. A flood of Matter-connected products is on the horizon for ship dates in the second half of 2023. Evolve, and manage IoT standards Creating the standard is the Connectivity Standards Alliance (CSA), formerly the Zigbee Alliance, which changed its name in May 2021. With 300 companies as members, CSA seeks to create, evolve, and manage Internet of Things (IoT) technology standards through a well-established, collaborative process. CSA promotes the benefits of global, open standards, and the value of the IoT to customers and consumers, and seeks to break down the barriers to broad access and adoption of IoT technologies and solutions. Matter The new brand name Matter was launched in May 2021 to designate the standard formerly known as Project CHIP (Connected Home over IP), developed by CSA member companies including Apple, Google, Samsung, and Amazon. There are currently 800 devices and apps certified to the new smart home standard, including various smart home equipment (except video cameras, which will be included in a major release in the fall of 2023). Matter version 1.0 was initial launch in October 2022. Matter 1.0 release Twice a year moving forward, Matter plans a minor release each spring and a major release each fall As part of the Matter 1.0 release, authorised test labs are open for product certification, the test harnesses and tools are available, and the open-source reference design software development kit (SDK) is complete, thus enabling new products to be brought to market. Twice a year moving forward, Matter plans updated releases, a minor release each spring and a major release each fall. Smart home interoperability Currently, a variety of CSA working groups are addressing various aspects of interoperability in the smart home, including issues such as data privacy, security, energy management, and health and wellness, says Christopher LaPré, CSA’s Head of Technology. “Implementing elements requires that the standards alliance be able to multitask on several tracks,” says LaPré. Some development is centering around connectivity and the need for a “hub” to which multiple systems can communicate and incorporate an “identity” to regulate the availability of information to various systems. The standards will enable both do-it-yourself (DIY) systems and devices deployed by professional installers. Addressing privacy requirements The new development will be guided by what installers need to succeed in the home automation" Ecosystems depend on the availability of some type of “identity” to meet privacy requirements. Rules must be implemented across the ecosystem that deploys a “trust system” to ensure privacy. Solving the challenge involves getting all the major players to the table at the technical level to meet the bar from the business and technology perspective. “Integrators and retailers will play a role as Matter continues to evolve,” says LaPré. “New development will be guided by what installers need to succeed in the home automation market.” Matter-certified devices There is still work to be done to expand the 800 certified devices to function throughout the Matter ecosystem and to add new devices over time. One goal is to simplify an integrator’s solution using fewer hubs (and possibly a single hub) to provide a wide variety of services. The timeline of adding new Matter-certified devices may be delayed by the availability of equipment in the global supply chain, says LaPré. Flexibility Multi-admin provides for the simultaneous operation of devices in multiple smart home systems A multi-admin feature of Matter enables more flexibility for multiple ecosystems. A core feature of Matter, multi-admin provides for the simultaneous operation of devices in multiple smart home systems. Accordingly, family or household members could operate the device with the digital assistant or smartphone app of their choice. A bridging protocol helps to tie existing systems together.  Amazon, Apple, Comcast, Google, SmartThings, and the Connectivity Standards Alliance came together in 2019 to develop and promote this new standard, joined by fellow Alliance board member companies IKEA, Legrand, NXP Semiconductors, Resideo, Schneider Electric, Signify, Silicon Labs, Somfy and Wulian. Smart device communication Currently, member organisations span all sizes, across a range of business categories. More than 1,700 Member individuals participate in bringing the Matter specification, reference implementations, testing tools, and certification programs to life. Matter's underlying network technologies are Wi-Fi and Thread. Wi-Fi enables Matter devices to interact over a high-bandwidth local network and allows smart home devices to communicate with the cloud. Thread provides a mesh network within the home. Both the Wi-Fi Alliance and Thread Group partnered with the Connectivity Standards Alliance to help realise the vision of Matter.

A major European oil and gas company that acquires, explores, produces and supplies chemical and petroleum products had a cybersecurity challenge. Company leadership wanted a better way to quantify and respond to the industry’s increasing levels of cybersecurity risk. Pioneers were looking for a new way to better understand and improve their company’s OT cybersecurity. As part of this effort, pioneers wanted to compare the company’s current levels of protection against a series of hypothetical attacks to identify gaps. With operations in several locations and a supply chain network of over 1,000 gas stations, auditing and improving the company’s cybersecurity would be no small task. Set of analysis and recommendations The Honeywell csHAZOP solution is designed to deliver a comprehensive set of analysis To help overcome these challenges, the company called in Honeywell and, specifically, its csHAZOP services team to perform a detailed design evaluation based on OT cybersecurity risk. The Honeywell csHAZOP solution is designed to deliver a comprehensive set of analysis and recommendations–it goes beyond the standard cybersecurity vulnerability assessment or IEC 62443 compliance audit by adding deeper analysis that is designed to: Investigate a significant amount of what can go wrong, including approximately 500+ attack scenarios – evaluating these for multiple threat actors and different consequences, Address – via risk assessments – both the likely risk reduction through the regular IT type of countermeasures (AV, firewall, hardening, etc.) and the consequence severity reduction through the implementation of safeguards (e.g., hardwiring critical control signals), Estimate residual risk for each hazard, allowing identification and quantification, making mitigation actionable, Focus on process automation cybersecurity risk (csHAZOP stage 1) or production process cybersecurity risk (by adding csHAZOP stage 2 vs. cybersecurity production risk) to add a higher level of cybersecurity analysis from an OT perspective unique in the industry. Send in the csHAZOP experts Honeywell cyber experts also uncovered some high-risk design deficiencies The Honeywell OT cybersecurity experts worked with the Honeywell proprietary csHAZOP method to uncover several concrete recommendations for immediate remediation and technical design recommendations in the company’s ICS, to be considered in upcoming ICS migrations. Honeywell cyber experts also uncovered some high-risk design deficiencies. The Honeywell csHAZOP framework was used to identify levels of residual risk to determine which security hazard was more critical to address versus others. Honeywell provided targeted guidance on several aspects of the study, using experience from real-world cyber attacks in the industry. Honeywell’s csHAZOP service is one of the few cybersecurity assessments available on the market that is designed to apply counterfactual risk analysis. Honeywell’s csHAZOP report This evaluation now links OT cybersecurity to loss prevention and process safety Given a system’s protective measures, this method helps a company evaluate which cyber attacks (based on countermeasures, security protections and type of threat actor) may succeed. This evaluation directly links OT cybersecurity to loss prevention and process safety. Honeywell’s csHAZOP report for this oil and gas refinery was considered successful by the customer because of its well-defined procedure, the tools Honeywell has specifically designed for OT systems and the team’s experience and efforts in OT cybersecurity. Results of the csHAZOP assessment “The results of the csHAZOP assessment from Honeywell went beyond our expectations. We have received a detailed and analytical cybersecurity hazard and operability report concerning both identified risks and realistic recommendations for remediation." "Additionally, the report is a valuable tool for future upgrades of our systems as well as new projects and the development of an incident response plan. We intend to repeat this assessment periodically, as it is a valuable tool in our continuous efforts to improve security for our systems from the ever-evolving cybersecurity threats,” Major refinery in Europe.

Named one of Money magazine’s Best Colleges in America 2023, Fairfax-based Geoge Mason University (Mason) is the largest public research university in the Commonwealth of Virginia. Its 10,000 faculty and staff provide classes and support services across three regional campuses, an international branch campus in Songdo, South Korea, and five instructional sites. With more than 40,000 students hailing from all 50 states and 130 countries and a six-year graduation rate that is well above the national average, Mason continues a rapid upward enrollment trajectory that saw headcount and credit hours increase by nearly 2 percent in Spring 2022 and Fall 2023 applications rise by 11 percent.  R1 research university In addition to a heavy emphasis on diversity – U.S. News and World Report named it the state’s best public university for diversity and innovation – Mason is a pioneer in technology and research with 40 percent of its students majoring in STEM fields. It is also the youngest nationally ranked R1 research university, a top 10 public university for cybersecurity programmes, and a top 20 public university for five different engineering and education online programmes.  University's challenge Providing an exceptional experience had to balance with the need to maintain public access to appropriate services Mason’s rapid growth requires it to embrace system-wide innovation, particularly when it comes to providing a safe, secure university environment for students, faculty, and staff. Providing an exceptional experience had to balance with the need to maintain public access to appropriate services, as well as the convenience of contactless entry and the ability to act quickly when credentials were lost, or stolen or the user’s status with the university changed.  Goal “We have a very open campus. Most of our doors are unlocked from 7 AM until 11 PM and we have a public library, so we need to make sure access control isn’t in the way. On the other side, we need to make sure that if something does happen, we can react quickly to unfolding scenarios,” said Daniel W. Anthes, Director of Technology Services, at George Mason University. “The goal is to make it safe, easy, and seamless for people to navigate campus.” Case study  Mason had already implemented a card-based access control solution featuring HID® Seos credentialling technology, HID OMNIKEY® chips, HID Asure ID card printing software, HID FARGO® printers, and HID Signo™ card readers.  Photo identification cards were encoded with appropriate credentials allowing the holder to access everything from parking to residence and dining halls to facilities and services, including data centres, libraries, and shops by simply tapping or swiping. “Eventually, we reached the point that the switch to mobile credentialling was a straightforward next phase. This would make it easier for staff and students to get where they needed to be without having to fumble with a set of keys,” said Anthes.  HID's solution HID Mobile Access lets any compatible mobile device – smartphones, tablets, or wearables – be used as a credential Mason again turned to HID and Atrium, deploying the HID Mobile Access® solution with Seos as the underlying credential technology. Atrium provisions and manages the lifecycle of the HID Mobile Access credentials. HID Mobile Access lets any compatible mobile device – smartphones, tablets, or wearables – be used as a credential to securely access doors, gates, networks, and more. It significantly increases convenience and boosts operational efficiency without compromising security.  HID Mobile Access Because Mason had Signo readers already in place, deployment of HID Mobile Access required just a simple upgrade. Importantly, while mobile access eliminates the need for physical access cards, the highly versatile Signo readers support the widest range of credential technologies via native Bluetooth, Near Field Communication (NFC), and Apple Wallet – meaning those who choose to can continue using their physical ID cards until they are ready to transition to mobile access.  Seamless integration “Once you get them using the technology, at that point the realisation hits that this phone access is awesome. Or you can use your Apple watch and never even pull your phone from your pocket. There are a lot of things you have to navigate when considering credentials." "Fortunately, the HIDand Atrium Campus partnership offers the complete solution, bundled together and working seamlessly in the way I expected. The seamlessness of the mobile credential and how quickly they can get where they need to be with their phone or wearable is cool to see in action,” said Anthes.  Final results Mason’s more than 50,000 students, faculty, and staff can leverage mobile credentials at any campus In addition to access to approximately 7,000 doors across its campus locations, Mason’s more than 50,000 students, faculty, and staff can leverage mobile credentials at any campus cash register, printer, copy machine, and retail and recreational facility. Mobile access will increase the convenience factor exponentially for students, for example enabling express check-in for residence halls at the start 2024-25 school year which will let students bypass queues that in the past were hundreds deep and go straight to their dorm rooms.  Mason Mobile ID Mason Mobile ID has also driven a significant drop in the issuance of temporary and replacement cards, saving both the university and students time, money, and frustration. Students can also easily switch credentials to a new wearable or mobile device, eliminating the need to have this done in person – a significant convenience when Apple released its iPhone 15 shortly after Mason transitioned to mobile access.  Safety standpoint “We are only two months in, so there are a lot of benefits we have yet to see with Mason Mobile ID, but I’m excited about what we’ve already started noticing in terms of students engaging faster with their peers and community." "The police department also absolutely loves the wearables from a public safety standpoint, because they can get through the doors a whole lot faster than they could with the traditional cards or when they had to fumble with keys,” said Anthes.  Operational efficiency Going forward, Mason is exploring expanding mobile access to shuttle buses, which would also allow them to track utilisation data, and for more special events access. “New technology like mobile access is how Mason improves operations, so if there is an opportunity, I will certainly push to have HID involved. There are a lot of things you have to navigate when considering credentials. Fortunately, the HID and Atrium Campus partnership offers the complete solution, bundled together and working seamlessly in the way I expected,” said Anthes. 

Morse Watchmans, the industry pioneer in key control and asset management systems, has a full lineup of key control solutions with unmatched expertise and robust technology that is bolstering security at K-12 schools nationwide, improving security operations, reducing costs, and facilitating better response times after an incident. Highlights include innovations like the Morse Watchmans’ Emergency Key Grab (EKG) Kit, which provides first responders with secure, fast access to keys in the event of a facility lockdown. Key control solution “Harnessing our specialised key management expertise, we’ve developed a comprehensive key control solution for K-12 schools that is boosting peace of mind for administrators, teachers, students and parents alike,” said Tim Purpura, VP of Global Sales and Marketing, Morse Watchmans. "Key management systems are a smart investment for K-12 schools, cutting security costs by preventing lost keys and controlling access for authorised staff. By deploying a centralised key control system, schools enhance security by ensuring keys are housed securely and are easily accessible to first responders.” Key management from Morse Watchmans Morse Watchmans brings an effective solution to safeguard students and staff, optimise operations Addressing K-12 challenges, such as limited budgets and maximising efficiency with less technology, advanced key management from Morse Watchmans brings an effective solution to safeguard students and staff, optimise operations, and allow first responders rapid access during an emergency. Using this solution, keys are stored securely in an electronic key cabinet, granting access only to authorised users with credentials. This allows schools to mitigate the risks of unauthorised entry or lost keys. Leveraging integrated software expands its capabilities, allowing administrators to configure access, generate reports, and receive notifications. Software can connect with other systems such as video surveillance and access control for broader situational awareness. Morse Watchmans’ EKG kit The centralised key control systems allow quick access for first responders in the event of a lockdown. Working hand in hand with Morse Watchmans’ Emergency Key Grab (EKG) kit, first responders will have quick access to keys during an incident, allowing faster response times when seconds count. The EKG Kit includes the following technology: One-module or greater KeyWatcher Touch System, an electronic key control system that stores facility keys in a key cabinet, only to be accessed by those with the proper permissions. Morse Watchmans’ color-coded SmartKeys and KeyRings that track access to master facility keys. Coloured red, these accessories are designed to be easily identifiable by responding personnel. K-12 playbook hard copies and one-on-one educational training from Morse Watchmans. The staggering statistic that more than 370,000 U.S. students have experienced gun violence in the past two decades, alongside mounting concerns for teacher safety, underscores the urgent need for pre-emptive measures to protect lives. Establishing robust key control systems is crucial to creating secure educational environments for both students and educators.

In a groundbreaking initiative to bolster security measures, Indian Railways has successfully implemented Herta's state-of-the-art facial recognition solutions across its extensive network of train stations in the Eastern region. This transformative project marks a significant step towards ensuring the safety and well-being of passengers and staff throughout the railway system. The project becomes the largest one in the world in the transport sector. Herta has also been awarded two more regions that will be implemented after the Eastern one. Facial recognition technology The deployment of Herta's cutting-edge facial recognition technology is part of IndianRailways' commitment to embracing advanced solutions for enhancing security. By leveraging Herta's expertise, the railway network aims to create a safer environment for passengers, mitigate potential security threats, and streamline operational efficiency. Key features Key features of Herta's facial recognition solutions implemented at 230 train stations using thousands of video surveillance cameras include: Real-time Identification: Herta's technology provides real-time facial identification capabilities, allowing for swift and accurate recognition of individuals within the train station premises. Enhanced Security: The implementation of facial recognition enhances security by automatically identifying and alerting authorities about the presence of individuals with potential security concerns, contributing to the overall safety of passengers and staff. Efficient Monitoring: Herta's system enables efficient monitoring of the train stations, offering a proactive approach to security management. The technology assists in the quick response to incidents and ensures a rapid resolution of security issues. User-Friendly Interface: The intuitive user interface of Herta's solutions facilitates easy integration with existing security systems, providing a seamless experience for railway personnel responsible for monitoring and managing security. Stringent security requirements Mr. Rahat Jain, IDIS INDIA - MD, expressed his enthusiasm about the successful implementation, stating, "We are delighted to announce the successful integration of Herta's facial recognition solutions at Indian Railways." Startologic, the official partner overseeing the deployment of Herta's facial recognition solutions at Indian Railways, is proud to be part of this transformative project. The successful implementation showcases the capability of Herta's technology to meet the stringent security requirements of one of the world's largest railway networks.

Comcast Smart Solutions, a division of Comcast Corporation that specialises in smart technology solutions for businesses and communities, announced that it will provide the Town of Braselton, Georgia, with smart video camera technology with AI capabilities to improve public safety and emergency response. The deployment of smart video camera technology at the Town Green and Braselton Park will provide the town with real-time visibility into its community spaces, and insights into traffic patterns during events, and will increase peace of mind for residents. New technology nonprofit The town saw it as a natural progression to continue upgrading the area with technology “These advanced cameras will play a vital role in bolstering safety efforts within our town and surrounding municipalities,” said Jennifer Scott, Braselton Town Manager and Clerk. “With real-time monitoring and intelligent analytics, this technology presents an efficient and cost-effective approach to creating safer public spaces and fostering a stronger sense of security for our community members." The Town of Braselton has a history of embracing smart technology, evidenced by its support of a new technology nonprofit that provides startup incubator space in partnership with local community members and a technology-focused university. Given this background, the town saw it as a natural progression to continue upgrading the area with technology. AI video analytics solution These cameras are planned to minimise false alarms and provide quick and valid forensic hunts Now, at the Town Green, multiple smart video cameras will oversee the parking lot and areas behind the concession stands. Additionally, smart video cameras at Braselton Park will monitor the playground and parking lot near the park’s tennis courts.  Equipped with multi-sensor and multi-directional capabilities and AI video analytics, these cameras are designed to minimise false alarms and provide quick and accurate forensic searches. The video information captured, along with the AI video analytics solution will integrate seamlessly into a cloud-based application, providing the town with actionable data insights, including alerts for suspicious activity and recommendations based on traffic patterns. Smart video camera solution In collaboration with Comcast Smart Solutions, Braselton will receive comprehensive project management and continuous support. This includes a dedicated Comcast Smart Solutions project manager overseeing installations, conducting analyses, providing product training, and maintaining an ongoing support team to assist Braselton. “Delivering a seamless and reliable solution was essential to assist the Town of Braselton in enhancing safety and revitalising communal areas,” said Mike McArdle, Senior Regional Vice President, Comcast. “We’re excited to not only provide a comprehensive smart video camera solution but also offer continuous support, ensuring that Braselton residents can enjoy their parks with confidence and peace of mind.”

The Winston-Salem Police Department (WSPD), internationally accredited by the Commission on Accreditation for Law Enforcement Agencies (CALEA), is dedicated to proactive, data-driven approaches to law enforcement. Through initiatives like "Smart Policing," a collaboration with the local community and Winston-Salem State University, the department aims for systemic change in crime reduction and community safety. Real-time intelligence Lieutenant Ben Jones oversees the Real Time Crime Center (RTCC) housed in the Criminal Intelligence Bureau, a crucial nerve in the department’s operations. Under his stewardship, the team assists officers in protecting over 253,020 people across 133.7 square miles. “A more informed officer makes better decisions. We provide as much real-time intelligence as possible to detect, deter, and solve crime.” The challenge Get Connected Winston-Salem campaign integrates community-owned cameras into the police's video security Facing violent crime and an annual increase in homicides, the WSPD emphasises rapid responses underpinned by precise and accurate data. A particularly innovative step is the "Get Connected Winston-Salem" campaign, which integrates community-owned cameras into the police's video security system through Fūsus. This not only broadens the scope of crime monitoring but also exemplifies the department's commitment to collaborative crime-fighting. However, finding suspects’ vehicles was a logistical nightmare and still relied heavily on witness accounts. “We began looking at LPR solutions to assist in shootings, homicides, and cases involving vehicles.” Intelligence gathering with LPR and Multisensor To elevate its crime-solving capability, the city has strategically placed Verkada License Plate Recognition (LPR) and Multisensor cameras at traffic light intersections. “Our goal is to improve the solvability and speed of investigations by being able to identify suspects' vehicles across different intersections. We tie LPR with the Multisensor, which gives a four-way view across the intersection. No other solutions we evaluated offer this capability.” The nature of the incident When an incident is reported, the initial call is directed to the Patrol Divisions, and first responders are dispatched accordingly In partnership with the Winston-Salem Department of Technology (DoT), Jones plugs Multisensor cameras directly into the city system where there's Fiber and power. When an incident is reported, the initial call is directed to the Patrol Divisions, and first responders are dispatched accordingly. The nature of the incident determines its next course: for instance, serious shooting incidents are relayed to the Violent Firearms Investigative Team, while homicides are dealt with by the Criminal Investigation Division. Real-time Verkada Analytics “Before, we relied on witness information. Now, with Verkada and Fūsus, finding what we need can take just minutes instead of days.” The Verkada software, in conjunction with Fūsus, enhances the accuracy and speed of investigations, particularly in locating vehicles associated with a crime and finding missing people. People and Vehicle Analytics allow for the swift identification of both suspects and missing people throughout the city. Finding missing people - Detailing a success story, Lt. Jones recounts, “We found a missing person on a Verkada camera, and used People Analytics to find her at different times. We were able to confirm that she was alive at particular times, which gave investigators a starting point.” Coupled with ShotSpotter, a gunfire detection system, the team swiftly locates suspects using real-time analytics Finding suspects by vehicle - Coupled with ShotSpotter, a gunfire detection system, the team swiftly locates suspects using real-time analytics. “As soon as there is a shooting, the team uses Verkada to quickly locate suspects’ vehicles based on their description and colour." "A high percentage of violent crimes involve suspects who arrive, leave, or commit the crime from a vehicle. Verkada helps us identify where they’ve been, where they are, and where they’re headed.” Alerting with video context - Verkada goes a step beyond the image of a vehicle tag, providing a video of the car, its tag, and other vital details. “In the past, we might’ve stopped every red car. With Verkada, we have higher accuracy and less chance of mistaken identity." "I've been in the LPR market for a while and found that most solutions only give you a picture of the tag and vehicle. Verkada associates a video with each tag, so we have additional context easily available for intelligence gathering.” What's next Entering phase two, the goal is to place Multisensors closer together and increase the Verkada security These use cases with Verkada are just the beginning. Lt. Jones envisions a future where the department can seamlessly locate vehicles from one intersection to another, making suspect identification efficient and precise. Entering phase two, the goal is to place Multisensors closer together and increase the Verkada security coverage across the city. Real-time problem solving "The LPRs and Multisensor fit into our overlapping technology strategy, and we plan to increase the density of our deployment. If we’re pursuing an active shooter for example, having the cameras near our shotspotter areas allows us to use both technologies in conjunction with one another to locate the shooter.” Furthermore, by showcasing the efficacy of Verkada to other police departments, Winston-Salem aims to set a benchmark in crime-solving on the East Coast. Lt. Jones adds, “My goal is real-time problem solving; witnessing events as they unfold, not after. With Verkada, we’re turning that goal into reality.”

When it comes to preventing theft and ensuring overall safety, technology offers a robust toolkit for retail stores to enhance security in several ways. From intelligent surveillance systems to RFID tags used to avoid shoplifting, today’s retail and loss prevention strategies are more effective than ever. Beyond security, the newer technologies can also provide benefits related to merchandising, inventory control, customer service, and the list goes on. The combination of abundant data and artificial intelligence (AI) is a powerful one-two punch that is on the verge of reshaping the retail industry. We asked this week's Expert Panel Roundtable: How are new technologies transforming the retail and loss prevention markets?  

There is a bright outlook for trade shows in 2024. In particular, ISC West has recently become the must-see event in the security marketplace. ISC West will take place April 9-12 at the Venetian Expo in Las Vegas. In addition to providing access to a wide range of technological innovations, the show also serves as a platform to introduce new products and services. As the industry counts down to the big exhibition, we asked this week’s Expert Panel Roundtable: What will be the big news at ISC West 2024?   

Video surveillance has been a dominant factor in the casino market since the 1950s when video replaced the use of elevated walkways that allowed casino security personnel to monitor the gaming floor from above. As technology continues to evolve, we can expect to see more innovative uses of video in the casino market. Beyond video, other technologies are also transforming the casino experience. We asked this week’s Expert Panel Roundtable: How are new technologies impacting the casino surveillance and security market?