152 US veteran affairs hospitals track assets in real time with RFID

Editor / Provider: Checkpoint Systems | Updated: 5/13/2013 | Article type: Commercial Markets

Oatsystems, a division of Checkpoint Systems has been selected as a subcontractor to HP Enterprise Services' maximum value US$543 million indefinite delivery indefinite quantity real time location system (RTLS) contract with the U.S. Department of Veterans Affairs (VA) to procure and deploy a RFID asset management system at 152 of its hospitals that will assist in the automation and improvement of operations and veteran healthcare services. Oat will supply RFID software and readers to more than 7,500 read points across VA medical centers.

“Oat's passive RFID solutions provide us with up to the minute inventory and asset data across multiple facilities, supporting our vision to improve health care efficiency across the VA enterprise,” said Kimberly Brayley, Director, RTLS Project Management Office, Veterans Health Administration.

Oat's RFID software platform and RFID enabled use cases provide the flexibility needed to track a wide range of assets within a medical facility, from capital assets to low cost consumables. The technology enables instant location and up to the minute availability of medical assets for primary care (incubators, diagnostic supplies, sterilizing equipment) and facility operations (laboratory equipment, uninterruptable power supplies, biological safety cabinets), improving patient care while reducing excess inventory. Oat passive RFID solutions will also be used to track IT assets (smartphones, laptops, network routers) across VA facilities, to improve operational efficiency and asset utilization.

“Oatsystems is a key member of the HP team, as it brings an enterprise class RFID platform, innovative RFID asset tracking solutions and has a broad scale and scope of passive global RFID deployments”, said Don Picard, federal healthcare VP, HP Enterprise Services, US Public Sector.

“Healthcare providers are increasingly deploying RFID and RTLS technology to improve operational performance and patient care, and the VA is leading the way with nationally standardized solutions.” said Prasad Putta, EVP and GM of Merchandise Visibility and RFID, Checkpoint Systems.

Grow with Security 50 in Asia

Editor / Provider: Hayden Hsu, asmag.com | Updated: 5/7/2013 | Article type: Security 50

More than half of the a&s Security 50 were present at Secutech International in Taipei this year, through on-site exhibits/booths and event presentations. As Asia's premier original manufacturers' show for global solution seekers, Secutech gave the supercharged representatives an opportunity to share with the asmag and a&s team the top 50's growth strategy and focus for the year. Asia's fast rise, vertical/geography-appropriate offerings and localization efforts were among some of the recurring themes.

For all the Security 50, the Asian region passed 2012 with flying colors and double-digit growth, and most stressed the continued, heightened focus on the region, with more investments in securing or recruiting appropriate partners, product developments and personnel. Take Bosch Security Systems for example. China is now an independent region with a new, locally brewed VP reporting directly to the German headquarters. The local R&D center also has sufficient ammunitions and local talent to develop what is truly needed and used in China and Southeast Asia.

Other parts of the region — such as Mongolia and all the way to Australia and New Zealand — are also brimming with opportunities, from high-end government and MNC projects to lower-end verticals like hospitality, residential, SMBs, education, health care and more. The 50 are all busy "attacking" weight-appropriate markets and partners with the "right" tailored and cost-effective solutions. As the region is not known for clear channel structure, more are engaging in road shows and events to reach out to installers and end users directly.

It is a fun time for security professionals to be in Asia. Stay tuned to this channel for more exclusive interviews and video contents on developments in the region!

Affordability & Simplicity
For more coverage on industry trends, please visit asmag.com.

US health care analytics firm streamlines access control

Editor / Provider: Lenel Systems International (UTC) | Updated: 5/6/2013 | Article type: Commercial Markets

WhiteCloud Analytics, a healthcare analytics company– headquartered in Boise, Idaho, recently utilized Lenel's security management platform, and web-based access control system to accommodate business expansion. Apex Integrated Security Systems, one of the leading providers of integrated security systems in Northwest U.S.–also of Boise- that handled the security management platform for the complex was taking part in a pilot program for the launch of web-based access control system.

Until late June 2012, security and access control at WhiteCloud, which has a staff of more than 30 people, was based on what could be termed a traditional solution: brass keys and locks. To accommodate business expansion, WhiteCloud recently acquired more physical space in the building where they were already leasing space. The office building utilized Lenel's security management platform, and web-based access control system targeted to smaller organizations. “Everyone thinks that our office security system is the same as the building's system but it isn't,” said Jerry Loyd, Help Desk Expert and System Administrator at WhiteCloud.

The traditional mechanical locks in place at WhiteCloud created the expected security issues. “Every lock could be unlocked permanently by clicking a mechanical switch,” said Loyd. “So any one person could essentially compromise our entire security operation. And, of course, we had the usual misplaced keys, individuals locked out who needed to get in, and so forth. At the end of each work day, one of us did a complete survey of our offices to ensure that we were all buttoned up for the night.”

As WhiteCloud deals with a great deal of confidential information and protected Health Insurance Portability and Accountability Act data, enhanced security became a high-priority need. “As we discussed options with WhiteCloud, it became more and more apparent that...They did not need an advanced system, but streamlined, superior access control was mandatory,” said Uli. Every WhiteCloud employee already possessed an access control card for building entry, and the ability to utilize these same cards with web-based access control system delivered an added advantage to adoption.

Training – principally on the system software – went quickly and easily, and within two days Loyd notes that he was relatively fluent on the system. The other operator is not a big technology fan but has also quickly understood and embraced the system. Following the access control system's hardware and software installation, access control cards were programmed into the system. And today, “It only takes a minute for us to add someone to the system,” said Loyd.

Loyd, and Director of Administration Natalie Shores anticipated some employee pushback when the new system was introduced, so they developed a transition plan that took employee concerns into account. “We permitted everyone to keep their keys for a few weeks,” said Shores. “They retained the physical ability to open and lock doors with keys while they became acclimated to and accepted the new system.”

In addition, the system's remote function has been particularly handy. “It's very cool to be able to allow someone entry to the offi?ce on a weekend via the iPad app,” said Loyd. “There's no need to drive across town, so the convenience is greatly appreciated.” With the web-based access control system's iPad app, administrators can permit access, check on activity, and review the events log remotely. The addition of the access control software strengthens the power of WhiteCloud's security and affords greater peace of mind to all parties involved.

Genetec and HID Global on the Mideast Market

Editor / Provider: John Shi & Jill Lai, a&s International | Updated: 4/11/2013 | Article type: Hot Topics

The two leaders in their respective fields share with a&s their take on developing business and sustaining growth in this exciting market.

Genetec
The Middle East is a fertile and growing market for Genetec, and we are happy to be providing our unified security software services to a number of airports in this region. A good example is the Genetec deployment at the Dubai Airport. We had an on-site engineer that stayed on the project for 18 months to work with integrators, helping them with technical information and tasks, and to transfer knowledge about our products to the support teams that would be permanently on-site. Our dedicated support person was also crucial in helping the integration team address and solve specific requirements and challenges that came up, which are inherent in the Middle East market. We have built Genetec to be much more than a software development company — not simply focused on designing software — but also on anticipating challenges and finding solutions that offer the best unified security, access, and license plate recognition (LPR) systems and services to the Middle East, and all throughout the world.

In the Middle East initially, our biggest customers were large public infrastructures and government properties, such as airports, seaports and police facilities. We have recently begun to aggressively expand into banking and transportation markets. With our LPR offering, we are also making headway into security for highways, law enforcement, and traffic & parking management as well.

A crucial goal of Genetec is to select and certify its integrators so that we can develop close working relationships with them, and help them cultivate a specialization in our tools. Genetec integration partners can work as security experts and quickly adjust to any project, independent of the size of the customer or project. Very similar to general contractors, our local integrators maintain many partnerships with skilled teams that can run cabling or perform many of the manual, physical tasks related with installing cameras, for example. It is very important for Genetec to maintain a comprehensive roster of integrators, skilled to address the unique needs of the different vertical industries we serve. This focus ensures we limit conflicts within our integrator channels, and avoid wasted time.

HID Global (Assa Abloy)
HID Global's go-to-market strategy is via channel partners, and as a result, we have successfully built a comprehensive ecosystem of channel partners in the region. HID's solution portfolio is structured across four main business units: access control including network access solutions; secure card issuance that includes Fargo card personalization solutions; identity assurance, which comprises of credential management and strong authentication products and services; and the government sector that includes highly secure ID cards and passport inlays.

HID's key vertical focus in the Middle East is within the government, oil and gas, aviation, enterprise and commerce sectors, with increasing importance in the health care sector within this region.

Typically, HID has different types of channel partners that include system integrators, OEMs and distributors/resellers. For example, system integrators are companies who buy products from HID and integrate them in end-user solutions. This could be for access control or IT security, or a combination of both. Distributors/resellers tend to work with smaller integrators or installers, predominantly in the physical access control area and for secure card issuance distribution.

Our Advantage HID Channel Partner Program is designed to develop and maintain a long-term value proposition with channel partners. We provide a comprehensive set of benefits to enable our partners to extract significant value from these long-term customer relationships. From industry leading margin on product resale, deal registration benefits, training, market development funds (MDFs) and leads, through to joint marketing activities, HID has a deep understanding of how to build mutually beneficial partner relationships. For example, MDFs support channel partners' sales and marketing initiatives.

Lead generation is vital to any successful program. We find that the most effective lead generation activities are achieved from an integrated marketing approach constituting online and offline, outbound and inbound activities across multiple media. Through our partner program, we are committed to helping our partners develop revenue opportunities and secure new business.

We have a strong and growing team in the region, tasked with supporting our partners and helping drive joint business with end users. Adding in the investment we make in events, such as Gitex and Intersec, as well as private events, such as our soon-to-be announced online banking seminars, we have a comprehensive approach to the sales channel strategy in the Middle East.

Middle East making a comeback

Editor / Provider: John Shi & Jill Lai, a&s International | Updated: 3/12/2013 | Article type: Hot Topics

The Middle East has returned to many MNCs' and investors' radar once again, with business potential emanating from the United Arab Emirates to neighboring countries and northern Africa. This feature looks into the various growth markets and their opportunities for security solutions providers — carpe diem, seize the day, seize the region!

Long gone are the days of the 2008/2009 financial crisis. Infrastructure projects, financial hubs and recreational parks are once again being built in the Middle East. Among the hustle and bustle, the countries of the Gulf Cooperation Council (GCC), in particular the United Arab Emirates (UAE), Qatar, Saudi Arabia and Kuwait, still boast the most momentum. According to IMS Research (an IHS company), the regional video surveillance equipment market in 2013 alone will exceed US$320 million.

Not surprisingly, most of the money goes into tourism-related industries. Beyond the UAE, Saudi Arabia, Qatar, Turkey, Oman, Kuwait and Iran are also growing by leaps and bounds, thanks largely to infrastructure projects. Qatar, for example, has seen a flurry of subway and light rail projects, as well as museums and hotels. “Qatar is growing at a fast pace and is set to host the 2022 FIFA World Cup, thus driving continued security system investments among others,” said Hidenori Taguchi, Head of Marketing for B2B Products, MEA Professional Solutions, Sony Corporation.

"Many projects in this region are driven by new construction or new infrastructure initiatives, which are generally a mixture of government and commercial construction projects," said Tarek Ismail, Sales Director for the Middle East, Tyco Security Products. "Other dynamic vertical markets are the higher education market, being buoyed by some very large university projects, along with rapidly growing retail and aviation markets. For 2013, many customers are encouraged by the commitments Saudi Arabia's King Abdullah has made for infrastructure projects."

Dubai the Hub
Business done in Dubai can radiate to the rest of the region, north and east Africa, as well as India and Pakistan. Dubai is recovering, said Ali Boussi, Regional Sales Manager of Business Automation and Security Systems. "Sales come not only from the UAE, but from all GCC members and northern Africa as well. People in Dubai and the UAE have a greater understanding and higher acceptance of new technology and products, in turn giving them more value considerations and propositions when compared to the other countries in the region. Moreover, the government is usually a pioneer in implementing security regulations on and measures in commercial buildings.Business models and requirements from MNCs often become benchmarks. "Our business strategy is to provide blanket coverage of quality products, combined with a proficient level of customer support," said Faisal Kan, Regional Operations Manager, IP Tec General Trading.

Saudi Arabia
Saudi Arabia is the next star to watch. Its stable financial structure and abundant natural resources supported steady growth even during the global recession. "We forecast that the Saudi Arabian market will continue to see strong growth in 2013," said Oliver Philippou, Market Analyst in the Video Surveillance and Security Group of IMS. "This trend will continue through 2015 where it is predicted that Saudi Arabia will overtake the UAE to become the second largest market in the region, after Turkey. Saudi Arabia historically set conservative annual oil production forecasts, leaving surplus funding for social spending, including infrastructure and health care projects."

"Saudi Arabia's construction sector is expected to go through a period of accelerated growth during the next few years, with the value of projects estimated at $629 billion," said Paul Ramsay, International Sales Director for Norbain. "More than $500 billion of investment opportunities in energy, transportation, education, health care, and other vital economic sectors are among established projects, making the kingdom a leading investment hub for construction work. The kingdom is considered to be the region's top economy, with a growing large young population and highly competitive business environment and national initiatives in infrastructure development."

Turkey
After years of mounting difficulties which brought Turkey close to economic collapse, a tough recovery program was agreed with the International Monetary Fund in 2002, Philippou said. "The austerity measures imposed then meant that by the time the global financial crisis came round in 2008, Turkey was in a better position to weather the storm than many other countries. The level of public debt was already relatively low, and although the effects of the recession were still felt, by 2010 the Turkish economy had started to bounce back — to the extent that by the beginning of 2011, concerns were being raised over whether the boom was sustainable. Taking advantage of this economic prosperity, Turkey has some large infrastructure programs planned to support its economic growth. As traffic between the E.U. and Turkey is expected to increase substantially by 2020 (Global Construction 2020, with the potential membership of the E.U.), Turkey's transport network needs to be substantially upgraded to meet minimum standards. Traffic monitoring, government, railways and commercial sectors are all forecast to grow strongly in Turkey to 2016."

Kuwait & Iran
Aside from Qatar, Kuwait and Iran are two others that are forecast to grow the quickest. Kuwait is currently seeing some very large banking projects and an accelerated rate of transition to network video surveillance. Iran, with an already large analog install base, will be one of the few countries not to see a decline in its analog CCTV market. This, combined with some large city surveillance projects, will drive growth in these markets at CAGRs of 14 and 18 percent, respectively. However, it should be noted that these two markets are relatively small when compared to the others in the region, Philippou said.

Assa/HID introduces RFID-based laundry tags

Editor / Provider: HID Global | Updated: 3/7/2013 | Article type: Security 50

HID Global announced the addition of its industry and logistics SlimFlex Laundry tag solution to the expanding SlimFlex Tag family of broadband UHF RFID transponders. This introduction provides integrators with a rich feature-set of RFID tags that deliver the characteristics of the SlimFlex tag's durability and flexibility in a format ideal for automated tracking and inventory for commercial laundry and health care linens and supplies.

HID Global's laundry tags withstand the chemical exposure and high temperatures of repeated commercial washing, drying and pressing cycles, as well as medical-grade sterilization procedures. The small, thin, flexible white strip-shaped tag can be discreetly sewn into the hem of clothing or linens, unnoticeable to users during everyday operations. With a long read range of up to 8.2 ft. (2.5 m), laundry tags enable automated sorting, inventory and accounting for commercial cleaners, and improved tracking and infection control processes for health care linens and supplies.

Building upon HID Global's successful LogiTag family of LF and HF tags, SlimFlex Tags with UHF technology enhance the potential for laundry and medical asset tracking and automation systems. The unique thermoplastic elastomer used in SlimFlex housings is made from the same materials used to manufacture automobile pipes and hoses with the ability to tolerate repeated bending or torsion, while maintaining excellent performance characteristics.

All SlimFlex tags are waterproof and food compatible; they provide high resistance to aggressive liquids and UV rays; and the tags deliver reliable performance and reading stability in high heat and sub-freezing temperatures. SlimFlex Laundry tags also provide added heat resilience, withstanding up to 428° F (220° C) during ironing.

Missouri health care facility future-proofs patients and staff safety

Editor / Provider: Dvtel | Updated: 3/6/2013 | Article type: Commercial Markets

The Children's Mercy Hospitals and Clinics in Kansas City, Missouri deployed a comprehensive IP video surveillance system from DVTel throughout its 350-bed facility, with the help of CI3 Integrators. Approximately 14,000 visitors enter the hospital each week, making security a top concern. The hospital employs more than 100 security officers, along with its 415-camera video surveillance system, to support internal security policies and regulatory compliance.

According to Dan Arnett, Assistant Director for Security and Transportation at the hospital, the institution wanted to transit to an IP video surveillance system based on open standards that would give the hospital the option to choose what works best in its environment, and would be sufficiently scalable to adapt to future changes. Obtaining video data of incidents is critical, and the hospital opted for DVTel's megapixel fixed cameras and VMS to improve the protection of patients, secure high-risk areas and future-proof security investments.

“The improved, HD image quality … adds another layer to the hospital's security program and helps ensure patients, staff and families stay safe, which is its No. 1 priority,” said Gene Tiebout, Service Manager of CI3 Integrators, the integrator for the project. It was a great representation of application possibilities, added Ed Wassall, VP of Global Marketing at DVTEL.

Multifactor authentication provides the pieces for peace of mind

Editor / Provider: Tevin Wang, a&s International | Updated: 2/8/2013 | Article type: Tech Corner

According to Report Linker, the multifactor authentication market is expected to grow 17.3 percent from 2012 to 2017 to a market worth US$5.5 million. Something we have indeed removes the problem of forgetting something we know, but now the object(s) must be with the user at the time that he or she wants to be authenticated.

"In the realm of physical security, the failures of companies and governments to protect our private information (personal and financial) are a lesson that what once served as sufficient security (username and password) is no longer acceptable. We have come to accept that card access provides a low level of security," said Adam Shane, Senior Systems Design Architect, Amag Technology (a G4S Technology company). "Cards can be duplicated, spoofed, modified or stolen. There is nothing that validates the authenticity of the card, nothing that binds the card to its owner, and in some cases, nothing to verify the issuer still trusts the owner to have the card."

The driving factor behind multifactor authentication is to increase the security level in an organization and only allow entry for permissible personnel, said John Davies, MD of TDSi. Multifactor authentication is becoming more important because more systems are connected over the Internet and are exposed to huge numbers of people.

Aside from existing compliance and regulatory pushes, the cloud is another driver for deploying multifactor authentication. "Traditional barriers that have been deployed to secure IT systems, such as firewalls, are becoming less relevant due to a growing move toward the cloud, which means an increasing amount of company data no longer resides on company networks," said Julian Lovelock, VP of Product Marketing for Identity Assurance, HID Global (an Assa Abloy company). "Traditionally, enterprises have stored key IT resources behind a firewall on corporate servers, or in a ‘walled garden.' But, with the rapid growth of the remote workforce, the time and effort enterprises have put into reinforcing that ‘wall' have seemingly been wasted, as more data begins to reside outside of the corporate network. All of these trends are leading toward a model in which organizations focus on protecting individual resources with strong authentication, as opposed to simply protecting the wall."

Chris Cardell, CEO of SyferLock Technology, agreed. Megatrends, such as the emergence of cloud computing, server and desktop virtualization, the proliferation of mobile technologies and bring-your-own-device possibilities, the increase in employees requiring remote access, and the increased use of social networking in the work environment, have created new vulnerabilities and risks for companies. "Users expect to be able to access information from virtually anywhere via the Internet and mobile devices such as smartphones and tablets, and that means it is harder than ever for IT and security executives to ensure that all the organization's information assets are protected," Cardell said.

Growth Verticals
Growth verticals for multifactor authentication include hospitals, banks, airports, data centers, large corporations, IT server rooms, universities, research labs, government departments and other organizations working with sensitive materials such as defense. "In some industries such as health care and financial services, the emergence or evolution of regulatory requirements is forcing even more stringent implementation for strong authentication. For instance, in the U.S., health care organizations must be compliant with the health insurance portability and accountability act (HIPAA). Relying solely on usernames and passwords will no longer be sufficient for secure access to data, particularly sensitive information such as patient records," Cardell said.

The US government has also mandated that access to physical and cyber assets in the executive branch requires use of a personal identity verification (PIV) card, Shane said. "This card supporting PKI validation is federated and therefore trusted across all agencies, and supports multifactor authentication (credential, PIN and biometric). Not all systems will be upgraded to support this high-end authentication token as PIV cards can cost the US government about $100 per person and that does not include the regular maintenance overheads. But progress is being made."

Rick Focke, Senior Product Manager at Software House (a Tyco Security Products company) is optimistic about the retrofitting projects and potentials of biometric based solutions. “The US federal government is a large market and one where the need for upgrades and additional solutions are still needed. In this market and in others, as installation volumes rise, costs should begin to decrease.”

The increase in employees, contractors and e-commerce customers requiring secure access, both remote and on premise, to computers, networks and sensitive information are also drivers in the demand for stronger multifactor authentication approaches. For instance, multifactor authentication adoption in banks in the U.S. is not mandated, but more customers in this market are moving to more secure solutions, Shane said. "We see this as a general trend. There are many beneficial reasons to move to strong authentication such as, to reduce financial losses from crime or fraud, improve auditing capabilities (non-repudiation), reduce cyber espionage and terrorism incidents, improve public relations, and the list goes on."

Complex and Costly?
Cost and usability are perhaps the two greatest concerns from enterprises/end user when implementing multifactor authentication solutions. "Adding biometric authentication for identity binding requires not only a biometric capture device at every terminal, but also requires licensing software to perform the biometric comparison," Shane said. "In biometric authentication, there are different ways to handle the process of binding an individual to a card or their credential. In one case, the user's biometric map or template is stored on a card or in a computer database. If the binding process requires users to present their card/credential first, for reading identification numbers (known as a 1:1 match), then costs can be kept minimal as the ID number is used to pull users' biometric data from the protected storage and then the biometric match confirms they are the person they claim to be. Similarly, the presentation of the credentials could release the biometric data directly from the card. However, in other systems, a person may simply provide one biometric identifier (fingerprint, iris or other) and the system will match this against all samples in the database. If the best match exceeds a threshold for acceptance then it is assumedthey are that person. This is called a 1:N match or a search." Compared with a one-to-one match, one-to-many comparisons are expensive.

Multifactor authentication solutions also require the appropriate enrollment or registration software to build the identity database and to manage the identities. "This software can be quite expensive also," Shane added. "We try to help customers understand that there is a continuum of solutions from relatively simple to very complex. Their budget, security concerns, regulatory requirements and consequences are all considered in guiding them to an appropriate solution."

In the case of biometric security, end users may also be worried about purchasing a third-party or bolt-on biometric system that requires two separate devices at the door and two separate software systems being used in parallel. "Another concern is the rate of technology change within biometrics today," said Philip Verner, Regional Sales Director for EMEA, CEM Systems (a Tyco Security Products company). "An emerging biometric technology today can go end-of-line within a considerably short period of time and this can make end users hesitant when choosing a biometric solution. When considering Iris technology, patent or licensing modules used can also be a significant barrier for customers."

Throughput and convenience are still issues for users. For example, a system that requires extra layers of authentication equals an extra delay for individuals trying to enter a facility or an area. "Customers want to avoid time delays or bottlenecks at the door where there is a high volume of staff throughput. Where it may not be convenient to use multifactor authentication all day, we recommend that PIN and/or biometric security be enabled during certain times, for example, at night time when the premises are closed," Verner said.

Usage Considerations
Whichever security model is chosen, the total cost of ownership is a key factor in determining the value of a solution. First of all, end users need to evaluate the cost to use and maintain a typical username and password logon security system. Weak security can result in direct and indirect costs and devastating consequences, due to leaking sensitive information and resources to unauthorized users and intruders. This is not to mention issues resulting from noncompliance to industry regulations.

When evaluating a multifactor solution as an alternative, the hardware, software, system integration, installation, deployment, maintenance and device replacement must all taken into the equation. Besides the direct costs of solution purchasing and software licensing, there can be hidden costs involved. For instance, customers might need to take into account the cost of distributing hardware: tokens, smart cards or biometric readers. Support costs must also be taken into account as there will likely be an increase of support calls after the initial deployment.

These procedures are especially critical for those who do not have a proper risk assessment, and therefore are not clear on what their most important data or assets are or where they resides.

Security only works if the end user follows the policy. Quick and convenient solutions that do not disrupt daily routines are perennial favorites. What is required from any multifactor authentication system is not only enhanced security level but also functionality.

While most corporations purchase systems based on their current needs, scalability is another important factor to consider when evaluating multifactor authentication solutions. Some multifactor authentication systems require significant management when dealing with a high number of users. For instance, tokens can become difficult and expensive to manage due to the fact that they need to be replaced every few years.

Bumpy Yet Rosy
Cost continues to be a challenge, as budgets are tight. "However, the US government is providing funding for HSPD-12 upgrades through the OMB 11-11 memorandum with a stipulation that the money must go to installing multifactor authentication solutions," Focke said.

Current industries that recognize the need for multifactor authentication solutions represent a small market for vendors. "The larger commercial market sometimes is challenged to see the ROI in multifactor authentication when all of the infrastructure costs are considered," Shane said.

The lack of awareness about such solutions requires extra effort on market education. "I think that one significant challenge is the incorrect assumption that the only viable option for multifactor authentication is a one-time password (OTP), and the belief that if the OTP option isn't suitable, there are no other alternatives. The reality is that is not true, and that there are a large number of alternatives," Lovelock said. “"we need to push past that point and educate people as to what those alternatives are, and at the same time highlighting the other key aspects of implementing authentication technologies such as, lower deployment and management costs, the enhanced level of security the technologies provide, and better usability for end users."

Despite these obstacles, the growth potential for the multifactor authentication market is substantial. Biometric readers such as fingerprint verification are gaining traction. "Some specialty applications are also coming to the forefront. For example, the health care market is looking at noncontact devices to help ensure readers remain clean and germ free. This non-contact solution utilizes iris, palm vein or facial recognition level of authentication only," Focke said.

As an expert in physical and logical access integration, HID Global predicts the proliferation of contactless device-based authentication and embedded credentials. "I think we will see technologies that grew up in the consumer space around machine profiling and device forensics being used in the corporate sector, as the consumerization of IT takes a greater foothold. I also believe that an increase in the availability of NFC-enabled devices will open up options for contactless device-based authentication," Lovelock said. "We will see growth in embedded credentials, where endpoint devices like laptops, tablets and phones will be able to securely store, and make credential readily available for use."

Also, software-based authentication solutions are emerging fast. "Because many of today's emerging use cases (e.g., employees and customers requiring secure remote access) are not conducive to legacy hardware-based authentication solutions, we believe that there will be increased demand for flexible, adaptable software-based authentication solutions."

"With increasing concerns about security and with new regulatory requirements, authentication is a growing industry. This growth has resulted in the emergence of a range of authentication solutions, including hard tokens, smart cards, biometrics, SMS text to cell phones, among others, competing in the market place," Cardell said.

How to scale access projects

Editor / Provider: Tevin Wang, a&s International | Updated: 1/18/2013 | Article type: Tech Corner

Access control is customization-intensive. The scale of a project is not only measured by the number of doors to be secured, but also the level of integration and customization required. a&s explores what role project scale plays when it comes to access integration and management.

In access control, project scale is often measured by a variety of variables, according to Harry Mai, Assistant VP of Hundure Technology. “The number of readers, the number of locations, the complexity of multilayered security, and how many subsystems are to be integrated are just some of the key factors.”

Scale can also be measured in terms of integration and customization required, echoed Oonagh Fearon, Marketing Communications Manager, CEM Systems (a Tyco International company). “A project with a small to medium number of doors may have additional requirements, such as integrations or customization, that will make it a much larger project.” Another way to define project scale is how the system is used. “When looking at small or midsized implementations, the vast majority are being utilized forensically, specifically running reports on information after the fact and searching for video,” said Eric Joseph, Solutions Engineering Manager, S2 Security. “In larger implementations, the user is usually monitoring the system in real time, and reacting accordingly to situations as they arise. The advanced integrations used by different system users are usually dictated by their application. For example, infant abduction and patient wandering integrations are very common in health care; and in the federal government space, integrating with government watch lists is usually required.”

Small Scale
Projects in this category tend to be single buildings, such as SMB/Es, residential complexes, retail outlets and elementary schools. With access control at the core, security management can include subsystems such as time and attendance/HR, logical access, intercoms, parking lots, elevator controls, intrusion alarms, visitor management and surveillance.

Ease of installation and usage is essential; cost-effectiveness is another important factor, said John Davies, MD of Time and Data Systems International (TDSi). Web-based software is an important prerequisite as well, as customers access the majority of their other business systems through the Internet, such as email, CRM and HR systems.

Low TCO is another popular requirement, said Holger Maier, PM for Security Systems, Bosch Security Systems.

“When using a fully integrated access and video system, video can be easily searched by selecting the cardholder and searching for all instances of video containing that cardholder,” Joseph said. “Most of these types of users are not very familiar with security management, so making a system easy to understand and operate is paramount,” Joseph said.

Events such as a door forced open can be attached to the associated video for quick playback, while images and associated audio from cameras are recorded and stored, said Steven Lewis, Senior PM at Tyco Security Products. Such integration provides the benefits of operational efficiency and simplicity, and removes the need for multiple servers as well as the need for separate management applications.

Delays — as a result of paper- or email-based interactions between the IT and physical security teams — are eliminated, said Ajay Jain, CEO and President, Quantum Secure. Human errors are minimized and the manual effort for assigning condition-based access is automated.

Medium Scale
Midsized projects can include several buildings on a single campus, site or complex, such as K-12 school districts, municipal governments, libraries, museums, cultural centers, factories, small hospitals, data centers and banks, encompassing systems for time and attendance/HR, logical access, intercoms, parking lots, elevator controls, intrusion alarms, visitor management, surveillance, cashless payment, library management and mass notification.

Required features for integrated access control typically include customizations, system interoperability and scalability (with basic building automation), and future-proof yet cost-effective high security. “When the operator sits down at their workstation, they expect to view access control, intrusion and video information through one single user interface,” Joseph said. “The focus of the management is information from a variety of different sources, all tied into a single application, ideally providing a central repository for running reports on all of the stored data.”

Operational efficiency, enhanced security and convenience are obvious benefits. A comprehensive platform should reduce the cost of physical security operations by offloading the process of access requisition to end users, while increasing end-user satisfaction with physical security services by providing visibility into the status of their requests, Jain said.

Large Scale
Large-scale projects cover a significant area and have the highest security needs, such as federal agencies, utility companies, oil and gas, airports and transportation, universities and research institutions, and large MNCs with multiple sites (hospitals and banks). Key features can span across time and attendance/HR, logical access (active directory and lightweight directory access protocol ), intercoms, parking lots, elevator controls, intrusion alarms, visitor management, surveillance, cashless payment, library and data management, mass notification, real-time locations, asset management, additional building management, and other vertical-specific requirements.

End users need scalable subsystems that can grow as their organization grows, as well as a well-integrated system that can be easily managed as it grows. Ease of customization, management and integration of business and building systems is a top priority for many. “Many operate on multiple sites, and their primary goal is to have all sites act autonomously, without a single point of failure,” Joseph said.

The focus of the management platform is visibility into each of the sites and locations displayed on a single application. Another priority is the overall security of the building and maximum utilization of the card, said Wei Jin Lee, Sales Director for ASEAN, HID Global (an Assa Abloy company).

“Open to third-party systems, highly customizable, reliable and robust 24/7/365 operation are common demands as well,” Maier said.

The benefits of a single solution connecting multiple sites include enhanced security, central management (SCADA, ERP and PSIM), data tracking and backup. Other advantages include multiple applications on a single card, cost and manpower reduction, operational efficiency and the avoidance of single points of failure, eliminating the manual effort involved in collecting and reporting on compliance-related data, Jain said.

Creating Opportunities
The number of devices connected to the Internet passed the 5-billion mark in 2010 and is expected to reach 22 billion by 2020, according to IMS Research (an IHS company). With the proliferation of IP-enabled smartphones, tablets, cameras, sensors and other devices, impact on physical security and IT departments in terms of network design, bandwidth optimization, and most important of all, the safety and security of an organization can be significant.

IP connectivity speeds the migration of legacy sensors and appliances to networks, highlighting the importance of physical and logical security integration. “As long as organizations treat their physical and cyber domains as separate, there is little hope of securing either one,” said Scott Borg, Director of the US Cyber Consequences Unit. "The convergence of cyber and physical security has already occurred at the technical level. It is long overdue at the organizational level."

Identity management requires modifying identity in both the physical and virtual worlds. “Synchronization of an identity between the access control management system and the logical system, whether that be AD, LDAP or some other system, is the most important aspect of the integration,” Joseph said. “It allows for the capability to limit a user's ability to log on to a system based on their physical presence and activity.”

Utilization of a single credential for both physical access into a facility as well as logical access at a workstation is usually requested, Lewis said. Integration with other business systems, such HR, student enrollment or network printers, is common as well. “For instance, the addition of access card readers on network printers allows the user-requested print job to be accessed and printed when physically at the printer. This prevents wasteful use of ink and paper and also eliminates unauthorized viewing of any document.”

Stay tuned for more development!

Midsized Spanish hospital entrusts security to IP-based system

Editor / Provider: Submitted by Merit LILIN | Updated: 1/7/2013 | Article type: Commercial Markets

The Nuestra Senora de América Hospital opened in Madrid in 1972. Since then, it has committed to providing only the best care to and safety of its patients. The continued did not go unnoticed as it was awarded Best Private Health Center in Spain, in the years of 2002, 2003, 2004 and 2005.

After several reforms and the opening of its clinic, the Nuestra Senora de América Hospital has been working hard to provide its patients its utmost attention supported by the most advanced technology applied to health care. With this, the hospital also agreed to the installation of a complete security system made up of LILIN IP cameras.

The Nuestra Senora de América hospital consists of two buildings — the hospital itself (c/Arturo Soria, 103) and the Polyclinic (c/Arturo Soria, 105). The facility has 99 single rooms, 5 floors and a basement. This “resort” of a hospital needed suitable control for the safety of its employees and patients. After testing products from several different solution providers, the security management of the hospital opted for LILIN IP cameras because of their reliability and versatility.

A total of 42 megapixel mini domes (IPD2122) were installed on all floors and at critical locations, such as stairs, doors and outside elevators. In the emergency room, two cameras were put in place for added control. One camera is used for monitoring the street entrance, and another for emergency visits. To control and monitor all the units, the hospital has a video surveillance room manned by a guard. The room has four 42-inch monitors to manage and control the cameras using the LILIN CMX software.

Thanks to LILIN's innovative security solution, the Nuestra Senora de América Hospital and its occupants now have greater peace of mind. From the cafeteria located on the ground floor, to the reception, to the four floors of patient rooms, it is now easier than ever to detect possible risks and act on incidents effectively and efficiently.

Sponsored by:
LILIN, dedicated to innovation, creativity, progress and excellence, is a global developer and provider of IP video solutions with more than 30 years of experience.