What is a Security Systems Integrator? A robbery gives some perspective.

/in , /by

By David Strickland, Vice President of Kenton Brothers

What in the world is a Security Systems Integrator?

How a robbery helped me understand the importance of a Security Systems Integrator.That is a great question and one I hope to answer with this story. Eleven years ago, I had no idea what a security integrator was either. It wasn’t until I got involved in the security industry and saw firsthand what a Security Systems Integrator was and why they’re so important to so many organizations.

First let me tell you a story about a time we got robbed…

It might surprise you to know that my first involvement with a security company was like many of you. I had an alarm system put into my business. I did my research and picked a reputable, big-name company to do the work. It was a straightforward process. I was happy with my provider and trusted that they knew what they were doing. The alarm system worked great for years.

Fifteen years later I had sold my company to a much larger organization and was working with them in a brand new, large operational center in the southeast United States. This operational center counted and stored very large amounts of cash and checks and processed them daily. Security was critically important. The large company I worked for did the same thing I had done fifteen years prior. They called a big-name company to come out and install a security system to protect their assets.

The representative from the security company was in the 30,000 sq ft building for 30 minutes. A week later, they installed 2 keypads, 4 glass break sensors, some motion detectors, 2 sets of door contacts and one siren. They also installed three cameras… One in the cash room and one at the front door.

It was a great idea to have the cameras installed.

Shooting GlassWithin the first week of opening, late at night, we were able to see a person shoot out the glass entryway of our lobby and enter the building. He ran straight to the cash room and kicked in the door. We watched him go right to the safe we had installed and enter the code. He opened the door of the safe within two minutes of entering the building. And he was on his way out carrying an armful of envelopes full of cash and checks, dropping some along the way. It was obviously a person with inside knowledge of our systems and the location of the security devices.

It turns out the alarm didn’t go off and no one was notified until 6am the next morning when the first employees arrived and saw the carnage. Our security system was not installed by a Security Systems Integrator. It was installed by a subcontractor of a national alarm company. There’s a big difference.

A Security Systems Integrator like Kenton Brothers Systems for Security would approach this building and the liability of the cash and checks in a very different way.

Using the Defense in Depth model we would have recommended a layered approach with the following considerations:

  • An exterior camera would be added to extend the perimeter and alert when there was car activity in the parking lot after operating hours
  • All doors would always be locked and require key or credential entrance
  • The alarm would arm automatically at a predetermined time
  • If the alarm did not arm or was disarmed outside of normal hours, an alert would be issued
  • The cash room door would be reinforced with a five-point door and a steel reinforced frame
  • All the codes on the safe would have been changed after install and assigned to the person opening the safe, which would require dual authentication for access
  • The intrusion system would be tied to the surveillance system. A video feed would be sent to the monitoring company to dispatch police as a verified crime in progress for priority response.

This true story seeks to point out the differences between an alarm company and a Security Systems Integrator. A Security Systems Integrator specializes in bringing independent security components together ensuring that those components function together properly to protect people, property, and possessions. These components include IP video surveillance, access control, intrusion detection, mass notification, weapons detection, analytics and more. Fully developed Security Systems Integrators are considered ‘design-build’ integrators.

Security Systems Integrators can provide the following services:

  • Security risk or needs assessments
  • Customized system engineering and design
  • Broad access to the leading manufacturers and product lines
  • Procurement, staging, installation, commissioning and training
  • Full lifecycle service and maintenance
  • System updates and operational upgrades

A Security Systems Integrator can take advantage of their unique perspective on the key ingredients for successful development of a physical security program. We like to call it the KB Advantage – utilizing over a century worth of experience and wisdom to assess, design, engineer, install, commission, train and maintain a remarkable physical security system.

If you want to know more about how we can help you develop a layered security approach for your organization, please give us a call.

Are you running up your Security Debt?

/in , , /by

By David Strickland, Vice President of Kenton Brothers

Security DebtOver the last 10 years, companies, schools, churches and local government entities have invested billions of dollars in improving physical security to reduce risk and keep their people, property and possessions safe. As crime has increased, security directors and those responsible for security have done their best to meet the challenge and adapt to the threat levels they face.

With the increased speed of technology advancements, the sophistication of criminals evolving and the reduction of qualified workforce to run and maintain the physical security equipment, organizations find themselves getting deeper and deeper into ‘Security Debt”.

Security Debt: The inability to maintain and service existing physical security systems to their proper functioning standard.

Security Debt begins with smaller things like not acknowledging alarms and alerts in the access control system. Or maybe your organization hasn’t had the normal lobby guard back since the pandemic. Maybe your organization has skipped the last few camera cleaning trips around the building because there isn’t enough time to get to it this month. Sometimes it’s a policy or procedure that no longer is followed like inspecting and locking the doors when school starts.

The good and bad news is that you’re not alone. Organizations just like yours are facing the same struggles. The Security Debt piles up month after month.

Security Debt vs the US Debt Calculator

A snapshot of the realtime US Debt Clock. For an updated view, please visit https://www.usdebtclock.org.

The biggest issue with Security Debt is that it won’t go away on its own. Just like credit card debt that millions of people have, Security Debt gets bigger every month when we don’t actively manage it. The interest compounds and we press against the debt ceiling hoping we don’t have an emergency that exposes our liability. This emergency might appear as a system failure, a missed internal theft or a major life altering event.

An estimated 81% of physical security systems are not currently up to date with firmware and software updates.

Just like financial debt, you must make a plan to get out of Security Debt.

Here are our suggestions on how your organization can get out of Security Debt:

Make a Plan – Yes, I know we just said that, but it’s worth repeating.

  • Bring together the key shareholders in your organization and document the Security Debt you are acquiring.
    • What physical security systems do you have deployed? (Access control, IP video surveillance, intrusion detection, duress systems, mass notification, lobby and guest management, weapons detection, physical security guards, perimeter fencing, parking control.)
    • What type of maintenance and upkeep do these systems need to be kept in optimal operating status? (Cleaning, adjustments, firmware and software updates, alarm and signal maintenance, periodic testing, inspections.)
    • What are your resources to complete the maintenance and upkeep lined out above?
  • Create a timeline and responsibility matrix
    • Who is responsible for what task and by what date?
    • What resources are needed? (Budget, People, Contractors)
  • Change your policies and procedures to match the current business environment
    • Automating the lobby so that a guard is not necessary
    • Changing locks to always be locked and unlocking only when passing through
    • Outsource your ongoing system support
  • Report back progress monthly
    • It’s important to close the loop
    • Reprioritize if necessary
    • Share best practices

Security DebtOne of the best ways to get rid of this debt is to outsource the maintenance and support of your systems. Establishing a relationship with a trusted security partner such as Kenton Brothers Systems for Security is something we would love to talk with you about. Think of us as a fractional Chief Security Officer. Kenton Brothers has manufacturer trained personnel to help maintain your investment as well as manage your daily alarms, annual firmware upgrades and ongoing operating system updates. We have certified physical security experts on staff that can help create policy and procedures for your specific situation.

You have other things to concentrate on. Let Kenton Brothers Systems for Security help you get rid of your “Security Debt”. Let’s talk!

How secure is your access control platform?

/in , /by

By Courtney Emra, Lead Customer Service/Sales Assistant at Kenton Brothers

Gallagher - Award WinningWe all know that the perfect security solution doesn’t exist. But we must always do our best to provide strong security for our people, property, and possessions. Did you know that in just 60 seconds, a simple $10 device is able to copy unattended, lost, or stolen key cards? This effectively leaves a wide open door for hackers to enter your company, systems, etc.

Gallagher has won several awards for their cyber security solutions. They perform various testing procedures and public information regarding these tests can be found on CVE. Included in those resources, they also have a free Security Health Check tool that helps you understand and identify weaknesses within your system, hardware and even users.

Let’s take a look at “The Four Horsemen of a Security Breach” from Corey Russell, a System Engineer with Gallagher.

1. Network

It doesn’t matter how much you’ve spent on your system if you leave it wide open for people to find on the internet. The system itself is solid, but if your access control is out there, there’s a good chance some usernames and passwords wouldn’t be hard to come by. Secure your networks, keep them up to date, and make sure you have email phishing training; your IT admin will thank you. If at all possible, take your access control system to a private network. Seclude it on its own island like Tom Hanks in ‘Cast Away’.

2. Hardware

Gallagher - Award WinningSo, you have your network secure? Great! Now what kind of hardware are you using? Something as simple as a plunger switch on a cabinet can be bypassed and let someone short the lock to the back door. Do your cameras still use ‘username’ and ‘password’ for the login? Did you put resistors in line with the reader you hung on the wall? Lastly, did you leave the keys in the cabinet lock because Steve keeps losing them? Get Steve a retractable key chain and make sure your hardware is as secure as your network.

3. Software

With our network secure and our hardware locked down, let’s talk software. We need to make sure we have complex passwords and, no, ‘P@ssw0rd’ is not a secure password. Make sure software is kept up to date. Look to use a platform that puts security first and offers additional tools to secure your network and hardware.

4. People

How secure is your access control system?This one is the hardest. People are predictable… until they’re not. Training staff and enforcing policies can be difficult. That’s why having a system that can help you mitigate the exposures people are sure to cause is a must.

Gallagher offers something called competencies which restrict people from even entering certain areas without valid, up to date certification on their record. Out of the box you can utilize broadcast notifications to get important messaging out to everyone with a push of a button, control how many people can be in one area, or how long any person can stay in that area. Track assets utilizing the readers already on the wall. The list goes on and on. Can your current security platform do that?

Now that you have a pretty good understanding of what’s happening in the threat landscape, do you still feel confident in your current system? We would love to do a commercial security audit of your system and help you plug any holes we find. Just give us a call!

Finally! A commercial security solution built for small to medium sized businesses.

/in , , /by

By Neal Bellamy, IT Director at Kenton Brothers

Gallagher SMB ProductsAccess Control systems seem to be designed for 2 scenarios. Either they’re designed for hundreds of doors with a very large feature set or 1-2 doors with very few features. And finally… an access control vendor has entered the space with a product that fills the gap. Gallagher has introduced their “SMB” line.

The Gallagher SMB Line of Products

The Gallagher SMB line uses many components of their enterprise line. They’ve kept a few of their enterprise features, and added a lot more to make their products easier to use and manage with just a smartphone. Let’s dive into the features.

The SMB line has many features, just like its big brothers. The system combines access control and intrusion detection capabilities, just like their enterprise line. Although the panels are designated for the SMB line, the same architecture is used. This makes it versatile in the field. The system also uses smart fobs and Bluetooth credentials just like its big brother.

Resource: Gallagher’s SMB Solution Brochure

The SMB line adds many convenience features that are necessary for the SMB space.

First, the system is server-less and connected to the cloud. This means that you don’t have another server to maintain and can access the system from anywhere you have internet access.

The system updates itself. You will always have the latest features and security fixes. Since it is cloud-connected, you can add and remove people and credentials from your mobile phone. You can also check to see if the system is armed and arm or disarm it from your mobile device.

Imagine being at a conference across the country and being able to arm your intrusion system in the middle of the night, because an employee forgot to do so when they left the premises. If you need to send a friend to check on your business, you can add them as an authorized person and assign a Bluetooth credential for instant access.

Multiple sites can be managed from one mobile app. This allows you to have multiple stores or locations that can be managed with one app and accessed through one fob or mobile credential. Speaking of Bluetooth credentials, an unlimited number of them come packaged with the system.

Case Studies: Kāwhia Primary School, Huntly College Old Boys Rugby Football Club, Hamilton City Gymnastics,  and Chesters Plumbing.

The Gallagher SMB line also offers options to only pay for what you need.

The intrusion system, by default, is self-monitored. This means that you get alerts through your mobile app and you decide if there is a real threat and call the police if necessary. However, if you want an option to have the system professionally monitored, that’s also an option. Access control can be licensed for 1-4 doors, 5-8 doors, or 9-10 doors per site, which allows you to size the system appropriately for your needs. The system has options for accessing the internet through the network, Wi-Fi, or even 4/5G cellular connections.

Kenton Brothers has already deployed the Gallagher SMB solution with great results.

The Gallagher SMB Solution fills the gap in security offerings between a single door at a single site and hundreds of doors at multiple sites. If you would like to increase your security while having a system that’s simple to manage without breaking the bank, give us a call. We would love to talk with you to see if the Gallagher SMB Line is the right answer for your commercial security needs.

Top 5 ways to keep your school, business or organization secure and ready for emergencies.

/in , /by

Convenience and SecurityBy David Strickland, Vice President of Kenton Brothers

With the recent events in Uvalde, we are reminded again how critical security systems are and the role they play in protecting people, property and possessions. In Part 1 of Convenience vs. Security, we discussed some of the missteps at Robb Elementary and how those choices led to loss of life. In this blog, we will be discussing 5 things you can do today to help reduce risk in your school, business or organization.

1. Have your local law enforcement agency or trusted certified security partner conduct a thorough physical security site assessment.

This physical sight survey is part of an open and honest conversation. A thorough all-hazard threat, vulnerability, and risk assessment will take some time and involve all stakeholders or a representative from each group (Students, Staff, Administration, HR, IT, Parents, Legislatures) the more people involved the better. This assessment will review policies and procedures as well as identify the physical security components that make up your organization’s campus or grounds. It will highlight your current situation and the risks that you face. It will help you understand the common language used by industry professionals to describe risk levels and the mitigation techniques to overcome them.

Convenience and SecurityThis assessment is critical for your organization to understand where it is today and where it needs to be tomorrow.
Many times these assessments can be provided for free from local law enforcement, DHS field agents or Security Partners like Kenton Brothers Systems for Security. It’s important to ask your partners about their certifications. Cost should not be a barrier. (Please call us for support.)

If you’re reading this and think you should take a crack at your assessment first; the Department of homeland Security and CISA have created an online assessment tool for you. You can find it here: https://www.cisa.gov/school-security-assessment-tool

2. Create an Emergency Plan based on the things you learned from your security assessment.

Once your assessment is finished, you will have a clear view of your physical space, the policies and procedures in place, and the risks you face with both. We encourage you to create an emergency plan, taking into consideration the items you’ve learned. This plan will cover all risks and scenarios you may face in the next year. We say year because this should be reviewed annually and adjustments made.

FEMA has created some very good tools to get you started. You can access them here:
https://training.fema.gov/programs/emischool/el361toolkit/siteindex.htm

They have also published a sample plan that will give you a template to follow. You can find that here:
https://training.fema.gov/programs/emischool/el361toolkit/assets/sampleplan.pdf

Convenience and SecurityAction items might include adopting new physical security measures or improving the capacity of existing measures to detect, delay, and respond to threats across various layers of the school campus.

Plans could specify the need to provide staff with communications equipment, create policies to improve responses to safety incidents and training staff on these policies, or conduct refresher trainings so that staff and students are aware of how they should respond if and when an incident is detected.

If a school has identified in the vulnerability analysis that it lacks measures to enable quick response from first responders in case of an emergency, a plan might specify what additional measures could be in place to speed that response. The goal with the plan is to ensure consistent application of security throughout the entire campus or organization.

3. Conduct drills and monthly tests of the components in your security system.

Create a culture of preparedness among faculty, staff and students by consistently drilling each of the critical hazard responses. Fire Drills, Active Shooter Drills, Tornado, Flood, etc. Providing emergency preparedness training to team members faculty, staff and students keeps top of mind awareness. It also helps keep all layers of your organization informed. It will help you see where you need to improve and adjust your plan.

Additionally, we recommend that you test all of your access control, IP video surveillance, intrusion detection, panic devices and mass notification systems monthly to insure proper working order. We also recommend that these components are cleaned and maintained on a quarterly basis. They should have their firmware and software updated at least annually as well as with any major updates recommended by the manufacturer. Your physical security provider should be meeting with your IT department regularly (twice a year) to discuss cyber security of the physical security network to mitigate cyber threats.

Drilling, maintenance, upkeep and adjustments are critical to the successful deployment of your security plan.

Convenience and Security

4. Make snap inspections of your physical grounds at least once a month.

People respect what is inspected. Security staff or designated personnel and a member of executive or administrative level team members should conduct walk around inspections of policy and procedures on a random, but consistent basis.

Leadership should ask the following questions:

  • Is my perimeter secure?
  • Is my building secure?
  • Are doors being propped open or forced open during school hours?
  • Will our system warn us when these activities are happening?
  • Who monitors the alarms that are generated when these events happen?
  • What is our policy to respond to those alarms?
  • Are all of my cameras running and recording high quality images?
  • Have I verified how many days my recordings are saved?
  • Are my cameras dirty? (At night dirt will reflect infrared light back at the lens.)
  • Are all my classroom doors locked?
  • Are all the emergency exits clear and unobstructed?
  • Do my panic buttons work?
  • Does my mass notification system work?

There are many more items we could add to this list depending on your specific scenario.

5. Partner with your local law enforcement and mental health professionals to increase awareness and outreach.

One of the sad statistics that we’ve learned over the last several years is that school or workplace violence tends to be committed by people we know. Law enforcement and mental health professionals in your area are valuable resources for assessing threat levels in human behavior. We recommend an ongoing meeting with these resources in the hopes of prevention.

One of my favorite school administration teams meets with local law enforcement, school counselors and parents to actively engage in discussions around supporting at risk youth. They call their group the “A team” and they have been very effective. By engaging early and being intentional in their support, they’ve created strong relationships with the youth, parents and teachers in their organization. The A Team has opened up communication and thwarted violent behavior before it starts.

The goal of this blog is to give you tangible steps to help you create a secure environment for your team members, students, staff, teachers, parents or customers so that they feel safe and able to thrive. If you need help going down this path, please give us a call and we will walk the path with you.