Golden Valley Memorial Healthcare Swaps the Hassle of Keys and Manual Access Changes for Unified Access Management

/in , , , /by

Golden Valley Memorial Healthcare LogoGolden Valley Memorial Healthcare (GVMH) is a leading rural healthcare organization dedicated to providing compassionate, friendly, quality care for patients close to home.

GVMH gives its rural communities convenient access to highly trained medical specialists who provide a full range of services, including specialized areas such as cardiology, oncology, ophthalmology and more. GVMH also has a high-tech 56-bed hospital, a 24/7 emergency department, four multi-specialty physician clinics, an outpatient clinic and a cancer center.

Focused on serving rural populations, GVMH operates a main campus in Clinton, Missouri. They also operate nine satellite healthcare facilities located in Windsor, Warsaw and Osceola, Missouri.

On any given day, they are processing thousands of employees and patients moving throughout their campuses and inside their facilities.

The Problem: A Cumbersome, Offline System

Though located in rural communities, GVMH experiences the same challenges as larger healthcare campuses in urban areas. On any given day, thousands of personnel are moving through their facility requiring multiple tiers of access. Patients must be kept safe and visitor tracking must be managed at all times. Finally, critical equipment and pharmaceuticals require highly regulated protocols.

Prior to 2019, GVMH’s access control operated offline, so whenever a key or credential was lost or needed to be changed to prevent unauthorized access, it had to be done onsite. Performing access changes this way took time and resources. Considering the number of times an access point has to be changed in any given month, it became clear they could reallocate their investment to a more streamlined and more secure solution.

The Solution: Network Security to Manage Multiple Locations

Kenton Brothers deployed an access control system in GVMH’s main building in Clinton and in all satellite clinics to standardize all access points. The access control system is IP-based, providing a unified management and administration experience through mobile apps and flexible architecture. Should GVMH expand, its access control solution expands with it.

Now, instead of rekeying or changing credential access at the location site, GVMH’s administrators can remotely cancel a credential/badge at any building from one location.

Unified access control is phase one of GVMH’s long-term plan. Phase two will tackle the organization’s intrusion system. Like access control, GVMH’s intrusion alert system will be consistent across all locations and on one platform to consolidate security vendors and result in measurable resource and cost savings.

To learn more about access control systems for your organization, please give us a call.

National Account with 600 Sites in 15 Weeks? Check.

/in , , /by

By Ryan Kaullen, Field Services Manager at Kenton Brothers

Kenton Brothers Systems for Security, in its 124th year of existence, has seen projects of every size across most industries. We really thrive taking on the unusual, the time sensitive, and challenging projects across regions/states. This is a common situation when we’re working with some of our national accounts.

One such project that covered all of these aspects was a recent install at over 600 sites for a major utility company in the Midwest.

The scope of the project was to install locking hardware and specialty electronic hardware (eCylinders/ePadlocks) across the customer’s list of sites. This was a complex project involving lots of variables. These included timeframe, hardware needed, and the geographical locations of these sites. A lot of planning went into this project to evaluate requirements and determine the best course of action with limited information.

CLIQ Connect CLIQ Connect

Timeframe

Medeco | Assa AbloyThe timeline for this project was a total of 15 weeks. This meant we would be doing installations at roughly 43 sites per week. One of the requirements of this project was to meet a federally mandated deadline. This required us to plan the best routes possible to ensure our technicians were as efficient as possible.

We accomplished this using route planning software based on addresses and GPS coordinates. This was a crucial step to ensuring we would hit our deadlines.

The result? Kenton Brothers completed this project over a week early.

CLIQ Connect

Material

The tricky part about material for this project is that we couldn’t easily plan ahead for the amount of hardware that would be needed at each location.

Before the start of the project, we visited 7 sites and created hardware lists to cover the different scenarios we found. The goal was to make sure our technicians didn’t have to make return trips for materials.

We were also installing security cylinders known as eCylinders or ePadlocks. They provide access just like an access control system. If you have the correct key, you’re allowed access. If you don’t, the cylinder or padlock stays locked. This is for auditing capabilities of who went into the site and at what time. This product and solution met the industry specified regulatory requirements for remote sites.

Locations

Project LocationsThe locations ranged from being in major cities to farmer’s cow pastures.

We provided our technicians aerial views of all of the sites. This helped them verify they were at the right place and what to expect getting into the area. This played a vital role in our completion date. We were able to plan routes based on those views and we could see the access points.

This complex project was a fast-paced, time sensitive, and complex project that required an attention to detail. Every site required work detail reports with specific information, specific billing was required to meet our customer’s needs, and technicians with outstanding craftsmanship were needed to accomplish the project goals.

We are proud that we were able to provide one of our national accounts customers this commercial security solution. And it was a big win to deliver a week ahead of schedule. Do you have large commercial security projects that require attention to detail, multiple sites, and a team who can get the work done? If so, give Kenton Brothers a call. We’ll make your life easier!

Precision Livestock Farming: Boehringer Ingelheim ushers in a time of transformational change.

/in , , /by

By Gina Stuelke, CEO of Kenton Brothers

Boehringer Ingelheim Animal Health LogoBoehringer Ingelheim Animal Health in St. Joseph, Missouri has partnered with Kenton Brothers to provide state of the art identity and access management and commercial video surveillance technologies to protect their people, property and possessions. Not only does BI see the importance of putting security technology in their buildings… they invest heavily on the power of technology to keep animals healthy and help farmers increase efficiency.

In several pig barns, crews will install high-tech microphones that hint of things to come.

Precision Livestock FarmingThe microphones form a key part of a digital monitoring tool that records the sounds that pigs make 24 hours a day, 7 days a week. It relies on an algorithm to detect changes in swine coughing patterns before most human ears hear them. The system sends an alert to an app on a farmer’s phone or to their computer when it detects signs of respiratory distress.

Early detection of increased coughing in swine lets farmers and veterinarians collect samples and get a diagnosis more quickly, potentially improving the health of sick pigs and limiting the risk of exposure to nearby animals. That could boost a producer’s bottom line in an industry where respiratory and other diseases claim an untold number of pigs and cost hundreds of millions of dollars a year.

This innovation is just one part of a larger Boehringer Ingelheim commitment to take advantage of rapid technological change to offer diagnostic and monitoring solutions that help livestock and pets and the people who own and care for them.

‘It’s all about the data’—the quicker you receive the information, the faster you can treat the problem and have less negative impact on the animal and industry as a whole.

Pet Wearables

Precision Livestock FarmingIn animal health, the spread of new technologies has given rise to smart devices for dogs and cats and precision livestock farming, which holds the potential to optimize operations and improve animal wellbeing. The market for pet wearables alone will reach a few billion dollars in the next few years, analysts have said.

Sensors attached to and located around livestock, coupled with the power of algorithms to detect patterns in reams of data, have the potential to provide actionable items that save time and money.

Missouri Jail Administrators: Hard working, Professional and Committed

/in , , , /by

Missouri Sheriffs and Jail administrators came together in October. They’re passionate about the securing county detention centers!

Read more

Secure Credentials: Access Cards, Biometrics, Multi-Factor and Mobile

/in , /by

By Neal Bellamy, IT Director at Kenton Brothers

A couple of months ago, we talked about higher levels of security and Multi-Factor authentication for your computers and servers. Today, I’d like to bring that discussion back to Commercial Access Control.

Cards and Fobs are the number one method of gaining access to your building.

Card and fobs identify the “cardholder” with a string of bits (ones and zeros). Those bits are broken down to a “Facility Code” and a “Card Number”. The facility code is used to group the cards together or designate that card belongs to a certain building. Additionally, the cards weren’t originally encrypted, meaning that if you had the right technology, you could read any access card.

Even worse, on the common 26-bit access cards, there are only 256 unique facility codes and 65,536 unique card numbers. I’m pretty sure there are more than 256 companies using commercial access control. I don’t want to spend a lot of time talking about old technology… but I implore you: If you’re using true proximity cards (there are a lot of you out there), come talk with us about using an encrypted card that can’t be easily duplicated!

Okay, so if most cards aren’t that secure, how do we make things better?

Step 1: Encrypt the card

Secure CredentialsEncryption for the cards and readers has been around for a while. As an example, HID iClass was introduced in 2002. The general premise is that the card is encrypted with a Public Key Infrastructure or PKI. Then the reader is loaded with the matching key. When the card is presented, the reader decrypts the credential and gives the access control system the unencrypted credential number. This number can still just be the same 26 bits as above, but only a reader with a matching key can read the credential.

Several technologies use encryption as a base layer of protection including HID iClass, Mifare, and FeliCA. There are several variations for each type.

Step 2: Increase the “uniqueness” of the card

Now we have a card that can’t be read by every reader in the world. However, there is still a good chance, with only 26 bits, that the exact sequence of bits exists on another card somewhere. The answer is simple… increase the number of bits. For every bit you add, you increase the possible card numbers by a power of 2. (16 bits = 65,535 possibilities, 17 bits = 131,072.)

The common 37-bit format allows for 65,536 facilities (16 bits) and 524,288 cardholders (19 bits). Although 37-bits allow for more variation in the sequence, there is still a chance of overlap. An even better solution is where your “Facility code” is registered and can never be duplicated.

Several Card manufacturers offer a program where your facility code is guaranteed to be unique. HID corporate 1000 is one such offering, Gallagher does this by default.

Biometrics

Secure CredentialsAnother strategy for creating a unique card is to not use a card at all. Biometrics fall into this category.

The premise is that by providing a “reader” that reads a unique feature of a person and then sends the 1s and 0s to the access control system, the credential can be duplicated when all those things are combined in the right order. Hand scanners, fingerprint readers, vein readers, iris scanners, and facial recognition all fall into this category.

Biometric readers solve or circumvent many of the issues above. No encryption is needed between the credential (the person being read) and the reader because a person can’t be duplicated. The systems can even tell twins apart.

The downside to biometrics has been ease of use. Biometric systems require enrollment to create and store the “credential”. Early adopters also faced a reliability issue where the biometric was not recognized even is it was the right person. This false negative issue has mostly been resolved. With the right biometric system in place, I would argue that it is better than any card based system. It cannot be reasonably duplicated and cannot be lost or shared.

If we decide that we don’t want to use biometrics, we at least have a card that’s encrypted and probably (or guaranteed) unique. However, we still just have one form of authentication. If your card gets lost or stolen, someone has access to your facility until you can get it disabled. That’s where multi-factor authentication comes in.

Step 3: Multi-factor authentication

The multi-factor comes in many flavors. The oldest is “pin and prox” (The prox part can and should be encrypted and unique), where the person presents the credential and then enters a PIN on the reader. Biometrics can also be used as a second form of authentication. The user presents their credential and then presets their biometric. This form of biometric makes biometric even more secure than biometrics alone. Instead of the biometric matching anyone in the database, it has to match the same person that presented the card. Dual factor authentication doesn’t have to be on every door in your facility. It could be used for the exterior doors only, highly sensitive doors only, or any combination.

So far, we haven’t talked about the latest tech in credentials, which is using your phone as a card.

Secure Credentials

Using Your Phone as a Card

Multiple vendors offer a “mobile” Credential, but they all work similarly. An application on your phone receives an encrypted package that identifies who you are. When you present your phone to the reader, it sends the 1s and 0s to the access control. If this sounds exactly like a unique encrypted card… it is.

As an administrator, you can enforce the application to require a second form of authentication (Pin, Fingerprint, Face) in order to send the credential to the reader. Now you have a uniquely encrypted credential with two-factor authentication, without the headache of enrolling users in a biometric database. Mobile credentials aren’t compatible with all systems, and some systems offer easier management of mobile credentials than others. That said, mobile credentials are going to be the next wave of authentication. They provide ease of use and high security in a single package.

Want to know more? Give us a call!