Anti-Passback and Anti-Tailgating: Do you know who is in your building?

By Neal Bellamy, IT Director at Kenton Brothers

Do you know who is in your building? Do you know where everyone is located when they are in your building?

To help companies answer these questions, we use access control solutions. (As the name implies, these solutions control access to buildings.) When configuring these systems, we decide which people get into the building, which doors they can use and the times that they are able to open the door. Access cards are a key component of these systems.

Access Card Skimming Devices

Anti-Passback and Anti-TailgatingThere are reasons why you might want to increase security or safety by adding more features to your current access control system. Why? Copying and emulating an access card has become easier, due to new technology like a flipper zero and other skimming devices.

The best defense against copying a card is to use a card technology that has not yet been hacked. You also need to use encrypted communication between the reader and the control panel. (Both have been talked about before in my previous blogs). However, sometimes the upgrade path can take a long time to implement and/or be expensive depending on how large your system is and how old it is. Another way to guard against skimmers might be to ensure a card has only been used once to gain entry.

Anti-Passback

Anti-Passback and Anti-TailgatingAnti-passback is the access control term when we want to prevent someone from entering a door and then passing back the card to another person, who then uses the card to enter. Most access control systems have that technology available. When this feature is enabled, you also know when a person is leaving the area. If you know when they are in the area and you know when they leave an area, then you also know where they shouldn’t appear in the building. In other words, if the cardholder is already in the building, you should not grant access to the building again.

The reason an employee might try to get into the building again is because they loaned their card out, or because it was copied. Anti-Passback also provides more safety. If an emergency happens, you also know who was in the building or area at the time of the event. If you don’t have Anti-Passback enabled, you might know that a person came in that morning, but would not know that they left for lunch or an appointment during a specific timeframe.

To build on this example, imagine a multi-building company or a company located across multiple cities. If someone badged into the downtown campus and has not badged out, then they can’t possibly be at the uptown office. If they were in the New York office at 8am, there is no way they could be badging into the L.A. office at 9am.

Anti-Tailgating

You can also define areas within areas. You might have a building perimeter, then a lab inside, and maybe even a hazardous storage area inside the lab. You can set the rules so that they cannot enter the storage area unless they are in the lab first; You can’t enter the lab until they are in the building; and so on. (This technically is called Anti-Tailgating, but goes hand-in-hand with Anti-Passback.)

There are a few reasons you might want to know in real-time who is in your building. Anti-Passback and Anti-Tailgating can improve security by only allowing one person to be in one place, improve safety by knowing that someone was in the building during an emergency, and even help you understand where in the building someone is located.

We are experts at solving hard problems, if you have a unique situation, please let us help.

Commercial Security: Redundancy Servers and Why They Matter

By Ryan Kaullen, Field Services Manager at Kenton Brothers

Commercial Security: Redundancy Servers and Why They MatterRedundancy servers are put in place to keep things up and running in the event of a hardware failure. The engineering definition of redundancy is, “the inclusion of extra components which are not strictly necessary to functioning, in case of failure in other components.”

Redundancy servers can be put in place for access control systems and commercial video surveillance systems. There are also a couple of types of redundancy server options called “hot” and “cold”. In this blog, we will talk about these types and options and how they work to make your commercial security system more resilient.

Access Control Redundancy Server

Access control systems already have some redundancy built into them. The door controllers have on board memory, so they will continue to operate even if the main server fails. However, any changes that would need to be made to the card holders or door schedules in the event the main server fails can’t happen until the server is repaired. This is where a redundancy server for the access control system comes into play.  Depending on if you have a hot or cold redundancy server (we will discuss the differences later in this article) you will see either a shortened down time or almost no down time.

Commercial Video Surveillance System Redundancy Server

Commercial Security: Redundancy Servers and Why They MatterCommercial video surveillance systems rarely have server redundancy. If a server fails, the cameras will no longer be recording. Some management systems have capabilities for server failover built into the software. Unlike with an access control redundancy server where you have the hot or cold option, a video redundancy is likely going to be a hot redundancy server. If the initial server goes down, the redundancy server starts recording the video streams. Obviously, the big win in this scenario is that you mitigate the risk of lost video when you have a hardware failure at the worst possible time (when a security event is happening).

Hot and Cold Redundancy Server Options

A “Hot” redundancy server is one that runs in parallel with the main server. If the main server goes down, the redundancy server immediately picks up when the other one failed. This is usually a more expensive option as there can be more licenses, hardware, and integration needed so that it is running in parallel. The major pro here is that failover times are measured in milliseconds and after the initial set up requires no intervention from an IT team.

Commercial Security: Redundancy Servers and Why They MatterA “Cold” redundancy server is one that is set up and has the systems already installed, but is not running in parallel. While it is ready to be put into production if the main server fails, there is some setup that has to occur. At minimum, restoring services requires booting up the redundancy server. However, other requirements might include installing the latest backup of card holders, schedules, routing all devices to the new server, getting the IT team and daily operations team involved. While all of those things are happening, the primary server is down. No changes to the configuration can be applied across an access control system and no video streams are being recorded until the cold redundancy server is brought online.

Having back-ups in place for any commercial security system is critical. Redundancy servers play a huge role in making that a reality. Our security consultants will work with your organization to help you identify the right redundancy server option for your facility. If you would like to know more, please reach out to us today to start a discussion on how to provide redundancy for your systems.

Enhancing Physical Security with Kenton Brothers Systems for Security CSEIP Certified Engineers

By David Strickland, Vice President of Kenton Brothers

CSEIP Certified EngineersFederal Agencies are continuously seeking robust solutions to safeguard their assets and personnel. Physical security plays a pivotal role in this endeavor, encompassing a range of measures to Protect People Property and Possessions from unauthorized access or harm. Among these measures, Identity, Credential, and Access Management (ICAM) systems integrated with Physical Access Control Systems (PACS) have emerged as a cornerstone for ensuring comprehensive security solutions. In this blog, we delve into the significance of having Certified Security Engineer Identity Professional (CSEIP) certified engineers managing ICAM PACS and explore real-world use cases across government agencies.

Understanding ICAM PACS:

ICAM PACS integrates physical access control with identity management, enabling organizations to efficiently manage and control access to their facilities. These systems authenticate and authorize individuals based on their credentials, ensuring that only authorized personnel can enter designated areas. ICAM PACS solutions often encompass a variety of technologies such as smart cards, biometrics, and multi-factor authentication, providing layers of security to mitigate risks effectively.

Benefits of CSEIP Certified Engineers:

CSEIP Certified EngineersCSEIP certification is a testament to an engineer’s expertise in designing, installing, and maintaining advanced security systems, including ICAM PACS. Expertise in ICAM PACS Integration: CSEIP certified engineers possess in-depth knowledge of ICAM PACS technologies and standards, ensuring seamless integration with existing security infrastructure. Their expertise enables organizations to optimize system performance while maintaining compliance with regulatory requirements.

By leveraging the expertise of CSEIP certified engineers, organizations can implement robust security measures tailored to their specific needs. From designing access control policies to configuring authentication mechanisms, these professionals ensure that security vulnerabilities are effectively addressed, bolstering overall protection.

With CSEIP certified engineers leading the way, organizations can mitigate the risk of security breaches and unauthorized access attempts. These experts implement industry best practices and deploy advanced security features to fortify ICAM PACS against evolving threats, safeguarding critical assets and sensitive information.

CSEIP certified engineers possess the skills to diagnose and resolve issues promptly, minimizing downtime and ensuring uninterrupted security operations. Their proactive approach to maintenance helps organizations identify potential vulnerabilities early on, preempting security risks before they escalate.

Use Case Scenarios:

Let’s explore how government agencies can benefit from having CSEIP certified engineers managing ICAM PACS:

Department of Defense (DoD):

CSEIP Certified EngineersThe Department of Defense operates a vast network of facilities and installations worldwide, each requiring stringent access control measures to safeguard classified information and sensitive equipment. By employing CSEIP certified engineers to manage ICAM PACS, the DoD ensures that only authorized personnel gain access to restricted areas. These professionals design and implement multifactor authentication systems, incorporating biometric verification and smart card technology to enhance security while streamlining access for authorized personnel.

Federal Bureau of Investigation (FBI):

As the principal federal law enforcement agency, the FBI relies on robust security protocols to protect its headquarters, field offices, and forensic laboratories. CSEIP certified engineers play a crucial role in designing and maintaining ICAM PACS solutions tailored to the FBI’s specific security requirements. By deploying advanced authentication mechanisms and intrusion detection systems, these professionals help safeguard sensitive investigative materials and ensure the integrity of the agency’s operations.

Department of Homeland Security (DHS):

The Department of Homeland Security oversees critical infrastructure and coordinates efforts to protect the nation from security threats. CSEIP certified engineers support DHS initiatives by implementing comprehensive ICAM PACS solutions across various agencies and facilities. These experts collaborate with stakeholders to design access control policies aligned with DHS mandates, enhancing situational awareness and emergency response capabilities.

By entrusting ICAM PACS management to CSEIP certified engineers, organizations can reap the benefits of enhanced security, reduced risk, and streamlined operations. As demonstrated through real-world use cases in government agencies, the expertise of CSEIP certified engineers is indispensable in safeguarding critical assets and ensuring the integrity of physical security systems.

Kenton Brothers Systems for Security is proud to offer our services to our Federal Agency partners.
Please give us a call today to see how we can help support your organization!

Physical Security Defense by Design: 10 things you should be doing today!

By David Strickland, Vice President of Kenton Brothers

With a tremendous focus on Cybersecurity right now, many organizations are investing substantial resources in protecting their digital assets from online threats. However, amidst the ever-evolving landscape of security risks, the significance of physical security and it’s role in a holistic approach to protecting people property and possessions should not be underestimated.

A robust physical security plan, employing the principle of defense by design, can fortify businesses against a myriad of threats, ranging from cybersecurity threats, theft and vandalism to unauthorized access and violence in the workplace. In this blog, we’ll explore how businesses can see substantial benefits by implementing a proper physical security plan centered around defense by design.

Understanding Defense by Design

Defense by DesignDefense by design is a proactive approach to security that involves integrating security measures into the design and architecture of a physical space from the very beginning. Rather than treating security as an afterthought, it becomes an integral part of the overall design process. This approach aims to create layers of security that deter, delay, and ultimately thwart potential threats, providing businesses with a comprehensive defense strategy.

One of the primary benefits of adopting defense by design principles in physical security planning is the enhanced protection it offers against various threats. By strategically incorporating barriers, access controls, surveillance systems, and other security features into the layout of a facility, businesses can significantly reduce the likelihood of unauthorized access, theft, or vandalism.

For instance, installing perimeter fencing, access gates with electronic locks, and surveillance cameras can create a formidable first line of defense against intruders. Additionally, implementing measures such as biometric access controls, motion sensors, and alarm systems further reinforce security layers, making it increasingly difficult for unauthorized individuals to breach the premises undetected.

Mitigation of Risks and Liabilities

Effective physical security not only safeguards assets but also helps mitigate risks and liabilities associated with security breaches. Businesses operating in industries handling sensitive information, valuable assets, or high-risk materials are particularly vulnerable to potential threats. A robust physical security plan reduces the likelihood of security incidents, thereby minimizing the risk of theft, property damage, or regulatory non-compliance.

Moreover, in the event of a security breach, having comprehensive security measures in place can demonstrate due diligence on the part of the business, potentially mitigating legal liabilities and financial losses. By investing in defense by design, businesses not only protect their assets but also safeguard their reputation and maintain trust with stakeholders.

Safeguarding Personnel and Assets

In addition to protecting physical assets, a well-executed physical security plan prioritizes the safety and well-being of personnel. Employees are vital assets to any business, and ensuring their safety within the workplace is paramount. By implementing measures such as access control systems, emergency response protocols, and secure areas for sensitive operations, businesses create a secure environment that fosters employee confidence and productivity.

Furthermore, defense by design principles extend beyond the protection of physical assets to safeguarding intellectual property and confidential information. Secure storage facilities, restricted access areas, and surveillance systems help prevent unauthorized access to sensitive data, reducing the risk of intellectual property theft or corporate espionage.

Cost-Efficiency and Long-Term Sustainability

While implementing a comprehensive physical security plan requires an initial investment, the long-term benefits far outweigh the costs. By proactively addressing security vulnerabilities through defense by design, businesses can minimize the need for reactive security measures and costly incident response procedures.

Moreover, the deterrent effect of visible security measures can dissuade potential threats, reducing the likelihood of security incidents and associated expenses. Over time, the cost savings achieved through enhanced security and risk mitigation contribute to the long-term sustainability and profitability of the business.

At Kenton Brothers Systems for Security we work with organizations with a wide range of needs for physical Security. We have specific recommendations on how to implement a proper physical Security Plan that incorporates a holistic approach to our customer’s needs.

The following is a top 10 list of ways to get started:

1. Conduct Comprehensive Risk Assessment

Begin by conducting a thorough risk assessment of your premises and operations. Identify potential security threats and vulnerabilities, considering factors such as location, industry, and business assets. This assessment forms the foundation for developing an effective physical security plan tailored to your specific needs. We offer this service free of charge to help support the communities we serve.

2. Define Clear Security Objectives

Establish clear security objectives aligned with your business goals and risk assessment findings. Determine what assets and areas require protection, whether it’s sensitive data, equipment, or personnel. Clearly defined objectives provide a roadmap for designing and implementing targeted security measures.  This can be overwhelming at first, Kenton Brothers can help guide you through this process.

3. Design Secure Perimeter Barriers

Create a secure perimeter around your facility using physical barriers such as fencing, walls, locked perimeter doors or bollards. Choose materials and designs that deter unauthorized access and provide visibility for surveillance. Incorporate access control points with electronic locks and gates to regulate entry and exit.  The idea here is to extend your threat detection perimeter as much as possible to allow more time to bring resources to bear on the threat.

4. Implement Access Control Systems

Deploy access control systems to manage and monitor entry points throughout your facility. Utilize technologies such as key cards, biometric scanners, or PIN codes to authenticate individuals and restrict access to authorized personnel only. Integrate access control systems with surveillance cameras and alarms for enhanced security.

5. Install Surveillance Cameras and Monitoring Systems

Strategically place surveillance cameras and monitoring systems to provide comprehensive coverage of your premises. Install cameras in key areas such as entry points, parking lots, and critical infrastructure to deter theft, vandalism, and unauthorized activities. Ensure proper lighting and resolution for clear video footage.

6. Establish Secure Entry and Exit Procedures

Develop secure entry and exit procedures to control the flow of personnel and visitors. Implement protocols for visitor management, including check-in processes and temporary access badges. Train employees on security procedures and reinforce the importance of vigilance in identifying and reporting suspicious behavior.

7. Harden Physical Infrastructure

Strengthen physical infrastructure by reinforcing doors, windows, and other potential entry points. Use tamper-resistant locks, security bars, and shatter-resistant glass to deter break-ins and unauthorized access. Consider implementing intrusion detection systems to alert security personnel of attempted breaches.

8. Create Secure Areas for Sensitive Operations

Designate secure areas within your facility for sensitive operations, data storage, or high-value assets. Restrict access to these areas using additional layers of security such as biometric authentication or keypad entry. Implement measures to prevent unauthorized tampering or theft of sensitive materials.  Concentric circles of tighter and tighter security help organizations keep their people and assets secure.

9. Develop Emergency Response Plans

Develop comprehensive emergency response plans to address various security scenarios, including intrusions, natural disasters, or workplace violence. Conduct regular drills and training exercises to ensure employees are prepared to respond effectively to emergencies. Establish communication protocols and evacuation procedures to minimize risks to personnel and assets.  There is no better resource than a well-trained team member that knows what to look for and how to react in a threating situation.

10. Regularly Evaluate and Update Security Measures

Stay informed about emerging security technologies and best practices to enhance your defense by design approach.  Continuously evaluate and update your physical security measures to adapt to evolving threats and vulnerabilities. Conduct regular audits and assessments to identify weaknesses and areas for improvement. This is a critical piece of defense by design. Stay vigilant in your efforts. There are many stories of the convenience of a propped door and how it led to tragedy.

By following these ten specific steps, businesses can effectively incorporate physical security measures based on defense by design principles, creating safer environments for their People, property and possessions.

Still can’t get started? Give Kenton Brothers Systems for Security a call today to help.

Commercial vs. Residential: Not All Door Hardware is Made the Same

By Ryan Kaullen, Field Services Manager at Kenton Brothers

One of the biggest requirements that our clients have is their employee and customer safety. This goes hand in hand with the door hardware that is being used. I am going to compare two things in this article; Commercial Grade Hardware vs Residential Grade Hardware and Grade 1 Hardware vs Grade 2 Hardware. All have their proper applications and it’s important to understand when and where they should be used.

Commercial Grade Hardware vs. Residential Grade Hardware

Commercial vs. Residential: Not All Door Hardware is Made the SameCommercial grade hardware is built to withstand areas with higher amounts of traffic than residential buildings require. Essentially what you put on your home isn’t the same as what goes on the front door of a highly used commercial space. Along with commercial hardware being heavier duty,  most commercial buildings have specific requirements when it comes to meeting certain specifications such as UL Listings, ADA compliance, or other life safety conditions.

Residential hardware is made for homes where they won’t get as much wear and tear. Some businesses have used residential hardware in their spaces, but this causes several issues.

1) Warranties by the manufacturer of the residential hardware can be voided because it’s installed in a commercial space.
2) They won’t hold up and will need to be replaced frequently.
3) They don’t meet the life safety requirements of many commercial buildings.

Installing the correct hardware on commercial buildings is incredibly important. The hardware lasts longer, helps with safety and security, and keeps you in compliance.

Grade 1 Lock Grade 2 Lock

Grade 1 Hardware vs. Grade 2 Hardware

When you dig deeper into commercial grade hardware, there are two levels you really want to look at: Grade 1 and Grade 2.

Grade 1 hardware not only meets building requirements for commercial spaces, but it also provides a higher level of security, withstands heavy usage and helps guard against vandalism. Grade 1 hardware can be used anywhere but on exterior openings. They can also be used in doors that protect rooms containing items of high value like IT closets.

Grade 2 door hardware meets light commercial requirements and is a level above residential door hardware. These locks are great for offices, closets and other applications that don’t require heavy usage. Grade 2 hardware is more economical compared to Grade 1, but will last longer than residential hardware.

When selecting the grade of hardware for your facility, your choices may vary from door to door. The type of usage and other factors play into these decisions. It is extremely important to understand where the different grades make good choices. If you have any questions, please reach out to Kenton Brothers so we can help with your facility needs!