SALTO Systems: Unique Access Control Solutions for a 100+ Year Old Building

/in , , , /by

By Ryan Kaullen, Field Services Manager at Kenton Brothers

SALTO Systems: Unique Access Control SolutionsIn late 2023, Kenton Brothers was approached by a property management company about adding access control to a local, 100+ year old tenant-based building in Kansas City, MO. The building has more than 16 floors and multiple elevators needed access control. As you can imagine, when the building was being built access control was not in the minds of the architect nor builders. So, the task became how does Kenton Brothers provide access control for this unique situation while keeping costs in-line with the customer’s budget?

SALTO Systems

The answer was an access control platform that supports both online and offline locks while at same time being able to take care of access control for the elevators. The system is made by a company called SALTO Systems. Their array of lock solutions allowed Kenton Brothers technicians to install cable where it was accessible to connect to the server and have some of the locks being online, while also being able to install locks at doors where cable wasn’t an option. All while still granting access or denying access depending on the credential presented.

Here is the interesting feature of this system: Online readers re-program each card as they are presented, and then the new information is carried to the offline locks the next time they are used. This allows the system to be centrally managed without running wires to every lock. (Remember, this building is over 100 years old.) Pretty cool, right?

Our solution allows the property management company to grant access to individuals with the correct credentials into certain spaces like the gym, pool area, rooftop, etc. And they can deny individuals who should not have access to those spaces. Without the SALTO access control system, this is almost impossible to control.

SALTO Systems: Unique Access Control Solutions SALTO Systems: Unique Access Control Solutions

The next phase of the project was the elevators.

To accomplish getting readers to work with the elevators, and the readers needing to be offline readers, Kenton Brothers worked closely with the elevator company whose software and the access control software would work in tandem to take tenants to the correct floors while still allowing the property management company to program proper access to the readers. This was a close coordination between our team and the elevator company to accomplish our customer’s goals. And this was crucial to the success of the project because it again helps keep the flow of traffic of people going to the correct floors where they are allowed to be.

Projects like these are what Kenton Brothers loves to take on. These kinds of projects make us think outside the box, deliver one-of-a-kind systems, and come up with unique and customizable solutions to take care of the customer.  This is the type of work that has made Kenton Brothers stand out for over 127 years.

To see how Kenton Brothers can help with your unique needs, please give us a call.

SALTO Systems: Unique Access Control Solutions SALTO Systems: Unique Access Control Solutions

Parks and Rec Project: No Network? No Power? No problem.

/in , , /by

By Neal Bellamy, IT Director at Kenton Brothers

Challenging installs are our specialty.

Parks and Rec Project: No Network? No Power? No problem. We love a good challenge, and love creating the right solution to meet the need. The latest challenge comes in the way of no network, lots of trees, and in some places… no power.

A local county Parks and Recreation group came to us with several places they wanted to have cameras. They have an existing Milestone commercial video surveillance system in the county, but it was not integrated with their parks and rec department. The team wanted to cover marinas, several park shelters around lakes, and a few trailheads that had no power. The final goal was to integrate everything into the Milestone platform so there is more visibility.

Remote Locations

The first challenge is how remote some of the locations are. An internet connection was available in 8 of the 30+ locations they wanted cameras, but the internet connections were not very strong or fast. We need to make sure the cameras are recording reliably, so we placed servers at the 8 locations as centralized storage spots for the cameras around each area. In one instance, we installed a server at the marina.

Parks and Rec Project: No Network? No Power? No problem. Parks and Rec Project: No Network? No Power? No problem.

No Local Area Network (LAN)

The second challenge is that there is no network at several of the shelters where the department wanted cameras. Of course, wireless radios are nothing new, but we have lots of trees in the way. We had to get pretty creative to make a path from the cameras back to the marina, with line of sight for the radios and the least number of “hops”. There were several times we had to direct the signal away from the marina so that we could collect many signals in one place, and then send it all back to be recorded on the marina server.

No Power

No network is for sure a challenge. But the hardest challenge can be no power. We had to move  to a solar solution to power the cameras.

It’s always fun to overcome technical challenges. Projects like these are memorable and satisfying. Do you have an interesting situation to deal with as you consider improving your commercial security posture? We’ve dealth with literally hundreds, and if you have something new, we would love to tackle it with you. Please give us a call.

Two Powerful Tools to Help Schools Support a Secure Environment for Learning

/in , /by

By David Strickland, Vice President of Kenton Brothers

At Kenton Brothers Systems for Security, we are proud of our role in protecting People, Property and Possessions, especially when it comes to our partnerships within education. With that in mind, we are happy to spotlight a new collaborative effort that is paying off big time. The Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) are teaming up to help schools become more secure and to better support a learning environment. They’ve released two guides to help schools create great security plans and to help pay for them!

First, The CISA Resources and DHS Grants guide helps orientate school districts to the multitude of resources available to them to support school security. These include the new collaborative website called:

www.SCHOOLSAFETY.gov

This is an interagency website created by the Federal government to provide schools and districts with actionable recommendations to create safe and supportive environments for students and educators.

The K-12  SCHOOL SECURITY GUIDE PRODUCT SUITE

The K-12 School Security Guide Product Suite is designed to provide K-12 districts and campuses with resources, tools, and strategies to improve school physical security. The suite outlines action-oriented practices and helps schools and districts learn the steps necessary to assess vulnerabilities, strengthen security, and better protect against a range of targeted violence and other threats.

K-12 BYSTANDER REPORTING TOOLKIT

The K-12 Bystander Reporting Toolkit supports K-12 schools and districts in strengthening school safety reporting programs and encouraging bystander reporting among students and other members of the school community.

NATIONAL SUMMIT ON K-12 SCHOOL SAFETY AND SECURITY

The School Safety Task Force (SSTF) hosts an annual National Summit on K-12 School Safety and Security to bring Federal, state, and local school leaders together to share actionable recommendations that enhance safe and supportive learning environments.

GRANTS FINDER TOOL

SchoolSafety.gov’s Grants Finder tool houses school safety-related Federal grants in one centralized location and provides members of the K-12 school community with a variety of ways to search for and access funding opportunities. The tool features multiple of Federally available school safety-specific grants searchable based on school safety topic, award amount, application level of effort, and more.

Two Powerful Tools to Help Schools Support a Secure Environment for Learning

CISA Resources and DHS Grants.pdf

Social Media Threat Guidance for School Staff and Authorities

In late December 2023, DHA and CISA published the Social Media Threat Guidance for School Staff and Authorities Infographic. It highlights social media threats affecting school districts in the United States. It goes a step further by providing mitigation and response measures for social media threats directed at a school district. It also connects school safety stakeholders to the suite of tools and resources provided by CISA and its partners to promote a culture of readiness and preparedness.

Technology has revolutionized the American school system, making education more accessible than ever before.  However, the advancements and accessibility of various social media platforms continue to reveal new vulnerabilities and security gaps within the school threat landscape. In the United States, social media-based threats to school districts continue to rise; in 2022, school districts reported closing more frequently due to social media threats than for COVID-19 outbreaks.

Download this powerful resource here:

Two Powerful Tools to Help Schools Support a Secure Environment for Learning

Social Media Threat Guidance for School Staff and Authorities Infographic.pdf

This collaborative approach from DHS and CISA in helping schools understand what resources are available to them and providing financial resources to support the initiatives is a step in the right direction. Kenton Brothers is happy to help guide schools through this process. Please give us a call today.

Dual Technology Credentials

/in , /by

By Ryan Kaullen, Field Services Manager at Kenton Brothers

Dual Technology CredentialsAccess Control has been around for a few decades now, and during that time the technology has evolved. A lot of customers have older access control equipment and can’t afford to change out equipment every time technology and security solutions change. What are ways that a company can increase security but not have to change out everything all at once? How can they avoid impacting large portions of the their current access control solution? One way is by using Dual Technology Credentials.

Proximity Technology

The industry standard at the beginning of development of access control solutions was called proximity technology.

Proximity is a non-encrypted technology. As technology has advanced, and those who wish to hack or break through the security have advanced, the industry adapted. More advanced types of technology were required to combat those new threats. These advanced defenses include solutions like multi technology, new readers with encryption, advanced card formats, and more.

This is where Dual Technology Credentials come into play.

Changing your credential to dual technology allows you to use older technology readers along with the newer options. All while enjoying the benefits of having an encrypted credential for higher security.

Over time, you will be able to upgrade your readers to a newer type of encrypted reader. (In other words, spreading out the investment timeline for doing the reader upgrades.) You will still be able to use your dual technology credentials, but once all the readers have been updated, you can switch from a dual technology credential to an encrypted credential. This will lower the cost of your credentials moving forward while still keeping the correct standard of credential security.

Individuals who intend to cause harm to a location often try to go for the low hanging fruit… which includes access control credentials. A repeater is used to try and reveal the card or FOB’s credentials. This allows them to re-create the card and allow entry. This is where dual technology credentials can really make a difference.

If you are interested in learning more about Dual Technology Credentials, please contact us and we would be happy to see where we can help heighten security and protect your people, property, and possessions.

Credential Technologies: You may not be as protected as you think

/in , /by

By Neal Bellamy, IT Director at Kenton Brothers

Credential TechnologiesToday, I want to talk about credential technology. While not an extremely exciting topic, it can be, and often is the weakest link in many organization’s access control system. Remember that an attacker doesn’t need to get through every defense in your system, most often they just need to get past the weakest one (or two).

Let’s start with how cards and readers work.

Any RFID reader, including the ones used for access control, puts out an electromagnetic field around the reader. This field is usually measured in inches, but in special readers like a Nedap long-range reader, fields can be measured in feet.

When a credential (card, fob, wristband, sticker, etc.) passes through the field, it electrifies the antenna giving the chip on the credential enough electricity to transmit the data stored on the chip. Most often the data that is stored is the “Card number”. I put it in quotes because that “Card number” could be many things.

Next, we need to talk about card numbers or more specifically card formats.

Unfortunately, most card formats are simple and relatively easy to guess. The most common card formation is 26 bits in length. HID calls this H10301. The first 8 bits designate the facility code and the next 16 bits designate the card number itself. The facility code is a way to group the cards together and in theory, verify that the card belongs to the access control system.

The low bit count means that there are only 256 possible facility codes and 65,535 card numbers. For those people paying attention to the details, the extra 2 bits are used for error checking.

Most people start with card number 1 and work their way up. There are other card formats like 33-bit, 37-bit, 40-bit, and so on. Each increases the possible facility code and card number options. The important takeaway is that once an attacker has the card format, facility code, and card number of a person who has access, they can gain access to your facility.

Encryption

Like most things in commercial security, encryption is a way to combat the wrong people seeing the real card number. Encryption and card formats are independent of each other. You can have a 26-bit card that uses encryption and a 26-bit card that does not use encryption. That is based on the card technology.

Card technology like Prox and Indala are not encrypted. This means that almost any card reader can read the actual card format, facility code, and card number, it just has to get close enough to a card that has access.

Some technologies are encrypted but have already been cracked. Examples of these are Mifare Classic, HID iclass Classic, etc. Because the technology is already cracked, there are several ways of reading the encrypted data, and then applying the workaround to get to the actual card data again. Using a cracked technology is better than unencrypted, but it is still not advised.

Some technologies are not yet cracked like Mifare EV3 and HID iclass SEOS.

Encryption Usage

Credential TechnologiesWhen an encrypted technology is in use, both the card and reader must be using the same set of keys. Public/Private key is a long topic, but effectively a matching pair of keys are used to encrypt and decrypt data. (More information here.)

This means that readers and credentials are matched for the different manufacturers. If you are using HID readers, you almost always need to use HID credentials. Even with an encrypted, uncracked, card technology, the most commonly sold readers and credentials use the same key pair across all readers and credentials. This means that anyone can buy the latest HID reader to read almost every HID card ever sold.

There are special programs where a business can “own” its own set of keys. Another option is to use a system that generates a unique key and then can use that key to encrypt the cards specifically for a given system like Gallagher.

I know this was a lot of information, so let’s distill it a bit.

First, make sure you are using encrypted card technology.

Second, use the latest technology when you are using encryption. This will be based on the card readers you are using.

Finally, if at all possible, own your public/private keys. Sign up for a unique key system like Corporate 1000, or use a system like Gallagher to generate a unique key for your system.

If you have more questions or need help with your current/future commercial security solution, please give us a call.