Viakoo can proactively update IoT devices, strengthening your protection against hacking attempts.

/in , /by

By Neal Bellamy, IT Director at Kenton Brothers

ViakooHacking, at its root level, is a person using a computer program for a purpose that is not intended. It’s like discovering a person walking a dog and then using the dog to attack someone. That wasn’t the intent of the person walking the dog, but the hacker was able to take control. In order to “hack”, the attacker must find a weakness in the software and then exploit the weakness. In the ever-evolving game of cat and mouse, weaknesses get found and software gets modified to patch those weaknesses.

Most successful hacks are possible because the software on a device is outdated.

Even though previous weaknesses have been fixed with software updates, the newest software has not yet been installed, and new weaknesses are found that can be exploited.

In other areas of information technology (IT), we have tools to detect and notify us when software needs to be updated. Most people are probably familiar with Windows Update, the little icon on the lower right that tells us new software is ready to be installed. There are many other systems that can also notify and even update the software automatically. But there is an area of IT that generally gets missed…

The Internet of Things

Viakoo IoTThe Internet of Things (IoT) is defined as “a system of interrelated computing devices, mechanical and digital machines, objects, animals or people that are provided with unique identifiers (UIDs) and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction.”

IoT has been around for decades. We’ve used and interacted with IoT devices in our offices for as long as I can remember. Things like copiers, scanners, and credit card machines are all examples of devices that usually are on the network and can send and receive data.

In the commercial security world, cameras and access control panels are also IoT devices. Anything that you can interact with and not have to touch is an IoT device. Can you adjust your thermostat from anywhere in the world? If so, It’s an IoT device. IoT is transforming our world and has been for many years now. It is making our lives more convenient and more connected. The security risk with IoT is that most devices are installed and never updated. If there is a security weakness detected, the software may never get installed… leaving that device wide open for being compromised.

Most companies spend a lot of IT time and money protecting servers, firewalls, and desktops to make sure that they have the latest software updates and are secure. But the IoT devices are usually left out of the discussion. IoT devices are now one of the largest attack vectors for malicious hackers. These “Set and Forget” devices are often left unprotected and sometimes directly connected to the internet. (Please don’t connect anything, except a firewall, directly to the internet; There are better ways.) As a whole, we have to do a better job of protecting these devices.

Part of the answer for the physical security world could be Viakoo’s new offering.

Viakoo dashboardViakoo has been offering camera, access control, and IoT monitoring for quite a while.

At their core, Viakoo will catalog all of your devices and monitor them at varying levels to make sure they are operational. And now Viakoo is taking it to the next level. Viakoo is offering IoT risk evaluation and IoT risk remediation. In evaluating the risk of each IoT device, Viakoo looks at the password, security certificates, and installed firmware version for each of the IoT devices. In supported devices, passwords can be changed and because Viakoo is already connected to some video management software (VMS), it can even change the password in the VMS so the video is not lost. Viakoo can also install new certificates in supported IoT devices so that they can be trusted at a higher level.

Viakoo can push new firmware to all the devices across the network. Since Viakoo architecture is already designed to be installed at multiple sites and buildings, the firmware can be pushed across the entire corporate footprint at the same time. Viakoo works across many hardware and software manufacturers, which most competing systems are not yet capable of doing, making Viakoo a good choice for almost any business with IoT devices.

Viakoo is a simple subscription-based software that can catalog, evaluate and secure all of your IoT devices. If you want help in securing your IoT Devices, please give us a call!

What is a Security Systems Integrator? A robbery gives some perspective.

/in , /by

By David Strickland, Vice President of Kenton Brothers

What in the world is a Security Systems Integrator?

How a robbery helped me understand the importance of a Security Systems Integrator.That is a great question and one I hope to answer with this story. Eleven years ago, I had no idea what a security integrator was either. It wasn’t until I got involved in the security industry and saw firsthand what a Security Systems Integrator was and why they’re so important to so many organizations.

First let me tell you a story about a time we got robbed…

It might surprise you to know that my first involvement with a security company was like many of you. I had an alarm system put into my business. I did my research and picked a reputable, big-name company to do the work. It was a straightforward process. I was happy with my provider and trusted that they knew what they were doing. The alarm system worked great for years.

Fifteen years later I had sold my company to a much larger organization and was working with them in a brand new, large operational center in the southeast United States. This operational center counted and stored very large amounts of cash and checks and processed them daily. Security was critically important. The large company I worked for did the same thing I had done fifteen years prior. They called a big-name company to come out and install a security system to protect their assets.

The representative from the security company was in the 30,000 sq ft building for 30 minutes. A week later, they installed 2 keypads, 4 glass break sensors, some motion detectors, 2 sets of door contacts and one siren. They also installed three cameras… One in the cash room and one at the front door.

It was a great idea to have the cameras installed.

Shooting GlassWithin the first week of opening, late at night, we were able to see a person shoot out the glass entryway of our lobby and enter the building. He ran straight to the cash room and kicked in the door. We watched him go right to the safe we had installed and enter the code. He opened the door of the safe within two minutes of entering the building. And he was on his way out carrying an armful of envelopes full of cash and checks, dropping some along the way. It was obviously a person with inside knowledge of our systems and the location of the security devices.

It turns out the alarm didn’t go off and no one was notified until 6am the next morning when the first employees arrived and saw the carnage. Our security system was not installed by a Security Systems Integrator. It was installed by a subcontractor of a national alarm company. There’s a big difference.

A Security Systems Integrator like Kenton Brothers Systems for Security would approach this building and the liability of the cash and checks in a very different way.

Using the Defense in Depth model we would have recommended a layered approach with the following considerations:

  • An exterior camera would be added to extend the perimeter and alert when there was car activity in the parking lot after operating hours
  • All doors would always be locked and require key or credential entrance
  • The alarm would arm automatically at a predetermined time
  • If the alarm did not arm or was disarmed outside of normal hours, an alert would be issued
  • The cash room door would be reinforced with a five-point door and a steel reinforced frame
  • All the codes on the safe would have been changed after install and assigned to the person opening the safe, which would require dual authentication for access
  • The intrusion system would be tied to the surveillance system. A video feed would be sent to the monitoring company to dispatch police as a verified crime in progress for priority response.

This true story seeks to point out the differences between an alarm company and a Security Systems Integrator. A Security Systems Integrator specializes in bringing independent security components together ensuring that those components function together properly to protect people, property, and possessions. These components include IP video surveillance, access control, intrusion detection, mass notification, weapons detection, analytics and more. Fully developed Security Systems Integrators are considered ‘design-build’ integrators.

Security Systems Integrators can provide the following services:

  • Security risk or needs assessments
  • Customized system engineering and design
  • Broad access to the leading manufacturers and product lines
  • Procurement, staging, installation, commissioning and training
  • Full lifecycle service and maintenance
  • System updates and operational upgrades

A Security Systems Integrator can take advantage of their unique perspective on the key ingredients for successful development of a physical security program. We like to call it the KB Advantage – utilizing over a century worth of experience and wisdom to assess, design, engineer, install, commission, train and maintain a remarkable physical security system.

If you want to know more about how we can help you develop a layered security approach for your organization, please give us a call.

Are you running up your Security Debt?

/in , , /by

By David Strickland, Vice President of Kenton Brothers

Security DebtOver the last 10 years, companies, schools, churches and local government entities have invested billions of dollars in improving physical security to reduce risk and keep their people, property and possessions safe. As crime has increased, security directors and those responsible for security have done their best to meet the challenge and adapt to the threat levels they face.

With the increased speed of technology advancements, the sophistication of criminals evolving and the reduction of qualified workforce to run and maintain the physical security equipment, organizations find themselves getting deeper and deeper into ‘Security Debt”.

Security Debt: The inability to maintain and service existing physical security systems to their proper functioning standard.

Security Debt begins with smaller things like not acknowledging alarms and alerts in the access control system. Or maybe your organization hasn’t had the normal lobby guard back since the pandemic. Maybe your organization has skipped the last few camera cleaning trips around the building because there isn’t enough time to get to it this month. Sometimes it’s a policy or procedure that no longer is followed like inspecting and locking the doors when school starts.

The good and bad news is that you’re not alone. Organizations just like yours are facing the same struggles. The Security Debt piles up month after month.

Security Debt vs the US Debt Calculator

A snapshot of the realtime US Debt Clock. For an updated view, please visit https://www.usdebtclock.org.

The biggest issue with Security Debt is that it won’t go away on its own. Just like credit card debt that millions of people have, Security Debt gets bigger every month when we don’t actively manage it. The interest compounds and we press against the debt ceiling hoping we don’t have an emergency that exposes our liability. This emergency might appear as a system failure, a missed internal theft or a major life altering event.

An estimated 81% of physical security systems are not currently up to date with firmware and software updates.

Just like financial debt, you must make a plan to get out of Security Debt.

Here are our suggestions on how your organization can get out of Security Debt:

Make a Plan – Yes, I know we just said that, but it’s worth repeating.

  • Bring together the key shareholders in your organization and document the Security Debt you are acquiring.
    • What physical security systems do you have deployed? (Access control, IP video surveillance, intrusion detection, duress systems, mass notification, lobby and guest management, weapons detection, physical security guards, perimeter fencing, parking control.)
    • What type of maintenance and upkeep do these systems need to be kept in optimal operating status? (Cleaning, adjustments, firmware and software updates, alarm and signal maintenance, periodic testing, inspections.)
    • What are your resources to complete the maintenance and upkeep lined out above?
  • Create a timeline and responsibility matrix
    • Who is responsible for what task and by what date?
    • What resources are needed? (Budget, People, Contractors)
  • Change your policies and procedures to match the current business environment
    • Automating the lobby so that a guard is not necessary
    • Changing locks to always be locked and unlocking only when passing through
    • Outsource your ongoing system support
  • Report back progress monthly
    • It’s important to close the loop
    • Reprioritize if necessary
    • Share best practices

Security DebtOne of the best ways to get rid of this debt is to outsource the maintenance and support of your systems. Establishing a relationship with a trusted security partner such as Kenton Brothers Systems for Security is something we would love to talk with you about. Think of us as a fractional Chief Security Officer. Kenton Brothers has manufacturer trained personnel to help maintain your investment as well as manage your daily alarms, annual firmware upgrades and ongoing operating system updates. We have certified physical security experts on staff that can help create policy and procedures for your specific situation.

You have other things to concentrate on. Let Kenton Brothers Systems for Security help you get rid of your “Security Debt”. Let’s talk!

How secure is your access control platform?

/in , /by

By Courtney Emra, Lead Customer Service/Sales Assistant at Kenton Brothers

Gallagher - Award WinningWe all know that the perfect security solution doesn’t exist. But we must always do our best to provide strong security for our people, property, and possessions. Did you know that in just 60 seconds, a simple $10 device is able to copy unattended, lost, or stolen key cards? This effectively leaves a wide open door for hackers to enter your company, systems, etc.

Gallagher has won several awards for their cyber security solutions. They perform various testing procedures and public information regarding these tests can be found on CVE. Included in those resources, they also have a free Security Health Check tool that helps you understand and identify weaknesses within your system, hardware and even users.

Let’s take a look at “The Four Horsemen of a Security Breach” from Corey Russell, a System Engineer with Gallagher.

1. Network

It doesn’t matter how much you’ve spent on your system if you leave it wide open for people to find on the internet. The system itself is solid, but if your access control is out there, there’s a good chance some usernames and passwords wouldn’t be hard to come by. Secure your networks, keep them up to date, and make sure you have email phishing training; your IT admin will thank you. If at all possible, take your access control system to a private network. Seclude it on its own island like Tom Hanks in ‘Cast Away’.

2. Hardware

Gallagher - Award WinningSo, you have your network secure? Great! Now what kind of hardware are you using? Something as simple as a plunger switch on a cabinet can be bypassed and let someone short the lock to the back door. Do your cameras still use ‘username’ and ‘password’ for the login? Did you put resistors in line with the reader you hung on the wall? Lastly, did you leave the keys in the cabinet lock because Steve keeps losing them? Get Steve a retractable key chain and make sure your hardware is as secure as your network.

3. Software

With our network secure and our hardware locked down, let’s talk software. We need to make sure we have complex passwords and, no, ‘P@ssw0rd’ is not a secure password. Make sure software is kept up to date. Look to use a platform that puts security first and offers additional tools to secure your network and hardware.

4. People

How secure is your access control system?This one is the hardest. People are predictable… until they’re not. Training staff and enforcing policies can be difficult. That’s why having a system that can help you mitigate the exposures people are sure to cause is a must.

Gallagher offers something called competencies which restrict people from even entering certain areas without valid, up to date certification on their record. Out of the box you can utilize broadcast notifications to get important messaging out to everyone with a push of a button, control how many people can be in one area, or how long any person can stay in that area. Track assets utilizing the readers already on the wall. The list goes on and on. Can your current security platform do that?

Now that you have a pretty good understanding of what’s happening in the threat landscape, do you still feel confident in your current system? We would love to do a commercial security audit of your system and help you plug any holes we find. Just give us a call!

Finally! A commercial security solution built for small to medium sized businesses.

/in , , /by

By Neal Bellamy, IT Director at Kenton Brothers

Gallagher SMB ProductsAccess Control systems seem to be designed for 2 scenarios. Either they’re designed for hundreds of doors with a very large feature set or 1-2 doors with very few features. And finally… an access control vendor has entered the space with a product that fills the gap. Gallagher has introduced their “SMB” line.

The Gallagher SMB Line of Products

The Gallagher SMB line uses many components of their enterprise line. They’ve kept a few of their enterprise features, and added a lot more to make their products easier to use and manage with just a smartphone. Let’s dive into the features.

The SMB line has many features, just like its big brothers. The system combines access control and intrusion detection capabilities, just like their enterprise line. Although the panels are designated for the SMB line, the same architecture is used. This makes it versatile in the field. The system also uses smart fobs and Bluetooth credentials just like its big brother.

Resource: Gallagher’s SMB Solution Brochure

The SMB line adds many convenience features that are necessary for the SMB space.

First, the system is server-less and connected to the cloud. This means that you don’t have another server to maintain and can access the system from anywhere you have internet access.

The system updates itself. You will always have the latest features and security fixes. Since it is cloud-connected, you can add and remove people and credentials from your mobile phone. You can also check to see if the system is armed and arm or disarm it from your mobile device.

Imagine being at a conference across the country and being able to arm your intrusion system in the middle of the night, because an employee forgot to do so when they left the premises. If you need to send a friend to check on your business, you can add them as an authorized person and assign a Bluetooth credential for instant access.

Multiple sites can be managed from one mobile app. This allows you to have multiple stores or locations that can be managed with one app and accessed through one fob or mobile credential. Speaking of Bluetooth credentials, an unlimited number of them come packaged with the system.

Case Studies: Kāwhia Primary School, Huntly College Old Boys Rugby Football Club, Hamilton City Gymnastics,  and Chesters Plumbing.

The Gallagher SMB line also offers options to only pay for what you need.

The intrusion system, by default, is self-monitored. This means that you get alerts through your mobile app and you decide if there is a real threat and call the police if necessary. However, if you want an option to have the system professionally monitored, that’s also an option. Access control can be licensed for 1-4 doors, 5-8 doors, or 9-10 doors per site, which allows you to size the system appropriately for your needs. The system has options for accessing the internet through the network, Wi-Fi, or even 4/5G cellular connections.

Kenton Brothers has already deployed the Gallagher SMB solution with great results.

The Gallagher SMB Solution fills the gap in security offerings between a single door at a single site and hundreds of doors at multiple sites. If you would like to increase your security while having a system that’s simple to manage without breaking the bank, give us a call. We would love to talk with you to see if the Gallagher SMB Line is the right answer for your commercial security needs.