Does Your Physical Security Provider Understand BAA and NDAA Regulations for Federally Funded Projects?

By David Strickland, Vice President of Kenton Brothers

Commercial Security Trends: The Buy American Act and the impact on Federally Funded ProjectsWhether it’s the National Defense Authorization Act (NDAA) or Buy American Act (BAA),  the landscape of government regulations is changing quickly. Recently, the BAA is getting a lot of attention because of thresholds that the act has established for products used in federal projects or for federally funded projects. We’ve spent some time discussing the NDAA regulations previously in this blog. We will concentrate on the Buy American Act’s new rules in this blog.

BAA – What You Should Know

THE BAA  is intended to protect US manufacturers and utilize US goods and products first.

Buy American Act (BAA) Two-Part Test

The BAA uses a two-part test to define a domestic end product.
– The article must be manufactured in the United States
– The cost of domestic components must exceed 60% (2023) percent of the cost of all the components
This regulation is for all projects over $10,000

The final published rules make several material changes to the regulations of the BAA.

1) Increased domestic content requirements.

The final rule increases the percentage of domestic content necessary for a product to qualify as a “domestic end product” in compliance with the BAA. Currently, the BAA regulations require a product to contain 60%  domestic components to qualify as domestic. In 2024 these same products must carry a 65% minimum threshold and this will increase to 75% in 2029. So current products having 63% of the components sourced domestically are considered BAA compliant, but in a year that will no longer be true.

2) The Fallback Threshold.

The Buy American ActThe current regulations have a “fallback threshold” for products that meet the current domestic content threshold but not the increased thresholds. The Fallback Threshold will allow agencies to use the existing 65% domestic content threshold in certain circumstances. This would be possible if the agency determines that there are no products that meet the new threshold, or such products are of unreasonable cost. The fallback threshold expires in 2030, one year after the domestic content threshold increases to 75%.

The government does allow for an agency to deem a product critical and exempt it from BAA compliancy on a temporary basis if the price is unreasonable. Waiver applications will go through the FTA. So far, even products that are in the 20-30% higher range have been upheld and BAA compliance is required.

The government has yet to publish a standard for what is “unreasonable” so all exceptions to the regulation must be made through the waiver request process.

3) Removes the commercially available-off-the-shelf (“COTS”) exception. 

This was available during the pandemic to  lessen the burden on agencies trying to deal with the supply chain.

4) Established restricted countries of origin.

Cannot purchase or use supplies, material, or services originating in, transported from or through the following countries or entities:

  • China
  • Cuba
  • India
  • Iran
  • Iraq
  • Libya
  • North Korea
  • Sudan
  • The territory of Afghanistan controlled by the Taliban
  • Serbia (excluding Kosovo)
  • Entities controlled by the government of Iraq

The Buy American ActThese regulations have a direct impact on physical security projects that are federally funded or are purchased by a federal agency. These regulations effect the following components that a physical security integrator may be providing or installing.

  • IP Video Surveillance cameras
  • Network and Digital Video Recorders
  • Switches
  • Servers
  • Access Control Components
  • Mechanical and electrified locking door hardware
  • Doors and Frames
  • Metal Detectors
  • Turnstiles
  • Intrusion Detections Systems
  • Cable

Government regulations can be difficult to understand, and Kenton Brothers Systems for Security can help you navigate these regulations for your next project. We have suppliers that meet the BAA regulations and can fulfill your project with compliant materials. Give us a call today!

WOW! Avigilon FIPS 140-2 certification in its H5A commercial camera line!

By David Strickland, Vice President of Kenton Brothers

With hackers and subversives becoming more technically advanced, it is critical to national and local security to stay one step ahead.

One of Kenton Brothers System for Security trusted partners recently announced that their new line of commercial IP video surveillance cameras is FIPS 140-2 certified! What this means is that the H5A camera line now meets or exceeds Federal Information Processing Standards (FIPS).

The FIPS Standard

This standard requires that all information, including images and camera information, be encrypted to a minimum standard as it is being transported, processed or stored. This encrypted information can only be unlocked with a specific cryptographic key. So, if you don’t have the specific key, the images or information look like random ones and zeros, making no sense to a hacker that is trying to gain access to your system.

Of course, this is wonderful news as Avigilon has extended the encryption all the way out to the commercial security camera. If someone was able to gain access to a camera feed, it would still be useless to them. This is a WOW! for high security sites such as Federal Government, Municipal Government, Corrections Departments, Financial Institutions and the list goes on and on.

This coupled with the fact that Avigilon is manufactured in North America and is TAA and section 889 compliant, makes it an easy go to for any federal, state or local agency.

Next Generation Video Analytics

Avigilon H5A Camera LineIn addition to this high security update, the Avigilon H5A camera line also features next-generation video analytics technology.

The H5A line leverages the latest in AI-powered video analytics to detect and persistently track more objects – whether stationary or moving – with greater accuracy even in crowded scenes, detect unusual activity in a scene autonomously and apply facial recognition technology to alert off of face watch list matches. These advanced capabilities help provide detailed information on what is happening on your site so you can detect potentially critical security events faster and take responsive action, all while keeping the images and data secure.

The H5A line features unique object detection and self-learning video analytics, both of which allow clients to detect, confirm, and respond more quickly to incidents. These advances combine to create a smarter, more reliable CCTV system that utilizes the most powerful, intelligent technologies to ensure the safety of your people, property, and possessions.

We are very excited about this technology advancement!

Here are a few of the other highlights from the H5A Video Surveillance lineup:

  • The H5A line has camera image sensors with resolutions ranging from 2MP to and AMAZING 61MP and a few with 10K HD option
  • The camera line comes with a 5-year warranty standard
    Enables the camera to be deployed at sites requiring FIPS-compliant cryptograph
    Expanded object classifications and more accurate detection in crowded scenes so you can detect faster
  • Once mounted and aimed, the cameras zoom level can be adjusted and image can be focused remotely
    Offers exceptional detail in areas with low lighting
    Available ports for external audio including sirens, microphones and/or loudspeakers for audio talk-down situations

Want to learn more? Please schedule a demo with us today!


Do you sell to or receive government funding? You need to know this about Section 889.

By David Strickland, Vice President of Kenton Brothers

National Defense Authorization Act Section 889 – A Plan for Compliance

Section 889 UpdateThe Federal government has enacted both phases of the NDAA Section 889 rules and it has led to the removal of several manufacturers of telecom and surveillance equipment throughout the United States. As of August 13, 2019, all federal agencies, federal contractors, colleges and universities and private companies that hold federal contracts or receive federal funds are mandated to remove any and all products from the following companies:

  • Huawei Technologies Company
  • ZTE Corporation
  • Hytera Communications Corporation
  • Hangzhou Hikvision Digital Technology Company
  • Dahua Technology Company

Hangzhou Hikvision Digital Technology Company and Dahua Technology Company are two of the largest commercial video surveillance manufacturers in the world. They operate and distribute through OEM (Original Equipment Manufacturer) over 100 brands around the globe. Some of these brands include:

  • ADT
  • FLIR – Specific Models
  • DMP

As of August 2020, all federal agencies, contractors and those receiving federal funds are required to perform due diligence in determining what components are present on their networks as well as prohibit the use or implementation of any further products from these companies. All prohibited items found on the network or in possession were to be removed or face penalties including denial of future contracts or funds from federal contracts.

This situation has left many agencies and entities scrambling for solutions on where to start and how to be compliant.

889(B) Compliance AssessmentWe will take the time to help define the steps your organization may need to take to become compliant.

1. Education: Read and understand the rules and necessary actions for compliance. (See below for several links to help in this process or contact us at Kenton Brothers Systems for Security to run down the most current list of prohibited technologies.

2. Assessment: Through reasonable inquiry, determine whether you use “covered telecommunications” equipment or services.  This would include a survey of all devices used in video surveillance and access control, WIFI management and network controllers.

3. Construction: Though builds are a great place to start, visual inspection is another way to determine what brands are installed on your system.  Kenton Brothers Systems for Security can also help with this step by doing a complete walk through of your systems and determining you risks.

4. Create a Cost of Removal and Replacement Plan: Once your assessment is complete, we determine what pieces and parts need to be removed and replaced to maintain current security and performance levels.  Kenton Brothers Systems for Security can help this by creating a complete proposal.  Many times, we can utilize several components from your current system lowering you cost of replacement dramatically.

5. Apply for Waivers: As it is already past the deadline for these systems to be removed, you will need to apply for a waiver that will permit you a one to two-year period to remove or replace all non-compliant items in your organization.  This will include a detailed plan for compliance over the next 12 or 24 months.  This waiver will need to include a project timeline and measurable targets with dates attached.  Kenton Brothers Systems for Security can help you complete this plan for submittal.

6. Apply for Grants: Federal dollars have been put aside for compliance in these matters.  We have posted a couple of links below for your convenience.

We want you to know you’re not alone in navigating the intricacies of the NDAA Section 889 rules.

Kenton Brothers Systems for Security can help you identify your risk, create a plan for mitigation and compliance and partner with you for long term support. Give us a call to get started.

Additional Resources

A great resource for all section 889 resources – This is a “must have” link.

GSA Acquisition Letter MV-20-10 implementing Section 889 – Includes Specific rules and compliance steps

Video recording of how private companies will need to be compliant:

Another Video specifically designed for Federal Agencies and resources available:

COVID Fighter – Opening Office Doors Without Using Your Hands

By Ryan Kaullen, Field Services Manager at Kenton Brothers

You can’t turn on the TV, read a news article, or go anywhere without hearing about COVID. And rightfully so. COVID is causing uncertainty in our world, but one thing is certain… Kenton Brothers is working at the forefront to help our customers stay safe and help prevent the spread of COVID-19.

Wrist Pulls, Push Plates and Foot Pulls

COVID Fighter: Foot PullsRecently, we’ve been getting requests and calls for help related to door hardware. Our customers are asking, “How can we add safety features to keep our employees safe while keeping our doors/openings functional?” In response, we’ve been installing wrist pulls, push plates, and foot pulls at our customer sites to meet this growing need.

Wrist pulls, push plates, and foot pulls allow employees to go in and out of doors without using their hands. A perfect example of this type of project was the recent installation of 38 restroom doors on a multi-floor office building. We can keep the functionality of commercial doors intact, maintaining a clean and professional appearance, while increasing the health safety for the staff.

Want to know more about COVID Fighter solutions?

Is your company looking for ways to offer hands free solutions to openings at your facility? We would love the opportunity to show you our full line of COVID Fighter offerings. These include hands-free mechanical locking hardware, touchless Commercial Access Control, and Commercial Video Temperature Monitoring solutions. Give us a call!

COVID Fighter: Hands Free Mechanical Locking Hardware COVID Fighter: Hands Free Mechanical Locking Hardware

Section 889 Alert: Prohibited Telecom for the Federal Government and Their Contractors

By David Strickland, Vice President of Kenton Brothers

Federal agencies and companies that do business with them:
NDAA Section 889 B is now in effect.

The Federal Government alone experiences hundreds of thousands of digital assaults every day. Malicious actors are persistent, usually well-funded and constantly changing their tactics. They often exploit technologies from the identified Chinese companies to do so. The Administration shares Congress’ strong commitment to addressing insidious threats to the Nation’s national security and intellectual property.

In an effort to protect the nations systems and data, The National Defense Authorization Act (NDAA) was enacted in July 2019 with two distinct phases:

Part A – The Government Cannot Obtain Prohibited Telecom

Part A became effective on August 13, 2019. Part A prohibits the government from obtaining (through a contract or other instrument) certain telecommunications equipment (including video surveillance equipment) or services produced by the following covered entities and their subsidiaries and affiliates:

  • Huawei Technologies Company
  • ZTE Corporation
  • Hytera Communications Corporation
  • Hangzhou Hikvision Digital Technology Company
  • Dahua Technology Company

Hangzhou Hikvision Digital Technology Company and Dahua Technology Company are two  of the largest Commercial Video surveillance manufacturers in the world. They operate and distribute through OEM (Original Equipment Manufacturer) over a 100 brands around the globe.

For a complete and updated list, check out IVPM here. IVPM is a great resource for ongoing list changes.

What may shock companies and agencies throughout the Midwest and beyond are a few of the names on those lists including:

  • ADT
  • FLIR – Specific Models
  • DMP

Section 889: HIKVISION OEMs

Section 889: Dahua OEMs

The Department of Defense has the authority to add additional companies to this list at any time. Part B outlines that these items need to be removed by August 13, 2020 or a waiver needs to be submitted allowing for more time.

This order applies to all companies that do business with the Federal government. In any capacity, and at any level.

Part B – Government Contractors Cannot Use Prohibited Telecom Part B is effective August 13, 2020.

Part B prohibits the government from contracting with any entity that uses certain telecommunications equipment (including video surveillance equipment) or services produced by the entities listed in the statute.

  • The Government cannot contract with an entity that uses covered telecommunications equipment or services as a substantial or essential component of any system or as critical technology as part of any system.
  • Prohibition applies regardless of whether or not that usage is in performance of work under a Federal contract.
  • The prohibition applies to every sector and every dollar amount. Your ability to enter into contracts with the Government will be impacted by Part B.
  • After conducting a reasonable inquiry, entities will represent whether they do or do not use prohibited telecommunications equipment or services.

Part B has been added to the Federal Acquisition Regulation (FAR) at FAR subpart 4.21.


  1. Regulatory Familiarization. Read and understand the rule and necessary actions for compliance.
  2. Corporate Enterprise Tracking. Determine through reasonable inquiry whether you use “covered telecommunications” equipment or services.
  3. Education. Educate your purchasing/procurement, and materials management professionals to ensure they are familiar with the entity’s compliance plan.
  4. Cost of Removal. Implement procedures if the entity decides to replace existing covered telecommunications equipment or services and ensure new equipment and services acquired for use by the entity are compliant.
  5. Representation. Provide representation re use and alert Government if use is discovered during contract performance.
  6. Phase-out Plan and Submit Waiver Information. Develop a phase-out plan and provide waiver information to the Government along with the complete laydown of the presence of the covered telecommunications equipment or services.


Please let Kenton Brothers know if you have questions on navigating Rule 889.