Common Commercial Security Server Issues

/in , , , /by

By Neal Bellamy, IT Director at Kenton Brothers

Common Commercial Security Server IssuesAlthough cloud-based systems are getting more popular, many security systems still have on-premise servers at their heart. Servers, like all electronics, can fail and will need to be replaced. Servers also need updating in many ways. Sometimes they can show signs of issues overnight, and sometimes more slowly over time. The overnight issues are easier to detect, but the slower failures can be harder to detect, so I thought I would share some things to look out for.

Video servers tend to be the most sensitive to component failure or being overloaded.

Video servers have the toughest job of all the security servers. They need to be able to connect to the cameras, pull the video stream off the network, process the video, and then possibly write it to a hard drive in near real-time. If any one of those processes struggles, the video may not be saved properly. At the same time, if cameras are being viewed, they need to be able to send the video to whoever is viewing them.

A sign that your video server needs help is when your video is “Jumpy”. Jumpy video is when the video appears to be choppy and does not play smoothly. Most video systems are recording at least 12 frames per second, so live and recorded video should appear to be smooth. It might not be as smooth as a movie or video game, but it should not have a very detectable jump between frames. Jumpiness is usually caused by an overwhelmed server, or some component, like a hard drive, has failed.

Another common issue is when logging into the security software becomes slower than usual. “Usual” depends on which software is being used, but it should be as fast as the day it was installed. Servers that turn themselves off or reboot themselves often, more than once a month, are also signs that they need help. If you sometimes can’t log in, but then can after waiting a while, the server might have just rebooted.

Sometimes it’s not because of a failure that your server needs attention, sometimes it’s just time.

Common Commercial Security Server IssuesServer software, like all software, can have security or feature updates. Server software like Windows, Linux, MAC OS, etc., needs to be maintained to have the latest features and security patches. Depending on the settings, security patches will download and install themselves, but if you’re not sure, you should check with your IT team.

All server software at some point will become obsolete and no longer be supported. At that point, you should at least have someone update your server to the latest version possible, or maybe even replace the server altogether.

There are some important Microsoft Windows end-of-support dates coming up this year. Windows 10, which has been around since 2015 will no longer be supported or have security patches being released as of October 14th, this year. Windows Server 2019 mainstream support already ended last year, it will not receive any feature updates, but will still receive security updates until January 2029.

Finally, it is worth mentioning since we are talking about servers failing… It is critically important to make sure your IT team is properly handling backups for your servers. Many companies get into a rut of seeing “backup completed” every day after the nightly backup, but then never checking if those backups can actually be restored. Talk to your IT team about the last time they tried to restore an important server from backups. The answer may shock you. Because the answer might be “never.”

If you are experiencing any of these issues or would like Kenton Brothers to come investigate the health of your server, please give us a call.

Top 10 Technician Tips to Keep Your Commercial Security Systems Up and Running

/in , /by

Top 10By David Strickland, Vice President of Kenton Brothers

At Kenton Brothers Systems for Security, we believe that the best advice comes from the field. Our technicians are fantastic at taking great care of our customers.  So we asked them about creating a Top 10 list for our customers on how to keep their commercial security systems running well. Here’s what they told us.

Top 10 Technician Tips:
What customers can do to keep their commercial security systems running well.

  1. Top 10 Proactive Tips to Keep Your Commercial Security Systems Up and RunningPut a recurring reminder on your calendar to replace batteries.
  2. Test and verify system functionality on a monthly basis.
  3. When you see damaged, loose, or missing devices, address the problem sooner than later.
    (Replace these weathered devices proactively to prevent a cascading failure later.)
  4. Put the KB service phone number and email in your contact list. This will help identify us when we call or email.
  5. Put KB service contact information on all control panels, NVRs, power supplies, etc.
  6. Have a system inspection and maintenance program. (This extends the life of your system.)
  7. Properly train your team members on the proper procedures of how to interact with system and devices.
  8. Limit personnel with system keys and passwords. (Provide separate login credentials for each authorized user and don’t share passwords. Limit the physical access to those same panels.)
  9. Top 10 Proactive Tips to Keep Your Commercial Security Systems Up and RunningPoint out system devices and cabling to contractors when remodeling to prevent damage or system interruption.
  10. Keep equipment access areas clean and clear for technicians to work and service your systems.

Our technicians take a lot of pride in providing the very best service in the region. They are all factory certified. In an age where customer service is often an afterthought or an annoyance, the KB technicians stand out as champions for our customers.

Please let us know if we can help support you in implementing these Top 10 Technician Tips!

Physical Security as a Service? It’s Time!

/in , , /by

By David Strickland, Vice President of Kenton Brothers

Physical Security as a ServiceKenton Brothers Systems for Security has been in business since 1897. This year we are celebrating our 125th year! Over that time, we’ve seen our industry innovate and transform several times. Currently, we are at another crossroads of evolution and innovation.

Traditionally, organizations have developed and generated their own internal physical security teams… one person or policy at a time. As their needs grow, so would their team. This team worked hard to stay on top of the regulations required of them as well as the technology available to them to meet those regulations. They would enhance capabilities based on the threats they faced, and manage the risk the best they knew how.

Many of the systems internal security teams traditionally invested in have become more and more complex and even introduce new risks with the convergence of IT/OT security and physical security considerations. This pressure to keep up with modern technologies and the threats they bring has become a real strain on resources. This, coupled with a very low labor pool, has led to some great conversations with our customers.

The Need for Physical Security as a Service

Over the last two years, Kenton Brothers has been approached by companies and organizations from many different industries. They want to know more about what we offer to help support getting them out of this downward loop. We quickly noticed that many of these customers’ needs analysis meetings carried the same theme. “There just aren’t enough resources to go around. With current personnel levels, there’s just no way to cover everything correctly.”

After several interviews, the pattern appeared and these valued customers needed support in the following ways:

  • Physical Security as a ServiceAdministration of Access Control, IP Video surveillance, Intrusion Detection system
  • Hosting and Managing of Access Control, IP Video surveillance, Intrusion Detection system
  • Policy and Procedure creation
  • Personnel Training
  • Physical Inspections and Maintenance
  • Alarm Management
  • Cleaning and Repairing equipment
  • Firmware and End of Life Management
  • Forensic Discovery and Preservation
  • Technology Selection
  • Future planning
  • Red team testing

An additional question was raised. “Would Kenton Brothers be able to take over the day-to-day running of our systems?” The answer is YES.

Case Study

In one scenario, a customer was losing their System Administrator soon after losing their Director of Security. This left no one to manage their physical security systems. This company is in a highly regulated industry and wasn’t able to find a replacement internally or manage the system correctly on their own in the time given. With three days notice, we went to work supporting our customer. We also created operating procedures for the tasks needed to successfully manage the following areas:

Immediate:

  • Physical Security as a ServiceOnboarding and offboarding employees
  • Issuing credentials, assigning to user groups
  • Managing alarms and system messages
  • Preserving video evidence forensically
  • Running daily checks of access control and video Systems
  • Daily updates to system communications that are shared with IT and executive teams

Secondarily:

  • Working with IT and executive management to communicate the state of system
  • Create polices and procedures for new staff taking over
  • Inspecting system to determine firmware status and Cybersecurity risk

We were able to create a part time Managed Service Agreement (MSA) that dedicated three hours a day to our customer. The agreement allows for additional hours for special projects such as a new location being built that will need to be onboarded in the next few weeks.

At Kenton Brothers, Partnerships and Innovation are core values. Partnerships have to be WIN/WIN and this was definitely the case in this situation. The Innovation came when the company decided to change the position they’re trying to replace by keeping future duties in Kenton Brothers’ hands.

Physical Security as a Service? Yes. If that sounds interesting, we would love the chance to work with your team to explore the idea and what it could mean for your organization. Just give us a call!

Are you running up your Security Debt?

/in , , /by

By David Strickland, Vice President of Kenton Brothers

Security DebtOver the last 10 years, companies, schools, churches and local government entities have invested billions of dollars in improving physical security to reduce risk and keep their people, property and possessions safe. As crime has increased, security directors and those responsible for security have done their best to meet the challenge and adapt to the threat levels they face.

With the increased speed of technology advancements, the sophistication of criminals evolving and the reduction of qualified workforce to run and maintain the physical security equipment, organizations find themselves getting deeper and deeper into ‘Security Debt”.

Security Debt: The inability to maintain and service existing physical security systems to their proper functioning standard.

Security Debt begins with smaller things like not acknowledging alarms and alerts in the access control system. Or maybe your organization hasn’t had the normal lobby guard back since the pandemic. Maybe your organization has skipped the last few camera cleaning trips around the building because there isn’t enough time to get to it this month. Sometimes it’s a policy or procedure that no longer is followed like inspecting and locking the doors when school starts.

The good and bad news is that you’re not alone. Organizations just like yours are facing the same struggles. The Security Debt piles up month after month.

Security Debt vs the US Debt Calculator

A snapshot of the realtime US Debt Clock. For an updated view, please visit https://www.usdebtclock.org.

The biggest issue with Security Debt is that it won’t go away on its own. Just like credit card debt that millions of people have, Security Debt gets bigger every month when we don’t actively manage it. The interest compounds and we press against the debt ceiling hoping we don’t have an emergency that exposes our liability. This emergency might appear as a system failure, a missed internal theft or a major life altering event.

An estimated 81% of physical security systems are not currently up to date with firmware and software updates.

Just like financial debt, you must make a plan to get out of Security Debt.

Here are our suggestions on how your organization can get out of Security Debt:

Make a Plan – Yes, I know we just said that, but it’s worth repeating.

  • Bring together the key shareholders in your organization and document the Security Debt you are acquiring.
    • What physical security systems do you have deployed? (Access control, IP video surveillance, intrusion detection, duress systems, mass notification, lobby and guest management, weapons detection, physical security guards, perimeter fencing, parking control.)
    • What type of maintenance and upkeep do these systems need to be kept in optimal operating status? (Cleaning, adjustments, firmware and software updates, alarm and signal maintenance, periodic testing, inspections.)
    • What are your resources to complete the maintenance and upkeep lined out above?
  • Create a timeline and responsibility matrix
    • Who is responsible for what task and by what date?
    • What resources are needed? (Budget, People, Contractors)
  • Change your policies and procedures to match the current business environment
    • Automating the lobby so that a guard is not necessary
    • Changing locks to always be locked and unlocking only when passing through
    • Outsource your ongoing system support
  • Report back progress monthly
    • It’s important to close the loop
    • Reprioritize if necessary
    • Share best practices

Security DebtOne of the best ways to get rid of this debt is to outsource the maintenance and support of your systems. Establishing a relationship with a trusted security partner such as Kenton Brothers Systems for Security is something we would love to talk with you about. Think of us as a fractional Chief Security Officer. Kenton Brothers has manufacturer trained personnel to help maintain your investment as well as manage your daily alarms, annual firmware upgrades and ongoing operating system updates. We have certified physical security experts on staff that can help create policy and procedures for your specific situation.

You have other things to concentrate on. Let Kenton Brothers Systems for Security help you get rid of your “Security Debt”. Let’s talk!

Top 5 ways to keep your school, business or organization secure and ready for emergencies.

/in , /by

Convenience and SecurityBy David Strickland, Vice President of Kenton Brothers

With the recent events in Uvalde, we are reminded again how critical security systems are and the role they play in protecting people, property and possessions. In Part 1 of Convenience vs. Security, we discussed some of the missteps at Robb Elementary and how those choices led to loss of life. In this blog, we will be discussing 5 things you can do today to help reduce risk in your school, business or organization.

1. Have your local law enforcement agency or trusted certified security partner conduct a thorough physical security site assessment.

This physical sight survey is part of an open and honest conversation. A thorough all-hazard threat, vulnerability, and risk assessment will take some time and involve all stakeholders or a representative from each group (Students, Staff, Administration, HR, IT, Parents, Legislatures) the more people involved the better. This assessment will review policies and procedures as well as identify the physical security components that make up your organization’s campus or grounds. It will highlight your current situation and the risks that you face. It will help you understand the common language used by industry professionals to describe risk levels and the mitigation techniques to overcome them.

Convenience and SecurityThis assessment is critical for your organization to understand where it is today and where it needs to be tomorrow.
Many times these assessments can be provided for free from local law enforcement, DHS field agents or Security Partners like Kenton Brothers Systems for Security. It’s important to ask your partners about their certifications. Cost should not be a barrier. (Please call us for support.)

If you’re reading this and think you should take a crack at your assessment first; the Department of homeland Security and CISA have created an online assessment tool for you. You can find it here: https://www.cisa.gov/school-security-assessment-tool

2. Create an Emergency Plan based on the things you learned from your security assessment.

Once your assessment is finished, you will have a clear view of your physical space, the policies and procedures in place, and the risks you face with both. We encourage you to create an emergency plan, taking into consideration the items you’ve learned. This plan will cover all risks and scenarios you may face in the next year. We say year because this should be reviewed annually and adjustments made.

FEMA has created some very good tools to get you started. You can access them here:
https://training.fema.gov/programs/emischool/el361toolkit/siteindex.htm

They have also published a sample plan that will give you a template to follow. You can find that here:
https://training.fema.gov/programs/emischool/el361toolkit/assets/sampleplan.pdf

Convenience and SecurityAction items might include adopting new physical security measures or improving the capacity of existing measures to detect, delay, and respond to threats across various layers of the school campus.

Plans could specify the need to provide staff with communications equipment, create policies to improve responses to safety incidents and training staff on these policies, or conduct refresher trainings so that staff and students are aware of how they should respond if and when an incident is detected.

If a school has identified in the vulnerability analysis that it lacks measures to enable quick response from first responders in case of an emergency, a plan might specify what additional measures could be in place to speed that response. The goal with the plan is to ensure consistent application of security throughout the entire campus or organization.

3. Conduct drills and monthly tests of the components in your security system.

Create a culture of preparedness among faculty, staff and students by consistently drilling each of the critical hazard responses. Fire Drills, Active Shooter Drills, Tornado, Flood, etc. Providing emergency preparedness training to team members faculty, staff and students keeps top of mind awareness. It also helps keep all layers of your organization informed. It will help you see where you need to improve and adjust your plan.

Additionally, we recommend that you test all of your access control, IP video surveillance, intrusion detection, panic devices and mass notification systems monthly to insure proper working order. We also recommend that these components are cleaned and maintained on a quarterly basis. They should have their firmware and software updated at least annually as well as with any major updates recommended by the manufacturer. Your physical security provider should be meeting with your IT department regularly (twice a year) to discuss cyber security of the physical security network to mitigate cyber threats.

Drilling, maintenance, upkeep and adjustments are critical to the successful deployment of your security plan.

Convenience and Security

4. Make snap inspections of your physical grounds at least once a month.

People respect what is inspected. Security staff or designated personnel and a member of executive or administrative level team members should conduct walk around inspections of policy and procedures on a random, but consistent basis.

Leadership should ask the following questions:

  • Is my perimeter secure?
  • Is my building secure?
  • Are doors being propped open or forced open during school hours?
  • Will our system warn us when these activities are happening?
  • Who monitors the alarms that are generated when these events happen?
  • What is our policy to respond to those alarms?
  • Are all of my cameras running and recording high quality images?
  • Have I verified how many days my recordings are saved?
  • Are my cameras dirty? (At night dirt will reflect infrared light back at the lens.)
  • Are all my classroom doors locked?
  • Are all the emergency exits clear and unobstructed?
  • Do my panic buttons work?
  • Does my mass notification system work?

There are many more items we could add to this list depending on your specific scenario.

5. Partner with your local law enforcement and mental health professionals to increase awareness and outreach.

One of the sad statistics that we’ve learned over the last several years is that school or workplace violence tends to be committed by people we know. Law enforcement and mental health professionals in your area are valuable resources for assessing threat levels in human behavior. We recommend an ongoing meeting with these resources in the hopes of prevention.

One of my favorite school administration teams meets with local law enforcement, school counselors and parents to actively engage in discussions around supporting at risk youth. They call their group the “A team” and they have been very effective. By engaging early and being intentional in their support, they’ve created strong relationships with the youth, parents and teachers in their organization. The A Team has opened up communication and thwarted violent behavior before it starts.

The goal of this blog is to give you tangible steps to help you create a secure environment for your team members, students, staff, teachers, parents or customers so that they feel safe and able to thrive. If you need help going down this path, please give us a call and we will walk the path with you.