Integrating Facial Recognition into Access Control Physical Security, Increasing Security and Convenience!

By David Strickland, Vice President of Kenton Brothers

“Innovate or Die”

Facial RecognitionWhen walking through Kenton Brothers Systems for Security, you will see this phrase prominently displayed on the walls throughout our building. Innovation is one of our core values and it’s a big reason we continue to provide remarkable physical security solutions for our customers… going on 126 years.

The world is very different than it was 125 years ago, and so are the solutions we provide to mitigate today’s security risks. The need for robust access control measures to safeguard sensitive areas is more critical than ever. As the security industry innovates, traditional methods like mechanical locks, keycards and PINs are gradually being replaced by cutting-edge biometric technologies. Among these, facial recognition stands out as a revolutionary tool, offering enhanced security and convenience in commercial access control physical security.

This blog explores the role of facial recognition as a biometric credential in access control. Here are five ways we think it will have a big impact.

1. Enhanced Security through Uniqueness:

Facial recognition technology capitalizes on the uniqueness of each individual’s facial features. Unlike passwords or keycards, which can be lost, stolen, or shared, faces are inherently unique, making them an ideal biometric credential. By registering authorized personnel in the system, access control devices can accurately match live facial images with the stored templates, ensuring that only authorized individuals gain entry.

2. Seamless and Contactless Authentication:

One of the standout advantages of facial recognition in access control is its contactless nature. Users no longer need to physically interact with devices or carry identification cards. Authentication is as simple as glancing at a camera, making it more convenient and hygienic—particularly in a post-pandemic world where reducing physical contact is thought to be essential.

3. Rapid and Real-Time Identification:

Facial RecognitionFacial recognition technology operates at impressive speeds, providing real-time identification results. This capability is especially valuable in high-traffic areas like airports, offices, and educational institutions, where quick and efficient access control is necessary. The system can process multiple faces simultaneously, reducing bottlenecks and ensuring smooth entry flows.

4. Integration with Existing Systems:

Facial recognition can seamlessly integrate with existing access control infrastructure. Many modern access control systems are designed with open architecture, allowing easy integration with biometric devices. By retrofitting facial recognition solutions into their current systems, organizations can upgrade security measures without a complete overhaul.

5. Multifactor Authentication with one “credential”:

The fusion of facial recognition with other biometric security measures, such as fingerprint or iris recognition, could create biometric systems that offer even higher security levels and resistance to spoofing attempts.  Multifactor authentication all within one “credential” – the human body!

So what about the other side of the coin… Can facial recognition be spoofed?

Yes, facial recognition can be defeated if the installation and calibration processes aren’t followed correctly. One innovation in the commercial security world is helping along that front. For instance, some systems such as  IDEMIA use liveness detection, which ensures that the face presented for authentication is a live, three-dimensional image rather than a photograph. This feature guards against spoofing attempts, where adversaries try to trick the system with static images.

The future of facial recognition in access control physical security looks very promising. Advancements in artificial intelligence and machine learning algorithms will likely improve the accuracy and efficiency of these systems. Additionally, including 3D facial recognition technology could further improve security by adding an extra layer of depth and precision to the identification process.

We believe Facial Recognition as a biometric credential in access control physical security represents a remarkable leap forward in safety and convenience. With enhanced security features, contactless authentication, and rapid identification capabilities, facial recognition technology is reshaping access control best practices.

Want to learn more? Let’s get together and discuss how utilizing this technology can increase your commercial physical security while increasing convenience: two things that are traditionally in conflict!

 

Video: Planning and Implementing Elevator Security

By Erik Andress, Sales Management Professional at Kenton Brothers

In today’s video we’re discussing elevators. In particular, how to secure them with cameras and access control. Elevators can be tricky… They require a lot of planning and coordination with the elevator company. We’ll get into some of those details today and what you need to know!

Step one is by far the most important stage and that’s planning.

Securing an elevator requires collaboration between the elevator company the security integrator as well as the client. The client lets the security innovator know how they want the elevator to function and behave. The security integrator works with the elevator company to make that possible.

Let’s use a an example: Where do you want the card reader mounted? Is it on the outside of the elevator denying access altogether or is it on the inside of the cab denying access just to certain floors? Or both? You may want to deny access to the elevator because it’s not for the public. You may also want to deny access to certain floors because it is a secure facility.

There are details we have to understand. Is there already traveling cable in the elevator? Is there space for us to install our equipment? Where is the control panel for the elevator, and where should our control panel go for access control? It can get complicated quickly.

Step two is integration.

We work with a professional elevator technician to make sure the proper cables are in place and integrate the card reader into the elevator’s controls.

Step three is configuration.

Now that the systems are integrated, we need to make sure that we go back to the client’s expectations of how they wanted the elevator to function. We need to make sure that our configuration is lining up with exactly what they asked for.

Step four is to test and calibrate.

When you put security inside of an elevator, you’re introducing a lot of moving pieces. With access control or commercial video surveillance, we need to make sure that we spend time testing the system. We need to make sure the camera’s field of views are dialed in correctly.

The final step is training.

We need to make sure that the admins and users of the system understands exactly how the system works and how changes can be made.

If you need help securing the elevators in your company buildings, we can help. Just give us a call!

Introducing the Kenton Brothers CyPhy Security Plan

By Neal Bellamy, IT Director at Kenton Brothers

CyPhy Security PlanLately we’ve been talking a lot about Cyber Security. As with all types of commercial security, Cyber Security is best implemented as layered defense. In other words, a single key or credential won’t gain access to the entire kingdom. Also, like Physical Security, even a small oversight can become the launch point for a larger attack.

For years, Kenton Brothers has been doing our part to help maintain security on your physical security devices. We use unique, randomly generated passwords for all of your devices. We make sure the firmware is updated at the time of install and implement other industry standard security best practices. While it’s a good start, there were still some gaps. So we are taking it to the next level.

The Kenton Brothers CyPhy Security Plan

Kenton Brothers is introducing our CyPhy Security Plan. Security is not a “set it and forget it” proposition. The security landscape, both Cyber and Physical, is always changing. It must be evaluated and re-evaluated to make sure the greatest number of holes are closed. With the CyPhy Security Plan we will still make sure your physical security systems are set up with the latest software, unique passwords, etc.

With this new program, we will follow the security hardening guides from all manufacturers, lock down all switch ports and ensure firewalls are set up and configured properly. After the initial installation is complete, we will be involved ongoing. We will monitor new releases from the manufacturer and alert you to any critical security related issues for your system. Furthermore, if you have the manufacturer’s software upgrade plan in place, we will remotely upgrade your systems and firmware every 6 months.

Where applicable, the CyPhy Security Plan includes:

• Using unique and randomly generated passwords for each purpose and user
• Upgrading firmware to the latest supported version
• Setting the server firewall to only allow authorized communications
• Locking switch ports to allow only authorized devices
• Monitoring manufacturer’s software for critical security alerts
• Enforcing encrypted communication wherever possible
• Disabling services, applications and ports not being used on devices
• Using unprivileged account for normal system usage
• Enforcing encrypted edge storage
• Filtering communication to local IP addresses only
• Disabling SD card slots not being used
• Following hardening guides from all installed manufacturers

We want the CyPhy Security Plan to dovetail into your existing cyber security plan.

If you have other cyber security initiatives already installed, like MFA, managed firewall, managed global service accounts, VPNs etc., we will help you integrate those into the physical security devices, networks and servers. We will also make suggestions to improve the security and operations of your systems. For example, deploying internet facing servers in the DMZ or connecting the security systems to Active Directory for ease of user management.

If you don’t have a cyber security plan in place, you can rest assured that the physical security devices will be protected and can even use our commercial security best practices to increase the security for your other systems.

Of course, there is no un-pickable/un-hackable lock, and there will never be a perfect defense for cyber attacks. Setting up a layered defense will significantly decrease the chances of a successful cyber attack on your network. The CyPhy Security Plan is our commitment to protect you whether the attack comes to your front door, or from the internet.

To learn more about our CyPhy Security Plan, please give us a call and we will discuss your current setup as well as the benefits of ramping up your security efforts.

Organizations Facing Large Rekey Projects

By Ryan Kaullen, Field Services Manager at Kenton Brothers

Large Rekey ProjectsIn a company or organization, it’s up to the organizational leaders to make sure that their people, property and possessions are kept safe and secure. Part of the strategy relies on the keying method used in the building(s). Kenton Brothers has been helping companies with large rekey projects since 1897.

So where does a company start when it comes to large rekey projects? What details are needed? How can they secure buildings and maintain control when handing out keys? Are there different levels of restricted cylinders to help secure the facility? All of these questions and more will be answered as we dive into large rekey projects.

The Rekey Plan

Everything starts with a plan, and it should be a plan that has the end goal in mind. Part of a rekey plan is an evaluation of many things including who should have access, what type of keys should be issued to employees and which keys should not, how should the key system be structured, how do you mitigate liability if a key is lost, how can keys be organized and how do we track who we issued keys to? What level of restriction should you have on the keys and cylinders? Will existing door hardware work or does it need to be switched out?

Large Rekey ProjectsSetting up a master key system for one large facility, a campus environment with multiple buildings, or even a scenario where there are different buildings across the country can all be handled by setting up a master key system that allows for growth/expansion and the flexibility within that system to do so.

A site survey(s) should be done by the company hired for the large rekey project. (Hopefully, that would be our team at Kenton Brothers!) From there, several meetings should occur to discuss the set up of the master key system, discuss the level of security you want with the keys/cylinders and set expectations for the rekey itself.

Organization of the physical keys, cores and additional information can come in many forms, but the three most common we see are:

1) The customer purchases a key management software system. (We have a great recommendation if you are looking…) and manages it themselves
2) Kenton Brothers manages the key system through our software and we handle any change requests
3) The keying system is a factory-maintained system (which comes with its own advantages and disadvantages.)

Once the planning stages have been completed, you will move on to the next step of the process… waiting for parts.

The Waiting Game

Large Rekey ProjectsSo now that a master key system has been agreed upon, pricing approved, and materials are on order, what are the next steps? At this point, you will have chosen the path of how you will manage your key system; either internally or through a company such as Kenton Brothers. 80% of the effectiveness of the new keying system is in maintaining control of the keys!

One of the big things to prepare for is communication to the employees and staff who will be issued new keys. You will want to communicate that this is coming, when it’s happening, set up strict instructions on checking out keys, reporting lost keys and what to do if you find a key laying around.

From the start, it’s important that clear expectations are set because keys are such an integral part of your security plan. You will also be in weekly or bi-weekly contact with a Project Manager dedicated to your project for  planning, when the product will arrive, any last-minute questions, and any pre-install meetings before the installation begins.

The Install

The install itself will begin with a Project Manager (PM) introducing you to the technicians who will be working on the project. The PM makes sure that once on site, the techs have clear expectations of their daily goals, know the location of material being stored onsite (if applicable), and any other project related questions they might have. Then the work begins!

The PM is the point of contact for the project. They need to keep everyone up to date, share milestones that have been completed and work through punch list items as the project progresses. Once the project is complete, there will be a final walk through. When the project is deemed complete as compared to the scope of work, a warranty form should be completed and signed.

Once the project is finished, there will be several documents that need to be delivered by the PM for records. Those documents include the following: A fully completed warranty activation form, any maps/plans used during the project fully marked up to show how things were keyed or installed, keying records if requested, and any other documents deemed necessary for the project.

Recap

Large Rekey Projects can be stressful, take time and require a lot of planning. That said, the end result is worth it.

You now have complete key control over the building(s) that you oversee. You have taken a major step to protect the property, possessions, and people who work/live within the buildings, and you have a plan moving forward that is sustainable and mitigates liability.

If your organization is considering a rekey project and you don’t have a company you trust helping you, please give us a call. We’ve helped thousands of companies over the years with large rekey projects, allowing them to take back control of their security. Get back your peace of mind!

Crime Prevention Through Environmental Design

By Kevin Whaley, CPP, Sr. Security Consultant at Kenton Brothers

Welcome to the first part of a multi-part series where we dive into the idea of Crime Prevention Through Environmental Design or CPTED.

How many parts? Yet to be determined. My objective with this series is to provide you with an introduction to CPTED with the hope that you will be able to consider these ideas and principles for your next security project.

Introduction

When it comes to physical security, most people tend to think of guards, video surveillance (aka “big brother”), alarms, fences with barbwire, etc.

That is the basic underlying impression that people get when they hear security. When I think of security, I think of onions. (That’s not an acronym for anything.) When I conduct a security assessment, I tell my clients to think of security like an onion. Why? Because security, like onions, should have layers. We also refer to these layers as “concentric layers of security” meaning that each layer builds off of the last to create maximum protection.

When developing a security plan, the goal is to create a “target shift” or target hardening. This means that you’re trying to make it as difficult as possible to defeat the security measures or increase the probability of becoming detected or being caught. Depending on conventional security measures like access control, video surveillance and security guards may have their limitations. Employing standalone security measures may fail to address the underlying behavioral patterns that may adversely affect the environment. That’s where CPTED comes in.

Crime Prevention Through Environmental Design

Crime Prevention Through Environmental DesignCPTED is defined as “the proper design and effective use of the built environment that can lead to a reduction in the fear and incidence of crime and an improvement in the quality of life.” In other words, a CPTED analysis focuses on creating changes to the physical and social environment, that may reinforce positive behavior, with the goal of reducing opportunities for crime that may be inherent in the design of the built environment. CPTED is a multi-disciplinary approach to deterring criminal behavior.

CPTED incorporates principles from:

  • Planning
  • Architecture
  • Landscape Architecture
  • Security
  • Facilities
  • Engineering
  • Law Enforcement
  • Legal/HR

CPTED design includes the physical design, social management and directives that seek to affect positive human behavior as people interact with their environment.

Depending on your organization’s industry, you may already have established design guidelines that have been set by a governing body, standard, or regulation. For example, FEMAs Risk Management Series: Site and Urban Design for Security (Guidance Against Potential Terrorist Attacks) FEMA 430, establishes guidance for government facilities but can be applied almost universally.

However, if your organization doesn’t have guidelines, there are many factors that you may need to consider during the planning phase.

These factors may include (but are not limited to):

  • Stairs and ramp design
  • Interior and exterior lighting
  • Parking lot designs
  • Landscaping
  • Doors and windows
  • Blind spots or “ambush” points
  • Building circulation patterns

When entering the planning and design phase, it may be beneficial for you to enlist the services of a security consultant with experience in conducting CPTED assessments to assist you in developing your plans. (That would be Kenton Brothers Systems for Security… :)

CPTED is based on 4 key overlapping concepts which we will dive into in greater detail in the rest of this series.

Crime Prevention Through Environmental DesignNatural Surveillance – the placement of physical features, activities, and people in a way that maximized visibility from the surrounding environment. This increases the threat of apprehension by taking steps to increase the perception that people can be seen.

Natural Access Control – Natural access control means controlling access to a site. People are physically guided through a space by the strategic design of streets, sidewalks, building entrances, and landscaping. This clearly defines entryways and guides personnel to specific entrances that are well lit and overlooked by surrounding areas.

Territorial Reinforcement – In CPTED it refers to the development of areas or places where the users feel a strong sense of ownership. It is an umbrella concept, embodying natural surveillance and access control principles. This establishes your territorial boundaries and provides the “line in the sand.”

Maintenance – Allows for the continued use of a space for its intended purpose. Serves as an additional expression of ownership. Prevents reduction of visibility from landscaping overgrowth and obstructed or inoperative lighting. Ensures that your security postures remain effective by reinforcing the concepts of natural surveillance, access control and territorial reinforcement. Displays that the site is regularly cared for and occupied.

CPTED can be a little overwhelming, even for seasoned practitioners. If you’re interested in finding out how CPTED can enhance your organization’s security program, or just want to learn more, please contact me. (Kenton Brothers’ local CPTED subject matter expert, Kevin Whaley, CPP.)