Introducing the Kenton Brothers CyPhy Security Plan

/in , , /by

By Neal Bellamy, IT Director at Kenton Brothers

CyPhy Security PlanLately we’ve been talking a lot about Cyber Security. As with all types of commercial security, Cyber Security is best implemented as layered defense. In other words, a single key or credential won’t gain access to the entire kingdom. Also, like Physical Security, even a small oversight can become the launch point for a larger attack.

For years, Kenton Brothers has been doing our part to help maintain security on your physical security devices. We use unique, randomly generated passwords for all of your devices. We make sure the firmware is updated at the time of install and implement other industry standard security best practices. While it’s a good start, there were still some gaps. So we are taking it to the next level.

The Kenton Brothers CyPhy Security Plan

Kenton Brothers is introducing our CyPhy Security Plan. Security is not a “set it and forget it” proposition. The security landscape, both Cyber and Physical, is always changing. It must be evaluated and re-evaluated to make sure the greatest number of holes are closed. With the CyPhy Security Plan we will still make sure your physical security systems are set up with the latest software, unique passwords, etc.

With this new program, we will follow the security hardening guides from all manufacturers, lock down all switch ports and ensure firewalls are set up and configured properly. After the initial installation is complete, we will be involved ongoing. We will monitor new releases from the manufacturer and alert you to any critical security related issues for your system. Furthermore, if you have the manufacturer’s software upgrade plan in place, we will remotely upgrade your systems and firmware every 6 months.

Where applicable, the CyPhy Security Plan includes:

• Using unique and randomly generated passwords for each purpose and user
• Upgrading firmware to the latest supported version
• Setting the server firewall to only allow authorized communications
• Locking switch ports to allow only authorized devices
• Monitoring manufacturer’s software for critical security alerts
• Enforcing encrypted communication wherever possible
• Disabling services, applications and ports not being used on devices
• Using unprivileged account for normal system usage
• Enforcing encrypted edge storage
• Filtering communication to local IP addresses only
• Disabling SD card slots not being used
• Following hardening guides from all installed manufacturers

We want the CyPhy Security Plan to dovetail into your existing cyber security plan.

If you have other cyber security initiatives already installed, like MFA, managed firewall, managed global service accounts, VPNs etc., we will help you integrate those into the physical security devices, networks and servers. We will also make suggestions to improve the security and operations of your systems. For example, deploying internet facing servers in the DMZ or connecting the security systems to Active Directory for ease of user management.

If you don’t have a cyber security plan in place, you can rest assured that the physical security devices will be protected and can even use our commercial security best practices to increase the security for your other systems.

Of course, there is no un-pickable/un-hackable lock, and there will never be a perfect defense for cyber attacks. Setting up a layered defense will significantly decrease the chances of a successful cyber attack on your network. The CyPhy Security Plan is our commitment to protect you whether the attack comes to your front door, or from the internet.

To learn more about our CyPhy Security Plan, please give us a call and we will discuss your current setup as well as the benefits of ramping up your security efforts.

Organizations Facing Large Rekey Projects

/in , , /by

By Ryan Kaullen, Field Services Manager at Kenton Brothers

Large Rekey ProjectsIn a company or organization, it’s up to the organizational leaders to make sure that their people, property and possessions are kept safe and secure. Part of the strategy relies on the keying method used in the building(s). Kenton Brothers has been helping companies with large rekey projects since 1897.

So where does a company start when it comes to large rekey projects? What details are needed? How can they secure buildings and maintain control when handing out keys? Are there different levels of restricted cylinders to help secure the facility? All of these questions and more will be answered as we dive into large rekey projects.

The Rekey Plan

Everything starts with a plan, and it should be a plan that has the end goal in mind. Part of a rekey plan is an evaluation of many things including who should have access, what type of keys should be issued to employees and which keys should not, how should the key system be structured, how do you mitigate liability if a key is lost, how can keys be organized and how do we track who we issued keys to? What level of restriction should you have on the keys and cylinders? Will existing door hardware work or does it need to be switched out?

Large Rekey ProjectsSetting up a master key system for one large facility, a campus environment with multiple buildings, or even a scenario where there are different buildings across the country can all be handled by setting up a master key system that allows for growth/expansion and the flexibility within that system to do so.

A site survey(s) should be done by the company hired for the large rekey project. (Hopefully, that would be our team at Kenton Brothers!) From there, several meetings should occur to discuss the set up of the master key system, discuss the level of security you want with the keys/cylinders and set expectations for the rekey itself.

Organization of the physical keys, cores and additional information can come in many forms, but the three most common we see are:

1) The customer purchases a key management software system. (We have a great recommendation if you are looking…) and manages it themselves
2) Kenton Brothers manages the key system through our software and we handle any change requests
3) The keying system is a factory-maintained system (which comes with its own advantages and disadvantages.)

Once the planning stages have been completed, you will move on to the next step of the process… waiting for parts.

The Waiting Game

Large Rekey ProjectsSo now that a master key system has been agreed upon, pricing approved, and materials are on order, what are the next steps? At this point, you will have chosen the path of how you will manage your key system; either internally or through a company such as Kenton Brothers. 80% of the effectiveness of the new keying system is in maintaining control of the keys!

One of the big things to prepare for is communication to the employees and staff who will be issued new keys. You will want to communicate that this is coming, when it’s happening, set up strict instructions on checking out keys, reporting lost keys and what to do if you find a key laying around.

From the start, it’s important that clear expectations are set because keys are such an integral part of your security plan. You will also be in weekly or bi-weekly contact with a Project Manager dedicated to your project for  planning, when the product will arrive, any last-minute questions, and any pre-install meetings before the installation begins.

The Install

The install itself will begin with a Project Manager (PM) introducing you to the technicians who will be working on the project. The PM makes sure that once on site, the techs have clear expectations of their daily goals, know the location of material being stored onsite (if applicable), and any other project related questions they might have. Then the work begins!

The PM is the point of contact for the project. They need to keep everyone up to date, share milestones that have been completed and work through punch list items as the project progresses. Once the project is complete, there will be a final walk through. When the project is deemed complete as compared to the scope of work, a warranty form should be completed and signed.

Once the project is finished, there will be several documents that need to be delivered by the PM for records. Those documents include the following: A fully completed warranty activation form, any maps/plans used during the project fully marked up to show how things were keyed or installed, keying records if requested, and any other documents deemed necessary for the project.

Recap

Large Rekey Projects can be stressful, take time and require a lot of planning. That said, the end result is worth it.

You now have complete key control over the building(s) that you oversee. You have taken a major step to protect the property, possessions, and people who work/live within the buildings, and you have a plan moving forward that is sustainable and mitigates liability.

If your organization is considering a rekey project and you don’t have a company you trust helping you, please give us a call. We’ve helped thousands of companies over the years with large rekey projects, allowing them to take back control of their security. Get back your peace of mind!

Crime Prevention Through Environmental Design

/in , /by

By Kevin Whaley, CPP, Sr. Security Consultant at Kenton Brothers

Welcome to the first part of a multi-part series where we dive into the idea of Crime Prevention Through Environmental Design or CPTED.

How many parts? Yet to be determined. My objective with this series is to provide you with an introduction to CPTED with the hope that you will be able to consider these ideas and principles for your next security project.

Introduction

When it comes to physical security, most people tend to think of guards, video surveillance (aka “big brother”), alarms, fences with barbwire, etc.

That is the basic underlying impression that people get when they hear security. When I think of security, I think of onions. (That’s not an acronym for anything.) When I conduct a security assessment, I tell my clients to think of security like an onion. Why? Because security, like onions, should have layers. We also refer to these layers as “concentric layers of security” meaning that each layer builds off of the last to create maximum protection.

When developing a security plan, the goal is to create a “target shift” or target hardening. This means that you’re trying to make it as difficult as possible to defeat the security measures or increase the probability of becoming detected or being caught. Depending on conventional security measures like access control, video surveillance and security guards may have their limitations. Employing standalone security measures may fail to address the underlying behavioral patterns that may adversely affect the environment. That’s where CPTED comes in.

Crime Prevention Through Environmental Design

Crime Prevention Through Environmental DesignCPTED is defined as “the proper design and effective use of the built environment that can lead to a reduction in the fear and incidence of crime and an improvement in the quality of life.” In other words, a CPTED analysis focuses on creating changes to the physical and social environment, that may reinforce positive behavior, with the goal of reducing opportunities for crime that may be inherent in the design of the built environment. CPTED is a multi-disciplinary approach to deterring criminal behavior.

CPTED incorporates principles from:

  • Planning
  • Architecture
  • Landscape Architecture
  • Security
  • Facilities
  • Engineering
  • Law Enforcement
  • Legal/HR

CPTED design includes the physical design, social management and directives that seek to affect positive human behavior as people interact with their environment.

Depending on your organization’s industry, you may already have established design guidelines that have been set by a governing body, standard, or regulation. For example, FEMAs Risk Management Series: Site and Urban Design for Security (Guidance Against Potential Terrorist Attacks) FEMA 430, establishes guidance for government facilities but can be applied almost universally.

However, if your organization doesn’t have guidelines, there are many factors that you may need to consider during the planning phase.

These factors may include (but are not limited to):

  • Stairs and ramp design
  • Interior and exterior lighting
  • Parking lot designs
  • Landscaping
  • Doors and windows
  • Blind spots or “ambush” points
  • Building circulation patterns

When entering the planning and design phase, it may be beneficial for you to enlist the services of a security consultant with experience in conducting CPTED assessments to assist you in developing your plans. (That would be Kenton Brothers Systems for Security… :)

CPTED is based on 4 key overlapping concepts which we will dive into in greater detail in the rest of this series.

Crime Prevention Through Environmental DesignNatural Surveillance – the placement of physical features, activities, and people in a way that maximized visibility from the surrounding environment. This increases the threat of apprehension by taking steps to increase the perception that people can be seen.

Natural Access Control – Natural access control means controlling access to a site. People are physically guided through a space by the strategic design of streets, sidewalks, building entrances, and landscaping. This clearly defines entryways and guides personnel to specific entrances that are well lit and overlooked by surrounding areas.

Territorial Reinforcement – In CPTED it refers to the development of areas or places where the users feel a strong sense of ownership. It is an umbrella concept, embodying natural surveillance and access control principles. This establishes your territorial boundaries and provides the “line in the sand.”

Maintenance – Allows for the continued use of a space for its intended purpose. Serves as an additional expression of ownership. Prevents reduction of visibility from landscaping overgrowth and obstructed or inoperative lighting. Ensures that your security postures remain effective by reinforcing the concepts of natural surveillance, access control and territorial reinforcement. Displays that the site is regularly cared for and occupied.

CPTED can be a little overwhelming, even for seasoned practitioners. If you’re interested in finding out how CPTED can enhance your organization’s security program, or just want to learn more, please contact me. (Kenton Brothers’ local CPTED subject matter expert, Kevin Whaley, CPP.)

Unusual and Hard to Find Security Products Part 2

/in , , /by

By Erik Andress, Sales Management Professional at Kenton Brothers

Access control and surveillance cameras are two of the most often talked about technologies when it comes to commercial security solutions. At times, you need something special to accomplish your security objective. So we started a video series to showcase some of the unusual and hard to find security products that might be a perfect fit for your specific security need.

If you haven’t watched part one, you can watch that here.

Products We Cover in Part 2

  • Laminates
  • Seismic Sensors
  • Bill Traps
  • Perimeter Intrusion Detection

We hope you enjoy the video… there are so many tools and technologies to cover, we may do a Part 3!

Please let us know if you have questions about any of the products we covered in this video or how they might become part of your commercial security solution. All you have to do is give us a call!

What is a Security Systems Integrator? A robbery gives some perspective.

/in , /by

By David Strickland, Vice President of Kenton Brothers

What in the world is a Security Systems Integrator?

How a robbery helped me understand the importance of a Security Systems Integrator.That is a great question and one I hope to answer with this story. Eleven years ago, I had no idea what a security integrator was either. It wasn’t until I got involved in the security industry and saw firsthand what a Security Systems Integrator was and why they’re so important to so many organizations.

First let me tell you a story about a time we got robbed…

It might surprise you to know that my first involvement with a security company was like many of you. I had an alarm system put into my business. I did my research and picked a reputable, big-name company to do the work. It was a straightforward process. I was happy with my provider and trusted that they knew what they were doing. The alarm system worked great for years.

Fifteen years later I had sold my company to a much larger organization and was working with them in a brand new, large operational center in the southeast United States. This operational center counted and stored very large amounts of cash and checks and processed them daily. Security was critically important. The large company I worked for did the same thing I had done fifteen years prior. They called a big-name company to come out and install a security system to protect their assets.

The representative from the security company was in the 30,000 sq ft building for 30 minutes. A week later, they installed 2 keypads, 4 glass break sensors, some motion detectors, 2 sets of door contacts and one siren. They also installed three cameras… One in the cash room and one at the front door.

It was a great idea to have the cameras installed.

Shooting GlassWithin the first week of opening, late at night, we were able to see a person shoot out the glass entryway of our lobby and enter the building. He ran straight to the cash room and kicked in the door. We watched him go right to the safe we had installed and enter the code. He opened the door of the safe within two minutes of entering the building. And he was on his way out carrying an armful of envelopes full of cash and checks, dropping some along the way. It was obviously a person with inside knowledge of our systems and the location of the security devices.

It turns out the alarm didn’t go off and no one was notified until 6am the next morning when the first employees arrived and saw the carnage. Our security system was not installed by a Security Systems Integrator. It was installed by a subcontractor of a national alarm company. There’s a big difference.

A Security Systems Integrator like Kenton Brothers Systems for Security would approach this building and the liability of the cash and checks in a very different way.

Using the Defense in Depth model we would have recommended a layered approach with the following considerations:

  • An exterior camera would be added to extend the perimeter and alert when there was car activity in the parking lot after operating hours
  • All doors would always be locked and require key or credential entrance
  • The alarm would arm automatically at a predetermined time
  • If the alarm did not arm or was disarmed outside of normal hours, an alert would be issued
  • The cash room door would be reinforced with a five-point door and a steel reinforced frame
  • All the codes on the safe would have been changed after install and assigned to the person opening the safe, which would require dual authentication for access
  • The intrusion system would be tied to the surveillance system. A video feed would be sent to the monitoring company to dispatch police as a verified crime in progress for priority response.

This true story seeks to point out the differences between an alarm company and a Security Systems Integrator. A Security Systems Integrator specializes in bringing independent security components together ensuring that those components function together properly to protect people, property, and possessions. These components include IP video surveillance, access control, intrusion detection, mass notification, weapons detection, analytics and more. Fully developed Security Systems Integrators are considered ‘design-build’ integrators.

Security Systems Integrators can provide the following services:

  • Security risk or needs assessments
  • Customized system engineering and design
  • Broad access to the leading manufacturers and product lines
  • Procurement, staging, installation, commissioning and training
  • Full lifecycle service and maintenance
  • System updates and operational upgrades

A Security Systems Integrator can take advantage of their unique perspective on the key ingredients for successful development of a physical security program. We like to call it the KB Advantage – utilizing over a century worth of experience and wisdom to assess, design, engineer, install, commission, train and maintain a remarkable physical security system.

If you want to know more about how we can help you develop a layered security approach for your organization, please give us a call.