Three Security Trends for 2022 – Blurring of Cyber and Physical Security

/in , , , /by

By Gina Stuelke, CEO of Kenton Brothers

The lines are blurring between cyber and physical security. Here are three important trends we are seeing in the commercial security space for 2022.

1) Organizations will invest in new commercial access control systems and video analytics solutions that are more integrated.

CyPhy Part 1During the pandemic, many businesses had to get creative in managing new health and safety mandates. Controlling social distancing was critical. To adhere to health mandates, retailers, corporate offices, and others needed to know how many people were in their facilities at any given point. This has generated huge demand for occupancy management solutions.

While most are using this technology to count people entering and exiting a building, organizations will continue expanding this technology across all areas of their facilities.

These spatial analytics are helping businesses unlock insights about how people use their facilities. Long after the pandemic is over, they can extract data to learn:

  • How many people are waiting in the lobby
  • How many people are in the cafeteria
  • How specific spaces are being used over time

This data then becomes the catalyst for building improvements that enhance the visitor, employee, or tenant experience.

Implementing video analytics within camera systems can further strengthen site security and delivers more insights. From people counting and directional flow to object left behind and crossline detection, analytics are giving security teams a clearer picture of what’s happening in their environments. Analytics also allowed remote teams to stay on top of threats while securing near-empty facilities during the pandemic. Beyond safety objectives, organizations are using analytics data to reduce wait times, optimize staff scheduling and enhance business operations.

Corporate offices are also finding ways to best optimize their workplaces as they give employees the flexibility to split up their work time between the office and home. This space utilization intelligence helps them better track employee office attendance, monitor meeting room demands and make more informed floor plan changes such as adding more desk-sharing options.

All of this leads to higher operational efficiencies, effective resource management and cost savings.

2) Cybercrime will continue to grow and inspire new strategies.

CyPhy Part 2In today’s world, while we can harden and tighten the physical security of a facility, a truly secure IT perimeter no longer exists. Physical security professionals are collaborating with cyber security teams to put measures in place to deter hackers and protect their businesses.  Choosing trusted vendors and deploying physical security solutions that come with layers of cyber defenses are critical. It’s a layered and collaborative approach.

A report by Cybersecurity Ventures predicts that global crime costs will reach $10.5 trillion annually by 2025. With a growth rate of 15% per year, this is said to represent the greatest transfer of economic wealth in history.

As we continue to see more devices come online (at the rate of 17 per hour) and data processing becomes central to operations, businesses will need to remain agile and responsive to the evolving threat landscape. Businesses will also need to offer greater transparency to meet customer expectations of keeping their data private and secure. All of this will bring in a new model for physical and cybersecurity that relies on continuous verification rather than just hardening networks and systems.

3) More organizations will make the move to the Cloud and embrace a hybrid model.

CyPhy Part 3The pandemic is largely responsible for the surging demand for the Cloud. As online usage and remote work spiked, there’s been a global shift to accelerate digital transformation.

According to a report titled Predictions 2021 by Forrester, global public cloud infrastructure was predicted to grow 35% to a market value of $120 billion in 2021. To thrive in the long run, physical security professionals will need to determine how to best leverage cloud technology and offerings in the years ahead. More chief security officers will let go of the division between cloud and on-premises physical security systems and embrace a hybrid deployment model. This allows them to implement specific systems or applications in the cloud while keeping existing on-premises systems.

This hybrid approach can also be the simplest answer when deciding how to enhance scalability, redundancy, and availability to meet changing needs. Beyond that, cloud offerings provide tons of added value. Physical security teams can quickly migrate to newer technologies, minimize hardware footprint, boost cybersecurity and reduce costs.

It’s an exciting time in the security industry!

Innovation and continuous improvement are happening every day in the commercial security industry, both core values of KB! Let us be your commercial security partner and we will help you navigate these changes!

Introducing the LenelS2 Elements Security System

/in , , /by

By Courtney Emra, Lead Customer Service/Sales Assistant at Kenton Brothers

At Kenton Brothers Systems for Security, it’s important that we partner with the best solution providers in the industry. LenelS2™ is one of those providers.

LenelS2 ElementsLenelS2 is a leader in advanced physical security solutions, including access control, video surveillance and mobile credentialing. Their products, systems and services tackle the evolving needs of some of the world’s most demanding organizations. They provide a security backbone with deployment options that incorporate multiple technologies including mobile, cloud, artificial intelligence and cybersecurity. Their open architecture supports hundreds of third-party system interfaces that extend the capabilities of many security management systems.

The LenelS2™ Elements™ system is a comprehensive, yet simple, unified access control and video management solution built for the cloud. From single-site access control and video surveillance to more complex systems, the Elements system contains all the key ingredients for an effective and scalable, cloud-based solution; providing businesses with a brand-new security option that’s as simple as it is essential.

Perfect for Small and Medium-Sized Businesses

LenelS2 Elements ArchitectureThe Elements security solution is perfect for small to medium-sized businesses or satellite locations that need secure workplaces, but may not have permanent IT staff or security professionals. Easy to operate and maintain, the Elements system provides hassle-free, effective security that allows businesses to focus on more important things — like running their business.

Updates and enhancements are pushed in real time, reducing costly site visits. This makes budgeting more predictable and helps keep capital expenses down. Mobile first, the system can be accessed at any time, from anywhere. As the only unified access control and video management system that integrates with the OnGuard security management platform, the Elements solution can expand to meet a growing business’ needs.

LenelS2 Elements Checks All the Boxes

  • Cloud Based
  • Ideal for small and medium businesses
  • Easy to budget, get predictive monthly billing
  • Browser based user experience
  • No need for IT or security personnel

 

Verkada – A New Standard for Enterprise Security?

/in , , /by

By Kevin Whaley, CPP, Sr. Security Consultant at Kenton Brothers

Verkada is one of the newest and fastest growing security system platform providers on the market. Their mission; to modernize enterprise physical security. Verkada prides itself by being a complete solutions provider, offering a suite of connected security devices that provide the user with a complete picture of the safety, security and even health of their environments. From access control, video surveillance, intrusion detection and environmental sensors, Verkada offers complete situational awareness for its users through a single, very user-friendly platform.

But wait… ANOTHER company that claims to offer a “complete” enterprise solution?

Verkada ProductsWe’ve all heard that before. I typically don’t “rave” about a specific product but rather, I always try to find the solution that I believe will meet my client’s needs. By offering various options and products, I make sure that the customer has all the info they need to make an informed decision.

Then why, you may ask, am I talking about Verkada? What makes them so different? Well, let me learn ya a thing or two.

I have to admit, when I first heard about Verkada, I was VERY skeptical and thought there was no way they could live up to what they were promising and I put them out of my mind. Then I started at Kenton Brothers and really got the opportunity to see Verkada systems in action in the field. I’ve been able to play around in the system myself. I’m pretty tough to impress, but after some time and experience, I’m a big fan!

Now, are they a good fit for everyone? Absolutely not. Are they a good fit for many? Absolutely! It’s an investment, but that is offset by the quality of their products, operating platform and ease of use.

Verkada Command

Verkada Products and SolutionsVerkada Command combines video, access control and sensor insights across your organization into a cloud-based solution. Cloud-based… meaning no more expensive servers to maintain or replace! That’s a plus. It is infinitely scalable so you can add as many devices as you need. Maintenance? Forget about it! Automatic updates are continuously delivered to make sure you’re equipped with the latest and greatest features and enhancements.

Verkada can provide a range of cameras from domes, bullets, minis and fisheyes. The cameras also come equipped with built in storage that can store anywhere from 30-365 days of video history. That means, even if your network or internet goes down, cameras are still recording.

Access Control

The access control system is great too! Each door controller is built with its own onboard processing and storage so teams can quickly configure and manage all doors. It’s easy to set up, allows you to manage access remotely and connect your organizations active directory solution to seamlessly manage credentials being added and removed. (Another plus, their door controller multi-format card readers support low and high frequency card formats.) As of now, Verkada only offers 4-door controllers, which means that if you have 16 doors, you’ll need to get 4 controllers. However, larger controllers are in development.

Intrusion Detection

Verkada ProductsNeed intrusion detection? They’ve got that covered, plus a lot more. No more need to purchase and install multiple sensors that only do one thing. Get one sensor for motion, noise, and even environmental data like temperature, humidity, air quality, vape detection, PM2.5 and TVOCs. (If you don’t know these terms, we should probably talk…)

All of this is instantly integrated, allowing all the sensors, cameras and doors to communicate with each other, making your ability to maintain situational awareness much more efficient. I’ve personally experienced the frustration and time consuming effort it takes when you’re trying to find records or reviewing hours of video to find a specific 2-3 second clip. Verkada takes all that frustration away with all of its capabilities.

They even offer 30-day trials for some of their products. Want to give Verkada a try or see it in action? Give us a call!

Red Team Testing: It’s the 1992 “Sneakers” movie in real life in 2022.

/in , , , /by

By David Strickland, Vice President of Kenton Brothers

1992 Sneakers Movie Poster

The 1992 movie Sneakers, starring Robert Redford and Dan Aykroyd, was about a Red Team that was hired to break into companies all over San Francisco.  They were hired by the same companies they were trying to break into. This was done to test their security measures (both Physical and Cyber) – What we like to call “convergence” these days.

Robert Redford’s Red Team was made up of both physical security experts (a thief and a federal agent) and cyber security experts (a hacker and electronic technology expert). Their mission was to test and penetrate the defenses of the target company to point out any weaknesses. If vulnerabilities were found, the company could shore up their defenses and make their company more secure.

Fast forward 30 years to 2022. The Red Team Testing technique is still in full swing.

Red Team Testing is still the pinnacle of testing your security systems so that you can determine your risk of exposure. The Red team will look at every aspect of your convergent security systems and create a detailed report on your weaknesses.

Red Teams ask the question – What would happen if your company was faced with some of the following scenarios?

  • Active Shooter
  • Cyber Attacks (Internal and External)
  • Industrial Espionage
  • Theft (Physical, Digital, Intellectual Property)
  • Sabotage
  • Power outage
  • Mass Casualty event (Weather, explosives, Chemical)
  • Pandemic
  • Work Place Violence

Here are a few of the techniques Red Teams will use to test your company’s exposure level:

Physical Security Penetration Testing:

Red Team TestingRed Teams will test physical penetrations with your company’s physical assets (buildings, vehicles, networks, people) and measure the company’s response and how long it took to detect and act on those tests. They will measure the effectiveness of your policies and procedures and how they affect your deterrence and detection systems.

The Red Team will pose as employees or service providers to gain access to your company’s inner workings. They may also attempt to break into see what is possible and if they get caught. They’re looking for assets they can compromise and gain access to while on the inside.

Did your coworker leave proprietary information on a white board for all to see? Did everyone sign out of their workstations? Are your access control doors propped open for easy access? If someone unplugged one of your surveillance cameras and plugged it in to their laptop, could they gain access to your network? Can they connect a thumb drive to your server? Could they sneak a weapon in? Have all of your Internet of Things (IOT) devices had their default usernames changed? The list is long.

Cyber Security Penetration Testing

Where physical penetration testing might seem like a hammer, think of cybersecurity testing as a scalpel. Red Teams utilize web application attacks, such as cross-site scripting, SQL, piggybacking, injection and backdoors, to uncover a target’s vulnerabilities. Testers then try and exploit these vulnerabilities. These types of risk include stealing data, intercepting private/confidential traffic, asset discovery, exploitation and complete shutdown. As we all have become aware, Ransomware is a true and present threat to every size of business.

In the complex cybersecurity landscape, penetration testing has become a must for most industries. In many, in fact, it’s required by law.

For instance:

  • Health organizations ensure healthcare data security under HIPAA
  • Financial institutions test for FDIC compliance
  • Businesses accepting or processing payment cards must comply with Payment Card Industry standards
  • Critical infrastructure entities must follow guidelines outlined by NERC

Even businesses that might think they don’t have any valuable information to protect could be at risk of someone trying to take over the network, install malware, disrupt services, and more.

The End Game

What does all this sneaking around mean and why should you care? Red Team Testing allows you to identify and exploit your security weaknesses without the impact of debilitating consequences. From a Red Team’s report, you can adjust your response to the threats that you see as your biggest exposure. You’ll have the ability to identify specific weaknesses and the best approach for shoring them up.

Breaches Happen Every Day – Here’s an example.

One story about a Red Team that comes to mind was about a team that created malware laced thumb drives. And they labeled them with the contracted company’s logo to make them look official. The Red Team followed several employees to a local convenience store and would drop these thumb drives by their car door when the employee would enter the store. When the employee would come back, they would see the logo and thumb drive and assume they had dropped it. They would dutifully pick it up and bring it back to work with them. Curious about what was on the thumb drive, they would insert it in the USB port on their workstation and physically introduce malware to their cyber network. Game over.

This is a great representation of the techniques a red team employs to gain access. They used social engineering to “hack the employees” and defy the policy of no outside USB connections on the network. It seems innocent enough to the employee, however the vulnerability was able to exploit the banking information of a large regional bank. Fortunately, this was a test. Only a test.

Security Systems and Processes have the best chance for success when they’re working in unison. You may have the best security system in the world, but if you forget to arm it, it’s useless. Red Team testing allows you to test both systems and processes.

Interested in how this testing could help your organization? We can help! Please reach out today and we will discuss exactly how Red Team testing can increase the protection of your business.

Technology Update from ISC West 2021

/in , , , /by

By David Strickland, Vice President of Kenton Brothers

ISC West 2021The 2021 International Security Conference West Coast (ISC West) was much smaller this year, but still packed a punch for technology announcements. The smaller crowd still showed a lot of enthusiasm for the latest and greatest innovations in Commercial Video Surveillance, Access Control, Visitor Management, Intrusion detection, Public Safety and Emergency management.

Cyber and Physical Security Convergence

The overwhelming conversation this year was around the convergence of cyber and physical security. The physical security of cyber networks and the management of commercial and industrial IOT (Internet of Things) devices. High profile hacks have made the world pause and analyze how to better protect their networks and data from outside intrusion.

Currently Worldwide – 65 billion IOT devices

  • 127 IOT devices being connected every second.
  • Each device allows for the possibility of a vulnerability onto your network.
  • More to come on this from Kenton Brothers in the future.

Artificial Intelligence

ISC West 2021 - Artificial IntelligenceArtificial intelligence and Robotics continued it’s flag waving this year. There are always large crowds around booths and displays for this type of technology. The use of artificial intelligence to analyze commercial video surveillance and create a proactive approach to stopping intrusion or crime continues to be a very strong driver for many companies.

Davantis, BriefCam and Avigilon continue to lead the way and evolve the technology to more use cases. The video analytics, AI learning and user input continue to make huge gains in deep learning and proactive measures.

With diminishing law enforcement personnel levels all across the country AI can help bridge the gap. There is no doubt that it is a force multiplier and will change the law enforcement and security industries forever.

Robotics

ISC West 2021 - RoboticsThe robotics offerings showed very well this year at ISC West. Cobalt robotics continued to show the strength of AI, Deep Learning and Human Intelligence all working together to create secure spaces. Their announcement of the open IP addresses check was a topic that many responded to. Robots can also help with wireless signal intelligence: WiFi and cellular signal strength heatmaps, locations of rogue wireless access points, and the presence and identity of nearby electronic devices through techniques such as MAC address fingerprinting.”

Cobalt continues to wow customers with it’s ability to adapt to the workspace and create endless services.

Schedule a demo today

Name(Required)

ISC West 2021 - AsylonThe show saw some exciting new technology surface this year. Asylon showed off the its offering of Robotic perimeter security. This includes their offerings of both drones and “Guard Dogs or cats”. The combination of these two platforms gives you complete coverage and the ability to gain proactive intelligence quickly. The space is innovating quickly!

Commercial IP Video Surveillance

Axis Communications

Axis Communications enables a smarter and safer world by creating network solutions that provide insights for improving security and new ways of doing business. As the industry leader in network video, Axis offers products and services for video surveillance and analytics, access control, and audio systems. This year, Axis spotlighted their ability to converge their platforms to one united system. Axis produced a great video that showcases the new convergence of their offerings.

Avigilon

Avigilon was busy fielding questions around the H5A system cameras.  This FIPS compliant line of video surveillance has produced some excellent cameras for a wide range of needs.  This line has truly raised the bar for cyber and physical security compliance. The addition of convolutional neural networks as the edge greatly increases the ability to have better, faster analytics driving commercial video surveillance.  All while encrypting the footage.   Check out their video explaining the line in more detail.

One new product that deserves a mention is the G.L.O.V.E.  system.

The GLOVE, which stands for Generated Low Output Voltage Emitter, is a conducted electrical weapon (CEW) from Compliant Technologies. It is designed to be used in conjunction with an officer’s defensive tactics training and other use of force tools to more effectively de-escalate use of force incidents and bring non-compliant subjects under control in a safe and timely manner. Another force multiplier that is more reliable than a Taser.

In conclusion, the show was smaller this year but still packed the same punch! We look forward to next year and getting back to normal soon.