Security Technology & Design

Another Year On the Cutting Edge

"It's clear that this project provided the level of security, collaboration and innovation required to secure the busiest port in the United States," one judge wrote. "A massive video deployment integrated with enterprise electronic access control and a PSIM system was the core of this project, but designing the system to accommodate future improvements like ground radar and computer aided dispatch made the L.A. Port project stand out among the entries."

Crisis Management: Raising the Stakes

Push for Recognition or Resolution: In many cases, there is no definitive approach to prevent HCLP events, especially those that arise from natural sources like earthquakes or tornadoes. In that case, crisis management planning efforts need to recognize and document the existence of the risk, the potential consequences of the risk, and a resultant emphasis on consequence mitigation and recovery.

Emergency Preparedness: Compliance, Care and the Long View

We know the long view and a diverse data set are required to calculate catastrophic impacts. Similarly, longer views are required for forward-looking, cross-functional risk mitigation teams.

Hospital Access Control

To date, the Brivo SE/XE OnSite access control solution has been installed at five of CSR's hospital campuses spread throughout South-Central Texas: the downtown San Antonio CHRISTUS Santa Rosa Hospital - City Centre, CSR Children's Hospital, CSR Hospital - Westover Hills, CSR Hospital - Medical Center, and CSR Hospital - iNew Braunfels. The five hospitals combined have a total of 1,128 beds, nearly 3,900 Associates, and 2,000 physicians.

How to Choose a Managed Access Control System

Although multi-tenant [SaaS] provides end-users with ultimate flexibility when managing their access control system, it also allows the end-user to outsource administration, monitoring, and programming functions to their security dealer. Many systems integrators provide a "concierge" service in which they manage their customers' access control system on a continuous or on-demand basis.

How's Your Security Culture?

When interviewing arbitrary employees during my security assessments, I ask how information security is perceived and how it is actually working within the organization. Needless to say, I'm seeing quite a different picture than what management often paints.

I'm From the Government, and I'm Here to Help

Just last week, I saw a news item in the DC technology media that another member of the entrenched bureaucracy is saying the Feds need to "set standards" for cyber security professionals. If you are not accustomed to DC double talk, let me explain that one to you.

Implementing Single Logical/Physical Access Card Standards

A: Many companies are now looking to upgrade the levels of assurance for their logical and physical access control. FIPS 201 is the U.S. Federal government standard that specifies Personal Identity Verification (PIV) requirements for Federal employees and contractors. The set of FIPS 201-related standards has been expanded, and there are now two additional standards for cards issued by private-sector organizations: PIV-Interoperable (PIV-I for short) and PIV Compatible (PIV-C).

Integrated Threat Management

For the Port of Los Angeles, Nextiva Analytics enhance situational awareness around its properties and transforms what used to be a manual, resource-intensive operation to an efficient, accurate, automated process.

Integrating Access Control with Other Ip-Based Technologies

It can be argued that the IP-addressable single door controller is not an edge device - the door devices themselves are at the real "edge." Now credential readers (magnetic stripe, proximity, smart card and biometric) are available in IP-addressable form for direct connection to the corporate LAN via a network switch. IP-addressable locks - the integrated hotel-type units with wireless network transmission - are also already on the market.

Managing Expectations May Help You Keep Your Job

There is an old management adage that says. 'You can't manage what you don't measure." It is frightening when you consider that more than 65 percent of security managers don't provide or record any type of security metrics. It is impossible to manage expectations if you don't monitor them.

Meaningful Use Brings More Attention to Health Info Security

The Health Information Technology for Economic and Clinical Health (HITECH) Act - part of last year's American Recovery and Reinvestment Act (popularly known as the stimulus bill) - called for a program by which eligible hospitals and clinicians could receive thousands of dollars in incentives for making "meaningful use" of electronic health records (EHR). The final rule released in July defines "meaningful use" and lays out its core elements.

Mission Accomplished

The IPICS enables Panduit personnel and fire, police and emergency medical services personnel to communicate directly, using any type of radio as well as a telephone, mobile phone or PC with special client Software. When Panduit applied for a building permit, the local fire department wanted assurance that firefighters could maintain radio communication from within the five-story headquarters building, for the safety of employees as well as firefighters.

Physical Security Network Management: Opportunity, Necessity or Both?

* Network installation and configuration: The system should provide a record of initial installed configuration, if possible, and changes from the baseline configuration. It should readily flag issues such as duplicate IP addresses and provide for preloading of IP addresses where static IP addresses should be assigned, e.g., IP cameras and video servers. Some systems can auto-provision the IP address of a faulty device with the same address of a like device.

Product Showcase - Asis Preview

Theia Technologies has added a new varifocal lens model to its line of ultra wide angle, no distortion, megapixel lenses. The supplier's patented Linear Optical Technology platform enables optical distortion correction and allows more flexibility in camera placement and wide coverage of an area. Designed for 1/3'', 1/2.7'' and up to 1/2.5'' image sensors, the lens will provide from 77 to 115 degrees horizontal field of view, with less than 1 percent barrel distortion.

Product Showcase - Vms and Enterprise Security Systems

NICE Systems and geographical information system (GIS) software provider Esri have partnered to enhance NICE'S Situator situation management system with Esri's GIS capabilities. The integrated solution combines Situator's data fusion, analysis and automated response capabilities with spatial analysis, data management, and GIS mapping, to improve situational awareness and real-time situation management.

Securityinfowatch.Com

The entire Cygnus Security Media team (that's Security Technology Executive, Security Dealer & Integrator, SecurityInfoWatch.com and Locksmith Ledger) heads to Dallas, Texas, next month Oct. 12-14. They won't just be there for good barbecue and line dancing. Rather, they'll be covering the 2010 ASIS trade show, reporting on new technologies, educational seminars and more.

Solutions Snapshot

That's an interesting and ageold question. The traditional way of generating security awareness was to place tent cards or posters in strategic locations. But if we look at it from a more modern perspective, awareness is part of the security function's alignment with the enterprise business goal and objectives.

Sound Deployments for Ip Security Systems

Simply pressing a reset button to cause an IP address reset may take the camera out of the subnet that it is on. It takes knowledge of the default IP address to find it again (as it is has moved to a different logical network segment). Where a fixed IP addressing scheme is in use, resetting multiple cameras to the same default IP address can take all but one off the network due to the IP address conflict.

Taking a Holistic View of Risk

These ESRM initiatives have had remarkable benefits for the organizations that implemented them. Some respondents to the Roundtable survey said that their ESRM programs helped their companies establish priorities and become more proactive in the face of risk; some said that their organizations ran more effectively because these working groups helped ensure that there was no duplication of effort among departments.

The State of Loss Prevention: 2010 Update

Jack L. Hayes Intl. recently completed its 22nd Annual Retail Theft Survey - with 25 major retail companies participating, representing 18,906 stores, with retail sales exceeding $605 billion in 2009. The survey participants were all large retail companies who practice true loss prevention strategies, yet they still apprehended more than 1 million shoplifters and dishonest employees in 2009, and recovered more than $163 million from those apprehensions.

What Is the Cost of a Bad Employee?

George Campbell is emeritus faculty of the Security Executive Council and former CSO of Fidelity Investments. His book, "Measures and Metrics in Corporate Security, " may be purchased through the Security Executive Council Web site. The Security Executive Council is an innovative problem-solving research and services organization that works with Tier 1 Security Leaders to reduce risk and add to corporate profitability in the process.

You Got the Job - Now What?

All of the aforementioned problems should have been identified in the development stage - and would have been, had the security manager chosen to benchmark with peers and pilot the program before final implementation. In hindsight, thousands of dollars were spent changing out stickers for numbered metal license plate medallions.