Why Physical ID Badges Will Be a Thing of the Past

March 10, 2022 Pete Cavicchia

Physical ID badges are a common part of daily life. From needing them to access services and buildings on a university campus to entering your typical corporate office building, a simple ID badge you wear on your person or carry with you on a keychain has been an indispensable part of physical security.

Now, security experts are saying the ID badge might be a thing of the past.

In a new interview with Security Magazine’s Madeline Lauver, Jesse Franklin, senior vice president U.S. & Canada at Incode, theorizes that physical ID badges will most likely be out of favor in the next 10 years.

Franklin points to the fact that forms of digital authentication have risen in accepted common security practice in recent years — something accelerated during the COVID-19 pandemic as a result of the push toward contactless interactions.

“In a recent third-party survey conducted among 1,000 respondents, an increasingly large number of [users] agree that they would commit to a fully digital lifestyle where they could use digital authentication for all daily processes,” Franklin told the magazine.

That does come with some reservations. Cybersecurity concerns over private information always surround conversations around a push toward digitization of traditionally physical security protocols like ID badges.

That being said Franklin emphasized that recent research reveals digital authentication might make for more secure practices rather than a physical ID badge.

“By 2030, I predict that physical forms of identification will be obsolete with all, if not most, businesses having some form of digital authentication in place,” Franklin added.

This shift won’t happen overnight.

Given how embedded our reliance on physical forms of identification is in our society, it will take a while for businesses to begin to phase out these tried and true measures of ID and move to their digital counterparts.

Franklin laid out an approach for what needs to be done by firms as they look to the next 10 years of how they want to handle identification.

"First, they need to fully analyze their organization’s security posture and vulnerabilities in order to activate a successful authentication system,” Franklin stressed. “They then must activate a secure database, regularly updating their records of those barred from building access who may pose using false credentials. Digital authentication technology will continue to advance and will soon become the standard for all physical security settings."

A Look How Top Physical Security Practices Rely on Both Video and Access Control

February 19, 2022 Pete Cavicchia

When it comes to ways to beef up one’s physical security protocols, the key is to embrace complementary technologies that work together to keep you, your business, your data, and your valuables safe.

In a recent post for TechTalks, Luke Fitzpatrick outlines that using state-of-the-art video surveillance systems coupled with access control technologies is the best way to ensure you are well secured. He stresses that traditionally, security systems should stand on their own, and not be integrated with other security technologies. While this approach might have worked best in the past, it is not acceptable in a 21st-century security era when cloud-connected devices, and artificial intelligence (AI)-powered systems, among other options, are ways to ensure your business is able to withstand modern crime — of both the cyber and physical varieties.

In the piece, Fitzgerald singles out the fact that modern door readers to detect and assess who is about to enter your business or office should be outfitted with video capabilities. This should be at all entry points at a company’s physical campus.

One challenge that can come with the pressure to have video integrated at all aspects of physical security is that not all businesses can afford to have someone employed to constantly monitor video feeds at all hours of the day.

This is where cloud-based technology solutions factor in. Automated system alerts that are accessible remotely to security teams are key. Additionally, smart detection and infrared sensors can center accurate and efficient security detection for remote staff who need to be notified about real-time breaches.

With cloud-based options, it’s important to have strong security protocols on both ends.

Fitzgerald cites one company, Openpath, that enables authorized personnel to use a credential-encrypted app — passing their hand or their mobile phone over an access portal, for instance — that would allow them to enter a building.

Only those with the personalized app access would be able to enter. The company’s access control system that is based in the cloud gives 24/7 access to business owners or building landlords who need constant updates on who is visiting their space as well as information coming in on unauthorized individuals who are attempting to breach these security protocols.

This is just one example of how tech has become increasingly more sophisticated to best serve a business’s very 2022 security needs.

“The future of security tech is firmly in the hands of cloud-based solutions, and smart designs that can integrate seamlessly with one another to create unified security systems that are more secure than ever thought possible,” Fitzgerald writes, in closing. “Unifying video tech with access security solutions is one of the first important steps in this highly integrated tech-solution trajectory, and it’s starting to feel like the possibilities moving forward are limitless.”

How to Assess the Best Video Security System for Your Business

February 14, 2022 Pete Cavicchia

Whether you are starting a new small business, updating physical infrastructure of your company, or trying to make sure your staff and valuables are safe, it might be overwhelming to try to parse through the different options for video security systems.

Forbel Custom Security Solutions outlines some major factors you should keep in mind when selecting a video surveillance system for your business. Here’s a look at a few:

First of all, they say that you have to make sure you assess how sharp and clear the image quality will be and whether the camera you are selecting has “optical zoom.”
Beyond this, you have to make note of the recording frame rate of a potential security camera. The lower the frame rate, the choppier the footage will be, the security company says.
When it comes to camera models, it’s a very personal choice. You’ll have to sift through the various options to determine what suits your business’s needs. Some examples are bullet cameras, dome cameras, pant-tilt zoom cameras, thermal cameras, and panoramic cameras.
You also have to pinpoint if you need cameras that have indoor or outdoor compatibility. If outdoors, you’ll need one that is weatherproof and one that might need to withstand dirt or water. The company suggests you check for Ingress Protection (IP) ratings for your potential camera before making that purchase.
Make sure you assess the audio sensors that may or may not be part of your commercial security camera. Many on the market don’t pick up audio well, so it determines what your specific needs are. Some manufacturers will enable the camera to record audio. Also check in on local laws and regulations tied to whether audio recordings are illegal in your given state or municipality.
Motion detection is another important feature to assess. Cameras that are on the more advanced end of the spectrum will have video analytics software. Having quality analytics that can assess and classify oncoming vehicles, people walking by, or people fighting outside your business, for example, are important to have in 21st century security systems.
Wired or wireless? That’s a question you will want to answer as well. Wireless systems might be best for individual homes, whereas wired surveillance cameras make more sense for businesses.
As with most aspects of modern security, cloud storage capabilities are crucial. Storing security data in the cloud is often augmented with physical storage as well that you install on a server. The more storage capacity the better so that you can access footage remotely and have a needed back log of recorded data.

No matter what, invest in the best video security system possible. In a separate piece for Digital Trends, Erika Rawes answers the question of “are security camera systems worth it?”

“Yes,” she writes. “Security camera systems can provide peace of mind, but they can also promote safety for customers, employees, and business owners. They may even help lower insurance costs in some cases.”

A Look at 5 2022 Security Trends

February 7, 2022 Pete Cavicchia

We’ve ended the first month of the new year and are into February. With the year still young, it’s a good time to look ahead at some of the trends that might be shaping the next 11 months of security.

U.K.-based security firm Calipsa recently outlined some of the key trends in physical security for this year. Of course, in our 21st century reality, the physical and digital are often combined. Artificial intelligence (AI) and IoT fuel most of the technology we use. When it comes to securing your business or your family home, Brian Baker, Calipsa’s Chief Revenue Officer outlines some of the big security trends you should keep in mind.

Here’s an overview of the five key trends from Baker’s post:

• AI is the key

AI always seems to be at the top of the list. It’s embedded in almost all connected tech — from your phone to your building’s security cameras. Baker writes that AI in the security market was valued at $5.08 billion in 2020 and that number will hit as high as $14.18 billion by the year 2026. Baker says security-centric AI has shifted from mainly a “forensic analysis tool” that’s applied after an incident occurs to a preventive tool before your home or business faces a criminal breach. A big part of this is predictive data analytics, with machine learning using these predictive tools to make statistical decisions using data collected in real time.

• The cloud is an indispensable tool

With work-from-home and a global economy meaning security interests extend worldwide, Baker spotlights the fact that remote security is increasingly becoming a major focus. Remote video monitoring was on the rise, but the realities of COVID-19 sped up that process. Baker cites his company’s 2021 Annual Report that found 75 percent of businesses surveyed reported using cloud-based video analytics — an increase of 8 percent from the year before. About 32 percent of respondents said they now used a remote security solution that is totally tied to the cloud. This all helps a business scale up. Baker says many security options are heading in the direction of a “software as a service” (SaaS) model — enabling for the flexibility of a subscription cloud service.

• AI might help with staff shortages

We’ve all seen the headlines about mass staff shortages through all sectors of a global economy changed by the pandemic. Baker cites 31 percent of respondents in the Annual Report who say staff shortages were the “greatest challenge” of the past year. That number rose 20 percent since 2020. More than half — 55 percent — also said “staff shortage/sickness” stood as the “greatest operational challenge of the past year.” Baker says modern AI-powered security solutions can come to the rescue. Intelligent video analytics can serve as a 24/7 solution for monitoring security cameras in real time. AI can fill in the gaps left by a diminishing labor force.

• Will the supply chain affect security in 2022?

The shift in the global supply chain function has had an impact on businesses. A big threat has been cargo theft as supply chains grind to a halt. Baker says modern security technology is being applied to help with these criminal threats but they come with some concerns of their own. The systems used to monitor and track vehicles and shipments are prone to hacks of their own. It’s a concern all of us in the security sector have to monitor as we progress through this year.

• Physical and cybersecurity are becoming one

Baker points to something that has been evident for several years now — physical security and cybersecurity are becoming indelibly merged. Gone are the days when protecting cyber assets is a separate concern from shielding physical assets. Baker cites some have been leery to embrace this change. The 2021 Video Surveillance Report from IFSEC Global shows that 64 percent of respondents said cybersecurity concerns were a “barrier to cloud video adoption” for their security needs. While that is understandable, it’s crucial that proper training, education, and vetting be put in place within firms to ensure that cybersecurity standards are upheld — in this current market, one can’t afford to not augment physical with cybersecurity. The future isn’t either physical or cyber — it’s both.

How Smart Building Technology — Sensors, Apps, IoT — Can be Perfect for Corporate Security

February 1, 2022 Pete Cavicchia

We live in a connected age, where IoT (the Internet of Things) dominates our interactions with how we carry out our daily tasks, interpersonal communications, and the way we use common household appliances. It makes sense that also applies to our physical security and how businesses protect their assets.

For many, the practical way to embrace modern corporate security is to make the most of buildings that rely on smart building technology.

In a 2019 post, IoT World Today outlined the many benefits of smart building design in ensuring a businesses’ safety.

For example, state-of-the-art temperature sensors might detect unexpected temperature spikes in a data center, sending forth an immediate automated alert to administrators who can fix the problem. The tech website highlights Everbridge, an emergency communications company that enabled a pharmaceutical customer to use sensor data to assess whether or not a drug lot was overheating.

“We were able to save millions of dollars because we sent out an automated notification and [the customer was] able to quickly resolve the issue and not let the drugs go bad,” said Annie Asrari, director of product management at Everbridge, as cited by IoT World Today.

In these examples, corporate infrastructure outfitted with Internet-connected security technology could ensure that physical disasters — not to mention significant financial losses — were averted.

Smart building technology means more than just physical infrastructure — it means keeping your company’s employees constantly connected, aware of threats as they occur in real time. The website recommends giving your employees access to wearable devices that can automatically receive these security notifications.

This could be as simple as a mobile app with a “virtual panic button,” or in the case of one particular product from Everbridge that IoT World Today cited, a wearable panic button that a nurse could carry at all times, when a smartphone might not be allowed during a shift.

All of these are examples of security infrastructure that integrates both a corporation’s physical headquarters and the employees — on and off site — who need real-time updates to ensure safety protocols are maintained.

Of course, as Fortinet cites, this can only work if all security personnel at a company receive the most stringent training on how to use this technology safely. Cybersecurity breaches occur and physical accidents take place when proper training hasn’t been enforced, when everyone at a company isn’t fully compliant with how to make best use of these security tools.

Keep these points in mind:

Make the most of smart infrastructure.
If your company is still relying on methods of the past, please invest in smart building capabilities.
Ensure everyone on your security staff — and members of the company culture at large — receives training on how to use this technology and keep the firm safe.

Why ‘E-Waste Is a Big Cybersecurity Concern

January 20, 2022 Pete Cavicchia

Out with the old, in with the new — now that we are into a new year, a lot of people are thinking about clearing out technology they might no longer need. From now-obsolete laptops, cellphones, and tablets, 2022 might be the time we dispose of devices that don’t fit seamlessly into our day-to-day lives.

In fact, the United Nations reports that 53.6 million metric tons of “electronic waste” was created by the world’s population in 2019, as cited by IEEE Spectrum. Additionally, just 17 percent of this electronic waste was recycled. This means all of that leftover technology creates serious hazard for both public health and cybersecurity.

The perils of ‘e-waste’

IEEE Spectrum spoke with ERI CEO John Shegerian about the perils of this e-waste.

Shegerian, who as the chief executive of ERI, presides over one of the globe’s largest electronics disposition providers, recently published a book called The Insecurity of Everything: How Hardware Data Security is Becoming the Most Important Topic in the World. In the wide-ranging interview, Shegerian said that this waste is the world’s “fastest-growing waste stream by an order of magnitude.”

While this poses huge environmental threats, it also sheds light on serious cybersecurity vulnerabilities. Many of these devices people are simply throwing in the trash contain highly sensitive data if they fall into the wrong hands. Shegerian said we need to reorient our perspective to disposing of data the way we do with sensitive physical paper documents.

“Really in 2012, I started speaking to companies about the need to ‘shred’ data the way they shred sensitive papers, they look at us like we were green Martians,” he said in the interview.

Now, people are more receptive to his warnings. He said a big push behind writing his book was to hammer home the reality -- both to the global firms he works with and individuals — just how “ubiquitous” everyone’s technology is. It’s everywhere and it means data is often left exposed.

“They weren’t really sold on the hardware data destruction part” of device disposal, Shegerian said of people’s initial embrace of the environmental threat of “e-waste” over cybersecurity concerns.

What you should know

“I once had a big, big bank call me up: ‘John, we’ve had a breach, but we don’t believe it’s phishing or software. We think it came from hardware.’ I go out there and it turns out one of their bankers threw his laptop in the trash in Manhattan and someone fished it out,” he said. “On that laptop was information from the many clients of the entire banking firm—and the bank’s multi-billion-dollar enterprise. The liability, the data … God, just absolutely priceless. If it got into the wrong people's hands, the ransom that could have been extracted was truly of huge magnitude.”

Recommendations for the average reader are clear. If you trade in an old device to a retailer, make sure you vet them first.

Confirm that all of your data will be destroyed before they attempt to resell your phone or computer. If you plan on disposing of an old tablet or computer, remove old apps and delete sensitive photos and connected accounts — make sure no trace of your past activity is easily accessible to third parties.

As you make way for new technology, be sure to keep your data protected.

Everything You Should Know About Home Security Camera Threats

January 4, 2022 Pete Cavicchia

While a big focus of 2021 has been on cybersecurity and all of the threats posed to everything from personal smartphones, to company email accounts, to major government systems, it’s easy to overlook the seriousness of one’s physical security.

Today there are countless ways to protect your home or your business, with a wide range of high-quality security cameras and systems designed to keep you, your loved ones, your company, and your valuables safe and secure. Of course, in our age marked by Internet-connected devices, the threat of hackers is hitting even our security systems.

David Priest and Taylor Martin of CNET present a comprehensive overview of ways in which your home security cameras might be vulnerable to hacks — and ways you can mitigate that risk:

• What vulnerabilities exist — As with most Internet-connected devices, security cameras should always be updated whenever a security patch comes along. Martin and Priest reference the fact that cameras from major developers like Wyze and Google Nest come with high-end, sophisticated encryption. To make the best use of these capabilities, you should be vigilant when an app or security update comes along.

When a technician arrives to make a repair, industry standard from companies like ADT and Comcast is to “simply limit the actions technicians can take while assisting customers” to make sure no one compromises your system or data.

In short, update your software and be aware of what policies your security company has for third-party interactions with your device and data.

• What threats are out there?: Aamir Lakhani, a security expert at FortiGuard, told CNET that hackers can get hold of your camera locally if they are in the right range of the Wi-Fi network the camera utilizes. If they access the network, this could be a serious problem, especially if you have an older camera installed that might not come with the most modern encryption protections.

Lakhani added that remote hacks prove a graver threat. A data breach of the security company at large could compromise your login credentials.

One safeguard for the negative impact a compromised password could have is tied to common sense cybersecurity etiquette: Don’t reuse your password across devices and accounts. You don’t want someone to hack into your security camera as well as get access to your bank account because you use the same password for both.

• Detecting a hack: It might be very easy to be hacked and have no idea it occurred.
Lakhani told CNET that if your camera’s feed seems interrupted or isn’t working properly, you may have been compromised. This might also be a flaw in the technology. If something seems off, contact your security camera provider right away and make sure your system hasn’t been hacked.

Automating the Cybersecurity Vetting Process Between Businesses and Vendors

December 20, 2021 Pete Cavicchia

The COVID-19 pandemic has certainly presented businesses across all sectors significant challenges. Now — more than two years into the global pandemic — as companies continue to be creative in how they grow and generate profits, proving cybersecurity preparedness is becoming a key component of how to make a modern-day business thrive.

When a business works with third-party vendors, it can sometimes cause an administrative headache of making sure everyone complies with the company’s given cybersecurity protocols.

Hen Amartely writes in CPO Magazine about current solutions that have been devised to automate third-party security risk evaluations before a company decides to bring them into the fold. This more efficient process benefits both businesses and their vendors.

“Sales cycles can either make or break business growth; the longer the sale cycle, the less likely a deal will close, with dire consequences on pipeline and revenue,” Amartely writes. “When sales cycles are dragged out as a direct result of complicated cybersecurity risk assessments, business can be lost. That is why sales cycles need to be kept as short and efficient as possible. The best way to do this is to have an efficient cybersecurity assessment process in place.”

Amartely explains that when being vetted through a company’s cybersecurity assessments, vendors typically are put through a long, drawn out process that gives them less time to turn a profit and maximize a sales cycle. The security team for a vendor might have to answer repetitive, long questionnaires that come with a string of follow-up emails. She adds that fractures in morale might exist between the sales team and cybersecurity professionals within a vendor company.

A way to solve these problems can come in the form of third-party security management platforms that automate these processes, completing cybersecurity screenings more efficiently.

“For example, by providing vendors with the ability to sign up to a platform, they can gain full visibility into their own security profile, allowing them to monitor for any security gaps and have complete control over their cybersecurity even prior to being assessed by potential customers,” Amartely adds.

Additionally, these platforms can give vendors the chance to craft a comprehensive “security overview” that can be shared with clients right at the start of a sales cycle. By handing over this profile at the start of a business relationship with a new client, it can build trust as well as save time.

In this uncertain environment brought about by the pandemic, communicating to potential clients and collaborators that your business’s cybersecurity practices are foolproof is needed not just to scale up and thrive, but to ensure your precious data remains protected.