Advice for installers
Fire code enforcement affecting installers
CFAA and CANASA examine the Ontario code and relationships with AHJs p.5
When video lies
With AI and new editing techniques, manipulating video is becoming easier than ever p.11
Cybersecurity update
What surveillance manufacturers and developers are doing to help protect cameras and IoT devices on the network p.16
Ellen Cools
EDITOR’S LETTER
IBy Neil Sutton
Patching the network
t’s hardly surprising that the security industry is obsessed with cybersecurity because everyone else is too.
You can’t go a week (or in really tough weeks, a day) without hearing about a retailer, government agency, hospital or any kind of facility, really, experiencing a cyber breach. Most modern methods aren’t really adequate to the task of keeping information safe.
I touched a nerve last year, when, in the Archive section, SP&T published a retrospective of Cloud-based technology and espoused that the technology is improving and its purveyors “have a vested interest” in keeping it secure. I received a letter from a reader in response pointing out that Cloud services are still far from perfect. (You can read the full letter in the August/September 2017 issue.) I will certainly concede the point, and more importantly, I think it’s indicative of a growing sentiment that there are no guarantees about the long-term integrity of data.
The degree to which this has affected surveillance vendors is quite well documented now. A number of camera manufacturers and software developers have set the wheels in motion to offer better protection for their systems. We’re at the point now where better resolution and low-light performance aren’t always going to be the biggest selling points for cameras. How secure they are is beginning to lead more conversations.
At the risk of siding with the manufacturers on this issue, a lot of these current cybersecurity concerns aren’t their fault. Every organization is susceptible to a cyber
breach, regardless of how good their technology is. To echo a sentiment from Stuart Rawling, who serves on ONVIF’s steering committee: “Cybersecurity is about two things — it’s about the technology and it’s about the policy.” (Read the full interview with Stuart in the Nov/Dec 2017 issue.) As much as technology can be improved (or patched or updated), if the installer or user doesn’t implement it properly, it’s going to be about as secure as a closed window with a broken pane.
Manufacturers are now building more safeguards into their products and removing the ability for systems to be installed using default passwords. Just as importantly, they’re pushing for greater awareness in the installer community and offering training to dealers and end users alike.
You can read our current round-up of cybersecurity and cameras on p.16 of this issue. I would also compel you to read Canadian Security magazine’s latest cover story “Do you need cybersecurity insurance?” for a better look at how risk experts, consultants and insurance providers are approaching the issue from their perspective.
As John Chambers, former CEO of Cisco Systems, once famously said, “There are two types of companies: those who have been hacked, and those who don’t yet know they have been hacked.”
But with the right approach and preparation, managing that inevitable breach might not be so costly or painful.
Your Partner in Securing Canada Security Products & Technology News is published 8 times in 2018 by Annex Business Media. Its primary purpose is to serve as an information resource to installers, resellers and integrators working within the security and/or related industries. Editorial information is reported in a concise, accurate and unbiased manner on security products, systems and services, as well as on product areas related to the security industry.
Group Publisher, Paul Grossinger pgrossinger@annexbusinessmedia.com
Publisher, Peter Young pyoung@annexbusinessmedia.com
National Account Manager, Jennifer Dyer jdyer@annexbusinessmedia.com
Editor, Neil Sutton nsutton@annexbusinessmedia.com
Assistant Editor, Ellen Cools ecools@annexbusinessmedia.com
Art Director, Graham Jeffrey gjeffrey@annexbusinessmedia.com
Account Coordinator,Trish Ramsay tramsay@annexbusinessmedia.com
Circulation Manager, Aashish Sharma asharma@annexbusinessmedia.com
Tel: 416-442-5600 ext. 5206
COO, Ted Markle tmarkle@annexbusinessmedia.com
President & CEO, Mike Fredericks
EDITORIAL ADVISORY BOARD
Colin Doe, Veridin Systems Canada
Anna Duplicki, Lanvac
Victor Harding, Harding Security Services
Carl Jorgensen, Titan Products Group
Antoinette Modica, Tech Systems of Canada
Bob Moore, Axis Communications
Roger Miller, Northeastern Protection Service
Sam Shalaby, Feenics Inc.
111 Gordon Baker Rd, Suite 400, Toronto, ON M2H 3R1 T: 416-442-5600 F: 416-442-2230
PUBLICATION MAIL AGREEMENT #40065710 Printed in Canada ISSN 1482-3217
If you prefer not to receive this information, please contact our circulation department in any of the four ways listed above.
Annex Privacy Officer privacy@annexbusinessmedia.com
Tel: 800-668-2374
No part of the editorial content of this publication may be reprinted without the publisher’s written permission. ©2018 Annex Publishing & Printing Inc. All rights reserved.
Annex Publishing & Printing Inc. disclaims any warranty as to the accuracy, completeness or currency of the contents of this publication and disclaims all liability in respect of the results of any action taken or not taken in reliance upon information in this publication.
LINE CARD
Fire code enforcement affecting installers
CANASA and CFAA respond to queries about the Ontario Fire Code and its more stringent interpretation
By Ellen Cools
Recently, Patrick Straw, executive director of the Canadian Security Association, sent an email to CANASA regional council chairs regarding an incident where the fire department removed a Greater Toronto Area (GTA) member’s technicians from a jobsite. The technicians had been changing smoke sensors on a standard wired alarm system.
According to Straw, “The fire department happened to come in to do a fire inspection and advised the end user and the alarm technician that this work could only be done by a certified fire technician.”
SP&T News reached out to Peter Hallinan, executive director at the Canadian Fire Alarm Association (CFAA), via email to clarify how the Ontario Fire Code (OFC) applies to alarm installers.
While the Ontario Fire Code has not changed recently — the fire departments are still operating under the 2007 version — Hallinan says, “The Code is constantly being reviewed and revised with updates, amendments and supplements.”
The Ontario Fire Marshall (OFM) publishes any changes in advance and are available on the OFM website, he adds.
Ontario Fire Code requirements
According to Hallinan, “the change that has prompted this discussion has been in place for a number of years.”
However, now there is greater enforcement by the local Authorities Having Jurisdiction (AHJs).
As such, Hallinan says that the CANASA member’s technicians were removed from the job because “the AHJ felt they did not meet the requirements laid out … in the Code or the
Technical Guideline.”
“There has been a greater emphasis on enforcement of the Code in the past few years, along with stronger educational opportunities for Fire Prevention Officers and a greater willingness by the Crown to prosecute offenders [and] additional and higher fines for non-compliance to the OFC,” explains Hallinan.
Division C, Subsection 1.2.2 of the OFC identifies the requirements for persons who maintain or perform annual tests on interconnected smoke alarm systems. This refers to any type of smoke alarm that is wired together.
“In subsection 1.2.2.2 (1), it states that a person who performs the work on these systems ‘must have successfully completed a program or course acceptable to the Fire Marshal.’ To date, the only two courses identified as acceptable to the Fire Marshal are Certified Fire Alarm Electricians licensed by the ECAO [Electrical Contractors Association of Ontario] or Registered Fire Alarm Technicians in good standing with the CFAA,” Hallinan elaborates.
The penalty for working on these systems without completing the required courses is determined by the local AHJ and varies from jurisdiction to jurisdiction, he adds.
“In most cases,” says Hallinan, “the technician would be asked to leave the site and the owner directed to engage properly trained and qualified staff to perform or re-perform the inspection.”
In an interview with SP&T, Straw said he does not know how many CANASA members have the required certifications. “I know that we have several fully certified fire companies that are members of CANASA, but a huge amount of them are members of the Canadian Fire Alarm Association because a lot of the fire alarm [work] is done by electricians,” he explains.
Exceptions
However, the issue is not as simple as it might sound. Some interconnected smoke alarms don’t require these certifications. The occupancies that do require them are identified in Division B of the OFC, section 6.3.2.6.
This section “applies to interconnected smoke alarm systems in all residential occupancies and care occupancies, except in individual dwelling units and in Buildings regulated by
section 9.8.”
This means, “residential houses, which are all required to have interconnected smoke detectors, do not need to be checked by a licensed or registered technician,” explains Hallinan.
Moreover, the OFM has identified some fire protection systems in use in Ontario today that do not have identified qualification criteria for work on these systems.
Consequently, the OFM has published a technical guideline, OFM-TG-03-2000, “Qualification For Service Company Personnel,” which explains who can work on the system and the parameters local AHJs can use to determine if a person or company is qualified, Hallinan explains.
As a result of this ambiguity, Straw says CANASA’s concern would be if a member is working in a building that doesn’t require smoke detectors, but recommends installing them, “there shouldn’t be any reason why that can’t happen, if it’s not a fire code requirement.”
In his seven months as executive director, Straw says this is the only incident he has been made aware of where a member has complained.
“Frankly,” he says, “it might have just been a misunderstanding.”
Staying informed
So how can installers ensure that they are always in compliance with the OFC?
Hallinan recommends subscribing to the OFM’s e-bulletins and checking the CFAA’s website, which lists the criteria for working on systems. The CFAA also publishes and discusses proposed changes and those coming into effect via email and in the Journal.
“Going forward, both Patrick Straw and I are committed to a line of communication and finding mutual ways to work together,” Hallinan adds.
Additionally, Straw is in regular communication with AHJs, the CFAA and ULC “on any technical issues which require clarification,” and has met with several 911 centres in Ontario.
While AHJs often communicate with CANASA about procedure changes, CANASA also reaches out to them to ask for information. “Most of them reply because it’s really helpful for them if they can communicate [information] back to our members.”
Patrick Straw, CANASA
Peter Hallinan, CFAA
LINE CARD
Daniel Demers joins GardaWorld as business set to expand
Daniel Demers has joined GardaWorld as strategic advisor to the company’s CEO, Stéphan Crétier, and is spearheading an initiative that will see the Montreal-based guarding company significantly expand its security offerings.
Demers was president and CEO of Reliance Protection from 1997 until the company was bought by ADT in 2015. Demers operated an independent consulting firm until recently joining GardaWorld.
to me,” says Demers of his time away from the security business. “I kind of feel that there’s unfinished business — that I’m not done with what I started.”
“The industry kept coming back
Demers says he met with Crétier, who is also the founder of GardaWorld, and was intrigued by the proposition that the company might add new security services. “When I met with him, we clicked. It didn’t take very long for me to accept an offer and join GardaWorld,” he says.
Privately-held GardaWorld has been very active on the acquisition
“I kind of feel that there’s unfinished business — that I’m not done with what I started.”
— Daniel Demers, GardaWorld
front, says Demers. The prospect of adding an electronic security aspect to its already substantial guarding operations is an enticing one, he says. The company is currently exploring more operations in intrusion systems, access control, video surveillance and analytics. “More and more, as technology evolves, and business needs evolve, what we’re finding is it’s complimentary,” says Demers.
“We’re kind of looking at this from the perspective of a brand-new
start-up. Would there be interest in potential monitoring … and other solutions that could be done quickly by acquisition? Yes, absolutely. It’s not like we’re set on a traditional way of doing things. We want to look at things with a brand new set of glasses,” he adds.
Demers says it is too soon to predict the exact makeup of this new venture “but one thing for sure is the GardaWorld name will be very up front.”
— Neil Sutton
Dan Marston launches new security venture
Security industry veteran
Dan Marston has started a new business venture called Dfendus Integrated Security Solutions with ambitions to grow swiftly by acquiring security integrators that address the mid-market.
Marston was previously Senior Director & General Manager - Securitas ES Canada, which was formerly Diebold’s electronic security business prior to its acquisition by Securitas in 2015 (the deal closed early 2016).
can [offer] service and bring all of these emerging technologies… into something new, fresh and built around servicing a customer,” he says.
Dfendus closed its first acquisition on Dec. 1: Hamilton, Ont.based Inforce Security Corp. Toronto-based consulting firm Final Image Inc. acted as lead financial advisor on the deal. Terms of the transaction were not disclosed.
Marston, who worked at Diebold/ Securitas for a combined 11 years, says his goal with Dfendus is to create a new breed of company that is able to offer a variety of security services including networking services, automation and IoT.
“I really think there’s a market here for an entrepreneurial company that’s privately held that
Founded in 2005 by company president Arie Pekar, Inforce Security is a systems integrator serving Ontario’s Golden Horseshoe and the Greater Toronto Area. The company provides services including surveillance systems, access control and intrusion alarms. Pekar and existing Inforce staff will continue with company operations. Marston says he is planning another three to five acquisitions in the first half of 2018 to provide additional critical mass
for Dfendus. In the short term, the plan is to maintain acquired companies as separate but allied business operations with some common back-office and operational functionality. Dfendus may step forward as the leading brand in the future, but those types of decisions have yet to be made, says Marston.
According to Marston, the word “Dfendus” has tested well, particularly with the Millennial audience, due to its simple yet descriptive message. As such, it may appear on branded products
in the future. Marston says that the commercial mid-market will be the company’s main customer goal in the immediate future but residential is another potential target. He adds that one of the company’s major goals is to be proactive with clients, and offer more preventative maintenance to decrease the possibility of systems downtime or malfunction. Ultimately the client should be more involved in systems integration, explained Marston, and a “partner” in the process.
— Neil Sutton
Dan Marston, Dfendus
Daniel Demers, GardaWorld
A mockup of a co-branded Inforce/Dfendus vehicle
CANASA UPDATE
By Patrick Straw
The year ahead for CANASA
The association looks forward to building on programs from 2017 and starting new ones
Looking back on the past year, it’s clear that as the industry continues to change, the Canadian Security Association (CANASA) is preparing to meet those challenges by providing information, training and networking opportunities to our members and their associates.
The industry saw a number of acquisitions such as BCE acquiring AlarmForce, ADT acquiring Datashield and Honeywell spinning off ADI. These are three examples from 2017 and we anticipate 2018 will offer more of the same.
Cybersecurity challenges will continue and threats and disruptions will be of particular concern to end users. Managed security service providers will also become more important as organizations recognize the level of effort required to ensure successful security operations.
Commencing my position as executive director in May, we set off to work on ensuring that CANASA expands its position as the leading security association in the country.
Through the executive, CANASA undertook a number of initiatives to provide members with information on the changing security landscape. These include the Alarm Technician Course Review; the initiative to connect college grads with companies looking for new talent; a security sales program in development with the Canadian Professional Sales Association (CPSA) and a revamped and upgraded Affinity program specifically designed for members. We anticipate more such programs will be initiated in 2018 and encourage you to visit www.canasa.org for all the details.
Moncton and Toronto. Attendees and exhibitors can visit www.securitycanadaexpo.com for dates, times and detailed information.
CANASA events organized in large part by our various regional councils created opportunities for members and their associates to gather for knowledge sharing and networking.
We anticipate another strong slate of programs and social gatherings in 2018 which will continue to create connections between the various segments of the industry in order to offer participants unique learning opportunities.
CANASA, through the association event division, Security Canada, had another exceptional year. This year’s Security Canada trade shows will be held in Laval, Ottawa, Edmonton, Richmond,
Laval, Quebec April 25, 2018
All of us here at CANASA wish you all a happy, healthy and prosperous 2018. We look forward to being of service to you and your organization as we strive to secure and protect individuals and property across Canada.
Patrick Straw is the executive director of CANASA (www.canasa.org).
Ottawa, Ontario May 9, 2018
Edmonton, Alberta May 30, 2018
Moncton, New Brunswick September 12, 2018
Richmond, British Columbia June 13, 2018
Toronto, Ontario October 24 – 25, 2018
Patrick Straw
LINE CARD
Wichita goes wireless for cameras
The City of Wichita, Kansas, has selected Siklu’s MultiHaul auto-aligned radios to provide wireless connectivity for the 72 Axis fixed bullet, dome and PTZ cameras that make up the city’s Old Town district surveillance network.
Wichita opted to use wireless radios rather than run fibre throughout the city. The city previously relied on camera footage from private businesses for its surveillance needs. The city is also now using Genetec’s Security Center unified platform.
“One of the heavy burdens we uncovered during our initial data collection is that we spend a lot of police resources in Old Town,” said Denise Peters, Program Manager, City Manager’s Office, City of Wichita, in a statement. “Our new wireless security network now enables us to utilize our officers more strategically and to provide better response.”
Appointments Applications
• Nico Delvaux has been appointed as the new president and CEO of ASSA ABLOY, effective no later than June 18.
• NAI, a manufacturer of global connectivity solutions, announced the appointment of Eric Emley to the position of vice-president of global supply management.
• John D. Young has been
Oslo Airport updates integrated security approach
The Gardermoen Oslo Airport has expanded its security using Qognify’s Situator situation management solution.
The airport has used Qognify tools since 2008 and recently expanded its use of the software to integrate all systems including thousands of surveillance cameras, access control and sensors. As a European airport, Oslo serves flights between the 26 European countries that observe the Schengen Area, i.e. those that have abolished passport control at their borders. The airport uses a Flexigate system that opens and closes doors for Schengen and non-Schengen flights to manage passengers that may or may not need to go through a border control process. Situator integrates with the Flexigate access control system and overrides switching of gates between Schengen and non-Schengen flights, as well as the domestic flights if the control systems are out of operations.
appointed to serve as a director on Johnson Controls International’s board of directors. Effective Jan. 1, he became group president of Pfizer Innovative Health.
• ServiceMaster Global Holdings Inc. has appointed Naren K. Gursahaney to its board of directors. Gursahaney is the former president and
CN’s Montreal headquarters has deployed an integrated access control system using Automatic Systems’ SmartLane turnstiles and FST Biometrics In Motion Identification (IMID) solution.
FST’s contactless system has been installed at perimeter access points as well as at the entrance of the corporate daycare centre.
The system, which was installed by integrator Infynia Security, manages access for 3,000 CN employees and contractors, as well as visitors. Once users are registered, the IMID system can identify them almost instantaneously, facilitating quick entry and exit without the use of swipe cards or presentation of credentials. “We are pleased that a global transportation leader has implemented our system at the headquarters of its operations [and] we look forward to developing this relationship further,” said Arie Melamed, CMO, FST Biometrics.
CEO of The ADT Corp.
• The Pro Football Hall of Fame has named George R. Oliver, chairman and CEO of Johnson Controls, to its Board of Trustees.
• Commissionaires Northern Alberta Division announced that Dan Stanton has recently joined as Technology Solutions Advisor.
February 27-28, 2018 TechSec Solutions Delray Beach, Fla. www.techsecsolutions.com
March 1, 2018
Smart Home/Business Security Solutions Ottawa, Ont. www.graybarcanada.com
March 7, 2018
Security Career Expo Toronto, Ont. www.securitycareerexpo.ca
April 11-13, 2018 ISC West Las Vegas, Nev. www.iscwest.com
April 18, 2018
Focus On Manufacturing Security Mississauga, Ont. www.focusonseries.ca
April 25, 2018
Security Canada East Laval, Que. www.securitycanadaexpo.com
May 9, 2018
Security Canada Ottawa Ottawa, Ont. www.securitycanadaexpo.com
May 30, 2018
Security Canada Alberta Edmonton, Alta. www.securitycanadaexpo.com
June 6, 2018
Security Summit Canada Toronto, Ont. www.securitysummitcanada.com
June 13, 2018
Security Canada West Vancouver, B.C. www.securitycanadaexpo.com
June 19-22, 2018
Electronic Security Expo Nashville, Tenn. www.esxweb.com
September 12, 2018
Security Canada Atlantic Moncton, N.B. www.securitycanadaexpo.com
September 23-27, 2018
Global Security Exchange Las Vegas, Nev. www.asisonline.org
CN’s access control update
Nico Delvaux
John D. Young Naren K. Gursahaney Eric Emley
Dan Stanton George R. Oliver
Video trends for 2018
Research firm IHS Markit recently released its global video surveillance market trends to watch for in 2018 (excerpted below).
1. Driven by the R&D investment, deep learning video analytic algorithms have been developed into fully deployable projects, with user-friendly interfaces and scenario-focused solutions.
2. In 2018, there will be an increase in the wider discussion about privacy and how the video surveillance industry protects the data it gathers. Much of this discussion will stem from the new EU General Data Protection Regulation (GDPR), which will become law in May.
3. China is forecast to account for 46 per cent of global professional video surveillance equipment revenue in 2018.
4. Recent developments in drone detection technology mean that securing a perimeter in 2018 will have to take into account the aerial threat.
5. As the multiple uses and perceived value of video surveillance data increases, we can expect to see increased demands for greater failover, redundancy and backups from end-users.
6. We can expect to see increased convergence in post-recording video repositories, where multiple video sources are brought together and investigated using deep-learning video analytics.
7. The Xue Liang program aims to connect all the video surveillance cameras installed in Chinese districts, towns and villages to a central surveillance platform at the county and national levels.
market watch
2 SPACER PLATES INCLUDED
CX-ED1259L is a new Grade 1 surface mount, low profile ½” (12.7mm), RIM strike designed to provide more performance and more value than ever before. Elegantly designed, with a brushed stainless steel cover plate, this ‘universal’ strike with latch monitoring features a single solenoid design that provides far greater reliability over RIM strikes that require two solenoids to operate.
FEATURES:
• ‘Universal’ design with selectable 12/24V, AC/DC and fail safe/fail secure operation
• Single solenoid design provides superior reliability
• 1/2” to 3/4” latch projection
• (2) spacer plates and horizontal adjustment
• Latch monitoring included
• 5 Year Warranty
LESSONS LEARNED
IBy Victor Harding
If I was selling
There are many, many factors to consider when selling a business, so it pays to plan ahead
thought it might be useful to lay out the issues in the order that I would address them if I was an owner and thinking of selling.
The points raised here are perhaps more pertinent to an owner who is planning to sell part or all of his company to a third-party and not to family members.
The first issue to address is whether your company is in good enough shape to sell. This could be a deal stopper right off the bat. Do you have at least three years of steady or growing profitability behind you?
Buyers base their prices mostly on past performance, i.e. three years of EBITDA. A seller I dealt with a few years ago did not understand why a buyer was making his purchased price contingent on good performance going forward despite the fact that he was currently making good money. It was because his company had sustained losses in the recent past.
Are your books, in the broadest sense of the term, in order? You need to have at least two sets of internal and external financial statements on hand just to get buyers to take an initial serious look.
Internal financials are useful because they often break numbers down better than the external financials do. Something that many sellers forget is the buyer will also want to see up-todate financials for the year that you are in.
Moving on from the financials, ensure your company can pass a thorough credit check and background check which will uncover any liens, encumbrances or lawsuits of any kind. Better that you find them ahead of the buyer.
Next you should check on the lease for the space you are renting. When is the lease up? I have seen deals almost crater around a new owner taking a lease. Also, it is important to get the aging of your accounts receivable into shape.
Finally, even a simple thing like how your work space looks can make a difference. Think of selling your company as getting ready for a date or applying to a new school. Your company has to look good and not have any skeletons in the closet.
If you are an alarm company with monitored accounts — which would probably be the item of greatest value in your company — you have certain important things to consider. Are they on a signed contract? Are they on a call forward
line? I lost a deal last year because the seller did not have either in place.
Let’s assume that you have addressed all these issues. Next, I would consider whether this is a good time to sell. Always try to sell your company in good economic times because:
• Your business will likely be doing better financially.
• Buyers will likely be more optimistic, more likely to buy and to pay up.
• There will likely be more buyers out there in good times.
We have been spoiled in the security industry. Throughout most of the 2009 recession and in the recovery after, security businesses, with the possible exception of integration businesses, were still being bought and sold for fairly good prices. My sense is that this was because security as an industry was growing. Secondly, the market loves recurring monthly revenue.
There is another very important factor pertaining to the timing of your sale: how many active buyers there are in your industry at the time you want to sell. This can make a big difference. Generally more active buyers will drive the prices up. In the 20 years I have been involved in M&A in the security industry, I have seen certain times that were far better than others. For example there was a period 10-15 years ago in the guard industry in Canada that Garda, G4S and Securitas were all very active in buying up
smaller guard companies — a good time to sell if you owned a guard company. Not so much today.
Now let’s assume that your company is in good shape, economic times are robust and your industry segment seems to have lots of buyers. The next important step is to make sure your tax situation is set up as advantageously as possible.
Generally what I see is that the bigger the company, the more tax planning the owner has done. Unfortunately, too many smaller players have not planned for taxes.
If you find you have to take some specific steps to save tax on a potential sale, like making your children shareholders, you may have to delay the sale of your company.
Assuming you have taken the proper tax steps in advance, you still need to look at the comparative prices and take-home pay connected to a sale of the shares versus the assets of your company. This is because many buyers today will not buy shares. Canada offers a one-time capital gains exemption to all Canadian taxpayers for the sale of shares of a privately controlled Canadian corporation — so the default position is it is better to sell shares. But this rule does not apply to all situations. You simply have to talk to your accountant.
Victor Harding is the principal of Harding Security Services (victor@hardingsecurity.ca).
CAMERA CORNER
OBy Colin Bodbyl
When video lies
AI and new video editing techniques are changing perceptions of what ‘genuine’ footage looks like
ver the last year, we have seen innovations in the surveillance space create more accurate analytics, higher resolution cameras, and better video compression.
By all measures it was a successful year for innovation in our industry. We have improved the intelligence of our systems and are able to record more detail in every image while using less storage space than ever before. Artificial Intelligence (AI) became one of the biggest innovation buzzwords in 2017 and while AI was part of many innovations within the security space, AI made even more surprising leaps forward in labs outside of our industry.
“Photographs were once the gold standard of evidence. Photoshop quickly changed that.”
Towards the end of 2017, we saw AI technology with the ability to alter video footage in ways that we could only have imagined before. Several videos were released that demonstrated AI’s ability to change a video recorded in a winter scene into summer, a sunny scene into rainy, and a day scene into night. The results were so incredible that it was impossible for viewers to identify which one was artificial. While this type of editing has been possible for a long time, it is ground breaking in that not only is this taking place on a video (versus a still image), but that the editing is taking place automatically through AI and not a Hollywood editing studio.
In a similar innovation, computer scientists at the University of Washington developed machine learning technology that could lip-sync a video to match any pre-recorded audio file. Combined with existing technology that can mimic any person’s voice, this AI would allow users to take a video clip of a person speaking and change the words that are spoken to whatever they choose. The final video would have artificial lip-syncing and artificial voice simulation so realistic no human could tell it was fake (imagine AI generated videos of innocent people confessing to crimes they did not commit).
Of course, Hollywood has been using special effects and editing recorded video for a long time, but in those cases millions of dollars were spent on people manually manipulating video which ultimately still resulted in less than convincing results. The above examples were completed using AI and machine learning where computer algorithms completed the editing process and where the process could eventually become as simple as the click of a button.
For the video surveillance industry this brings added concerns around the type of video we submit to court. Current video surveillance systems are able to watermark or otherwise encode video in proprietary formats that prove to courts the video has not been tampered with or edited.
Despite the existence of this technology the vast majority of footage submitted to courts (including cell phone footage) are in open formats like AVI or MP4 that could easily be edited without anyone knowing. It varies greatly by location but in many cases the courts will accept a testimony from the person who captured the video as sufficient proof of its authenticity.
The impact of AI video editing technology will result in VMS manufacturers being held more accountable for creating methods that allow users to crop and export video without converting it out of proprietary formats. Similarly, integrators will be held to a higher standard of only exporting proprietary or otherwise un-editable video to be used as evidence in court. The courts themselves will face the greatest challenge as the volume of cell phone video and other user produced footage continues to expand at astounding rates.
While it may take a long time for this technology to impact our industry, it will inevitably change the way we operate. Photographs were once the gold standard of evidence. Photoshop quickly changed that and today it’s hard to believe any image we see in a magazine advertisement is real.
Video is still treated with a certain amount of respect and trust, but the evolution of AI will change that.
Colin Bodbyl is the chief technology officer for UCIT Online (www.ucitonline.com).
Advice 2018 FOR
SP&T News recently reached out to a variety of security systems manufacturers and developers and asked them for some helpful pointers that we can relay directly to our readership. Read on for advice on customer relationships, IoT, legacy systems, connected devices, project management and more. (For a more detailed breakdown of cybersecurity trends and best practices, check out our coverage on p.16.)
Jacquelyn Davies, Vice President of Sales for Canada, Bosch Security Systems
In 2018, we’ll see an increased focus on solutions that go beyond security requirements to add value by addressing other needs of the user. As a result, systems that consist of silos of security technologies will no longer be acceptable to end users who will be looking for smart, connected systems. Integrators will need to identify how security technologies
can work together to improve overall system performance.
For example, video integration with the alarm panel can enable control panel events — such as an alarm triggered by a motion detector — to initiate camera actions, including sending video snapshots from cameras focused on the area to end users via email or text. Cameras equipped with video analytics can also activate points on the control panel, improving security and enabling the integrator to extend system capabilities beyond security. A camera triggered to alert on loitering or an object left behind can notify security personnel about a pallet blocking an emergency exit door or a car parked in
a no-parking zone to prevent health and safety risks. These capabilities add value for the user by providing a solution for health and safety pain points and helps them seek additional funding sources outside of the security budget.
Integrators who move out of the traditional security system comfort zone can use integrated solutions to solve issues that extend beyond security. With knowledge of the capabilities of integrated systems, the integrator can become a strategic advisor and trusted partner, helping them establish valuable, long-term relationships with customers.
Derek
Arcuri,
Product Marketing Manager, Genetec
Moving from a legacy access control system to an IP-based system can sometimes be seen as expensive and time consuming. Security directors can be hesitant, often asking questions such as: “Will I have to replace my entire system? How much will it cost to rewire and transition my cardholders and data-
bases? How much downtime are we looking at?” While these concerns are valid, it’s never been easier to migrate to IP access control. The first step to ensure a successful outcome is to treat the migration as a project and elect a project manager to ensure successful planning, execution and closure. This is worth the investment as it gives the customer the assurance that everything is under control and increases your success in terms of cost, scope, schedule and time. From there, it’s important to follow the following steps:
Planning: Understand how the current system is being used from card to reader (this includes analyzing wiring drawings, architecture, where the doors and openings are located, card technologies expectations).
Analysis: Evaluate which features and technologies are being used vs. what will be needed, what work arounds are required. Evaluate what changes are needed at every level of the architecture: cards, readers, locks, wiring, controllers, servers, database cleanup, software features, etc.
Design: Map out the desired system on paper, creating a block diagram for the system migration. Build a model system in your test lab before you commence implementation.
Implementation:There are varying implementation approaches but we recommend a phased approach where components of the current system are migrated over in phases. First, set up the new system, and migrate the smallest component first (e.g. the smallest building, the smallest floor). Get feedback from system operators. Then continue moving from floor to floor or building to building.
Controlling: Test the system in batches to ensure the customer is pleased with each floor or building. Once the entire system is migrated, perform an overview test and fine-tune if needed. If the customer wants to make changes during implementation, we recommend waiting until the migration is complete as this can complicate the project plan.
Fredrik Nilsson, VP, Americas, Axis Communications
The current megatrends in most technology markets are Internet of Things (IoT), cybersecurity and big data. To security professionals it means that there will be more IP connected devices on the network, which started with IP cameras and is now moving over to perimeter protection, intercom and audio. All of these devices generate a large amount of data that can be integrated and analyzed. Additionally, with increased connectivity, security professionals need to ensure that the devices and data are protected against vulnerabilities. To do so, they’ll need to be educated in those areas to become a trusted advisor (not just an installer) to end customers. To
“It’s important to have the technician spend some time prior to the installation to refamiliarize himself with the products involved. Time invested pays for itself quickly with less stressful and easier installations.”
— Ish Ishkanian, Milestone Systems
be successful in this realm, security professionals need to ensure they align with the right partners on their journey.
Roy Park, Director of
Integration
Solutions, ASSA ABLOY
Door Security Solutions Canada Integrators should seek to build collaborative relationships with both the end user they will provide solutions for, as well as the manufacturers they plan to purchase product from.
To maximize the value of your relationships with manufacturers, work closely with their sales teams and discuss your current, future and potential projects. New products and solutions are being developed by manufacturers every day, and if you stay in contact with your sales team, you’ll be able to present the latest innovations to your customers and find the best solutions for their needs. It is also beneficial to take advantage of manufacturer training and certification programs, to increase your value to your customers and ensure successful deployments
When it comes to end-user relationships, it is critical to approach every new or potential client by taking a collaborative approach to security. That starts by listening to exactly what the end user needs. From there, you can begin providing solutions that you have previously spoken to the manufacturer about. By being well versed in all the offerings from a manufacturer, you can provide additional solutions to end users that allow you to address openings or security needs deeper into the building, and deeper into the clients’ business operations.
By establishing a long-term relationship with both sides, the integrator also becomes a conduit for information between the manufacturers and the users of these systems. That means the needs of the end user are being shared with the engineers developing new solutions. As a result, manufacturers are able to develop solutions that specifically address enduser requirements.
Ish Ishkanian, Pre-sales Manager, U.S & Canada, Milestone Systems
For large and complex integrations, most dealers try to tackle the entire challenge as one whole implementation. Due to the complexity
of these projects, it then becomes exceedingly hard to diagnose issues. I recommend in these cases dividing the project into multiple stages and delivering on each as individual projects. This helps to simplify the design and helps in cutting the time required to diagnose a problem.
Having trained and certified technicians to execute these projects is also an essential part of ensuring success. Additionally, it’s important to have the technician spend some time prior to the installation to re-familiarize himself with the products involved. We sometimes see partners’ technicians who are certified on our software but have not touched the product for a few months and forgotten some important aspects of it. In my opinion, the time invested in reviewing the products for the project pays for itself quickly with less stressful and easier installations.
John Voyatzis, Country Manager, Canada, Digital Watchdog For 2018, we suggest that integrators review the relationship between themselves, the manufacturer and the distributor. It is a partnership that will yield the right solution for the application, the best prices available and reliable service before, during and after the sale. Taking the time to ask for opinions from others can often pay dividends. Integrators might find it attractive to search for deals on the Internet. An integrator may be in a rush and find it convenient to pick up what is available at the distributor. Sales circulars offer some of the available offers, but not all the offers available from a manufacturer. Manufacturers look at those published offers as conversation starters. Distribution personnel are able to listen to the integrator’s needs and provide options to consider. Engaging a manufacturer’s representative will reveal additional recommendations after considering the entire product line. Filing a project registration with the manufacturer provides assurance that the distributor is quoting the best price. Taking the
time to use others as sounding boards can 1. Make it easier to sell the end-user customer and 2. Simplify the installation. Sometimes we think that gathering input complicates the situation. For integrators, discovering their options reduces the complications in assembling the right system for the application.
Dwight Dumpert, Director of Product Management, FLIR Security
Thermal cameras with onboard analytics are the industry standard for 24-hour monitoring and intrusion detection. However, configuring these cameras for high performance requires expertise and skill. Here are three best practices:
When installing thermal cameras on the perimeter, place them where the field of view is parallel to the fence line and perpendicular to any intruder nearing or crossing the perimeter. The greatest probability of detection occurs when targets move horizontally from one side of a camera to the other so you need to ensure that the cameras can capture any approaching individual from head to toe.
Secondly, evaluate your end user’s most important alarm detection needs to determine the best lens and focal length. A greater lens focal length provides target magnification, ideal when target classification is required at farther distances. A lens with smaller focal length yields a larger field of view, appropriate for applications where wide area perimeter detection is needed. A good rule of thumb is to define the minimal criteria for scene width and select the largest available focal length to meet the width requisite.
Third, use a statistical evaluation to define detection ranges and calculate the maximum achievable distance for detection. Professional site planning software platforms, made available by leading security manufacturers, are great resources for this and should be utilized. For example, FLIR’s Raven Site Planning Tool allows you to simulate mounting height, rotation, range and image detection to ensure accurate placement and performance in real life conditions.
Lorne Terry, Sales Director, Hikvision Canada
Best practices for complex integrated system design starts with communication during the sales process. At the initial client meeting it is paramount to have a clear understanding of the customer’s situation, needs, wants and budget. This can be a lengthy process because customers’ needs and
wishes aren’t always clear or realistic. During this discovery process, integrators need to find out who the key stakeholders are. Stakeholders are often people outside of the security and facility managers, including influencers from accounting, HR, marketing and manufacturing.
Once you have a firm understanding of the customer’s expectations, you should start looking at the hardware and software that will be capable of meeting your customer’s needs. Typically, the glue that holds all of this together is head-end software, often the video management system or access control software. Choose wisely, as the head-end can quickly become the headache. Evaluate the software company’s list of integration partners and gain a clear understanding of how the integration works. Equally imperative is ascertaining how long partnerships have been in place; review successful case studies; and evaluate the support provided by all of the parties to ensure that the system will work and stay working for the long haul. Try to avoid having things customized or developed just for a particular project, as this may lead to missed deliverables and result in some serious cost overruns and an unhappy client. After all of that, remember to document the customer’s needs and wants and clearly define how you will deliver your integrated solution in your proposal.
Aaron Saks, Product and Technical Manager, Hanwha Techwin America
We’re helping integrators tackle complex integration challenges by working with VMS vendors and other third parties to integrate our direct API. While ONVIF is OK to ensure basic connections and capabilities, so much more is available when using a dynamic driver. There’s no need to write individual device drivers anymore. Using our API, any VMS can properly interrogate a camera or group of cameras, discover all available features, and configure them on the fly. Hanwha is ONVIF compliant, but like any standard, it’s not possible for it to keep up with rapidly evolving feature sets, particularly with the multiple analytics now available onthe-edge. Another key focus is the continued development of our Wisenet Device Manager software tool that allows an installer or integrator to make changes and deploy systems in bulk. Whether that’s changing framerates and bitrates, focusing cameras, turning motion detection on, or changing IP addresses and security parameters, being able to do these tasks quickly and easily is critical to our integrator partners’ and installers’ bottom-line.
Willem Ryan, Vice President, Global Marketing and Communications, Avigilon As the world becomes increasingly connected, the way users think about and interact with security
systems will continue to evolve across all verticals and applications. Cloudbased security systems are offering a new means for integrators to grow their business through a suite of managed services, while having a connected platform that can scale with them.
Cloud-based systems offer a new level of accessibility to integrators, enabling them to deploy, manage and service more sites with a new level of ease, using fewer resources. For instance, Avigilon’s Cloud platform will provide integrators the ability to remotely adjust camera and system settings, perform upgrades, and check the health of their customers’ sites, all from the Cloud, without needing to deploy a technician.
The adoption of Cloud-based security systems not only increases an integrator’s ability to manage more sites remotely, but will also help to expand their revenue streams through subscriptions-based services.
Scott Lindley, General Manager, Farpointe Data Dealers need to be aware that 95+ per cent of all adults 18-44 years old own smart phones. Plus, 69 per cent of the entire population already uses smart phones. Thus, practically anyone using an access control system already carries a smart phone. Another way to look at it is that every smart phone user, or almost everybody, could now easily download an access control credential. In fact, they could load multiple credentials to gain access to multiple access control systems — facilities, communications, data, cafeteria and transportation.
No longer will people need various physical credentials to move throughout a facility. Instead, a person’s iPhone or Android smart phone, which they carry with them wherever they go, will have the credentials they need to enter into any authorized access system. In fact, such a system can reach beyond the facility into their homes, their automobiles or at the gym.
Smart phone credentials will be sold in the same manner as traditional 125-kHz proximity or 13.56-MHz smart cards - from the existing OEM to the dealer to the end users. For the dealer, smart phone credentials will be more convenient, less expensive and more secure. They can be delivered in person or electronically. They are quicker to bill with nothing to inventory or to be stolen. And, for those few that don’t have smart phones, they can still use a smartcard. Soft, mobile, smart phonebased access control credentials are inevitable. Every dealer needs to get on board.
“Best practices for complex integrated system design starts with communication during the sales process. At the initial client meeting, it is paramount to have a clear understanding of the customer’s situation, needs, wants and budget.”
— LorneTerry, Hikvision
David Price, Marketing Manager, Camden Door Controls
Adding voice over IP (VoIP) to telephone entry systems doesn’t just reduce the telecommunications costs for building owners/manager, it also offers a revolution in call management that provides both building owners and building tenants with more security, and more convenience. For tech-savvy dealers and integrators, VoIP telephone entry systems offer a new way to provide more benefits to customers, differentiate their business against less sophisticated competitors and, most importantly, receive RMR revenue for the telecommunications service.
VoIP telecommunications combines the advantages and capabilities of voice telephone and
computer networking together. This not only allows a tenant to receive a visitor call by voice, text and/or video, on any land-line or cell phone, it also means:
• Visitor calls can be broadcast simultaneously to multiple phones at the same time
• Visitor calls can be scheduled to be sent to one phone at one time of day and another phone at a different time.
• Visitor calls can be sequenced to multiple phones so that if one device or tenant does not pick up, the call is then sent to a 2nd or 3rd device or tenant.
• Visitor calls can be easily directed to a concierge desk, automatically, by time of day or only when the call is not picked up.
Jody Ross, Vice President, Global Sales and Business Development, AMAG Technology
In addition to being up to date on all the latest technologies that integrators offer, and knowl-
edgeable about the latest up and coming trends such as IoT and mobile solutions, the most important thing an integrator can do is understand their customer’s business as best they can. The industry is moving away from card management to identity management. Identity management allows an organization to manage the different identities that enter its buildings. Understanding whether or not an employee, contractor or visitor has entered, and providing specific access to specific areas for a predetermined amount of times provides data the end user can use to better operate his business. This data can be used to improve onboarding and offboarding processes, access request and approvals, re-certifications and to enforce audit and compliance requirements. When an integrator understands an end user’s business, he can look beyond security and see where the business can improve its operational processes. An identity management system will help align a business’s security operations with its business operations. The integrator will help his customer save money, meet audit and compliance requirements and mitigate risk. The end user, in turn, will look to his integrator as a subject matter expert and overall business partner.
OUT OF THE NETWORK TAKING GUESSWORK
The impact of connected devices on cybersecurity and what the industry is doing to help fix it
By Ellen Cools
Following the Dyn attacks in 2016 and the recently discovered “Devil’s Ivy” vulnerability, IoT devices are no longer simply the new trend in the security industry. Now, they are also the focus of cybersecurity strategies.
The Dyn attacks revealed that “IoT devices can be used in nefarious purposes,” says Mathieu Chevalier, head of Genetec’s cybersecurity team in the product development department.
“Even though a device may not have valuable information or assets, it could still be a target of attack,” adds Jerry Zhang, director of security product line, Dahua. “The attack to IoT devices was not the ultimate objective in the Dyn attacks in 2016.”
Hackers targeted domain name servers (DNS) for the provider Dyn (now Oracle) through the Mirai botnet, which used vulnerabilities in “an army of IP cameras and NVRs and DVRs” to overload the DNS, explains Chevalier.
“The Mirai botnet primarily consists of insecure IoT devices: insecure cameras, insecure routers,” adds BlackBerry’s chief security officer Alex Manea. “The coders looked for, I believe, 60 different default username and password combinations that were put on those routers and on those cameras.”
Ryan Zatalokin, senior technologist, Axis Communications, says the industry has encouraged end users and installers to use strong passwords and either isolated networks or networks behind a firewall to prevent hackers from exploiting the devices.
“The biggest thing is it’s not just cameras or other Axis devices (in our case), but it’s any network device that’s potentially at risk,” he elaborates. “So it’s not just about securing one type of device on the network, it’s about securing all devices on the network.”
Manea agrees: “Anything that’s connecting to your enterprise network that’s also connecting to the Internet is going to become a security threat. So you need to a) make sure you can manage all of those endpoints and b) make sure you can send software updates to those endpoints, because if you have IoT endpoints you can’t update and somebody hacks them, you’re toast.”
The rise of new botnets makes securing IoT endpoints even more criti-
“Even though a device may not have valuable information or assets, it could still be the target of an attack.”
— Jerry Zhang, Dahua
cal, as seen with the discovery of the “Devil’s Ivy” vulnerability last summer.
“Devil’s Ivy was an attack on a third party library that was used by multiple vendors,” explains Chevalier. That third party library was a source code called gSOAP, produced by Genivia.
This time, hackers used a different botnet, the Reaper botnet. They send two GB of data to the devices, running code that could disable it, install malware on it or intercept a video stream.
Ethical hackers at security firm Senrio initially found the vulnerability in an Axis camera.
In response to this vulnerability, Axis worked with Genivia to “crack their source code,” explains Zatalokin, and then deployed a patch to fix the vulnerability.
Since a number of ONVIF members used the same source code, Axis then also informed the organization about this vulnerability.
According to Chevalier, manufacturers then conducted internal assessments to determine if their products were vulnerable. If that was the case, they provided firmware to patch the vulnerability.
Although Genetec recently issued a new feature in its Security Center platform to help manufacturers patch vulnerabilities, Chevalier says “it’s really the customer’s responsibility to keep its IoT devices updated.”
Lessons learned: education is key
As such, Axis, Dahua and Genetec have focused strongly on education, not just for the dealers and installers, but for the end user as well.
“User awareness and engagement are very important steps to cybersecurity,” says Zhang. “As reported in OWASP [Open Web Application Security Project] Top 10 — 2017, security misconfiguration is one of the most commonly seen issues. It is important to establish effective communication to users about security threats, software fixes and best practices.”
Chevalier agrees. “What we try to do first is warn our customers about [a vulnerability],” he says.
For example, Genetec issued a security advisory on its website about the Devil’s Ivy vulnerability.
“Even though our products weren’t directly affected, we know our customers might be using products that are affected, so we try to let them know that they might have to do something,” he explains.
In Genetec’s newest version of the Security Center, Security Center 5.7, a page informs customers if they use weak passwords, and warns users if they leave the default passwords on their devices.
Additionally, the sofware platform provides firmware upgrades. “This is the second most important thing you can do to secure your IoT devices,” explains Chevalier. “In the last version of our software, 5.7, we’ve come up with the automatic warning. So if you use, let’s say, an Axis camera that is vulnerable because the software is old, we are getting that information on our websites, and then we’re showing it to the user inside Security Center directly.”
Likewise, a few years ago, Axis began an education campaign to increase awareness among their engineers and sales force, as well as in its R&D department.
Axis also has a dedicated web page for CVEs (Common Vulnerabilities and Exploits), where the company publishes information about vulnerabili-
ties that may affect its products and advice regarding risk mitigation.
“A lot of this also still comes down to education. Even just as short as a few years ago, people were still using the default passwords on our products and the other vendors’ products, and it’s obvious in this day and age that it’s something that really can’t be done,” Zatalokin says.
Axis also introduced features such as a password strength indicator and disabled services on a number of legacy products in 2017.
“It’s not just about securing one type of device on the network, it’s about securing all devices on the network.”
— Ryan Zatalokin,Axis Communications
New cybersecurity features
This doesn’t mean that the security firms aren’t taking steps to increase the security of IoT devices.
While Dahua’s products weren’t affected by the Devil’s Ivy vulnerability, the company has made cybersecurity mandatory in product design, and began implementing the Dahua cybersecurity baseline standard in firmware releases in July 2017.
“We have adapted advanced scanning tools to screen our products against known vulnerabilities,” Zhang adds. “Penetration tests are conducted by independent test teams. We keep updating the Dahua cybersecurity baseline standard to reflect the change in cybersecurity threat.”
Additionally, the Dahua Cybersecurity Center was established in early 2017 to receive security vulnerability reports, communicate security announcements and notices, and share cybersecurity knowledge with their customers.
Genetec is also introducing a new platform to raise more awareness: the Genetec Trust Center. The Trust Center will provide resources and content material for everyone from integrators to consultants to end users, evaluating the security and integrity of their hardware and software.
Axis is also focusing on securing platforms. The company now has the tools to deploy encryption by default.
“We’ve introduced HTTPS [HTTP Secure] by default in our products so that when you initially log into your products that connection is secure. So if somebody was eavesdropping on the network, they wouldn’t be able to see things like usernames and passwords,” Zatalokin explains.
Zatalokin believes these changes “have greatly reduced the chances of somebody finding a simple exploit that they can attack our products with.”
— With files from Neil Sutton
HIKVISION’S CYBER SECURITY GURU
Many surveillance vendors have come under increased scrutiny in recent years as critics point to the industry’s spotty record on cybersecurity.
In Hikvision’s case, some of this criticism is deserved, according to Chuck Davis, the company’s newly-appointed director of cybersecurity. But a lot of it is not.
Davis, a veteran of IBM, joined Hikvision in October of last year. He was brought on board, according to his official bio, to oversee the company’s cybersecurity inside and out.
Davis set out on a whistlestop tour across Canada in December, making visits to Montreal, Toronto, Calgary and Vancouver to conduct lecture-style presentations for Hikvision dealers and partners. These presentations described Hikvision’s record on cybersecurity and offered a guide on how installers can become more cognizant of their — and their customers’ — cybersecurity needs.
left in place. Hikvision responded by disabling Telnet in addition to its policy of no longer using default logins. “It is best practices to turn everything off that you don’t need,” explained Davis. “If you don’t need a service, turn it off.”
As of 2017, approximately four billion people around the globe have access to the Internet, said Davis, and potentially, any of them could be a threat. He described the most common types of threats: viruses, worms, Trojans, spyware, adware and phishing attacks.
One of the most devastating pieces of malware in recent years was the Mirai botnet of October 2016, which manifested as multiple DDoS (Distributed Denial of Service) attacks again DNS provider Dyn.
The attacks were executed through a number of compromised devices, from IP cameras to baby monitors and other IoT technology. Davis suggested that some researchers and pundits believe this attack was actually a co-ordinated experiment.
Davis maintained that Hikvision products were not comprised by Mirai due to their hardware incompatibility with the botnet. Hikvision also says it removed the use of default user names and passwords from its equipment in 2015.
Describing another incident, Davis said that in 2014, it was reported that Telnet, a textbased virtual terminal connection, was left open on some devices and was thus accessible to outsiders — particularly where default logins were
In another controversy, it was claimed that Hikvision cameras activated a dynamic DNS (DDNS) feature and sent information back to Hikvision’s home country of China.
While cameras may have had the ability to send out signals, he says there’s no evidence they went to China — instead the DDNS feature attempted to reach Web servers in the U.S. DDNS has since been disabled on Hikvision cameras by default.
Davis dismissed criticism of Hikvision’s Chinese government connections as fear-mongering. According to Hikvision, two state-owned enterprises own approximately 42 per cent of Hikvision stock.
He described other events in Hikvision’s recent cyber history, adding that the company has admitted to its problems and patched flaws in short order.
Davis offered a number of best practices that apply to all Internet users, regardless of device or platform: check URLs before clicking on them by hovering over the text; be suspicious of email attachments; use long, complex passwords (and/or use a password manager program); use two-factor authentication; keep OSes, browsers and anti-virus tools up-to-date; monitor everything and collect logs.
Perhaps most importantly for installers, according to Davis: “Putting a camera directly on the Internet is not a good idea. I don’t care whose camera it is.”
Davis added that Hikvision is hiring more cybersecurity experts and creating an educational awareness campaign that would include more events like the one hosted by Davis as well as blogs and webinars.
Future developments could include cybersecurity certification programs, additional third-party product testing, and a full review of Hikvision’s documentation and training processes. “I’m here to support the sales team,” said Davis, “but my goal here is to create good, secure products and make people aware.”
— Neil Sutton
Chuck Davis, Hikvision
Product Previews
Monitoring and management
Vicon Security
VAX Access Control Version 2.9 provides centralized monitoring and management of access to doors, elevators and other protected spaces. Through a web interface, users have control from PCs, laptops, tablets and smart phones. This version features the ability to create custom mapbased interfaces that show the physical placement of VAX devices and allow users to call up associated data and video. Map images can be populated with icons representing doors, elevators, cameras, etc. Clicking on an icon also provides real-time status. www.vicon-security.com
Access Control
Smart cards and multi-technology readers
Kantech
Kantech’s ioSmart Smart Cards and Multi-Technology Readers are based on MIFARE Plus, providing a high level of security by enabling end-toend encryption between the credentials and the EntraPass access control software. Multi-technology readers provide the option to read both proximity and smart cards giving customers a self-paced way to migrate from proximity cards to advanced smart card technology. Features also include endto-end encryption for an extra level of security.
Mobile app
Software House
www.kantech.com
C•CURE Go Install mobile app provides a convenient means of configuring or updating information on the iSTAR Ultra LT controller without having to physically access the unit. Working with an embedded Bluetooth antenna that can be turned on and off remotely to ensure network security, users log into the C•CURE Go Install app to perform a host of tasks, including configuring the network settings on the controller, rebooting the device and checking its status.
www.swhouse.com
Wireless keypad Danalock
Danapad is a wireless, smart access keypad that enables homeowners and businesses to manage secure access for delivery, contractors, cleaning and pet services, and those without a smartphone or access to the smart home system such as children, elderly residents or visitors, and guests. Danapad’s small footprint (35mm x 82mm) provides an out-of-the-box solution that requires no permanent alteration to the door or entry area. Danapad works well in hot and cold climates and can withstand the effects of salt, fog, and rain.
www.danalock.com
Product Previews The latest in security technology
Single-board cameras
The Imaging Source
The 6 MP single-board cameras (colour and monochrome) features Sony’s light-sensitive STARVIS IMX178 sensor and USB 3.1 (Gen. 1) reversible Type-C port connection. The IMX178 board-level cameras provide a combination of high resolution and high speed (6 MP at max. 60 fps.). The company says Sony STARVIS sensors deliver high image quality suitable for demanding embedded machine vision tasks. www.theimagingsource.com
Security Center 5.7
Genetec
This new version of Security Center is an open-architecture platform that unifies video surveillance, access control, automatic licence plate recognition (ALPR), communications and analytics. This version also adds privacy protecion for individuals, distributes HID mobile access control credentials and ensures business continuity with native access control failover. To improve cybersecurity, Security Center now automatically identifies whether connected edge devices are running the most recent and secure device firmware. Additionally, the new version is unified with the KiwiVision Intrusion Detector module. www.genetec.com
In-wall speakers
Leviton
Leviton has announced several additions to the Architectural Edition powered by JBL speaker product line. There are five new in-ceiling and in-wall speakers: LAE6C, LAE8C, LAE6I, LAE8I and LAE6D. The new recessed in-wall and in-ceiling speakers include installation brackets that utilize a specialty mechanical grip to minimize vibration. The speakers can be paired with the Leviton Hi-Fi 2 distributed audio system and feature paintable zero-bezel magnetic grilles. www.leviton.com
Flashlight camera
Ganz Security
The Lightguard Flashlight Camera and Recorder is an IP66 rated, 1080p portable camera and high performance flashlight that incorporates switchable far/near LED light, IR lighting, an onboard screen for local playback and an SD card for recording. It also has an emergency notification alarm for additional safety and an RFID reader capability for route patrol recording. The unit is suitable for security patrol, military, mine safety, fire marshals, transit police, natural resource officers, industrial and nigh time surveillance applications. www.ganzsecurity.com
LED notification appliances Eaton
The new line of Wheelock Exceder LED3 notification appliances are compliant with the latest NFPA code requirements for flash duration. The Exceder LED3 line includes strobes, horn strobes, horns, speakers, speaker strobes, low frequency sounder strobes, and sounders for ceiling and wall-mount indoor applications. High-fidelity speakers provide leading intelligibility for mass notification and emergency communications. Exceder LED3 strobes can also be installed in the same notification zone and field of view with any Wheelock RSS strobe model.
www.eaton.com
Network encoder
Vicon
This 16-channel H.264 video encoder model converts analogue camera input into streamed IP video data. The encoder incorporates high-quality H.264 video, audio encoding and compression technology and is designed to support 960H, AHD and TVI analogue cameras. It network-enables existing analogue cameras and creates an IP-based system, allowing integration with Vicon’s Valerus VMS. Advanced features such as museum search, which permits users to conduct quick analysis of recorded events, and dynamic load balancing and automatic detection, are provided when the device is used as part of a Valerus VMS. www.vicon-security.com
Label printer Epson
Video management system
Bosch Security Systems
The new Video Management System 8.0 (BVMS 8.0) offers stitching, GPU decoding and 64-bit function. The Bosch Video Stitcher combines video from up to 16 cameras into a single view. BVMS 8.0 runs as a 64-bit application, up from 32-bit in its previous versions. This raises the maximum capacity of a single BVMS from 30 management servers with 100 cameras per server to 50 management servers with 200 cameras per server. With VMS 8.0, users are able to configure Bosch H.265 enabled cameras, allowing them to reduce bandwidth and storage needs. The system also allows operators to switch between the optical and thermal view. www.boschsecurity.us
The ESPON LABELWORKS PX LW-PX350 is a portable wire-marking, barcode and general-identification printer for creating custom and compliant labels up to 3/4 inches wide. With special-function hot keys and an automatic cutter, this label printer allows users to quickly sequence numbers and letters commonly used for wire and cable identification. This product uses LABELWORKS PX industrial supplies from 1/8 inch to 3/4 inch wide, including five sizes of heat shrink tubing, plus magnetic, strong adhesive, removable adhesive and more.
labelworks.epson.com
to
are
companies in
managing dealers for account portfolios ranging from
to 6,000 accounts located in Vancouver, Calgary, Winnipeg and Toronto. For more information please call Leonard Sudermann at 403-299-2299.
• Fax: 403-299-2209 E-mail: len@securex.ca SECUREX,
QA &
SP&T News recently caught up with Peter Strom, CEO of Ottawa-based March Networks, to talk about their latest solutions, the role of analogue in a world filled with cybersecurity concerns, the potential for AI and a lot more. We began by getting an update on March’s parent company, Chinese camera manufacturer Infinova — an acquisition that was completed back in 2012.
SP&T News: What is March’s relationship now with Infinova?
Peter Strom: They acquired us about five years ago. We were the first acquisition they made. They went public on the Shenzhen Stock Exchange and raised a fair amount of money in that market. Their strategy was to really go out and acquire companies and grow through acquisition. Even though it’s an operating company with operations in China, they’re primarily a holding company. We’re a wholly-owned subsidiary of theirs. They [also] bought Swann Communications (based in Australia), which is really focused on the home market, and they’ve made a number of other acquisitions as well.
SP&T: Do you leverage any of their technology?
PS: We do. In our camera line-up, most of our cameras come from Infinova, and we have some other suppliers as well for more specialized kinds of cameras. We develop the firmware; they develop the camera itself, but they load our firmware in it. It’s all our software.
SP&T: Can you explain March’s vertical markets focus?
PS: The backbone of the company was really built on developing enterprise level solutions. We tend to focus on the banking market and retail market because, at the time
Peter Strom, president and CEO, March Networks
By Neil Sutton
the financial industry. Most of the IT departments put our products through ethical hacks before they approved it to go on a network.
SP&T: How are you helping your customers and partners with their cybersecurity needs?
when we first got our start, we didn’t feel like there was anybody doing a good job of allowing people with thousands of locations to manage their entire network, their NVR infrastructure, remotely. Everybody was doing it one to one.
People do a pretty good job today of building cameras and DVRs. To differentiate yourself, we believe that the future really is in developing applications which solve specific business problems for those customers. The only way to do that successfully is to understand the interoperations of your customers.
SP&T: Are you getting into any 4K product lines?
PS: We can take on 4K video in our NVRs today, but haven’t launched any cameras.
SP&T: There seems to be some hesitation in customer adoption of 4K solutions.
PS: It’s an industry that’s interesting. There are companies that enter the market space trying to make their position by leveraging the latest technology, as an example. That’s fine, but the reality is in our industry no customer wants to go out there and rip out whatever they have and replace it. There’s very little rip and replace — it’s not like an IT industry. We tend to focus on letting our customers migrate in whatever direction they want to go in. With [cus-
tomers] that have a lot of analogue cameras — whether it’s financial or retail — you don’t have to take out the analogue cameras. You can bundle a combination of analogue and IP cameras with our solutions, as an example. We’ve launched a new NVR that also has HD over coax, which allows them to leverage their coax cable to ultimately get high-definition video. It’s a ‘tribrid’ solution. It gives our customers flexibility on how quickly they want to evolve to an all IP solution. Some are deciding not to, to be honest with you. Some are deciding that, “I’m concerned about some of the cybersecurity issues out there. I feel pretty safe with coax. And if I have high definition video good enough to run my operation…” Some are choosing to continue on with analogue for a while longer.
SP&T: Are you getting a lot of questions from customers about cybersecurity?
PS: When we first started back in 2002-2003, the company was more of an IT company, coming from the Terry Matthews legacy. When I walked into the building — I was a guy from the video industry — I walked into a building full of IT specialists and I said, “OK, we’ve got a lot to learn from each other.” From the ground up, when we built this product, it was really built around cybersecurity needs — before cybersecurity became a “cool thing” — because we serve
PS: We have an educational program based around cybersecurity that we offer to our dealers. We give them regular updates — they can access our website at any time for regular updates on, say, new viruses or malware that we come across or hear about. We also have a product called Guru, which was really designed for the integrators. It forces the integrator to go through a certain set of steps. Before they configure a product, they have to meet certain steps before they are compliant with the regulations. It’s really simple for the integrator to do this. We know some of the companies out there have got some bad press because they’ll use the same passwords that the box comes with and they don’t change the password. You can’t do that with our product; you have to change the password.
SP&T: How do you think artificial intelligence will affect the industry?
PS: What’s important about AI is, you can process an awful lot of data through a machine as opposed to human. What does [that mean] for security? Today, a lot of time is spent doing forensic investigations for a security director, as an example — with AI you’ll process data a lot quicker, so you can speed up investigations. Also, humans make mistakes and miss things. AI is a learning tool ... humans just can’t process the information fast enough. We think it’s going to pick up the amount of fraud that’s out there in banking as well as retail. It’s just going to speed up investigations dramatically.
March Networks’ Command Center solution, introduced last September, combining software, video display and control, and alarm management.
ASSESS DELIVER DESIGN OPTIMIZE
Everything you need to stay secure. We will assess, design, deliver and optimize an end-to-end solution to secure your people, property and assets. Utilizing the results of our risk assessment process, we collaborate with you to deliver resolutions for identified risks. We help you meet standards and exceed compliance regulations, from development through installation and ongoing maintenance. For more information on G4S’s security solutions, please visit www.g4s.ca or call 1-888-717-4447.
Siri, Unlock My Door
Weiser Premis connects with Apple HomeKit, letting you unlock your door just by asking Siri. Turn off your alarm, turn on your lights, and put the heat on all from your iPhone. Make your home a connected home.
