Posts Tagged :

covid-19

Top five security predictions for 2022

1024 682 Stuart O'Brien

With the COVID-19 pandemic continuing to put businesses and society at risk, Andy Robertson, Head of Enterprise & Cyber Security, at Fujitsu UK&I, has laid out his top five predictions for 2022…

In these unprecedented times, organisations have needed to vastly adapt their security processes to the new ways of working and living. But just because the current security defences are able to withstand attackers now, that doesn’t mean cyber criminals won’t strike again in the future. Cyber criminals are always developing unique tactics to find and exploit new weaknesses.

As the UK still faces the COVID-19 pandemic, businesses are facing a hacking epidemic. For example, The National Cyber Security Centre’s (NCSC) 2021 annual review found that there were three times as many ransomware attacks in the first quarter of 2021 than in the whole of 2019. Current remote working practices have significantly changed the securitylandscape, but the need to keep everything connected and secure hasn’t changed. Businesses need to focus on embedding revised security measures right from the start so that their employees can keep operating securely, wherever they are in the world.

As we enter the third year, where the pandemic continues to impact organisations, here are my top five predictions cyber security in the coming 12 months…

  1. Trust will be maintained by Zero Trust Architecture in the hybrid working world  

2020 and the early part of 2021 were all about remote working. Moving into 2022, I expect to see more organisations embrace and establish hybrid working as the norm. New data from Glint reveals that 87% of employees would prefer to stay remote at least half of the time, even after it was safe to return to their workplace.

As organisations adapt to different working patterns and locations, this fairly new hybrid working approach introduces new security risks. A login from a remote location late at night – once considered suspicious – is now a much more common occurrence as hybrid workers balance work and life priorities.

To help reduce the risks and the burden of monitoring those risks, organisations should consider implementing a Zero Trust approach. It’s a remarkably simple concept. Businesses must assume that there will be a breach, that anything can be compromised, and that no-one is really who they say they are or is acting responsibly. This does not mean you don’t trust your employees, partners, suppliers, or customers – as people. It’s actually about knowing who they are, what they are doing, what technology they are using, and what level of authorisation they have for each thing they do, every time they do it, wherever they are doing it.

 

This means that data, systems, and equipment are treated equally and securely. It doesn’t matter where they are located, in your network or outside it. Nothing is trusted until you know it can be trusted.

  1. IT and OT cyber security will both be the CISOs concern 

In 2022, Operational Technology (OT) cyber security will be recognised as being as important as IT security for assuring business continuity. The number of large-scale attacks on OTs has grown in volume in 2021 – with 83% of critical infrastructure companies experiencing breaches in the last three years. I expect to see this continue in 2022 as cyber criminals seek to further exploit these potentially vulnerable systems that control critical processes – making them lucrative targets.

IT and OT cyber security will become a greater concern for the CISO as they seek to reduce overall risks for their organisation. The good news is that satisfying the new end-to-end cyber security paradigm brings benefits beyond pure risk mitigation. The cyber security measures an organisation deploys will become a key quality characteristic, which organisations will be required to demonstrate in order to be admitted to digitised supply chains.

CISOs will need to give the same attention to their OT security as they do IT to gain all of these benefits.

  1. True Business Continuity will require greater levels of collaboration and real-time insights

The COVID-19 pandemic reached an unprecedented scale and longevity that rippled through the way organisations operate, communicate, and safeguard against future disruptions. And these weren’t the only factors testing organisations’ continuity plans in the last 2 years. Society also simultaneously experienced civil unrest, wildfires, and hurricanes. This exposed weaknesses in organisations and demonstrated how historically siloed approaches to resiliency put organisations in grave danger. For instance, ransomware hackers targeted three US water facilities in 2021, which is concerning against the backdrop of droughts.

No one had a plan robust enough for 2020. It also prompted volatile and unpredictable market conditions. The pandemic not only demonstrated the interdependence of multiple areas of risk but showed organisations they must be vigilant about all disciplines simultaneously and holistically.

As we move into 2022, I expect to see more uncertainty and volatility that will stretch continuity plans. Organisations that want to build resilience and stability should bring together multiple disciplines such as business continuity, IT continuity/Disaster Recovery, risk management and procurement (supply chain) to collaborate on wider-reaching plans that facilitate real-time decision-making based on data instead of historic trends.

I also expect to see industries collaborating and regulators taking a greater interest in resilience across critical industries. A primary example of this is the operational resilience directive, released by the UK’s financial regulatory bodies, the Financial Conduct Authority (FCA), in partnership with Prudential Regulation Authority (PRA) and the Bank of England (BoE). This directive comes into effect in March 2022 for implementation, with full compliance being required in March 2025.

  1. The strongest form of defence… will come from being attacked 

To build organisational resilience against a rising tide of cyber threats in 2022, organisations will have to learn to think like cyber criminals. Cyber criminals are on the offensive and will always look for ways to exploit any weakness they find, without any regard for law and ethics. They rely on exploiting complacency and organisations focusing on agility at the expense of security.

One of the most critical vulnerabilities to watch out for in the years to come is the open source software Log4j. This vulnerability is currently leading to the compromise of systems and data and will continue to do so in 2022. Attackers will iterate on and develop exploits to target this vulnerability and deploy ransomware and bitcoin miners to successfully compromise systems. Log4j will likely be a target of further scrutiny by attackers and vulnerability researchers looking to identify other weaknesses within the logging utility.

To build the right defences, organisations must learn how to think like a cyber-hacker so that they can close down any gaps that could be exploited. Organisations should embrace attack simulations and wargaming, with a trusted security partner. That way, it will help them set up realistic scenarios, run them, and then learn from the results. A wargame is the simplest and best way to find gaps in your defences. What you learn in action strengthens your ability to avoid needing to take serious action in the future.

Working with security service providers that can deliver Breach & Attack Simulation services helps test the vulnerabilities and see how effective an organisation’s security posture is and where it needs to be strengthened, or even changed completely.

  1. Turning the tide on security alert fatigue

Covid has added to the urgency of many businesses’ migration to the cloud and boosted consumer adoption of cloud services, and that’s set to continue for a long time. One estimate predicts that the cloud computing market size will reach $1.2 trillion by 2028. Increased cloud consumption has been accompanied by an equally rapid increase in the number of threats and alerts from across those platforms.

Inevitably, in 2022 we will see more security alerts which will exacerbate the problem of ‘alert fatigue’ where IT security teams can become overwhelmed and miss the signs of a significant attack. The continuing skills shortage in the cyber industry combined with this fatigue means the organisations will need to think differently and provide greater incentive to explore the use of security automation solutions that can prioritise alerts and even enact pre-defined responses to reduce the burden for security professionals.

Five tips to manage social distancing and limit contact with doors

960 640 Stuart O'Brien

Installers and specifiers are still not fully aware of the many options available to them to help manage social distancing and limit direct contact with ironmongery and doors, says the ASSA ABLOY Opening Solutions UK&I.

In line with a recently updated guide from the Guild of Architectural Ironmongers and Finishes and Interior Sector, which outlines how business owners can use partitioning and ironmongery to help manage social distancing, ASSA ABLOY says its portfolio means its products can help with these issues in a number of key ways. 

“During these times, it’s no surprise that installers and specifiers are being asked about the most suitable products to fit,” says Eryl Jones, Managing Director of the ASSA ABLOY Door Hardware Group. “It’s critical to advise decision makers on practical product choices, which not only meet the needs of the here and now, but which also provide long-lasting, compliant solutions too.

“For existing hardware, the truth is nothing will beat a regular and thorough cleaning routine. However, for new installations, there are a variety of considerations that installers and specifiers will want to bear in mind when advising their customers. Here are our top ironmongery tips on how to manage social distancing and limit contacts with doors.”

ASSA ABLOY has outlined 5 top tips to help:-

  1. Seek specialist closing devices

To minimise contact with a door, many will be tempted to keep doors held open. This, however, must not be done with fire doors, but this challenge can be overcome with electromagnetic hold-open units. Connected to the building’s fire alarm system, these will automatically release in the event of a fire, helping to keep people and property safe.

ASSA ABLOY’s DC300G-HF door closer is commonly specified for these applications, with the option to not only choose hold-open but free-swing functionality too. This enables the door to operate without any resistance, so it can be left open in any position. However, just like with the hold-open feature, should a fire alarm be activated, the electromagnetic feature will release the door and ensure it’s closed securely.

2. Provide personalised keys

Users sharing keys can quickly increase the spread of bacteria and germs. An access control system that employs individual keys puts a stop to this, and simplifies key management too. Electromechanical solutions use high-end micro-electronics and programmeable keys and cylinders to overcome this challenge.

ASSA CLIQ Remote is one such system. A popular, award-winning solution, it allows all users to have their own personalised keys for doors, eliminating the need to share keys. A recent success story has been with the Hean Castle Estate, with ASSA CLIQ Remote ensuring managers stay in control of access rights across the site at all times. Another long-term benefit of the system, according to Trustee David Lewis, is its flexibility. “As the Estate expands, the ASSA CLIQ® Remote system can grow with it,” he says. “The system is now simply part of the infrastructure of the Estate; should we need more cylinders or padlocks added to it, then this is an easy and hassle-free process.”

3. Adopt anti-microbial solutions

Anti-microbial solutions, or ‘touch-safe’ as they’re often called, offer a proven way of preventing bacteria from spreading. In the current climate, it’s unsurprising that installers and specifiers are receiving an increased number of enquiries about these solutions. It’s worth noting that these products might not offer the best long-term solution, as they can lose their potency over time. Nevertheless, they are easy to install and cost-effective.

Customers might also want to consider anti-viral copper tape products, which simply wrap around a clean door handle, for a quick, temporary ‘touch-safe’ solution. For example, UNION has developed GripSafe to meet this need, which has been proven to inactivate 99.98 per cent of corona viruses.

4. Don’t forget about ancillary products

When considering ironmongery and doors, it’s can be easy to forget about other ancillary products that can help limit and mitigate the risks of spreading bacteria. If there are concerns around products that could provide surfaces where bacteria may collect, then concealed products offer an assured solution. From concealed hinges to concealed door closing devices, ASSA ABLOY has a range of products available for guaranteed peace of mind.

Another factor to think about is signage. Given the current climate, specifiers may want to consider signage relating to hand washing and sanitising, social distancing, and other measures that can be taken to prevent the spread of germs.

5. Making sure products are up to mark

While not directly relating to helping manage social distancing or limiting contact with doors, the final tip is on product marking, as it’s vital that solutions with the appropriate product marking are being specified and installed. With the new UKCA and UKNI marks introduced from 1 January 2021, it’s crucial that installers and specifiers understand the implications for products that do not have the correct marking in place. Not only will product marking be invalidated, but the potential implications for all those involved throughout the supply chain could be very serious, including significant fines and penalties.

ASSA ABLOY says it has taken all the appropriate steps to ensure its products have undergone the correct third-party marking for goods being sold into Great Britain or Northern Ireland. Those with questions or concerns around ironmongery product marking should not hesitate to contact the ASSA ABLOY team to discuss in more detail.

Keeping cybersecurity initiatives on track

960 640 Guest Blog

The West Midlands Train service has come under fire after workers discovered that an email promising them a bonus payment after running trains during the pandemic was actually a phishing simulation test.

Around 2,500 employees received a message which appeared to come from Julian Edwards, Managing Director of West Midlands Trains, thanking them for their hard work over the past year under COVID-19, and that they would get a one-off payment as a thank you.

However, those who clicked through on the link were then emailed back with a message telling them it was a company-designed ‘phishing simulation test’ and there was to be no bonus. The email warned: “This was a test designed by our IT team to entice you to click the link and used both the promise of thanks and financial reward.”

Since the test has been revealed, the train service has received media backlash for promising a fake financial reward to well-deserved teams. However, the modern threat landscape is constantly evolving, and it’s vital that businesses prepare their workforces against any type of threat. So was this a good test of resilience? Andrea Babbs, UK General Manager, VIPRE, explains...

Fight Fire with Fire

In order to be successful in the fight against cybercrime and protect the network, businesses should not be afraid to fight fire with fire and sometimes stoop as low as the phishers themselves – who have no morals. By using a powerful message and incentive such as the suggestion of a bonus provided by West Midlands Train Service, businesses can gain valuable insight into how their employees could be tricked into clicking on a phishing link, and why they need to ensure their staff are trained for any type of attack.

However, the test has clearly upset West Midlands’ employees, and could have been done in a less dramatic way so that it wasn’t either ethically or morally questionable. Particularly during a pandemic where our frontline workers, like those in the transport industry, have continued to put themselves at risk over the last year. The idea of a bonus in the current challenging environment seems deserving as an act of recognition for their above and beyond service – but for this to be a test, rather than the promised reward, is particularly hard-hitting for those involved.

Finding the Balance

It is vital that organisations take the time to train and educate their staff so that they become an additional line of defence in an organisation’s cybersecurity strategy. However, IT teams also need to rely on users’ goodwill to encourage them along the cybersecurity journey. This test by West Midlands Train service may have damaged that goodwill, and could disillusion some members of staff.

Rather than mentioning a bonus, the train service could have mentioned a change to pay, or date of payroll. Both of these statements would have had the same instinctual reaction in employees, without having heightened emotions surrounding the letdown of a non-existent bonus.

Importance of Education 

Regardless of the incentive behind the West Midlands phishing test, the fact that employees clicked on the link highlights the need for businesses to perform these types of tests in the first place.

Cybercriminals will stop at nothing to get users to click on a phishing link, download a malicious attachment or fill in their details on a forged website, and will use personal or professional information to lure them into doing this.

Therefore, employees need continuous training to identify and avoid these attacks. Going forward, businesses who are looking to deploy such phishing tests should try using less exciting topics to trick their users in order to avoid any bad will or backlash from their employees, and the media.

One way to achieve this is to implement Security Awareness Training programmes which incorporate real-life situations, including phishing simulations – that are less emotive. This educational material will help organisations to fortify crucial cyber threat prevention messaging and educates workforces on how to protect both the business and themselves.

HSE doubles down on COVID spot checks

960 640 Stuart O'Brien

As we continue the roadmap out of lock down and more businesses re-open, the Health and Safety Executive (HSE) says it’s working with local authorities to carry out spot checks and inspections on local businesses.

The reopening of the economy means that the opportunity for COVID to spread is increased substantially, so the HSE says it’s critical that businesses shouldn’t become complacent, i.e., they still need to have COVID-secure measures in place.

The HSE is calling and visiting all types of businesses, in all areas, to check the measures they’ve put in place to manage the risk from coronavirus, are in line with the current guidance. This includes businesses that have continued to operate throughout the pandemic, those that have recently reopened and those due to open in the coming weeks.

The body is continuing to work closely with local authorities, assisting them in their targeting of premises in the sectors they regulate such as hospitality and retail.

During spot checks and inspections, the HSE provides guidance and advice where required, but where businesses aren’t managing the risk, action will be taken. This can range from the provision of specific advice, issuing enforcement notices and stopping certain work practices until they are made safe. Where businesses fail to comply, this could lead to prosecution.

The COVID-secure measures businesses should have in place include:

  • Risk assessment: every workplace should have a COVID risk assessment. Update it to reflect any changes in legislation or guidance that may impact your work activity.
  • Social distancing: where possible you should keep people two metres apart. If this is not viable, keeping one metre apart with risk mitigation, such as screens, is acceptable.
  • Cleaning, hygiene and handwashing: keeping your workplace clean reduces the potential for coronavirus to spread. It is a critical part of making and keeping your business COVID-secure.
  • Ventilation and air conditioning: can help reduce the risk of spreading coronavirus.
  • Talk to workers: provide information about providing support and maintaining control measures.
  • Working from home: provide the equipment they need, keep in regular contact and discuss their wellbeing.
  • Vulnerable workers: talk to staff, provide information and consider the risk to workers who are particularly vulnerable to coronavirus – putting controls in place to reduce that risk.

Angela Storey, Director of Transformation and Operational Services at HSE, said: “As we come out of lockdown, we are continuing to work with local authorities to check businesses are COVID-secure and providing guidance and advice where needed.

“Our spot checks and inspections support the cross-government work in helping employers and employees that have worked throughout the pandemic and those returning as lockdown measures ease. All workplaces are in scope for spot checks which means businesses of any size, in any sector can receive an unannounced check from HSE or an inspection from the local authority, to check they are COVID-secure.

“If you are contacted by the HSE or your local authority, please engage with us. By checking businesses have measures in place to manage the risks, we can benefit the health of local communities as well as support the local and national UK economy.”

Further information on spot checks and inspections is available on the HSE website.

Office returns ‘feared’ by UK workers

960 640 Stuart O'Brien

More than half of British workers would be happy to never return to the office – due to fears of germs, a lack of social distancing and being in a room with lots of other people.

A study of 1,000 employees who are currently working from home found two thirds would also feel uncomfortable about going back into their workplace full time. Nearly six in 10 (56 per cent) feel anxious at the thought of being back in the office and 46 per cent are apprehensive, while 24 per cent are even feeling stressed. Other worries include lack of personal space (39 per cent), colleagues not using hand sanitiser or soap (27 per cent) and not enough communal cleaning (27 per cent).

Having to commute topped the list of anxieties (51 per cent), followed by less flexible working (43 per cent) and social distancing not being taken seriously (42 per cent). Of those polled, 28 per cent will travel to work on public transport, with 77 per cent of them being concerned about the cleanliness of the tube, bus or train.

Zac Hemming, founding director for Ice Cleaning, which commissioned the study, said: “There is clearly some fear around going back to the office after settling into working from home during this past year. Hygiene is going to be at the front of people’s minds more than ever and seemingly normal things from ‘previous’ life such as making tea rounds, sharing desks and using communal toilets might feel daunting. It’s important both employees and employers feel supported in making the journey back to the office as smooth as possible. Cleaning is going to become much more of a priority for workplaces.”

The study also found that to combat their anxieties, new habits workers vow to take on include carrying hand sanitiser (47 per cent), wearing a mask (45 per cent) and cleaning their own desk daily (41 per cent). They would also like their employer to implement sanitising pumps around the building (56 per cent). Half of those polled also want social distancing between desks (50 per cent), with four out of 10 also wanting a monthly decontamination deep clean as part of their office cleaning regime. It also emerged seven in 10 would only feel comfortable returning to work if strict cleanliness rules were in place, with a quarter (25 per cent) wanting their offices professionally cleaned daily to feel safe. And upon reflection, 45 per cent do not think their office was clean enough prior to the pandemic. But four in five generally feel safer and cleaner when working from home.

In an ideal world, employees would only be based in the office on two days out of the five-day working week, and 70 per cent only want themselves and their colleagues to return to work once they have been vaccinated.

The research, carried out via OnePoll, also found workers think it will take four weeks of being back in the office for it to feel ‘normal’ again. Until that point, workers think being in the workplace instead of their own home will seem strange (45 per cent), uncomfortable (28 per cent) and surreal (23 per cent). More than three in five also admitted they will likely struggle to get used to a new routine when they return to their place of work.

Hemming added: “After a year of working from home and adjusting to a new routine, it’s normal that people will have worries about returning to work. What’s important is giving employees the reassurance and peace of mind that this is being taken seriously, easing any concerns that people might have whilst also creating a positive, clean and safe workplace.”

TOP 40 ANXIETIES OFFICE WORKERS HAVE ABOUT RETURNING TO THEIR WORKPLACE:

  1. Having to commute there and back
    2. Less flexible working
    3. Social distancing not being taken seriously
    4. Having to get up extra early
    5. Being in a room with lots of people
    6. Getting home late
    7. Having to wear a mask
    8. Lack of personal space
    9. Having to use the office toilets
    10. Touching door handles that other people have touched
    11. Lack of fresh air e.g. windows not being open
    12. Spending money e.g. on the commute or on lunch/coffee
    13. Having to sit in traffic
    14. Having to dress presentably
    15. Face to face meetings
    16. Others not using hand sanitizer/soap
    17. Lack of communal cleaning e.g. desks not being cleaned regularly
    18. Getting on public transport
    19. Distractions from colleagues or other noise
    20. Having to share the office kitchen e.g. prepping lunch with lots of people around
    21. Unable to fit in household chores around working
    22. Unable to be home for deliveries/ post
    23. Having to start on time e.g. my set hours
    24. Unable to get as much work done as I would do at home
    25. Lack of free time to go for a walk
    26. Having to make small talk
    27. Having to sit in one place all day instead of between my sofa, my desk, my kitchen etc
    28. Being unable to listen to music or watch TV while working
    29. Having to prepare lunch e.g. take food in with me
    30. Lack of cleaning supplies e.g. anti-bac wipes
    31. Seeing less of my family/ housemates
    32. Unable to fit in exercise
    33. Having to wear shoes all day e.g. not slippers
    34. Having to use the communal printer
    35. Being uncomfortable on my office chair
    36. Lack of hand sanitizer
    37. Having to share cutlery/ mugs/ utensils
    38. Having to eat at set times
    39. Having to share stationery
    40. Having to drink the provided tea and coffee, rather than use my coffee machine at home

TOP 10 NEW RULES OFFICE WORKERS WOULD LIKE THEIR PLACE OF WORK TO IMPLEMENT:

  1. Hand sanitiser pumps around the building
    2. A daily cleaning regime including regular cleaning of desks and communal areas
    3. Social distancing between desks
    4. Providing anti-bacterial wipes
    5. Windows open or on-latch to allow fresh air
    6. Monthly decontamination deep clean
    7. Staff to wear masks
    8. Staggered start and finish times
    9. Masks provided
    10. Limited amount of people in lifts

‘Proven solution’ for planned vaccination passports already exists

960 640 Stuart O'Brien

Universal Vaccination Passport solutions will need to have both digital and physical elements or risk not being fully accessible.

That’s according to Martin Ruda, Group MD at the TALL Group of Companies, following the announcement of a number of trials of domestic and international digital solutions which are mainly focussed on proprietary apps and smart phone technology.
 
Ruda explains: “The key to having a Universal Passport Solution is that is can be used by everyone, everywhere. Existing solutions being put forward all rely on countries having digitised medical records, which many do not, and require the vaccine certificate to be accessed on a smart phone that not everyone has. Little thought has gone into having a secure physical document beyond the use of a QR code which will work equally well, if robustly encrypted, on a secure document as well as a mobile phone screen.”
 
“A successful solution will need to provide secure connectivity to a tangible, and universally accepted, document that is verified against the core authorities’ data, in our case the NHS.”
 
Ruda’s comments come as concerns are being raised in Israel, who has almost completed its vaccination programme, about the ease of getting a forged vaccine certificate. According to media reports a black market for counterfeit vaccination certificate is already thriving on Telegram, where more than 100,000 users have joined groups that offer the forgeries at a price. 
 
However, Ruda is confident that the technology needed for a strong physical solution for this already exists: “Concerns around fraudulent documentation in developing countries is commonplace, one example being the risks perceived around the forging and counterfeiting of ballot papers in national and local elections. Our secure printing solutions support the requirements of the Ugandan government to address this, and closer to home the use of encrypted QR codes protect the UK’s cheque payments industry in its move from paper to digital cheque clearing. This technology can readily be used to create a small physical vaccine passport that immutably supports and integrates with a digital solution which we have the capability to deliver.
 
“Our strategic partnership with Digital Cognate has helped us solve the issues regarding interoperability, integration and absolute trust in the digital source, as a result we are hoping to get a place at the table to discuss this with UK government and urge them not to try and reinvent the wheel. We have developed the necessary technology and it is tried and tested.”

COVID pandemic increased the importance of physical security

960 640 Stuart O'Brien

75% of security and FM professionals say the COVID pandemic increased the importance of physical security in their organisations, while 60% say they either see a need for immediate cloud-based technology upgrades or are considering it in the near future. 

That’s according to a survey conducted by Brivo from November 2020 to January 2021 among more than 500 US-based physical security and facility management professionals, exploring the physical security impacts from COVID, specifically the challenges facing organisations as they look to reopen their doors.

The survey also took a look at the technology, cloud, and data utilization trends shaping the physical security landscape for 2021.

“Property technology has evolved rapidly in the past year with a major shift in how security and facility management leaders recognize the benefits that cloud technology can provide to them,” said Steve Van Till, CEO and founder of Brivo. “Accelerated by the trend toward working offsite during the pandemic, organizations need the ability to remotely manage security and access control, and see what’s going on in real time, without being on-site. This is accomplished through the cloud.”

The pandemic put security and facility managers in the position of needing to protect health and safety in addition to their usual responsibilities for people and physical assets. Businesses with a primarily remote workforce had to monitor and manage access to empty buildings that were more vulnerable than usual. Nearly 30% of respondents said they did not have centralized security solutions in place and struggled during the pandemic to manage day-to-day operations. 

Another critical weakness for many respondents was leveraging data for physical security — 70% admitted they have problems with data, ranging from too much, too little, or a lack of understanding how to use it. Brivo recognized the need for better analytics to interpret physical security data and launched its new Data Explorer business intelligence tool last year as part of Brivo Access, its 4th generation cloud platform.

Looking ahead, the survey found that technology integrations are a key area of focus for businesses in 2021. 61% of respondents agreed that integration was the most important goal for them this year. An additional 26% indicated that it is imperative to have technology that will assist in enforcing contact tracing, social distancing, and healthy building compliance requirements. These trends will likely continue as more organizations prepare to bring employees, customers, and students back to work and school in 2021. 

“Last summer we launched Facility Safety Features to help reduce the spread of COVID. We’ve since helped more than a thousand customers with their return-to-work efforts leveraging Brivo Visitor reporting, personnel control, contact reporting and self-screening,” said Van Till. “As the hybrid work force continues to become the norm, we’re launching occupancy tracking as well so that organizations can see how space is being used and adjust their plans accordingly.”

Hosted physical security adoption given ‘major boost’ by uptake in cloud

960 640 Stuart O'Brien

New research into the impact of COVID-19 on physical security purchasing decisions has revealed a sharp increase in the necessity/urgency for businesses to adopt hosted video surveillance (VSaaS) and access control (ACaaS) solutions.

While 70% of 1000 senior decision makers in IT, security, FM and HR roles agree this to be the case, 78% also anticipate their organisations’ use of cloud technologies to increase in the future as a result of COVID-19.

The independent survey, commissioned by hosted security provider Morphean, revealed that over three-quarters (76%) of senior managers in UK, Germany and Sweden have increased their use of video conferencing (e.g. Microsoft Teams); 65% have increased their use of office applications (e.g. Microsoft 365); and 70% of those in the security sector are now strongly inclined towards cloud adoption.

51% say their company is currently using a cloud-based service for video surveillance (VSaaS) and/or access control (ACaaS). This is an increase of 3% over 2019 (48%) and broadly reflects projected growth in the physical security market from USD $93.5b in 2020 to USD $120.3b by 2025 at a CAGR of 5.2%. The accelerating adoption of hosted solutions is buoyed by its low cost set up, flexible scalability and demand for real-time and remote access to security data.

Analytics will drive adoption say 95%

For the security professional already working with cloud services, the growth in connected digital devices through the IoT is resulting in a growing appetite for physical security, such as network cameras, to enhance existing IT systems and assist business intelligence gathering. 95% agree that if an existing security system could deliver insights beyond security to assist decision making (i.e. occupancy or test and trace analytics), it would influence adoption.

82% say flexible and remote working will grow 

More flexibility in working locations is the benefit respondents are most likely to identify from moving business functions to the cloud (50%), followed by easier collaboration (44%); more cost-effective (44%); safer / better security (38%). 82% anticipate the levels/frequency of remote workers and flexible working in their organisations to be higher post-pandemic and in the longer term than they were pre-pandemic.

Security will need to be enhanced to facilitate greater flexibility in worker patterns. An access control solution which is linked to HR records, for example, can check the swipe of an access card against staff records. A staff member who is flagged as being on leave, absent or no longer employed will trigger an automated alert to the relevant personnel. Surveillance cameras also provide secondary authentication through visual clarification of an individual’s identity.

The ‘Landscape Report 2020/21: Hosted Security adoption in Europe is the third study of its kind by Morphean, and facilitates a better understanding of market trends with comparative data from 2018 and 2019. Other key findings revealed by the study include:

  • 78% anticipate organisational use of cloud technologies to increase in the future as a result of COVID-19. The security sector reflected a strong inclination towards cloud adoption (70%).
  • IT Services (52%) and Commercial Offices (49%) are the two sectors that anticipated the greatest degree of change in their organisation’s use of cloud technology.
  • 73% of managers believe their organisations are more inclined to adopt cloud as a result of their governments’ responses to COVID-19 – UK (74%), Germany (71%) and Sweden (73%).
  • 27% said physical security was optimised in their companies, a rise of 4% on 2019 (23%). The retail sector was least likely to say that physical security was optimised (19%).
  • VSaaS/ACaaS uptake shown to be more prevalent in Sweden with 59% already utilising such services, with 34% in UK and 31% in Germany considering it.

Rodrigue Zbinden, CEO of Morphean SA, said: “The results highlight a hosted physical security market that will see strong growth in 2021 as cloud applications are proven to deliver business continuity in challenging times. At the height of the lockdown, many business premises were unoccupied and potentially vulnerable, but remote monitoring and maintenance made possible by hosted security were a welcome advantage. We also saw a spike in demand for frictionless access control enabling a totally hands-free experience and negating the need for physical contact. Business leaders will now be considering the learnings from the past year and looking to apply them to boost productivity, streamline costs and make organisations more agile.

“For the physical security reseller, the study will demonstrate that hosted security solutions must play a major part in expanding their offering to a wiser customer base. Cloud-enabled physical security solutions represent an investment into improving securityand operations, a chance to forge new business relationships, and an opportunity to embrace future proof technologies in preparation for whatever challenges the future might hold.”

Easy-to-deploy thermal imaging camera systems for the fight against covid-19

960 640 Guest Blog

By FLIR

Keeping workers and customers safe from COVID-19 is an important goal for industry and government agencies during this pandemic. Most have already instituted some type of protective measure, whether it’s disinfecting equipment, encouraging hand washing, requiring six feet of distance between people, or any of the other recommendations for reducing risk.

These methods help businesses avoid unexpected shutdowns or loss of workforce due to illness. Unfortunately, none of these measures can prevent a sick person from entering a shop or building. FLIR thermal imaging cameras can be an important frontline solution by offering an easy, non-contact method of screening for elevated skin temperature.

Options for high-traffic areas

Entry screening with medical devices, such as thermometers, accurately measure body temperature but pose several challenges for high-traffic areas: individual temperature checks require time, proximity, personnel to use the device, and protective gear to keep workers and other customers safe. Thermal imaging cameras that measure skin temperature from a safe distance have less impact on throughput and serve as a preliminary screening, reducing the number of people who need direct checks with a thermometer. Only those people who appear to have an elevated skin temperature would need secondary screening with a medical device.

Building thermal into your workplace

FLIR Screen-EST™ cameras feature built-in temperature screening to measure the average skin

 temperature for people moving through your location. Based on this average, you can then see who appears to have a higher skin temperature. You can even set an audio or color alarm on the camera that will go off when the camera detects an above average temperature. From there, you will know who to check for a fever using a thermometer or other medical device.

Thermal cameras can’t diagnose fever or illness

It’s important to understand that no thermal camera can diagnose illness. They determine whether the person being screened has an above-normal skin temperature. This allows you to screen individuals quickly and determine who requires a secondary check with a medical device prior to entry.

FLIR has many resources to help you better understand thermal imaging for elevated skin temperature screening.

To learn more, go to www.flir.com/EHS.

It’s Back to Basics During Cybersecurity Awareness Month

960 640 Stuart O'Brien

By Jonathan Couch, SVP of Strategy at ThreatQuotient

This month marks the 17th year of Cyber Security Awareness Month, which focuses on helping provide individuals with resources they need to stay safer and more secure online. The COVID crisis brings added cybersecurity challenges, particularly on the “home front,” but also more opportunities for those of us who are security professionals to help raise awareness and share our expertise. 

With more people working and learning online, the attack surface for threat actors has grown significantly. Not only can they compromise systems at home, but they can use these devices to infiltrate the networks of organisations and school districts to commit cybercrime and wreak havoc. What’s more, everyone is using new applications on their laptops and phones – many of which haven’t been vetted and sanctioned by IT departments.

Organisations can’t protect individuals working “off platform” (i.e., using personal systems not provided by work). And although some students are working on laptops provided by school districts, others access school tools using family members’ devices. Because everything is virtual, they’re using learning and collaboration tools, like Canvas and Zoom, for the first time and engaging with teachers in new ways – over email and text. Clearly, the opportunities for threat actors to cause disruptions and profit have never been greater.

Most of you reading this blog are cybersecurity practitioners. Over the last few months, you’ve quickly pivoted to support your organisation’s move to a distributed work environment, and you’ve gained even more valuable knowledge in the process. You can help bridge the securitygap we’re facing between professional and personal since public resources are stretched thin to focus on productivity and learning. Let’s extend the knowledge we take for granted to family and friends and help empower them to do their part to stay more secure in this unprecedented time.

I’ve been doing this at home and with others close to me, and here are five “back to basics” security tips I’ve found especially useful to share.

  1. Strengthen passwords.Simple passwords are easy for hackers to crack, and password reuse opens the door for them to compromise additional accounts and access your confidential information. Create long and unique passphrases for each account and use multifactor authentication (MFA) wherever possible. If this starts to get cumbersome and hard to keep track of, use password managers to generate and remember different, complex passwords for each of your accounts.
  2. Update applications and systems.Technology vendors are doing their best to keep users safe, issuing patches and updates regularly. Stay current with these securitysettings by turning on automatic application updates when available. For example, with Apple, Microsoft, and Google Chrome, shutdown systems every night and enable updates when prompted. For other applications, like Zoom, which identified security problems early on and issued fixes quickly, be sure to update the client version to take advantage of the latest security updates. 
  3. Update phones and download apps from official stores.Accept the automatic system updates when prompted and keep phones plugged in and turned on at night to process updates during less busy times. Be savvy about sources that provide apps for download. Google and Apple vet applications and ensure they meet privacy and securityrequirements, so stick to apps and games available in these stores instead of downloading them from sites you don’t know, trust or haven’t interacted with before. 
  4. Use hotspots with caution. Be wary of and ask questions about hot spots, even on school property. Most attacks that use hot spots take advantage of their misconfigurations. How well are these hot spots configured and managed? Are they monitored? Are they tied into the backend school network, making them even more attractive targets for hackers? To reduce your exposure, limit the activities you engage in while using a hotspot, and completely log out when you’re done.
  5. Be alert to phishing and ransomware. Adversaries have not shown any kind of sympathy to school districts or kids. In fact, the FBI released a security alertwarning K-12 schools about the increased risk of ransomware attacks during the COVID crisis. Remind family and friends to think before they click. Hover over links to see if they resemble legitimate addresses and watch for spelling and grammatical errors and generic greetings, indicating the email is malicious. If in doubt as to the legitimacy of an email, delete it. 

A final word of advice as you help to raise awareness. Although these tips are simple and second nature to cybersecurity practitioners, trying to explain them all at once and get a family member or friend to absorb and adopt them is far from simple. I’ve found it can be more effective to share one tip at a time, keep communication lines open, and have constant conversations. And if you have kids, check in with them frequently, monitor any changes to their systems and train them to protect themselves better – don’t just do it for them. 

Take this opportunity to help family and friends become more security savvy. Believe me, you’ll be glad you did! #BeCyberSmart

  • 1
  • 2