• Covid-19 – click here for the latest updates from Forum Events & Media Group Ltd

Posts Tagged :

Infrastructure

ASSA ABLOY rolls out digital access management for critical infrastructure

960 640 Stuart O'Brien

ASSA ABLOY Global Solutions has launched CIPE Manager, a new access management solution for critical infrastructure protection.

CIPE Manager allows organisations to manage all their keys, locks and access rights from any location, with a cloud-based management system. CIPE Manager connects with every locking solution in the Digital portfolio for Critical Infrastructure Protection by ASSA ABLOY Global Solutions.

These currently include the keyless ABLOY BEAT, the electromechanical PROTEC2 CLIQ, as well as the high-security mechanical ABLOY master key systems.

Mervi Hiltunen, Business Development and Solutions Director, ABLOY Critical Infrastructure, said: “The digitalization in access management continues to move businesses towards more cloud-based applications. A survey conducted by IFSEC Global and ASSA ABLOY in October 2020 indicated that while 65% are still using localised, internal servers to manage their systems, 35% of end-users have already moved to cloud-based software. This development is also seen with wireless access control going beyond the buildings and is reflected in our customers’ needs for secure and comprehensive cloud-based management solutions for infrastructure and asset protection.”

CIPE Manager is designed for day-to-day operational use by security, operations and facility management who control and manage access rights to their organisations’ critical infrastructure sites and facilities. Typical sectors include energy, water, telecom, oil, gas and rail, ports and airports.

CIPE Manager includes a highly visual map-based user interface that provides a clear overview on the variety of locking points. With CIPE Manager the user can connect the organisation’s mechanical, electromechanical and keyless locking solutions in ASSA ABLOY Global Solutions’ digital portfolio for critical infrastructure into the same system. This allows extensive situational awareness and efficient access and key management.

The user interface is browser-based, allowing the management of keys, locks, and access rights remotely from any location with most mobile devices or desktop computers.

The administrator using CIPE Manager can grant and revoke access permissions to people according to their roles, e.g. job task or organisation. In addition to easy access management, the solution offers extended reporting and tracking features with full audit trail data.

Hiltunen added: “CIPE Manager provides digital convenience, control and security that simplifies managing daily processes, adding operational efficiency and complete situational awareness. With this new addition to our digital portfolio, we now offer complete protection for our customers’ entire critical infrastructure requiring mechanical, electromechanical and keyless access solutions. I’m excited to see the possibilities CIPE Manager has for extending our capability to become the preferred infrastructure access management provider for our customers.”

CIPE Manager is licensed and delivered to customers as a SaaS (Software as a service) solution, continuously updated and supported by ASSA ABLOY and ABLOY Critical Infrastructure teams.

Providing The Keys to The Smart City

960 640 Stuart O'Brien

 Sean Wray, VP NA Government Programs, Certes Networks

Smart cities seem inevitable. According to IDC, Smart City initiatives attracted technology investments of more than $81 billion globally in 2018, and spending is estimated to grow to $158 billion in 2022. Similarly, in 2018, the number of major metropolitan cities relying on or developing a comprehensive smart city plan – as opposed to implementing a few innovative projects without an overall smart plan – dramatically increased. 

In the US, for example cities like Philadelphia, Newark and Chicago all have goals to upgrade and to become leading ‘SMART’ cities, while UK innovation is being spearheaded by major conurbations such as Bristol, London and Manchester.

A significant investment is being made by cities in data connectivity providing a number of new technologies such as Wi-Fi 6, smart grid, and IoT sensor devices, all promising to enhance overall visibility and security. However, as we extend the reach of technology and connectivity, there will increasingly be cyber-risks to take into account. As part of their transformation, smart cities serve as a technology hub and gateway to major institutions such as banks, hospitals, universities, law enforcement agencies, and utilities. This means the storage and transmission of customer data such as social security numbers, addresses, credit card information, and other sensitive data, is a potential goldmine for malicious actors. Not to mention an increasing number of projects monitoring roads, traffic, traffic light and metro services, all of which must be kept secure from threats at all times.

Security Challenges

When connectivity and innovation meet such large city infrastructures, they immediately become vulnerable to cyber threats from malicious actors waiting to bring all that hard work to a standstill. And, the routes in are manifold. 

We are increasingly dealing with connected versions of devices that have existed for a long time, such as CCTV cameras, and as a consequence, digital security is not very often incorporated into their designs.

In addition, cybersecurity will have to extend far past personal, or internal corporate networks, to encompass far-ranging technological protection for vast city networks at a scale and a pace many are struggling to respond to.

Moreover, the sheer volume of data being collected and transmitted across a multi-user network, with numerous locations, can be extremely challenging to protect. London’s City Hall Datastore, for example, holds over 700 sets of big data that helps address urban challenges and improve public services, and the rise in cashless payment methods for transport.

It is the complexity that the above factors represent that often overwhelms a network security team’s ability to ensure sensitive data is protected with encryption, especially when network infrastructures can be constructed using different vendor technology, many of whom do not provide strong encryption. This also includes many municipalities who have older Legacy, third party or disaggregated networks.

It is therefore not a matter of if but when sensitive data may fall into the wrong hands. Network security teams have to ensure that any data breach must be detected immediately before the infection spreads from network system to network system, potentially shutting off critical services for thousands of companies, notwithstanding for those who reside in the City itself.

Providing the Keys

Choosing the right encryption solution is critical and can be key in mitigating damage caused by a data breach. Most cities find implementing these solutions disruptive and complex, especially for organisations that operate large and diverse networks. For example, manual configuration of encryption can lead to human error unknowingly exposing risk and managing multiple vendors can be burdensome and inefficient. Most importantly, network visibility is lost with many encryption solutions, which is a significant issue as it reduces the ability for security teams to detect and thwart malicious actors and cyber threats. 

The vulnerabilities and threats associated with trying to protect large volumes of data moving across a vast multi-user network involves a security strategy that is simple, scalable and uncomplicated in order to avoid any disruption of critical infrastructure services provided to businesses or citizens, not to mention be compliant with governmental cybersecurity regulations and / or code of practices

Whereas traditional Layer 2 & 3 encryption methods are often disruptive and complex, a Layer 4 solution enables encryption of data in transit independent of network applications and without having to move, replace or disrupt the network infrastructure. This is a significant savings in resources, time and budget.

In addition, network blind spots due to problems, outages, and cyber-criminals using encryption to conceal malware, increase network security risk and are potential regulatory compliance issues. According to a recent survey from Vanson Bourne, roughly two-thirds, or 67 percent, of organisations say that network blind spots are one of the biggest challenges they face when trying to protect their data.

With network monitoring one of the strongest defences against blind spots, Layer 4 encryption and encryption management tools offer network visibility by keeping a close and constant eye on network traffic. Network visibility tools allows existing applications and net performance tools to work after encryption is turned on without blinding the network.

Finally, adding in network observability allows smart cities to analyse and gain deeper understanding of network policy deployment and policy enforcement by scrutinising every application that tries to communicate across the network, all the while monitoring pathways for potential threats now that each policy is observable in real-time.

Conclusion

For organisations and teams tasked with implementing smart technology in residential, commercial and public spaces, plans on how to do so will have to be part of the design and planning stage – including how we securely implement and maintain these smart spaces. It is integral that all connected aspects of smart cities have undergone extensive planning and designing, with a smart city architecture for service key management at the core. Defining standards and enforceable policies that can be analysed to help identify network vulnerabilities and thwart potential threats is critical.

Providing better technology is an ever-evolving, fast-paced race and caution should be given to those cities who move so fast that they risk building an infrastructure without equally giving precedence to the protection of data of those who work and live in their city.

FLIR’s FC-Series ID proves to be ‘best-in-class’…

800 450 Jack Wynn
Founded in 1978, FLIR Systems, Inc. develops, designs, markets, manufactures and distributes technologies that enhance perception and awareness – creating its thermal intrusion business 12 years ago which continues to lead the market with a wide range of advanced systems and components. Its new addition, FLIR FC-Series ID, combines best-in-class thermal image detail and high-performance edge perimeter analytics in a single device that delivers optimal intrusion detection in extreme conditions and challenging environments. Capable of classifying human or vehicular intrusions, FC-Series ID cameras provide reliable detection without the need for human intervention, as well as:
  • Allowing analytics in corridor mode, reducing the number of cameras and improving the total cost of ownership.
  • Superior image quality in low-contrast conditions.
  • High performance optics to deliver crisp and clean thermal video.
  • A choice of lenses from 44 degrees (13mm) to 8 (VGA) degrees (75mm) to suit any perimeter or open area.
  • High analytic ranges to reduce the number of cameras and total cost of ownership (TCO).
FLIR also offers a complete line of video management solutions with its United VMS product family. Coupled with high-end motorised IP cameras, FLIR provides the freedom to choose between end-to-end turnkey solutions and ‘best of breed’ approach, utilising its open platform infrastructure and customised applications.   Learn more about FLIR Systems products here