PowerSeries Neo’s Partitioning Ability Proves Perfect as a Retail Store Solution

PowerSeries Neo is perfectly suited to a variety of environments- from new, custom and historic homes, through to small businesses and right up to larger commercial-scale installations. PowerG wireless technology ensures the highest reliability of communications is maintained while supporting multiple partitions, which is paramount to the scalability of the system.

Learn how PowerSeries Neo addresses the security needs of a family-owned grocery store chain in Kansas and Colorado.

The Challenge
The Thrifty King Grocery Store chain needed a system that could reliably handle transmitting alarm signals throughout various buildings across two states.

Thrifty King Grocery Store
The Solution
Thrifty King Grocery Store and its security systems integrator of choice, Alert Alarm Co., chose the hybrid, scalable, PowerSeries Neo security system with industry-leading PowerG technology.

Benefits

  • Quick, wireless installation with minimal disruption to buildings and day-to-day operations
  • Impressive wireless range through PowerG technology
  • Compatibility with Alarm.com for convenient status remote notification on smart devices

Tyco Security Products’ Cyber Protection Program’s Security Audit Tools Address Device Vulnerabilities

A recent analysis of Internet of Things device traffic identified various IoT connected devices that were exhibiting potentially dangerous behaviors including using plain-text HTTP protocol for authentication or firmware updates, leaving them susceptible to sniffing and man-in-the-middle attacks.

security-audit-docx

As part of its Cyber Protection Program, Tyco Security Products considers security at the beginning of the product development process resulting in features and capabilities needed to secure the product in its environment.  For example, VideoEdge NVRs provide a Security Audit page that allows integrators and end-users a single view of their security posture of the device.

The audit page is an important tool for customers, giving them visibility on all accounts with remaining default passwords, enable / disabled status of ports and protocols such as HTTP, TLS certificates, and user security configurations such as password complexity, auto logout, account lockout.

Tyco Security Products’ is committed to cybersecurity.  Our holistic Cyber Protection Program combines best practices in secure product development, testing and evaluation, rapid response to potential vulnerabilities, and configuration guidelines for compliance.

One Albert Quay, Ireland’s Smartest Building, Secured by CEM Systems’ AC2000 Access Control Solution

In 2016, One Albert Quay, located in Cork City Centre, became the new global headquarters for Tyco. Tyco, will employ over 500 people in Sourcing, Procurement, R&D, IT, Compliance, HR and Finance.

The Challenge
From construction right through to operation, One Albert Quay and Tyco needed a solution that would ensure the strictest security on the site. In addition to managing the security aspects of their global headquarters, Tyco wanted the One Albert Quay building to be a showroom for Tyco technology.

One Albert QuayBenefits
The Solution
From the construction phase of One Albert Quay through to the development and opening of this smart building, CEM Systems provided a range of security technologies that go beyond access control to ensure the highest levels of security, safety and convenience for all employees.

CEM Systems’ AC2000 is deployed as access control for the entire One Albert Quay building, used by all tenants including Tyco. AC2000 combined with emerald intelligent access terminals in the lobby area and throughout the offices provides the highest levels of access control and helps improve operational efficiency with a range of built-in features including VoIP intercom, Time & Attendance, room booking, advertising display and many more.

AC2000 Ablbert Quay
Benefits
  • Improved staff safety with emerald Checklist feature promoting Environmental H&S policies during the construction phase
  • Increased security in high security areas with biometric verification
  • Improved operational efficiency with emerald remote applications, built in audio intercom and room booking
  • Improved user experience with AC2000 integrations to car park access and smart buttonless lift system

Read the entire case study.

Contact our sales team to learn more about how to utilize our solution for your environment.

Competing hackers dampen the power of Mirai botnets

In a recent article published by PC World, the malware behind last month’s distributed denial-of-service attacks is losing its potency as hackers compete for control of IoT devices. As we reported in a recent Tyco Security Products Security Advisory, be sure to disable remote access if it’s not critical, change the password to a complex password, and reboot the device.  Be sure to complete these steps in this order rather than reboot it first – as this article states, competing hackers are quickly re-infecting the devices, sometimes within 30 seconds of the device being rebooted and going back online.  (Read the Article)

Cyber Security

Sign up to receive Tyco Security Products Cyber Security Advisories and read about other cyber security best practices on our Cyber Protection webpage.

Many Cyber Attacks Are Preventable

In a recent article published by eSecurity Planet, 43 percent of IT professionals admit that cyber-attacks could be prevented with better policies around potential vulnerabilities such as weak passwords; 58 percent prioritize heightened capabilities in perimeter-based controls such as ensuring that devices are properly configured and are running the most up-to-date software. (Read the Article)

cyber awareness

Tyco Security Products has developed a Six Part Approach to Cyber Protection of Physical Security Products. Read about it and other cyber security best practices on our Cyber Protection webpage and sign up to receive cyber security advisories.

Learn about wireless protocols for building automation and security at ISC East

Tyco Security Products has teamed up with SIA Education @ ISC East to offer a free education session for attendees at the ISC East show in New York, November 16-17. The session qualifies for CE hours with many relevant industry bodies.

This will be an informative session to provide a basic understanding of the wireless protocols most commonly used in today’s smart buildings and homes. It will focus on the main open protocols and PowerG as an example of a proprietary protocol.

Attendees will gain an understanding of:

  • The importance of the wireless protocol when planning a building automation and/or security & safety installation
  • The main applicable network topologies
  • An overview of each of the main wireless protocols used in building automation and building security, and their key applications
  • The key considerations for building automation and security & safety
  • Relative performance of each of the wireless protocols across key aspects of building automation and security
  • Options for leveraging the different wireless protocols according to the primary application(s)

ISC East 2016 Banner

If you’ll be at the ISC East show, be sure to join the class and boost your knowledge of wireless protocols.

Register

The wireless protocols education session qualifies for CE hours with:

  • ALOA – Education Credits (AEU)
  • ASIS – Continuing Professional Education Credits (CPE)
  • NICET- Continuing Professional Development Points (CPD)

And, don’t forget to stop by the following Tyco Security Products booths at ISC East:

ISC East 2016
Javits Center North
655 West 34th Street
New York, NY

Kiwanis Village Lodge Migrates to Kantech Security Solution

The Challenge
Kiwanis Village Lodge had an imminent need to migrate to an IP-based security system as it’s door controllers were non-functioning and legacy system was no longer serviceable by the manufacturer.

Kiwanis Village Lodge

The Solution
Kiwanis selected Kantech EntraPass Corporate Edition and KT-1 Ethernet-Ready door controllers to protect its seniors and secure its campus.

Benefits
  • Intuitive User Interface provides ease of use for both security and non-security personnel
  • Reduced expenses by utilizing existing hardware and infrastructure
  • Single button enrollment reduced installation time
  • Quick and easy installation limited system downtime
  • Easily managed access rights to doors for more streamlined management
  • Scalability extends the reach of EntraPass for future expansion

Smart Card Considerations Revealed

With the threat of card cloning and door controller interceptions ever increasing, the industry recommendation is to use smart cards to secure credentials; but for many companies the move is daunting. For small companies the concerns are about cost, knowledge and selecting the best solution to meet their needs. Larger companies will have the additional concern of scale and how they physically manage the migration process and roll out of the new smart cards; especially if multiple sites and systems are deployed globally.

CEM Systems

There are four major factors for companies to consider:

1. COST
While cost was a prohibitive factor in the beginning, we are now starting to see this change. The industry’s drive towards more secure technologies with multiple layers of encryption is pushing the cost of smart cards down. This not only offers a future proof technology platform for access control and other business functions but immediately protects against the growing threat of authentication breaches.

2. SECURITY
Although smart cards typically offer strong layers of security, companies must consider the entire security of their smart card solution from the credential right down to the reader level at the door. It is no good having a highly encrypted smart card when the card number is easily played back across a vulnerable Wiegand interface from a third party reader at the door. The communication channel between the card reader and controller must be secure. This can be achieved using secure RS485 communication protocol, as well as industry standard Open Supervised Device Protocol (OSDP), which also means customers are not tied to one manufacturer.

3. COMPATIBILITY
Think about more than just the physical security of your building or site. Ask yourself “Is this smart card technology compatible with my existing security systems, products and technology?” Choosing the right smart card solution is definitely not clear cut.

For example at some large organisations not all sites will have access control readers from the same manufacturer and crucially not all manufacturers can read from an encrypted area of a smart card. Every company has different challenges and questions such as “Can I integrate with other products using the new cards?” and ‘Will my secure card work with my other business systems?”. These are just some of the important questions you need to ask yourself and your solutions provider before choosing your smart card.

4. KEY MANAGEMENT
Ok, so you have chosen the smart card technology and solution that is right for your business. The next consideration is whether you should manage your own smart card keys? You can buy blank smart cards and self-manage your own keys or you can opt for pre-personalised smart cards from the manufacturer. Again there is no one size fits all answer here. The pros and cons need analysed depending on your business and resources. Carefully look at resources needed for self-key management, as well as the security considerations of storing your keys on site. For some projects the cost of managing their own cards could far outweigh any other cost savings made.

Other technical considerations also need to be made, for example do you want your solution to read the Unique Identifier (UID) of the cards or the Private Secure Number (PSN) and should you use diversified keys or static keys?

There are many benefits of opting for smart cards already pre-personalised. It’s the manufacturer who takes responsibility for ensuring compatibility of smart cards with third party readers and other security systems. They manage the key security and storage securely offsite and they absorb the costs associated with smart card key management – including the sourcing of NDA’s (Non-Disclosure Agreements) from external system providers.

In many cases however organizations consider control of their own keys for physical access control and other applications an essential element to security. If you do decide that user defined personalisation is the way to go, then speak to your manufacturer to see if they support you buying your own blank smart cards and if the cards are compatible with their products. Also ask your security manufacturer if they have a software utility or application within their security management system that enables you to create your own encrypted keysets in a manageable, intuitive and step-by-step way. This very often will eradicate any pitfalls of smart card encryption and transition.

National Cyber Security Awareness Month

October was National Cyber Security Awareness Month. As a trusted global leader, Tyco Security Products has developed a Cyber Protection Program and dedicated cyber protection team to lead the way in identifying, informing and developing cyber secure physical security products.

cyber awareness month_Future-threats

 

In case you missed any of our resources, here they are again:

Follow us to engage in the cyber security conversation and learn more about Tyco Security Products cyber protection program.

Distributed Denial of Service

If you were not already familiar with the term Distributed Denial of Service (DDoS), then over the past several weeks you probably have become aware of it through various news articles.

A few key points in the media about the DDoS attacks:

  • Some of the largest DDoS attacks ever launched[1] in late September
  • Release of the Mirai source code used to create the DDoS attacks in early October[2]
  • Growth of devices infected by Mirai malware is growing from 213,000 to 493,000, by mid-October[3]
  • Twitter, Netflix and PayPal and many popular site being unreachable for part of Friday as a result of a new DDoS attack[4]

Were Tyco Products Affected?
These attacks are of special interest for companies such as Johnson Controls because they were launched from botnets composed of “Internet of Things” (IoT) devices, such as CCTV video cameras and digital video recorders[5]There is no indication that any Tyco Security Products devices were involved in these attacks.

  • Illustra cameras are designed to prevent user access to the camera’s operating system and as a result of that decision: telnet is not available on any Illustra camera model.
  • VideoEdge NVRs do not support telnet. Also, all known botnet scanners look for a different version of Linux than used on VideoEdge.
  • iSTAR controllers do not support any remote access protocol and will not be detected by the malicious scanners.
  • DCM controllers, AC200 (RTC) Ethernet Controller and Emerald Intelligent, multi-function access terminals do not support Telnet
  • exacqVision network video recorders and video management system (VMS) software has SSH disabled making it unaffected.
  • Kantech  access control system also remains unaffected.
  • Applications such as AC2000, C•CURE 9000 and victor are not affected. These applications also do not require remote access protocols.

Background: What are Distributed Denial of Service Attacks?
If you are not familiar with a Distributed Denial of Service (DDoS) attack, it is an Internet attack, which typically targets websites in an attempt to bring down the site so that it is inaccessible to other Internet users.  It is a common tactic for activists and groups looking to suppress information or as a form of extortion; demanding money from the victim to cease to attack.  These attacks work by flooding the target website with large amounts of data, or requests for data, that use up a website’s resources. With a small attack, the site may appear to be slow, but large attacks can bring down a website making it inaccessible.

What is a botnet?
These recent attacks have used a ‘botnet’, or a network of devices, infected with malware. The attacker is able to remotely control the device. The owner of the device will not know it has been infected because the malware does not affect the devices normal operation.

This malware is only able to be loaded onto the device if it has a remote protocol such as telnet or SSH enabled on the device. Telnet and SSH are common among physical security products and devices with the protocols enabled will be detected by the scanner.  The Mirai malware uses a table of common factory default usernames and passwords to log into devices.

Recommendations for Installers and End Users
If you have a device which is using the default password and a remote access protocol enabled, you are at risk. To prevent your device from becoming a bot, you should immediately:

  • Disable remote access if it is not required.
  • Reboot the device. This does not have to be a factory reset, just turning the power off, wait a minute and turning it back on is sufficient
  • Change the password to a complex password. If you do not change the password or have a device that doesn’t allow you to change the password, you run the risk of becoming infected.

Again , the following Tyco Security Product devices are not affected:

  • Illustra Cameras
  • VideoEdge NVRs
  • iSTAR
  • DCM
  • AC2000 RTC Controllers
  • Emerald Intelligent Access Terminals

Sign Up to Receive Security Advisories
Tyco Security Products dedicated Cyber Response Team generates notices, typically within 24 hours, advising which products, if any, might be vulnerable along with mitigation steps. If it’s a critical security vulnerability, the team will develop, test and release patches to resolve issues.  Sign up to receive security advisories and access compliance guidelines. 


Sources:

[1] Wall Street Journal Sept 30th 2016 Hackers Infect Army of Cameras DVRs for Massive Internet Attacks http://www.wsj.com/articles/hackers-infect-army-of-cameras-dvrs-for-massive-internet-attacks-1475179428

[2] Wall Street Journal October 5th 2016 Hackers Release Botnet Code, Raising Specter of More Attacks ttp://www.wsj.com/articles/hackers-release-botnet-code-raising-specter-of-more-attacks-1475677667

[3] PC World October 18,th 2016 Hackers create more IoT botnets with Mirai source code http://www.pcworld.com/article/3132571/hackers-create-more-iot-botnets-with-mirai-source-code.html

[4] Wall Street Journal October 21st 2016 Cyberattack Knocks Out Access to Websites http://www.wsj.com/articles/denial-of-service-web-attack-affects-amazon-twitter-others-1477056080

[5] Krebs on Security October 21, 2016 Hacked Cameras, DVRs Powered Today’s Massive Internet Outage  https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage/#more-36754