Tag Archives: security

High-end Multi-zone London Development Chooses Tyco Security Products’ C•CURE 9000 Security and Event Management System

The Challenge
The new Ludgate site, a high-end central London multi-zone development,  required a new integrated security solution. Systems such as video surveillance, access control and video door intercoms combining to create a total security solution using a single interface.

New Ludwig
The Solution
Together, Universal Security Systems and Land Securities chose Tyco Security Products’ C•CURE 9000 Security and Event Management system to unite the New Ludgate buildings’ management, access control and video surveillance systems for comprehensive management of the site’s physical security.

Benefits
  • Rich integration with victor Unifying Client improved – access, video, and intrusion
  • Single server for managing security and events for video, access control, intrusion, central station, fire, real-time location, and other supported systems
  • Visitor management web portal for appointment management that expedites the visitor check-in/out process at the front desk
  • Conditional Access and Dynamic Area Management for areas needing supervised entry and occupancy for increased security
  • Enterprise multi-version software upgrades remain operational while progressively upgrading each server node without needing to take an entire system out of service
  • Event linking and cross-product association for event activations across dispersed security systems with associated time-synchronized video

Tyco Security Products’ Cyber Protection Program’s Security Audit Tools Address Device Vulnerabilities

A recent analysis of Internet of Things device traffic identified various IoT connected devices that were exhibiting potentially dangerous behaviors including using plain-text HTTP protocol for authentication or firmware updates, leaving them susceptible to sniffing and man-in-the-middle attacks.

security-audit-docx

As part of its Cyber Protection Program, Tyco Security Products considers security at the beginning of the product development process resulting in features and capabilities needed to secure the product in its environment.  For example, VideoEdge NVRs provide a Security Audit page that allows integrators and end-users a single view of their security posture of the device.

The audit page is an important tool for customers, giving them visibility on all accounts with remaining default passwords, enable / disabled status of ports and protocols such as HTTP, TLS certificates, and user security configurations such as password complexity, auto logout, account lockout.

Tyco Security Products’ is committed to cybersecurity.  Our holistic Cyber Protection Program combines best practices in secure product development, testing and evaluation, rapid response to potential vulnerabilities, and configuration guidelines for compliance.

Kiwanis Village Lodge Migrates to Kantech Security Solution

The Challenge
Kiwanis Village Lodge had an imminent need to migrate to an IP-based security system as it’s door controllers were non-functioning and legacy system was no longer serviceable by the manufacturer.

Kiwanis Village Lodge

The Solution
Kiwanis selected Kantech EntraPass Corporate Edition and KT-1 Ethernet-Ready door controllers to protect its seniors and secure its campus.

Benefits
  • Intuitive User Interface provides ease of use for both security and non-security personnel
  • Reduced expenses by utilizing existing hardware and infrastructure
  • Single button enrollment reduced installation time
  • Quick and easy installation limited system downtime
  • Easily managed access rights to doors for more streamlined management
  • Scalability extends the reach of EntraPass for future expansion

National Cyber Security Awareness Month

October was National Cyber Security Awareness Month. As a trusted global leader, Tyco Security Products has developed a Cyber Protection Program and dedicated cyber protection team to lead the way in identifying, informing and developing cyber secure physical security products.

cyber awareness month_Future-threats

 

In case you missed any of our resources, here they are again:

Follow us to engage in the cyber security conversation and learn more about Tyco Security Products cyber protection program.

Cyber Security Assessment

Today’s businesses are faced with unprecedented threats from sabotage, theft of intellectual property and compromised sensitive data. Have you considered how your physical security products affect your cyber security?

TSP Cyber Protection Program Flowchart

 

Take a look at our infographic and assessment quiz to see if you are asking the right questions and taking the next step to be cyber secure.

Access the InfographicTake the Assessment Quiz
Learn more about Tyco’s industry-leading Cyber Protection Program.

Cyber Security Language

Security breaches are in the news today more than ever before. Security integrators and security officers must work with IT departments to ensure the physical security system is successfully deployed, maintained and upgraded on the network with minimal impact and without compromising network security.

cyber crime

To create a complete cyber secure environment, IT and security departments must effectively work together. However, physical security and IT often use the same words to mean different things – resulting in everyone being confused. Sometimes security integrators and security officers even avoid the IT department due to the misunderstanding.

For example, IP may mean intellectual property to a corporate security officer but internet protocol to IT security professionals. Or perimeter may mean the exterior building wall to the security officer and network connection to the outside to the IT professional.

To make sure all departments are speaking the same, common language, we suggest developing a list of terminology definitions that everyone can use.

Terms to be Clearly Defined:

  • IP
  • CredentialsTyco Security Products Cyber Protection Program
  • Key
  • Patch
  • Firewall
  • Vulnerability
  • Social engineering
  • Perimeter
  • Intrusion detection
  • Bandwidth
  • Directory
  • Security logs
  • Revocation
  • Signature

Having a common subset of terms will help you understand how to ask the right questions and quickly comprehend the answers. After establishing your company common language, clearly explain the information you need from IT to be able to define the network and security requirements.

Learn more about the Tyco Security Products Cyber Protection program.

Cyber Protection Program – Security Features

What Comes After Device Hardening?

It’s common knowledge that encrypted communication and other device hardening features are necessary for cybersecurity, but it’s vitally important to think beyond hardening.  Now that the security industry has adopted IP technology, manufacturers and integrators must consider not only the security operator’s needs, but also those of the IT manager.

An unsecured device can be the target of a cyber attack that might affect the entire network. While IT managers in government agencies, utilities, transportation, retail operations and financial enterprises are most acutely aware of the dire consequences of a successful hack, IT managers in all sectors are demanding security measures that go well beyond hardening before accepting devices onto their networks.

Here are four features that Tyco Security Products offers to achieve network acceptance for our Software House C•CURE 9000 Access Control Systems and American Dynamics victor Unified Video Management Systems that incorporate iSTAR controllers:

 

  1. Archive and Failover featuresto ensure continual operation and fast recovery

 

  1. LDAP Support to manage credentials.

 

  1. FIPS 140-2, Level 2, end-to-end validated encryption

 

  1. Network Storm Protection that ensures an iSTAR controller continues to operate during a denial of service attack.

 

Not every industry or enterprise requires the same security features for network acceptance. Our application specialists are available to advise which features are relevant to a specific application.

Learn more about our Cyber Protection Program and how we’re working to protect our physical security products from attacks, damage, disruptions and misuse.

Tyco Security Products’ Connected Partner Program welcomes victor and EntraPass

Tyco Security Products adds American Dynamics victor video management system software and Kantech EntraPass access control system and Hatrix managed access control system to its Connected Partner Program.

Connected Partner Program

This program gives third-party technology partners including access control, alarm/intrusion, building management, elevator, emergency communication and RFID the opportunity to integrate with our security solutions. Our robust integration development packages, including software, documentation, sample codes and engineering support time, offer partners the tools to achieve a direct integration.

Benefits of partnering with Tyco Security Products through the Connected Partner Program:

  • Provide a unified solution to your customers and increase your business potential
  • Access to Tyco Security Products fully equipped labs
  • Easily complete the self-certification process
  • Support from dedicated Connected Partner Program, technical and engineering teams
  • Access the development system from anywhere with a remote login [Kantech only]

View the current victor integrations. Interested third-party partners can submit an online interest form.

Get started today!

If you have questions regarding the Connected Partner Program, contact us at tspconnect@tycoint.com.

Kantech EntraPass 7.0 Integrates With ASSA ABLOY Aperio Wireless Locks

EntraPass Security Software integrates with ASSA ABLOY Aperio wireless lock technology giving you the flexibility to expand your access control system to almost every opening in your facility. These locks become part of the EntraPass security software ecosystem and can be managed from the EntraPass interface for a unified security management experience. This means that locks can be part of the events, reports, maps, and more that are core to the everyday security management with EntraPass software.

Assa Abloy

The access control decisions on these locks are made by the state-of-the-art and reliable Kantech KT-1-M and KT-400 controllers. The Aperio wireless locks on these controllers can be added without taking the current door ports away, meaning the wireless locks can be added to the controllers incrementally simply by purchasing the appropriate software license. The locks communicate wirelessly with the Aperio hub which is hard-wired to the Kantech controller. The wireless communication between the hub and the locks is protected with 128-bit AES encryption for the most secure communication. Online transactions mean that EntraPass is updated in real-time, providing a high level of control and visibility of door actions.

With no need for additional wiring, ASSA ABLOY Aperio locks can be installed or retrofitted at existing facilities with little or no operational disruption. The locks come in a variety of form factors that accommodate a wide range of interior environments including mortise, cylindrical, and exit devices for standard doors and an electronic cylinder that replaces a traditional mechanical keyed cylinder. Aperio technology is also available in a wireless cabinet lock format which can be used for cabinets, lockers, and drawers. This is ideal in healthcare facilities for storing equipment, drugs, patient files, and valuables. And, there’s even a model for server racks which greatly improves the monitoring and security level of data centers.

  • Real-time communication with Kantech KT-1-M and KT-400 door controllers using the ASSA ABLOY Aperio hub, and EntraPass security software
  • Convenient and easy to integrate with new and existing EntraPass installations
  • Utilizes low-power IEEE 802.15.4 and secure 128-bit AES encrypted wireless communication between the Aperio lock and hub
  • Real-time reporting such as card access transactions, door status, low battery and tamper alarm monitoring
  • Locks built on a robust Grade 1 mechanical platform for durability

Responding Rapidly to Security Vulnerabilities

While hardening is important, it does not guarantee that the device you install today will be secure tomorrow. Potential problems can lie dormant for years and then provide easy access for hackers when uncovered. For example, Shellshock was actually introduced as a product feature in 1989. Its vulnerability existed undetected in numerous products — including “hardened” versions of Linux and Unix operating systems — for 25 years. But within a single day of the vulnerability announcement in 2014, hackers reportedly were taking advantage of this critical bug.

At Tyco Security Products, we understand that a vulnerability discovered in one of our security products could potentially put your entire business at risk. That’s why we’ve put a team and process in place designed to deliver a fast, actionable response to help protect your investments from harm.

Our Cyber Protection Team continuously monitors for vulnerabilities using multiple resources. When a new bug is discovered, the Cyber Protection Team and key product engineers work quickly to tackle and resolve security concerns before they become critical to your operation.

This dedicated response enables us to create a security advisory, typically within 24 hours. The notification includes information about which products are vulnerable along with mitigation steps. It also lists products that we have confirmed are not vulnerable for greater peace of mind.

In the case of significant vulnerabilities, advisories are updated as needed until the issues are resolved. Quality engineers ensure that software patches are fully tested and validated. While we cannot predict how long it will take to resolve an issue, it took the team just two weeks to deliver patches for ShellShock and Heartbleed, both critical vulnerabilities.

BugHeart

Learn more about our Cyber Protection Program and how we’re working to protect our physical security products from attacks, damages, disruptions and misuse. You can also sign up to receive security advisories.