Retailers and loss prevention practitioners face an extremely difficult job: balancing the need to protect assets, employees, and customers without disrupting the overall customer experience. In a retail landscape where customer satisfaction is paramount, security measures must be effective yet unobtrusive.

The challenge is that retailers face several significant security threats that show no signs of disappearing. This includes theft due to shoplifting or organized retail crime, active shooters and shrinkage due to internal threat. According to the National Retail Federation Retail Security Survey 2023, retailers reported $112 billion in losses and the shrink rate is only increasing each year.

With this in mind, what are some of the emerging security solutions that retailers can invest in that go beyond the traditional surveillance and access control systems to enhance security?

Mobile surveillance systems
One of the most important technologies in a retail setting is the surveillance system, which provides real time and recorded data on activities within a store and along the perimeter enabling loss prevention experts to detect shoplifters and manager slip and falls. Retailers can take surveillance a step further with the addition of mobile surveillance units, which are becoming a common sight in retail parking lots. These units can serve as a visible deterrent to would-be thieves and provide much needed surveillance coverage in expansive parking lots where cameras might not be able to be located otherwise.

Video analytics
Data is paramount in retail settings and this is especially true when it comes to understanding and monitoring customer behavior. Inside the store, loss prevention experts can leverage advanced video analytics to track suspicious behavior in real time. This can include tracking a customer who is spending a significant amount of time in a particular area prone to shoplifting, such as health and beauty departments, or by monitoring an individual with a backpack. Analytics can also be used to quickly identify a large group of people or to actively track an individual as that person moves throughout the store, enabling security teams to monitor both customers and employees for signs of theft or misconduct.

License plate recognition technology
To add an additional layer of security, loss prevention professionals are investing in license plate recognition systems to identify and then track known offenders before they even enter the store. By building databases of repeat offenders, retailers can proactively identify potential threats before an individual or group of individuals enter the store. This can enable the retail security team to take action early by monitoring those individuals more closely as they enter the store.

Facial recognition technology
Along the same lines of license plate recognition (LPR) technology, facial recognition technology allows retailers to identify individuals with a history of theft or other crimes. Some retailers are using this technology to identify known offenders before they enter the store so that security can directly greet them, sending a clear message that they are being watched without causing alarm to other customers. This proactive approach can help deter potential theft incidents before they happen.

In this rapidly evolving landscape, a proactive, technology driven approach is key to maintain security and boost customer confidence. By leveraging advanced technology solutions like license plate recognition, facial recognition, mobile surveillance, and video analytics, loss prevention practitioners can address the pressing challenges of theft, shrinkage and other crime activities with minimal impact on the in-store experience for customers.

Each year an average of $3 billion is spent to improve security measures in schools in the United States. As a result, school districts have implemented a variety of technologies, from surveillance cameras building wide, access control systems to manage the flow of staff and visitors, and  gunshot detection technology – all in an effort to protect students and staff while also keeping individuals that might have bad intentions out.

However, designing a security solution for a K through 12 environment is vastly different from designing a system for a commercial office space, healthcare facility or retail environment. Here are three things to keep in mind  for security in K through 12 educational settings.

Install technology that support policy and procedures
The blueprint for a school security system needs to first start with security policies and procedures. For example, how are visitors in a school treated? Do they need to check in with the front office and so they can be given a temporary access control credential? How are emergencies handled building wide? Does an announcement need to be made on an intercom system or does the building need to go into lockdown mode to protect everyone within the building?

Understanding this information enables the security systems integrator to work closely with the school security director and school administration to select technologies that directly support the security plan. The biggest mistake many people make is specifying technology without fully understanding how it is going to be used.

Is the system scalable?
In a perfect world, a school district would be able to deploy a full-scale security project without having to take cost into consideration. However, budget restrictions often determine which security technologies can be implemented today and what improvements can be made the next year and the year after that.

This is why it’s important to implement solutions that can easily be scaled and integrated with other technologies in the future as needs evolve, whether there’s a building expansion or an increase in funding for additional technologies. The last thing a school district wants to find out is that the access control system that has been installed is limited on the number of doors it can manage or that a video management system has maxed out on the number of cameras it can support.

Emergency notification systems remain a priority
One critically important tool for K through 12 schools is an emergency notification system or voice evacuation system. However, when implementing an emergency notification or voice evacuation system the foundation for these types of systems should be based on standards, such as NFPA 3000 Partner Alliance for Safer Schools (PASS). Both of these standards provide design and policy guidance relating to emergency notification systems.

Taking this approach ensures that these systems maintain a level of integrity and functionality in the event of an emergency. Once the foundation for an emergency notification system is in place, additional solutions can be added on top, such direct email communication capabilities.

Protecting students and staff in school settings continues to be an ongoing challenge, especially as school administrators balance keeping school environments welcoming yet safe. By remembering to review policy and procedures, planning for future scalability and using standards as the foundation for an emergency notification system, schools can help make sure the systems being installed support the overall security plan.

The world of supply chain management continues to be a challenge. While many security device manufacturers now strive to provide more precise delivery dates, a welcome change from the ambiguous estimations of the past, the supply chain issues are far from resolved. Price fluctuations, product availability and providing accurate project completion timelines continue to be an issue especially when key product and component availability remains uncertain.

Here are four key areas where end user customers can closely collaborate with their systems integrator partner to overcome these obstacles.

Embrace substitution and adaptation
As supply chain issues persist, businesses find themselves facing a dilemma – to wait for delayed products or substitute them with available alternatives. Many companies are now opting for the latter, swapping products to meet a project timeline. This may require customers to accept the substitute temporarily or agree to partial installations. End users should expect communication from their integrators, including providing continuous updates regarding product delivery and installation dates to assure them of a satisfactory outcome.

Recognize impacts on billing and invoicing
Supply chain disruptions not only affect the delivery of products but also have a cascading effect on billing and invoicing procedures. Because of progress payments based on the completion percentage, businesses must carefully manage their financials. The situation demands transparency and systems integrators need to be willing to clearly communicate with customers regarding payment terms and the timing of payments. Although these challenges may require adjustments, maintaining trust and honesty with customers is paramount.

Monitor price increases
Another significant challenge brought about by supply chain disruptions is the continuous price increases of products and components. Due to the time lag between quoting, approval, and project timeline, businesses can find themselves dealing with cost fluctuations. In this instance ongoing dialogue between integrator and customer is essential in order to address and resolve price changes. Fortunately, most end users have been understanding in this regard, and are cooperating with businesses as they navigate these adjustments.

Honesty over uncertainty
In the face of supply chain uncertainties, some security installers may be tempted to provide overpriced quotes based on vague estimates in the hope of providing a cushion should product pricing or availability changes. However, this approach is detrimental to all parties involved. Instead, honesty and transparency should be prioritized, even if it means admitting that delivery for a specific surveillance camera or access control card reader may take longer than desired. Setting realistic expectations from the beginning fosters better understanding and helps build stronger and longer lasting relationships with customers.

Perhaps the silver lining of the supply chain turmoil is the remarkable patience exhibited by end users. When integrators are upfront about the challenges they face, they generally receive understanding and cooperation in return. This collaboration between suppliers and end users fosters an environment of mutual support, ensuring that projects move forward despite the obstacles.

As manufacturers strive to provide more specific delivery dates, integrators and installers must remain transparent with their customers about potential delays and price fluctuations. By working together and maintaining patience and understanding, security systems integrators can continue to deliver quality solutions to their customers even amid supply chain hurdles.

This post was originally published on the Security-Net blog.

Is your company’s existing credentialing solution leaving the front door vulnerable on a nightly basis?  Are you regularly re-issuing access card credentials?  Do you feel like your security technology is stuck in a 1970’s time warp?  Now may be a good time to consider serious digital transformation to ensure your security solutions remain relevant and are future proofed.

Industry figures indicate that 50-60% of the Physical Access Control (PACS) market still relies on the original “granddaddy” of access control: 1970’s proximity (prox) cards via the Wiegand protocol. The cards can be duplicated with ease, leaving your facility with the appearance of security without any real protection. If you can copy your card (or fob) at a grocery store key kiosk, you are not secure. Just like we have abandoned the 8-track, fax machines, and bag phones, it’s time for credentialing to leave behind 1970s technology and embrace innovation!

To protect your businesses from threats in 2023, new forms of identity credentials, access technology and visitor management solutions are needed. These new solutions provide a mobile, touchless, and frictionless experience mitigating security threats. They are rapidly becoming the preferred choice for seamless onboarding and access control.

Let’s cover what you need to know about the changing landscape of alternative credentials for improved access control and better employee/user experiences.

Issuing the right credential is based on multiple factors of identity management: what you have, what you know, what you are, how you behave and where you are.

  1. What you have refers to an employer issued physical ID card, such as a proximity or smart card. New options include “on device” mobile credentials, key fobs, or wearables like rings, or wristbands. These primary credentials are given by the employer.
  2. What you know is used along with “what you have,” involving a combination of a username, PIN code, or password.
  3. Who you are is a physical biometric or unique characteristic that can be compared for an exact 1:1 match. Physical biometric modalities include face, finger, iris, palm/vein, lips, feet, nails and more.
  4. How you behave is a behavioral biometric including voice, heartbeat, brain waves, eye movements, gait, signature, and others.
  5. Where you are shows an exact location along with any of the other 4 authenticators. This can include a time stamp record of when and where an event occurred.  Examples of the technology used include IP address, NFC, BLE, Geolocation, Geofencing, and Proximity

ID cards can be lost, stolen, or duplicated, and usernames and passwords are often weak, reused, forgotten, or shared. An easy search on the internet will sell you card duplicators or hacking methods if you have the wrong technology. Additionally, a significant amount of time and money is spent on reissuing these credentials, which creates additional security liability if the old credentials are not turned off.

For highly secure environments, the solution lies in upgrading your security game with a second factor of authentication. These credentials provide multifactor authentication (MFA), offering increased levels of identity assurance and zero-trust (absolute trust) access control permissions. Examples include one-time passwords (OTP) via SMS texts and Quick Response (QR) codes that can generate passkeys or software tokens.

Additionally, securing the wire between the card reader and system interface through OSDP protocols to protect you from electronic eavesdropping invading your network.

Combining facial recognition and voice recognition to create MFA is the most natural way for us to communicate and is moving us from a “Flintstones” to “Jetsons” lifestyle. Software for proven biometric liveness detection and detecting deepfakes is already on the market and being tested by DHS to assess its effectiveness in a remote environment. Soon, we will be able to remotely onboard and authenticate human beings at a doorway or desktop computer, verifying their identity with 100% certainty.

The convergence has begun! The transition to zero-trust access control will be a game-changer for the physical security market. Mobile, touchless, frictionless experiences will reduce the reliance on hardware and usernames/passwords.

If you are interested in articles like this, follow D/A Central, Inc. on LinkedIn or visit our website at dacentral.com for more engaging content. Join us today and be part of the conversation!

Cloud services has been the talk of late within the security industry. Reduced cost of ownership and easy access to data 24/7 has spurred the development of cloud-based solutions,  touching every technology type within the security industry, from access control and video surveillance to mass notification systems and fire alarms.

It seems that nearly every technology, from an IP camera to a mobile credential, can leverage the cloud, whether that involves storing data in the cloud or having the system itself reside as a cloud-based application vs. an on-premise server. Still, a few vertical markets have been slower to adopt cloud, including big corporations and the higher education market.

Despite its widespread use and growing adoption, one question remains. Is a cloud-based solution truly cyber secure? For those who are adopting security solutions that reside on the cloud, here are a few questions to address.

Is your cloud-based system cyber secure?
Ensuring that a security system is cyber secure is perhaps one of the largest concerns for any connected device. At the device level, check to see if the product manufacturer has an internal cybersecurity program, where they are continuously addressing cybersecurity threats and issuing patches on a regular basis.

Cloud services should also follow cybersecurity regulations. Two of the biggest providers of cloud-services, Amazon Web Services and Google Cloud, subscribe to stringent cybersecurity requirements and best practices. For example, AWS supports 143 security standards and compliance certifications, including FIPS-140-2, which is considered the benchmark for cryptographic data protection.

Third party verification from independent auditors who review security procedures can also provide cybersecurity assurances. This audit would cover topics such as security of the physical data center itself to infrastructure maintenance and data center operating policies and procedures.

Does your provider have a disaster recovery plan?
Disaster is bound to strike, whether it’s a multi-day power outage caused by a major weather event such as a hurricane or tornado, or general system failure. A data center should have a disaster recovery plan that addresses these potential issues and to ensure service continuity.

One important question centers around the location of a data center’s redundant sites.  For example, are its data centers located in one geographic region, such as on the east coast, or spread across multiple areas? Having data centers in a variety of locations minimizes risk associated with a regional event, such as a weather event like a hurricane or tornado.  It also makes it simpler to failover, migrate, or serve workloads from different data centers.

A few other areas to address include how data will be protected from loss when backing up files, and how  your company will be notified if the data is breached.  Understanding these processes, and the procedures the data center would follow, can help to determine whether a cloud services provider is the right one for your business.

Asking these key questions can help to ensure that your cloud provider follows industry best practices for cybersecurity and data protection. Knowing that these provisions are in place can ease the transition to cloud-based solutions and the economies that cloud can offer.

This post was originally published on the Security-Net blog.

As we approach the two-year anniversary of the COVID-19 pandemic, we can see clear signs of changes throughout our society. From cancelling important plans, to changing the way our businesses operate, to keeping ourselves and those around us healthy, it is safe to say we have all had to practice some patience and flexibility along the way.

These qualities may be especially useful as we face new challenges related to shortages across the global supply chain. Virtually all industries are feeling the effects of this in one way or another, including the security industry. Security systems integrators have had to implement new strategies and ways of working to continue getting the job done for clients.

For security professionals with projects on the horizon, here are some helpful tips on how to navigate the supply chain crunch.

Communication is Key
Managing expectations is one of the biggest factors when it comes to scheduling a project. When ordering materials, wait times can be extremely lengthy and availability of products can be inconsistent from one day to the next due to current supply chain problems. It’s important to let your integrator know as soon as possible about a new project. Previously it may have been possible to initiate a new project and order products with only a few months notice, projects now require longer lead time. Communicating clearly about needs and priorities ensures fewer road bumps.

Plan, Prepare and be Proactive
These three Ps are key to working around unexpected supply chain disruptions. Think around the corner wherever possible about what’s coming up to avoid hitting the panic button. Understand that timelines can be loose and it is better to receive shipments too early than too late. Honorable mention to the Ps – Patience! Rest assured that things are moving forward, even if not on the original timeline.

Be Ready to Pay for Products Sooner
For projects in the future that need to be done by a certain date, the best way to get the parts in time is to issue the purchase order as soon as possible. To stay on track, integrators will order the parts and bill for them immediately. Payment is what kick starts the process and is especially important for big projects in which the order date could be bumped up to a year sooner. Additionally, prices are contingent and may increase over time. This might create some adjustment in terms of budget planning but paying upfront is an instrumental first step to getting in line to deploy that new access control or surveillance system.

Be Flexible
Most important of all is flexibility. For example, security systems integrators may need to mobilize on multiple occasions to finish the project depending on which dates certain products are available. Another solution is substituting a new part for a legacy part that may be available sooner. In some cases, the legacy part can stand in for the new part until it is received, at which point they can be swapped out. Getting creative about finding solutions allows for an agile response to new challenges.

Overall, each industry has been uniquely impacted by supply chain deficiencies and security is no different. By utilizing these best practices security professionals can navigate through these unprecedented times and deliver best-in-class service

By Craig Jarrett

As COVID-19 vaccinations become widely available and mask mandates loosen, more employees find themselves returning to in-person work. Their desks at home slowly become extra storage spaces and their sweatpants are exchanged for business casual. Many will have masks tucked into their pockets or purses, unsure if they’ll still be required to enter the building.

The past year and a half has brought about tremendous change – especially for the security industry – with businesses leveraging their existing security technology or implementing new solutions to keep employees and customers both safe and healthy. So, what has changed on the security front as we move towards a post-pandemic world?

Access control to manage occupancy

Access control has always been utilized to manage the flow of people into buildings, such as scanning a badge to authenticate who is coming and going. As we close in on a post-pandemic world, limiting the amount of people coming into a shared space is as important as ever. Access control allows there to be thresholds, which is extremely useful as many companies are permitting  only a specific number of employees to come in on particular days as employees begin to return to work in-person.

Touch-free entrances

People are more conscious now about touching the same surfaces and door handles  as others, so access control can truly help with touchless entry— walking up to a door and presenting an access control credential which then triggers a door to unlock and automatically open, for example. This touchless approach helps stop the spread of germs, which has now become a high priority for many companies. There will likely be somewhat of a rise in use and installation of these automatic door opening systems paired with access control for companies that want to be extra cautious post-pandemic.

Analytics to detect masks wearing

As we come closer to the end of the pandemic, the call to arms for security and analytics to assist in general pandemic-related mandates has greatly diminished. However, some specific industries will still require the assistance of security analytics to help maintain a safe environment. For example, the healthcare industry and public transportation still require mask wearing, meaning that being able to detect whether a person is or is not wearing a face mask remains a priority.

The security industry has seen significant advancements over the past 18-months as people adapt existing security solutions and implement new technologies to support a safe work environment. As we begin to move towards normalcy, security professionals will look at how to continue to leverage investments in pandemic-influenced technology as part of their ongoing security needs.

By Craig Jarrett

This past year, the security industry experienced a flurry of technological advancements during the time of COVID-19 as security solution developers look at ways to support return to work initiatives and healthy workspaces.

As a result, two of the biggest developments on the technology side include the introduction of both touchless and frictionless access control solutions. While both promote similar benefits – supporting the ability to enter a space without needing to touch a device – there are some differences in the technology and the solutions themselves that are important for customers to understand.

Touchless
Access control solutions that don’t require a person to touch a shared device to enter a building have been part of the security industry for years. In fact, the introduction of Prox card technology and readers has been the leading driver behind this capability, eliminating the need for someone to punch a code into a keypad to gain entrance. But that is as far as touchless went. For example,  after presenting a credential people still needed to touch a door handle to enter a building.

Today, the touchless experience is being incorporated into the entire building access experience with greater integration between the access control system, such as readers and video intercom systems, with the automatic door opening system. Property managers are now investing in the integration between the two, so when a person swipes a badge, not only does the access control system transmit a signal to unlock the door to allow a person to enter, but it also transmits a signal for the door to automatically open.

In the past, these two functions were not traditionally connected. Automatic door opening systems exist in many buildings to ensure ADA compliance, not to promote hands free capabilities. Now, automatic door opening buttons are also moving into the touchless space, with the development of automatic door opening devices that only require a hand gesture in front of a sensor to tell a door to open.

Frictionless
While touchless removes the need to physically touch an actual device to gain access, it still requires a person to present a credential, whether it’s a smart card or a mobile phone containing a mobile app, in order to be granted access.

Frictionless access control eliminates the use of all credentials, and instead the person becomes the credential as the physical access control system relies upon facial recognition technology to determine whether a person should be permitted to enter a facility. Frictionless access control is a true contactless experience.

The number of access control devices that offer a frictionless experience is growing, thanks to continued advancements in Artificial Intelligence technology and faster processing speed, which enable databases to be quickly scanned to confirm that an individual is in fact allowed to enter a building and not on a watch list.

Previously, facial recognition technology was too slow to process large groups of people accurately. Also, this technology was typically used as a siloed application, meaning it did not tie into an access control system. Those who deployed facial recognition technology had to employ a dedicated person to watch for any red flags, such as when the system would recognize a person as a known shoplifter.

The integration of facial recognition technology with a physical access control system enables solution providers to deploy a frictionless experience that can be leveraged by high volume areas. In non-COVID-19 times, this would prove valuable for manufacturing facilities where a large volume of employees come to work at the same time, but having each person present a badge could create a bottleneck. Or, it can be leveraged by a large office building where hundreds of people need to present a credential at a turnstile before being able to proceed to the elevators.

Over the coming years, users should expect both touchless and frictionless access control solutions will remain at the forefront of in-demand access control solutions.

By J. Matthew Ladd

As technology has evolved over the years to become smarter and less expensive, the security industry has begun to see more smaller businesses moving away from using a key and lockset to secure their property to implementing small-scale access control solutions.

The reason is that business owners and property managers want to implement solutions that are not only cost effective, but easy to manage.  The introduction of IP and wireless-based access control solutions have made both a reality, supporting both connectivity and remote management capabilities that previously were available only on a limited basis or was too expensive to implement.

In the past, even the smallest and most cost-effective door entry systems – such as a keypad entry system – would need to be hardwired in order to communicate with the lockset to tell the door to unlock and permit someone enter. These devices would also need to be programmed to give each user a unique code, enabling the property manager or business to track each time an individual enters the building using the keypad entry system.

Today, technological advancements now include wireless keypad entry system options with devices that can communicate wirelessly with the door lockset to permit a person to enter and cloud based access control systems. The benefit here is twofold, impacting both installation time and management.

With a cloud-based system, small businesses can now remotely manage users themselves and add or remove a person’s access control privileges by using either a mobile application or desktop dashboard to make changes. The installation time is also significantly reduced thanks to the introduction of newer technology that doesn’t necessarily require the system to be hardwired. This reduced installation times translates into less money spent on the overall cost of the system.

Mobile credentialing technology is gaining popularity amongst small property owners, as this technology turns a person’s smart phone into the actual credential. This eliminates the need for someone to have to carry a smart card with them at all times, as many people always have their smart phones with them.

Small businesses, especially small retail operations, like these options because it can allow them to let employees have access to several locations while also cutting down on the re-keying costs when an employee leaves or misplaces a key. The newer, IP-based systems can also provide a host of data on open and close times and also reports on how frequently an employee is entering a space.

Perhaps the single largest factor that small businesses and property owners should take into consideration is whether the technology is easy to use. Small business owners want to implement systems that are easy to use across the board for both those looking to gain entrance into a building and those on the back end managing the system.

By J. Matthew Ladd

Many different elements come into play when it comes to providing security at multi-site facilities – users have to address company culture, such as smaller offices in rural locations compared with a corporation’s larger headquarters in a major city, budget issues and how to future proof technology.

These challenges extend beyond the issues associated with technology and standardization issues with deploying a single platform. So, what is a corporate security director to do when coordinating a security program that spans dozens, and sometimes hundreds, of locations? It’s important to properly assess the overall situation and there are a few things to keep in mind.

 

Standardize on Equipment

Should your company standardize on the types of security systems it deploys? Several years ago, it was not uncommon for a company to allow the decision-making process to come from the local level. As a result a local office manager or security personnel would hire the local systems integrator, but the challenge with that approach is that not every security systems integrator carries and installs the same line of products.

Now more large companies are standardizing on the equipment they install and migrating toward a single solution for their video and access control systems. Taking a standardized approach can lower the overall cost of a system because of the volume of product purchased. Also, installing the same brand of access control system across multiple locations enables sales people and senior members of management who might travel to several locations to use a single card to gain access into different buildings.

Taking a single platform approach makes it is easier to review data and security issues on a corporate level by running a single report instead of having to review multiple reports. Companies can also save money on their software licensing agreements by standardizing on a single platform. The more product and software you buy, the better the pricing. Security directors can also expect better support from their manufacturer and systems integrator partner.

 

Rural Office vs. City Office Mentality

For a long time, there have been two schools of thought relating to providing security for an office located in a rural area when compared with an office located in a large city. It’s not uncommon for the smaller field office to feel that security is not a necessity because the crime rate is low in the area or there are few employees coming and going from the building. However, it’s important for security directors to remember that security is not just about protecting assets, but it’s also about protecting the corporate brand and providing liability protection.

When a corporate office establishes security standards based on risk, it can help a smaller field office understand the overall need for security beyond an intrusion system. One example would be to implement a set standard for data rooms so that every data room or closet has a card reader and a surveillance camera associated with it. Another scenario could be that every perimeter door has a card reader, a surveillance camera and an intercom system. By specifically listing the security requirements for locations like these, corporations can help ensure a security program is accepted and implemented.

 

Future-Proofing

When implementing a security program for multiple facilities, future-proofing is critical to ensure that budgets are spent wisely and then there is the ability to upgrade systems as the industry introduces new technology.

Manufacturers are listening to their customers about the need to future-proof security systems and as a result have introduced cloud-based solutions, NVRs and video management systems that can operate with legacy camera systems. This enables end users to take a strategic approach to upgrades and ensures that the investment they made in their security systems maintains its value.

As a corporate security director, it’s important to make sure that you are implementing security systems that can either be upgraded in the future by downloading new software or that have a long-standing reputation in the security market. The last thing a security director wants is a newly security system to become outdated or unsupported after only a few years.