classic | mobile
Follow us on:
Follow us on Facebook  Share via Twitter  Share via LinkedIn

Hi-Tech Security Solutions Business Directory
Residential Estate Security Handbook 2017

Everything is connected
March 2018, Cyber Security, Security Services & Risk Management

Physical security is no longer just a case of a high fence and security guards. Everything is interconnected and reliant on readily available information and visibility in order to maintain security installations.

 John Mc Loughlin.
John Mc Loughlin.

Most businesses have access control systems that are connected to a computer, which often sits outside of the rest of the network. This is part of a bigger network of CCTV, proximity sensors and similar technologies along with the high fences and security guards acting as physical patrols.

All aspects of security are driven by information, and all of this is digital – so by not ensuring that you have the correct cyber-security programme in place all can be lost to a smart cyber-attack. Internet Protocol (IP) phones, cameras, access control are all connected to the Internet. Do you know how much of your footprint is visible to the outside world… and is it secured?

An important point to get out of the way is the ongoing mention of IT security. The name itself is incorrect; if we continue to focus on the words IT security, it means that this field sits purely within IT. This is not the case today. Cybersecurity cannot be done just by IT, it is a specialist field. You would not get an ice cream manufacturer to handle your physical security, so why ask an IT professional to manage your cybersecurity. Both could do the job, but would the outcome be desirable?

Cybersecurity threats are growing exponentially and this is because they are very difficult to trace with a far lower risk while still yielding very high returns.

We have seen many enterprises that have excellent physical perimeter security which includes access control systems, cameras and smart licence scanning at the gates. Access control systems contain sensitive and confidential information of all staff and contractors. These machines are usually attached to the network and accessible from the Internet to maintain a central database or report to HR. Another aspect is that sometimes these machines are not managed and therefore remain unpatched – or run an obsolete operating system such as Windows XP.

I have been told in several meetings that these access control machines are not very important because they just let people in and out, and the information is then used for payroll. This includes biometric data of all staff and visitors; the information that allows direct access into your property. Additionally, with this information a very focused and targeted social engineering or phishing attack on your staff could be launched. When you add personal information security requirements contained in legislation such as PoPIA, it is critical that all these systems are carefully managed and monitored.

Vulnerabilities in systems, especially those considered Internet of Things (IoT) devices, appear almost every day. Yet, most businesses do not even know that their CCTV control system should be updated or patched regularly – let alone what is accessible from the outside world. Many of these systems have direct Internet access and many installers never bother to change the default usernames and passwords. This is because cybersecurity is not thought of during the installation phase of these projects, and this step is then forgotten even after it is live.

A lack of cybersecurity visibility means that there is very easy access to all the information on your systems, including personal information, usernames and passwords. Open access to actual video feeds is also quite easily achieved through compromised or unsecured equipment. A simple Google search can give us access to thousands of camera feeds, images and login details from businesses all over the world.

The reality is that in today’s ever-evolving threat landscape, physical security is only one aspect of an overall requirement to secure businesses. Everything is hyper-connected and constant cybersecurity monitoring is critical – of computer networks and devices, but also the equipment used for physical security.

It is all well and good to have smart devices to scan a licence disc on entry, but without knowing that systems are secure and up to date you stand the risk of suffering a massive cyber breach. Reputational damage alone can destroy a business and lead to personal loss. An unsophisticated attack on a non-secured physical security environment can leapfrog onto other business systems, exposing confidential information, routes, customers, packages or even discount models – all of which can have a major impact on the business or be used to plan a heist or strike a ransomware attack.

The truth of the matter is that it is not only corporate servers and PCs which require cybersecurity monitoring and reporting, but this is also a massive requirement for security systems, cameras, IP phones and all other Internet connected equipment. Without visibility and monitoring you will never know where your cyber risks are.

For more information contact J2 Software, +27 (0)87 238 1870,,

Supplied By: J2 Software
Tel: 087 238 1870
Fax: 086 619 3563
  Share via Twitter   Share via LinkedIn      

Further reading:

  • Protecting the machines
    July 2018, Technews Publishing, This Week's Editor's Pick, Cyber Security, Integrated Solutions, Industrial (Industry)
    Security operations at industrial sites need to include cybersecurity and it needs to be treated with the same importance as the physical security of the site as well as health and safety standards.
  • Securex 2018 pulls the (right) crowds
    July 2018, Technews Publishing, Access Control & Identity Management, CCTV, Surveillance & Remote Monitoring, Cyber Security, Integrated Solutions
    With over 6000 visitors attending and exhibitors expressing their satisfaction with not only the number, but also the calibre of the visitors, this year’s Securex was a winner.
  • SLAs - Read the fine print
    July 2018, Technews Publishing, This Week's Editor's Pick, Security Services & Risk Management
    By insisting on an appropriate maintenance contract, security technology can be used to the full extent of its possible life.
  • Securing your digital assets
    July 2018, Technews Publishing, This Week's Editor's Pick, Cyber Security, IT infrastructure
    Cyberattacks can’t be prevented, but companies and individuals have ways to keep the attackers out. However, the coming year will see more attacks and more losses because of poor cyber planning.
  • The generations that matter
    July 2018, Technews Publishing, This Week's Editor's Pick, Cyber Security, Security Services & Risk Management
    According to Doros Hadjizenonos, country manager, SADC at Check Point, we have entered the fifth generation of cyberattacks.
  • EOH introduces managed Security-as-a-Service
    July 2018, EOH Security & Building Technologies, News, Cyber Security, Security Services & Risk Management
    EOH has introduced a solution to modern security concerns through a managed Security-as-a-Service suite of offerings.
  • How data leaks can be avoided
    July 2018, This Week's Editor's Pick, Cyber Security, News, Security Services & Risk Management
    MyID runs as a service, monitoring your ID number, email address, mobile number and credit card number for fraudulent usage or fraudulent input on the Web.
  • The benefits of leasing
    July 2018, News, Security Services & Risk Management
    The fundamental benefit of an operating lease agreement is that the business doesn’t have to drain its Capex to purchase equipment and software.
  • Beyond building security
    July 2018, Johnson Controls, This Week's Editor's Pick, Integrated Solutions, Security Services & Risk Management
    In Ireland’s smartest building, One Albert Quay, Cork, security and building management technology does more than police perimeters and keep the office at the right temperature.
  • Keeping trains on schedule
    July 2018, SICK Automation Southern Africa, Industrial (Industry), Security Services & Risk Management
    SICK LMS511PRO laser scanners protect the overhead line and help ensure trains operate on schedule through the 57 km Swiss railway tunnel, the longest in the world.
  • Securing the Internet of Things
    July 2018, Cyber Security, Industrial (Industry)
    With more than 75 billion devices expected to be connected to the Internet by 2025, the Internet of Things (IoT) has become an integral part of the digital world, but are these devices secure?
  • Being prepared is key to mitigating cyber attacks
    July 2018, Cyber Security
    In an age where cyber criminals are a dime a dozen, and the threat landscape more complex than ever, it pays to prepare and be always on guard.

Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory (HSBD)

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Terms & conditions of use, including privacy policy
PAIA Manual
    Mobile | Classic

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.