classic | mobile
Follow us on:
Follow us on Facebook  Share via Twitter  Share via LinkedIn
 

Search...
Hi-Tech Security Solutions Business Directory
Residential Estate Security Handbook 2017


Managing technology risks for effective estate security
September 2017, Residential Estate (Industry), Cyber Security, Integrated Solutions, Conferences & Events

Security is all about mitigating risk and the main risk mitigation tool in estates is technology-based. Today’s technical solutions not only provide better security, but can also, if planned correctly, save money.

But what about six months or a year after the installation? What risk management processes do you have in place to ensure your security technology is running optimally and delivering the services you require all the time? Are the systems being regularly assessed and evaluated according to a plan? What are the typical risks lurking in the technology that should be evaluated, measured and maintained for enduring security?

Hi-Tech Security Solutions and Rob Anderson hosted the Residential Estate Security Conference 2017 in Johannesburg earlier this year to address these questions and more. This year’s conference was focused on the technology risks that can take a well-designed and functional solution and turn it into an underperforming and inherently insecure risk if not maintained and managed correctly. The event looked at various security technologies, highlighted the risks they face and advised attendees on how to extract maximum value and longevity from their security investment.

Delegates were able to hear from a number of experts in various fields, covering different areas of risk that estates today are dealing with. In addition, 10 sponsors occupied the exhibition area where delegates could wander around and network with vendors and other people worried about security on estates. Just before the lunch break, the five gold sponsors were represented in a panel discussion where they answered questions about their products and solutions aimed at the residential market.

The sponsors were:

• Betafence

• Elf Rentals

• Elvey (gold sponsor)

• Enforce Security

• Forbatt SA (gold sponsor)

• MiRO (gold sponsor)

• OT Morpho (gold sponsor)

• Paxton

• Powell Tronics (gold sponsor)

• ZKTeco

Risk assessments in security technology

Rob Anderson
Rob Anderson

The conference was kicked off with Rob Anderson introducing the topic and the focus of the day: identifying, understanding and mitigating your security technology risks. Anderson introduced the conference attendees to the PESTLE (Political, Economic, Social, Technical, Legal, and Environment) model of analysis, and the conference’s specific focus on the technical side of things.

The reason for his focus on technology is that while physical risk is easy to see, technical risk is not always apparent until something happens. As far as estates are concerned, the technical risks start at the initial quotation.

Anderson says quotations for the same project can be as much as 400% apart in price, which is confusing and detrimental as estates often choose the cheapest option without any thought to why it is cheap. There are also no drawings or data sheets and other necessities included in the quote that the estate would need to make a rational decision. The risk then moves onto the installation, which can lead to many headaches later if not done correctly.

Anderson then briefly touched on other technical risk areas which subsequent speakers would expand on in their presentations. These included lightning protection, power management, cybersecurity, access control, surveillance, total cost of ownership and more. He noted that the topics presented at the conference were only a few of the primary risks estates face today, mentioning a few others this conference did not have time to cover.

Keep your access controlled

Glenn Allen
Glenn Allen

Starting at the gate, Glenn Allen from Enforce Security followed Anderson with a presentation on the risks associated with access control. While we may all be used to the various access control processes at estates, Allen noted the risk is still high as about 80% of crime on estates is perpetrated by people who gained access through the front gate.

Allen went through the various access controls we’ve seen over the years, starting with a drawbridge with manual facial recognition for those staying in very old estates. More recently we’ve seen the use of guards who manually verify and authorise entry, followed by stand-alone electronics, including RFID and cards. Then these systems were networked and controlled from a database in a backroom until today where we see advanced biometrics and third-party verification and integration controlling access. The presentation went on to discuss various methodologies and technologies that should be used in access control, such as setting up zones and different categories of access etc.

Database management and maintenance was also discussed, with Allen providing a few pointers on how to manage and ensure your access data is secure and reliable. Naturally, he also spoke about visitor and contractor management and the data that should be collected before allowing temporary visitors in.

For those who are satisfied with manual access control via a boom and a guard at the gate, Allen ended his presentation asking, “If somebody opens the boom on your behalf and you access the property and a crime takes place, were you there?”

The real cost of security technology

We all know the drill. You get a few quotes for a project and take your time assessing each proposal before choosing the cheapest one. A few months, or maybe a year later, you are surprised when your maintenance, repairs and call-out bills are bigger than your full security budget. And it seems that your installer is harder and harder to get hold of.

Roy Alves
Roy Alves

Roy Alves from Axis Communications was on stage next with a presentation focusing on the total cost of ownership (TCO) of your security installation. He started by examining TCO studies from other industries to show that security is not the only market that doesn’t consider the full lifecycle costs of its solutions.

A 2016 study on mobile devices, for example, showed that CIOs were unaware of 54% of the costs they would be faced with. A 2012 study on the total cost of HR payroll systems showed that HR managers were unaware of 63% of the costs. Most unnerving, a 2011 study on the cost of IT servers showed that 75% of the costs incurred were operational costs, not the purchase price.

Alves then focused on the security industry, using a recent case study from an upmarket golf estate in South Africa as an example. He noted that the costs estate customers are aware of are normally the purchase price and the installation costs; operational and maintenance costs are generally ignored. He offered a simplified view of TCO, broken down into three areas: total cost of acquisition, total operating cost, and total decommissioning cost.

In the case study presented, the TCO over 10 years was around R28 million. This was broken down into R18.7 million for the total cost of acquisition, R8.7 million as the total operating cost, and around R500 000 was the decommissioning cost.

Alves broke the various sections down into more detail, giving attendees a clear insight into the various costs involved in a security system over a number of years. He also touched on the labour and manpower costs, as well as the costs of staffing a control room for the life of the project.

Design for longevity

Selvan Naidoo
Selvan Naidoo

To assist delegates in recovering from the shock of seeing the real TCO of security systems, Selvan Naidoo from Cathexis Africa was up next to talk about how to ensure the CCTV system you choose will keep on doing its job for the long term and not collapse in three years or less.

His experience in designing and setting up surveillance systems that deliver value stood him in good stead as he highlighted what was required to ensure a return on your CCTV investment.

Naidoo started out talking about how to define the effectiveness of a surveillance system before focusing on the factors required for success. He then highlighted common risks found in surveillance. These included:

1. Poor camera selection and placement.

2. Integration overkill.

3. Operator overload, which reduces their efficiency.

4. A lack of meaningful processes and reports.

Ending the presentation, Naidoo also touched on a few maintenance and operational best practices which estates can make use of to keep their surveillance systems running optimally for the longest period of time.

Practical PoPI for estates

John Cato
John Cato

John Cato from IACT Africa was up next, explaining how the Protection of Personal Information (PoPI) Act will impact estates and how they handle the data they collect. He explained some basics of PoPI to attendees and went on to describe what estate managers should do to ensure they comply with the act. The Residential Security Handbook has covered more of Cato’s advice in ‘Manage your data appropriately’.

Practical cybersecurity for estates

David Cohen
David Cohen

Estates need to be PoPI compliant, but they also need to protect their data from the many cyber attacks that seem to be launched every day. David Cohen from BDO Cyber and Forensic Lab was next up to give delegates some insights into how estates can protect the data they gather from cyber attacks.

Cohen offered keen insights into the types of cyber threats we all face as well as the types of people or organisations that may launch them, including the threat faced from insiders looking to profit from the information they have access to. He then went on to describe the many ways of social engineering, tactics used by criminals to persuade you to give them sensitive information, such as phishing, vishing and whaling. And, of course, the risk of ransomware was also highlighted.

It’s also worth noting that sensitive information doesn’t always have to be hacked from afar. Guessing easy passwords is one way of getting into someone’s account, and dumpster diving (going through the garbage to find documents with interesting information that have been thrown out) is another way of gaining access to useful data.

He then introduced the audience to the six cyber-readiness steps organisations can and should take to give them the best defence against the many cyber risks out there. Ending off, he made the point that training is one of the most important aspects of cybersecurity, not only training experts, but also training your staff and making them aware of the risks they face and how that can impact everyone – and, of course, how to deal with the threats.

Surge and lightning protection

Dr Andrew Swanson
Dr Andrew Swanson

One of the more technical presentations was made by Dr Andrew Swanson from the University of KZN. An engineer, specialising in the area of high voltage engineering, Swanson spoke about how best to protect equipment against lightning damage.

South Africa has had an increase in lightning activity recently and the expertise Swanson offered is invaluable to estates as they try to keep their security (and other electronics) running.

The presentation looked at the various instances of lightning and surge damage, such as direct and indirect strikes, and how equipment can best be set up to avoid damage. Of course, a direct lightning strike on an electronic device is going to cause problems for the device, but there are ways and means of preventing the damage from spreading far and wide.

The power must flow

Riaan Allen
Riaan Allen

Staying in the power management arena, Riaan Allen from Ultimate Group followed with more insight into how to set up and maintain your power systems (specifically backup systems such as generators and UPSes) for the best performance and longevity.

Riaan was able to provide expert advice on what estates need to look out for when purchasing power management equipment, and he also gave good advice in terms of deciding if your existing installation is going to be reliable or if it’s likely to fail at a moment’s notice. The presentation started with the sales process, moved through the design and installation of these systems (including compliance to various standards), and touched on the tricky issue of sizing the equipment you actually need.

His advice is that buyers should look at the cost of replacing inferior (cheap) products and the expense of repairing bad systems and installation jobs rather than the initial purchase price. When you’re playing with electricity, cheap is not a selling point. In addition, he suggests that a quote should always be accompanied by design documentation and information on the certificates of compliance the installer is authorised to provide.

Sensible connectivity

MJ Oosthuizen
MJ Oosthuizen

Coming full circle, MJ Oosthuizen from PinnSec delivered the last presentation of the day in which he referred back to Rob Anderson’s opening presentation. Connectivity is a given in today’s world, even on an estate, but if the systems installed in the server room and on the edge of the estate are installed in a haphazard manner, it increases the chance of something going wrong, increases the time and cost of maintenance as technicians have to sort through piles of cables to find the one they need, and generally makes any repairs or upgrades much harder.

Keeping your servers, storage and the relevant accessories in order and coded according to what the various bits and pieces are used for is critical for successful maintenance and servicing.

Oosthuizen also touched on identifying all the estate’s network and networked assets, which can amount to a large number in the Internet of Things (IoT) age, and ensuring you have a security plan to keep your connectivity up and running safely – which will ensure your users and devices are able to function as required.

He also touched on the IoT in the home, looking at how connectivity can transform a modern home and estate into an easily manageable IoT hub. Of course, security plays a critical role in this regard as your weakest link is the entry point criminals will choose to get into your network

and all the data and devices attached to it.

Conclusion

The Residential Estate Security Conference 2017 ended with another round of networking and a final cup of coffee in the exhibition area. Comments from attendees showed that the conference hit the spot in terms of the technology issues estates are facing today and provided insights into how to better plan and manage security technology.

Hi-Tech Security Solutions and Rob Anderson would like to thank all the presenters for the time and effort they put into their presentations, which were all well received.

In addition, a note of thanks goes to all the sponsors who supported the event.

Hi-Tech Security Solutions would also like to extend its thanks to Rob Anderson for his guidance, advice and the work he put in to help make the conference a success. Look out for the next Residential Estate Security Conference when the show hits Durban and Cape Town.


Credit(s)
Supplied By: Technews Publishing
Tel: +27 11 543 5804
Fax: +27 11 787 8052
Email: vivienne@technews.co.za
www: www.technews.co.za
  Share via Twitter   Share via LinkedIn      

Further reading:

  • The question of trust
    November 2017, Technews Publishing, News
    Access control, identity management, visitor management and whatever else it may be called is all about trust. It’s about assigning a level of trust to an identity that will permit that identity to access ...
  • People on the move
    November 2017, This Week's Editor's Pick, Access Control & Identity Management, Integrated Solutions, IT infrastructure
    Sanjay Dharwadker looks at some of the changes that have been enacted to better manage Europe’s borders.
  • Access and identity: looking ahead
    November 2017, neaMetrics, ZKTeco, Powell Tronics, This Week's Editor's Pick, Access Control & Identity Management, Integrated Solutions
    Access and identity is more important than ever with more options than ever for companies looking for solutions that go beyond mere entry and exit.
  • A question of trust and ­accountability
    November 2017, Technews Publishing, Access Control & Identity Management, Integrated Solutions
    Access and identity management is about trust, how you assign it, how much you allow and how you manage it.
  • Trusting your privilege
    November 2017, Technews Publishing, This Week's Editor's Pick, Access Control & Identity Management, Integrated Solutions
    Privileged access management is the starting point for effective enterprise identity and access management, whichever device you're logging in from.
  • Integrating surveillance and access
    November 2017, Cathexis Technologies, Gallagher, Milestone Systems, Paxton Access, Access Control & Identity Management, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
    Integrating access control and surveillance is a good idea, but those who take on this task have their work cut out for them.
  • The access edge
    November 2017, Johnson Controls, This Week's Editor's Pick, Access Control & Identity Management, Integrated Solutions, Security Services & Risk Management
    With the common denominator of IP networks as their backbone, building automation, security and, in particular, access control systems are increasingly providing opportunities to both security integrators and building managers.
  • Access on the edge
    November 2017, Suprema, Access Control & Identity Management, Integrated Solutions
    CoreStation handles half a million users with a fingerprint matching speed of up to 400 000 match/second and simultaneous matching speeds of up to 8 devices in 1 second.
  • Automated facial recognition
    November 2017, Access Control & Identity Management, Integrated Solutions
    NEC provides facial recognition system to South Wales Police in the UK, contributes to safe management of Champions League final.
  • Using biometrics to prevent financial crime
    November 2017, Access Control & Identity Management, Integrated Solutions
    Biometrics is about more than the fingerprint or retina terminal itself, it’s about storing data in forensically-signed databases, that is admissible in a court of law.
  • Securing your access security
    November 2017, G4S South Africa, Impro Technologies, This Week's Editor's Pick, Access Control & Identity Management, Cyber Security
    While one may not consider access control solutions a prime hacking target, any connected device is a target in today’s world.
  • IP intercom for mining
    November 2017, CAME BPT South Africa, Access Control & Identity Management, Integrated Solutions
    Came BPT’s IP360 IP intercom system was installed for a new mining head office in Middelburg.

 
 
         
Contact:
Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory (HSBD)

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Other
Terms & conditions of use, including privacy policy
PAIA Manual
         
    Mobile | Classic

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.