www.securityfocusafrica.com | Vol 37 No 6 June 2019 The official industry journal for professional risk practitioners: security, safety, health, environment and quality assurance
DIGITAL BUYERS GUIDE
to security services & products Promote your business
Attract customers
Increase your sales
Claim your listing on www.securityfocusafrica.com/buyersguide
2 for 1 offer The print listings now mirror our online directory style with basic and premium listings. In fact, upgrading a basic listing in print to premium will include an upgrade to premium on the website and vice versa. The same information online is printed in the print directory.
Security Focus Africa is known for having the most comprehensive directory of service providers in Africa. We have been a trusted source of information for more than 35 years, and now offer this valuable resource online.
The market is tough out there. What makes your business different from any other? For starters, be more accessible on the internet. Online searches are now the preferred method of finding information and contact details, so the better your online presence, the more business you will get.
BENEFITS OF LISTING YOUR BUSINESS:
• By claiming your listing, you can keep your company’s information up to date at your own convenience • Upgrade your listing online at any time to maximise your brand exposure • Improve your SEO and online presence • We provide a targeted audience for your business • See your stats – know how many people are seeing your listing • Increase traffic to your website with a link from the directory
Security
For as little as R2 400, you can get the edge over your competitors by providing indispensable information to your customers on our online directory.
Affordable advertising is just a click away.
Focus
AFRICA
BUYERS GUIDE
www.securityfocusafrica.com/buyersguide KEEPING YOU IN THE KNOW | CONNECTING PEOPLE WITH PEOPLE
R
O
N FO
S
B
U
PE
S
SINE
securityfocusafrica.com Security Focus Africa has been marketing suppliers to buyers in Africa since 1980, and is the official industry journal of the Security Association of South Africa. Our readers form the core of Southern Africa’s buyers and decision-makers in the security products and services industry. Our print and digital platforms have a highly-focused readership of people at the very heart of the security industry. Our news is distributed via print, website, digital magazine, and social media. Our annual Security Focus Africa Buyers Guide is searchable in print and via our online directory, with over 760 businesses and branches throughout Africa. Need to find a service or supplier? We will help you find exactly what you need.
Head Office: Suite 1, Fields Shopping Centre, Old Main Road, Kloof 3610 PO Box 414, Kloof 3640, South Africa Tel: +27 31 764 6977 | Fax: 086 762 1867 Email: contact@contactpub.co.za
Security Focus AFRICA w w w. s e c u r i t y f o c u s a f r i c a . c o m
The official industry journal for professional risk practitioners: security, safety, health, environment and quality assurance
KEEPING YOU IN THE KNOW | CONNECTING PEOPLE WITH PEOPLE
Security Focus Africa: Serving the South African security industry for 37 years
CONTENTS
VOL 37 NO 6 JUNE 2019
www.securityfocusafrica.com | Vol 37 No 6 June 2019 The official industry journal for professional risk practitioners: security, safety, health, environment and quality assurance
15 SPECIAL FEATURES 12 Cloud sharing & storage: Experts warn of growing security risks alongside benefits
COVER STORY
8
Fidelity Services Group: Keeping you safe, securing your assets
Fidelity Services Group is Southern Africa’s largest integrated security solutions provider and the industry leader in protection innovation. Excellence in service delivery and implementation are fundamental to an impressive record of accomplishments.
10
2
SECURITY FOCUS AFRICA JUNE 2019
As take-up of cloud-based technology grows, so does the threat landscape. Security Focus Africa chats to cloud experts to explore challenges faced by users and the industry, and takes a look at its benefits.
15 The major challenges around cloud computing and how to solve them” Done correctly, cloud computing can save companies money and improve their IT efficiency. But, warns global computer security software company McAfee, there are some major challenges around the technology, which if ignored, could spell disaster.
16 Cloud contracts: Why companies need them With the increasingly widespread use of cloud services comes the increasing potential for conflict and misunderstanding. That’s why it’s essential for companies to include cloud contracts in their IT contracts, says John Giles, managing attorney at SA corporate law firm Michalsons.
20
Official Journal of the Security Association of South Africa
Published by Contact Publications (Pty) Ltd (Reg No. 1981/011920/07)
34
Vol 37 No 6
TEL: (031) 764 6977 | FAX: 086 762 1867 PUBLISHER:
REGULARS
33 Net2 accessible from any
EDITOR’S COMMENT 4 Challenges ahead.
CITIZEN IDENTIFICATION UPDATE 34 Closing the identity gap:
NEWS IN BRIEF 5 News snippets from around the world.
ASSOCIATION NEWS 10 The challenges facing the private security industry.
FOCUS ON CLOUD SECURITY 17 Consolidating your backup and recovery makes business sense.
PERSONALITY PROFILE 18 In conversation with… Professor Sope Williams-Elegbe.
EXHIBITION NEWS 20 Securex SA 2019: A resounding success for first ‘three shows under one roof.
21 Seen at Securex 2019. 23 IDIS to focus on video surveillance cybersecurity at IFSEC 2019.
24 Securex West Africa report: The most important show in the region.
TECHNOLOGY UPATE 26 From hype to viable assistance system: Video technology and artificial intelligence.
MARKET NEWS 28 Dallmeier’s “casino operating system” SeMSy® and Casino Automation Technology.
29 Proxyclick’s Visitor Management System optimises connections.
30 Central security management platform for key management.
31 White Label Alliance to define an open standard for payment.
32 Hikvision launches AcuSense network cameras.
location, on any device.
government in Africa biometrics and e-IDs.
CASE STUDY 36 Intellect increases the effectiveness of the security of Sberbank automated teller machines.
CASH LOGISICS 38 Cash logistics becomes fully
Godfrey King | gk@contactpub.co.za
MANAGING DIRECTOR: Malcolm King | malcolm@contactpub.co.za
EDITOR: Ingrid Olivier | ingrid@securityfocusafrica.com
PRODUCTION & DESIGN EDITOR: Hayley Mendelow | hayley@contactpub.co.za
DISTRIBUTION MANAGER: Jackie Goosen | jackie@contactpub.co.za
HEAD OFFICE PHYSICAL ADDRESS: Suite 1, Fields Shopping Centre, Old Main Road, Kloof 3610
POSTAL ADDRESS: PO Box 414, Kloof 3640, South Africa
PUBLICATION DETAILS: Security Focus Africa has 12 issues a year and is published monthly, with the annual Buyers’ Guide in December.
automated.
SECURITY IN ACTION 39 Bollards: Proven protection for high-risk sites.
CYBERSECURITY 40 Companies stand to lose everything through lack of awareness.
41 Record level of vulnerabilities sparks cybersecurity innovation.
E-WASTE SECURITY 42 CEOs must be concerned about non-compliant old PCs.
43 Giving office equipment a second life.
INDUSTRY OPINION 44 Fixing SA’s broken windows. LAW & OPINION 45 Post 8 May 2019.
Paarl Media KZN, 52 Mahogany Road, Westmead www.paarlmedia.co.za
SUBSCRIPTION RATES: Annual subscription for magazine posted in Republic of South Africa is R650 including VAT and postage. Subscription rates for addresses outside South Africa can be obtained on application to the Subscription Department, Box 414, Kloof 3640.
EDITORIAL CONTRIBUTIONS: Editorial contributions are welcome. For details please email hayley@contactpub.co.za.
ADVERTISING ENQUIRIES: Bernadette Fenton Cell: 082 443 8931 Email: bernadette@ securityfocusafrica.com
Security Focus Africa is a member of
46 INDEX OF ADVERTISERS 39 CALENDAR 48 DIRECTORY www.securityfocusafrica.com
securityfocusafrica.com
SECURITY FOCUS AFRICA JUNE 2019
3
EDITORS COMMENT
Challenges ahead
P
resident Cyril Ramaphosa and his newly-elected cabinet have some huge challenges ahead. In his own words, the expectations of South Africans have never been greater.
Entrepreneurs One of the cabinet’s most pressing issues is to address poverty (and accordingly crime) by stimulating job creation in a country where the unemployment rate is currently sitting at a troubling 27 per cent. It’s therefore critical that government throws some serious support behind entrepreneurship, which, properly nurtured, will create employment. Long-time proponent of entrepreneurship, privately-owned investment management company Allan Gray’s Orbis Foundation, says there’s a crying need in South Africa for entrepreneurs who not only succeed, but who have the ability to positively impact and transform their community. During his hosting of the recent “Take a Girl Child to Work” programme, President Ramaphosa told the pupils that more entrepreneurs means more jobs. And it’s jobs that are needed to address poverty and unemployment, “our biggest enemies”. For this to become reality, however, it’s going to need a lot more support from the top echelons. The focus, according to Allan Gray, needs to be on fostering “critical thinking, creativity and emotional intelligence” as well as fast-tracking the development of the skills necessary for the workforce of the future to be able to participate in the digital economy. The movers and shakers of South Africa’s future need to be coached on how to take their businesses “from point A to Point Z with a clear picture of knowledge and skills acquisition as they relate to employment, and
EDITORIAL POLICY
how these can be best harnessed to drive rapid innovation and optimise industrial growth,” avers the Foundation. Education therefore needs to be tailored around the impact of the Fourth Industrial Revolution on the world as well as the industries that that will prove most productive in the years to come. More than anything, it maintains, it’s about getting young entrepreneurs to embrace not only financially-viable ventures but also those that will impact positively on the challenges faced by the country. Alec Hogg, writing in Biznews, speaks of creating a prosperous and peaceful South Africa. “A place where the only chance of putting a dent in high unemployment is to encourage those who create businesses to get back to work. I’m hopeful that we’ll be seeing some action from the very top.” I hope so, too.
A common vision To unite South Africa’s 57 million people in the sharing of a common vision for its future is going to be one of President Ramaphosa’s major tasks going forward. It’s going to mean doing things differently, not least of all continuing to address high-level corruption and fraud, and closely monitoring his new cabinet. It gives me hope that he’s committed to employing people with integrity and the ability to get the job done. I’m heartened that, in his inauguration speech, he said that the people he’s appointing need to realise that their performance, both individually and collectively, will be closely monitored against specific outcomes. And that action will be taken against those whose performance is unsatisfactory.
Collaboration For President Ramaphosa’s dream of a new dawn to become reality, he’s going to need
Statements made or opinions expressed in articles in Security Focus Africa do not necessarily reflect the official views of the Security Association of South Africa (SASA) nor those of any of the other security associations listed in Security Focus Africa. Similarly, advertising in this publication does not imply in any way endorsement or approval by these security associations of any products or services. It is the policy of the Security Association of South Africa that any office-bearer who has an executive position in a company, or companies, which supply security products or services should on no account allow his position to be used to promote his company or its objectives in the editorial content of Security Focus Africa, the official journal of the Association. If, at any time, an office-bearer’s position has been quoted in relation to his company or product, this does not imply the Association’s approval or involvement.
4
SECURITY FOCUS AFRICA JUNE 2019
the collaboration of his ministers. As in any business undertaking – and running a country is a business in its way – its success depends on the buy-in of its employees. Billionaire entrepreneur Richard Branson has built an empire on collaboration, saying: “The fundamental driver of Virgin’s success is, and will always be, people working together. To be successful in business, and in life, you need to connect and collaborate.” So believes Adam Neumann, co-founder of WeWork, an American company that provides shared workspaces and services for entrepreneurs. “People are the most important thing. [Your] business model and product will follow if you have the right people,” he says. Following the announcement of the country’s new cabinet, the FW de Klerk Foundation welcomed President Ramaphosa’s focus on appointing honest and efficient members “of the highest executive office in the land”. “As expected,” it said, “it is not a 100 per cent Ramaphosa first-choice cabinet, but those erstwhile supporters of his predecessor are few and far between.” Calling it a “good balance of experience and youth, with the most strategic ministries occupied by people closely aligned to the views and reformist direction of the President,” the Foundation said the appointments would instil confidence not only in the markets and investors but in the majority of ordinary South Africans. Michael Jordan said that talent wins games, but teamwork and intelligence win championships. Here’s hoping that our new leadership is on track to win South Africa’s most important championship.
Ingrid Olivier
Editor ingridolivier@idotwrite.co.za
securityfocusafrica.com
NEWS XXX IN BRIEF
News snippets from around the world Durban communities turn to high-tech number plate cameras to fight crime
At a cost of R35 000 per camera, the automatic number plate recognition (ANPR) system is not cheap, but a number of Durban suburbs have decided that stopping crime before it occurs is worth the price. Even areas which are new to the system, which is linked to the SAPS, have reported benefiting from its capabilities. Kevin Scheinberg, patrol captain of the New Germany Neighbourhood Watch, west of Durban, said installing the electronic security system had been in the pipeline since 2017. He added that, with the opening of Dumisani Makhaye Drive, they had noticed crime trends such as the road being used by criminals to make their getaway. Scheinberg said private security company LAD had offered to cover the monthly operational fees of about R1 100 if the community funded the project. The community had raised more than R75 000, which funded the installation of one camera last month and another this month. He said it was an expensive project but they had found it was worth the price. Vehicles flagged on the cameras as “suspicious” were stopped and had been found to have been involved in crimes like
hijackings, at which point the police would respond quickly. He said although they were tackling serious crimes, like hijackings and home invasions, petty crimes, such as the theft of gate batteries, were still prevalent in the area. Manors, Gillitts and Assagay were also investing in the system. (Source: IOL / Daily News)
Half a billion to fight crime in Tshwane
CCTV cameras will have big role in fighting Cape crime, says Community Safety MEC
A total of R524 million has been allocated to the Tshwane metro police department in a bid to combat crime. This budget will go towards combatting crime in general, preventing land invasions, the asset protection unit and attending to human resources needs, according to Tshwane Mayor Stevens Mokgalapa. (Source: Pretoria East Rekord)
Residents blame spike in crime on nearby hostel New Community Safety MEC Albert Fritz says he intends to rely heavily on CCTV cameras in the fight against crime across the province. In an interview shortly after he was appointed to the post in Premier Alan Winde’s cabinet, Mr Fritz said he would be prioritising service level agreements (SLAs) such as the one in place from a couple of years ago with GrandWest Casino. In that instance, the city entered into an SLA and acquired 17 cameras that were installed along Jakes Gerwel Drive. Mr Fritz said he was already monitoring the City of Cape Town’s plans to add up to 44 CCTV cameras as part of its “strategic surveillance network” by the end of June. Increased CCTV surveillance, combined with collaboration with communities affected by drug and alcohol abuse, would boost safety in both the rural and urban areas of the province. (Source IOL / Cape Argus)
Keeping Your Guard Up securityfocusafrica.com
Criminals living at the Nancefield Hostel in Soweto are terrorising people in surrounding areas, which has led to a spike in murder, robbery and home invasions. Hundreds of Klipspruit residents barricaded Elias Motsoaledi and Klipspruit Valley roads with burning tyres and rubble recently, demanding that police curb the increase in crime resulting from syndicates operating from the hostel. Residents further accused police of failing to make arrests because they were either scared of the criminals or were in cahoots with them. A leader at the hostel, who asked not to be named, confirmed accusations made by residents and said he
• Free trial for guard monitoring solutions. • SMSs, swop-outs & call-outs included. • 24-hour support centre. • Waterproof & tamper-proof. • Battery life up to 72 hours. • Online portal access included. • Live GPS tracking.
*Terms & conditions apply
Tel: 011 551 1687 Fax: 086 218 2928 info@activetrack.co.za Facebook: @activetrackSA www.activetrack.co.za
SECURITY FOCUS AFRICA JUNE 2019
5
NEWS IN BRIEF
had personally taken the matter up with the Moroka police station commander, who promised to look into the matter. “It’s true. Some hostel dwellers commit crimes in surrounding townships. They hijack people, break into their houses and commit murder. It’s known, but the police have not done anything even after we engaged with them,” said the leader. (Source: Sowetan Live)
Keyless car crime drives 20 per cent hike in UK motor theft claims in 1st quarter
The cost of UK motor theft claims paid by insurers in the first quarter rose by more 20 per cent from the same period last year, according to the Association of British Insurers (ABI). The ABI report revealed that the number of Q1 motor theft claims paid by insurers were at their highest for any quarter since 2012, with a payment made to a car crime victim every 8 minutes. Rising vehicle crime in the UK is being driven in part by keyless car crime, with hitech criminals being able to bypass keyless technology in as little as 20 seconds, said the ABI, quoting figures from the Master Locksmiths Association. Findings from the ABI’s latest quarterly motor insurance claims report show that insurers settled 16 000 claims for the theft of or from a vehicle, which was up from the 14 000 reported for the same period last year. The cost of theft payouts, at £108 million ($137 million), was up 22 per cent on the same period last year, and works out at over £1.2 million ($1.5 million) paid to policyholders every day. In the last four years the overall cost of motor theft claims has doubled. (Source: insurancejournal.com)
Brazil’s police ‘kill five people daily’ in brutal crackdown on crime in Rio
Shooting from helicopters, armoured personnel carriers or at close range, police
6
SECURITY FOCUS AFRICA JUNE 2019
officers in Rio de Janeiro gunned down 558 people during the first four months of the year – the highest number in this period since the state began keeping records more than two decades ago. This recent spike comes after years in which the federal and local authorities put in place policies that significantly diminished police killings. But as the country dove into a deep economic and political crisis in 2014, resources for security programmes dried up. Criminal gangs reclaimed lost territory in Rio, and violence across Brazil has exploded as more than 51 500 people were killed last year. Voters went to the polls in October and gave their support to candidates who promised to fight violence with violence by relaxing gun ownership rules and allowing police to fire on armed suspects. (Source: independent.co.uk)
bustling metropolis. As part of this unit, 80 Johannesburg Police Department (JMPD) officers will be on standby for crimes reported on a daily basis in the inner city. Mayor Herman Mashaba and Public Safety Acting Head of Department David Tembe welcomed the new integrated Intelligent Operation Centre (IOC) Reaction Unit. The unit will be monitoring the city’s CCTV cameras on a 24-hour basis. The cameras have license plate and face recognition technology capabilities. (Source: News24)
UK’s organised crime threat at record level, warns National Crime Agency
Brazil’s Supreme Court votes to make homophobia a crime
A majority in Brazil’s Supreme Court has voted to make homophobia and transphobia a crime, like racism, a decision coming amid fears the country’s far-right president will roll back LGBT social gains. Six of the Supreme Federal Tribunal’s 11 judges voted in favour of the measure. The five other judges voted in a court session on 5 June, but the result was not modified. Racism was declared a crime in Brazil in 1989 with prison sentences of up to five years. The court’s judges ruled that homophobia should be framed within the racism law until the country’s Congress approves legislation specifically dealing with LGBT discrimination. (Source: Aljazeera.com)
City of Joburg launches quick-reaction unit to combat crime in the CBD
The City of Johannesburg has launched a quick-reaction, anti-crime unit in the city’s CBD, with its officers going undercover in hotspots in a bid to clean up the
Britain risks losing the fight against organised crime unless police receive significant new resources to tackle the “chronic and corrosive” threat from such groups, the head of the National Crime Agency has warned. In a chilling assessment, the NCA’s director general Lynne Owens said the threat from organised crime groups was at unprecedented levels. “It is chronic and corrosive. The message needs to be heard by everyone. People should understand that serious and organised crime kills more of our citizens every year than terrorism, war and natural disasters combined.” In a rare political intervention, the head of an agency often described as Britain’s equivalent of the FBI reopened the debate on police funding, arguing that without significant investment the UK’s forces would fall further behind the criminals exploiting encrypted communications technology and dark web anonymity. “Against a backdrop of globalisation, extremism and technological advances, serious and organised crime is changing fast, and law enforcement needs significant new investment to help combat it,” said Ms Owens, ahead of the recent launch of the NCA’s annual strategic assessment into the impact of organised crime. Last year, Whitehall’s spending watchdog revealed that the jobs of 44 000 police officers and staff have been lost since 2010, when the coalition government came to power, and that the Home Office had failed to even forecast the possible impact. (Source: theguardian.com)
securityfocusafrica.com
NEWS IN BRIEF Crime Stoppers hotline results in 5000 arrests Australia wide in 2018
More than 5 000 Australian criminals were arrested and charged last year as a direct result of public tip-offs to Crime Stoppers, a report has revealed. The Crime Stoppers Australia Impact Report, released recently to mark 20 years of the hotline operating in all states, said that 5404 people were arrested in 2018 and hit with 15 580 charges from 319 861 reports made to the hotline and website. (Source: The West Australian / thewest.com.au)
Suspects held across Europe as crime gang smashed – Europol
The operation code-named ‘Icebreaker’ led to the recent arrest of a 48-yearold Lithuanian ringleader in Spain and 22 suspects in an operation across five countries that dismantled one of Europe’s top criminal groups behind drug trafficking and assassinations, according to Europol. The “highly professional and dangerous” gang was “involved in large-scale drug and cigarette trafficking, assassinations and money laundering” netting an estimated $760 million over the past two years, it said. (Source: ewn.co.za)
Attacks on tourists a major concern
Although it has shown a slight dip in the past year, crime in South Africa remains a serious problem, particularly in the fields of common assault, femicide and hijacking. Crime Statistics SA recorded a slight decrease in the total number of crimes between 2017 and 2018 – with 2 231 420 recorded against 2 204 292, dropping by 27 128. The targeting of high-profile foreign victims is raising concern that this could, in the long run, impact on the lucrative tourism industry, which accounts for a major part of the country’s gross domestic product. According to an annual review by the World Travel and Tourism Council released last month, travel and tourism in South Africa contributed 1.5 million jobs and R425.8 billion to the economy in 2018, representing 8.6 per cent of all economic activity in the country, and making South Africa the largest tourism economy in Africa. In 2017, tourism contributed R136.1 billion, about 2.9 per cent of the GDP. (Source: Sunday Independent)
South Africa has second most Android banking malware attacks as cybercrime increases
Android smartphones in South Africa are the second-most targeted for banking malware, as malicious software attacks in general saw double-digit increases in the
country, new research has revealed. South Africa saw malware attacks increase by 22 per cent year-on-year in the first quarter of this year, according to Kaspersky Lab, which held its annual Cyber Security Weekend in Cape Town. There are 13 842 cyberattacks per day in Africa’s most sophisticated economy, says Amin Hasbini, Kaspersky’s head of global research and analysis for in the Middle East, Turkey and Africa. That equates to just less than 577 attempted attacks every hour, or just over nine every second. Kaspersky said there was an 8 per cent increase in malware detections in the first quarter of the year over the previous year, while mobile malware increased at over 17 per cent, more than computer malware. Mobile banking fraud incidents have doubled in the January to August period from 2017 to 2018, according to the South African Banking Risk Information Centre’s (SABRIC) inaugural digital banking crime statistics report. (Source: Forbes.com)
Home Affairs official, 8 foreign nationals arrested for corruption and forgery
Eight foreign nationals aged between 24 and 36, and a 45-year-old Home Affairs department official from Nyanga in Cape Town were recently arrested at the department’s office in Atlantis on charges of forgery, fraud, and corruption. Cash to the value of R10 400, various Home Affairs documents including identity books, and 16 cellular telephones were also seized during the intelligence-driven undercover operation which was executed by members of the provincial commercial crime investigation unit and crime intelligence. (Source: iol.co.za)
A GUARD MONITORING SOLUTION FOR ANY APPLICATION * DB Projects and Agencies
sales@guardreports.co.za 011 888 4982 356 Pretoria Ave, Ferndale, Randburg
* All backed by on-site service
securityfocusafrica.com
SECURITY FOCUS AFRICA JUNE 2019
7
ASSOCIATION NEWS
The challenges facing the private security industry In his talk at Securex 2019, Chris Laubscher, national president of Security Association of South Africa (SASA) suggested that the National Bargaining Council for the Private Security Sector (NBCPSS) could be the “silver bullet” needed to eradicate or at least dramatically reduce non-compliance in the industry.
R
egistered in June 2018, the NBCPSS has since appointed a 24-member board, with 12 members from employers’ organisations, and 12 representing organised labour. SASA, being the largest employers organisation, was allocated 7 of the 12 seats held by organised employers. A ten member Executive Committee has also been established. The NBCPSS also employed an interim chief executive officer, Afzul Soobedaar, who assisted in getting the council registered and drafting the business plan. The process of employing a permanent chief executive officer is well underway. Once everything is in place, compliance levels in the private security industry are expected to improve drastically. Tony Botes, national administrator of SASA, then addressed some of the challenges facing the country’s private security industry. These include, in no particular order, the following:
10
SECURITY FOCUS AFRICA JUNE 2019
Independent contractors (or self-employed security officers) “Following the recent judgment in the Pretoria High Court in what has become known as the ‘Sivikela/van der Merwe’ matter, the practice of using independent contractors, also referred to as self-employed security officers, has diminished substantially, but is still in existence. Furthermore, the addition of clause 1(2)(b) in the 2015 publication of Sectoral Determination 6 finally deems such ‘disguised employment relationships’ as employees.”
Cooperatives “There are a number of security service providers who continue to abuse the letter and spirit of the laws governing cooperatives. The Registrar of Co-operatives of the DTI (Department of Trade and Industry) does not have an investigative or enforcement division and as such, has relied on the Department of Labour (DoL) to conduct an investigation into this practice and the abuses identified.
In brief, co-ops are registered and the members, all technically part-owners thereof, are ‘rented out’ as contract security officers. Not being employees, as per the Basic Conditions of Employment Act (BCEA) or Sectoral Determination 6 (SD6), there is no legislation in place to protect the levels of remuneration or employment benefits of such members. This has resulted in gross exploitation. Out of more than 10 co-operative schemes investigated by the DoL, only two were found to be operating in terms of the letter and spirit of the relevant legislation.”
Learnerships “With the demise of the use of independent contractors, a number of unscrupulous security service providers have now resorted to abusing Sectoral Determination 5 (SD5), which deals specifically with learners and provides only for a minimum stipend, far below the remuneration set out in SD6. These learners are, more often than not, deployed to perform security services
securityfocusafrica.com
ASSOCIATION NEWS
without the basic qualification required to perform the function of a security officer. Security officers who were previously independent contractors were terminated and, then technically being unemployed, immediately signed up as learners. “Some of these learnerships are also not registered with SASSETA as required. “In some instances, the employer even requires the learner to attend theoretical (classroom) training on his or her rest days, in most cases without being paid for same. Enquiries with a number of these learners have also revealed that they are also, while being paid only a stipend, expected to repay the training costs to the employer. “Many consumers are unaware of this abusive practice or simply do not care. “Many consumers only look at the savings on their security spend, without considering the fact that their physical security is being seriously compromised in the process. “Exploited security officers are, more often than not, hungry (as a result of being financially abused) and exhausted (because of working hours far in excess of statutory limits). As such, there is absolutely no way that they can render the security service that consumers demand and expect from their contracted service providers” says Mr Botes.
Insourcing vs outsourcing “The 2017 insourcing vs outsourcing protests at institutions for higher learning and many government institutions created unintended consequences and complexities in relation to compliance to the relevant legislation. “Insourcing consumers are unaware that they may not apply the conditions of Sectoral Determination 6 (SD6) for such insourced employees, as this applies only to employers and employees in the private security sector. “Such institutions are legally obliged to apply the conditions of the BCEA, and their employees are not entitled to the BCEA variations that have been incorporated into SD6 as a result of many years of intense negotiations. “The variations in the SD impacts on numerous aspects of employment of a security officer, including hours of work, shift patterns, overtime payment, rest days and periods, transport times, the number of officers required to fill a post, and many more aspects. “Other critical aspects to consider in the insourcing debate includes the replacement or rotation of officers, collusion between security officers and other employees of the employer if they are employed by the same
securityfocusafrica.com
“Once everything is in place, compliance levels in the private security industry are expected to improve drastically.” employer, lack of in house expertise and shared intelligence” says Mr Botes.
The Private Security Sector Provident Fund (PSSPF) “The PSSPF was established in early 2001, after six years of negotiations between organised employers and organised labour. The fund was included in the subsequent sectoral determination, making it a statutory requirement for every employer and every employee in the private security sector to participate. “This legislation obviously made provision for an employer to apply for and be granted an exemption from this legislated benefit, subject to certain criteria. Such exemptions are, for obvious reasons, renewable annually and are not transferable inter-company. Despite it being a statutory fund, the level of participation and compliance by participating employers is nothing short of a disgrace. “Non-compliance to the PSSPF enables the security company to tender at below normal rates, and it deprives the security officer of, amongst other things, death and disability cover, funeral and tombstone cover, and retirement benefits. “There are a number of non-compliance methods or issues, including: non-payment where an employer actually deducts the employees’ contributions (7.5 per cent of the basic salary) and wilfully fails to match the contribution and pay same over to the PSSPF; partial payment where an employer deducts the employees’ contributions but only submits schedules for a selected few, with corresponding payments or pays the money across to the fund belatedly when there is a claim. “Section 13A of the Pension Funds Act was amended in 2015, and all of the aforementioned offences have been criminalised. Transgressors (both the business and its directors, jointly and severally) now face fines of up to R10 million and/ or imprisonment of up to 10 years if found guilty. In addition, charges of theft and fraud can be brought against the company directors by their employees”, says Mr Botes.
Labour legislation changes “The implementation of the National Minimum Wage Act (NMWA), as well as
critical changes to the Labour Relations Act (LRA) and Basic Conditions of Employment Act (BCEA), effective as from 1 January 2019, has had a minimal effect on urban areas. There has, however, been a dramatic effect in the rural areas, where consumers are, in many instances, blatantly refusing to accept increases resulting from the NMWA. This has resulted in a great number of such rural security companies becoming noncompliant, simply to survive. “Some of these changes are that the CCMA has taken over a significantly large portion of the current duties and responsibilities of the DoL, which now only focuses on NMWA transgressions. This has also led to the CCMA being burdened with referrals relating to wage queries, which, in most cases, could have been resolved at company level. The CCMA now also has the right to impose a penalty of 100 per cent of the underpayment for a first offence and up to 200 per cent for a second or subsequent expense, including a cost award against the employer,” says Mr Botes.
Unregistered security service providers and security officers “We believe that there has been a significant increase in the number of unregistered security companies, some even owned by unregistered individuals, but these can only be tackled by PSIRA (Private Security Industry Regulatory Authority) when identified, more often than not by legally registered competitors. By operating under the radar of the authorities, it is almost a certainty that such companies are similarly not registered with Companies and Intellectual Property Commission (CIPC), South African Revenue Service (SARS), or the Industry Provident Fund,” says Mr Botes.
Low barriers to entry “We are of the opinion that it is far too easy for new entrants to the private security industry and hope and trust that the Regulator will hear our appeal to ensure that the management of newly-registered security businesses is fully aware of the legislation by which they must abide. SASA often receives enquiries from individuals who want to enter (or actually have entered) the industry, but have absolutely no idea of any of the requirements. “SASA has taken the initiative to introduce a Mentorship Programme to assist such newcomers as to the processes to follow and to provide guidance and training in all aspects of their businesses,” concludes Mr Botes.
SECURITY FOCUS AFRICA JUNE 2019
11
SPECIAL FEATURE: CLOUD SECURITY
CLOUD SHARING & STORAGE
Experts warn of growing security risks alongside benefits As take-up of cloud-based technology grows, so does the threat landscape. Security Focus Africa chats to cloud experts to investigate challenges faced by users and the industry. Verizon The growing trend to share and store information within cost-effective cloudbased solutions is exposing companies to additional security risks. That’s according to the 2019 Verizon Data Breach Investigations Report, the findings of which were based on its analyses of 41 686 security incidents and 2 013 confirmed breaches from 86 countries around the world. Citing increases in both the compromise of cloud-based email accounts through the use of stolen credentials, and publishing errors, the report says that misconfiguration was behind a number of “massive, cloudbased file storage breaches” which exposed at least 60 million records. “As businesses embrace new digital ways of working, many are unaware of the new security risks to which they may be exposed,” says Bryan Sartin, executive director of Security Professional Services at Verizon. “They really need access to cyber detection tools to gain access to a daily 12
SECURITY FOCUS AFRICA JUNE 2019
view of their security posture, supported with statistics on the latest cyber threats. Security needs to be seen as a flexible and smart strategic asset that constantly delivers to the businesses, and impacts the bottom line.”
Symantec Symantec’s 2019 Internet Security Threat Report also highlights the danger of rapid, unsecured cloud adoption. “From simple misconfiguration issues to vulnerabilities in hardware chips, in 2018 we saw the wide range of security challenges that the cloud presents,” it says. “Poorly-secured cloud databases continued to be a weak point for organisations. In 2018, S3 buckets emerged as an Achilles heel for organisations, with more than 70 million records stolen or leaked as a result of poor configuration. This was on the heels of a spate of ransomware attacks against open databases such as MongoDB in 2017, which saw
attackers wipe their contents and seek payment in order to restore them. Attackers didn’t stop there, also targeting container deployment systems such as Kubernetes, serverless applications and other publicly exposed API services. There’s a common theme across these incidents – poor configuration.” The report continues: “There are numerous tools widely available which allow potential attackers to identify misconfigured cloud resources on the internet. Unless organisations take action to properly secure their cloud resources, such as following the advice provided by Amazon for securing S3 buckets, they are leaving themselves open to attack.” “A more insidious threat to the cloud emerged in 2018 with the revelation of several vulnerabilities in hardware chips. Meltdown and Spectre exploit vulnerabilities in a process known as speculative execution. Successful exploitation provides access to memory
securityfocusafrica.com
SPECIAL FEATURE: CLOUD SECURITY
CLOUD COMPUTING: A BRIEF HISTORY It might seem to many of us that “the cloud” is brand-new technology, but according to US-based ECPI University, it goes all the way back to 1955.
T
he brainchild of John McCarthy, who also coined the term artificial intelligence or AI, it was intended to save money for small businesses who could not afford to buy their own mainframe computers. In its article titled “Cloud computing: A brief history” (link), ECPI says small business entities couldn’t afford to use computers, let alone buy them in those days. McCarthy’s computer time-sharing concept was therefore a boon to small entities, who finally had access to computing at a relatively reasonable cost. ECPI explains: “With time-sharing, several users could access a mainframe computer from connected stations that carried no processing power of their own. This type of shared computational power is the basic premise of the cloud.”
A giant step for cloud computing
Time (and technology) marches on
“As technology evolved,” says ECPI, “the idea of cloud computing moved ahead incrementally, with little major advancement until … the mid-1960s, when American computer scientist J.C.R. Licklider came up with an idea for an interconnected system of computers.” The precursor of the Internet, it was a digital computer-sharing network known as ARPANET (Advanced Research Projects Agency Network). Licklider also pictured a world where everyone would be connected, continues ECPI. Where everyone was able to access specific programmes and data regardless of where their computer was situated. “If this sounds familiar, that’s because it should be. It’s what is known today as “cloud computing!”
Cloud computing technology advanced rapidly from then. IBM released its VM (Virtual Machine) operating system in 1972, and in the 1990s, a number of telecommunications companies came up with their own virtualised private networks (VPNs), ECPI adds. “Once it started to spread, cloud computing caught on quickly and just kept growing. While there is some dispute about the term’s origin, cloud computing was already a vibrant and growing asset for companies, educational facilities and many others by 1996.”
Looking to the future Says ECPI: “Cloud computing is creating new opportunities, both for businesses and people interested in working in the field of computer sciences. Cloud computing allows businesses to have the flexibility and efficiency to meet new and growing demands. It provides the infrastructure, software and platforms necessary for success in today’s business landscape, no matter where they’re needed. However, as the presence of cloud computing becomes more widespread, the demand for professionals who can manage these networks properly is also becoming more pronounced.” Source: ECPI University https://www.ecpi. edu/blog/a-brief-history-of-cloud-computing
locations that are normally forbidden. This is particularly problematic for cloud services because while cloud instances have their own virtual processors, they share pools of memory – meaning that a successful attack on a single physical system could result in data being leaked from several cloud instances. Meltdown and Spectre weren’t isolated cases – several variants of these attacks were subsequently released into the public domain throughout the year. They were also followed up by similar chiplevel vulnerabilities such as Speculative Store Bypass and Foreshadow, or L1 Terminal Fault. This is likely just the start, as researchers and attackers home
securityfocusafrica.com
in on vulnerabilities at the chip level, and indicates that there are challenging times ahead for the cloud.”
Lastline “Every year, cybersecurity specialists predict that the next year will bring with it larger, more sophisticated attacks. And every year, they’re right,” writes Swarup Selvaraman, senior director of product management cloud at Lastline in his blog, adding that the dramatic growth of cloud computing comes at a cost. “Cloud computing continues to grow. By the end of this year, only a small fraction of core business utilities will remain on premises. Platform-as-a-service will be
the fastest growing subset of cloud-based infrastructure, and subscription-based software-as-a-service will continue to grow. By 2020, IaaS will reach $72.4 billion worldwide. This dramatic growth comes at a cost – and that cost is usually security.” Unfortunately, he continues, “cloudbased solutions are particularly vulnerable to phishing, social engineering and account takeover as they can be accessed from anywhere and falter when they are poorly secured. “Plus, regardless of where your data is stored – on premises or in the cloud – once an employee’s credentials have been compromised, so has the data. Cloud solutions that are not properly secured
SECURITY FOCUS AFRICA JUNE 2019
13
SPECIAL FEATURE: CLOUD SECURITY
will eventually be compromised as there are more cyberattackers (and more cyberattacks) each day.” To this end, he points out that in 2018 alone, the data of 50 million Facebook users was breached, as was the data of 150 million Under Armour users and 340 million Exactis records. “It has become commonplace to experience large-scale breaches of personally identifiable information as well as financial information,” he warns, adding that it’s not “these megalithic entities that are at risk”.
Secutel The pros of using cloud computing most certainly outweigh the cons, says Secutel Technologies, South African designer, developer and manufacturer of a range of smart technology products. Minimised costs, easy access from anywhere, data back-up, data centralisation, sharing capabilities, low-cost storage and quick testing are just a few of the pros. With cloud technology, there’s no need for clients to invest in hardware, or to update software or back-up data, it explains. It provides end-to-end, secure and encrypted data at all times using industrystandard encryption algorithms; it allows for quick disaster recovery; it enables increased collaboration and flexibility; and it’s environmentally friendly. Cons include possible network outages: use of the cloud makes a business dependent on the reliability of its internet connection. “When it is offline, you are offline!” Frequent outages, load shedding and slow speeds can also affect cloud functionality.
Gabsten Cloud platforms and services are part and parcel of digital transformation – essential for entities who want to remain relevant and future-proof their foundations, says Hemant Harie, managing director at Gabsten Technologies. “There is a general understanding that organisations ‘must’ migrate to the cloud. The reality is that every business is already using cloud services to some degree, and without a formal strategy they could land up facing unforeseen challenges. Without cloud services, business is all but impossible, so organisations need to get up to speed or risk losing their competitive edge.” Mr Harie says that one of the biggest challenges around the cloud is actually 14
SECURITY FOCUS AFRICA JUNE 2019
“Cloud platforms and services are part and parcel of digital transformation – essential for entities who want to remain relevant and future-proof their foundations.” Hemant Harie, managing director at Gabsten Technologies.
understanding everything that it entails. “There are various levels of cloud integration that many businesses are using unknowingly, and this lack of knowledge could prove detrimental. For example, Gmail and the Google suite of tools are cloud services, and they are extremely commonly used by many people. If your employees access their Gmail account at work, whether for email or any of Google’s productivity tools, then your organisation is using cloud services.” It’s a basic example, he says, but it demonstrates just how prevalent the cloud has become. “There are a number of cloud applications that are all too easy to obtain by anyone with a credit card. What often happens is that departments within an organisation do not go through formal procurement processes with IT and simply obtain services themselves. This might include accounting packages, marketing tools and more. “So, any enterprise might in fact have several cloud services in use in their business, but these are outside of the control of IT and do not form part of any formal backup or disaster recovery solution. This can cause compliance breaches, lost data and business downtime, to name a few challenges.” While it is impossible to entirely avoid the cloud, he continues, it’s critical for companies to implement plans to secure
and protect and be able to recover their data. “Data is the critical thread that ties this all together (so) all cloud solutions need to be part of an organisation’s overall digital / technology strategy. It also means that before moving anything into the cloud it is absolutely essential to assess the entire business environment. “The full implications, integrations and interactions must be understood before migrating anything into the cloud, and business requirements must be taken into account before any move is considered.” When done correctly, cloud migrations can deliver many benefits, says Mr Harie. “For example, for many businesses their mail server is mission critical. Maintaining the level of availability and redundancy necessary in-house is costly. “Migrating to a cloud-based mail server can ensure availability without the capital outlay and need for internal skills to maintain it. It provides the exact same service and functionality at a far more affordable monthly fee. “Conversely, if the organisation migrates components into the cloud and then wishes to remove this data, there may be hidden costs and processes involved, including egress fees to extract data and restore timelines which may jeopardise your restore time objectives.” But, he warns, “disruptive new entrants into the market, unburdened by legacy infrastructure and processes, have the advantage here and can easily steal market share from more established players. Without the cloud, businesses risk stagnation and dulling of their competitive edge. “However, getting it right is crucial. Organisations need to understand what systems they have in place, what data they own, what applications are being used, and how all of these integrate and interact, both from a technical as well as from a business perspective. “In addition, the organisation also needs to understand what to move to the cloud and what not to. Often, this means partnering with a specialist provider, who can help the company develop a roadmap to the cloud that works for the business.” In conclusion, Mr Haries says: “The cloud is everywhere, and all organisations are using it in some form whether they acknowledge it or not. If the organisation does not embrace digital transformation and leverage the benefits of the cloud, it will lose the ability to maintain or improve competitive advantage.”
securityfocusafrica.com
FOCUS ON CLOUD SECURITY
The major challenges around cloud computing and how to solve them Done correctly, cloud computing can save companies money and improve their IT efficiency. But, warns global computer security software company McAfee, there are some major challenges around the technology, which if ignored, could spell disaster.
I
n its article titled “Cloud 101: Navigating the Top 5 Cloud Management Challenges” (link), it lists five main threats along with suggestions on how to mitigate them.
as each have their own offerings and geographic distribution.”
5. Cost
1. Security According to the latest McAfee Cloud Risk and Adoption Report (link Cloud Risk and Adoption Report) the average company experiences more than 31 cloud-related security threats every month. That’s a 27.7 per cent increase year-on-year, says McAfee. “Broken down by category, these include insider threats (both accidental and malicious), privileged user threats, and threats arising from potentially compromised accounts.” Among its recommendations to counter these threats are auditing sites and services, and understanding where sensitive data is being stored. Then, continues McAfee, it’s time to implement or extend your data loss prevention policies (DLP). “Right along with controlling the data itself goes controlling who the data can go to, so lock down sharing where your sensitive data lives,” it urges.
2. Governance “Many companies deploy cloud systems without an adequate governance plan, which increases the risk of security breaches and inefficiency,” says McAfee. A lack of good data governance could result in serious financial losses while failing to protect sensitive data could lead to data breaches. “It’s therefore critical for companies to keep track of their cloud infrastructure, and to spend time on governance and infrastructure planning.
3. Proficiency The question often arises of whether companies should train IT employees to
securityfocusafrica.com
manage their cloud services or hire a new team familiar with cloud environments. “In the end,” says McAfee, training existing staff is less expensive, scalable and quicker. “Knowledge is key when transforming your business and shifting your operational model to the cloud. Accept the challenge and train your employees, give them handson time, and get them properly certified. For security professionals, the Cloud Security Alliance is a great place to start for training programs.”
4. Performance “Enterprises are continually looking for ways to improve their application performance, and internal/external SLAs (service level agreements”, avers McAfee. “However, even in the cloud, they may not immediately achieve these benefits.” Cloud performance is complex and performance issues could be the result of various issues. To find and fix the root causes of cloud performance issues, McAfee recommends first checking the infrastructure and the applications. “Examine the applications you ported over from on-premises data centres, and evaluate whether newer cloud technologies such as containers or serverless computing could replace some of your application components and improve performance. “Also, evaluate multiple cloud providers for your application or infrastructure needs,
“Shifting IT cost from on-premises to the cloud on its own is not the challenge,” explains McAfee, “It is the unmonitored sprawl of cloud resources that typically spikes cost for organisations. In general, migrating to the cloud offers companies enormous savings. We see organisations investing more dollars in the cloud to bring greater flexibility to their enterprise, allowing them to quickly and efficiently react to the changing market conditions.” The answer to managing cloud costs effectively is by monitoring use. Unsanctioned ‘shadow’ cloud use wastes company resources, says McAfee, so it’s important to audit cloud usage and also to look for new ways of containing expenses. These could include re-architecting workloads using a PaaS architecture, which may be more cost effective.
Final thoughts “Migrating to the cloud is a challenge but it can bring a wide range of benefits to your organisation with a reduction in costs, unlimited scalability, improved security and overall a faster business model,” McAfee says. “These days, everyone is in the cloud but that doesn’t mean your business’s success should be hindered by the common challenges of cloud management.” For more on how to secure your cloud environment, check out McAfee MVISION Cloud, a cloud access security broker (CASB) that protects data where it lives with a solution that was built natively in the cloud, for the cloud. Source: securingtomorrow.mcafee.com/ business/cloud-security/cloud-101navigating-the-top-5-cloud-managementchallenges/
SECURITY FOCUS AFRICA JUNE 2019
15
FOCUS ON CLOUD SECURITY
CLOUD CONTRACTS: Why companies need them With the increasingly widespread use of cloud services comes the increasing potential for conflict and misunderstanding. That’s why it’s essential for companies to include cloud contracts in their IT contracts, says John Giles, managing attorney at SA corporate law firm Michalsons.
N
ot only do cloud contracts regulate the relationship between user and service provider, he explains, but they also help to avoid disputes. “The law often, by default, places the responsibility on the user of cloud, and the user can only pass on those responsibilities contractually by including them in the contract. Cloud compliance needs to cover data protection requirements and these should be clearly set out in your cloud contract. Articles 28.3 to 28.9 of the General Data Protection Regulation are very important in this regard (so) the parties involved need clear, compliant contracts that outline the responsibilities of each of the parties in respect of data protection and cloud compliance.”
16
SECURITY FOCUS AFRICA JUNE 2019
Data protection law requires certain clauses in cloud contracts “Data protection laws classify people and organisations as operators and responsible parties, or data controllers and processors (in Europe),” says Mr Giles. “They have different titles in different countries but they perform the same functions. The responsible party or data controller determines the purpose and manner of processing of personal information. Operators or processors are organisations who process personal information for a responsible party under a contract or mandate. “So, cloud providers are usually operators. It is the responsible party that must ensure that the manner of processing is secure and
legally compliant by using cloud contracts. This a key step in cloud compliance. Essentially, the responsible party will enter into a contract with the cloud provider requiring them to process personal information at the standard required by the data protection law. “From a cloud provider perspective, they must only process personal information with the knowledge and authorisation of the responsible party. Additionally, the data subject can consent to have their personal information stored by the cloud provider.” The key elements of a cloud contract, he continues, need to include how quickly the service provider responds to and resolves problems; remedies for breaches; warranties and indemnities around cloud security for the company, and service provider liability.
securityfocusafrica.com
FOCUS ON CLOUD SECURITY
Consolidating your backup and recovery makes business sense By Mike Rees, Territory Account Manager for South Africa at Commvault
The majority of enterprises today are burdened with multiple backup and data protection solutions. These options often become complicated, hard to manage and expensive to maintain.
C
onsequently, such a disparate environment results in increased operational complexity, higher costs, the inability to recover data quickly, an increased risk of noncompliance and lack of flexibility. However, it also frequently creates a lack of visibility, which in turn hinders agility and business decision-making ability. A single, consolidated solution not only addresses all of these challenges, it also helps to future-proof backup and recovery against growing and changing business needs over time.
Backup and Recovery – an unexpected journey Nevertheless, there is not one organisation that begins their backup and recovery journey with the goal of implementing a cumbersome and complex solution that sprawls across multiple disparate point products. This scenario evolves over years, as the amount of data and the number of applications grows and data needs to be protected across a variety of locations. To put this in perspective, the typical journey began with traditional storage containing data that needed to be protected, and then when virtual solutions were added, additional data protection became necessary. As a result, new solutions were added. However, as capacity multiplied, the need to reduce storage costs arose and deduplication appliances were implemented. Then, as recovery requirements increased, hardware-based snapshots were added to decrease backup windows. The evolution of mobility required yet more solutions to protect laptops, mobile phones and tablets. With all of these advancements over the years’ organisations are now beginning to migrate data into the cloud, requiring different capabilities once again. In addition, replication, Disaster Recovery (DR) and requirements
securityfocusafrica.com
for multiple copies of data to be kept all resulted in additional point solutions being bolted on.
The battle of changing requirements In an attempt to respond to changing requirements, organisations deployed point solutions to address each use case across a combination of disk, tape and/or cloud storage. The result is a convoluted clutter of silos of data and independent products, each with their own interface, capabilities, copies of data, hardware, software and infrastructure. This makes recovery from a data loss event extremely challenging, and creates an unsustainable, complex and expensive data protection landscape.
The desolation of silos The answer is simple: consolidation. A unified solution that can handle all use cases with a single intuitive management interface and automated policies will drive improved efficiency, reduced complexity and lowered costs. A single tool will
improve service level agreements, reduce storage requirements and enable greater optimisation of storage tiers. It also offers greater flexibility for the business as it grows and changes, something that no collection of point products can enable. A single consolidated solution should bring together backup and recovery across storage hardware, different operating systems, endpoints, apps and databases, virtual machines, large files and big data, as well as the cloud. This will reduce the number of data protection and backup tools, minimising complexity while increasing efficiency. Reduced complexity also means reduced exposure to compliance and audit failures, which improves risk. In addition, improved recovery ability results in reduced unplanned downtime and better data availability. IT resources can be freed up to play a more strategic role and deliver greater IT innovation. Productivity is improved and organisational agility is enhanced. A consolidated approach to backup and recovery just makes sound business sense.
SECURITY FOCUS AFRICA JUNE 2019
17
PERSONALITY PROFILE
In conversation with…
Professor Sope Williams-Elegbe at the Faculty of Law at Stellenbosch University By Ingrid Olivier
Why law? In the third year of secondary school, we had to choose whether to focus on science or arts subjects. I chose art subjects with the idea of eventually studying law. My decision was mainly due to “subtle” pressure from my mother, who had just gone back to university to study law as a “mature” student! Before then, I was 100 per cent sure that I wanted to be a medical doctor! The challenges You always have to be conversant with the latest occurrences in the legal profession and in politics and international relations. You need a good knowledge of everything, to be honest – including geography, politics, international relations, history and economics. To deal with students (and colleagues), you also need to be skilled in psychology. You are constantly learning and constantly evolving.
The rewards Academia is a little bit more flexible than other professions, but you never stop working and work always follows you home. There is a lot of travel involved, which is a plus if you like to travel, as I do.
A typical work day I have not had a typical day yet! Most days are filled with a combination of preparing for and teaching classes, doing some research, marking if there has been a student assessment, managing my department (I am also the head of the Department of Mercantile Law), and peer reviewing journal papers or assessing LLM and PhDs/LLD’s from other universities. I also attend a variety of meetings, engage in conference calls with research partners, organise conferences and seminars and respond to numerous emails. Some days I
18
SECURITY FOCUS AFRICA JUNE 2019
do only one of these, on other days several. On 6 May, for example, I had two meetings, taught an LLM class, and then had dinner with colleagues and an overseas visitor before finishing marking undergraduate student essays. The next day I spent at a procurement law seminar hosted by the African Procurement Law Unit, of which I am the deputy director, so you can see that no two days are ever the same!
Her stance against corruption Growing up in Lagos with parents who worked in the civil service, we constantly heard about corruption in Nigeria. In 2005/2006 when I was about to undertake my PhD studies in public procurement, I felt compelled to examine this phenomenon that held (and still holds) Nigeria in its grip. I was looking for legal solutions to the problem of corruption in public procurement. I am still looking!
Is there a solution to corruption? There are no legal solutions. Laws are only as good as their implementation, and implementation succeeds as a result of a commitment to nation building. In many African countries, the commitment of the majority is to individual wealth creation. The lack of focus on the future and on the country as a whole means that the majority
don’t live in a way that will guarantee the good of the collective. Once we take our eyes off the collective good as individuals, then laws and systems are doomed to fail.
The places you’ve been and the interesting people you’ve met along the way I have lived and worked in four countries to date: the University of Stirling in Scotland, in England at the University of Nottingham, in Nigeria at the University of Lagos and now in South Africa at Stellenbosch University. I have also travelled to several other countries for work, mainly to attend and speak at conferences or for consulting purposes – Ethiopia, Kenya, Tanzania, Ghana, Cote d’Ivoire, Gambia, Egypt, India, China, USA, Canada, Germany, France, Netherlands, UAE, Mexico, Switzerland, Austria, Ireland, Jamaica, Maldives, Spain, Cayman Islands, Trinidad and Tobago. I have met so many people, some of whom left a deep impression on me. The first is Professor Thuli Madonsela. I met her in 2011 when I was at Stellenbosch as a visiting scholar from Nigeria. She was invited to speak at an event where I was struck by her dedication and authenticity. I later got to know her properly when she joined Stellenbosch in 2018, and her private and public personas are the same.
securityfocusafrica.com
PERSONALITY PROFILE
Another person who made an impression on me is Ms Marie Francoise Marie-Nelly, who was once the country director of the World Bank in Nigeria. She is so powerful and yet so gentle and soft-spoken that you really see what it means to lead as a woman. Two of my colleagues, Prof Geo Quinot (Stellenbosch University) and Prof Chris Yukins (George Washington University), have become close friends over the years. They taught me what it means to support others. And I have met two former presidents of Nigeria, although I would not exactly call them interesting!
Stand-out experiences One was swimming with stingrays in the Cayman Islands; another was whale watching in Hermanus.
Hopes and dreams I hope to live long enough to see
my grandchildren, and I hope the world takes decisive action to stem climate change.
South Africa South Africa is the best place in the world, as far as I am concerned. I believe that SA will succeed, if we can only get leaders who love South Africa and South Africans. I think that with the current leadership, the recent ugliness of state capture and corruption can be addressed to a significant extent and we can continue with nation building and poverty eradication.
Family I am married with two daughters, aged nine and almost seven.
Bucket list Only travel destinations! Over the next few years I plan to visit new places such as Israel and Mauritius, and then I’ll see what other countries tickle my fancy.
In terms of achievement, my energies are being directed at grooming the next generation of South African public procurement scholars.
Leisure time With two young children I don’t have much leisure time! When I’m not at work, I am playing with my kids, exploring places with them, sleeping, eating, praying or reading.
Books on her bedside table Dare to Lead by Brene Brown, Becoming a Water Walker by Andrew Wommack and the Bible.
Mentors My mother Kemi Williams, my older sister Seyi Oshikanlu and and my friend Rosemary Okogu.
And what’s unforgivable for you? Hurting (abusing/molesting) children.
SECUREX SOUTH AFRICA REPORT BACK
A resounding success for first ‘three shows under one roof
The co-location of Securex South Africa and A-OSH EXPO with Facilities Management Expo for the first time ever in 2019 has proven to be a winning combination, with over 10 000 visitors coming through the doors to visit all three shows, held at Gallagher Convention Centre in Johannesburg from 14 to 16 May.
T
his is according to Specialised Portfolio Director, Sven Smit, who clarified, “Securex South Africa already had a nine-year history of being co-located, since the inception of A-OSH EXPO in fact, but the addition of the Facilities Management Expo was a first this year.” “Specialised Exhibitions Montgomery acquired Facilities Management Expo, which brings together all aspects of facilities management into one central place, in late 2018, and the combination of the three shows gives a 360° view of the safety, security and built environments, helping to showcase tomorrow’s solutions for today.” Smit says the value of expos lies in the tremendous ease of communication that face-to-face marketing and presentations can bring, for both exhibitors and delegates alike, explaining: “As an exhibitor, it is a fabulous way to engage with your target
20
SECURITY FOCUS AFRICA JUNE 2019
market and your potential audience, while as a visitor, it is an excellent opportunity to compare different industry options, bone up on the latest trends, and also to engage with peers and industry experts alike. “Statistics have shown that 92 per cent of trade show attendees want more information on new products and services, and that 77 per cent of executive decision makers find at least one new supplier at an expo. Furthermore, 91 per cent of attendees say that being at a trade show definitively impacts on their buying decisions. “We feel that being able to showcase this holistic view facilitated by the three expos all together is a tremendous value-add.” Some of the visitors also noted the inherent sense and convenience of having the three shows situated all together under one roof, with one visitor commenting, “I visited Securex as well as the Facilities Management Expo, which is nice to have
as an additional show – I feel that it gives a continuation of your safety and building management, and it is nice to see the dots connected.” Another visitor added, “We were specifically interested in Securex, but we have also found really good information through the A-OSH and Facilities Management expos as well. It has definitely been a holistic experience for us to have access to all three shows; it’s been very educational.” “Securex South Africa will be hosting its 27th show in 2020, while A-OSH EXPO will turn 10, and we anticipate real growth with our brand new Facilities Management Expo addition. We are truly excited about our 2020 vision across all three shows next year and look forward to showing the industry the tremendous business and personal educational value that is available through these trade shows,” concludes Smit.
securityfocusafrica.com
SECUREX SOUTH AFRICA REPORT BACK
Seen at Securex South Africa 2019
SASA: Tony Botes.
Bova: Peter Gerbrands.
Hikvision: Alan Liu and Andrew Mu.
Clearvu: Devyn Lottering with Petro Goosen.
Dahua: Johannes Schlechter, Lea Li-Yingzhu and Root.
Suprema: Tracy Bruce and Irene Amenya.
Suprema: Tracy Bruce, Walter Rautenbach and Unda Gueman.
Progroup: Darren Cox with Golden Dlamini and Angelique Roos.
Idemia: Michaela Williams and Eric Kayumba.
Paxton: Mark Kidd Anderson with Willem Scholtz and Kobus Scholtz.
Optex: Barry Clarke and Jacques David Parsons.
PSiRA: Dikeledi Nkosi, Lindiwe Phakoe, Kendricks Nthodi and Doctor Mowi.
Dahua: Marius du Preez with clients Stephanus Petrus Howell and Heiko HansPeter Jürgen Stark.
PSiRA: Bonang Kleinbooi with Lavhe Neliwa Mondo and Edwin Mponwana.
PSiRA: Siziwe Zuma, Oupa Mamabolo, Mmatlou Sebagodi, Manadela Chauke and Johannes Maduna.
securityfocusafrica.com
SECURITY FOCUS AFRICA JUNE 2019
21
SECUREX SOUTH AFRICA REPORT BACK
22
Clearvu: Thiveshen Padayachee and Martin Ferreira.
Alcosafe: Rhys Evans with Ferdie Steyn and Nicolai van Zyl.
UNISA: Abel Mahambane, David Tinyiku Ngoveni and Professor Doraval Govender.
Graphic Image Technologies: Laurence Smith.
Neptun: Ryan Rafferty and Nimrod Donga.
Seagate: Yvelde Wilkins, Gavin Martin and Sonia Mayor.
Imperial Armour: Junade Dawood, Kiarren Cornelius, Louisa Garland and Denzel Varden.
Fidelity Services Group: Malcolm Stephens with Ruth Brouwer and Greer De Wet Van Breda.
ESSH: Buks van Heerden with Chanel Groenewald, Samantha Vermaak and Cynthia Tsomele.
Active Track: Denzel Udraj, John McTough, Zanté Naudé and Stephen Boulton.
Longse: Corlia de Swart and Andrew Templeton
Secutel Technologies: Pieter Maree and Yolanda Els.
Iris AI: Stephen Boulton.
Turnstar’s stand.
Fidelity Services Group.
SECURITY FOCUS AFRICA JUNE 2019
securityfocusafrica.com
EXHIBITION NEWS
IDIS to focus on video surveillance cybersecurity at IFSEC 2019
Network security and the threat of cyber-loopholes should be a top priority for video surveillance users, IDIS will tell visitors at IFSEC International.
L
aunching a cybersecurity advisory video ahead of the show, the IDIS team will also be on hand to demonstrate and explain how IDIS technology goes a step further to strengthen the resilience of traditional surveillance network processes. Korea’s largest surveillance manufacturer will be highlighting the dangers of cyberattacks and the common vulnerabilities found in many surveillance set ups – and showcasing a full range counter-measures – at the London’s ExCel event on 18-20 June, stand IF1110. Users should plan for three specific risks, says the company: data access loopholes, data transmission weaknesses, and the integrity of recorded footage. “IDIS has consistently led the way in addressing cybersecurity concerns, taking a multi-pronged approach from
securityfocusafrica.com
R&D through to customer installation,” said James Min, managing director, IDIS Europe. “We have developing a rich, layered and comprehensive set of technologies and features to ensure maximum protection for end users.” Visitors will see how IDIS DirectIP®, the cornerstone of the IDIS Total Solution, closes up widespread vulnerabilities and serves as a proprietary mutual authentication system for all IDIS IP products. DirectIP speeds up implementations and streamlines cybersecurity by eliminating the need for engineers to manage multiple IP addresses and associated passwords during implementation. It therefore mitigates against human error and the common malpractice of saving passwords in vulnerable spreadsheets. Using peer-to-peer technology, IDIS’s For Every Network (FEN) technology also lets engineers deploy and configure secure,
multi-site surveillance solutions that utilise centralised monitoring and control without in-depth knowledge of routing or networking. IDIS will also highlight the cybersecurity essentials for transmission and recording, together with its own patented and proprietary technologies which prevent activities such as snooping, modification and destruction of data. In addition, visitors to stand IF1110 will learn how IDIS ensures the integrity of video recording, with its advanced Chained Fingerprint technology authenticating footage so that it can be submitted to the police and courts as evidence. “Combined with these technologies, our industry-leading training programs are helping installers and integration partners work knowledgeably with devices and networks to ensure maximum cybersecurity for our users,” added Mr Min.
SECURITY FOCUS AFRICA JUNE 2019
23
EXHIBITION NEWS
Securex West Africa report:
The most important show in the region This year, the Landmark Centre in Lagos, Nigeria hosted the ninth edition of Securex West Africa from 16 – 17 April. Over two bustling days of business, more than 2 300 professionals from across the security, fire and safety industries crossed the threshold to witness key technology advancements, market trends, and do business.
A
mong the dignitaries to open the exhibition and conference this year was ACP Gbolahan Odugbemi, Assistant Commissioner of Police for Lagos State representing the Commissioner of Police, Major General J I Unuigbe, representing the Chief of Army Staff for the Nigerian Army and John Bray, Consulate General for the US Government in Nigeria. Each esteemed keynote speaker addressed the vital importance of sharing information and cutting-edge technology within the security, fire and safety industry to further progress opportunities in the region, especially in transformative times globally. They praised Securex West Africa 2019 as an excellent opportunity to achieve these goals and bring together the West African security industry. With over 761 m2 of technology, equipment and services on display from more than 100 leading brands, attendees at this year’s Securex West Africa were privy to cutting-edge solutions across varying subsectors within commercial, cyber, perimeter and homeland security in addition to fire and safety. A truly international exhibition, this year the show attracted industry professionals
24
SECURITY FOCUS AFRICA JUNE 2019
from 21 countries including Benin, Ghana, Nigeria, South Africa and the United Arab Emirates. An overall increase in visitor numbers of 56 per cent since 2016 demonstrates that Securex West Africa is growing from strength to strength. George Pearson, regional director at Afrocet Montgomery, the organisers behind Securex West Africa had this to say on this year’s edition; “In reality we’re all living in relatively uncertain times from a security perspective, whether we’re discussing political turbulence, cyberattacks or terror threats, our exhibition growth year on year, both in visitor figures and show size is indicative of why shows like Securex are so important to progress our understanding of how to protect against and prevent security and safety breaches.” This year, visitors came in their thousands to the exhibition from varying sectors, the top five of which were systems installers, information telecommunications, engineering, safety & security consultancies and oil and gas. Mr Adewale Muriziq Salisu, a security and safety consultant from Fourthman Security Services, gave the following testimonial about this year’s event: "Securex West Africa
is one of the best security conferences and exhibitions in West Africa – if not the best. It involves all aspects of security, safety, cyber and fire protection which all organisations and individuals can use. "Securex brings the best in security and safety exhibitions and conferences, and if you miss it, you miss a lot." Alongside the exhibition each year, organisers put together a compelling selection of daily conference sessions for both exhibitors and visitors to attend. Hosted by esteemed industry experts, these carefully put-together sessions are designed to inspire and inform industry members. This year, 70 per cent of visitors attended at least one of these sessions. On the first day, the most popular session was a panel discussion centred around
2019 VISITORS 28% commercial security 33% information security 14% fire & safety 11% homeland security 13% perimeter security
securityfocusafrica.com
EXHIBITION NEWS
“For my region, it is the most important show. We want to present our manufacturers with a platform where they can come and see that Nigeria is a place where we can make money. We’ve had many good leads and we’ll be here next year!” Edward Van Trotsenburg, managing director, AFRISEC.
"21st Century Security Strategies and Solutions", and included representatives from SBM Intelligence, Suncast Security, Airtel Networks, Beacon Consulting and Academy Halogen in addition to the Former Police Chief in Nigeria and Special Adviser to the Lagos State Governor on overseas affairs and investments. Meanwhile, Day 2 of the Securex conference shifted its focus onto fire and safety technical sessions. Delegates at these sessions had the opportunity to hear from expert representatives from key fire and safety brands including Bristol Fire Engineering, Mobiak S.A., Surveillant Fire, Afrisec, Afritech Solutions and Hancock Security Nigeria. Topics discussed included the importance in choice of firefighting equipment, product showcases, tall building fire and safety management, safe cities and OEM demonstrations.
securityfocusafrica.com
West African Cyber Security Conference The second day of Securex West Africa also gave way to the co-located cyber-focused security conference, West African Cyber Security Conference (WACSS). An invitation-only event organised in conjunction with KPMG and sponsored by the Nigerian Communications Commission, this year WACSS welcomed 129 esteemed cybersecurity delegates. Now in its third edition, WACSS has grown to be recognised in the region as the leading high-level cyber-focused security conference and attracts a great deal of senior industry stakeholders.
Outstanding Security Performance Awards 2019 For the second year running, Securex West Africa hosted the OSPAs (Outstanding Security Performance Awards 2019). This year, the event took on a new format in the shape of a Gala evening of dinner, drinks, award-giving and valuable networking amongst the finest performing business and professionals in the Nigerian Security industry.
Post-show survey In a post-show survey for Securex West Africa, 98 per cent of visitors achieved all or most of their business objectives in attending Securex West Africa.
Bookings for stands at Securex West Africa 2020 are now open. To reserve your stand at West Africa’s No.1 Security, Fire and Safety industry Exhibition, contact the Sales Manager, Ben Dale at Ben.Dale@montex.co.uk or on +44 (0)20 7886 3048.
Furthermore 84 per cent of visitors have purchasing power within their business, contributing to a collective visitor spending budget for security, fire and safety solutions totalling more than US$150 million. These results, coupled with overall exceptional feedback from exhibitors, further emphasises the quantity and quality of business opportunities available to both local and international businesses in West Africa.
“It’s been really good, with the sales we’ve made we can justify the business case to be here next year! Looking at everything, I’ve made personal connections with my competitors and the brand awareness has been great for us.” Bukky Bademosi, Business Development Manager, Pilgrims Africa Ltd.
SECURITY FOCUS AFRICA JUNE 2019
25
TECHNOLOGY UPDATE
From hype to viable assistance system Video technology and artificial intelligence Dallmeier has published four practical statements about video technology and Artificial Intelligence.
H
ardly any other topic is creating as much excitement as Artificial Intelligence (AI) at the moment. High expectations and extravagant promises abound, particularly in the field of video security technology. Here, ideas about what it can do range from detecting unusual behaviours such as attacks on individuals to recognising individual faces even in large crowds of people to automatic detection of the proverbial ‘bomb in a suitcase’. The Regensburg-based company Dallmeier has been working on and with AI technologies for years, and has now published four practical statements
26
SECURITY FOCUS AFRICA JUNE 2019
intended to help customers and providers to make a realistic assessment of AI.
1. When considering combined AI and video technology solutions, much more than just technology needs to be considered At the beginning of a hype cycle, when innovations are being introduced, people often ignore the fact that new technologies always require public debate and changes to very real framework conditions before they can be implemented wholesale. The still unresolved problem in autonomous driving – when it comes to accidents
where the car has to make potentially fatal decisions – has become an almost classic example.
There are similar unresolved questions when AI is used in video security technology: • How much freedom to decide should a system be given? • What quality criteria will be established for detecting objects, for example? • Who is to be held accountable when an attack is not detected, for example, even though the expectation may possibly exist already among the people? • What reaction times will be defined, by
securityfocusafrica.com
TECHNOLOGY UPDATE
when must response teams reach the site in the event of an "AI alarm"? • Are there even enough personnel available for the potential new intervention and search options? • How are the many "false positives" to be handled when facial recognition is used to find a suspect, for example?
2. AI and video technology only function in a "technologically holistic approach" Technical systems are becoming more and more complex. This is why it is essential to evaluate all of the parameters that affect the performance of a whole solution. The IT axiom "garbage in, garbage out" is most apposite in this context. Neural networks for classifying objects or processes or good facial recognition software can only deliver results that are consistent with the quality of the video image they receive: AI-based video analysis systems can only be as good as the camera systems that capture the images for them. In this context, it will be particularly important to be able to define and plan minimum picture qualities properly in all parts of the video image, plan camera angles correctly, and consider many other details. And the person behind the system must also be included in the overall consideration with regard to qualification and organisational questions.
The key point in all of these systems: Today and probably for a long time to come a human is still at the centre – the operator, the policeman, the forensic specialist. And it is for these functions that AI in video technology now already delivers useful assistance systems. In short: Unless all factors are tuned to work together, it will not be possible to ensure compliance with standards – which, by the way, have not even been defined yet.
3. There are indeed viable solutions which perform good service as “assistance systems” With all due caution: It goes without saying that Artificial Intelligence will play a decisive role in video technology – or may even become a core component of the discipline. Initial deployment scenarios and functioning solutions already exist, whether it be in the optimisation and analysis of analogue processes, e.g., at a casino gaming table, in the improved classification of objects for perimeter protection, or in the assisted tracking of individuals in the context of urban surveillance. The key point in all of these systems: Today and probably for a long time to come a human is still at the centre – the operator, the policeman, the forensic specialist. And it is for these functions that AI in video technology now already delivers useful assistance systems.
They are being improved rapidly and take over tedious, error-prone tasks. But contrary to all the advertising features on YouTube, automatic location of a planted "suitcase bomb" in complex circumstances is still well beyond current technological capabilities.
4. The market must learn to distinguish between functioning solutions and research projects Every technical innovation is predestined to contend with ambiguous definitions, exaggerated expectations and variable interpretations of its capabilities: No one "really knows", but everyone involved has an opinion. This is why it is important to examine and question closely which functions are marketready and implementable – even if a little tweaking is needed – and what is still purely in the realm of research? Particularly with a view to strategic decisions and investments, prospective users should always begin by asking themselves whether a given result can be expected in twelve months, five years, or ever. Otherwise, they run the risk of losing sight of obvious solutions to pressing problems.
Is your camera phoning home?
securityfocusafrica.com
SECURITY FOCUS AFRICA JUNE 2019
27
ON THE MARKET
Dallmeier’s “casino operating system” SeMSy® and Casino Automation Technology At G2E Asia 2019, which took place from 21 to 23 May 2019 in Macau, visitors to Dallmeier’s trade fair stand showed great interest in two solutions in particular: SeMSy®, the new “casino operating system”, a modular platform which simplifies processes and collaboration for a whole range of casino functions.
T
he second area with a lot of interest was Dallmeier’s Casino Automation Technology (CAT) which provides real-time information for table games such as Baccarat and Blackjack, helping gaming departments to become much more profitable.
“A single pane of glass”: analytics, data, interfaces and video An essential aspect of the new SeMSy® “casino operating system” is that it functions as on open platform for integration, presentation and processing of many different data sources and interfaces. From video and surveillance to regulations reporting to marketing data and many more. Different user groups can select from a wide range of applications that
help casinos maximise efficiency for a multitude of workflows and collaboration between various departments. For example, casino surveillance operators can manage their entire video surveillance system, but furthermore quickly create a “digital incident file” that includes corresponding video, notes, reports and further information. Internal and external compliance requirements, such as those of casino regulation authorities, are easily fulfilled with advanced, unified reporting capabilities that make the creation of reports a breeze. Many other functional modules and interfaces to third party systems can be integrated.
Dallmeier “SeMSy®” provides a true “casino operating system” allowing casino operators to create a customised suite of functionalities from a wide range of modules for various casino applications.
28
SECURITY FOCUS AFRICA JUNE 2019
The Dallmeier casino team presented their portfolio of “Smart Casino Solutions” at G2E Asia 2019.
Crucial for modern casinos: integration of table game management Gaming management will find a wealth of solutions within Dallmeier’s “Casino Automation Technology” (CAT) suite to manage and track table games. The suite is the first in-operation gaming automation and runs as an application in SeMSy®. It uses standard IP cameras and elements of AI to recognise chips and cards with very high accuracy. So, CAT can provide real-time information about bet position and value, game pace, float value and many more. The benefits are a highly increased game pace, an accurate player rating and a much more effective protection from fraud. Konrad Hechtbauer, managing director of Dallmeier International, states: “Visitors to our booth were particularly pleased with our open and collaborative platform approach: Thanks to SeMSy®, casino operators see the opportunity to save a lot of time and money by simplifying a variety of workflows for their employees as they do not have to switch back and forth between different systems. “In addition, our Casino Automation Technology suite is perfectly integrated, allowing gaming departments to manage their table games much more profitably.”
securityfocusafrica.com
ON THE MARKET
Proxyclick’s Visitor Management System optimises connections Proxyclick optimises connections (millions of connections) people are making every day in the corporate world, from business meetings to conferences. Streamline your visitors’ journey and your reception area with an automated VMS. And get rid of the ridiculous paper trail, from sign-in to sign-out Proxyclick’s web-based software allows you to do just that.
P
roxyclick’s VMS goes above and beyond updating the visitor’s experience and providing secure check-ins. Proxyclick’s VMS puts people at the centre of what it is they do best; humanise and personalise each tool available to make your visitors’ experience pleasant, easy to use and, most importantly, non-invasive. Proxyclick has designed customisable and intuitive web-based software to manage visitors to your organisation – from invitation to sign-out. Using Proxyclick’s VMS will help you create a great first impression, connect with confidence, build richer professional relationships and have better, more productive meetings.
Some key features • Your data is safe with the Proxyclick’s VMS. It does a daily back-up procedure, across multiple servers for you to keep. You can
securityfocusafrica.com
have access to it even if your hardware is faulty. You can, at any time, retrieve all your data. • The API and webhooks created will allow you to integrate the Proxyclick VMS to your access control system, your DRM and any other software you may use. You will always have the latest version, continually updated with new features to meet your needs. • Your visitors’ name will be displayed on the screen as they check-in. This will make your visitors feel truly welcome. Their photo can be taken directly with the iPad at the check-in kiosk and printed on their visitors’ badge – with all their details being saved in your address book. The next time they visit you, they are already captured in the system. This also allows for the host to easily recognise his visitors. • Safety and confidentiality are taken into account with the Proxyclick VMS
– have your NDA or Health and Safety instructions signed at check-in. All signed documents are saved directly on Proxyclick and OneDrive. • Available in more than 18 languages, and with multi-location support, Proxyclick can greet your visitors wherever they are in the world.
SECURITY FOCUS AFRICA JUNE 2019
29
ON THE MARKET
Central security management platform for key management Delivering another high-value benefit to users, the Maxxess eFusion security management platform now integrates off-the-shelf and seamlessly with the widely used range of deister electronic key management systems.
W
ith this latest off-theshelf integration eFusion users can now manage all their keys from their centralised security management platform, reducing the risk of security breaches and streamlining their day-to-day operations. Modular and scalable, the deister electronic systems encompass a range of cabinets which can store anything from 8 keys to thousands. They can be used stand-alone or as part of a global corporate solution, in applications ranging from hotels and leisure settings to retail and upscale residential developments. “Knowing who has a particular key at any given moment significantly reduces the risk of losses and criminal activity,” says Lee Copland, managing director, Maxxess EMEA. “The deister electronic systems make
30
SECURITY FOCUS AFRICA JUNE 2019
that task much simpler. And with real-time reports logging all system usage, users can be held accountable for any misuse, theft of loss of keys – better protecting buildings and assets.” The integration with deister electronic systems is just the latest example of how the eFusion platform gives users the freedom to integrate, customise and adapt their security systems to meet both current needs and emerging risks. eFusion’s open technology software supports more than 60 off-the-shelf integrations from leading vendors, providing complete freedom to customise solutions combining surveillance, access control, fire and intruder systems with back-office processes.
Crucially, integration with Maxxess eFusion also reduces complexity for installers and their customers and offers unlimited future scalability at affordable price points. “Off-the-shelf integration between our key management systems and eFusion will deliver major benefits to our customers,” says Darren Harrold, Head of UK Operations at deister electronics. “This means they can now link their essential systems together – including their surveillance, intruder, access and fire detection systems – making a wide range of premises easier to manage and more secure.” Visitors to IFSEC International can see Maxxess eFusion and deister key management in action, where both companies will be exhibiting on stand IF2120 and IF410 respectively from 18th to 20 June at London’s ExCel.
securityfocusafrica.com
ON THE MARKET
White Label Alliance to define an
open standard for payment
Considering global market demand for independent and standardised payment solutions, G+D Mobile Security and IDEMIA announce their intention to create the White Label Alliance (WLA) to provide a new security solution for next generation payment applications.
T
he solution will be based on White Label EMV specifications and will enable ready-to-deploy solutions for domestic payment schemes and closed-loop worldwide. The new alliance is a response to the growing global demand for new, next-generation independent payment solutions. By providing global open standards that are governed by an independent body, the WLA ensures that commercial solutions can be built on these specifications enabling innovative and competitive offerings. The WLA aims to enable ready-to-deploy solutions for domestic payment schemes and closedloop worldwide. The aim of the WLA cooperation is to design and maintain an open, comprehensive and standardised
securityfocusafrica.com
framework to meet the requirements of open and closed payment systems. Based on the EMV standard, the WLA solution ensures scalability for all technologies: for cards, terminals and mobile devices. Therefore the WLA is strongly committed to open standards to ensure additional value for the payment ecosystem. For these reasons, the WLA initiative encourages an ecosystem that enables innovations and competitive offerings based on a worldwide standard. As the owner of the specifications, the WLA will work on future-proof evolution of the solution being in line with demands of the members. In order to expand the network and to grow accessible payment schemes, the WLA invites all interested payment stakeholders to join.
“
The close cooperation of companies such as G+D Mobile Security and IDEMIA within the framework of the new alliance demonstrates the effort to define new open payment specifications that ultimately benefit all end-users. We are also planning to gain more members for the new alliance later this year in order to put our plans on an even broader footing.” – Gabriele Bugat, head of financial services solutions at G+D Mobile Security.
“
Supporting open standards and delivering interoperable solutions has always been a key concern for our company. That is why we are very pleased to be part of this initiative. Based on our extensive experience in the development of EMV technology, we want to play a key role in creating an open alliance which will allow domestic payment networks, transport operators and closed loop retailers to deploy a truly independent solution based on proven technology, with a fast time to market.” – Amanda Gourbault, executive vice president for financial institutions activities at IDEMIA.
SECURITY FOCUS AFRICA JUNE 2019
31
ON THE MARKET
Hikvision launches AcuSense network cameras Hikvision, the world’s leading supplier of innovative security products and solutions, has introduced new AcuSense network camera series to its EasyIP 4.0 security solutions. Featuring a strobe light and an audio alarm, the new cameras can immediately deter intruders from entering a prohibited site, further enhancing the safety of premises and property.
At the core: faster, more accurate intrusion detection Importantly, Hikvision AcuSense network cameras build on the same cutting-edge intrusion detection functionality found within the existing Hikvision EasyIP 4.0 security solutions. When a potential threat is detected by the camera, it uses its intelligent false alarm reduction technology to disregard irrelevant movements, such as rain, leaves and animals. Instead, the camera focuses on human or vehicle movement, dramatically reducing the number of false alarms for faster, more accurate intrusion detection.
An enhanced deterrent: strobe lighting and alarm Once a potential intruder has been accurately detected, the AcuSense network camera triggers the built-in strobe light and
32
SECURITY FOCUS AFRICA JUNE 2019
audio alarm. This is designed to warn the intruder off before they attempt to breach the perimeter. The volume of the audio alarm and the brightness of the strobe light can be adjusted to suit the environment.
Reliable operation, day or night The AcuSense network camera range can deliver this powerful intrusion detection and prevention at all times of day or night. Powered by Hikvision DarkFighter technology, all cameras in the range deliver superior surveillance images, even in ultralow light.
Four products to suit different applications The new AcuSense network cameras are available in bullet and turret styles, and in 2MP or 4MP resolution, making a total of four different camera options available.
Better service, peace of mind Frank Zhang, general manager of international product marketing department at Hikvision says, “AcuSense technology is already cutting-edge. By adding the strobe light and the alarm, we can now give our customers the chance to prevent incidents from happening in the first place, for even better security. We’re delighted to be able to help our customers protect their property in ever more valuable ways.”
Product model details There are four models available: • DS-2CD2346G1-I/SL: 4 MP IR Fixed Turret Network Camera. • DS-2CD2326G1-I/SL: 2 MP IR Fixed Turret Network Camera. • DS-2CD2T46G1-4I/SL: 4 MP IR Fixed Bullet Network Camera. • DS-2CD2T26G1-4I/SL: 2 MP IR Fixed Bullet Network Camera.
securityfocusafrica.com
ON THE MARKET
Net2 accessible from any location, on any device Paxton has launched a new web-based user interface for its market-leading access control system Net2.
N
et2Online makes Net2 accessible from any device with an internet connection, giving users ultimate flexibility and ownership of the system – wherever they are. It comes as a free feature with Paxton’s Net2 Pro software. This ensures Net2 Pro is future-proofed, while making site access for users even easier. Five useful features will allow users to manage their building from any device, in any location – open doors, add and manage users, run roll call, monitor events and create reports.
Other Net2Online features include: • It’s quick and easy to get started – there is no need to install additional software if
securityfocusafrica.com
you have an existing Net2 Pro system. • It has an improved layout – a smart, simple look and feel, with responsive interface and quick navigation. • It now covers all major Windows operating systems and is compatible with Google Chrome, Safari, Microsoft Edge and Mozilla Firefox. • It’s included free of charge to new and existing Net2 Pro users. Chris Wrench, Product Manager, said: “We’re continually future proofing our systems and Net2Online gives our users even more choice to manage their sites. “With Net2Online, installers can be confident they’re providing a solution that is smart and simple to use and will meet the needs of end users long into the future. “We’ve also taken onboard feedback from customers who said they wanted a system
PAXTON’S RECENT AWARDS INCLUDE: • PSI Premier Award – Access Control Product of the Year 2018: Net2 Entry Premium monitor. • Benchmark Innovation Awards – Access Control Hardware Category 2018: Net2 Entry Premium monitor. • Good Design Award 2018: Net2 Entry Premium monitor. • IFSEC Global Top 50 Most Influential People in Security – Security Tech Leaders 2018: Adam Stroud, CEO (4th)
that could be accessed by any device and from any location. “Net2 Pro users now have the flexibility to manage their system in a more convenient way, at no extra cost.” Net2 Pro is Paxton’s advanced version of its free Net2 Lite software. It has all the capabilities of Net2 Lite software with advanced features.
SECURITY FOCUS AFRICA JUNE 2019
33
CITIZEN IDENTIFICATION UPDATE
Closing the identity gap: government in Africa biometrics and e-IDs By Steve Warne, senior director, product marketing, citizen identity with HID Global
Africa faces many challenges that citizen identification can help solve, but the World Bank estimates that more than 40 per cent of people lacking IDs in the world live on the continent – about 1.1 billion people.
M
any individuals have difficulty asserting their rights because they are unable to prove that they are citizens. These individuals may be denied access to education, health facilities, land and other rights. In addition, the absence of proof of identity is a serious barrier to financial inclusion. With biometrics, people no longer require a multitude of documents, which can be lost or damaged, to prove who they are; an individual’s physical or behavioural traits (such as fingerprints or behavioural data) can be captured, reducing the opportunity for fraud or falsification. Governments on the continent and globally are revolutionising how the world looks at identity, and they are using trusted identities to serve people when and where it matters most. Governments rely on systems that address each step of the identity journey, pave the way for new capabilities, and are easy to implement whether for issuing passports, controlling borders, or ensuring security and tranquillity through more efficient and effective law enforcement. These systems increasingly use biometrics to fuse convenience and security while validating “true identity” so that individuals
34
SECURITY FOCUS AFRICA JUNE 2019
are tied to their credentials and other government documents. This growing adoption of biometrics in these identity programs is also helping to improve the efficiency and effectiveness of government operations and is poised to usher in new ways to serve a growing range of user needs while also meeting their expectations for a more consistent and positive experience. For many African governments, an e-Passport is the first step to launching a citizen identification program. Countries like Tanzania are taking this foundational step with an e-Passport and e-Document program that allows them to plan for future capabilities and includes biometrics as a big piece of the solution. The government of Tanzania works with HID Global, a worldwide leader in trusted identity solutions, to deliver its e-Immigration program. The new webbased visa and residence permit services allow visitors and residents to apply for and receive validated credentials for traveling or living in the country. Their program enables them to adapt to changing standards, adopt new capabilities and issue many different types of ID documents. It encompasses
all critical system elements spanning the entire identity journey, from data capture and enrolment including biometric identification, to application processing, adjudication, data preparation, personalisation and issuance. Tanzania’s end-to-end solution also includes supporting functionality for these processes such as lifecycle management, key management systems and signing and certification services. The use of smarter IDs is cost-effective for governments in the long term. As governments seek to optimise their investments, they need solutions that can be used to issue many different types of ID documents with the same core system components. New and emerging standards and market requirements must also be addressed and incorporated
securityfocusafrica.com
CITIZEN IDENTIFICATION UPDATE
a successful program. They acknowledge and pave the way for issuing many different types of physical or mobile credentials as part of a comprehensive and coherent framework and ensure these credentials can be authenticated via a single low-cost verification infrastructure. Perhaps most importantly, these solutions are designed to meet the exact needs of users and enhance their experience throughout the identification process. Delivering on this user value proposition to its fullest extent across the broadest possible range of government applications and services will increasingly depend on biometrics to bind people to their credentials and documents while greatly simplifying and enhancing each step of the identity journey. From making it easy for people to quickly prove who they are at the airport customs counter to making them safer by better managing such foundational security processes at border control, criminal booking and record-keeping, biometric identification and e-IDs are changing how we live and what we can do.
into the solution in a simple and frictionless manner. As an example, the document management system should be able to support the move to mobile IDs as well as the verification infrastructure for authenticating them. This will enable identity credentials to be enrolled, provisioned and used on mobile devices, presented in a way that does not compromise security or privacy, and authenticated without requiring specialised training. Mobile identity technologies will give citizens greater control over what identification information they share, in person or remotely, including over the telephone, on websites, or when accessing other digital services. Today’s end-to-end citizen identification solutions include everything required for
securityfocusafrica.com
SECURITY FOCUS AFRICA JUNE 2019
35
CASH SECURITY CASE STUDY
SBERBANK OF RUSSIA, POVOLZHSKII HEAD OFFICE
Intellect increases the effectiveness of the security of Sberbank automated teller machines
Since mid-2007, a security system based on the Intellect platform has been introduced into the distributed network of automated teller machines in the Ulyanovskii branch of the Povolzhskii division of Sberbank Russia Client The Povolzhskii division of Sberbank Russia is the largest bank in the region. The network of branch offices is very wide, allowing it to make its services accessible to practically everyone in the region. Povolzhskii Head Office, in operation since January 2001, works in Samarskii, Astrahanski, Volgogradskii, Orenburgskii, Penzenskii, Saratovskii and Ulyanovskii oblasts. These are industrially-developed regions, and constitute part of the Southern federal region (Astrahanskii and Volgogradskii oblasts) and the Privolzhskii federal region (the remaining oblasts). The economies of these seven oblasts include industrial sectors such as energy, automobile production, metal working, fuel, chemical and petrochemical industry,
36
SECURITY FOCUS AFRICA JUNE 2019
and military-industrial and agricultural complexes. Practically all of the large-scale enterprises in the regions are serviced by Sberbank branches. There are more than 430 credit organisations and branches operating in the financial sector of the regions. The largest financial-credit institution of this market, according to all qualitative and quantitative indicators is Povolzhskii division of Sberbank Russia. The total number of bank cards issued by Povolzhskii bank through the beginning of 2008 exceeds 2 100 000. In recent years, the bank has significantly expanded its network of facilities for servicing credit card holders; currently there are 953 cash withdrawal points, 1 078 cash machines, and 3 580 retail and service points accepting bank cards.
Povolzhskii Bank confidently holds more than 30 per cent of the regional market for bank cards. The bank plans to further develop infrastructure for credit card holders, including the installation of selfservice payment kiosks and cash machines with the cash-in function With that quantity of cash machines and bank cards, it has become obvious that a system was needed that could ensure the security of the cash machines, efficiently resolve all pressing questions and track incidents of theft. Moreover, in connection with the large territorial reach of the bank, the system should also offer the possibility of centralised monitoring and control. A security system for the cash machines based on the Intellect platform assisted
securityfocusafrica.com
CASH SECURITY CASE STUDY
in effectively resolving all of the defined objectives.
Situation Over the last two years, the Ulyanovcki branch of the bank has actively installed new cash machines and payment terminals. Video recorders are being used for video surveillance. There is no need to talk about the shortcomings of this type of technology. The constant growth in the number of cash machines, bank branches, payment terminals and their territorial distribution has made video surveillance over these objects extremely ineffective; after all, in order to collect information from the video recorders, security system service professionals needed to travel to each cash machine. Moreover, incidents involving stolen and fake plastic cards were still occurring. It may not be worth it to speak of how much time and petrol was wasted on trying to solve this problem for every 2-3 transactions in different parts of the city Spetstechnika Co. showed initiative in turning to the bank with the offer to install a modern security system. Taking into the consideration the particularities of the protected objects, the following requirements were determined: • Provide the possibility of efficiently managing remote objects from a single location of the security system centre, taking away the necessity to travel to all the cash machines. • For transactions, it was necessary to develop a frame search in the video archive over such parameters as card numbers, incidents of cash withdrawal, and the withdrawn sum. • The need for monitoring the technical state of the system – camera, software, communication lines, etc. • With regards to the absence of allocated channels of communication, the work of the system had to be organised on the basis of the regular communications channels.
Selection of solution and implementation During the process of selecting a technical solution, all the particularities of the task and experiences in introducing similar systems were analysed. Out of the range of shortlisted products, the most suitable was ATM-Intellect, the security system for cash machines based on the Intellect platform. A very important reason for the use of this solution was the fact that among all the studied options, only this system was able to work along the standard lines of
securityfocusafrica.com
communication between the ATMs, such as TCP/IP and X.25 Today roughly 40 bank objects have been equipped with this new system and the remote control centre for video surveillance has been set up. During the first stages of installation, local video security systems computers were installed in special boxes alongside the cash machines. As time passed, a compact solution was developed, consisting of a personal Mini-ITX computer installed inside the cash machine that could keep external interference to a minimum. The time needed for deployment of the local video security system (LVSS) was reduced thus to one or two days. The technology for installing LVSS in the cash machines was mastered and implemented in several configurations and in payment terminals. During the mounting and startup jobs, Spetstechnika Co. gave special attention to their quality; after all the stability of any system depends in large part on how accurately and expertly it is installed.
Effect According to the evaluations of staff members working with the bank’s security system, disputable transactions have been settled ever more promptly and efficiently. Especially useful has proved to be the opportunity of a remote search in the video data archive of card numbers and withdrawal sums for each concerned instance of cash withdrawals. Thanks to this new system, the need for service professionals to travel among the cash machines has disappeared. Moreover, the functions of the remote verification of the technical state of the equipment allows for the more effective resolution of problems connected with the servicing of the network of cash machines and the distributed security system. Therefore, it should not be a surprise that in comparing the work of the old and new systems, bank staff members have uniformly given their preferences to Intellect.
Perspectives Banking card technologies in the world, in the country, and in the particular region
are developed very rapidly. Not only have cash machines become common, but also electronic payments in stores. A typical card holder can nowadays boast a few cards in their wallet. The Ulyanovcki branch of the Povolzhskii division of Sberbank Russia, as the leader in card technology in the region, enjoys the majority of credit card holders as its customers. The aim of Spetstechnika Co. is to provide for the protection of the bank and its clients during cards transactions. In the future, one expects an expansion of the video surveillance network for the cash machines as well as a transition to a new technical solution using the technology to duplicate information. Moreover, a complete replacement of the video recorders with an Intellect powered system is planned, where the information from all objects should be fed to the remote video surveillance centre. Spetstechnika is conducting negotiations with the bank over the arrangements to set up a new department of claims, equipped with an operator workstation. It should handle information from the distributed security system. The Intellect video detectors are also expected to be used to prevent camera tampering, such as a camera blinding detector, lens blocking detector, and image stability detector. This will allow the bank to even further increase the reliability of its system of video surveillance.
Associates Spetstechnika was founded in 1992. Initially the company specialised in security systems for various objects and automobiles, and in particular worked on installing security systems in the base stations of UlyanovskGSM CJSC. Currently, besides the active development of the ATM-Intellect system for Sberbank, Spetstechnika is involved in negotiations with security system specialists from Maksim-X Co. over the installation of POS-Intellect in the chain of Simbirka stores Throughout its existence, the company has devoted the bulk of its efforts to the development of existing and introduction of new security technologies and systems of video surveillance, as well as the utilisation of video analytics. “Our objective is to organise innovative projects in Ulyanovsk and Ulyanovsk region, train people to use new technologies, deliver latest technologies of video surveillance, and unleash the full R&D potential of the region,” states Vladimir Efimov, director of Spetstechnika.
SECURITY FOCUS AFRICA JUNE 2019
37
CASH LOGISTICS
Cash logistics becomes fully automated With South Africa predominantly a cash-driven country, cash logistics is without a doubt a main artery of our economy. Equally important is having world-class solutions to track the cash throughout the cash cycle.
C
ash management company Izicash has announced its adoption of software solution Transtrack, supported by South African company AllCash, which streamlines the cash logistics process. “Thanks to this investment in Transtrack, Izicash is now the only South African cash management company that uses Transtrack to manage the entire cash cycle – from cash supply, cash-in-transit (CIT) collections and deliveries, to cash processing and settlements,” says Albert Erasmus, chief executive officer of Izicash. Tracking cash in an end-to-end cycle improves efficiency and optimises and streamlines every stage in the cash logistics process. An invaluable spin-off is that safety and security around cash handling is greatly enhanced, which provides retailers, their staff and their customers with peace of mind, in addition to the bottom-line benefits of world-class business practices. Transtrack International is a Dutch software developer with outstanding credentials in the global cash industry, both for the services it provides and for its CashWebCommunity (CWC) modular software.
CWC’s local footprint is provided and managed by AllCash, the leading developer and manufacturer of cash management devices and protection products. Best known for its range of electronic locks, cross-pavement carriers that are used by commercial banks, CIT service providers and security companies, AllCash is also the licensed manufacturer and service partner for PUDU, the armoured vehicle vault protection system that was developed by the Council for Scientific and Industrial Research (CSIR). Since 2006, AllCash has been the southern African and sub-Saharan representative, and integration and support partner of Transtrack International. The company supplies the associated hardware and implements and trains clients on the Transtrack CWC software suite throughout Africa. “Over the past 10-plus years, we have found the Transtrack software to be invaluable,” says Graeme King, chief executive officer of AllCash. “We see every day how it helps CIT companies to save time and money by fitting in more collections per route, automating hand-over processes and having a properly documented audit trail
in order to track and trace and provide information to clients.” It is, however, the software’s ability to automate and manage all the stages in the cash lifecycle – from forecasting and optimisation to contract management, order management, asset management, tracking of cash, handover of liability, billing outputs and management dashboards – that Izicash sees making the biggest difference to its clients, and to take its business to the next level. “Our reputation as a reliable and credible alternative cash logistics provider has now been well established,” says Erasmus. “But in the past we confined our operations to Gauteng and Northwest Provinces. Now, with the technology of Transtrack and the service support of AllCash, we will be able to expand our business geographically and grow exponentially.” Izicash has a long-standing association with AllCash and uses its cross-pavement carrier technology. “Our relationship is built on trust and goodwill, and we are honoured and excited that Albert and his team chose us as its partner to help take Izicash to the next level,” says King.
From left to right: Albert Erasmus, chief executive officer of Izicash with Graeme King, chief executive officer of AllCash
38
SECURITY FOCUS AFRICA JUNE 2019
securityfocusafrica.com
SECURITY IN ACTION
Bollards: Proven protection for high-risk sites By Centurion Systems
Terrorism represents one of the greatest threats to public safety today, with a growing number of attacks being carried out by driving vehicles into crowds or buildings.
S
ince 2006, there have been approximately 14 vehicle-borne attacks in various parts of the world, pointing to the emergence of an alarming and insidious new militant tactic that has rendered public spaces vulnerable and largely unprepared. Following three attacks in Israel in 2008 in which vehicles were used as weapons, Stratfor – a US-based geopolitical intelligence platform – concluded that vehicle attacks, while not as deadly as suicide bombings, are more difficult to prevent. Embassies, consulates and government buildings – which are often regarded by terrorists as housing enemy interests – are especially at risk of being targeted in ram raiding attacks.
The use of bollards in antiterrorism As established and respected city sentries, bollards are steeped in symbolism and history. Originally used for mooring ships, bollards have come to embody the very essence of urban security, and have been used in traffic control applications since at least the 18th century. The rise of vehicle ramming attacks has resulted in commercial property security taking on an entirely new dimension to
securityfocusafrica.com
include solutions specifically developed for anti-terrorism applications. Bollards are increasingly being incorporated into the security design of buildings operating at higher levels of security such as banks and diplomatic missions, and have proven effective in helping to mitigate the destruction caused by vehicle ramming, thereby protecting critical national infrastructure. In line with salient homeland security demands, modern bollards are designed to be highly robust and offer the maximum level of protection against concerted vehicular attacks.
Different types of bollards Bollards vary in terms of their design, operation and the level of security that they offer. Fixed bollards, for example, are suitable for medium- to high-security sites and are most often used in traffic management applications where it is necessary to permanently restrict vehicle access. The main benefit of fixed traffic barriers is that they do not require invasive installation work or electrical wiring. Fixed installations might not always be ideal, however, as selective access may need to be given to emergency vehicles and authorised personnel. Retractable or automatic bollards offer a much more
flexible perimeter security solution, and can be raised and lowered as required using a remote control or other access control device.
Crash ratings Pursuant to the accurate selection of a bollard system for hostile vehicle mitigation, institutions such as the American Society for Testing and Materials (ASTM International) have developed standardised, stepped tests for establishing a bollard’s stopping power and impact resistance. According to the ASTM’s specification guide concerning the standard test method for crash testing of vehicle security barriers, “[knowing] the penetration rating provides the ability to select an appropriate barrier for site-specific conditions around a facility”. Since high-target sites such as military barracks and government buildings require the application of exceptional security measures, the use of crash- or attack-rated bollards with a known penetration rating is recommended.
References ASTM F2656 / F2656M-18a, Standard Test Method for Crash Testing of Vehicle Security Barriers, ASTM International, West Conshohocken, PA, 2018, www.astm.org.
SECURITY FOCUS AFRICA JUNE 2019
39
CYBERSECURITY
Companies stand to lose everything through lack of awareness
T
he common response to a cyberattack is to quickly identify the culprit, blame them and try to cover up the damage. It is time that business leaders realise that they are simply not doing enough to protect their organisations. Having dealt with many intelligent and highly qualified people in recent months, it is clear that they are simply missing the (end) point. The conversations are very similar when discussing the various risk vectors, how they are being addressed and what collection of solutions and processes are being used. Some have large budgets, some are small and several haven't even thought of information security or risk mitigation to prevent and reduce the impact of breaches as an item to budget for. Business leaders often feel that these topics are too complicated to discuss and it means that they generally have no idea where to start. The worst possible response is that it is not the right time to worry about cyber risks right now. Do they really think there are more pressing issues than company security? When is the right time? When your company is headline news as the next big public data breach or when your competitor takes out your top three customers from under your nose. They also need to realise that anti-virus and gateway security are not the solution, they are a small part of the solution. If companies don’t have total visibility on what is happening at the end point, they will simply continue to run in circles and will never be able to claim compliance. Without absolute visibility
40
SECURITY FOCUS AFRICA JUNE 2019
on the end point, one also cannot tell what risks employees are bringing into the company or what data is being taken out. Network log analytics and SIEM is very good at aggregating vast amounts of data from many different systems and this gives out a whole lot of data. Network and firewall logs are informative, data from the end point around user activity, email activity and device changes brings real value. One must correlate the actual user activity against known risky behaviour to identify anomalies. Lateral movement doesn't only happen from outside parties, internal users take advantage of their knowledge and use things like system or admin accounts to make changes, move around the environment and steal data, load malware and cause damage. The rise of global breaches brings account compromise into play as well. The dark web is teaming with stolen credentials, without adequate monitoring and active enforcement one will never know that you have been breached in the first place. One needs to begin at the endpoint because with complete visibility, business
leaders will be able to understand what is normal. When you know what is normal, abnormal is easily identified and you have the capability to respond before damage is done. Your team needs eyes everywhere and most importantly this needs to be at the endpoint with the user or systems that are actually doing the work. When you increase your field of vision, you improve your security and reduce risks. Have a look around your entire environment and ask yourself whether you really know what is going on at the endpoint. Do you know which users log on to specific machines, what they have done there and the data they are moving around? If not, you have a problem and you need to consider your options. It is time to take security more seriously. You know that the biggest problem is already staring at you in the face, if you do not have visibility and provide adequate additional protection and awareness to your users, you will miss far more than you are able to protect. Relying purely on network monitoring works in a perfect world, but we work in an imperfect world. Users make mistakes, click on links, download software they shouldn't and are given far more access than they require – simply because there are inadequate controls and no monitoring. Companies need to make real progress in terms of security, not simply tick a box on an audit requirement. This is only possible by obtaining valuable input into the security operations of your business by increasing visibility and increasing your capability to identify and respond, before you are in the news.
securityfocusafrica.com
rawpixel.com
There is a growing number of cyberattacks – and almost all successful attacks have come from an insider being compromised through deception, negligence or a lack of awareness. In this era of endless cyberattacks, companies need to attack or face being attacked and stand to lose everything. This is according to J2 Software CEO John Mc Loughlin.
CYBERSECURITY
Record level of vulnerabilities sparks cybersecurity innovation New data ranking the ‘cybermaturity’ of organisations reveals the most commonly targeted sectors are also the most prepared to deal with the ever-evolving threat landscape.
D
imension Data, the USD 8 billion global technology integrator and managed services provider for hybrid IT, has revealed exclusive findings from its Executive Guide to NTT Security’s 2019 Global Threat Intelligence Report concerning the cybersecurity maturity of organisations across a number of markets and sectors. Globally, the average cybersecurity maturity rating stands at a worrying 1.45 out of 5 – a score determined by an organisation’s holistic approach to cybersecurity from a process, metrics and strategic perspective. This comes during a time when security vulnerabilities have also surged to a record high (up 12.5 per cent from 2017). The finance (1.71) and technology (1.66) sectors boast the highest maturity ratings and are continuing to ramp up their security posture, most likely prompted by their unenviable positions as the most commonly targeted industries, each accounting for 17 per cent of all attacks recorded in 2018. Scouring trillions of logs and billions of attacks, the research also revealed the most common attack types, with web attacks the most prevalent threat, doubling in frequency since 2017 and accounting for 32 per cent of all attacks detected last year. Reconnaissance (16 per cent) was the next most common hostile activity, closely followed by servicespecific attacks (13 per cent) and brute-force attacks (12 per cent). Mark Thomas, VP, Cybersecurity at Dimension Data, said: “There’s clearly work to be done across all sectors in order to establish more robust security postures. However, it’s reassuring to see many C-suite leaders recognising the importance of making more strategic investments to improve their cybersecurity defences. “There have been some exciting developments in the predictive threat intelligence space, with new levels of collaboration and buy-in across the cybersecurity value chain. What’s more, the most-targeted industries are also the most likely to seek assistance to evolve their strategies and build their
securityfocusafrica.com
security programmes. This bodes well for companies looking to reach their desired cybermaturity state.” Other highlights from the research include: • Globally, 35 per cent of attacks originate from IP addresses within the US and China, followed by EMEA and APAC. • Cryptojacking represents a significant amount of hostile activity, at times
accounting for more detections than all other malware combined, hitting the technology and education sectors hardest. • Credential theft is up as attackers target cloud credentials, with tech companies (36 per cent), telcos (18 per cent), and business and professional services (14 per cent) significantly impacted by this. The Dimension Data Executive Guide to the NTT Security 2019 Global Threat Intelligence Report is available for download on www. dimensiondata.com.
SECURITY FOCUS AFRICA JUNE 2019
41
E-WASTE SECURITY
CEOs must be concerned about non-compliant old PCs By Bridgette Vermaak: Head of ITAD department at Xperien.
Disposing of old computer equipment used to be a mindless process, but those methods of the past are no longer an option with the introduction of new laws and regulations. The days of piling it up in storage or simply selling it off to staff or second-hand retailers or even dumping it in a landfill, are over.
C
EOs should be concerned about non-compliant old PCs that are piling up in storage, especially since the Protection of Personal Information (PoPI) Act came into being. All those old hard drives usually contain vital client information and must be removed in a manner that is compliant with the Act. Simply pushing the ‘delete’ button also won’t do it, nor will running a magnet over the old hard drives in an attempt to erase data. Even using old hard drives for target practice or drilling holes in them will not satisfy the prescriptions of the PoPI Act, and nor does factory reset encryption. Here is an actual example of the kind of PoPI Act violations that could land executives in jail or leave the company with a R10 million fine. Scores of old hard drives were found being sold on the street in downtown Johannesburg, they were either stolen by company insiders or disposed of by the company themselves. What the buyers were actually looking for was client data: ID numbers, credit card information, bank account details and anything else that might be of value. Don’t believe this does not happen, criminal syndicates are forever seeking ways to get their hands on company data and will pay a hefty price for a staff member to remove a hard drive and hand it over. That old hard drive sitting in storage and gathering dust could be worth millions to someone who knows how to access the data. Syndicates will pay large amounts of cash for hard drives. All they really want is the information, particularly from companies in the financial and insurance sectors. Last year
42
SECURITY FOCUS AFRICA JUNE 2019
financial services group Liberty announced a massive data breach that is reckoned to have cost millions to fix, even though no clients reportedly lost any money.
Hidden costs Many companies are disposing of old computer equipment by putting it in storage. The problem with this is that storage costs money, the longer the equipment is in storage, the more it costs. Then there are the insurance costs. But the biggest potential cost is the risk of falling foul to PoPI and exposing client or company information. Simply dumping old equipment in landfill sites also doesn't satisfy the requirements of PoPI because of the environmental risks of toxic materials in electronic waste. The PoPI Act is designed to ensure that all South African institutions conduct themselves in a responsible manner when collecting, processing, storing and sharing another entity's personal information by holding them accountable should they abuse or compromise your personal information in any way. Blancco vice president of enterprise and cloud erasure solutions Fredrik Forslund says companies stockpile old hardware wherever they have some free space, and that is
driving up costs. Furthermore, many companies are still struggling to come to grips with the implications – and risks – of violating the Act. A company was found to have a decadeworth of old computer equipment stockpiled in a disused room. Nobody managed the storeroom facility, making it an easy target for thieves. Nor did the company have any documentation or itinerary of the equipment in storage. The hard drives were found to be loaded with client data. This is not unusual, a Veritas Global Databerg report found that 85 per cent of stored data is either dark or redundant, obsolete or trivial. This is a huge problem considering the PoPI Act and other international data protection laws, companies can no longer afford to ignore the risks.
The solution Companies like Xperien have a track record in the refurbishment and disposal of old computer equipment in a way that is fully-compliant with the PoPI Act. The safe erasure of data is carried out using specialised tools like Blancco, which is recommended by IT consulting firm Gartner as one of the most suitable tools for this purpose. This is done either on site or removed under strictly supervised and secure conditions for off-site handling. Once the data is safely erased, the client company is issued with a PoPI-compliant certificate. Xperien was recently contacted by a company that had many years of old computer equipment piled up in storage. It commissioned three teams to carry out a full inventory of the stock and also to remove all data from the hard drives. The client was then presented with a full inventory report detailing the equipment age and
securityfocusafrica.com
E-WASTE SECURITY
specifications, including missing items. The company was also able to receive a financial return on its old equipment, including a certificate of proof that it was PoPI compliant.
Return on Investment Most companies retire their computer equipment after 3 – 5 years and it typically has a residual value of 10 – 20 per cent of the original cost. That residual can quickly devalue the longer the retired equipment is kept in storage. There are broadly three options available to companies contemplating the disposal of old equipment. Firstly, sell the equipment outright to a company like Xperien and recover the residual value which can then be put straight back into the company’s IT budget. This would include the certified erasure of
client data from hard drives. Alternatively, companies like Xperien can refurbish the equipment and also do full data erasure. This equipment can then be sold to company staff at a reduced price that is often up to 75 per cent of the original cost, depending on the condition. Finally, the company can consider donating the refurbished equipment to schools and orphanages as part of its Corporate Social Investment programme, and claim the tax benefits.
The financial case for data erasure and asset disposal In most cases, companies don’t even have to find budget for disposal of equipment and erasure of data. Using a typical example where a computer was originally bought for R10 000 three years ago, it will have some residual value.
The client will conservatively get 10 per cent of this back, or R1 000. For this amount, Xperien will ensure that the data is removed in a PoPI-compliant manner, with the client receiving a certificate to prove that it has been removed. In some cases, clients could also require video evidence of the erasure of data. This service is generally done onsite but if the equipment is removed from the premises, it is done using Xperien’s own security and transport so as to authenticate the chain of disposal. Do not sweat your IT assets, use the residual value of the old equipment to reduce the cost of new equipment and get free data erasure certificates. Business leaders must become creative, they can save more than 35 per cent on their IT budget.
Giving office equipment a second life By Xperien CEO Wale Arewa
Has your business ever considered the financial and environmental benefits of leasing certified refurbished office equipment? If not, this could mean the difference between a profit or a loss, especially considering the high cost of new office equipment nowadays and also the impact of electronic waste.
E
lectronic waste has become the fastest growing waste stream globally. According to a recent study, by 2020 it is estimated that there will be approximately 30 billion Internet connected devices worldwide. However, merely 20 per cent of these devices will be appropriately collected and recycled. This will not only result in a loss
securityfocusafrica.com
of valuable materials, but it will also have a serious environmental impact on our planet. Companies like Xperien, an IT Asset Management company, offer various solutions to combat this global problem. Moving away from the traditional linear economy, it now supports a more circular economy by keeping precious resources in use for as long as possible instead of
disposing of them at an early stage. Xperien enables companies to lease high specification, refurbished laptops and PCs at a low cost. It procures used computer equipment, tests it thoroughly and refurbishes it. This equipment is then leased to businesses looking for a lowcost option and one that enhances their environmental credentials. This certified refurbished equipment is not only given a second life, but at the end of each lease period clients are given the option to purchase the equipment at a reduced rate to further extend the lifecycle. Products that cannot be reused will have functional parts harvested and the waste will be responsibly recycled. More importantly, secure data destruction is done at the end of each lease to eliminate any concern of disposing of company data. With various lease options available today, the new trend is to move away from owning products, businesses can now keep up with latest technologies without tying up working capital.
SECURITY FOCUS AFRICA JUNE 2019
43
INDUSTRY OPINION
Fixing SA’s broken windows With its history of chasing arrests, SA is vulnerable to the damaging effects of poorly implemented broken windows policing. By Andrew Faull, Senior Researcher, Justice and Violence Prevention, ISS
I
n 1982, George L Kelling and James Q Wilson penned an article that created the idea of broken windows policing. Kelling, who died on 15 May aged 83, will be remembered as the father of broken windows policing, and for his early contributions to what has become evidence-based policing. Both are important for South Africa – a country replete with broken windows and not enough evidenceinformed police practice. The broken windows theory argues that policing should promote public order by addressing minor infractions, such as loitering and public drunkenness. It was made famous through its association with the rapid decline in crime in New York City in the early 1990s. But what is it and is it really effective? Kelling and Wilson’s argument was based on the findings of a police experiment to test whether increased foot patrols reduced crime. They found that while this tactic didn’t bring crime down, it did improve the public’s feelings of safety and perceptions that crime had declined, and increased trust in police. Officers walking foot beats for the experiment also reported improved morale and job satisfaction. This is an early example of evidence-based policing – a hypothesis was formed, tested and evaluated, and its lessons used to inform police practice and urban governance. In this instance, the experiment birthed the broken windows theory of policing. Kelling and Wilson read a number of conclusions into the study. First, they noted that feelings of fear need not be based on actual crime. Rather, perceptions of disorder alone can cause public anxiety. Second, they proposed that when signs of disorder, such as a broken window, are left unchecked, they signal lack of government or community care. This promotes rule-breaking and other anti-social behaviour resulting in more broken windows and a deteriorating environment. In turn, people withdraw from public space, and unlawful activities increase, potentially resulting in serious criminality.
44
SECURITY FOCUS AFRICA JUNE 2019
Their solution was to address or remove signs of disorder before they generated others. This logic is both clear and controversial. It has been interpreted as promoting the criminalisation of the poor and vulnerable in public space, although this has been denied. What about impact – does it actually work? A 2015 systematic review of 30 randomised experiments and quasi-experimental tests of broken windows-type policing found that their crime reduction effect was modest. Importantly, the greatest impact on crime was produced by problem-oriented interventions that targeted particular disorder in specific places. In contrast, aggressive behaviour-focused interventions were ineffective. These are important findings. They suggest that simply arresting large numbers of perceived transgressors for petty offences doesn’t result in long-term safety. And when pursued with persistent pressure from police managers without attention to the methods used, such policing can cause harm, and result in more crime. The South African Police Service (SAPS) is particularly vulnerable to this. It has a history of chasing arrest and crime-reduction targets while policing millions of impoverished and disenfranchised people. Instead, it should holistically tackling specific problems in specific areas with well-considered interventions that can prevent crime. This requires interventions beyond only policing, but police remain key to their success. Police are ideally positioned to identify areas of disorder (and crime), and pull the levers of government and civil society required to address them. When resources are intentionally focused in this way and deployed according to a vision shared by all
stakeholders, they are most likely to be effective. Broken windows policing should not imply a uniform approach across a city or country, and claims of such by politicians should be resisted. Rather it should be about focused problem solving with an emphasis on minor infractions in otherwise ‘orderly’ spaces, ideally using methods that promote trust in police. For example, police alone can’t prevent all drug dealing or assault because some factors behind these offences are beyond the scope of policing. Police should partner with other government and civil society structures and offer more incentives for behaviour change than mere arrest and prosecution. In this way, order can be maintained without ushering people into a criminal justice system that may do them more harm than good. Broken windows theory was born out of an experiment in policing that was carefully planned and evaluated. Although it sought to reduce crime, factored into its analysis were many more indicators than reported crime alone. In South Africa, reported crime is often emphasised in police performance evaluations. This has made public safety primarily a police concern and limited the multi-agency interventions required. The sharp rise in serious violent crime in recent years shows that this approach has failed. Among George Kelling’s legacies is confirmation that researchers and police can collaborate for impact. Speaking of Kelling shortly after his death, former New York police chief Bill Bratton said of the academic, “I put into practice his theories and they worked.” To improve policing in South Africa – whether through broken windows or other approaches – we need to grow a culture and capacity of planning and evaluating police practices. We need to generate and test our hypotheses and produce evidence to know how best to fix our many broken windows while simultaneously building trust in our police.
securityfocusafrica.com
LAW & SECURITY
Post 8 May 2019 By Peter Bagshawe
The elections held on 8 May 2019 are past, and counting and certification were announced via the Independent Electoral Commission which has led to the inauguration on 25 May of Cyril Ramaposa as South Africa’s fifth State President after the African National Congress (ANC) retained its Parliamentary majority. A review of the results of the election and a commentary on post-election appointments is appropriate and may be of interest.
T
he first point of interest is that the 2019 election returned the lowest voter turnout in the series of elections post 1994. The voter roll return for 2019, inclusive of foreign votes registered, was 61.5 per cent but, when broken down further, showed an unexpected decrease in total rural voter turnout with a consequent skewing of the vote to reflect a more suburban profile. The last election data showed that 74.1 per cent of suburban voters submitted ballots as opposed to 62.7 per cent of voters in rural areas. Compared to the 2014 elections the total turnout was 72.5 per cent with rural votes comprising 69 per cent and suburban votes registered at 77 per cent. The swing in voting trend between 2014 and 2019 towards the suburban vote is slightly in excess of 11 per cent which favours the parties with a substantial suburban support base and works against rural or more ethnically based parties. Having said this, the increase of votes cast for the Inkatha Freedom Party showed a solid support base in KwaZulu-Natal, where the party has become the official opposition in the province. Some of the smaller parties failed to retain seats or Parliamentary representation at all. However, the split of support for both the ANC and the Democratic Alliance shows erosion of their support nationally and provincially. Looking at the suburban vote the single largest loss was
securityfocusafrica.com
from the Democratic Alliance (DA) that comparatively lost 11.1 per cent of their base with 4.7 per cent of that shifting to the Freedom Front while the ANC gained 1.9 per cent (but received a lower level of provincial support overall) and the Economic Freedom Fighters (EFF) gained 1.1 per cent. The rural vote had the ANC losing 5.8 per cent of their vote, the EFF gaining 5.5 per cent and the DA gaining a marginal 0.4 per cent. The largest growth was by the EFF with particularly strong support on the Northern provinces and the Freedom Front who achieved solid growth in the inland provinces. Looking at the campaigning done by both the EFF and the Freedom Front the commonality was on the question of land appropriation which appears to have resonated with their respective constituencies. Following the inauguration of President Ramaposa, the appointment of the Speaker of the National Assembly, Cabinet and deputy ministers would ordinarily have been a relatively simple process. The ANC has apparently had internal divisions and, having campaigned on a ticket that was weighted towards the curtailment of corruption, the interest groups within the party required consideration in order to maintain cohesive control of the party’s various factions. Prior to the elections the ANC Integrity Committee identified 22 individuals on the election list for review including Deputy President David Mabuza
who took the unusual step of withdrawing from Parliament pending a hearing with the Ethics Committee. Given his position within the ANC and the expectation that he would continue as Deputy President this decision placed the composition of Cabinet under the spotlight and increased pressure on President Ramaposa. Ultimately, Mabuza was found not guilty of bringing the party into disrepute by the Ethics Committee, and was sworn in as Deputy President. Somewhat more out of left field was the issuing of a report by Public Protector Busisiwe Mkhwebane on 24 May 2019 which found that Pravin Gordhan was guilty of improper conduct over his approval (whilst Minister of Finance) of then Deputy South African Revenue Service Commissioner Ivan Pillay’s early retirement, severance package and extension contract. The Public Protector recommended that funds expended be recovered and that State President take appropriate disciplinary action against Gordhan for violating the Constitution in this regard. President Ramaposa was again placed in a difficult position in that the adverse finding and recommendations of the Public Protector was seen as precluding the appointment of Pravin Gordhan as Public Enterprises Minister. Minister Gordhan has taken the Public Protector’s Report on review, strongly challenging the
basis (in fact and law) of the findings and, as this review was seen to suspend the implementation of the Public Protector’s recommendations, Gordhan was duly sworn in as Minister of Public Enterprise. In a further surprising development on 3rd June 2019 the Public Protector issued Minister Gordhan a 7(9) notice in terms of the Public Protectors Act in relation to her investigation into his meetings with the Gupta family and his involvement in the so-called SARS rogue unit on YouTube. The medium of announcement is highly unusual as is the investigation of matters that have previously been the subject matter of court hearings. Given the background of previous Reports of the Public Protector being overturned on review including the recent Estina Dairy Report and calls currently being made for a review Mkhwebane’s fitness to hold office, the ongoing engagement around Pravin Gordhan is likely to prove extremely interesting and will contribute to what can be seen as a bumpy start to President Ramaposa’s term. From an economic and investor perspective President Ramaposa started his post-election term with three clear imperatives. The first of these was to reduce the size of his Cabinet without worsening or creating divisions within the African National Council. The current Cabinet sits at 28 ministers (down from 36 previously) and has achieved gender parity within his appointments
SECURITY FOCUS AFRICA JUNE 2019
45
LAW & SECURITY which has been seen favourably albeit a greater cut was expected. Secondly the economic cluster (Ministries of Finance, Public Enterprise, Trade and Industry, Mineral Resources and Energy, Labour and Employment and Small Business Development) have the responsibility for addressing the country’s structural economic issues, reducing red tape for small and medium
enterprises, seeking financing and unbundling Eskom and restoring the utility’s financial structures. Here, the input of the Minister of Finance and Minister of Public Enterprises are seen as being key. Thirdly the turnaround of State-owned Enterprises (Eskom and South African Airways loom large here) need to be placed into a cohesive and planned structure to avoid further bailouts and
INDEX OF ADVERTISERS & CONTRIBUTORS
the exposure they have to loan defaults. The current impasse around Minister Gordhan is untimely and likely to deflect focus at a critical time. The recent resignations of the CEOs of South African Airways and Eskom are also likely to make any restructure more difficult in the short term. The start of the fifth Parliament has been difficult even prior
to its opening, and pressures are likely to increase during the initial sittings. Given what is at stake on the economic front and pressures likely to ripple out into other sectors the outlook is uncertain. PETER BAGSHAWE holds a Bachelor of Law degree from the former University of Rhodesia and a Bachelor of Laws degree from the University of the Witwatersrand.
June 2019
PAGE
WEBSITE
Active Track
5
info@activetrack.co.za
www.activetrack.co.za
All Cash / Izicash
38
info@allcash.co.za / cit@izicash.co.za
www.allcash.co.za / www.izicash.co.za
Axxonsoft
36
info@axxonsoft.com
www.axxonsoft.com
Centurion Systems
39
sales@centsys.co.za
www.centsys.co.za
Commvault
17
skeating@commvault.com
www.commvault.com
Dallmeier
26-28
info@dallmeier.com
www.dallmeier.com
Dimension Data
41
salome.mabe@edelman.com (PR)
www.dimensiondata.com
Fidelity Services Group
OFC, 8-9
customercare@fidelitysecurity.co.za
www.fidelitysecurity.co.za / www.adt.co.za
Gabsten
14
sales@gabsten.co.za
www.gabsten.co.za
HID Global
34
media@hidglobal.com
www.hidglobal.com
Hikvision
32
overseasbusiness@hikvision.com
www.hikvision.com
IDEMIA
OBC, 31
micheala.williams@idemia.com
www.idemia.com
IDIS
23
tara@idisglobal.com
www.idisglobal.com
ISS
44
iss@issafrica.org
www.issafrica.org
J2 Software
40
john@j2.co.za
www.j2.co.za
Lastline
13
sales@lastline.com
www.lastline.com
Leppard
19
kerry@leppard.co.za
www.leppard.co.za
Maxxess
30
info@maxxess.co.za
www.maxxess.co.za
McAfee
15
sales@mcafee.com
www.mcafee.com
Michalsons
16
support@michalsons.com
www.michalsons.com
Paxton
33
support@paxtonaccess.co.za
www.paxtonaccess.co.za
Plaslope
47
glenda.aereboe@plaslope.com
www.plaslope.com
Securex South Africa
20-22
leighm@specialised.com
www.securex.co.za
Securex West Africa
24
abby.cairns@montex.co.uk
www.securexwestafrica.com
Security Association of South Africa
IBC
admin@sasecurity.co.za
www.sasecurity.co.za
Secutel / Proxyclick
14, 29
corlia@secutel.co.za
www.secutel.co.za
Sentinel Guard Monitoring
7
sales@guardreports.co.za
www.guardreports.co.za
Symantec
12
www.symantec.com
www.symantec.com
Verizon
12
www.enterprise.verizon.com
www.enterprise.verizon.com
Xperien
42-43
itad@xperien.co.za
www.xperien.co.za
SUBSCRIBE HERE
ADVERTISER
Contact Publications (Pty) Ltd, PO Box 414, Kloof, 3640 Tel: (031) 764 6977 Fax: 086 762 1867 Email: jackie@contactpub.co.za Yes, please, I would like to subscribe to Security Focus Africa at R650 per year (RSA only). The subscription includes an annual Buyer’s Guide. Enclosed please find cheque to the amount of R Please start my subscription from the Do you require a tax invoice Yes
issue.
No
(If yes, one will be sent to you on receipt of your payment.)
BANKING DETAILS: First National Bank Branch: Kloof Branch Code: 221526 Account No: 50730106925 Name: Contact Publications (Pty) Ltd
NB: Please make cheques payable to Contact Publications (Pty) Ltd Name ................................................................................................ Signature ............................................................................................... Date ...................................................... Company .................................................. Position ........................................................................ Address ........................................................................................................................................................................ Code ............................. Tel .......................................................... Fax .............................................................. Email .............................................................................
46
SECURITY FOCUS AFRICA JUNE 2019
securityfocusafrica.com
CALENDAR
Conferences, events & exhibitions of interest to the security industry LOCAL EVENTS: 2019 SEPTEMBER 15-18: Camprosa conference 2019 Venue: Radisson Blu Hotel, Port Elizabeth Email: jtunstall@iafrica.com www.camprosa.co.za
INTERNATIONAL EVENTS: 2019
JUNE 18-20: IFSEC International Venue: ExCeL London UK www.ifsec.events/international/exhibit2019 SEPTEMBER 24-26: Securex East Africa Venue: Visa Oshwal Centre, Nairobi www.securexpoeastafrica.com OCTOBER 2-3: Finnsec Venue: Messukeskus Helsinki, Helsinki, Finland Email: customer.service@messukeskus.com www.finnsec.messukeskus.com OCTOBER 17-20: Isaf Venue: Istanbul Expo Centre Hall, Turkey Email: marmara@marmarafuar.com.tr www.isaffuari.com/en OCTOBER 22-25: Interpolitex Venue: All-Russian Exhibition Centre VDNH, Moscow, Russia Email: eshatrova@mvkexpo.com www.interpolitex.ru/en OCTOBER 28-31: CPSE Venue: Shenzhenb Convention & Exhibition Centre, Shenzhen, China
Email: overseas_market@cps.com.cn www.cpse.com.cn OCTOBER 28-30: Bidec Venue: Bahrain International Exhibition & Convention Centre, United Arab Emirates Email: ahmed.jarakji@clarionevents.com www.bahraindefence.com NOVEMBER 13–15: Sicurezza Venue: Fieramilano – Rho, Milano, Italy Tel: +39 02 4997 6241 Email: fierasicurezza@fieramilano.it www.sicurezza.it/en NOVEMBER 18– 20: DSEI Japan Venue: Makuhari Messe, Tokyo, Japan Tel: +44 (0) 20 7384 8274 Email: alex.soar@clarionevents.com www.dsei-japan.com/welcome NOVEMBER 19–20: Sectech Sverige Venue: Stockholmsmässan, Stockholm, Sweden Tel: +46 8 556 306 80 Email: deniz.baykal@armedia.se www.sectech.nu NOVEMBER 20–22: All over IP Venue: Sokolniki Exhibition and Convention Centre, Moscow, Russia Email: skochko@groteck.ru www.all-over-ip.ru/en DECEMBER 3-4: International Security Expo
Venue: Olympia , London, United Kingdom Tel: +44 20 8947 9177 Email: info@internationalsecurityexpo.com www.internationalsecurityexpo.com
INTERNATIONAL EVENTS: 2020 JANUARY 19–21 Intersec Venue: Exhibition Centre Arena, Dubai, United Arab Emirates Tel: +971 4389 4500 Email: intersec@uae.messefrankfurt.com www.intersecexpo.com MARCH 8-13 Intersec Building Venue: Frankfurt am Main, Frankfurt, Germany Tel: +49 697575-0 Email: intersec-building@messefrankfurt.com www.intersec-building.com OCTOBER 14–16 Perimeter Protection Venue: Exhibition Centre, Nuremberg, Germany Tel: +49 911 8606 8499 Email: perimeter-protection@ nuernbergmesse.de www.nuernbergmesse.de/security OCTOBER 20-22 Skydd Venue: Stockholm Fair ground, Stockholmsmässan) Tel: +46 8 749 4100 Email: info@stockholmsmassan.se www.skydd.net
TEL: +27 11 452 1115 FAX: +27 11 452 3609 WEBSITE: www.plaslope.com EMAIL: glenda.aereboe@plaslope.com
TAMPER EVIDENT SECURITY BAGS • Debasafe® Tamper Evident Security Bags are used whenever tamper-evident movement is critical. • We manufacture to order and assist in tailor-made solutions to suit your security needs. • A comprehensive range of security features are standard on the bags and additional features can be added. • The sealing strip is used for exacting demands with a heat indicator displaying attempts to tamper. • Tampering by means of cold, heat, solvents, liquids & manipulation is clearly visible. • Bags can be customised according to customer’s requirements with exclusive numbering & bar-coding. • Bags are manufactured in either transparent or opaque LDPE film, in various grades to meet specific requirements.
The bags are used for the safe movement of: • Government Departments • Foreign Exchange • Confidential Documents (Examinations, Elections, Passports, Visas etc.) • High Value Items (Diamonds, Precious Metals, Forensic Evidence, Cellphones, Computer Equipment) • Cash (Banks & Cash-in-Transit companies)
securityfocusafrica.com
SECURITY FOCUS AFRICA JUNE 2019
47
DIRECTORY
SECURITY ASSOCIATION OF SOUTH AFRICA (SASA) ADMINISTRATION 842 Pheasant Street, Horizon Park, Roodepoort Suite 147, Postnet X 2, Helderkruin 1733 National Administrator: Tony Botes t: 0861 100 680 | e: tony@sasecurity.co.za c: 083 272 1373 | f: 0866 709 209 Membership & Enquiries: JP Botes t: 0861 100 680 e: admin@sasecurity.co.za c: 083 650 4981
Accounts: Steve Conradie | t: 011 078 9700 | e: steve@securityalliance.co.za | f: 086 570 8837 SASA OFFICE BEARERS National President: Chris Laubscher c: 082 441 4092 | e: laubscherc@proteacoin.co.za
REGIONAL OFFICE BEARERS Gauteng: Gary Tintinger c: 084 429 4245 e: gary.tintinger@cwexcellerate.com
National Chairperson: Marchél Coetzee c: 084 440 0087 | e: marchelcoetzee@omegasol.com
KwaZulu Natal: Clint Phipps c: 082 498 4749 e: clint.phipps@cwexcellerate.com
National Deputy Chairperson: Yagan Nair c: 082 561 3529 | e: yagannair@national.co.za
Western Cape: Koos van Rooyen c: 082 891 2351 | e: koos@scs-security.co.za
SECURITY AND RELATED ASSOCIATIONS AND ORGANISATIONS PSIRA (Private Security Industry Regulatory Authority) Eco Park, Centurion t: +27 (0)12 003 0500/1 | Independent hotline: 0800 220 918 | e: info@psira. co.za | Director: Manabela Chauke | Chairperson: T Bopela | Vice chairperson: Z Holtzman | Council members: Advocate A Wiid | Commissioner A Dramat APPISA (Association for Professional Private Investigators SA) Bertie Meyer Crescent, Minnebron, Brakpan | e: info@appelcryn.co.za | www.appelcryn. co.za | c: +27 (0)73 371 7854 / +27 (0)72 367 8207 | Chairperson: Ken Appelcryn ASIS International Johannesburg Chapter No. 155. Box 99742, Garsfontein East 0060 | t: +27 (0)11 652 2569 | www.asis155jhb.webs. com | President/chairperson: Johan Hurter | Secretary: Chris Cray ASIS International (Chapter 203: Cape Town – South African Security Professionals) President/chairperson: Yann A Mouret, CPP Secretary: Eva Nolle t: +27 (0)21 785 7093 f: +27 (0)21 785 5089 | e: info@aepn.co.za | www.asis203.org.za BAC (Business Against Crime) Box 784061, Sandton 2146 | t: +27 (0)11 883 0717 | f: +27 (0)11 883 1679 | e: info@bac.org.za CAMPROSA (Campus Protection Society of Southern Africa) President: Des Ayob | e: 27149706@nwu.ac.za Executive Secretary: Derek Huebsch | e: huebsch. derek@gmail.com | www.camprosa.co.za CISA (Cape Insurance Surveyors Association) Shahid Sonday t: +27 (0)21 402 8196 | f: +27 (0)21 419 1844 | e: shahid.sonday@saeagle.co.za | Mike Genard t: +27 (0)21 557 8414 | e: mikeg@yebo.co.za DRA (Disaster Recovery Association of Southern Africa) Box 405, Saxonwold 2132 | Chairperson: Grahame Wright | t: +27 (0)11 486 0677 | f: (011) 646 5587 | Secretary/treasurer: Charles Lourens t: +27 (0)11 639 2346 | f: +27 (0)11 834 6881 EFCMA (Electric Fencing and Components Manufacturers Association) Box 411164, Craighall 2024 | t: +27 (0)11 326 4157 | f: +27 (0)11 493 6835 | Chairperson: Cliff Cawood c: +27 (0)83 744 2159 | Deputy chairperson: John Mostert c: +27 (0)82 444 9759 | Secretary: Andre Botha c: +27 (0)83 680 8574 ESDA (Electronic Security Distributors Association) Box 17103, Benoni West 1503 | t: (011) 845 4870 | f: +27 (0)11 845 4850 | Chairperson: Leonie Mangold | Vice chairperson: David Shapiro | www.esda.org.za ESIA (Electronic Security Industry Alliance) Box 62436, Marshalltown 2107 | t: +27 (0)11 498 7468 | f: 086 570 8837 | c: 082 773 9308 | e: info@esia. co.za | www.esia.co.za FDIA (Fire Detection Installers Association) Postnet Suite 86, Private Bag X10020, Edenvale, 1610 | t: +27 (0)72 580 7318 | f: 086 518 4376 | e: fdia@fdia. co.za | www.fdia.co.za | President/chairperson: Clive Foord | Secretary: Jolene van der Westhuizen
FFETA The Fire Fighting Equipment Traders Association) Postnet Suite 86, Private Bag X10020, Edenvale 1610 | Chairperson: Lizl Davel | Vice chairperson: Astrid Wright | Administration manager: Rosemary Cowan | t: +27 (0)11 455 3157 | e: ffeta@tiscali.co.za | www.ffeta.co.za FPASA (Fire Protection Association of Southern Africa) Box 15467, Impala Park 1472 | t: +27 (0)11 397 1618 | f: +27 (0)11 397 1160 | e: library@fpasa.co.za | www.fpasa.co.za | General manager: David Poxon GFA (Gate & Fence Association) Box 1338, Johannesburg 2000 | t: +27 (0)11 298 9400 | f: +27 (0)11 838 1522 | Administrator: Theresa Botha HSA (Helderberg Security Association) Box 12857, N1 City Parow 7463 | t: +27 (0)21 511 5109 | f: +27 (0)21 511 5277 | e: info@command.co.za | www.command.co.za | Chairperson: Stephen van Diggele IFE (Institution of Fire Engineers (SA) Treasurer: Andrew Greig | President: Mike Webber | Administrator: Jennifer Maritz | PO Box 1033, Houghton 2041 | t: +27 (0)11 788 4329 | f: +27 (0)11 880 6286 | e: adminstaff@ife.org.za | www.ife.org.za ISA (Insurance Surveyors Association) Box 405, Saxonwold 2132 | Chairperson: Graham Wright | t: +27 (0)11 486 0677 | Vice chairperson: Alan Ventress | Secretary: Alex dos Santos LASA (Locksmiths Association of South Africa) Box 4007, Randburg 2125 | t: +27 (0)11 782 1404 | f: +27 (0)11 782 3699 | e: lasa@global.co.za | www.lasa.co.za | President/chairperson: Alan Jurrius | Secretary: Dora Ryan NaFETI (National Firearms Education and Training Institute) Box 181067, Dalbridge 4014 | Chairperson: MS Mitten | Vice chairperson: Ken Rightford | t: +27 (0)33 345 1669 | c: +27 (0)84 659 1142 NaFTA (National Firearms Training Association of SA) Box 8723, Edenglen 1613 | National chairperson: Peter Bagshawe | t: +27 (0)11 979 1200 | f: +27 (0)11 979 1816 | e: nafta@lantic.net POLSA (Policing Association of Southern Africa) t: +27 (0)12 429 6003 | f: +27 (0)12 429 6609 | Chairperson: Anusha Govender c: +27 (0)82 655 8759 PSSPF (Private Security Sector Provident Fund) Jackson Simon c: +27 (0)72 356 6358 | e: jackson@ psspfund.co.za | www.psspfund.co.za SAESI (Southern African Emergency Services Institute) Box 613, Krugersdorp 1740 | t: +27 (0)11 660 5672 | f: +27 (0)11 660 1887 | President: DN Naidoo | Secretary: SG Moolman | e:info@saesi.com SAIA (South African Insurance Association) Box 30619, Braamfontein 2017 | Chief executive officer: Viviene Pearson | Chairperson:
Lizé Lambrechts t: +27 (0)11 726 5381 | f: +27 (0)11 726 5351 | e: info@saia.co.za SAIDSA (South African Intruder Detection Services Association) | Association House, PO Box 17103, Benoni West 1503 | t: +27 (0)11 845 4870 f: +27 (0)11 845 4850 | e: saidsa@mweb.co.za www.saidsa.co.za | Chairperson: Johan Booysen Secretary: Cheryl Ogle SAIS (South African Institute of Security) Postnet Suite 86, Private Bag X10020, Edenvale, 1610 Chairperson: Dave Dodge | Administration manager: John Baker | t: +27 (0)63 782 7642 | e: info@instituteofsecurity.co.za | www.instituteofsecurity.co.za SAN (Security Association of Namibia) Box 1926, Windhoek, Namibia | Administrator: André van Zyl | t: +264 81 304 5623 | e: adminsan@iway.na SANSEA (South African National Security Employers’ Association) Box 62436, Marshalltown 2107 | Administrators: SIA t: +27 (0)11 498 7468 | f: 086 570 8837 | e: galen@sansea.co.za SAPFED (Southern African Polygraph Federation) President: Flip Vorster | c: +27 (0)82 455 1459 | e: info@sapfed.org | Secretary: Anrich Gouws | e: admin@sapfed.org | www.sapfed.org SAQCC FIRE (South African Qualification Certification Committee) Postnet Suite 86, Private Bag X10020, Edenvale 1610 | Executive committee: Chairperson: Tom Dreyer | Vice chairperson: Duncan Boyes | 1475 Committee: chairperson: Lizl Davel | Vice chairperson: John Caird | D&GS committee: Chairperson: Laura Swart | Vice chairperson: Hans Davel | Administration manager: Rosemary Cowan | t: +27 (0)11 455 3157 | e: saqccfire@tiscali.co.za | www.saqccfire.co.za SARPA (South African Revenue Protection Association) Box 868, Ferndale 2160 | t: +27 (0)11 789 1384 | f: +27 (0)11 789 1385 | President: Naas du Preez | Secretariat: Mr J. Venter, Van der Walt & Co SIA (Security Industry Alliance) Box 62436, Marshalltown 2107 | t: +27 (0)11 498 7468 | Chief executive officer: Steve Conradie | www.securityalliance.co.za SKZNSA (Southern KwaZulu-Natal Security Association) t: +27 (0)39 315 7448 | f: +27 (0)39 315 7324 | Chairperson: Anton Verster c: +27 (0)82 371 0820 VESA (The Motor Vehicle Security Association of South Africa) Box 1468, Halfway House 1685 | t: (011) 315 3588/3655 | f: +27 (0)11 315 3617 | General manager: Adri Smit VIPPASA (VIP Protection Association of SA) Box 41669, Craighall 2024 | t: +27 (0)82 749 0063 | f: 086 625 1192 | e: info@vippasa.co.za | www.vippasa.co.za | Enquiries: Chris Rootman c: +27 (0)82 749 0063 | e: vippasa@protectour.co.za
* Every attempt has been made to keep this information up to date. If you would like to amend your organisation’s details, please email jackie @contactpub.co.za 48
SECURITY FOCUS AFRICA JUNE 2019
securityfocusafrica.com
DRIVING COMPLIANCE in South Africa’s Private Security Industry
With a five decade legacy, SASA is the greatest advocate of industry compliance, serving as resource for its members, an educational platform for consumers of security services, and an essential link between the private security industry and government. The Security Association of South Africa (SASA) is nationally recognised by the Government, South African Police Service and all Municipalities as having members with a proven track record within the industry and a Code of Ethics by which members must abide. SASA Gold Membership promotes compliance not only to the industry role-players, but to the end-users of security services as well. Join SASA today and find out more about how we can fight the scourge of non-compliance, promoting SASA Gold Membership as an essential requirement for all security service providers, ensuring industry excellence for the private security industry.
For more information, contact the SASA Administrator on admin@sasecurity.co.za Postal Address: Suite 147, Postnet X2 Helderkruin, 1733. Tel: 0861 100 680 Fax: 086 670 9209
www.sasecurity.co.za
MorphoWaveâ„¢ Compact BY IDEMIA