Cover apr14_001 28/03/2014 13:52 Page 1
April 2014
Security and Fire Management
The key to access management Self-regulation vs legislation for fire safety Reducing risks on the road The pressures of keeping security up-to-date
Project1_Layout 1 03/02/2014 12:30 Page 1
EDIT contents_riskuk_Dec12 31/03/2014 22:27 Page 3
April 2014
43 - There will be some major events in 2014
Contents 44 Saving the environment and money It can be easy being green, according to John Davies of TDSi
46 Technology in focus A round-up of some of the latest new products on the market
52 Risk in action Successful security and fire case studies revealed
56 The pressures of keeping up Organisations face increased pressures around IT security says Oliver Pinson-Roxburgh of Trustwave
6 News News stories for security and fire professionals
11 Appointments
59 Power to the people Graeme Wright, associate director of utilities at Fujitsu UK & Ireland, looks at data security and trust in the utilities sector
Some of this month’s movers and shakers
60 Mobile forensics and trends
13 Evacuation - one out, all out!
Cellebrite research reveals the top trends shaping mobile forensics
Adam Bernstein looks at the challenges of building evacuation and how to achieve a total clearance without a stampede
20 Facing the future of fire David Smith, FIRESA Council Secretary looks at the ‘Facing The Future’ report and its impact on the Fire and Rescue Services
23 Self-regulation vs legislation Simon Jenkins of FireVu gives his opinion on finding an approach that delivers
26 The voice of safety Alison Cousins of Baldwin Boxall Communications asks: fire bells or voice alarm ... which way to go?
31 The key to protection Adam Bernstein looks at the importance of key management in an increasingly technological world
61 Securing email as standard Tom Colvin of Conseal Security insists it is time to face up to the new reality: email encryption should be standard
63 BYOD security Francois Amigorena, CEO of IS Decisions, reveals the six steps to multi-device security in the age of BYOD
64 Voicing the benefits A fresh perspective on security and customer service through voice biometrics by Claire Richardson of Verint
66 Time to be social James Leavesley, CEO of CrowdControlHQ outlines why risk managers need to join the social media revolution
67 The Risk UK Directory 36 The pharmaceutical solution Jeremy Cassady of Securikey looks at the importance of storing pharmaceuticals in a secure facility in a controlled environment
39 Security on the move Reducing risks in transport is part of social care says Geny Caloisi
41 Integrating protection It’s time to take an integrated approach to perimeter security says Jonathan Goss, managing director, Townscape Products
ISSN 1740-3480 Risk UK is published 12 times a year and is aimed at risk management, loss prevention and business continuity professionals within the UK’s largest commercial organisations. © Pro-Activ Publications Ltd, 2014 All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without the written permission of the publisher. The views expressed in Risk UK are not necessarily those of the publishers.
Risk UK is currently available for an annual subscription rate of £78.00 (UK only)
Managing Editor Andy Clutton Tel: 0208 295 8308 E-mail: andy.clutton@risk-uk.com Contributing Editor Geny Caloisi E-mail: geny.riskuk@gmail.com Design & Production Matt Jarvis Tel: 0208 295 8310 Fax: 0870 4292015 E-mail: matt.jarvis@proactivpubs.co.uk Advertisement Director Paul Amura Tel: 0208 295 8307 Fax: 0208 295 1919 E-mail: paul.amura@proactivpubs.co.uk Administration Tracey Beale Tel: 0208 295 8306 Fax: 0208 295 1919 E-mail: tracey.beale@proactivpubs.co.uk Managing Director Mark Quittenton
43 Securing an event What do event organisers need to consider?
RISK UK PO Box 332, Dartford DA1 9FF
Chairman Larry O’Leary
Editorial: 0208 295 8308 Advertising: 0208 295 8307
3 www.risk-uk.com
EDIT comment apr14_riskuk_apr14 01/04/2014 14:24 Page 1
Evacuate Everyone 0HHWLQJ WKH FKDOOHQJH RI HYDFXDWLQJ EXLOGLQJV XVLQJ YLVXDO VLJQDOOLQJ DQG H[FHHGLQJ WKH UHTXLUHPHQWV RI (1 UHTXLUHV D VWHS FKDQJH LQ EHDFRQ SHUIRUPDQFH ,PDJLQH WKH OLJKW RXWSXW UHTXLUHG IRU D VLQJOH EHDFRQ WR QRWLI\ D SHUVRQ LQ D KRWHO URRP RU D IDFWRU\ ZRUNHU LQ D PDFKLQH URRP :KHQ DFWLYH 6RQRV 3XOVH DQG 1H[XV 3XOVH ÀUH DODUP EHDFRQV DUH XQPLVVDEOH DQG XQPLVWDNDEOH DWWUDFWLQJ DWWHQWLRQ IURP SHRSOH ZKR DUH QRW ORRNLQJ DW WKH GHYLFH DQG DOUHDG\ SUHRFFXSLHG ZLWK RWKHU WDVNV
Hotel Room
Factory /DUJH VFDOH IDFLOLWLHV UHTXLUH WKH PD[LPXP DPRXQW RI FRYHUDJH ZLWK WKH PLQLPXP QXPEHU RI GHYLFHV
Machine Room (DU GHIHQGHUV FDQ SUHYHQW DXGLEOH VLJQDOV IURP EHLQJ UHFHLYHG 3XOVH $OHUW 7HFKQRORJ\ HQVXUHV UHFRJQLWLRQ RI ÀUH HYDFXDWLRQ VLJQDOV LQ D FOHDU DQG XQDPELJXRXV PDQQHU
Signalling Solutions
3XOVH $OHUW 7HFKQRORJ\ SURGXFHV D OLJKW RXWSXW VR EULJKW LW FDQ QRWLI\ VRPHRQH LQ D KRWHO URRP ZLWKRXW UHO\LQJ RQ DXGLEOH VLJQDOOLQJ
Gymnasium 9LVXDO $ODUP 'HYLFHV DUH QRW MXVW IRU WKH KHDULQJ LPSDLUHG Even something as innocuous DV ZHDULQJ KHDGSKRQHV SURYLGHV FKDOOHQJHV WR evacuation systems.
EDIT comment apr14_riskuk_apr14 01/04/2014 14:24 Page 2
Comment Signalling Solutions
Sonos Pulse Ceiling EN54-23 Coverage: C-3-15
Check-up time Last month we highlighted the need to maintain security spend, this month it’s time to check your BC is up to scratch wo reports this month highlighted the problems companies can face with inadequate or non-existent business continuity plans. The difference between these reports and the many scores that have gone before them is that they put the problems caused into context by revealing the real costs involved. One report, from the Swiss Reinsurance Company (Swiss Re), revealed that the total costs of disasters from natural catastrophes and man-made disasters totalled $130 billion in 2013. According to the findings, natural and man-made disasters cost insurers worldwide $44 billion and the St. Jude Storm in Europe last October alone is estimated to have caused more than $1 billion in insured claims. While the report went on to highlight that global insurers covered up to $44bn, Mike Osborne of Phoenix’s Business Continuity Unit was quick to point out that this still left an $86bn hole which will of most likely have been absorbed as an unexpected cost to businesses, as well as failing to account for the disruption and reputational damage caused: “The figures released by Swiss Re were staggering,” said Mike. “This really should bring home the importance of effective business continuity planning. Any organisation that does not undertake such practices currently should use this as a call to action to do so, in order to safe guard their operational and financial futures.” Also this month, the Business Continuity Institute published a report to highlight the cost of common threats to organisations; threats such as IT and telecommunications outage, data breach, cyber-attacks and adverse weather conditions. ‘Counting the cost – a meta-analysis of the cost of ineffective business continuity’ demonstrated why it is important for organisations to have a BC plan that can help prevent a drama from becoming a crisis. The report shows that having in place an effective BC management programme can spell the difference between organisational resilience and financial ruin. For example an IBM study on professionals dependent on high-availability IT, the cost of an IT/telecommunications outage can vary from US$1.04 million to US$14.25 million over 24 months. Minor incidents, on average, cost US$53,210 per minute of downtime. Further losses due to reputation-related costs can add up to US$5.27 million for substantial incidents (see News p6). Patrick Alcantara, Research Associate at the BCI and author of the report, commented: “In a time where cutting budgets is the norm, it is important to be reminded of the cost of being caught flat-footed in an incident. The false economy created by cutting down on business continuity may create bigger problems that may impact on organisational resilience and viability.” According to Mike Osborne: “It is perplexing to think why some organisations take such an apparent blasé approach to protecting their business. An extremely robust business continuity program typically costs less than one per cent of turnover.” Could your BC do with a spring clean? Andy Clutton - Editor
T
Sonos Pulse Wall EN54-23 Coverage: W-3.1-11.3
FEATURING:
• EN54-23 compliant beacon technology • :DOO DQG FHLOLQJ PRXQW OLJKW RULHQWDWLRQV • :KLWH DQG UHG ÁDVK RSWLRQV • :LGH FRYHUDJH SDWWHUQ RQH GHYLFH FDQ SURWHFW PRVW URRPV • P$ EHDFRQ FXUUHQW # +] ÁDVK UDWH
Tel: +44 (0)1706 233879 ZZZ NOD[RQVLJQDOV FRP ÀUH
December 2012
5
www.risk-uk.com
EDIT news apr14_riskuk_apr14 01/04/2014 14:25 Page 2
News
News
Ineffective business continuity can cost US$53K per minute The Business Continuity Institute (BCI) has published a report to highlight the cost of common threats to organisations. Entitled ‘Counting the cost – a meta-analysis of the cost of ineffective business continuity,’ the study complies key finding from research around the world that detail how every minute counts when dealing with IT and telecommunications outage, data breach, cyber-attacks and adverse weather conditions. Having in place an effective business continuity management programme can spell the difference between organisational resilience and financial ruin. A recent study by IBM on professionals dependent on high-availability IT, says the cost of an IT/telecommunications outage can vary from US$1.04 million to US$14.25 million over 24 months. Minor incidents, on average, cost US$53,210 per minute of downtime. Further losses due to reputation-related costs can add up to US$5.27 million for substantial incidents. Analysis by the Ponemon Institute reveals that the average cost of data breach and cyber-
attacks stands at an average of US$11.6 million annually. Organisations report costs ranging from US$1.3 million to US$58 million to resolve these incidents. Case studies reveal staggering losses of up to US$4 billion due to severe incidents of data breach and cyber-attack. Non-life reinsurance provider, Munich Re, reported that combined household and corporate insurance payouts for weather-related damage in the United States alone cost US$12.8 billion in 2013. Extreme weather phenomena have increased the severity of damage and value of insurance claims. Patrick Alcantara, Research Associate at the BCI and author of the report, comments: “The aim of the report is drive home the message that business continuity is not the sole domain of an organisation’s BC professional. Ensuring an effective, robust BC programme is also the responsibility of management, budget holders and the rest of staff. In a time where cutting budgets is the norm, it is important to be reminded of the cost of being caught flat-footed in an incident. The false economy created by cutting down on business continuity may create bigger problems that may impact on organisational resilience and viability.”
Argos adopts ‘Secure’ for profit protection Argos has invested in the ‘Secure’ solution from Sysrepublic, for preventing losses at the Point Of Sale. Secure monitors all transactions at the point of sale, alerting investigators immediately to employee theft and fraud, business processes that are acting against the best interests of the company and even conflicting product pricing or promotions. The new system will alert Argos investigators if fraudulent activity or business processes are affecting the company - for example, conflicting pricing promotions or discount offers - or when there is a need for additional staff training. “We already have several years of experience with earlier data mining solutions, so we were aware of our requirements,” explains Mark Driver, National Investigations Manager at Argos and adds, “We were looking for a way of achieving higher performance from our Investigative team and sustainable loss reduction with no increase in costs for the solution. As fraud becomes more sophisticated across all business channels in retail, we have to expect continuous improvement from the tools we use. What differentiates Secure is the degree of control and flexibility available to loss prevention and security personnel, without the need for additional technical expertise, and its ability to easily gather data from multiple sources. Argos will quickly be self-sufficient, maximising the performance of our people.”
6 www.risk-uk.com
Project2_Layout 1 22/03/2014 11:46 Page 1
touchpoint just got a lot more rewarding
Eaton’s industry leading touchpoint membership programme is now bigger and better. Whether you’re an existing touchpoint member or want to join, find out more. Get more than just intruder detection, expect more with touchpoint. Get unrivalled technical support, online materials and rewards.
www.touchpoint-online.com
EDIT news apr14_riskuk_apr14 01/04/2014 14:26 Page 4
Pilgrims Group appoints former UN security leader
Integrated comms for Essex and Bedfordshire FRS
Sir David Veness CBE, QPM, a counterterrorism expert, has joined Pilgrims Group as a Senior Advisor. Sir David, formerly UnderSecretary General of the United Nations Department of Safety and Security (UNDSS), the body responsible for the global security of UN staff and operations, will enhance the group’s overseas security operations in both public and private sectors. Sir David, whose experience includes the role of Assistant Commissioner (Specialist Operations) at New Scotland Yard from 1994 to 2005, dealing with counter-terrorism and security, comments: “I’m looking forward to contributing as a Senior Adviser to the development of the group at home and abroad and, in particular, I’m keen to support the exemplary security role Pilgrims plays in this industry, which has already been recognised by a series of awards.” Pilgrims Managing Director, Bill Freear, concludes: “Sir David’s knowledge of how markets are affected by global terrorism and his experience of policing and international staff safety and security at the highest level will be invaluable to our strategic planning and is set to further benefit our clients across all sectors.”
Fire and Rescue Services (FRS) of Essex and Bedfordshire is opening a new control centre and has awarded Frequentis the contract for providing the latest version of its 3020 Integrated Communications Control System (ICCS) for their new joint control rooms project. As a result, the combined team of Essex and Bedfordshire FRS will have an integrated communication systems comparable, according to reports, with technology used for air traffic management and defence. The Frequentis 3020 ICCS platform focuses on the operational user with a practical approach and the HMI design enables existing operational and business processes to be maintained, allowing a seamless transition where business improvements and changes occur. Assistant Chief Fire Officer, Paul Hill said, “We selected Frequentis again not just because of the capabilities of the company and its system, but also because of the reliability of the current solution in Essex. During the last seven years our Frequentis system has been 100 per cent reliable.” The combined control room facilities of Essex and Bedfordshire will serve a population of almost 2.4 million people in an area of about 500,000 hectares. It includes two major airports, the country’s busiest motorway and commuter rail links in and out of London.
CCTV for all restaurant kitchens? Restaurant kitchens should be fitted with CCTV cameras amid growing public fears over food safety says installer CCTV.co.uk who believes that customers need to be protected from rogue food outlets with poor food hygiene records, a view backed by up to three-quarters of its customers. The company is convinced that the threat of inspectors and concerned members of the public looking over the shoulder of kitchen staff will improve food safety where other attempts at enforcement have struggled. “People worry about where their food comes from, particularly in takeaway establishments,” says CCTV.co.uk’s Jonathan Ratcliffe, “and this would be an important step towards peace of mind.” According to figures obtained by the company, 73% of people questioned thought that CCTV in restaurant kitchens would be a good idea. * 93% who supported the idea wanted footage relayed to a screen front-of-house * 67% who supported the idea thought
8 www.risk-uk.com
footage should only be available to local authority officials or police Jonathan Ratcliffe is convinced that mandatory cameras would be just another weapon in the battle against bad practice and dirty kitchens in the food service industry. However, despite regular inspections by public health officials and the relative success of ‘Scores on the Doors’ schemes, some businesses need the extra nudge that cameras could bring. “A huge majority of businesses would have nothing to fear,” he says, “and some owners we’ve spoken to would actually welcome the initiative.” However, CCTV.co.uk admits there’d be resistance from some restaurant and takeaway owners, and there’s certain to be a conversation over the human rights of staff being watched. “CCTV should be allowed and used as a stick to improve failing food outlets,” says Jonathan. “The threat that health inspectors could call for copies of footage at any time should be enough to concentrate the minds of those who put profit before public health. CCTV would result in cleaner kitchens. I have no doubt.”
Project1_Layout 1 05/02/2014 17:39 Page 1
Have you tried Integriti yet?
Sophistication is not about size The Integriti Security Management System is an IP connected access control and intruder security system that offers sophisticated centralised management for both small systems on a single site, or large systems distributed across the country or across the globe.
With a growing list of new installations take a moment to think of what you’re missing! The Integriti system offers an advanced suite of software, hardware and integrated solutions to deliver complete management of your entire integrated system.
Inner Range Europe Limited Units 10-11 Theale Lakes Business Park Moulden Way, Sulhampstead Reading, Berkshire RG74GB UNITED KINGDOM
integriti@innerrange.co.uk
a4 integriti 0ne page UK.indd 1
+44 (0) 845 470 5000 www.innerrange.com 4/12/2013 8:40 am
EDIT news apr14_riskuk_apr14 01/04/2014 14:26 Page 6
News
Room for improvement The Healthcare sector is in pole position when it comes to being ‘security conscious,’ with the Utilities sector coming last on a study on the top then security aware sectors. The new research, carried out by Versapak, a supplier of tamper evident solutions polled, 2,882 employees who worked in a variety of UK sectors as part of ongoing research into security measures and procedures. The criteria included ascertaining how these sectors deal with items or information that require safe handling, storage or treatment. The health/medical profession is the most security conscious when it comes to looking after important information or goods. Workers in this industry were followed by those in the HR and accountancy sectors on secure handling. Respondents to the study were initially asked whether they handled items or information that
10
www.risk-uk.com
require secure storage or transport. 73 per cent of interviewees answered affirmatively. Of these, 66 per cent had a specific security processes or equipment in place to ensure the safe handling of objects or information. However, only 34 per cent of respondents used the tools they had available consistently. Respondents were asked to select the industry sector that their job fell within from a list of potential options and rate on a scale of one to ten, how security conscious they believed their particular sector to be. The results of this revealed the following top ten based on employee feedback. The figure represents the average response from all of those polled. 1. Health/medical sector - 8.1 2. HR - 7.3 3. Accountancy - 7.1 4. Retail - 6. 9 5. Transport - 6.4 6. Insurance - 6.3 7. Manufacturing - 5.9 8. Education - 5.1 9. Property/construction - 4.8 10. Energy and utilities - 4.6 When asked if they thought there was ‘room from improvement’ within their sector, respondents gave a resounded ‘Yes’. Despite being considered as the number one based on employee feedback, 61 per cent of people working in the health/medical sector believed that things could be better. Only 39 per cent believed that current procedures in place were sufficient. When aggregated across all sectors, 72 per cent of all respondents believed that there was ‘room for improvement’ across their sector. Worryingly, interviewees from the energy and utility sector, transport workers and those working in retail admitted that they have seen evidence of security procedures being bypassed in their workplace. Leon Edwards, Versapak Managing Director comments, “In most industry sectors there is a requirement for secure storage or transportation of some kind. Whether you’re handling cash, sensitive information or medical supplies there is always a requirement to ensure that these items aren’t tampered or interfered with by unauthorised persons. The majority of companies have some form of procedure in place, but these are by no means watertight. Based on personal experience I’d say that every sector has room for improvement when it comes to secure storage or transportation. Businesses have a high responsibility to safeguard data or objects entrusted to their care, so they need to make sure that they keep on top of their game and put strict processes in place.”
EDIT people apr14_riskuk_apr14 01/04/2014 14:27 Page 3
People
Mark Wood
David Thorp
Fire Fighting Enterprises (FFE) has welcomed Mark Wood as its newlyappointed Business Development Manager. With a strong background in business development in the fire, safety and security industries, Mark will be working to support existing flame detector customers and to identify and develop new opportunities around the world for the flame detector market. Talking about this new role, Mark said: “I am really looking forward to creating a closer dialogue with current and prospective customers, so that we can really understand better what they want and need from their flame detectors. This will let us respond with technical innovations and after sales service that will focus on the things that matter – that provide a real benefit to our specifiers, installers and end-users.”
The Security Institute has announced that David Thorp has been appointed to the newly-created role of Managing Director. David holds a BA in Law and an MSc in Training and Performance Management and most recently he was Director of Research & Professional Development at The Chartered Institute of Marketing. He is a Fellow of the Royal Society of Arts, a Fellow of the Chartered Institute of Marketing and a Member of the British Institute of Learning and Development. Commenting on his new role, David said: “I feel both delighted and privileged to have been appointed Managing Director of the Security Institute. I was drawn by the challenge of delivering the ambitious growth plans and I am looking forward to developing and influencing the shape of our sector, as well as supporting our members in their professional career development. The Security Institute has many dedicated volunteer security professionals and I relish the opportunity to work with them to help develop its future.”
Richard Chappell TC Facilities Management has announced the appointment of Richard Chappell as its new Chief Executive Officer. In a move designed to ensure continuity and facilitate future growth, the company’s shareholders have asked incumbent Chief Executive Officer, Paul Kennedy, to become Executive Chairman. Peter Ellis has moved into a Deputy Chairman role whilst Keith French has been appointed to the Board as Strategic Development Director. Richard Chappell joins TC Facilities Management from the Impellam Group, where he spent 16 years in several senior management roles, including Managing Director of Carlisle Security and four years as CEO for Carlisle Support Services. During his earlier career, he worked for Aldi as District Manager and Lidl as Regional Director.
People
Howard Mann Securahomes has appointed Howard Mann as the company’s new Operations Manager. Based in Eccleshill, Howard will be responsible for overseeing the day-to-day operations and developing the company’s sales, marketing and customer services initiatives. Howard will also be responsible for the firm’s internal research and development programme, as well as helping to launch the company’s latest products introductions, which include its new wireless telecare range and its two-way voice monitoring burglar alarms. Speaking on his appointment, Howard states: “My role will be to help increase the company’s marketing and sales activity, as well as supporting the launch of our current and future product developments. I’m really looking forward to the challenge.”
Adam Norris TDSi has appointed Adam Norris as its new Director of UK Sales. As part of his new role Adam has been tasked with developing and implementing a revised channel and pricing strategy, which is designed to further support and develop TDSi’s partners. Adam commented on his appointment to the role: “It’s exciting times at TDSi – as a company we punch well above our weight and the team is made up of a great bunch of people - I’m pleased that I will be working with them over the coming years.” Before joining TDSi Adam was Business Development Director at AMAG Technology (EMEA & APAC) and National Accounts Director at Chubb Electronics Security UK.
11 www.risk-uk.com
EDIT people apr14_riskuk_apr14 01/04/2014 14:27 Page 4
People
Richard Moore Essentra Security has appointed Richard Moore as its UK Director of Sales. In addition to managing the day-to-day activities of the company’s internal and field based sales personnel, Richard will be working with key customers to help identify and generate new business opportunities Reporting to Simon Jones, General Manager of Essentra Security, Richard is no stranger to the Essentra Group, having for the last nine years held the position of General Manager of the Group’s component distribution division.
“I am excited about having the opportunity to lead and develop a highly talented sales team who share my passion for providing the highest levels of pre- and post-sales support,” said Richard. “Our key objective is to encourage our customers and business partners to take advantage of the market knowledge and expertise that we have acquired over the last 20 years to help them gain maximum advantage from the latest ID technologies and products.”
Douglas Barnett The Council of BAFE, the independent, third party certification registration body for the UK fire protection industry, has elected Douglas Barnett, Head of Customer Risk Management, AXA Insurance (UK) plc as their new Chairman, following the retirement of Phil Toase CBE, QFSM, DL. Phil served as Director and Chairman for nine years and had overseen the major developments and growth at BAFE, which now has over 1100 registered companies across a range of schemes and in every part of the UK. Douglas has over 25 years’ experience in risk management with an extensive global background. He represents the Association of British Insurers and other commercial groups in consultations with Government bodies and technical groups. He has a number of technical qualifications including the Post Graduate European Diploma in Fire Safety Management and is a member of a number of professional bodies.
Peter Jackson Peter Jackson of Jacksons Fencing has been appointed Group Vice Chairman of the Site Security & Access Control Group for the Data Centre Alliance, which is the International Association for the Data Centre Industry. Jackson will work alongside Group Chairman, David Ayers, Security Services Manager for Telehouse Group. The Site Security and Access
12
www.risk-uk.com
Keith Newton SilverNet has announced an expansion of its sales team with the appointment of Keith Newton as Business Development Manager. Keith will be working with consultants, installers, system integrators and distributors to identify new opportunities for SilverNet’s range of wireless networking solutions. Keith, who immediately prior to joining SilverNet was Sales Engagement Manager for Ericsson, was previously a sales engineer for six years for BelAir Networks. Managing Director Chris Ballard said: “Keith’s extensive knowledge of transmission issues will be of immense value to us as we look to provide project support to installers who are competing for new business, as well as providing their existing clients with a costeffective alternative to the traditional cabling methods or the use of leased lines.” Control Group represents a new initiative intended to improve the level of understanding regarding physical security requirements for data centre sites. Peter Jackson says: “I am delighted to accept this role and look forward to working with David to drive a programme designed to create a heightened awareness of the importance of effective physical security strategies for the data centre industry.”
EDIT article 1 apr14_riskuk_apr14 01/04/2014 00:35 Page 1
Evacuation
larm systems are taken for granted but it’s not until they’re actually used in anger that their quality and effectiveness can be truly evaluated. Clearly standards and design are critical to getting their deployment right and as Paul Pope, business innovation manager – EMEA for Apollo Fire Detectors says, “the process of safely evacuating people from a building or area is complex, and requires the input of specialists from the initial consultation and design stage through to the commissioning stage and finally the ongoing building management.” The question is then, what do buyers need to be aware of when specifying? Clym Brown, marketing director of Klaxon Signals thinks that when considering different types of notification systems, it is important to assess the nature and importance of the messages, the type of personnel the messages are intended for and the physical and environmental conditions that the system will be installed in. It’s for these reasons that his company in particular differentiates notification system types into three main application areas - fire safety, mass notification systems and industrial signalling. Says Brown: “Each application area requires a different approach and mindset when considering product solutions and system design, and it is equally as important for facilities managers and end users to understand the different philosophies and constrains imposed by each system type.”
A
One out, all out!
Fire safety Turning first to fire safety, the applications here are the most prevalent form of evacuation system and it’s not hard to see why - in these scenarios it is imperative that there is no ambiguity in messages or system performance requirements. The main point is that no one fire safety element works in isolation. Pope says fire detection and alarm systems do provide one method for the early warning and evacuation strategy to begin – “but before this, a lot of work has to be undertaken to ensure that all elements come together to ensure that all occupants are given the best possible chance to exit the premises safely and quickly under a number of unforeseen scenarios.” Standards are important. Jim Spowart, part of Eaton’s Fire Systems Business, says that when it comes to fire evacuation, a British Standard, BS5839 Part 1, issues the basic requirement for all fire systems. “The main requirement is to detect a fire at an early stage to give the maximum available time to enable the safe evacuation of the building.” He details the
five elements of the requirement - effective and early detection; a method of raising the alarm either by automatic or manual devices; a method of alerting the occupants, a similar sound, audible throughout the building with fixed minimum sound outputs; a clearly defined, protected and unobstructed escape routes; and a clearly defined evacuation plan. Brown expands on the basic requirement: “Fire alarm systems must be able to warn all occupants of the need for evacuation, assuming that the recipients have no system knowledge nor have any specialist training,” says Brown, adding, “as you would expect, these markets
Adam Bernstein looks at the challenges of building evacuation and how to achieve a total clearance without a stampede…
When considering notification systems, it is important to assess the nature and importance of the messages and the type of personnel the messages are intended for 13
www.risk-uk.com
EDIT article 1 apr14_riskuk_apr14 01/04/2014 00:36 Page 2
Evacuation
(continued from p13)
are highly regulated, defining both product and system performance and ensuring that fire systems behave and operate consistently in terms of detection and evacuation.” Of course part of the equation means ensuring that the fire detection system operates the fire protection measures correctly according to the fire evacuation strategy. For Pope, the considerations include simultaneous or phased evacuation, closing fire containment doors; grounding lifts to a safe area relative to the fire, fire and smoke damper control. “People will potentially be unfamiliar with their surroundings, possibly orientated to a different time zone and speaking different languages all these issues need to be provided for in the event of an incident.”
Duty of care for all Part of a working system means catering for the less abled. The introduction of the Disability and Discrimination Act (DDA) back in 1995, which aimed to end the discrimination that faced many people with disabilities, played a key role in the development of the fire industry. As a result, employers, organisations and businesses must now have fire procedures in place that take account of the requirements of the DDA, including warning systems that cater for both the hearing and visually impaired. The Act was significantly extended with the enacting of the Disability Discrimination (NI) Order 2006. But Spowart makes clear that there is other legislation and codes of practice to bear in mind such as Building Regulations Approved Document M which covers disabled access to and use of buildings while Section M1 includes schools, maintained schools and purpose built student accommodation; the Building Regulations Approved Document B (Fire Safety) Volume 2, Section 4 which covers designs for vertical escapes in buildings other than flats, all commercial buildings and housing association properties; and British Standard 8300:2009 which covers the provision of disabled facilities within a building. In addition, there’s also the Regulatory Reform (Fire Safety) Order 2005 (RRO) that
“The challenge created from the introduction of VADs under EN54-23 has been the increased current draw on devices…” 14
www.risk-uk.com
came into force in 2006 to note. It states that the responsibility for fire safety lies with employers and that they have a duty to ensure the safety of everyone who uses their premises, including those in the immediate vicinity. In essence, the RRO requires any person who exercises some level of control within premises to take reasonable steps to reduce the risk from fire and ensure occupants can escape safely if a fire does occur. Spowart is clear about this duty: “Organisations and individuals are required by law to take fire safety seriously. This legislation has now been in force for almost 10 years. It defines the person responsible and places a duty of care on him to develop and comply with effective fire safety precautions. As background, the RRO was made under the Regulatory Reform Act 2001 and combines previous fire safety law into a single piece of legislation. Fire certificates are no longer provided and those previously issued now have no legal status, although they can be used as a basis for fire safety measures. Although a fire risk assessment was necessary under previous legislation, the RRO requires the responsible person to make a suitable and sufficient assessment of the risks to which relevant persons are exposed, for the purpose of identifying the general fire precautions needed to comply with the RRO. Spowart says that generally the RRO is enforced by the county fire and rescue services who have a number of powers. They can offer informal advice on improving fire safety provisions; issue a ‘Notification of Deficiencies’ advising formally of shortfalls on fire safety provisions; issue an ‘Enforcement Notice’ detailing requirements and setting timescales; issue an ‘Alterations Notice’ if required to prevent changes to provisions already in force. “But it’s the power to issue a ‘Prohibition or Restriction notice’ to restrict use of all or part of a building or their ability to bring prosecutions through the courts for persistent or extreme non-compliance that should concern dutyholders the most,” says Spowart. Overall though, Brown believes that the legislation in the area has changed the playing field: “These policies have not only forced employer accountability, affecting companies and businesses, but have changed the way the fire industry has developed. Technology has moved on from its rudimentary beginnings with the simple fire bell and is gathering speed, making use of combined sounder-beacon technology and pre-recorded voice messaging.” In essence, market forces and legislation have led to many fire and security systems
Project1_Layout 1 24/03/2014 19:20 Page 1
Best imaging Smart solutions
Smart solutions for every day IP video surveillance. Securing your business and taking care of your system costs without compromising on image quality simultaneously? Benefit from IP 2000 and IP 5000 family cameras with the new DIVAR IP recording solutions from Bosch. By smartly combining these products you can tailor and scale your IP video solution to fit your needs. Guaranteeing best imaging, substantial reduction of storage costs and 24/7 access to your HD video images. The DIVAR IP recording solutions can handle up to 128 channels and storage devices can be added to meet growing storage requirements. www.boschsecurity.com
EDIT article 1 apr14_riskuk_apr14 01/04/2014 00:36 Page 4
While many see evacuation solutions as being an internal need, external areas also require protection too 16
www.risk-uk.com
being redeveloped to take their capability beyond that of a basic audible warning. A sounder should now no longer be used in isolation but in conjunction with a beacon, to comply with the DDA. Clearly relying on audible fire alarm notification alone disadvantages people with hearing impairments or those working, or living, in sound reducing conditions. Even something as simple as wearing a pair of headphones could prevent someone from hearing an audible fire evacuation warning. To truly evacuate everyone from a building, dutyholders need to signal effectively using light as well as sound. Brown, as does Pope, points to standards, as well as legislation, as having made a difference in product design. A new European fire system standard - EN54-23 – came into force on 31 December 2013 and it recognises new requirements and specifies the minimum performance requirements for Visual Alarm Devices (VADs), removing any previous ambiguity regarding the light output requirements or system design parameters involved with using light to evacuate buildings. The aim, of EN54-23, says Pope, is to enable manufacturers to design, produce and have certified VADs to a specified visual coverage and mounting position to ensure that any individual with a hearing impairment – physical, environmental or equipment related is notified in the event of a fire. “In these situations, audible alarms – sounders – are not considered to be effective as the only primary means of warning device.” This standard specifies the minimum requirements for VADs, providing performance criteria and test methods in a uniform and consistent way. This provides manufacturers with a mechanism to specify VAD device performance, allowing system designers to choose the most appropriate device for a particular application.
Another element to the EN54 standard – EN54-13 - is a requirement where the whole system is certified as a package and some countries such as Belgium and Netherlands see this as a standard for their market. But Spowart says that this is currently not a harmonised standard, so countries can opt out. However, as a systems manufacturer this could be a way forward for Eaton’s Fire systems business, but other system manufacturers may also push for the implementation of this in the UK. VADs are particularly useful in areas such as hotels, hospitals, and shopping centres to name a few says Pope, adding that following a site/risk assessment VADs should be positioned wherever hearing impaired individuals may be unaccompanied e.g. bathrooms, toilets and bedrooms. “They are not, however, intended to waken people from sleep and in these situations they should be used in conjunction with tactile alarms. “ Of course EN54 will have major implications on product selection and system design reckons Brown. And in the context of EN54-23, generating sufficient light output to meet the new requirements has required advancements in light technology that that has increased device costs. Spowart echoes this, noting that the recent changes to EN54 have also prompted changes to panels, power supplies and sounders. “The challenge created from the introduction of VADs under EN54-23 has been the increased current draw on devices. Previously manufacturers have been gradually reducing the amount of current taken through efficiency savings – this was specifically aimed to reduce the size of backup battery or to provide a longer standby period for the same battery capacity.” More importantly, most conventional and addressable fire alarm systems are dependent on low current devices, allowing numerous system components to be added onto a single ‘loop’. Brown says that this saves time and cost in wiring, reduces the number of power supplies and aids installation and commissioning. But as we’ve seen, for many manufacturers EN54-23 has required additional power, and additional devices, in order to comply with the new light output and system coverage requirements. One consideration when specifying is that as Spowart says, most manufacturers utilise their own specific communications protocol so only their equipment will work on their panels: “For these applications ease of installation, costs and reliability would be the choices of the installer.”
EDIT article 1 apr14_riskuk_apr14 01/04/2014 00:37 Page 5
Evacuation
Mass notification With ever greater concentrations of people so comes the greater need to devise more efficient methods of evacuation with ‘mass notification systems’ and signalling solutions for large complexes. Spowart believes the most effective method of carrying out a mass evacuation is by the use of voice commands: “Research has proven that in an emergency people will react without confusion or panic if they receive a clear, intelligible message.” A well implemented system, he thinks, can be used to direct people away from the source of danger or indeed to tell them to remain in their current position and await further instructions. But systems can be multi-purposed. Remember that most large enclosed areas such as shopping centres, football grounds, theatres and the like already employ public address systems for announcements and general information. These systems can be utilised to convey safety messages to enable the safe evacuation of people. However, Spowart points out that if this is the case then fire rated cable (FP200 type) must be specified for the speaker circuits. He also says that in this instance the use of speakers for fire safety is regulated by British Standard 5839 Part 8 which indicates the type of speakers, sound pressure levels and intelligibility. This means that the terminal blocks (usually ceramic) need to be able to withstand a similar temperature for a similar duration to that of the interconnecting cable (fire rated 830ºC - PH30 standard cables / 930ºC - PH120 enhanced cables) and recessed ceiling loudspeakers (when used) need to be fitted with a protective non-combustible fire dome that is able to withstand a temperature of 850ºC. “But when it comes to design,” says Brown, “each solution is going to have to be bespoke for the location and environment – it’s not a case of applying standard products in a standard configuration.” This is why Brown’s company doesn’t just focus on product performance – they get system design consultants to work with end users to design in performance while managing cost. So in terms of planning a system, mass notification system design generally falls into four discrete stages: Stage 1: Strategic Assessment Here initial enquires are assessed for mass notification suitability, with the objective of ensuring that the aims of system performance are clearly defined. Stage 2: Physical Location Study This is the assessment of physical properties
“Research has proven that in an emergency people will react without confusion or panic if they receive a clear, intelligible message” of the application site, taking into account the size and location of the site, the population density, special factors and communication requirements, both locally and remotely. Stage 3: Acoustic Analysis Clearly sound based systems need onsite planning and this stage allows for background acoustic survey to be conducted and major sound path restrictions identified. This leads to the development of a ‘sound plan’ based on a detailed computer simulation. Stage 4: Solution Design Lastly, before deployment, the different designs are computer modelled and evaluated, to find the best solution for maximum performance with minimal disruption and cost. Procurement specifications are produced. Part of the modelling process involves inputting the physical dimensions of the site and modelling all elements that may effect sound propagation, including outbuildings, terrain, and other environmental factors. By taking on-site background ambient noise readings and including them in the model, system designers can assess performance based on both volume differentials and message intelligibility.
Industrial signalling While fire and mass notification are obvious targets for notification systems, so industrial signalling applications are more generic and can take many forms. Brown details how they can notify that a machine is operating, automate production and indicate that a room is occupied – “what will be interesting for industrial markets is the potential effect EN5423 may have on product selection and
17
www.risk-uk.com
EDIT article 1 apr14_riskuk_apr14 01/04/2014 00:37 Page 6
Evacuation
availability.” But in fact many products used for generic industrial applications are derived from products aimed at the fire market - Klaxon Signals has a host of fire alarm notification products that have been adapted for industrial use, mainly by converting products to work with AC based power supplies. However, as we’ve seen earlier, with EN54-23 changing the cost and performance characteristics of fire beacons, whether or not industrial beacons migrate to the latest beacon technologies remains to be seen.
External area warning
The general public and visitors to a site cannot automatically recognise or understand the meaning of the signal and automatically react accordingly 18
www.risk-uk.com
But while many see evacuation solutions as being an internal need, external areas also require protection too. Consider that in the case of educational establishments, large industrial and Control of Major Accident Hazards sites the duty to protect extends not only to site personnel/students who are outside of the buildings but also members of the public, delivery and contract personnel. “This diverse range of people with differing knowledge regarding the function and appropriate actions that need to be taken in relation to an emergency situation, plus possible language issues, require a sophisticated signalling approach if security and safety are to be maintained at an appropriate level,” says Brown. So to achieve the type of coverage required systems need to use sirens that can achieve clear voice and tone signal communication above local background noise across a wide coverage area. These need to be supported with beacons, message board displays and GSM messaging facilities. Brown says that it can be argued that for people associated with a facility, and those
contracted to the facility, that only a simple tone warning signal is required as they will have been educated and trained in the appropriate response action. In contrast, the general public will not recognise the meaning of the signal or know the appropriate action to take. However there may be more than one form of incident that has to be communicated which may require totally different responses from people. Good examples to illustrate the point include warning of a fire situation - when people are required to remain outside of buildings - and incidents when perhaps terrorism is involved and staff need to stay inside in a lock down situation. With these considerations the communication becomes more complex and some form of voice commands supporting the tone warning signals may be required. As a result, sophisticated electronic siren technology capable of providing multiple clear and defined tone signals, as well as prerecorded messages that can be interwoven with the tone signal, are required. Brown also suggests that it’s important to have the ability to use a public address system or a large screen display for dynamic messaging in a fast changing situation. Going further, electronic sirens could be integrated to allow the event to be automatically broadcast over a GSM network to known defined people who could potentially be at risk. “The benefit of this,” according to Brown, “is that a pre-recorded message facility could be very useful to communicate to people who do not speak English as a first language, or at all, as the messages could be broadcast in several languages.” But there is one major issue that that creates more difficulty and confusion in open air wide area signalling - there are no national standards which apply to a certain signal type and its meaning. Therefore the general public and visitors to a site cannot automatically recognise or understand the meaning of the signal and automatically react accordingly. Brown comments that this extends to site personnel at times whose site adjoins another facility where a particular warning signal that can be heard on either site means different things on the two sites. So by definition, each installation needs its own bespoke evaluation and setup when creating an evacuation solution as the layouts, audio paths, individuals to be communicated to and hazards all differ. There is no ‘one size fits all’ solution and buyers do need to seek out good advice. The trick seems to be to involve the professionals and buy according to standards.
Project1_Layout 1 01/04/2014 15:06 Page 1
Store, manage and control keys, cards and small assets more securely and efficiently with KeyWatcher® Touch. Access is limited to authorized users, and all transactions are recorded with detailed reports available. The system will even automatically email transactional information to any user – at any time. And KeyWatcher’s convenient touchscreen makes removing and returning keys easier than ever. With our modular design and full scalability, it’s easy to see how we keep making key management better. That’s Morse Watchmans’ outside the box thinking – right inside the box.
morsewatchmans.com • 0115-967-1567
EDIT article 8 apr14_riskuk_apr14 01/04/2014 14:11 Page 2
Facing the future of fire By David Smith, FIRESA Council Secretary ast year, Sir Ken Knight, approaching the end of his tenure as England’s Chief Fire and Rescue Adviser, produced a report entitled ‘Facing The Future’ which featured a wide range of discussion points relating to potential changes to the Fire and Rescue Services (FRS). Since then, its content has been digested by a spectrum of organisations including central and local government, the Chief Fire and Rescue Officers Association [CFOA], representative trade bodies and indeed many individual companies with a vested interest in the Fire and Rescue sector. The national press cherry-picked certain aspects of the report to deliver predictably sensationalist headlines while the Fire Brigades Union described the review as ‘just a fig leaf for slashing our Fire and Rescue Services to bits’ and with the passing of time, it is increasingly probable that such a high profile report will catalyse a significant effect on the future joint or individual delivery models of our FRSs. The Fire Industry Association’s FIRESA Council acted as contributors to Sir Ken’s review and was delighted to find that their key recommendations were indeed incorporated into the final report. Among the observations in the report are that the 46 Fire and Rescue Authorities in England have different governance structures and delivery models; an example of government’s much-vaunted localism policy but one that acts as a fundamental barrier to achieving collective efficiencies and made worse by a paucity of sector leadership and sharing of best practice.
L
The 46 Fire and Rescue Authorities in England have different governance structures and delivery models; an example of government’s much-vaunted localism policy 20
www.risk-uk.com
The report refers also to duplication in the design, commissioning and evaluation of firefighting products and notes that in order to achieve interoperability, there needs to be a more sensible approach to product customisation. The FIRESA Council has been promoting the concept of a nationallyrecognised equipment evaluation scheme and is now making substantive progress with the CFOA on this important issue, with clear output-based specifications for equipment underpinning this initiative. On procurement, the report makes reference to potential financial and other resource savings and Sir Ken sees the way forward as encouraging collective public body procurement for generic items, while for specialist FRS equipment the Fire Authorities should work in collaboration where possible. There are many other areas where the FRSs, its suppliers and customers (i.e. you) will be impacted according to the forward momentum or otherwise of the discussion points within ‘Facing The Future’. These include FRS mergers and shared services, mutuals and potential privatisation, co-responding with other blue light services, changes to the oncall/permanent fire fighter ratio, a shift from traditional fire appliances to smaller specialised vehicles and the developing role of the Fire Service College, which was recently sold to Capita. The future trajectories of many of these changes may not always be mutually compatible and are strongly dependent on local rather than national political will but there are positive signs that some concerted progress is possible. After the report was published a Select Committee took written evidence, including from the FIA, which elicited views on the proposals and this was followed by an oral session involving key figures including a number of Chief Fire Officers. There was also a phone in during which 70 participants were able to put questions to both Sir Ken and the Fire Minister, Brandon Lewis. My own question concerned collaborative procurement and this particular point was the subject of a live vote, the result of which was that 85% of callers felt that there should be more shared procurement by the FRSs. Regrettably, government’s own eagerlyawaited response to the report has been much delayed with the ‘autumn 2013’ target now long passed but there is certainly a vital role for central government in what can be achieved in order to improve the operation and efficiency of FRSs. An example of this from the recent past is the Fire and Rescue Services Act 2004 which
EDIT article 8 apr14_riskuk_apr14 01/04/2014 14:11 Page 3
FIA comment
was brought in under the previous Labour administration and which assigned responsibility to each FRS to deliver services appropriate to local need and hence the arrival of the Integrated Risk Management Plan. Since the current coalition government came to power in May 2010, ‘localism’ has proved to have a strong basis in government policy and a very important one given its impact on the FRSs. This devolvement in decision-making from central to local government at the same time as dramatically cuts in financial support to local authorities has left Councils making difficult decisions about which services to curtail and, dare we say, taking the blame for it all. It’s also true that the cuts have not been delivered proportionally and the treatment of the Fire and Rescue Authorities is a key example of this. In the first year of the cuts 2012/13, Hampshire, Cheshire and Dorset were actually awarded small increases while most Authorities saw reductions of between 2-12% with the worst affected including Shropshire, South Yorkshire, Cleveland, Merseyside, Greater Manchester, West Yorkshire, Derbyshire and Humberside. The effects are also skewed by the fact that the FRSs are financed by a combination of grant awards (as referred to above) and Council Tax and the relative proportions of these differ widely depending on the Authority concerned. In Hereford and Worcester, for example, the direct grant contributes around a third of the cost of running the FRS while in West Midlands, it’s more than two-thirds and hence the impact of a grant award cut is much greater. Most practitioners across the wider fire safety industry would point to a hands-off approach by this government in respect of fire safety policy and legislation and it is no coincidence that the Department of Communities and Local Government, which includes responsibility for fire safety and our FRSs, became the most trimmed-back government department. In fact, back in 2010 a report entitled ‘Fire Futures’ report was prepared by the fire safety sector itself and featured recommendations that were considered by the then Fire Minister, Bob Neill. In response, DCLG identified just seven actions in which they may participate (but not lead) and a startling 113 points that were handed back to the sector to progress as they see fit. We might see sector-led change as a good thing and while it is in principle, it’s relevant to note that the Fire Sector Federation and other bodies that are progressing this have no legislative or regulatory jurisdiction and are reliant on voluntary guidance.
The difficulty with the FRSs is not so much that they cannot implement change but that they function largely autonomously and hence tend to be divergent rather than collaborative. This individuality is a real problem to the premises owner who may not be sure how their local FRS will respond to an automatic fire alarm and will find it will differ for branches of their business in different parts of the country and also to suppliers to the Fire and Rescue sector who, for example, will have to spray paint their fire appliances differing shades of red depending on which Service is purchasing them. There are, however, signs of a more concerted and rational approach to the collective operations of the FRSs with much of it depending on the implementation of aspects of the ‘Facing The Future’ report. Already, we have seen DCLG commissioning PA Consulting to gather data on FRS procurement and this has led to a joint project between DCLG and CFOA to aggregate demand from the FRSs. With the FIA about to sign a Memorandum of Understanding with CFOA, we expect to make substantive progress on this as well as on a national or at least regional equipment evaluation regime. More widely, many believe that there will be a greater measure of regionalisation within the FRSs and moves to attain some form of collaboration between the FRSs, ambulance and the police. Indeed, the Fire Minister, Brandon Lewis, in a speech last year referred specifically to his support for greater collaboration among the ‘blue light’ services as well as to another of Sir Ken’s tenets - that of growing the proportion of retained or ‘on call’ fire fighters. What has been a fragmented picture now has the potential to become significantly more concerted to the extent that this year may well see a new direction of travel emerging among the FRSs. Questions remain regarding how consensus is to be achieved and to what extent central government will assist in these processes. We may be sure, however, that any such evolution will affect the FRSs and probably the ‘blue light’ services as a whole, FIA members as suppliers to the Fire and Rescue sector and, not least, all of our citizens in our reliance on our Fire and Rescue Services.
Many believe that there will be a greater measure of regionalisation within the FRSs 21
www.risk-uk.com
Project1_Layout 1 01/04/2014 15:22 Page 1
www.chubb.co.uk
UNITED PERFORMANCE.
FOR BEST-IN-CLASS FIRE AND SECURITY SERVICES
Chubb Fire & Security is united in delivering exceptional service to its customers, providing greater access to a wealth of expertise. Chubb Fire & Security has merged its separately branded businesses in the UK and Ireland to deliver a richer and more streamlined experience for its customers nationwide. www.chubb.co.uk © Chubb Fire & Security Limited
Available Now!! SA66 & DA66 Two new revolutionary electric locks that solve all the issues with transom fitting and Side loading on both single and double action doors. Issues with shear locks, and solenoid bolts are problems of the past. • • • • • • • • • •
Releases under side loads in excess of 100kg (PRen13637) Holding force of 1000kg 10mm thick solid stainless steel bolt 13mm bolt projection Pulls door closed if misaligned by up to +/- 8mm Fail safe/fail secure Bolt stays retracted until door is closed to eliminate bolt noise Door and bolt position monitors Surface housings available for both timber and glass mounting Fire rated BS.476.Part 22-1987
www.secure-access.co.uk Tel: 0845 1 300 855 info@secure-access.co.uk
EDIT article 16 apr14_riskuk_apr14 01/04/2014 14:20 Page 1
Fire safety
Self-regulation or legislation? he recently released Fire Futures Forum report highlighted a key issue at the heart of reducing fires, can industries selfregulate or do they need a legislative push to achieve satisfactory levels of safety? The report, sponsored by the Chief Fire Officer’s Association, focusses its efforts on the waste management and recycling industries. Even if you are not in the sector, you might well be familiar with the problem of major fires in the sector. On average there is a fire every day in the UK at an industry plant, according to the Environment Agency’s own statistics. Major fires grab the media headlines at least once a month. No-one in the industry could really deny the problem although incredibly it was put forward by some participants that “media sensationalism” had played a disproportionate part in stirring up the issue. It is not the most promising or auspicious standpoint to begin a discussion. Nevertheless, it is becoming an unavoidable issue that demands attention as many diverse and important groups are becoming increasingly frustrated: fire services with putting their men in danger and the substantial costs at a time of swingeing cuts, the Environment Agency with expensive pollution clean-ups, local communities with health issue concerns and local businesses with costly disruption. The waste management and recycling businesses themselves obviously suffer from the loss of material and business disruption. They are also under more pressure from insurance premiums going-up and possible fines levied for false alarms and irresponsible pollution. The more professional sector businesses are naturally concerned with the image of their companies and industry. Yet, the direct and indirect consequences of waste management and recycling fires have not been enough to lead to action that will sufficiently reduce the frequency, scale and impact of these fires. The Fire Futures Forum made some notable suggestions: the setting up of an Industry Code of Practice and a more integrated planning process tackling waste management site blazes. Yet, these are unlikely to impact in any major way on the problem. There was no need in the opinion of the forum for legislation and certainly no “political
T
Simon Jenkins, product manager of fire detection solution provider FireVu, gives his view on finding an approach that delivers groundswell” of support for it, inside and outside the industry. Moreover, fire detection, prevention and suppression measures are except for the most basic legal obligations only suggestions. Amazingly, there was only a brief mention of them in the forum report – and that was from the token MP and not the professionals. I fear that the self-regulation approach will only put off the question to the fire problem. Procrastination is the enemy of time and the waste management and recycling industries.
On average there is a fire every day in the UK at an industry plant, according to the Environment Agency’s own statistics 23
www.risk-uk.com
EDIT article 16 apr14_riskuk_apr14 01/04/2014 14:21 Page 2
Fire safety
Let’s switch to another sector, hi-rise prestige buildings, which shows that there needs to be strong drivers to force change. In many industries there are already catalysts pushing change towards fire safety. The speed might very, but the legislation and measures that are required are enacted eventually.
There has to be a push to action The Gulf’s fantastic architecture is familiar even for those of us that have not visited the region. The frequent and often deadly fires that plague the high rise buildings are for now a lesser known issue for outsiders although not the Gulf’s residents. Many buildings, made of aluminium composite panels, are very susceptible to fire. The shocking blaze at the 34 storey Tamweel Building in November 2012, coming on the back of a catalogue of 18 major fires between January 2012 and May 2013 is leading to a firm change in approach. Is there any other choice? Legislation has been passed on materials for future building and improved fire detection. The continual pressure of an unacceptable situation, especially where life and the confidence in the region as a place of investment and magnet for wealth and talent is concerned, should ensure that the impetus and pressure to see through all the changes needed to resolve the situation will be enacted. Some industries by their very nature require fire detection and prevention; self-regulation is not an option as in food processing.
Food processing industry The food processing industry experience
Procrastination is the enemy of time and the waste management and recycling industries. 24
www.risk-uk.com
confirms the need for guidance, legislation and substantial financial punishments. The Dangerous Substances and Explosive Atmospheres Regulations 2002 assesses workplace dangers for fire and explosion hazard identification, and methods of prevention or mitigation. DSEAR requires all workplaces where substances that could give rise to fire or explosion are handled or stored must be fully assessed and protected. (The full extensive list can be found on the HSE website.) Yes, some firms will not comply whatever the deterrents. Earlier this year a food processing plant in Nebraska suffered two fatalities and many injuries after an explosion. The business had had 35 workplace safety law violations in the last 40 years. An American example, but one that demonstrates the point nonetheless.
Conclusion If there is not concrete guidance, legislation and punishment, there has to be a financial reason to put in the necessary measures to limit fire danger. The waste management and recycling industry’s mounting financial pressures - higher insurance premiums and fines - might led to better fire prevention and detection. Self-regulation simply does not have the same impetus. There is no way to fully remove fire risk, only reduce it. Yet, without solid pressing reasons or mandatory measures, the example of the waste management and recycling industry will show the weakness of selfregulation. In the meantime, the waste management and recycling industry ponders how to deal with its fire problem and businesses continue to suffer from an unnecessary procession of disastrous fires.
Project1_Layout 1 01/04/2014 21:38 Page 1
OxyReduct® fire fire prevention prevention
REMOVING THE T H R E AT O F F I R E .
The new Library of Birmingham has chosen OxyReduct® to protect its valuable archives, the same as over 700 other businesses and organisations around Europe. No matter how good your fire detection, extinguishing or suppression system is, a fire has to start for it to work – so some damage is inevitable. In mission critical applications where any business interruption is unacceptable or where warehouse stock or archives are invaluable, a different approach to fire prevention is needed. OxyReduct® employs innovative technology that continuously reduces the oxygen level in a room by adding nitrogen to the air. The oxygen is reduced to a level in which combustibles do not inflame and an open fire is impossible. Importantly y, people can e enter the area of risk. Visit our in-house demonstration facility and experience a fire-free environment at first hand.
www.wagner-uk.com www .wagner-uk.com
EDIT article 2 apr14_riskuk_apr14 01/04/2014 00:40 Page 2
The voice of safety Alison Cousins of Baldwin Boxall Communications asks: fire bells or voice alarm ... which way to go?
t is a fact that the typical person is slow to respond to a traditional sounder (such as a bell, warbler or klaxon) – this has been proven. Unaware of the nature of the threat people can often be “too busy”, asleep in their bed, “it’s a false alarm”, “someone will let me know if I need to react” type of response to an alarm bell. Many people will have put themselves in danger at some time during their lives by ignoring this type of sounder. Voice alarm was developed as the solution to this problem, to provide clear spoken instructions in order to evacuate a building as quickly as possible and without panic. However, is voice alarm always the answer, when should such a system be considered? There are no direct rules or guidelines as to when or whether a voice alarm system should be installed, however, it is the responsibility of owners, managers or operators of a business to ensure that adequate means are provided for protection and escape to safety. This comprises an effective method of detecting and giving warning of a fire, which can be anything from the simplest solution to a comprehensive one with a networked voice alarm system. There are many advantages of a voice alarm when compared to the alternative systems – it is not only a means to initiate an evacuation. For instance, it can be used for live speech as well as recorded messages, it is a zoned public address system, can broadcast timed announcements, provide ambient background
I
There are many advantages of a voice alarm when compared to the alternative systems – it is not only a means to initiate an evacuation 26
www.risk-uk.com
music and more. Another facility is the ability to broadcast a coded message or advance ‘silent’ indicator which is used to make key staff aware up to three minutes prior to a full evacuation instruction. This is the ‘first knock’ ability which is liked by management (and the fire services) as it can prevent a full scale evacuation when the alarm is either a false one or is a minor incident that can be dealt with without consequence. When asked about voice alarm, a fire industry professional, Peter, said “It is an enhancement, complementary to requirement. It is a tool to assist ‘the appointed responsible person’ to buy time in an emergency.” (Peter, a London fire officer for over 30 years, has extensive knowledge of BS9999, the Regulatory Reform (Fire Safety) Order (RRO), Personal Emergency Evacuation Planning (PEEPs) and more. He is a member of key fire associations and is now working independently as a consultant in the City of London, which he has done for over ten years.) Peter further commented “A voice alarm is ideal for use in large or complex buildings, but it is essential that the building is always managed by people that are aware of the system’s capabilities. It can assist with phased/managed evacuation and is good for places of ‘assembly’ such as stadia.” “Ask yourself at day one”, he said when talking about new builds, “What do you want? What tools do you need to provide adequate protection and evacuation? Answer the ‘what if?’ questions before it is too late.” Asked about voice alarm, Nigel Cusack (Group Manager, East Sussex Fire & Rescue Service) responded “It is necessary to overcome inherent human behaviour. Some members of the public ignore repetitive fire sounders if consistently linked to a false alarm. VA allows greater control in large complex buildings, especially where phased evacuation is used.” Particularly liked by George O’Reilly (Business Support Manager, East Sussex Fire & Rescue Service), was a touch screen control panel, which he points out can “give a clear indication of the situation within a building, as well as allowing rapid communication to risk critical areas for the duration of an incident, by both building managers and responding emergency services”. Both Nigel and George loved the philosophy of voice alarm and believe it to be “extremely useful”. Dave, a building engineer in Central London, stated that “Voice alarm is mainly used in our properties for evacuation, using automatic messages. We don’t use the microphones
EDIT article 2 apr14_riskuk_apr14 01/04/2014 00:41 Page 3
Alarms
unless authorised by a Fire Officer in a real incident. It works very well in evacuation of large properties, and occupiers and visitors respond very well.” “Voice alarm systems are there to protect personnel – people – lives.” said Bob Howard, Managing Director of Electrical & Acoustic Services Ltd. “It is most beneficial for members of the public who are unfamiliar with surroundings; and affords improved safety when operated by trained staff who will direct operations with explicit instructions.” (Bob Howard has worked in the sound industry for 40 years, has extensive knowledge of the Standards and all necessary requirements of a good alarm system). In a fire it is a well known fact that every second counts and that it is important to provide maximum time for response and escape. What is best for one building will not be good for another. For instance, Peter spoke of an example where the owner of a bike shop ascertained that he could see all areas of his premises from any point and his ‘call to alarm’ was a whistle hanging on a rope; basic, but adequate. A building’s risk assessment should always highlight any shortfalls and so a good management strategy is key. There are no British Standards or direct guidance that state a voice alarm should be
used, although BS9999 does guide towards this type of system, depending upon the evacuation plan for the property. We asked when it is generally considered that voice alarm should be installed. George suggested that “It should definitely be considered in more complex buildings and in buildings where phased evacuations are employed.” Peter commented “Generally an assessor will be aware of the capabilities of a VA system and its purpose. I consider them to be far better than bells and sounders.” Bob’s comment “Voice alarm systems are a necessity for controlling phased evacuation or where particular risks are identified; for example in transport terminals, high rise buildings and industrial premises.” Budget is obviously a consideration; nobody wants to spend more than they feel necessary and voice alarm may well be dismissed because of this. However, Nigel commented “At the design and build stage of a building, to add a VA system is more cost effective and businesses can adapt them to add value; music, advertisements, etc.”
A voice alarm is ideal for use in large or complex buildings, but it is essential that the building is always managed by people that are aware of the system’s capabilities 27
www.risk-uk.com
EDIT article 2 apr14_riskuk_apr14 01/04/2014 00:41 Page 4
Whichever system is in place, it should be considered vital that managers and staff are aware of the function and know how to use it There is a ‘half-way’ house option between traditional bell sounders and voice alarm – these are the voice sounders which are available today. This type of system has the advantage of being lower in cost than a voice alarm system and can provide more information than a bell sounder during an emergency. A voice sounder system can be considered suitable for small rooms with low background noise such as a small office or hotel room (BS5839-8). There are obviously limitations; it cannot be used for live speech, or to broadcast non-emergency information, also, there are SPL (Sound Pressure Level) limitations, restricted power and no EQ ability. George commented “Voice sounders serve their purpose and are cost effective. They are good for small areas.” Bob added “There are possible problems with reverberation/’spill over’ from one area to another which could create some confusion. Staff training should be involved, however, and be available to instruct and guide.” Peter’s comment was “Excellent – people respond to instructions, better than bells. Some have ‘visual indicator’ systems incorporated which are beneficial.” Dave added “We like voice alarm systems as they are set up correctly with good loudspeakers, meaning the voice is clear and gives good instructions of the incident.” On the subject of company budgets, Neil Jarvis (Sales Director, Baldwin Boxall) said “Cost these days is crucial for many companies, however, if a building has a need for a public address system as well as a fire alarm system – it does make economic sense to combine the two and install voice alarm. This
28
www.risk-uk.com
would also make significant savings with regard to cabling when installing the one system.” Phased evacuation is an important factor for many buildings and is achievable by the three systems (bell sounder, voice sounder and voice alarm). The most basic form being the bell sounder which can issue a full or intermittent signal accordingly. These will be dependent on the fire alarm zones likely to be affected by a fire situation. A voice sounder system can also be used effectively for phased evacuation, there are message limitations but, properly planned, this might be a solution for some buildings. A voice alarm system will provide a fully programmable, phased evacuation solution. Bob commented, “It’s my opinion that in an emergency situation only a voice alarm system can effectively direct all building occupants through an Alert / Evacuation procedure. Voice alarm facilities have become standard fitment in many large commercial buildings and people do respond immediately when instructed.” “A building with phased evacuation must be a ‘managed site’, and the building must have the structure to support it; for instance, stairwells need to be fire protected.” said Peter “When considering phased evacuation, think of the M25 and its variable speed limit, the traffic is slowed during busy periods in order to increase the opportunity to keep it moving.” He continued, “Phased evacuation provides valuable time for the people at greater risk of harm by slowing down those who may not, in the first instance, be seriously affected by the fire.” Dave said “Buildings over five storeys normally have phased evacuation. In our experience, for this to work effectively, you need both public address and bell sounders – double the wiring and equipment – or install voice alarm at the outset, which we do. Our buildings that have bells and PA are over twenty years old.” Out of the three systems, a
EDIT article 2 apr14_riskuk_apr14 01/04/2014 00:41 Page 5
Alarms
terrorist threat may well be where a voice alarm system provides the advantage. Simply sounding the fire alarm can have disastrous consequences by moving people into danger instead of away from it. “Voice is vital in terror threats. It is difficult to contain areas without this type of system, especially if it is a dirty bomb. Maybe in a high rise you would want staff to stay away from windows or evacuate via an exit away from the danger area.” Said George, and Peter reinforced this “Bell sounders could hinder and evacuate people into a danger area, I prefer VA. Coded messages and directions can be used, the building must be managed.” Dave added “With terrorist threats we tend to advise the occupiers by phone first and then use either voice alarm or bells to advise the occupiers what to do, using bells or sounders alone causes confusion.” A public address system could be used to broadcast a live message – as long as the operator is competent, the instruction is intelligible and the system can be heard by those that need the information (particularly if a bell sounder is also operating). However, a public address system is not intended for use in an emergency – it is not monitored for faults or battery-backed – and could not, therefore, be relied upon to function during an emergency. It is imperative that everyone in the building can hear an alarm or evacuation signal. If the system transmits a voice message, occupants should be able to understand the message. However, audibility does not guarantee intelligibility – just because an occupant can hear a voice, it doesn’t mean that he or she can understand what is being said. Quality and design of the loudspeaker system, acoustics and surroundings are all part of this, and so is language. In public places there can be a cultural mix of people and, therefore, differing native languages. Would the bell sounder be as effective in these areas, does the language make a difference? A bell sounder system is not reliant in any way upon language – it is an alarm sound that is probably recognised by all as a form of alarm indication, but not which particular type (fire, security, staff, etc). However, if the spoken language is appropriate for the location, many should understand and be able to react immediately to the instruction given – thereby leading others to follow (or at least question the activity). Of course, with a voice alarm system it is possible, and not unreasonable, to rotate more than one language. Bob added that “With voice alarm, an attention drawing signal (ding-dong chime)
precedes any announcement so as to attract people’s attention to the following voice instruction.” (The attention drawing signal can also be a siren, or similar, in the case of emergency messages.) With any system, false alarms can be an issue, causing real events (terrifyingly) to be ignored. System design and measures can be taken to limit these as much as possible. In addition, a ‘first knock’ facility helps by providing time for management to assess if the alarm is real prior to a full scale evacuation. “Unfortunately, false alarms are a norm in some places – it doesn’t matter what type of system. It is more likely, however, that bells will be ignored or even tampered with” said Peter. George added “Some fire services charge for attending a false alarm. Managers of a site experiencing a lot of false alarms should ask the question ‘why?’ – it could be down to system design and/or staff training. Voice alarm is just as susceptible.” Nigel added “At the moment many public ignore sounders without training. In years to come will we become complacent to voice alarm and ignore VA messages?” Whichever system is in place, it should be considered vital that managers and staff are aware of the function and know how to use it, “Training and planning are absolutely essential,” said Peter “the building is only as safe as the most careless person in it.” Not only is the training important, so is regular testing. This will help reinforce the training and highlight any shortfalls or failures in the system or emergency plan. Maintenance is also vital, it is a requirement of BS5839 but, maybe more importantly, you want the system to work when you most need it – during an emergency. People rarely expect to meet a fire scenario, have their plans drastically changed for the day, or suffer injury or loss. People need proper instruction in order to respond – whether it is via efficient, well-trained staff or other means. Remember that, “What if?” is far better than “If only.” A final thought from George, “After a fire (or incident), especially if things go wrong, you can expect a visit from a fire prevention officer. He will ask to see your latest fire risk assessment; a large proportion of which are still being found to be “not suitable and sufficient”.”
Voice alarm facilities have become standard fitment in many large commercial buildings and people do respond immediately when instructed 29
www.risk-uk.com
Project1_Layout 1 01/04/2014 15:24 Page 1
Upgrade to IP signalling
WebWay unique encryption
*VZ[ LɈLJ[P]L solutions
Designed, manufactured and supported in the UK
Intelligent GPRS roaming for a reliable back up
Reduced keyholder callout
We engineer peace of mind into everything we do Request WebWay from your security provider
WebWayOne Ltd
01635 231500
Trusted Signalling Experts
sales@webwayone.co.uk
www.webwayone.co.uk
SPECIALISTS IN THE SUPPLY AND INSTALL OF STRONG ROOMS Proud to be working in association with Securikey providing high security solutions to the pharmaceutical industry, plus many other sectors. FREE consultation and on site survey.
For 10% off installation quote: SR14
Call us now 0161 832 2777 info@associated-security.co.uk www.associated-security.co.uk
EDIT article 3 apr14_riskuk_apr14 01/04/2014 00:42 Page 1
Key management
he history of keys is as old as modern human civilization and their importance can never be understated. However, as keys have developed in design and complexity – as have the systems, applications and the property they are intended to protect – so have the threats. Fernando Pires, VP sales and marketing for Morse Watchmans notes that there are still millions, if not billions, of physical keys in use today, and their use is not likely to disappear anytime soon. For him, any organisation utilising physical keys will benefit from securing, controlling and tracking those keys with a key control system - “key management adds a layer of security to the use of physical keys by ensuring that only authorised users are able to access them.” The benefit of the application of technology can be found in the additional business intelligence that is provided by usage reports and alerts for any non-approved activity – consider vehicle usage or access data in cases where there is no other access control system in place. No matter the application, keys require management systems that can restrict and provide access to areas within a facility. Monitoring and managing areas that can only be accessed with a physical key is imperative in ensuring a comprehensive security system. This is the reason why Tanveer Choudhry, global marketing manager for Traka, says that key management is essential as keys not only guard access to buildings, they “also control assets such as vehicles and machinery.” Of course the applications for keys are many and Jeremy Cassady, managing director of Securikey, says that key control systems supplied by his firm have been used in a diverse range of locations, such as in prisons for monitoring the keys to cells and isolation areas, to universities, royal palaces and huge data centres to prevent data theft. For him it’s the first thing to remember is that a key is “not always a toothed metal item, but could be a password, swipe card or algorithm - all provide the same solution, a method of releasing a contained / secure item.”
T
The wrong hands Pires points out that the risks of having keys – physical or not – is that they may end up in the wrong hands, providing access to facility areas, data or other sensitive assets. He says that key control effectively eliminates these issues by releasing each key only to those users who are authorised to use it. Pires says: “In many organisations, even those with electronic access control, individual doors are
The key to protection
equipped with physical locks rather than access readers.” Think of a school building – classroom doors use keys. But it’s the ability to keep those doors locked from the inside that will improve safety says Pires – “for administration and first responders, keeping additional keys to those doors locked in a secure cabinet that is accessible only by authorised users is essential. Key control provides tremendous return on investment as well by eliminating lost keys, which require expensive re-keying of doors.” Key management systems, if implemented correctly, can bridge the gap between automated access control and management of physical keys and Choudhry says the risks of not managing physical keys effectively are great. He says that even the largest, most sophisticated companies will keep keys in a reception desk drawer, the manager’s office or at a porters lodge. “These ‘systems’ do not provide sufficient accountability for where a key is and who has used it - the lack of accountability means that if an incident or loss should occur there is no record of who the culprit is.” Choudhry notes that key loss can prove expensive and can compromise even the most
Adam Bernstein looks at the importance of key management in an increasingly technological world
There are still millions, if not billions, of physical keys in use today, and their use is not likely to disappear anytime soon 31
www.risk-uk.com
EDIT article 3 apr14_riskuk_apr14 01/04/2014 00:42 Page 2
secure facility. Keys may have to be recut, locks must be replaced, especially if a key is a master, and security can be completely compromised. Of course there is only so far that technology can go to in replacing the old fashioned key as it is not always practical to implement electronic control on a door-by-door level. Pires believes that the system cost of an electronically controlled system could be prohibitive to many organisations, and the infrastructure simply does not exist to make this a reality. Part of this argument can be made because every electronic lock has a mechanical override, which usually requires a physical key, for instances where there is a power failure or issue with the electronic control on the lock those keys need to be secured. “For all these reasons,” says Pires, “keys are still in use by millions of highly secure institutions including government, correctional facilities, casinos and more. Their value and utility will continue to make them vital for many years to come.”
New and old tech Moving forward, there are, as can be imagined, many new technologies that are now working in tandem with physical keys to provide access. Pires details smartphones, proximity and swipe cards, and biometrics that are already on the market – “it only makes sense to put technology that people use many times a day
“It only makes sense to put technology that people use many times a day on a device that they carry with them all the time” 32
www.risk-uk.com
on a device that they carry with them all the time.” He adds: “Society is already accustomed to using smartphones for many processes beyond phone calls; taking photos, accessing information via the web and mobile boarding pass scans being three examples. With the thousands of apps being built every year, the utility of the smartphone will only increase.” But of course technology can prevent companies from taking risks with their key management processes because of budgetary restraints. Cassady says that “completely computerised cabinets are very expensive, however units can integrate many of the basic principles of a fully automated cabinet, including the ability to audit and trace passage through the cabinet, as well as providing a full legally recognised audit trail of key use if required.” Interestingly, he says that the technology to do this has been available in the safe industry for many years and the economy of scale for producing such technology is far more affordable and more likely to be used and implemented. Choudhry makes the same points as Pires: “Biometrics, smartcards and PIN access all have a place in modern security, and certainly this trend will continue especially with the adoption of near field communication technology in smartphones.” However, he adds that the reliance on keys is as prevalent as ever. But key management is not just about managing front and back doors. Systems can manage keys for windows, cupboards, drawers, cabinets and closets. So keys are by no means redundant yet; further generations will still rely on the simple, but effective method for years to come. Clearly the technology has moved on from the humble key. Bullet shaped fob devices, such as Traka’s iFob, can be chipped and coded and only be released by an authorised user. But combined with computer software, these fobs (and the likes of smartcards etc.) can be controlled from tablets, smartphones and computers. By being networked, multiple cabinets can be centrally controlled. But when all’s said and done, organisations do have to stick to budgets and this makes key management an ideal retrofit solution.
Specifying Pires says that when specifying a key management system that there should be meaningful intelligence built into any purchased system: “Features like key reservations, key locating software and the ability to return keys to any cabinet in an enterprise will expand the return on investment
EDIT article 3 apr14_riskuk_apr14 01/04/2014 00:43 Page 3
Key management
of key management solutions.” He thinks that software should provide a wide variety of customisation possibilities, both to meet the individual needs of the users and to comply with any relevant regulations for the locality or the industry where they are being used. Systems should also be scalable and modular to enable users to customise to their needs. In addition, the cabinets themselves should be rugged and resistant to tampering. Another part of the purchasing process involves future proofing the system and Pires says that users should be sure to choose a provider “who offers scalable, upgradable solutions with a demonstrated migration path from legacy systems.” For Cassady, the most important first step is to conduct a full audit of what you think you need, then talk to all levels or staff about vulnerable areas and short cuts taken both procedurally and physically. That makes good sense as human nature means that people will use systems and products that make their role easier and they will resist implementation without consultation. He says: “Not only is the input from all staff members vital for pinpointing security risks that might otherwise be missed, they will also be much more likely to take up a new procedure if they feel they were involved in the decision making process.” Beyond providing good products, Pires says the supplier should have a strong reputation for quality, durability and customer support: “Anyone investigating key management companies should look for positive references from other customers to verify this reputation.” He adds that the company should be able to demonstrate that they provide comprehensive support services and maintain a wellestablished and knowledgeable dealer network. Cassady also says that it is important to purchase high quality products from a reputable supplier that meets the requirements but adds that an installer should be able to ‘fit and forget’ solutions with minimal servicing. Buyers should look to buy equipment that meets certain standards. Cassady says that systems with locking mechanisms should have been rigorously testing to both UL and EN1300: “The procedures will test against manipulation, forced entry and random code generation.” His systems comprise of a control safe racked out with master keys and full audit lock, working in tandem with simpler key vault units, that can be integrated into existing master key systems which leads neatly onto the issue of integration. Integration with other security systems is important because as Pires puts it, “in today’s
increasingly integrated environment, no system can stand alone - key control has to provide security and business intelligence that is useful to management in addition to its basic utility of securing and controlling keys.” As with other business systems like human resources, fleet management and logistics, a good security system should be open and interoperable with other relevant systems. For example, when an employee is terminated, their key access privileges should automatically terminate at the same time and Pires thinks that creating this kind of interaction between departments is a great asset to security. Cassady reasons that if you can link key control with existing systems and restrict
Oldham Council First Response Service Team Oldham is the administrative centre for the Borough of Oldham and part of the Borough of Greater Manchester. Local safety is protected by the Manchester constabulary and by the services provided by the Oldham Council First Response Service team that monitors the public space video surveillance cameras and various alarm systems. The service also maintains the security of public buildings and other critical infrastructure facilities. When an alarm is triggered from any of the 500 plus properties under the services’ watch, operators try to notify key holders to respond. If an owner/key holder cannot be located, the service team will respond. Controlling and storing the hundreds of keys at various locations throughout the command centre was a manual procedure and the systems in place ranged from wall mounted key safes with a single lock on them to vehicle-mounted cabinets. Plastic ID access cards and key fobs were stored in a plastic box and kept in the control room. A manual logbook was used to keep track of key access and return with only an honour system in place to ensure the recording activity. The service was unable to keep track of sets of keys and found it a common occurrence for the staff to go home with keys in their pockets or leave keys in the vehicles. With shift patterns it could be up to four days before they returned, with the keys, for their next shift. The solution for Oldham was Morse Watchmans KeyWatcher automated key control and asset management system. The system comprises three 96-key cabinets and one 8-key cabinet. The smaller key cabinet is used to house the vehicle keys and the larger cabinets house all other keys. All staff has access to the four cabinets but not access to all the keys. Staff can only remove a key to which they are authorised to use by entering his or her pre-programmed PIN code or, on the larger cabinets by swiping their ID card through the integrated card reader. The system also allows management to set user restrictions or parameters for optimum key control and management.
33 www.risk-uk.com
EDIT article 3 apr14_riskuk_apr14 01/04/2014 00:43 Page 4
the amount of change into an organisation, the more chance you have of it being adopted. “After all, you can have all the systems and procedures in place but if you have members of staff ignoring it then the expenditure is wasted.” Locks, he says, can have both duress and remote audit facilities that allow staff to feel secure while allowing an auditor at regular intervals to investigate usage from an offsite position. Another benefit to integration is simplicity – a multitude of systems can make security a very complex system. So consider companies who extend their access control functionality by directly linking cardholder’s identities to any number of physical assets like keys, devices and vehicles. This significantly reduces administration overheads and provides consistent data between systems already in use. Choudry says the control of cardholder access needs to be immediate: “Users can be added and taken away in real-time, which is
BT datacentre BT’s International Datacentre in Cardiff is occupied by 250 staff managing customers worldwide. It’s huge building comprising of a 30,000 sq. ft. data centre and 30,000 sq. ft. of office space with many different areas and rooms that only authorised personnel are allowed to access. Traditionally, keys had been stored in a basic key box and managed manually by management using a log book. The company had invested in sophisticated, internet enabled biometric scanning systems possible, but essentially, if keys went missing, then security could be breached. Traka’s solution meant that all keys on site were permanently attached (using a tamper proof security seal) to a metal iFob, to effectively ‘electronically tag’ the keys with unique identities. Each iFob, with keys attached, locks into a receptor strip within a key cabinet until released by an authorised user via an automated and audited process. The Traka cabinets are run with software that can be networked across numerous locations on sites, while being managed by one central administrator. Since installing the Traka system, BT has seen vast improvement in its access management. Not only are keys misplaced less, but the time spent managing the process has been greatly reduced and the overall security of equipment improved due to the automated authorisation system. Personnel simply cannot access areas or use technology they are not authorised to.
34
www.risk-uk.com
particularly important when access needs to be revoked quickly to ensure the safety of personnel. In secure premises, like prisons, systems can even restrict a cardholder from exiting a facility, so if a sensitive key set has not been returned they will not be able to leave the premises.” For applications where the cardholder is not physically prevented from exiting, installing a reader near an exit or time clock can provide similar functionality. Here the employee must badge on the reader to verify that all their keys have been returned, otherwise an alarm will be raised locally (LED, strobe) and/or through alarm monitoring, which could trigger email notifications or a text message.
Keys still in vogue But with all of the modern ways of accessing doors/rooms, are keys still a valid method of security? According to Cassady, the answer is definite ‘yes’ - “Securikey has been producing key control cabinets for over 40 years and we offer units from a simple hook and record tag system to a freestanding burglary tested safe (tested to En1143-1 Grade 5) racked out with sliding panels to control keys for the most sensitive situations.” He says that readers only need to look at the volume of business being done with cylinder lock suppliers such as Assa, Kaba and Abloy, “who are all at the high end,” in addition to the number of padlocks being sold, to see that this method of securing property is still used extensively in commercial situations. He also says that with so many small businesses in the UK, the requirement for reliable but affordable security solutions is very high.
Innovative uses Keys are so widely used – they’re ubiquitous that key control solutions are almost impossible to categorise yet the benefits are as clear as day. As Pires points out, “within any given organisation, when you begin to think
EDIT article 3 apr14_riskuk_apr14 01/04/2014 00:43 Page 5
Key management
about all the keys that may be in use, the many different benefits of controlling those keys begin to multiply.” He provides the example of a system that can be programmed to cycle keys for vehicles in a fleet. This way, drivers cannot simply grab the keys to the newest vehicle which this ensures that usage will be balanced across the entire fleet. But key control is also being used in some really innovative solutions and one fast-growing market is the ‘green’ bike sharing programmes that are beginning to become commonplace in cities and on campuses. Riders retrieve keys to the bicycles’ integrated locks from secure cabinets using their credit cards. After they finish their ride, a “key anywhere” feature makes it possible for them to return the key to a cabinet in another location using the same credentials. Traka, says Choudhry, has been deployed in prisons, education and in materials handling and has interesting benefits. In prisons the number of keys that prison officers have to manage can be difficult to manage where effective management is absolutely imperative. He says that Traka’s key management system allows keys to be automatically vended with no
“Within any given organisation, when you begin to think about all the keys that may be in use, the many different benefits of controlling those keys begin to multiply” need for manual issue by security staff – “keys and radios can be drawn or returned in less than five seconds by each staff member.” He adds that the number of key bunches that are centrally held can be reduced by 40% and can be fully audited in real-time, showing which keys are currently held by the system and which have been issued. And in materials handling, systems can restrict use of dangerous machinery and prevent drive-offs of expensive vehicles. Customers are becoming more discerning as they, possibly through the web, have developed a better understanding of what they need. Part of the process of change has led to many of the larger insurers reducing the number of surveyors they use to advise them on the most appropriate product. The key then – pun intended – is to find a supplier with experience and good products.
35
www.risk-uk.com
EDIT article 6 apr14_riskuk_apr14 01/04/2014 14:10 Page 2
Vaults offer the pharma cure Jeremy Cassady of Securikey looks at the importance of storing pharmaceuticals in a secure facility within a controlled environment, and examines how modular vault systems can offer a cost-effective, easy-to-install bespoke security system that meets all requirements ccording to a recent report brought out by the Association of the British Pharmaceutical Industry (ABPI), the UK pharmaceutical industry now makes a greater contribution to the nation’s economy than any other industrial sector. It is therefore not surprising that, as the industry continues to grow, the requirement for pharmaceutical warehouses or specialised storage areas is also on the rise, as these play a vital role in the safe distribution of medicinal products.
A
High security In order to be granted a dealer’s licence to distribute medicinal products, pharmaceutical manufacturers and wholesalers must ensure that the premises intended for storage meet all the requirements of a licensing authority such as the MHRA (Medicines and Healthcare products Regulatory Agency) or the Home Office. Approval must be granted by the appropriate authority, after a process in which the manufacturer/ wholesaler must provide a variety of information including their intended arrangements for transporting the goods into storage, their plans for ensuring satisfactory turnover of stock and how they intend to maintain detailed records. The storage facility must therefore be built to support the logistics necessary to carry out these plans. Licences are granted based on specific criteria and the type of drug being stored, which means that a new application will be required if, for instance, a company wins a contract to distribute a new type of drug.
In order to attain appropriate storage facilities that meet requirements and provide the proper conditions for drug storage and stock control, distributors have a few choices 36
www.risk-uk.com
It is little wonder that the process is so meticulous; leading companies working in the pharmaceutical sector go to great lengths to ensure that the medicinal products they distribute are sourced from reliable manufacturers who are regularly inspected and audited to ensure consistent high quality. It is therefore imperative that all medicinal products are also carefully monitored from procurement through to customer delivery to ensure their quality is not compromised at any stage, thereby preventing contamination or theft of medicinal products throughout the process.
Made-to-measure security In order to attain appropriate storage facilities that meet requirements and provide the proper conditions for drug storage and stock control, distributors have a few choices. They can commission their own building, which is very costly and time consuming, and a suitable site will also need to be found that will meet all of the logistical requirements. Another option is to hire suitable premises; however, it can also be very time-consuming to find the perfect storage facility to meet very specific needs. As storage facilities are often required within a short timescale after contracts are tendered and won, both options are not always ideal. One of the most effective solutions is to install a modular vault. Offering a completely bespoke, on-site-assembled security room to fit an allocated space, modular vaults are increasingly specified by those companies expanding to distribute more medicinal products, as they not only offer a high security option, they are also relatively quick and easy to install and provide a controlled environment. Offering a five-sided solution if necessary – a common requirement in the pharmaceuticals market – the components are manufactured offsite to fit the precise specification required by each application, which can be in either a new or existing building. The measurements and precise customer requirements will have been established during a survey, before being delivered to site as individual panels and welded securely into place. Customised furnishing capabilities such as cabinet and rack systems allow medicinal products to be stored off the floor, and a variety of different locks can be selected for the door depending on the level of security required. Pharmaceutical products are vulnerable to temperature and humidity fluctuations, and must
EDIT article 6 apr14_riskuk_apr14 01/04/2014 14:10 Page 3
Security
therefore be stored in a carefully controlled environment. To meet this important requirement, modular vaults offer the option of integrating certified airing, ventilation and alarm systems throughout the vault room via customised openings in the walls and door. The best ventilation system to meet the brief will be established as part of the consultation process, and will depend on a wide variety of aspects such as the type of drug being stored and the manufacturer’s instructions for storage, vault size and planned usage. Due to their adaptability, modular vault solutions are also used in other industries, such as the storage of money in banks, casinos and for cash in transit companies, as well as in the storage of precious stones for jewellers. These customers can also benefit from customised furnishing within modular vaults, with the additional options of mechanical or electronic deposit boxes. When selecting a vault, buyers are advised to ensure it complies with European security standard EN1143-1 which ensures European wide approval. In addition, the vault should be validated by an independent testing house such as the VdS in Germany to prove it meets the stringent criteria to resist attack.
Modular vaults in action Securikey recently delivered a Modulprim modular vault solution to Associated Security Solutions, who specified and installed the product for a pharmaceutical client based in Staffordshire. The client had just won a new contract to distribute the drug methadone and required a vault that would meet Home Office standards, which are based on The Misuse of Drugs Regulations 2001 and The Controlled Drugs (Supervision of Management and Use) Regulations 2006. Methadone is a drug that is most regularly used in the treatment of addiction to opioids (typically heroine) as replacement therapy. Administered over a prolonged period, in some cases indefinitely, methadone relieves the unpleasant symptoms associated with this type of drug withdrawal. Of course, as it contains opiate and works on the same receptors in the brain as heroine, it is also extremely valuable on the open street. It was therefore vital that the client’s allocated storage facilities offered an extremely high level of security in order to meet the requirements for the safe storage of narcotics. The bespoke nature of the modular vault system allowed the pharmaceutical client to meet the precise specification for a storage environment that was appropriate for
methadone, which would have been outlined in the drug manufacturer’s guidelines. The result is a purpose-designed temperature-regulated secure storage room that also facilitates the client’s streamlined management system, which would have been stipulated in the licensing agreement, allowing employees to maintain detailed records of the drug batches that are coming and going. In this particular installation, a designated employee will need to be in the vault for a few hours in the morning and evening to record the batch numbers, before bringing the drugs out for distribution. To prevent opportunists from walking in through an open door, specifically-sized grill gates have been installed in the wall so employees can pass the boxed methadone through to be distributed while the door remains firmly closed. Andy Palmer of Associated Security Solutions explained, “The most important aspect of modular vault installations is establishing exactly what the client needs and then, when on site, measuring the area meticulously and keeping an eye out for any potential challenges. In this instance, the vault was being installed in an existing room so, on the plus side, we had a pre-concreted floor to work on which meant we didn’t need to build this. However, we also had width restrictions as well as three large pillars taking up space in the centre of the room. Deciding on the correct location for the vault is an intricate process and measurement is critical to the millimetre - from the positioning of the walls to the fixings that need to be welded onto the walls for the ventilation and other systems. Getting this stage right, however, ensures there are no time-consuming modifications required later in the installation. Andy continued, “Once the measurements, positioning and required features were agreed, I liaised with the contractors in charge of the cameras, alarms, data point power socket, air conditioning, fire alarm and sprinkler systems. The vault components were prefabricated off-site to precisely fit the measurements, before being delivered as separate panels to site. Installation was straightforward and the vault was completed within three weeks.”
Pharmaceutical products are vulnerable to temperature and humidity fluctuations, and must therefore be stored in a carefully controlled environment 37
www.risk-uk.com
Project1_Layout 1 01/04/2014 21:43 Page 1
CONTRACT SECURITY SERVICES LIMITED CASH & VALAUABLES IN TRANSIT (CViT) SERVICE PROVIDER CASH PROCESSING & BANKING SERVICE (INCLUDING COLLECTION AND PROCESSING FROM CAR PARK MACHINES)
CASH CONSOLIDATION SERVICE SECURITY GUARDING AND MOBILE PATROL HEAD OFFICE: CHALLENGER HOUSE 125 GUNNERSBURY LANE LONDON W3 8LH T: 020 8752 0160 F: 020 8992 9536 E: info@contractsecurity.co.uk www.contractsecurity.co.uk
SALES: T: 01622 792639 F: 01622 882084 E: sales@contractsecurity.co.uk
DEPOTS: Brentford, London | Larkfield, Kent | Andover, Hampshire
EDIT article 15 apr14_riskuk_apr14 01/04/2014 14:19 Page 1
Transport
oad and public transport safety is a hot topic of debate in the UK as well as in Europe. Threats to the safety of passengers, drivers and third parties because of anti-social behaviour, terrorist attacks, theft, and physical violence are one aspect of transport risk. Assets and infrastructure can also fall victim of vandalism and illegal trespassing, which causes damage and disruption for the transport. Then there are accidents, such as personal items caught as doors close, and trips and falls, which can happen either inside the vehicles or on platforms and surrounding areas. Unless a good integrated security system is in place, fraudulent insurance claims can cost millions to the transport sector. Danny Peleg, Director of Transportation at Genetec says, “One big issue with rail today is the challenge of properly screening passengers. Unlike airports, where all passengers are screened along with their baggage, train stations are open spaces with few restrictions on who is coming and going. Screening all people and baggage in rail terminals is nearly impossible. While preventing an event is extremely challenging, the best strategy is critical surveillance and fast reaction to quickly mitigate threats and events. Without a strategically deployed system of surveillance cameras and analytics tools with video management software (VMS) for monitoring, quick reactions to situations and threats are difficult to achieve. Video surveillance is extremely important for effective and fast reaction to facilitate investigations and help apprehend suspects.” Genetec offers its ‘Security Centre,’ which is a unified security platform running over IP that manages video surveillance onboard and wayside, and also includes mapping, access control, license plate recognition (LPR), and event management all in a cloud-based management solution. Peleg adds, “When it comes to liability, video recording, archiving and quick search-and-playback add value to support litigation cases and manage employee compliance against any fraud claims. While video surveillance cannot capture every square inch of a terminal, having visual evidence covering the major areas still works best to discourage perpetrators and helps with investigations - while constantly protecting the facility against fraudulent lawsuits.” A truly integrated security system also needs to include means to communicate fast and efficiently, not just between stations and stewards, but also for the passengers themselves.
R
Security on the move Stuart Hibberd, Sales Director at Castel explains, “In the rail industry Castel’s intercom is used in a variety of places, from security within head offices and depot buildings, to help and information points on platforms.” “For motorists’ safety,” Hibberd adds, “Castel provides intercoms at the side of the road, such as those to call emergency services, at toll booths and in tunnels. We also supply intercom to roadside service areas to restrict access, such as salt storage and roadside assistance vehicle depots.”
When the lights go out Incidents don’t just happen during the busy rush hour. Attacks on rail depots at night or when they are not in operation, vandalising carriages and causing operational disruptions, are serious issues for transport operators. While traditionally IR beams where used to guard fences, these were not efficient enough given that intruders could come along rail-tracks, or cut through fencing, without being noticed. According to Geoquip, British Transport Police are only allowed to apprehend intruders in the depot and not to pursue them on the tracks. To provide a preventative solution that would raise an alarm as early as possible, Geoquip has a solution using Alpha microphonic cable sensor technology. Working with Geoquip’s Defensor perimeter fence-mounted intruder detection system, the Alpha sensors can detect the physical delay factor and vibration transmission characteristics of the perimeter fence trespasses. The intelligent analyser integrated on Defensor will decide, based on pre-set levels, whether an attack is taking place and trigger the alarm in the central control room. London Underground’s Hammersmith depot has a microphonic cable sensor installed in conjunction with related CCTV cameras, to provide early warning and recorded evidence of potential intruders. To extend security beyond the station’s perimeter, Genetec offers AutoVu. AutoVu is an Automated Number Plate Recognition (ANPR) software and camera system that reads the number plates of vehicles as they enter a secured area. Special cameras, fixed or mounted on a patrol car, can capture and read up to 20 number plates per second, and match them against a ‘watch list’ of known criminals or suspicious vehicles. Using AutoVu, potential threats can be stopped before they even park. The open architecture in Genetec Security Centre allows customers to host and operate
Reducing risks in transport is part of social care says Geny Caloisi
39
www.risk-uk.com
EDIT article 15 apr14_riskuk_apr14 01/04/2014 14:20 Page 2
Transport
different third party cameras, edge-devices and software systems to customise and install specific passenger information systems, video analytics, intrusion detection systems, emergency telephone, video walls and metadata integration, such as automated emergency messages and audio announcements. Peleg says, “We’re seeing increasing use of video analytics. Companies want the ability to assess video very quickly with automated intelligence that can send fast and accurate notification of events. There is also a demand for better integration and unification between the different components and products required to run a security system, such as video surveillance and access control.”
Get on the bus When it comes to collective city and intercity transport on busses and couches, then traffic, careless pedestrians and cyclists, have to be added to the list of threats. Dan Jackson, Technology Director at Synectics’ specialist mobile division says, “With the rising popularity of cycling, especially in London, the protection of cyclists on the road, by improving visibility around a bus or coach, has become a new area of focus,” explains Jackson and adds, “CCTV systems are becoming standard equipment on buses and coaches, in fact many operators are not permitted to operate services without them. What we’re seeing now is that operators are trying to make what started out as a legal requirement work hard for their operations. They want longer recording times, higher image quality using HD cameras, and greater reliability – on top of improved operational efficiency. Synectics Mobile also provides security systems for railway and tram stations, trains and tracks, as it is the case on the Northern Line, Jubilee Line and DLR in London and Nexus in Newcastle. Built-in system health-checks, reporting, remote updates and access via Wi-Fi or 3G/4G are increasingly sought-after features to ensure business-critical CCTV systems are accessible at all times. “The demand for regular maintenance programmes and service support for these systems is also growing, as operators invest in ensuring systems are properly maintained to maximise availability,” explains Jackson. Synectics’ client Metroline, the London bus and coach operator, is a good example of how CCTV usage can be maximised. The company’s existing on-vehicle CCTV as the starting point on to which was installed a clever telematics system that rewards drivers for driving safely. By integrating and tracking a whole range of
40
www.risk-uk.com
vehicle signals, from acceleration to instances of cornering and braking, into one report, Metroline is able to improve passenger experience on board their buses as well as saving fuel and reducing wear and tear on vehicles and incentivising its drivers to do the best job they can. Stopped vehicle enforcement at schools A delicate area of road safety is outside schools. Although discussions regarding the use of CCTV enforcement are top of the agenda, there is no sign of any reduction in the number of children being injured on roads in the UK. In fact, according to the insurance industry, more than 1,000 children a month are injured on local roads around British schools. These numbers are rising despite the zig-zag road markings outside schools that were designed to improve visibility, giving pedestrians a better view of the road in both directions, and giving greater visibility of possible dangers to drivers. David Richmond, CEO of Videalert says, “Local authorities are responding by looking at a new generation of digital CCTV systems from specialist suppliers such as Videalert, for the enforcement of stopped vehicle offences in these locations.” Without any human involvement and using a single camera, Videalert systems continuously monitor restricted areas and automatically zoom in to capture the number plates of any vehicles that stop during the period of time defined by the local traffic order, typically during the school opening and closing hours. The cameras then automatically zoom out and capture relevant parking signage. The video evidence packs are wirelessly transmitted to the council for review, before automatically generating PCNs. These systems can also record video outside schools 24/7, providing further protection to pupils, staff and premises. The new stopped vehicle enforcement systems provide local authorities with a better and more cost effective alternative to the mobile enforcement vehicles that are equipped with ANPR cameras to capture offenders. Such vehicles can only be deployed in one place at a time and their running costs can often exceed £500K over a five-year period, when the manpower resources that are required to operate them are included. Announcements at train stations to ‘report any unattended items to a member of staff’ are a sad reminder of the ever-present fear of a terrorist attack. Integrated security systems in transport are key to managing panic situations and reactions in crowded areas as well as to avoiding service disruption. They provide an essential service to society.
EDIT article 9 apr14_riskuk_apr14 01/04/2014 14:12 Page 1
Perimeter security
ue to evolving terror threats and duty of care, the security of buildings and public areas has increased significantly over the past decade. Building security is no longer just about CCTV cameras and controlled entry access, the entire perimeter of a property needs to be considered. Security consultants, risk managers and even architects need to consider which security measures to employ to protect their premises from vehicle-borne attacks. Any crowded place is a potential target for vehicle-borne attack. In fact, the National Counter Terrorism Security Office has identified the following types of premises as being at particular risk: bars, pubs and clubs; shopping centres; stadia and arenas; visitor attractions; cinemas and theatres; hotels and restaurants; major events; commercial centres; education facilities; health premises and places of worship. Building owners and facility managers now have a duty of care for the people using the building and spaces they are responsible for. The growing importance to protect the public has been noted by the Royal Institute of British Architects in the ‘RIBA guidance on designing for counter-terrorism’ document. In the past, perimeter security involved concrete walls, barbed wire fences and cast iron railings. However, for public areas many of these security measures cannot be used; airports, for example, have thousands of people passing through each and every day. For counter terror purposes, vehicle defence systems must have two roles; they should allow access to pedestrians, but stop unwanted vehicles. An integrated approach to perimeter security is the most effective form of hostile vehicle mitigation. We have found more and more risk managers are looking to perimeter security providers such as ourselves to provide a holistic approach to protecting their buildings and premises.
D
What is integrated hostile vehicle mitigation? Hostile vehicle mitigation (HVM) is safety protocols and procedures used to reduce the opportunity for vehicle based criminal activities. These are specifically focused on preventing terrorist activities such as the use of vehicles carrying improvised explosive devices. Integrated HVM encompasses a range of products to secure the perimeter of a property; the best way to reduce the risks to your property, its inhabitants and members of the general public is to control vehicle access. This can be achieved through using bollards, barriers and blockers.
Integrating protection
It’s time to take an integrated approach to perimeter security says Jonathan Goss, managing director, Townscape Products The PAS 68 standard All vertical elements created to prevent vehicle incursion should be fit for purpose and successfully tested to conform to British Standards Institution (BSI) Publicly Available Specification (PAS) 68 ‘Impact test specifications for vehicle security barriers’. PAS 68 is the UK’s standard and the security industry’s benchmark for HVM equipment and is the specification against which perimeter security equipment is tested. This is part of the on-going research to prevent VBIED (Vehicle Born Improvised Explosive Device) attacks. When specifying any form of perimeter security, risk managers should ensure any element installed is to the PAS 68 standard.
HVM products The most popular HVM product we provide is the Counter Terror (CT) Block, this is a reinforced PAS 68 concrete blocker which Townscape has designed and manufactured to immobilise a 7.5 tonne vehicle. The CT Block means attractive defence lines can be installed around a building to make it safe against vehicle incursion. Each CT block weighs 2.2 tonnes and only needs to be recessed 100mm below ground. This solution is
For counter terror purposes, vehicle defence systems must have two roles; they should allow access to pedestrians, but stop unwanted vehicles 41
www.risk-uk.com
EDIT article 9 apr14_riskuk_apr14 01/04/2014 14:13 Page 2
Perimeter security
(continued from p41)
ideal for building and places which are retrofitting perimeter security. Traditional products such as ram raid bollards require deep foundations which means risk and facilities managers need to bear in mind underground utilities such as water pipes and power cables. The CT Blocks shallow foundations means these utilities don’t need to be disturbed and the system can be installed around buildings with as little disruption as possible. Where staff and delivery vehicles need to gain access to a building, CT barriers are a good option for access control. They maintain blast stand-off and provide proven vehicle impact protection. These barriers can be arm barriers or automatic rising blockers. Shallow-mount PAS 68 CT bollards also form part of the integrated perimeter security solutions we install. Bollards and the other
Where staff and delivery vehicles need to gain access to a building, CT barriers are a good option for access control
HVM products can be designed to tie into the surrounding architectural design of a building. As a street furniture manufacturer, we can provide PAS 68 bollard sleeves which match any existing streetscape designs. The CT Block can be finished in a range of aggregates to tie into the general building fabric and design. Perimeter security can be multipurpose; on many of the projects we’ve worked on CT Blocks have been utilised as seating or landscaping. The CT Block can be timber cladded to create planters or have seating and light elements added.
Developing integrated solutions When looking at perimeter security it is advisable to work with a security consultant who can advise on all elements of HVM. Raising multiple contracts with numerous suppliers for different elements of the physical security package is time consuming, difficult to manage and does not always deliver the most cost effective solution. In our experience, offering a range of proven protection measures from our own supply and network of partner organisations provides a comprehensive, proven capability from specification, through to manufacture and installation.
TDSiâ&#x20AC;&#x2122;s award winning access control management software offers even greater control and integration with other systems. ~ 4g_aTbb ?A> P]S 4]cTa_aXbT cWaTT bdXcTb PePX[PQ[T c^ bdXc h^da aT`dXaT\T]cb ~ EDVPaST 22CE X]cTVaPcX^] ~ <X[Tbc^]T _[PcU^a\ X]cTVaPcX^] ~ CTgTR^\ X]cadSTa _P]T[ X]cTVaPcX^] \^Sd[T ~ <XRa^b^Uc 0RcXeT 3XaTRc^ah X]cTVaPcX^] \^Sd[T ~ D][X\XcTS S^^a P]S d][X\XcTS RPaS W^[STa ^_cX^] ~ <XRa^b^Uc B@; SPcPQPbT
5^a \^aT X]U^a\PcX^]) W: www.tdsi.co.uk | T: +44(0)1202 724 999 | E: sales@tdsi.co.uk
EDIT article 12 apr14_riskuk_apr14 01/04/2014 14:14 Page 1
Event security
ecuring international events with the world’s eyes upon you and the responsibility of keeping thousands of people safe is no mean feat. Factor in the massive global change in threat over the last decade and it’s no wonder security is giving the events industry a headache. But, given due consideration, events such as the London 2012 Games can leave nothing but lasting memories of great sporting moments, not breaches in security. Looking back, event security probably meant a bit of fencing and perhaps some patrolling security staff. Many visitors will remember entering events with little or no security checks. This was before the advent of global terrorism and threat. 9/11 changed the world and proved to be watershed moment, not only for air travel, but for the events industry as well. Event’s organisers recognised that threat was now on a global scale. With sporting events catching the imagination of so many worldwide, the pure globalisation of sport renders it the most vulnerable type of event. That day in 2001 exponentially forced the industry into including security as a major planning aspect of any event.
S
Raising the bar The London Olympics raised the bar in terms of security and proved an impressive model for security standards. We saw first-hand the challenges and opportunities that the 2012 Olympics have presented to the event industry. Lasting memories of the Games will include the successes of the athletes, but also the security which ensured the safety of visitors, staff and athletes alike. We supplied one thousand x-ray machines and the same number of archway and handheld metal detectors to the Games organisers. The ‘hands on’ approach of the Government when buying security at London 2012 proves how supply has changed as global threat increases, making them a key stakeholder from the beginning. Additionally with part of the equipment being funded by the public purse it meant that the government took an active role in the decision process and were unable to sit back and take an inactive role as they will be the ones held accountable.
It’s not where, but who Today we are not just concerned with local threats, but threats that come from all four corners of the globe. As a result the security industry has learned that it is not necessarily where you hold an event which dictates the level of security needed, but a thorough risk assessment that drives how you protect those that have been invited. London is a relatively
Securing an event safe city, yet the screening of people and baggage put in place leading up to the Olympic Games in 2012 was on a par with any location deemed less safe around the world. As we approach the first anniversary of the Boston Marathon Bombings, we are reminded that all events are under potential threat and event’s organisers from large to small events, from ‘safe’ to ‘troubled’ locations; need to consider security as a high priority without exception. One of the biggest changes within the industry has been the changed attitudes of visitors to events in terms of security screening. Once perceived as obtrusive, security scanning devices and are now so widely adopted and expected that a venue may not be deemed ‘secure’ without them. This shift in public perception from obtrusive to comforting has enabled security technology to play a larger role, not only for physical security checks but to enable visitors the peace of mind of security. During the Brazil 2013 Confederations Cup, we screened 500,000 people including all attendees, players, staff and media. In addition to people, we screened all freight delivered to the stadiums on non-games days. Yet there was no adverse reaction to these security measures. The key to acceptance is using great technology, with high throughput ensuring that bottlenecks do not appear.
Frederic Brouiller, Vice President Sales EMEA, Rapiscan Systems talks about how the events sector is tackling heightened security issues head-on, and what can be expected in Brazil later this year
Glasgow and Brazil With all eyes on Brazil in June, the Glasgow 2014 Commonwealth Games in July and looking forward to the Rio 2016 Olympics, expect to see security take centre stage. The plethora of global news stories about Brazil’s security measures leading up to the World Cup in June emphasises just how much the world is watching. Physical security, body and bag scanning, is going to be incredibly important, yes as a deterrent against threat, but also to act as a physical reminder that the organisers are taking threats seriously. The combination of security technology with high throughput and high visibility of security measures will put the event industry in great stead to ensure we continue to create great sporting moments.
With all eyes on Brazil in June, the Glasgow 2014 Commonwealth Games in July and the Rio 2016 Olympics, expect to see security take centre stage 43
www.risk-uk.com
EDIT article5 apr14_riskuk_apr14 01/04/2014 14:21 Page 2
Going green
Simple savings It can be easy being ‘green’ says John Davies, Managing Director of TDSi here is a palpable feeling amongst many business leaders that the UK economy as a whole is experiencing what is often referred to as ‘Green Shoots’ of recovery and growth. It’s also a rather apt phrase, considering the economic downturn and recession that followed undoubtedly took some attention away from many ‘Green’ concerns, with buyers in many sectors including security mistakenly believing it meant more expense. However, the security sector, has recognised that being ‘Green’ needn’t mean spending more money – in actual fact, saving energy and resources makes sound business sense and is now arguably more important than ever. Security customers are looking for solutions that not only offer reasonable upfront prices, but also provide ways to cut running costs and gain maximum saving from any investment they make. The security sector has approached this on two levels. Firstly by making the systems themselves more energy efficient and secondly by ensuring greater synergy and integration between access control and other building services such as heating, lighting, CCTV, fire and security. Traditionally, consumers were particularly interested in the cost price and performance when they specified their access control systems. Consequently, as an industry, we sold systems that addressed this and it proved to be a good business model. However, socioeconomic changes mean that we, as an industry, now need to offer energy savings whilst maintaining reliability and performance. The need to eliminate waste is now driving product development as much as the other factors. Many organisations start with the obvious ‘low hanging fruit’ by using low energy light systems in their office environments, which will cut the carbon footprint straight away. At TDSi we did this too by switching to low energy lighting and reaping a saving in emissions of CO2 by 3 tonnes
T
We now need to offer energy savings whilst maintaining reliability and performance 44 www.risk-uk.com
per annum, with a reduction in the amount of electricity that we consume. Switch mode power supplies are also an important factor. Unlike a more traditional linear PSU, the pass transistor of a switching mode supply, continually switches between low-dissipation full-on and full-off states and spends very little time in the high dissipation transitions - which minimises wasted energy. Having made a strategic decision to move in this direction, we tested the two approaches to see the difference it could make to our customers in the operation and cost of running their TDSi systems. Calculations show that the use of just one 5A power supply unit using a switched-mode approach can save over £30 a year compared to a traditional linear PSU. When used over multiple security systems, this can offer impressive cost savings. Saving energy on each appliance provides a solid foundation for cutting operational costs. However, going beyond this requires the integration of all the different system components to offer a more efficient solution. The ability to integrate access control systems with other building services (such as heating or lighting for example) brings significant longterm energy savings. By ensuring that these systems are only activated when they are actually needed, users can minimise wastage of resources when the facility is empty, whilst still offering full services during busy periods. As well as improving technology, there is even more that manufacturers and installers can do to help clients optimise their access control systems and cut energy use. Whilst replacing legacy systems with more efficient technology is a sound long-term financial investment, persuading customers to do so prematurely can be difficult. An excellent way to address this is to offer discounts or incentives on new systems in return for scrapping older technology. Attractively priced new systems with valueadded bonuses such as warranties and service agreements ensure that upgrading access control systems can contribute to a very strong case and sound investment for any customer. Despite preconceptions to the contrary, there is a lot of evidence to suggest ‘Going Green’ is still a very sound sales message. Even ignoring the wider environmental and CSR issues, it can make an excellent sales case for a market that, undoubtedly, is still looking at access spending with ever increasing scrutiny. What the access control sector, and the wider security sector as a whole, needs to do is embrace the efforts already underway and further promote the wider benefits of championing an ethos that, if done well, brings benefits to all involved.
Project1_Layout 1 01/04/2014 21:50 Page 1
EDIT tif apr14_riskuk_apr14 01/04/2014 21:54 Page 2
Technology in focus A solution to the analytics conundrum Digital Barriers has introduced a system to provide smart and simple VCA at the edge. SafeZone-edge, which integrates with Axis network cameras, has been designed to overcome the limitations of both server-based and conventional edge-based systems. i-LIDS approved, the SafeZone-edge setup interface provides application installation, license activation and automatic calibration of multiple cameras, enabling a lone installer to deploy the system in just a few clicks on smaller sites – while additional calibration modes simplify the installation of large numbers of cameras. Daren Lang, Manager - Business Development, Northern Europe at Axis said: “SafeZone-edge is a very exciting solution and intrusion detection package that provides Axis camera users with a compelling argument for embedding video analytics at the edge of the network. Digital Barriers are using Axis cameras as the platform to deliver a solution that is not only cost-effective but also provides levels of accuracy and robustness that is usually only associated with server-based applications.”
Cameras upgraded and made easier to fit COP Security has released a host of new and upgraded cameras. Now available, all Express and IRLAB 420, 520 & 600TVL cameras have been upgraded to 700TVL, 700TVL and 960H (16:9 widescreen) formats respectively. In addition, new and upgraded cameras have been added to the HD-SDI, IR Speed dome and covert camera ranges. To assist installers with easier and quicker camera installations, the depth of camera brackets available for each COP camera has also been increased. All COP cameras are now supported with a selection of camera mounting bracketry, including wall mount, stand-off and back box options - to enable installers to complete any installation with the minimum of fuss. www.cop-eu.com
www.axis.com
ANPR camera for real-time access Knighthood International has launched its integrated Bearbox system incorporating ANPR direct from the camera. It combines all the camera and real-time processing functions into the unit so that access can be granted in real-time. There is no need for a server or PC and the output can be used direct or passed to the host for reporting and audit trails. The Bearbox technology allows this system to be integrated with any other site system. The Bearbox ANPR system provides a new tool for traffic monitoring and can be used in single and multiple formats to control access to multi-entrance car parks, toll collection, traffic movements at ferry terminals or security. For example, it can allow only pre-registered cars to have access to staff car parks or embassies, combining the entry gate function to the camera’s data collection for an automated, secure response or it can monitor which cars have entered and left a facility and present the data as in hire car depots. www.knighthoodinternational.co.uk
46
www.risk-uk.com
EDIT tif apr14_riskuk_apr14 01/04/2014 21:54 Page 3
Technology in focus
Wire-free CCTV and PIR unit launched
HD-SDI product range introduced Santec has introduced a product range for video surveillance using HD-SDI technology. The new HD-SDI products include HD-SDI cameras, camera sets and speed domes. Moreover, a new SanStore HD-SDI recorder has just been launched which features auto detection at D1, 960H and HD-SDI (1080p, 720p). The recorder is available as 4-channel, 8channel or 16-channel model and is equipped with up to 4TB storage. Regarding cables, Santec offers an HD-SDI coax cable for transmitting HD video signals for up to 180 m distances. Matching accessories such as highquality plugs, repeaters and converters are also available. www.santec-video.com
New IP range in two formats Genie CCTV has launched a new range of IP surveillance products in two recording platforms (Professional and Performance) and a portfolio of cameras to fit the majority of commercial, industrial and domestic applications. With a minimum of 2.1MP the new Genie cameras ensure the capture of full ONVIF conforming 1080p images; and the range includes a Mini PTZ with a 5x Optical Zoom capability. PoE is standard throughout, as is Micro SD Card support – and models with integral Varifocal Lenses come with the Smart Focus feature which allows engineers and operators to remotely zoom a camera in or out – via the camera’s dedicated web page – and the camera then automatically re-focuses. Genie has developed two separate recording solutions, the NVRPRO Professional Range is available with 9, 16 or 32-Channels and the NVRX Performance with 4, 8 or 16-Channels – the new cameras can obviously be used with either NVR. www.geniecctv.com
ESP has added to its growing range of External Area Protection systems with a wire-free version of its GuardCam. According to the company, the GuardCam WF provides an ideal solution for the surveillance and protection of external areas around domestic or light commercial properties. Images are captured by wire-free CCTV cameras built into PIR controlled security lighting units and digitally transmitted to a choice of indoor receivers with integral SD card recording and user controls. GuardCam operates on a 2.4GHz frequency featuring FHSS digital technology to eradicate interference from other wire free devices and provides a range of up to 150m. Up to four transmitters (GuardCam WF-T) can be paired to a single receiver (GuardCam WF-MR with built in 7 inch screen or (GuardCam WF-SAR) for direct connection to a television.it One of the most popular features of the GuardCam range is that they don’t appear to be cameras. Users - especially in domestic installations - may not wish to create a high security prison look to their home. However they are happy to have socially acceptable security lights installed. This semi covert nature of the GuardCam range also fools the intruder. A natural reaction is to look toward the source of a triggered light and therefore also directly into the camera. www.espuk.com
EN54-3 and EN54-23 approved AV range KAC Alarm Company has developed ENscape, a range of EN54-3 and EN54-23 approved conventional AV warning devices for use in fire detection systems. With electronics and optics providing high light output at low current draw, ENscape beacons and sounder beacons minimise the overall number of devices required. The sounder-only devices are approved to EN54-3 with a global tone set of 32 tones, and flexible alarm settings allow for phased evacuation. ENscape beacons provide building occupants, particularly the hearing impaired, improved warning of fire alarm or evacuation conditions, whilst increasing safety in areas where high ambient noise levels render sounders ineffective. Separate sounders, beacons and combined sounder beacons fit a variety of bases. Any of the devices can be installed on a wall or ceiling, reducing stock requirements and saving installation time. KAC’s first fix capability allows wiring to be tested without the active devices being installed; this interchangeable modular design enables simple system set-up and later reconfiguration if required. www.kac.co.uk
47
www.risk-uk.com
EDIT tif apr14_riskuk_apr14 01/04/2014 21:54 Page 4
Flat screen range for 24/7 surveillance
Connector gel gets a re-launch! Connector gel Contralube 770 has been relaunched with a new formulation which reportedly makes the connector gel more effective at weatherproofing electrical, electronic and data connections. The improved formula, says the company, will ensure that security engineers do not experience warranty call-outs due to external power or data connections (digital or analogue) becoming corroded or experiencing water ingress. Recommended for application to multi-pin connectors, spade, bayonet, bullet and any other type of push fit electro mechanical contact area Contralube 770 is a clear gel that prevents moisture ingress (inc. salt water), oxidation and corrosion, contact wear, verdigris and fretting corrosion. The gel is listed as ideal for use with electronic security equipment and had already proven beneficial for the prevention of problems with CCTV installations.
Grundigâ&#x20AC;&#x2122;s new, Full HD, flat-screen monitor range has been designed for professional, 24/7 surveillance applications. The monitors include two HDMI ports. The first port is optimised for video display, making the monitors ideal for use with DVRs and NVRs. The second port is optimised for PC use and is ideal for video management software applications using client PCs, workstations and servers. Anti-reflective, acrylic glass keeps images sharp and the panel scratch-free. This has been combined with LED backlight technology, which increases contrast levels and the darkness of black levels. As a result, says the company, the screen images appear natural and accurate to the eye. The monitors are in 16:9 format and come in two sizes, 21.5â&#x20AC;? or 23.6â&#x20AC;?. Further connections include audio and BNC IN / OUT. grundig-cctv.com
contralube.com
Bespoke vault solution offers security Securikey has launched the Modulprim, a bespoke, onsite-assembled modular vault solution for both new build and existing buildings that require a high security room. Consisting of four walls, a floor, ceiling and vault door, Modulprim offers a storage facility for money, important documents, pharmaceuticals, jewellery and other valuables. These vaults can also be supplied as a five-sided solution (walls and ceiling) if desired, which is often a requirement for the pharmaceuticals market. All vault elements are subjected to extremely rigorous tests to meet European
48
www.risk-uk.com
security standard EN1143-1. These were undertaken at the Vds in Germany, ensuring European wide approval, and each product is branded with the appropriate badge as proof of certification. The Modulprim door is available in Grades ranging from 0-9 depending on the level of security required, with the type and number of locks increasing from a single minimum security key lock for door grades 1-2, up to door grades 6-9 which incorporate a high security key lock and a mechanical combination lock. Door bolts are 40-60mm depending on the security grade selected. The 0-9 level Grading system, coupled with the prefabricated manufacture of vault parts, allows the customer to choose a bespoke solution that is reportedly easy to install, but that also offers optimum security to meet their specific needs. www.securikey.co.uk
EDIT tif apr14_riskuk_apr14 01/04/2014 21:55 Page 5
Technology in focus
3D visuals aid camera set-up Network Video Technologies (NVT) has created a new suite of photo-realistic 3D Application Visuals. Available to view or Download in PDF format each three-dimensional visual illustrates the use of NVT products and wiring topologies in a variety of popular vertical market applications. These include rail, retail, Point-of-Sale, casino, car park, warehousing, and more. The 3D Visuals (Architectural Renderings) illustrate how products can be deployed to achieve superior camera image transmission at extended distances. Installers, integrators and end-users will be able to use the 3D Visuals to see how any analogue camera or IP device can transmit images via NVT, using any cable media. www.nvt.com
Office IT security made easy Bitdefender has launched the new Small Office Security, a simple solution for PCs and Macs that both improves security and eases management for small and medium businesses. To counter rising dangers of hacking, espionage, sabotage, phishing, viruses and data theft, Small Office Security wields proven technology from a cloudbased architecture. The solution cuts out server costs and frees up staff time. Bitdefender Small Office Security allows companies without dedicated IT departments and technical staff to respond to rapidly changing needs and business situations from the cloud for a single subscription fee. From a single, easy-tomanage console, staff can have real-time control of all remote users and offices regardless of the mix of Windows, Macs, desktop and servers. An on-premise version is also available for organisations that prefer to host the security console in-house. “Online threats to small and medium businesses have never been so prevalent, or so complex,” said Catalin Cosoi, Bitdefender’s Chief Security Strategist. “Rather than piling on the difficulty, our answer is to cut through the clutter and offer a simple, effective solution that can be deployed with complete efficiency by almost anybody working within an office environment.” www.bitdefender.co.uk
Long-range prox card reader launched Rosslare Security has announced the release of its AYU900 UHF longrange proximity card reader to fit a range of RFID applications, such as transport management, vehicle management, car parking, production process control, and access control. The AY-U900 reader is compatible with Rosslare Security access control products, providing, says the company, everything needed for any solution. For example, an AC225IP panel may be used with two AY-U900 readers to provide entrance and exit monitoring of a parking lot, while AxTraxNG software provides all the tools necessary for setting car counters into an access area. The reader is both easy to install and easy to use. It comes with an installation bracket kit and an RS-232 cable. Rosslare’s AY-U900 is compatible with multiple protocols and can read multiple tag formats (Rosslare’s ATT910, ISO18000-6B Tags, and EPC GEN2 (ISO18000-6C)). Different types of tags are available per requirement for any type of installation. www.rosslaresecurity.com
49
www.risk-uk.com
EDIT tif apr14_riskuk_apr14 01/04/2014 21:56 Page 6
IP networking and infrastructure guide
Cameras for unobtrusive surveillance Geutebruck’s new professional IP thermal cameras are listed as ideal for unobtrusive video surveillance or video motion detection in total darkness, mist or smoke. With lenses ranging from 7.5 mm to 35 mm, horizontal fields of view from 40° to 9°, and frame rates from 9 to 30 fps, the new G-Cam/PTHC camera series includes a model for increasing accuracy in a video analytics-based system as well as one for providing very early intruder detection by revealing people at up to 1450m and vehicles at up to 3400m. All variants use uncooled VOx microbolometer image capture with a resolution of 320 x 240 pixels. According to the company, the image contrast enhancement feature ensures razor sharp b/w pictures with excellent contrast, while the Geutebruck specialist security H264CCTV compression format delivers video with smooth fluid motion in all speeds and replay modes - without jumps, jerks or other evidential gaps. All reportedly facilitate easy installation with IEEE.3af compliant PoE and are ONVIF compatible. www.geutebrueck.com
Mayflex has launched its new security product guide featuring products from the key Mayflex security vendors. The downloadable pdf is interactive and contains links to a number of useful videos, tools and information which should hopefully make the guide a useful document for customers to visit time and time again. This new release features solutions to suit a range of applications for network based IP security. It is presented in eight sections each listing feature packed products from the company’s best in class vendor partners. More than solely IP security, the guide also features a selection of complementary networking and infrastructure products, enabling customers to find a complete converged IP solution. www.mayflex.com
Beta version gives sneak preview Panda Security has announced a new beta version of its Panda Cloud Antivirus in 2.9 Beta which offers a sneak preview before the official release of Panda Cloud Antivirus 3.0. Panda Cloud Antivirus Beta includes a firewall with an intrusion detection system (IDS), USB vaccination, and protection against pages with malicious content. The beta release introduces a new, more modern look and feel which can be fully customised by users to suit their needs. Additionally, with the new WiFi monitor users will be able to display a list of all devices that are currently connected to their network, and find out if there is someone stealing their Wi-Fi. The new version is reportedly lighter and safer than the previous one, with improved protection capabilities and product performance. www.cloudantivirus.com
50
www.risk-uk.com
EDIT tif apr14_riskuk_apr14 01/04/2014 21:57 Page 7
Technology in focus
Ten-zone expander allows detector increase Eaton’s security business has announced the launch of its new 10 zone closed circuit or CC zone expander device that can increase the number of CC inputs per expander on a control panel, allowing more detectors with CC wiring to be installed. The EXP-WCC is an addition to Eaton’s range of expanders and has been developed following customer demand for a 10 zone CC product that increases design flexibility. Utilising the same housing as the company’s EXP-W10 expander, which supports five closed circuit (CC) zones the EXP-WCC is an upgrade solution for mixed zone systems and can be integrated with Eaton’s Menvier and Scantronic i-onEX control panels. As well as the semi-automatic addressing capability, it has the ability to accommodate all types of resistances – two wire and four wire CC and 1k/1k, 2k2/2k2, 2k2/4k7, 4k7/4k7 fully supervised loop (FSL) – or a combination of these variants. The EXP-WCC also supports masking and fault conditions to be fully Grade 3 compliant. The use of CC technology adds support to any traditionally wired control panels, providing a solution that can be used in almost any situation. The unit is housed within a white plastic case, which has a built-in shrouded back tamper and internal clips to hold the output expander card. For installers the EXP-WCC has
the advantage of reducing the need to have extra stock in vans or a warehouse, as one product is now able to cover all installations when expanding a system. Convenience is also factored as the EXP-WCC can be used with the Eaton expander locator, a product that is especially useful for installers who are new to a property, or service engineers. www.eaton.com
VIOLA – the entry level DVR
Rugged PTZ and dome now available
CCTV distributor Videcon has launched VIOLA2 entry level digital video recorders in 4, 8 or 16 channel variants offering 960H recording for high resolution footage. Building on the VIOLA entry level DVR range, the VIOLA2 offers all the features of its predecessor with further specification improvements to include 960H recording resolution, HDMI monitor output and a more user friendly GUI interface. The VIOLA2 is backward compatible with the remote viewing software and mobile apps of the VIOLA, allowing integration of new and existing sites seamlessly.
Luminite has announced the addition of the X-Series of ruggedised PTZ and dome CCTV cameras to their security detection range. The X-Series reportedly has proven reliability in all terrains and environments and is weather-proof to IP67 standard, making the cameras ideal for use in challenging environmental conditions, including wet and marine external applications. The range includes 18x, 28x and 36x colour and colour / mono (true day / night) options. Infra-red (IR) and whitelight LED illumination technologies ensure operation in poor lighting conditions and total darkness, with the additional benefit of low energy consumption. When mounted in the ‘upright’ position the arms can be cantilevered forward 15° enabling the camera to look down beyond the base of the tower, eliminating any potential blind spots.
www.videcon.co.uk
www.luminite.co.uk
51
www.risk-uk.com
EDIT ria apr14_riskuk_apr14 01/04/2014 14:28 Page 2
Risk in action
Primary school manages access control Betty Layward Primary School has chosen Delta Security to supply and install an EntrySign visitor and contractor management system to increase the security and safety of pupils, staff and visitors at the Stoke Newington-based school. The EntrySign system integrates with all access control systems and provides users with an intuitive, touch-screen interface that increases the accuracy of information pertaining to who is on site at any one time. Terry Purdy, Premises Manager at the Betty Layward Primary School, says the school wanted a system that would give them full visibility of who was on premises: “Prior to using EntrySign we used a number of different sign-in books and procedures. Using the EntrySign system has enabled us to amalgamate all data and print off all necessary reports at the touch of a button.” The EntrySign system can be personalised to match any corporate identity, is compliant with HSE legislation and as well as reporting, it simplifies the process of printing visitor passes and has the option of including a signature and photo on visitor badges. Because EntrySign integrates with Betty Layward Primary School’s Salto access control system, employees are able to continue using the same passes, saving the school additional set up costs. Other benefits include its ability to pre-book expected visitors and contractors for even quicker sign in, its low running costs as it does not use printer ink and its ability to monitor staff attendance and time-keeping.
52
www.risk-uk.com
Kent hospital improves security CBES has secured the Tunbridge Wells Hospital in Kent using proximity readers, door controllers and management software from Access Control Technology (ACT) as part of an IP-addressable system. The ACT equipment is controlling access to over 200 doors including mission-critical areas such as operating theatres, casualty, pharmacy, admissions and high-dependency units. Access control and CCTV have been interfaced with the hospital’s baby tagging system in order to provide even greater levels of security on maternity wings where over 100 babies are born weekly. Tunbridge Wells Hospital is using ACTpro 1040 multi-format proximity readers which are supporting MIFARE cards. CBES opted for cards in which identity details are embedded behind a sector, an extra level of precaution which reduces the risk of card cloning. As well as cards, the readers also support fobs. They generate Clock & Data or Wiegand output and feature tri-colour LED indication as well as a bleep tone for audible indications. ACT’s access control management software is giving the hospital a system with a hierarchy of access rights for staff members according to job profile. The database allows distinctions to be made between clinical and non-clinical staff, the areas of practice for surgical and nursing personnel as well as basic criteria such as gender and likely shift patterns. The readers at Tunbridge Wells are being used with ACTpro 4000 two-door controllers which are designed for high-traffic volumes in environments such as a hospital where changes to the cardholder database are a regular occurrence. Networkable up to 4,000 doors, the ACTpro 4000 can manage up to 60,000 users. CBES have commissioned a fully integrated electronic security solution at the hospital using Pelco CCTV cameras and Galaxy intruder alarms from Honeywell.
EDIT ria apr14_riskuk_apr14 01/04/2014 14:28 Page 3
Risk in action
Moscow Plaza benefits from new installation
Site foxed by false alarms sees reduction A high security storage facility blighted by false alarms triggered by foxes has seen a dramatic reduction following a visit by an Optex engineer and a review of the siting of the detectors. Keetons Business Park provides storage for caravans, motor homes, trailer tents and boats. CCTV covers the site 24/7 and is monitored by EMCS with entry is via a secure gated system. Simon and Gail Doyle, the owners of Keetons Business Park, said the site’s CCTV system using solely PIR motion sensors was experiencing numerous false alarms triggered by foxes, so they approached Neil Makin, Director at Central Electrical. He sought advice from Optex to see if the issue could be resolved by using a different sensing technology, and also reviewing the sensor’s location. “After a visit from an engineer, a dual technology detector using combined passive infrared and microwave technology was installed on a trial basis and positioned in the best place to capture any potential intruder, but not detect foxes or other small animals. So far we have had very few false alarms and it is working very well.” The Redwave that was specified has reduced alarms from several a day to virtually none. Neil says: “We have been using Optex Redwall products for a number of years but were not aware of this animal immunity feature provided by the dual tech Redwave detectors,” he says. “Since they have been installed and the detection area correctly set, there have been practically no false alarms and it has worked flawlessly – it detects those that should not be on site and not foxes and other small animals.” Nigel Hackett of Optex Europe says: “Medium sized nocturnal animals such as foxes are a common cause of false alarms when the system relies on passive infrared technology only. Using a combined microwave/PIR motion sensor like Redwave allows users to analyse the target further and ignore animals.”
Samsung Techwin cameras are at the heart of a network video surveillance system installed at the Paveletskaya Plaza business centre in Moscow which comprises two 12 storey and one 27 storey tower. Collectively the buildings offer 65,000 m of office accommodation with several bank branches, a translations bureau, a printing centre and a travel agency, as well as shops, boutiques and restaurants on site. YECONS Technology Solutions, who were awarded the contract to install the video surveillance system, worked with Samsung Techwin’s locally based pre-sales support team. 228 cameras, together with Samsung Techwin network video recorders (NVRs) and monitors, were installed to enable security personnel to monitor 24/7 all activity within the Plaza buildings and the surrounding areas. “At certain locations, where positive identification of unwanted visitors needed to be achieved, we recommended the installation of 3MB Full HD camera models that could deliver evidence grade images, as well as technically advanced features such as Intelligent Video Analytics (IVA) and face detection,” said Yusuf Yesilova of YECONS. “In the majority of locations however, 1.3 megapixel cameras were more than able to capture high definition images of a quality which easily met the client’s requirements.” The Samsung Techwin cameras have been installed on all floors of the three buildings, as well as elevators, reception and parking areas. 124 of the 228 cameras are SND-5010s. There are also 89 SNB-5000 cameras which are equipped with built-in licence-free Intelligent Video Analytics (IVA) capability which includes a scene change tampering function, as well as optical tripwire, enter/exit direction detection and an Appear/Disappear function to detect the movement of objects. Of the remaining cameras, eight are SNB6004s and seven are SNB-7080s. Images from all of the cameras are transmitted over a LAN to a central control room where they are monitored live 24/7 by Paveletskaya Plaza operators who are able to direct patrolling security personnel to the precise location where an incident or suspicious activity may be taking place. At the same time the images are recorded onto one of eight Samsung Techwin SRN-1000 NVRs which are able to work in harmony to provide a seamless server style video recording solution.
53
www.risk-uk.com
EDIT ria apr14_riskuk_apr14 01/04/2014 14:28 Page 4
IP system aids with certification NW Systems Group has completed the installation of an IP video surveillance system for food transport and storage company McBurney Refrigeration. The new system was installed at McBurney’s main UK storage depot in Liverpool as part of a package of security and health & safety improvements required to gain British Retail Consortium (BRC) Global Standard – Storage & Distribution Issue 2 certification. McBurney Refrigeration was keen to gain compliance with this standard before 2014 when some of its larger customers, including ASDA, began requiring it as a condition of doing business with them. Another major business advantage of gaining the BRC certification is that fewer management hours are now tied up in hosting and providing documentation for customer inspection teams now that they have been awarded the ultimate UK standard for handling and storage of chilled and frozen food goods. NW Systems’ IP video system needed to address a key security and fire threat which jeopardised BRC accreditation. This threat came principally from visiting foreign drivers not observing the site’s no smoking ban and lighting up right outside the doors which offered access to the chillers. Peter Amos, warehouse manager, McBurney Refrigeration, said: “We had specific concerns about enforcing a site-wide ban on smoking which had proved difficult. We had also experienced some shrinkage of frozen fish stocks in the top floor of the warehouse. Some drivers passing through this site come from as far afield as Spain or Portugal. They drive customers’ trucks full of chilled vegetables up to this site, before delivering the produce onto the retailers’ regional distribution centres.” The fact that some drivers were smoking close
Eye Hospital upgrades with sounders London’s Moorfields Eye Hospital has turned to Vimpex for a major upgrade to their fire alarm system. In the first phase of the project, Moorfields has replaced fire alarm bells with 250 multi-message Fire-Cryer Plus voice sounders. When the project is complete, the hospital will have over 500 Fire-Cryers fitted. Since staff and occupants are familiar with the traditional bell tone, the Fire-Cryers have been programed so that a realistic bell tone precedes the evacuation and alarm messages. The system has been configured into 48 zones to allow phased evacuation of the building in the event of a fire. This also reduces the disruption to patients and staff in the event of a false alarm or an incident that can quickly be resolved. The use of unambiguous voice messages to accompany
54
www.risk-uk.com
to the doors compromised entrance security because they could hold doors open for unauthorised individuals, who would not therefore have to punch the code into the door locks to release them. In addition smoking in these areas breached McBurney’s fire regulations on the site, put there because the walls of the chillers contain highly flammable insulation materials. Once the IP video system was installed smoking stopped in these areas and BRC accreditation has been secured. All eleven Merit Lilin IP cameras that NW Systems deployed were multi-megapixel devices with built-in infrared LED lighting, configured to provide ten frames per second, HD resolution images around the clock, all recording on motion. Three Veracity Ooutsource PoE midspans, one Veracity Outreach Repeater combined with one Lilin five-port PoE switch and three Levelone eightport PoE switches were used to provide Power over Ethernet to all cameras. Milestone XProtect Essential video management system was configured on the 8 TB GVD IPX RAIDbased server, configured to handle video images from up to 30 cameras, storing images for up to 60 days. Milestone Mobile software was also deployed to provide relevant senior managers with mobile access to live and recorded images on their smart phones to help with security checking and ensure all cameras are always working properly. Designated managers can also view the cameras via Milestone XProtect Smart Client from their PCs. NW Systems designed the system to use the existing fibre network which serves the warehouse and offices. The cameras themselves were linked to the corporate network via CAT5 Ethernet cabling and three secure video transmission points. Cameras were cited looking at doorways affording secure access to the chillers. the traditional bell tone will aid safe evacuation by removing the confusion often associated with building alarms. Each voice sounder can be programmed with up to seven messages from a library of thousands, many of which are multi-lingual, ensuring that any site requirement can be fulfilled. The units can be synchronised and have a low current consumption allowing simple replacement of existing sounders and bells. The multi-message capability also ensures that system test and all clear messages can be easily transmitted avoiding confusion with the fire/evacuation alarm. All of the Fire-Cryers at Moorfields are the standard wall-mounted units, some of which have been specified with the integral synchronised high-output LED strobe, ensuring alarms can be seen, heard and understood.
EDIT ria apr14_riskuk_apr14 01/04/2014 14:29 Page 5
Risk in action
Addressable detector system makes savings in estate Fike Safety Technology has supplied its Quadnet analogue addressable system for a residential building complex in India. The Wembley Estate in the Gurgaon District of Haryana has eight tower blocks with 13 floors in each. The use of Fike’s fire detection technology has reportedly resulted in cost savings for the project, whilst providing fire protection. The initial tender specification required the installation of 575 conventional detectors, 600 manual call points, 120 sounders and eight conventional panels, one for each tower, and one repeater panel for the security control room. The total cabling requirement was in excess of 50,000 m. Spectrum Safety Solutions Pvt proposed a different solution using a single Quadnet panel and Fike’s multi-criteria addressable detector. “It was the use of Fike’s addressable detector that enabled us to completely re-design the solution and offer the client cost savings and the advantages of analogue addressable detection compared to the specified conventional system,” said Vijay Arora, Spectrum Safety Solutions’ General Sales Manager. “The multi-criteria
Painless installation at dental hospital When the University College London Hospitals NHS Foundation Trust commissioned the upgrade of the fire detection system at the Eastman Dental Hospital, Apollo was selected as the technology provider by Fisk Fire Group, the company appointed to supply and install the system to protect the site’s staff, patients and property. The Apollo fire detection system, which operates a ‘one out all out’ evacuation sequence, consists of approximately 1200 XP95 detectors which were specified to meet the main fire detection requirements throughout the five storeys of the building. The system was designed around six 5-loop networked Morley panels, as well as a repeater panel. As a result of the complex NHS environment, the Fisk Fire Group and Eastman Dental Hospital project team had to take an unusual approach to installation, as director, Tel Fisk, explains: “Due to the Eastman Dental Hospital being not only a busy NHS hospital, but also a diverse training and research facility, no day works were allowed on site. To overcome this challenge, our installation schedule was carried out between the hours of 7pm to 5am, and was completed to a tight
detector offers multiple modes of operation combining smoke and rate of rise heat detection, with a built-in input module, fault isolator and optional integral sounder. This allows the detectors to be matched to the environments in which they are installed and reduces the amount of cable required as no separate sounder circuit is needed.” The final installation consisted of five conventional manual call points on each floor being wired to an input module in an addressable detector. A single four-loop Quadnet panel communicated with all 575 addressable detectors in all eight towers. No additional sounders were required to be installed, as the built-in sounders in the detectors were used where required. The single Quadnet panel replaced the originally specified eight conventional panels, thereby reducing the proposed eight manned stations, one in each tower, to one for the whole complex. The total cable installed was less than 15,000 m, another saving compared to the original 50,000 m specified in the tender.
timetable.” The Eastman Dental Hospital’s fire detection system also incorporates 156 of Apollo’s new XP95 manual call points. Designed to comply with European standard EN54?11:2001, the manual call points are supplied with isolators, meaning that additional isolation devices are not required. In addition to being EN54?11 compliant, the Apollo manual call points include a number of features designed to make installation and testing quick, easy and cost effective. These include the manual call points being loop-powered (thus saving wiring costs), having bi-coloured LEDs to indicate fault and normal conditions and incorporating a resettable element for fast testing and resetting of the device.
55 www.risk-uk.com
EDIT article 13 apr14_riskuk_apr14 01/04/2014 14:15 Page 2
The pressures of keeping up Organisations face increased pressures around IT security says Oliver Pinson-Roxburgh, Systems Engineering Manager EMEA at Trustwave he rate and sophistication of malware attacks and data breaches continue to accelerate, a trend that is proving increasingly challenging for businesses to counter. Cybercriminals are more sophisticated than ever before, new attack vectors are emerging all the time, budgets are tight and security skills are at a premium. This perfect storm has resulted in security policies being incomplete or disregarded, and many security solutions proving either too complex to manage or too basic to be useful against such wellequipped adversaries. The result - customer and proprietary data is left unprotected, leaving cybercriminals facing an embarrassment of riches and enterprises paying the price. IT professionals are on the front lines of this challenge, most of whom pride themselves on defending their employer’s assets against the motivated grasp of the enemy. They are the men and women in the trenches who are facing increased pressures from all sides. In some cases, these pressures are forcing them to make decisions they don’t necessarily want to make. According to Trustwave’s Security Pressures Report, which details the findings of a survey asking more than 800 IT pros worldwide about the pressures they face surrounding security, 54% respondents said they felt an increase in security-related pressure from 2012 to 2013, and 58% expect even more pressure in 2014. 79% of respondents also said in 2013 they had been pressured to roll out IT projects despite their concerns the projects were not ready due to security issues. The value of data is ever increasing and attackers are targeting businesses of all types and sizes across all industries, aiming to steal payment card data, personally identifiable information (PII), and intellectual property. There is a growing pool of attack vectors from which to choose, including what we now consider a basic business tool, the Web, as well
T
Protecting organisations’ information in today’s complex threat environment requires more manpower and expertise than ever before 56
www.risk-uk.com
as emerging technologies like mobile devices, social media, applications, and the cloud.
New technologies, new opportunities Many businesses are seeing the value of developing and investing in new technologies such as cloud and mobile, but these investments also open up new attack vectors. More than a quarter of IT pros in the security pressures survey felt significant pressure to adopt these new technologies. Whilst the business value of adopting new technologies is often clear, what is not so clear is the risks they pose to the business. The 2014 Security Pressures Report also revealed that 65% of IT pros are pressured to use security products that contain all of the latest features, despite one out of three not having the resources to do so effectively. The security industry is well-known for proclaiming “next-generation” security technologies are the best at protecting data, but if IT pros don’t have the time or expertise to perform policy adjustments, fine-tuning and device management, they might be throwing away their money and contributing to a false sense of security. What is interesting about the findings however, is that there appears to be increased interest from the boardroom in security. 50% of respondents say their owners, boards of directors and C-level executives, are applying the most pressure when it comes to security. However, this interest does not seem to be converting into bigger IT security budgets or increased staffing levels with 85% of IT pros saying a bigger IT security team would reduce security pressures and bolster job effectiveness. The concern from the boardroom is putting increased pressure on the already over-stretched IT pros, and with a lack of skilled security professionals, there needs to be more education and awareness at the boardroom level. Rather than run their information security programmes tactically, IT pros should run their programs as a strategic business initiative and regularly advise executives of the steps they’re taking to protect customer data, intellectual property and the brand as a whole.
Budgets are stretched Malware is everywhere. Cyber-criminals are smart. Opportunities are everywhere. During the past five years alone, the amount of data that is
EDIT article 13 apr14_riskuk_apr14 01/04/2014 14:19 Page 3
IT security
being created and shared has increased exponentially and will likely continue to for the foreseeable future. As the amount of data flowing through a business’s networks, applications and databases increases, so does the number of threats. As new threat vectors open up, new security technologies will be required, as well as the knowledge and skillsets to help make sure those technologies are working properly. This places increased pressure on budgets, which is reflected in the survey. 42% of IT pros felt that new capital outlays are part of their budgets that are most under pressure, followed closely by monthly operational expenses.
Manpower Protecting organisations’ information in today’s complex threat environment requires more manpower and expertise than ever before, which is why there is so much pressure on IT security teams. Having said that, one of the most costeffective ways of augmenting in-house security expertise is to partner with third-party Managed Security Service Providers who can help ensure the most effective security technologies are installed and running properly and help identify
and remediate any security vulnerabilities. 82% of IT professionals said they are currently using, or looking to use, Managed Security Services in the future to help alleviate pressures. Businesses have huge amounts of information moving through their networks and applications as well as being stored on their databases, meaning there is more data to protect than ever before. Threats are growing more hostile and have long outpaced “traditional” security technologies like anti-virus and firewalls. Budgets are also tight, and building and retaining a skilled security team can be challenging. Whilst all these issues are putting increased pressure on IT pros, all is not lost.
The responsibility of all Awareness of cyber-security in businesses is increasing, and employees at all levels are waking up to the fact that security is becoming everybody’s responsibility - not just that of the security team. By educating employees at all levels, IT pros can help increase the overall security of their organisation whilst also educating their entire workforce on security best practices that can help keep an organisation safe.
The value of data is ever increasing and attackers are targeting businesses of all types and sizes across all industries
dycon ad risk nov13_Layout 1 06/11/2013 14:01 Page 1
D15xx & D24xx SERIES DIN-rail Mounted 1-3A Power Supplies
• No fixing screws required, clips directly onto an NS32 (‘G-Section’) or an N35/7.5 ‘Top Hat-section’ DIN-rail • Efficiency higher than 90% at full rated output • 230vAC -12vDC, 230vAC–24vDC, 1–3 A output versions • 110vAC–12vDC version for construction sites • With or without battery backup
Dycon POWER SOLUTIONS
EDIT article 10 apr14_riskuk_apr14 01/04/2014 14:13 Page 1
Utilities
ata breaches are now a regular occurrence, consistently dominating the news agenda. From retailers, to financial services, there is not a week that goes by without news of data loss. But many businesses are still failing to see the reality of the situation we are now facing and the effort required to combat these breaches. Companies are no longer fighting against individuals, but a sophisticated criminal industry, designed solely to access their data. For utility companies in particular, data security is becoming an increasingly vital issue. Over the last few years, the sector has taken quite a beating when it comes to public trust. Firstly, this is because the utility industry is one industry that is generally not trustworthy in the eyes of the consumer. Many consumers place their faith in numerous companies and organisations every day, trusting them implicitly with a number of their personal details. However, a 2012 study of 10,000 UK consumers carried out by the Reputation Institute found that utility companies are the least trusted of all British businesses. But now, utility companies are under threat by a two pronged attack, as trust in data has become another issue that utilities have had to deal with over recent years. And this is supported by recent research by Fujitsu UK & Ireland. This research, which looked into the opinions of 3,000 consumers about their trust in organisations, revealed that when asked to rate their trust on a scale of one to five (where five represents ‘implicit’ trust), consumers said that their confidence in utility companies to keep their personal information secure has declined, from 3.18 points in 2003 to that of 2.84 today. The research also revealed that 43% of consumers say that they have seen no improvement in the services they receive as a result of sharing their data with utility companies, and only 6% of consumers strongly believe that their utility company gives them a better service by using their personal data. These results do not paint a good picture for utilities. So do utility companies have enough security in place to defend their organisations? Worryingly, the answer is no. Recent news reveals that insurers are now refusing to provide cyber-insurance to utility companies because of their weak defences. In previous years, banks have been happy to cover utilities from data breaches, to help companies get back to normal and restore trust in their customers if attackers have penetrated networks and stolen customer information, but it seems like this is no longer the case.
D
Power to the people So threats are continuing to grow and find new ways to hack organisations, and utility companies are becoming increasingly vulnerable, due to the amount of customer data it holds and of the weak security infrastructure that surrounds it. Something needs to change. It also begs the question, is there a better way to approach data security? And is there a better way in which to overcome trust concerns? In short the answer is yes. According to Fujitsu’s research, only 9% of consumers believe that British organisations are doing enough to protect their data, with a third admitting that trust has declined in the last twelve months. So utilities don’t only need to ensure they are robust in their security, but also remain trusted in the eyes of the consumer. To combat this, organisations need to identify what is most important in their organisation and build the right security around it. Organisations can’t protect everything at the same level, businesses need to locate where their assets lie, the type of attacks they can be exposed to and then adjust their security strategy accordingly. With consumers growing more and more distrusting towards utility companies of and how they look after their utility data, organisations also need to remain transparent with what they do with consumer data and showcase the benefits of this data, so consumers can see the full picture. Utility companies need to communicate and demonstrate that their data security is resilient, and highlight the benefits of technology such as smart meters, which provide greater accuracy on consumer usage and better insight into a consumer’s daily life. In today’s world, everyone is at risk to a data breach. Because of this, it is more important than ever for businesses that collect personal data from their customers, such as utility companies, to do everything they can do to keep it safe. With consumers battling to understand the impact of their personal information if a company is hacked, it is even more important for businesses to look to maintain the trust of their customers.
Graeme Wright, associate director of utilities at Fujitsu UK & Ireland, looks at data security and trust in the utilities sector
Threats are continuing to grow and find new ways to hack organisations, and utility companies are becoming increasingly vulnerable 59
www.risk-uk.com
EDIT article7 apr14_riskuk_apr14 01/04/2014 14:22 Page 2
Mobile risks
Mobile forensics & trends Cellebrite research reveals the top trends shaping mobile forensics ellebrite surveyed its customer base and conducted interviews with leading mobile forensic experts and analysts spanning the industry. According to the research, the following trends will directly shape mobile forensics in the months to come: Consumers Increasingly Rely on Multiple Devices: Investigators are likely to find themselves analysing data from more than one cellular phone, tablet, GPS device and other mobile media, not just per case but also per person. As a result, mobile forensic investigations have outpaced computer forensics, with the ratio increasing by as much as threefold over the past three years. “This trend shows that as mobile devices become more powerful and easier to use, more people depend on them to manage different aspects of their work and personal lives,” said Cindy Murphy, a detective with the Madison Wisconsin Police Department. “That means that investigators need ways to manage multiple sources of data to obtain a full picture of each person’s life, in the time frame that they need the information most.” Extraction and Analysis Go Local, Shifting from the Lab to the Field: Whether as part of a search incident to arrest, the forensic preview of digital media during execution of a search warrant or a consent to search while evaluating a complaint, almost 44 per cent of survey respondents now extract mobile data in the field. “Digital forensics is becoming democratised,” said D/Sgt Peter Salter of the Police Service of Northern Ireland eCrime Unit. “Specialists and case investigators alike both benefit from having the capability to examine exhibits locally and on the frontline. Within agreed procedures, this approach enables investigators to determine which exhibits require more in-depth investigation, as well as provide frontline investigators with rapid, controlled access to digital evidence in order to inform their critical decision making.” Mobile Evidence Gets Social, Data Sources Diversify: There are approximately 1.19 billion active users on Facebook, 300 billion tweets sent on Twitter monthly, and 16 billion photos shared on Instagram monthly. Additionally, 2013 saw more than 100 billion downloads of mobile applications. The result? Data living in social applications has become critically
C
The report findings are based on a combination of survey responses and interviews with industry leaders. The following mobile forensics experts were interviewed as part of Cellebrite’s research: Carlos Cajigas – Training Director and Senior Forensic Examiner, EPYX Forensics John Carney – Chief Technology Officer, Carney Forensics Cindy Murphy – Detective Computer Crimes/Computer Forensics, Madison Wisconsin Police Department Simon Lang – Digital Forensic Manager, SYTECH Peter Salter – Detective Sergeant, Police Service of Northern Ireland eCrime Unit Ron Serber – Co-CEO, Cellebrite
60
www.risk-uk.com
important as the number of criminal investigations involving data collected from these applications rose significantly. Cellebrite’s survey revealed that 77 per cent of respondents believed that mobile apps were the most critical data source, followed by the cloud at 71 per cent. “Documenting different communication channels that are part of a crime (e.g., Facebook etc) as well as those that can lead to new witnesses, victims, suspects and alternate perpetrators is becoming more important,” said John Carney, Chief Technology Officer at Carney Forensics. “It is necessary to contextualise mobile device data with social data from people’s online personas.” Big Data, Focused Analytics: With the amount of digital evidence growing from gigabytes to terabytes in many cases, data analytics becomes even more crucial in understanding mobile evidence. Investigators need to be able to separate relevant data from the inconsequential, and then easily understand and explain the differences to themselves, colleagues, barristers/attorneys and jurors. “The ability to visualise timelines, geographical locations, and content can make all the difference in how jurors, barristers/attorneys, and others perceive the relevance of data we extract,” said Simon Lang, Digital Forensic Manager with SYTECH. Mobile Malware Impacts Civil and Criminal Investigations: In 2013, Cellebrite’s panel of industry experts predicted a rise in mobile malware and the resulting need for forensics examiners to understand how to recognise and analyse it together with other evidence. “Malware as a factor in fraud, intimate partner abuse, theft of intellectual property and trade secrets and other crimes is something that all investigators will need to consider with every mobile device they encounter,” said Carlos Cajigas, Training Director and Senior Forensic Examiner with EPYX Forensics. “Training and practical experience are necessary to develop the level of proficiency investigators need to make these assessments.” “The rise in mobile phone usage and consumer reliance on these devices has directly increased the complexity of criminal investigations,” said Ron Serber, Cellebrite coCEO. “In order to ensure that collected mobile data translates into forensically sound evidence, awareness, education and training will be critical for the mobile forensics industry this year.”
EDIT article 4 apr14_riskuk_apr14 01/04/2014 14:09 Page 1
Email security
ver the past two decades, corporate and personal reliance on email has become a given. Yet as a result of the easy ‘fire and forget’ model, the vast majority of business and consumer users simply fail to consider what happens to that email once it has left their Mailbox. But as recent events have revealed, email is not secure – far from it. To date organisations have had no choice but to ignore the risk of email breach due to the impracticality and lack of control offered by traditional email encryption. However, while two decades of email use may have bred complacency, the Internet has become significantly less secure in recent years – the risk is no longer acceptable and organisations are now wide open to breach and compromise.
O
Securing email
Encryption imperative Whatever the long term repercussion of the Edward Snowden leaks, one fact is now clear: Government agencies routinely scan emails. It is not just possible; it is happening. So what can and should be done to safeguard email? Encryption is without doubt the most essential step that an organisation or individual should take to secure emails. Indeed, in an ideal world, emails would have been encrypted from day one. No sensible individual makes a purchase online unless the information is encrypted; and yet information from bank account details to company intellectual property is routinely blasted out via email without even the most basic safeguards. The problem has been that, until now, email encryption solutions have been impractical, such as those following a closed group model; or insecure, such as those relying on passwords. But it is now essential to find an easy to use, global and multi-platform solution to email encryption. So what are the five key features of email encryption?
Avoid passwords Dictionary based password attacks have been around for years but until recently were not very successful. However, the thefts of the LinkedIn, Adobe and PlayStation password databases have changed the game. Hackers have had the chance to analyse billions of real passwords and, as a result, dictionary attacks are very, very effective. Traditional password based encryption offerings are essentially flawed – most notably in that devices are vulnerable when stolen. Whether malicious users find the password immediately or over the course of a few days doesn’t matter – they have pretty much
Tom Colvin of Conseal Security insists it is time to face up to the new reality: email encryption should be a standard that not only safeguards the email message in transit but provides end user control throughout the lifetime of the emails guaranteed access to the protected content. Email encryption cannot rely on passwords.
Ensure it’s inclusive Usability – or lack of it – has been one of the biggest problems with non password based encryption solutions. These closed group based solutions are completely impractical since encrypted emails can only be sent to individuals that have a certificate authorising them to receive the email – an approach that makes no business sense. Alternatively, a recipient can log onto a remote website to retrieve email – having received an unencrypted ‘you have mail’ message via standard email. However, placing the secure email outside the traditional email system not only makes the recipient less likely to open the email in the first place, but also
Whatever the long-term repercussion of the Edward Snowden leaks, one fact is now clear: Government agencies routinely scan emails 61
www.risk-uk.com
EDIT article 4 apr14_riskuk_apr14 01/04/2014 14:10 Page 2
Email security
the people who are meant to read it – irrespective of compromise, from wiretapping to hacking – and it should provide a way of informing the sender in the event of any unauthorised attempts to open the email. Additional value can be provided by offering a way to manage the email process – such as providing a way to recall an email before it has been opened by the recipient; or imposing rules that limit access to specific people or groups. With this level of control added to the fundamental security of ubiquitous email encryption, an individual can have full confidence in the ability to manage and control access to the email for its full lifetime.
Lock down sensitive data makes replying more difficult – and also means replies are not added to the user’s history. What is required is a simple and effective ‘encrypt everything’ solution that can if needed be applied to every email irrespective of device.
Lifetime protection In addition to being impractical, traditional email encryption only protects an email in transit. What happens when an attacker gains access to the recipient’s or sender’s mailbox using spyware, system monitoring programs or simply by stealing a laptop or phone? With no protection of the email once it has been delivered and automatically decrypted by the recipient, and no protection for the sender’s sent items folder, an attacker gains full and complete access to all emails. So where was the value to only offer that ‘in transit’ encryption? An encryption solution therefore must offer a way of protecting the email not only in transit but once it has been delivered and, indeed, throughout its lifetime. In addition to a full audit log that shows when and where the email was opened, and by whom, the system should also proactively inform the sender of suspicious activity and enable action to be taken – such as email suspension or self-destruction.
Managing recipients It would seem obvious that the email should only be read by the intended recipient but how do you know that is the case? Encryption should ensure that the email is only visible to
Data loss is no longer something that can be swept under the corporate carpet 62
www.risk-uk.com
An essential basis of secure, encrypted email combined with a full audit log and lifetime management enables organisations to develop specific strategies that further safeguard the most sensitive data – from intellectual property to financial information. For example, emails can be tagged as only accessible within specific scenarios – from network location to geographic area, even certain devices. An attempt to open the email outside these scenarios is likely to be clandestine – for example, if the recipient is in the UK but the access attempt is being made in Russia. To prevent any risk of data breach, the email solution should be configurable to automatically destruct or suspend the email should any ‘out of scenario’ events occur.
Conclusion Data loss is no longer something that can be swept under the corporate carpet. Whether it is misplaced laptops, rogue USBs or compromised email, the implication of information compromise is devastating to both a business and its customer. Email security has lagged behind every other aspect of digital security for two decades. Given the escalating online threat it is now essential that email encryption becomes a standard available to all. The only way that can be achieved is to move away from impractical and unfriendly password sharing or digital certificate based encryption towards a ubiquitous, encrypt everything model that enables emails to be securely sent to anywhere in the world, and retrieved via any device. It is only once encryption becomes a simple, essential component of the email process that individuals and organisations can begin to impose the high level of control required to safeguard critical information throughout the email’s lifetime.
EDIT article 11 apr14_riskuk_apr14 01/04/2014 14:14 Page 1
IT security
he reason BYOD (bring your own device) causes concern for IT managers is it equates to a wider base of devices gaining access to network resource, often devices outside of the IT department’s control. We know that employees are frequently requesting to be able to use their own devices for work, and the practice is already commonplace. But what are the risks and how can IT managers implement BYOD securely? In a recent piece of IS Decisions research, we asked 250 UK IT managers about their primary security concerns, and BYOD was not far up the list – it was eighth out of 10 options. However, data loss was, second only to viruses, and it is loss of data that is the real concern when it comes to BYOD. Particularly considering the danger of these unsecured devices potentially getting lost or stolen, or otherwise ending up in the wrong hands. How do you create a secure environment in which users are able to use multiple devices of their own choosing? Is it possible for IT managers to mitigate the risks of losing data when users are using a plethora of devices? Here are a few steps to achieving this goal: 1. Limit or prevent concurrent logins This is your first line of defence in BYOD security. If you only allow one login using the same credentials at a time, you can be more sure that whoever is gaining network access, via whatever device, is the owner of those credentials. If a device is lost or stolen, then even before the owner is aware no one can gain network access using their credentials as long as they are logged in elsewhere. 2. Limit working hours or session times Automatically logging off users after a set period or at a set time is another essential way to limit the risks that come with BYOD. If a device goes missing whilst it is logged in, again if the loss is unnoticed the system will automatically log the user out. 3. Limit access according to device Achieving this requires a strict policy and access to your users’ devices, but it is the most direct way to reduce the vulnerable network surface area. By tracking the devices your employees wish to use to access network resources, and limited each user’s access to those set devices, you are significantly reducing the risk of any potentially harmful intrusions. 4. Keep a detailed log of registered devices Once you have started tracking and registering devices for access to the network, it is important that you keep this up to date with specific details so you know which users and credentials relate to which device. This will come in particularly useful for instance when employees cease working with the
T
BYOD and security organisation to ensure you do not continue to allow access from their devices. This may also involve working closely with your HR department, to ensure they notify you when terminations occur. 5. Have a strict BYOD security policy This might seem obvious, but the IS Decisions research found that 29% of IT professionals do not have any kind of security policy for their organisation, let alone one that is specific to BYOD. If you are going to impose the necessary restrictions to create a secure working environment in which employees are able to use their own devices, you need to make those restrictions, and the reasons behind them, absolutely clear. This means documenting them in your security policy, but also using software to consistently remind users of what that policy is at relevant and opportune times using custom alerts. Be clear about what your policy is looking to prevent, and even mention contractual or legal implications of attempting to circumvent the policy to highlight the severity of it. 6. Monitor/respond to suspicious behaviour Once you have all the above in place make sure you have the ability to monitor access to the network in real time. By doing this you can understand what suspicious behaviour looks like, be that log ins from new devices or at odd times, and respond. By responding quickly to suspicious behaviour you are not only reducing the risk, you are helping educate users on the potential problems. There are many benefits to implementing BYOD within a business. Most IT managers and CIOs will have experienced their employees asking to be able to use their own mobiles, tablets or laptops at some point, but it is not just about bowing to user pressure. Allowing for multiple devices to gain network access leads to a more flexible working model, and ultimately greater productivity. It is simply that the right security measures must be in place in order for this to happen and hopefully if your business follows these steps that is entirely possible.
Francois Amigorena, CEO of IS Decisions, reveals the six steps to multi-device security in the age of BYOD
Once you have started tracking and registering devices for access to the network, it is important that you keep this up to date 63
www.risk-uk.com
EDIT article17 apr14_riskuk_apr14 01/04/2014 14:23 Page 2
Voice biometrics
Voicing benefits A fresh perspective on security and customer service through voice biometrics by Claire Richardson, VP – Workforce Optimisation Solutions, EMEA, Verint any have experienced the downside of stringent security and timeconsuming protocols in the call centre that have resulted in poor customer experiences—a challenge that has traditionally been unavoidable for organisations wanting to prevent fraud and adhere to data protection laws. From passwords, passcodes and your first pet’s name, customers are asked endless security questions to validate their identities, some of which they may even have forgotten the answers to. An Opus Research report on the topic of authentication and contact centre security revealed the results from a survey it commissioned “of 1,000 individuals who had recently carried out business over the phone”. Results showed that “about 65% found authentication processes to be frustrating” and “nearly 50% considered the process too timeconsuming.”* Confronting customers with repetitive and time-consuming security hurdles can both slow processes down and run the risk of poor service perceptions among customers. So, how just how can organisations make improvements in this area without compromising security? It’s all about balance. Fraud detection measures are essential in today’s environments. It’s been estimated that as many as one in 2,500 calls are fraudulent. With such figures, it’s vital that organisations not
M
Sources: *Opus Research, Inc., ‘A New Authentication Paradigm: Call Center Security without Compromising Customer Experience’ 2013). Report reprinted by Victrio, now Verint Systems, with permission.
There are main motivations for building a voice biometrics capability; fraud reduction and customer experience 64
www.risk-uk.com
antagonise the thousands of other legitimate callers in the process of weeding out the impostors. As new technologies mature, faster and better ways are emerging to help overcome this challenge. Over the phone, the quickest way to identify someone is by their voice, and biometric identification via the unique characteristics of a person’s voice is finally making this an attainable and effective way to streamline the experience and improve customer service offerings. Essentially, when callers start speaking, the technology can match their voices against known “voiceprints” on record to confirm their identities. Today, there are different motivations for building a voice biometrics capability, most of which centre around two main issues: fraud reduction and customer experience. Depending on the security needs of your organisation, the strategy you choose to implement can be flexible and tie in with existing technology. No modern contact centre should rely on merely one form of identification, and many are likely to already have CRM systems, call monitoring and recording systems, and analytical databases in place. Collectively, these can help in the effort to identify fraudsters and improve the customer service, while complying with industry regulations. Working in conjunction with CRM systems, behavioural analysis and voice of the customer analytics, agents can better understand preferences and actions to increase their knowledge of individual customers. This level of in-depth analysis also can help detect unusual behaviours, such as long pauses over the phone or certain intonations of voice, which can signal a potential fraudster. Further, voice biometrics can help reduce the need for security questions, which are actually a much weaker security measure given fraudster use of social engineering and online ID theft to bypass such questions. And beyond helping combat fraud, agents themselves can benefit from the ability to resolve issues much more efficiently, translating to the customer in the form of faster, better service. As noted by in the Opus Research report, “Financial institutions can reap significant financial gains by using voiceprints to authenticate through the phone channel.” According to its calculations, “…a large money center bank will see over $100 million in economic benefit from reducing fraud loss in the contact center, lowering operating costs, and providing a more pleasing customer experience.”*
Project1_Layout 1 01/08/2013 12:11 Page 1
Bringing together the entire security buying chain In 2014 IFSEC International, the largest and longest running security event moves to a truly international venue. With more than 40 years at the heart of the security industry, reČľecting innoYatiYe industry trends and SroYiding insight into the Oatest technoOogy to NeeS Eusinesses and goYernments secure Put the date in your diary now! www.ifsec.co.uk/add2014
IFSEC International is Sart of
PROTECTION & MANAGEMENT Week
WWW.IFSEC.CO.UK
17-19 JUNE 2014 ExCeL LONDON
EDIT article14 apr14_riskuk_apr14 01/04/2014 14:22 Page 2
Social media risks
Time to be social! James Leavesley, CEO of CrowdControlHQ outlines why risk managers need to join the social media revolution ocial media is no longer just the latest buzz word or an experiment for creative marketing teams. Organisations are fast recognising the importance of social media from a customer, employee and business partnership perspective. Companies are using blogs, videos, Facebook and Twitter to connect with “communities”. However, it only takes one disgruntled customer to take to Twitter, You Tube or Facebook and the results can be costly. Even worse damage can be done by a rogue employee with access to corporate social media accounts and a determination to discredit the company. So here are 5 reasons why risk managers should get up to speed with social media and how to control it:
S
Defamation and the Law Not many people realise that posting, Tweeting or re-Tweeting a libel will leave the person or organisation involved open to prosecution. The position is no different to that of email in the early days. A Tweet, any social media post or email which expressly or implicitly makes adverse comments about others can easily be forwarded or Re-Tweeted and it is always unpredictable what will go viral. The original person/poster can be liable for all subsequent reposts. The Defamation Act 2013 has strengthened the protection for channels such as Facebook and Twitter, which will encourage those who have been libelled to pursue those responsible for media posts or reposts. This leaves organisations open to legal action if an employee or corporate account is involved. It is essential for risk managers to know where an organisation stands in the event of something going wrong. Loss of control It is commonplace for organisations to empower their employees or marketing agencies to create social media accounts on their behalf. But who owns these accounts and who has ultimate control? Accounts
Accounts can be set up in minutes but who is responsible for keeping track of new communication channels? 66 www.risk-uk.com
can be set up in minutes but who is responsible for keeping track of these new communication channels? Risk managers need to be sure that social media policies are consistent with contracts of employment and that employees are aware of their responsibilities. There should be processes and technology in place to manage posts both internally and from third party agencies. Regular audits are necessary to establish how many accounts represent the company and who controls them. However, these can become time consuming and costly without the right social media risk software in place to manage activity.
Confidential information Employees need to be aware that their personal social media accounts will be linked to their employer and therefore could come under scrutiny. An example of how unprotected social media activity proved disastrous for one newly appointed Chief Financial Officer at US clothing retailer, Francesca’s highlights the point. After a confidential meeting the CFO Tweeted; “Board Meeting. Good Numbers = Happy Board.” Francesca’s is a publicly traded company and the CFO was dismissed for sharing confidential inside information. An easy mistake but a risky one which could have been avoided with the right awareness and preparation.
Brandjacking Brandjacking occurs when someone assumes the online identity of another entity for the purpose of acquiring that organisation’s brand equity. For example immediately after the Deepwater Horizon BP gulf oil spill a fake Twitter account @BPGlobalPR appeared with sarcastic and inappropriate Tweets from a fictitious BP spokesperson. In just a few days the account had accrued tens of thousands of followers. While it is not possible to completely prevent brandjacking, listening across social media channels to find out what is being said means fake accounts can be intercepted and ultimately legal action taken. However, companies first have to be aware what is happening and able to respond quickly.
Good for business There is no doubt social media is good for business. With some analysts quoting as many as 46% of online users referring to it when making business decisions (Nielsen, 2013). However, in common with any risk - normal rules apply. Risk managers need to be able to identify, record and mitigate social media risk and a good place to start is with a rigorous social media audit and the right risk management technology in place.
mar14 dir_000_RiskUK_jan14 06/03/2014 14:11 Page 1
Best Value Security Products from Insight Security www.insight-security.com Tel: +44 (0)1273 475500 ...and lots more Computer Security
Anti-Climb Paints & Barriers
Metal Detectors (inc. Walkthru)
Security, Search & Safety Mirrors
ACCESS CONTROL
Security Screws & Fastenings
Key Control Products
Empty Property & Lone Worker Alarms
Traffic Flow & Management
see our website
ACCESS CONTROL & DOOR HARDWARE
ALPRO ARCHITECTURAL HARDWARE ACCESS CONTROL
ACT Unit c1 South city Business centre Tallaght D.24 Ireland www.accesscontrol.ie tel: 00 353 1 466 2570 UK Lo Call Number: 0845 300 5204
Products include Electric Strikes, Deadlocking Bolts, Compact Shearlocks, Waterproof Keypads, Door Closers, Deadlocks plus many more T: 01202 676262 Fax: 01202 680101 E: info@alpro.co.uk Web: www.alpro.co.uk
ACCESS CONTROL – SPEED GATES, BI-FOLD GATES
ACCESS CONTROL
APT SECURITY SYSTEMS The Power House, Chantry Place, Headstone Lane, Harrow, HA3 6NY Tel: 020 8421 2411 Email: info@aptcontrols.co.uk www.aptcontrols-group.co.uk
HTC PARKING AND SECURITY LIMITED 4th Floor, 33 Cavendish Square, London, W1G 0PW T: 0845 8622 080 M: 07969 650 394 F: 0845 8622 090 info@htcparkingandsecurity.co.uk www.htcparkingandsecurity.co.uk
B a r r i e r s , B l o c k e r s , B o l l a r d s , PA S 6 8
ACCESS CONTROL
KERI SYSTEMS UK LTD Tel: + 44 (0) 1763 273 243 Fax: + 44 (0) 1763 274 106 Email: sales@kerisystems.co.uk www.kerisystems.co.uk
ACCESS CONTROL
INTEGRATED DESIGN LIMITED Integrated Design Limited, Feltham Point, Air Park Way, Feltham, Middlesex. TW13 7EQ Tel: +44 (0) 208 890 5550 sales@idl.co.uk www.fastlane-turnstiles.com
ACCESS CONTROL
COVA SECURITY GATES LTD Bi-Folding Speed Gates, Sliding Cantilevered Gates, Road Blockers & Bollards Consultancy, Design, Installation & Maintenance - UK Manufacturer - PAS 68
Tel: 01293 553888 Fax: 01293 611007 Email: sales@covasecuritygates.com Web: www.covasecuritygates.com
ACCESS CONTROL MANUFACTURER
NORTECH CONTROL SYSTEMS LTD. Nortech House, William Brown Close Llantarnam Park, Cwmbran NP44 3AB Tel: 01633 485533 Email: sales@nortechcontrol.com www.nortechcontrol.com
ACCESS CONTROL - BARRIERS, BOLLARDS & ROADBLOCKERS
HEALD LTD HVM High Security Solutions "Raptor" "Viper" "Matador", Shallow & Surface Mount Solutions, Perimeter Security Solutions, Roadblockers, Automatic & Manual Bollards, Security Barriers, Traffic Flow Management, Access Control Systems
ACCESS CONTROL
SECURE ACCESS TECHNOLOGY LIMITED Authorised Dealer Tel: 0845 1 300 855 Fax: 0845 1 300 866 Email: info@secure-access.co.uk Website: www.secure-access.co.uk
AUTOMATIC VEHICLE IDENTIFICATION
NEDAP AVI PO Box 103, 7140 AC Groenlo, The Netherlands Tel: +31 544 471 666 Fax: +31 544 464 255 E-mail: info-avi@nedap.com www.nedapavi.com
Tel: 01964 535858 Email: sales@heald.uk.com Web: www.heald.uk.com
ACCESS CONTROL – BARRIERS, GATES, CCTV ACCESS CONTROL – BARRIERS GATES & ROAD BLOCKERS
FRONTIER PITTS Crompton House, Crompton Way, Manor Royal Industrial Estate, Crawley, West Sussex RH10 9QZ Tel: 01293 548301 Fax: 01293 560650 Email: sales@frontierpitts.com Web: www.frontierpitts.com
ABSOLUTE ACCESS Aberford Road, Leeds, LS15 4EF Tel: 01132 813511 E: richard.samwell@absoluteaccess.co.uk www.absoluteaccess.co.uk Access Control, Automatic Gates, Barriers, Blockers, CCTV
ACCESS CONTROL – BIOMETRICS, BARRIERS, CCTV, TURNSTILES
ACCESS CONTROL – MANUFACTURER
UKB INTERNATIONAL LTD
ROSSLARE SECURITY PRODUCTS
Planet Place, Newcastle upon Tyne Tyne and Wear NE12 6RD Tel: 0845 643 2122 Email: sales@ukbinternational.com Web: www.ukbinternational.com
Rosslare Security Products manufactures the Security Industry’s largest and most versatile range of Proximity and Smart Card readers.
Bletchley Park, Milton Keynes, MK3 6EB Tel: 01908-363467 Email: sales.uk@rosslaresecurity.com www.rosslaresecurity.com ISO 9001 and ISO 14001 Certification
www.insight-security.com Tel: +44 (0)1273 475500
mar14 dir_000_RiskUK_jan14 06/03/2014 14:11 Page 2
MANUFACTURE STANDALONE ACCESS CONTROL PRODUCTS PSU’S, KEYPADS, ELECTRIC LOCKS, BREAKGLASS, EXIT BUTTONS
RGL ELECTRONICS LTD “Products to Trust – Power to Help” Pelham Works, Pelham Street, Wolverhampton WV3 0BJ Sales: +44 (0) 1902 656667 Fax: +44 (0) 1902 427394 Email: info@rgl.co www.rgl.co
BUSINESS CONTINUITY
BUSINESS CONTINUITY SOFTWARE & CONSULTANCY
CONTINUITY2 E232 Edinburgh House Righead Gate Glasgow G74 1LS Tel: +44 (0) 845 09 444 02 Fax : +44 (0) 845 09 444 03 info@continuity2.com
CCTV POLES, COLUMNS, TOWERS AND MOUNTING PRODUCTS
ALTRON COMMUNICATIONS EQUIPMENT LTD Tower House, Parc Hendre, Capel Hendre, Carms. SA18 3SJ Tel: +44 (0) 1269 831431 Email: comms@altron.co.uk Web: www.altron.co.uk
CCTV
G-TEC Gtec House, 35-37 Whitton Dene Hounslow, Middlesex TW3 2JN Tel: 0208 898 9500 www.gtecsecurity.co.uk sales@gtecsecurity.co.uk
CCTV
PECAN
BUSINESS CONTINUITY MANAGEMENT
CONTINUITY FORUM Creating Continuity ....... Building Resilience A not-for-profit organisation providing help and support Tel: +44(0)208 993 1599 Fax: +44(0)1886 833845 Email: membership@continuityforum.org Web: www.continuityforum.org
Stortech Elec, Unit 2 spire green Centre Pinnacles West, Harlow, Essex CM19 5TS Tel 01279 419913 Fx 01279 419925 www.pecancctv.co.uk email sales@stortech.co.uk
CCTV/IP SOLUTIONS
DALLMEIER UK LTD 3 Beaufort Trade Park, Pucklechurch, Bristol BS16 9QH Tel: +44 (0) 117 303 9 303 Fax: +44 (0) 117 303 9 302 Email: dallmeieruk@dallmeier.com
PHYSICAL IT SECURITY
RITTAL LTD Tel: 020 8344 4716 Email: information@rittal.co.uk www.rittal.co.uk
CCTV & IP SECURITY SOLUTIONS
PANASONIC SYSTEM NETWORKS EUROPE Panasonic House, Willoughby Road Bracknell, Berkshire RG12 8FP Tel: 0844 8443888 Fax: 01344 853221 Email: system.solutions@eu.panasonic.com Web: www.panasonic.co.uk/cctv
BUSINESS CONTINUITY 4 Scotia Close Brackmills Northampton NN4 7HR 01604 769222 www.bcontinuity.com
COMMUNICATIONS & TRANSMISSION EQUIPMENT
KBC NETWORKS LTD.
CCTV
SURVEILLANCE / CCTV
IDIS EUROPE
Barham Court, Teston, Maidstone, Kent ME18 5BZ www.kbcnetworks.com Phone: 01622 618787 Fax: 020 7100 8147 Email: emeasales@kbcnetworks.com
DIGITAL IP CAMERAS
SESYS LTD
1000 Great West Road, Brentford, LONDON TW8 9HH Tel : +44 (0)203 657 5678 Fax : +44 (0)203 697 9360 uksales@idisglobal.com
Supplying digital IP camera for rapid deployment, remote site monitoring, fixed and short term installations. High resolution images available over mobile and wireless networks to any standard web browser.
MANUFACTURERS OF A COMPLETE RANGE OF INNOVATIVE INFRA RED AND WHITE LIGHT LED LIGHTING PRODUCTS FOR PROFESSIONAL APPLICATIONS INCLUDING CCTV SCENE ILLUMINATION, ARCHITECTURAL UP-LIGHTING AND COVERT SECURITY.
END TO END CCTV SOLUTIONS/RECORDERS, CAMERAS, NETWORK PRODUCTS
ADVANCED LED TECHNOLOGY LTD Sales: +44 (0) 1706 363 998 Technical: +44 (0) 191 270 5148 Email: info@advanced-led-technology.com www.advanced-led-technology.com
1 Rotherbrook Court, Bedford Road, Petersfield, Hampshire, GU32 3QG Tel +44 (0) 1730 230530 Fax +44 (0) 1730 262333 Email: info@sesys.co.uk www.sesys.co.uk
DEDICATED MICROS 1200 Daresbury Park, Daresbury, Warrington, WA4 4HS, UK Tel: +44 (0) 845 600 9500 Fax: +44 (0) 845 600 9504 Email: customerservices@dmicros.com www.dmicros.com
www.insight-security.com Tel: +44 (0)1273 475500
mar14 dir_000_RiskUK_jan14 06/03/2014 14:11 Page 3
INFRA-RED, WHITE-LIGHT AND NETWORK CCTV LIGHTING
RAYTEC Unit 3 Wansbeck Business Park, Rotary Parkway, Ashington, Northumberland. NE638QW Tel: 01670 520 055 Email: sales@rayteccctv.com Web: www.rayteccctv.com
CCTV SPECIALISTS
PLETTAC SECURITY LTD Unit 39 Sir Frank Whittle Business Centre, Great Central Way, Rugby, Warwickshire CV21 3XH Tel: 0844 800 1725 Fax: 01788 544 549 Email: sales@plettac.co.uk www.plettac.co.uk
TRADE ONLY CCTV MANUFACTURER AND DISTRIBUTOR
COP SECURITY Leading European Supplier of CCTV equipment all backed up by an industry leading service and support package called Advantage Plus. COP Security, a division of Weststone Ltd, has been designing, manufacturing and distributing CCTV products for over 17 years. COP Security is the sole UK distributor for IRLAB products and the highly successful Inspire DVR range. More than just a distributor.
COP Security, Delph New Road, Dobcross, OL3 5BG Tel: +44 (0) 1457 874 999 Fax: +44 (0) 1457 829 201 sales@cop-eu.com www.cop-eu.com
WHY MAYFLEX? ALL TOGETHER. PRODUCTS, PARTNERS, PEOPLE, SERVICE – MAYFLEX BRINGS IT ALL TOGETHER.
MAYFLEX Excel House, Junction Six Industrial Park, Electric Avenue, Birmingham B6 7JJ
Tel: 0800 881 5199 Email: securitysales@mayflex.com Web: www.mayflex.com
CCTV & IP SOLUTIONS, POS & CASH REGISTER INTERFACE, EPOS FRAUD DETECTION
AMERICAN VIDEO EQUIPMENT Endeavour House, Coopers End Road, Stansted, Essex CM24 1SJ Tel : +44 (0)845 600 9323 Fax : +44 (0)845 600 9363 E-mail: avesales@ave-uk.com
CONTROL ROOM & MONITORING SERVICES
THE UK’S MOST SUCCESSFUL DISTRIBUTOR OF IP, CCTV, ACCESS CONTROL AND INTRUDER DETECTION SOLUTIONS
NORBAIN SD LTD ADVANCED MONITORING SERVICES
210 Wharfedale Road, IQ Winnersh, Wokingham, Berkshire, RG41 5TP Tel: 0118 912 5000 Fax: 0118 912 5001 www.norbain.com Email: info@norbain.com
EUROTECH MONITORING SERVICES LTD.
Specialist in:- Outsourced Control Room Facilities • Lone Worker Monitoring • Vehicle Tracking • Message Handling • Help Desk Facilities • Keyholding/Alarm Response Tel: 0208 889 0475 Fax: 0208 889 6679 E-MAIL eurotech@eurotechmonitoring.com Web: www.eurotechmonitoring.com
EMPLOYMENT
EMPLOYEE SCREENING SERVICES
DISTRIBUTORS
THE SECURITY WATCHDOG Cross and Pillory House, Cross and Pillory Lane, Alton, Hampshire, GU34 1HL, United Kingdom www.securitywatchdog.org.uk Telephone: 01420593830
EMPLOYMENT
URGENTLY NEEDED… National Franchise Opportunities with an established Security Company with over 4000 installs specialising in Audio Monitoring. Try before you buy scheme. Contact Graham for full prospectus graham@securahomes.co.uk TEL: 01274 631001
sales@onlinesecurityproducts.co.uk www.onlinesecurityproducts.co.uk
IDENTIFICATION
ADI ARE A LEADING GLOBAL DISTRIBUTOR OF SECURITY PRODUCTS OFFERING COMPLETE SOLUTIONS FOR ANY INSTALLATION.
ADI GLOBAL DISTRIBUTION Chatsworth House, Hollins Brook Park, Roach Bank Road, Bury BL9 8RN Tel: 0161 767 2900 Fax: 0161 767 2909 Email: info@adiglobal.com
www.insight-security.com Tel: +44 (0)1273 475500
mar14 dir_000_RiskUK_jan14 06/03/2014 14:11 Page 4
COMPLETE SOLUTIONS FOR IDENTIFICATION
PERIMETER PROTECTION
DATABAC GROUP LIMITED
GPS PERIMETER SYSTEMS LTD
1 The Ashway Centre, Elm Crescent, Kingston upon Thames, Surrey KT2 6HH Tel: +44 (0)20 8546 9826 Fax:+44 (0)20 8547 1026 enquiries@databac.com
14 Low Farm Place, Moulton Park Northampton, NN3 6HY UK Tel: +44(0)1604 648344 Fax: +44(0)1604 646097 E-mail: info@gpsperimeter.co.uk Web site: www.gpsperimeter.co.uk
INDUSTRY ORGANISATIONS
PLANNED PREVENTATIVE MAINTENANCE
TRADE ASSOCIATION FOR THE PRIVATE SECURITY INDUSTRY
BRITISH SECURITY INDUSTRY ASSOCIATION Tel: 0845 389 3889 Email: info@bsia.co.uk Website: www.bsia.co.uk
THE LEADING CERTIFICATION BODY FOR THE SECURITY INDUSTRY
SECURITY MAINTENANCE CONSULTANTS • Planned Preventative Maintenance (PPM) Specialists • Price Comparison Service (achieving 20-70% savings) • FM Support / Instant Reporting / Remedial Work • System Take-Overs / Upgrades / Additions • Access, CCTV, Fire & Intruder, BMS, Networks & Automation • Free independent, impartial advice Tel: +44 (0)20 7097 8568 sales@securitysupportservices.co.uk
SSAIB 7-11 Earsdon Road, West Monkseaton Whitley Bay, Tyne & Wear NE25 9SX Tel: 0191 2963242 Web: www.ssaib.org
INTEGRATED SECURITY SOLUTIONS SECURITY PRODUCTS AND INTEGRATED SOLUTIONS
HONEYWELL SECURITY GROUP Honeywell Security Group provides innovative intrusion detection, video surveillance and access control products and solutions that monitor and protect millions of facilities, offices and homes worldwide. Honeywell integrates the latest in IP and digital technology with traditional analogue components enabling users to better control operational costs and maximise existing investments in security and surveillance equipment. Honeywell – your partner of choice in security. Tel: +44 (0) 844 8000 235 E-mail: securitysales@honeywell.com Web: www.honeywell.com/security/uk
POWER
STANDBY POWER SPECIALISTS; UPS, GENERATORS, SERVICE & MAINTENANCE
DALE POWER SOLUTIONS LTD Salter Road, Eastfield Industrial Estate, Scarborough, North Yorkshire YO11 3DU United Kingdom Phone: +44 1723 583511 Fax: +44 1723 581231 www.dalepowersolutions.com
POWER SUPPLIES – DC SWITCH MODE AND AC
DYCON LTD Cwm Cynon Business Park, Mountain Ash, CF45 4ER Tel: 01443 471 060 Fax: 01443 479 374 Email: marketing@dyconsecurity.com www.dyconsecurity.com The Power to Control; the Power to Communicate
INTEGRATED SECURITY SOLUTIONS
INNER RANGE EUROPE LTD Units 10 - 11, Theale Lakes Business Park, Moulden Way, Sulhampstead, Reading, Berkshire RG74GB, United Kingdom Tel: +44(0) 845 470 5000 Fax: +44(0) 845 470 5001 Email: ireurope@innerrange.co.uk www.innerrange.com
STANDBY POWER
UPS SYSTEMS PLC Herongate, Hungerford, Berkshire RG17 0YU Tel: 01488 680500 sales@upssystems.co.uk www.upssystems.co.uk
SECURITY PRODUCTS AND INTEGRATED SOLUTIONS
TYCO SECURITY PRODUCTS Heathrow Boulevard 3, 282 Bath Road, Sipson, West Drayton. UB7 0DQ / UK Tel: +44 (0)20 8750 5660 www.tycosecurityproducts.com
UPS - UNINTERRUPTIBLE POWER SUPPLIES
ADEPT POWER SOLUTIONS LTD Adept House, 65 South Way, Walworth Business Park Andover, Hants SP10 5AF Tel: 01264 351415 Fax: 01264 351217 Web: www.adeptpower.co.uk E-mail: sales@adeptpower.co.uk
PERIMETER PROTECTION INFRARED DETECTION
UPS - UNINTERRUPTIBLE POWER SUPPLIES
GJD MANUFACTURING LTD
UNINTERRUPTIBLE POWER SUPPLIES LTD
Unit 2 Birch Industrial Estate, Whittle Lane, Heywood, Lancashire, OL10 2SX Tel: + 44 (0) 1706 363998 Fax: + 44 (0) 1706 363991 Email: info@gjd.co.uk www.gjd.co.uk
Woodgate, Bartley Wood Business Park Hook, Hampshire RG27 9XA Tel: 01256 386700 5152 e-mail: sales@upspower.co.uk www.upspower.co.uk
www.insight-security.com Tel: +44 (0)1273 475500
mar14 dir_000_RiskUK_jan14 06/03/2014 14:12 Page 5
SECURITY
ONLINE SECURITY SUPERMARKET
EBUYELECTRICAL.COM CASH MANAGEMENT SOLUTIONS
LOOMIS UK LIMITED 1 Alder Court, Rennie Hogg Road, Nottingham, NG2 1RX T - 0845 309 6419 E - info@uk.loomis.com W - www.loomis.co.uk
Lincoln House, Malcolm Street Derby DE23 8LT Tel: 0871 208 1187 www.ebuyelectrical.com
INTRUDER ALARMS – DUAL SIGNALLING
WEBWAYONE LTD CASH & VALUABLES IN TRANSIT
CONTRACT SECURITY SERVICES LTD Challenger House, 125 Gunnersbury Lane, London W3 8LH Tel: 020 8752 0160 Fax: 020 8992 9536 E: info@contractsecurity.co.uk E: sales@contractsecurity.co.uk Web: www.contractsecurity.co.uk
11 Kingfisher Court, Hambridge Road, Newbury Berkshire, RG14 5SJ Tel: 01635 231500 Email: sales@webwayone.co.uk www.webwayone.co.uk www.twitter.com/webwayoneltd www.linkedin.com/company/webwayone
LIFE SAFETY EQUIPMENT
C-TEC CCTV
INSIGHT SECURITY Unit 2, Cliffe Industrial Estate Lewes, East Sussex BN8 6JL Tel: 01273 475500 Email:info@insight-security.com www.insight-security.com
Challenge Way, Martland Park, Wigan WN5 OLD United Kingdom Tel: +44 (0) 1942 322744 Fax: +44 (0) 1942 829867 Website: http://www.c-tec.co.uk
PERIMETER SECURITY
TAKEX EUROPE LTD FENCING SPECIALISTS
J B CORRIE & CO LTD Frenchmans Road Petersfield, Hampshire GU32 3AP Tel: 01730 237100 Fax: 01730 264915 email: fencing@jbcorrie.co.uk
Aviary Court, Wade Road, Basingstoke Hampshire RG24 8PE Tel: +44 (0) 1256 475555 Fax: +44 (0) 1256 466268 Email: sales@takexeurope.com Web: www.takexeurope.com
SECURITY EQUIPMENT INTRUSION DETECTION AND PERIMETER PROTECTION
OPTEX (EUROPE) LTD Redwall® infrared and laser detectors for CCTV applications and Fiber SenSys® fibre optic perimeter security solutions are owned by Optex. Platinum House, Unit 32B Clivemont Road, Cordwallis Industrial Estate, Maidenhead, Berkshire, SL6 7BZ Tel: +44 (0) 1628 631000 Fax: +44 (0) 1628 636311 Email: sales@optex-europe.com www.optex-europe.com
PYRONIX LIMITED Secure House, Braithwell Way, Hellaby, Rotherham, South Yorkshire, S66 8QY. Tel: +44 (0) 1709 700 100 Fax: +44 (0) 1709 701 042 www.facebook.com/Pyronix www.linkedin.com/company/pyronix www.twitter.com/pyronix
SECURITY SYSTEMS INTRUDER AND FIRE PRODUCTS
BOSCH SECURITY SYSTEMS LTD
CQR SECURITY
PO Box 750, Uxbridge, Middlesex UB9 5ZJ Tel: 01895 878088 Fax: 01895 878089 E-mail: uk.securitysystems@bosch.com Web: www.boschsecurity.co.uk
125 Pasture road, Moreton, Wirral UK CH46 4 TH Tel: 0151 606 1000 Fax: 0151 606 1122 Email: andyw@cqr.co.uk www.cqr.co.uk
INTRUDER ALARMS – DUAL SIGNALLING
CSL DUALCOM LTD Salamander Quay West, Park Lane Harefield , Middlesex UB9 6NZ T: +44 (0)1895 474 474 F: +44 (0)1895 474 440 www.csldual.com
INTRUDER ALARMS AND SECURITY MANAGEMENT SOLUTIONS
RISCO GROUP Commerce House, Whitbrook Way, Stakehill Distribution Park, Middleton, Manchester, M24 2SS Tel: 0161 655 5500 Fax: 0161 655 5501 Email: sales@riscogroup.co.uk Web: www.riscogroup.com/uk
SECURITY EQUIPMENT
CASTLE Secure House, Braithwell Way, Hellaby, Rotherham, South Yorkshire, S66 8QY TEL +44 (0) 1709 700 100 FAX +44 (0) 1709 701 042 www.facebook.com/castlesecurity www.linkedin.com/company/castlesecurity
www.twitter.com/castlesecurity
VICON INDUSTRIES LTD. Brunel Way Fareham Hampshire, PO15 5TX United Kingdom www.vicon.com
www.insight-security.com Tel: +44 (0)1273 475500
Project1_Layout 1 01/04/2014 15:05 Page 1
Visit Axis at Counter Terror Expo, London Stand E45
Anyone. Anything. Anywhere. Anytime. 8KFGQ UWTXGKNNCPEG HQT ETKVKECN KPHTCUVTWEVWTG
9KVJ VJTGCVU RQUUKDNG HTQO CP[ CPING VJG WPGZRGEVGF KU RTGVV[ OWEJ C IWCTCPVGG HQT ETKVKECN KPHTCUVTWEVWTG 6JCVŠU YJ[ #ZKU HQEWUGU QP UGEWTKPI [QW HTQO RGTKOGVGT to core. 1WT PGVYQTM XKFGQ UWTXGKNNCPEG RTQFWEVU JGNR [QW UGEWTG [QWT UKVG KP GXGP VJG JCTUJGUV EQPFKVKQPU ;GV DG[QPF VJCV YG EQPUVCPVN[
5ECNCDNG HWVWTG RTQQH UQNWVKQPU ŧ 1WVUVCPFKPI *&68 KOCIG SWCNKV[ ŧ +PVGITCVKQP QH XKFGQ CNCTOU CPF OQPKVQTKPI KPVQ VJG 5%#&# U[UVGO ŧ +PVGNNKIGPV CPCN[UKU YKVJ RCTVPGT UQHVYCTG
YQTM VQIGVJGT YKVJ QWT RCTVPGT PGVYQTM VQ DTKPI [QW UQNWVKQPU VJCV GPUWTG UCHG WPKPVGTTWRVGF RTQFWEVKQP VJCVŠU CNUQ OQTG GLJEKGPV Axis solutions for critical infrastructure – EQXGTKPI GXGT[ CPING Visit www.axis.com/criticalinfrastructure