16 January 2013

RedCloud Access Control Partners with American Alarm & Communications


Network security and building security are equally important. If either system is compromised, the organization is immediately at risk. But while many network security systems are now built to support IT best practices and standards, such as virtualization, physical access control systems (PACS) have traditionally been designed without IT professionals in mind.
As a IT Director you face the regular challenge of managing physical and virtual machines in a complex and dynamic IT environment. Implementing new technologies should not add to that burden and take you away from the top priority of ensuring high network performance, security and availability. Traditional physical access control solutions are not designed for today's IT environment, requiring numerous implementation and management hurdles to overcome.
Do you need an access control solution that meets the needs of your security counterparts without making your job harder than it already is? You need American Alarm & Communications Inc.,  new technology partner Red Cloud.

Red Cloud provides the most effective, flexible and cost-efficient platform that seamlessly integrates physical and logical access control without impacting network performance or IT staff bandwidth. Red Cloud appliances are pre-configured with a hardened Linux OS and with Open LDAP and can work within your current physical or virtual infrastructure.
Now, not only can you improve your security, but you can optimize your productivity because Red Cloud is easy to implement and manage - without taking on additional burden or cost seen with traditional PACS. No more OS and client software configuration issues, updates and viruses to address.  And because Red Cloud solutions are specifically designed with IT in mind, you can easily extend identity access management to ensure centralized, real-time management of physical access control, simplify deployment, ease administration burden, improve security and reduce infrastructure complexity.
As IT is tasked with enabling physical security teams with smarter and more efficient technology, physical access control systems need to evolve with the needs of both parties.  IT needs an open-architecture system that offers better scalability, the option to install in a virtual environment and improved options for integration with other IT and physical security systems. Not only do these technologies need to be easy to deploy, for example, in a virtual server environment, they also require the system be hardened to cyberattack while remaining completely reliable.
Meanwhile, the facilities team wants a solution that makes their lives easier. They want it to be easy to change, add or delete users from the system, they need it to allow flexibility to grant access exceptions when the situation arises, and they prefer having the ability to control door access privileges with a smartphone or mobile device, wherever they are in the building, without being tied to their desk.
A system that meet everyone’s needs not only improves their workflow, it keeps expenses down, both now and in the future. Organizations that seek out systems that bring together access control with video surveillance, identity management and Security Information and Event Management (SIEM) can operate more efficiently and intelligently in all situations.
Perhaps most importantly, though, such a system brings down the barriers that have stalled the convergence of physical and logical access control systems for so long. IT no longer needs to worry about an insecure system that adds more operational overhead. And facilities staff no longer need to spend hours figuring out frustrating and confusing user interfaces. The two parties can finally work together to become more efficient and eliminate security gaps in the process, once an IT- and user-friendly building security system has been acquired.
Red Coud's key markets are:
  • Higher Education
  • K - 12 Education
  • Hospitals and Healthcare Facilities
  • Federal Government
  • Municipal Government
  • Enterprise Commercial Accounts, and
  • Small and Medium Commercial Businesses
Who does that leave out?  No one! Don't be held hostage by your access control system.  Drop me an e-mail at jmcdonald@americanalarm.com and I will arrange a demonstration.  Red Cloud can be found on the web at www.redcloudsecurity.com.

19 December 2012

Security Trends in K-12, Some Thoughts



For lack of staff, money, expertise, and time, school districts for the most part still can’t put a huge emphasis on education programs similar to those run in many colleges and corporations to continually remind people about the rules they need to follow when dealing with physical security and confidential data. Maybe 2013 will be the year that starts to change, especially since the Newtown, Connecticut shooting, making the mitigation of risk more palatable and far less pricey than the potential of extended legal actions.  I say this because it bothers me as a parent and a physical security professional, that we spend so much more protecting our Data Centers and Networks than we do in our schools.

The “Active Shooter Scenario” is everyone’s worst case situation, I work with this everyday in protecting hospitals (Code Silver), in malls or any other open to the public facility.  Based on all that I have read on the above incident, I do not believe that anyone could have handled that situation better than it was handled. The school staff did an outstanding job and Law Enforcement responded immediately keeping the carnage to a minimum. My point is schools do not need to be open. We can reduce access and push back the perimeter, which I believe is the only way to reduce the active shooter threat. 

Many times, when I would bring up K-12 school security enhancements I would get push back like “We want an open feeling in our schools and the employees won’t allow that.”  Hopefully what Richard Cantlupe, an American history teacher at Westglades Middle School in Parkland, Fla.: He called Newtown "our 9/11 for schoolteachers." If this is true and we can at least give our schools the same protection as our data centers will come a long way in making our schools safer.  

After 911 we had Presidential Directive 7 which was a Homeland Security Presidential Directive that established a national policy for Federal departments and agencies to identify and prioritize critical infrastructure and to protect them from terrorist attacks. The directive defines relevant terms and delivers 31 policy statements. These policy statements define what the directive covers and the roles various federal, state, and local agencies will play in carrying it out.  We need to add our schools to this list and give grant money to the school districts to get it done today.

The solution is available; it will just cost some money.  The school designs are mostly fine; we just need a few enhancements to reduce the threat, especially the perception of a school being a soft target. However you can never completely eliminate the threat completely.  I have many ideas on this issue and look forward to discussing them in future postings.  I have a check list I have used in the past that I picked up along the way that gets everyone thinking.  If you would like a copy please go to  https://dl.dropbox.com/u/62454695/k-12_School_Safety_Security_Checklist_McDonald_AACI.pdf.  If you have any questions, comment here or call anytime!

29 November 2012

Welcome to INFRAGARD



I am honored to be a new member of INFRAGARD and look forward to providing my support and skills to the organization. InfraGard is a partnership between the Federal Bureau of Investigation and the private sector. InfraGard is an association of businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the United States. InfraGard Chapters are geographically linked with FBI Field Office territories.

From drinking water supplies to communications systems, chemical production processes to agricultural resources, Americans depend on a select group of critical infrastructures to sustain our way of life. Any attempts to harm or destroy these resources would directly impact the security of the United States and its citizens.

Most of these systems and services are owned and operated by private industry. Therefore, the protection of our nation’s infrastructure cannot be accomplished by the federal government alone. It requires coordinated action from numerous stakeholders – including government, the private sector, law enforcement, academia and concerned citizens. My INFRAGARD E-Mail is James.E.McDonald@infragard.org.


12 September 2012

9/11 Thoughts on 9/12


 
Never forget!
Driving to work yesterday it hit me that the day's weather felt the same as it did in 2001.  I took pause to remember the horrific and tragic events of 9/11: the thousands of lives lost, the bravery and dedication of first responders and ordinary citizens and the lingering  effects on us all.



Physical Security Talking Points and Fraud

When discussing physical security, there are several important talking points to consider. Here are some key points to include: Risk Assessm...