Security integrators and IT professionals in the IoT era

Role Of Security Integrators In The Internet Of Things Era (Source Security)

Networking IoT devices may seem like an information technology (IT) function, typically handled by a chief information officer (CIO). However, says Martens, CIOs will be preoccupied with complex issues far beyond physical security. Therefore, identifying where IoT sensors are placed, how they are managed and how they interact will fall to facility managers. And they will depend on their security integrators’ expertise more than ever.

Technology is pushing the security and IT functions closer together, most obviously because they are increasingly provided over the same infrastructures. There’s a lot of good insight at the link.

Forecast: Global Smart Security Market 2015-2019

Latest report on the global smart security market that is estimated to grow at a CAGR of 18.59% over the period 2014-2019 (Sandler Research)

Smart security solutions are used to monitor the activities and behavior of people in areas that are more prone to unauthorized access or damage, such as enterprises, educational institutions, commercial buildings, and utility infrastructure. Smart security includes advanced security systems such as IP surveillance cameras, biometric access control systems, integrated perimeter intrusion prevention systems, and wireless alarms. Thus, these solutions can secure an area from miscreants, terrorist activities, and data theft.

Adoption of intelligent security solutions for cities and their infrastructure not only provides security but also peace of mind to the residents.

The analysts forecast global smart security market to grow at a CAGR of 18.59% over the period 2014-2019.

Future payments

Biometrics a tipping point for future of payments (Finextra)

Smart folks like Jack Dorsey of Twitter have been talking about and removing friction for the best part of 10-15 years. It’s not a new concept, but in many ways the technology is finally catching up in order for us to make things happen under the bonnet (OK – no more car analogies).

The accepted norm for payment authentication has been some sort of user name and password or PIN. It’s a great place to start to develop future propositions. But this doesn’t make mobile or devices any more secure. No real advantage. And having a contactless card or device that can be used with a bump, tap, pass or wave; doesn’t set minds at ease.

Device manufacturers and electronics manufacturers have an awful lot of skin in the game to set this new standard, alongside the players that manage the market infrastructure. There are a number of developments underway in Biometric security. Things like Facial Recognition, Fingerprint, Ear scanning and Heart Rhythm. Capability that could make payment security into a “subconsciously competent” factor. And of course, this technology could quickly extend into daily life (transport networks, biometric security “keys” to name but two) and come in many forms.

Right now we have to try to identify ourselves to IT networks, including payment networks. That probably won’t always be the case.

The changing face of security and access control

Gary Hills, Head of capital development at the British Broadcasting Corp. (BBC) had some interesting things to say at the recent FMP London event. [ed. I’m pretty sure FMP stands for Facility Management Professional, but I was shocked to see how popular the acronym is.]

The BBC is considering using biometric access controls at its buildings. (FM World)

Hills said the first phase of the BBC’s review had seen 15 control rooms consolidated into one.

He added: “Access ID is used – not biometrics yet, but [we are] looking at it for the second phase. [We] think it will be more acceptable now as they have it in schools and colleges.

“Security is now more a building management role and the information that comes through the control room can be used more widely for building management.”

Adam Vrankulj at Biometric Update ties the story back to recent industry forecasts for the access control market.

I predict some real upheaval in the market for security systems and access control. So far, large security providers have been able to keep their market walled off from competition from the providers of other types of networked information technology. If increasing numbers of facilities management professionals see the world as Gary Hills does, those days are numbered.

Putting the mosaic together in Boston

The post’s title refers to the mosaic of information that can be arranged into a picture of the events leading up to the savage acts. The other mosaic, the way things were for so many unique individuals, can never be put back together.

How This Photo of the Boston Marathon Gives the FBI a Bounty of Data (Wired)

The photo — click to enlarge — shows a lot of people, what they’re wearing and where they’re positioned within the crush of Marathon fans. It’s important to law enforcement, as it “can be of use in putting the mosaic together,” says Robert McFadden, a former Navy terrorism investigator. Crabbe’s wide-angle panoramic photo “could be one of the many critical pieces of the map of the investigation.”

The panorama photo was one of seven shots Crabbe snapped with her phone during a leisurely stroll and later handed over to investigators.

The Wired article starts with a single data point (data set, really), a photo, and follows it part-way through the process the FBI has used during its investigation of the recent bombings in Boston.

…putting the mosaic together. It’s a good metaphor for how the people charged with figuring out what happened and who did it go about their work. Read the whole thing.

Also see:
What’s Going on Behind the Scenes of Bombing Investigation? Forensic Scientist, Former DHS Official Shed Light on Tech and Tactics (The Blaze)

“Facial recognition technology will play a very small part,” Schiro told TheBlaze in a phone interview.

“A lot depends on the quality of the images you have to work with,” Schiro continued noting that lighting, angle and other factors could really limit the use of facial recognition in the case. Not only that but there would need to be some sort of match for it to recognize.

UPDATE:
Here’s another good article about facial recognition and crime solving. I selected the two paragraphs below because they highlight both the organizational issue of interoperability and the technology issues around matching. There are other interesting insights in the rest of the piece.

Facial Recognition Tech: New Key to Crime Solving (The Fiscal Times)

However, it’s likely the FBI was unsuccessful in identifying the suspects using FR because either they didn’t have a quality image of the wanted persons, or the suspects were not in any of the databases the FBI has access too, Albers said.

While facial recognition technology has high-accuracy when used to match a clear image of a person with another passport-style photo, it is not as effective when used with low-quality images like the ones the FBI released on Thursday. The standard for facial recognition to be accurate requires 90 pixels of resolution between the two eyes of the pictured person. The pictures the FBI released of the suspects were about 12 pixels between the two eyes, said Jim Wayman, the director of the National Biometric Center.

and..
Facial-recognition technology to help track down criminals – Humans are still better at it (Kuwait Times)

Search for Boston bombers likely relied on eyes, not software (Reuters)

These last two reminded me of the (Facial Recognition vs Human) & (Facial Recognition + Human) post from November 2011.

In the Boston case, it looks like there were two barriers to effective use of facial recognition technology in identifying the suspects. On the “evidence” (probe) side, the image quality was poor. On the enrollment (database) side the only “correct” match was likely to be in a very large database such as the Massachusetts DMV database.

If only one of these conditions were true — for example a bad probe against a small database, or good probe against a large database — facial recognition technology might have been of more help.

Crowd-sourcing the ID challenge to a large number of human beings that operate with a lot more intelligence and information than facial recognition algorithms is another option. It’s been used with photographs since at least 1865 and without photographs since at least 1696.

One crowd-sourcing fact that law enforcement officials must consider, however, is that the suspect is almost certainly in the sourced crowd. If the suspect already knows he’s a suspect, that’s not a problem. If he doesn’t already know he’s suspected, that information is the price of getting the public’s help which means facial recognition technology will retain its place in the criminal ID toolkit.

UPDATE:
Boston police chief: facial recognition tech didn’t help find bombing suspects (Ars Technica)

“The technology came up empty even though both Tsarnaevs’ images exist in official databases: Dzhokhar had a Massachusetts driver’s license; the brothers had legally immigrated; and Tamerlan had been the subject of some FBI investigation,” the Post reported on Saturday.

Facial recognition systems can have limited utility when a grainy, low-resolution image captured at a distance from a cellphone camera or surveillance video is compared with a known, high-quality image. Meanwhile, the FBI is expected to release a large-scale facial recognition apparatus “next year for members of the Western Identification Network, a consortium of police agencies in California and eight other Western states,” according to the San Jose Mercury News.

Networked IT ID management in the real world

Passwords are the weak link in IT security (Computerworld)

Password security is the common cold of our technological age, a persistent problem that we can’t seem to solve. The technologies that promised to reduce our dependence on passwords — biometrics, smart cards, key fobs, tokens — have all thus far fallen short in terms of cost, reliability or other attributes. And yet, as ongoing news reports about password breaches show, password management is now more important than ever.

All of which makes password management a nightmare for IT shops. “IT faces competing interests,” says Forrester analyst Eve Maler. “They want to be compliant and secure, but they also want to be fast and expedient when it comes to synchronizing user accounts.”

Is there a way out of this scenario? The answer, surprisingly, may be yes.

It goes on from there to cover several different solutions, including biometrics.

Three Sides of the Same Coin

Late last week, while engaging in my routine news perusal, I came across a few items that while very different, struck me as being somehow connected:

Getting a facial (BCS.org – UK)

Reversing Poor Data Management Culture (This Day Live – Nigeria)

Coriander, son of Pulao, Aadhaar No 499118665246 (DNA India)

In order, they are: a high-level interview with a computer scientist interested in quantifying the behavior of the human face at both the macro and micro levels; a litany of failures to even bring order to — much less make the most of — a developing country’s IT investments; and a high-profile case of how one individual can make an entire national effort look bad.

But this summary is, well, more summary: They are a visionary’s perspective, a cat-herder’s lament, and an embarrassing insubordination.


Each piece captures a slice of the dramatic interaction of humans and IT-based technologies (in these cases, biometrics and biostatistics) designed to identify people or interpret their physical state.

Together they inform some of the themes I’m always banging on about here. “ID management is about people.” “It’s not the tech, it’s the people.” “Technology is an management tool, but it can’t run an organization by itself.” “ID management systems are an amazing leap-frogging technology for the developing world.” “ID perfection is not the proper metric, Return on Investment (ROI) is.”

A closer examination of each article follows in…
A Visionary’s Perspective,
The Cat-Herder’s Lament – IT and Organizational Culture and
An Embarrassing Insubordination – It Takes a Human To Give Coriander an ID

The Cat-Herder’s Lament – IT and Organizational Culture

Reversing Poor Data Management Culture (This Day Live)

In the conduct of studies in less developed countries (LDCs), while great emphasis is placed on study design, data collection and analysis, very often, little attention is paid to data management. As a consequence, investigators working in these countries frequently face challenges in cleaning, analysing and interpreting data. In most research settings, the data management team is formed with temporary and unskilled persons.

This article offers a lot of detail about how and why organizations crash into the hard lesson that biometrics for ID management (or any IT system, for that matter) can’t run an organization by themselves. The efficiencies and return on investment offered by biometric ID management (and other IT) systems are so great that they are almost irresistible. While they make organizations easier to manage, they can never truly operate outside the cultural environment where they reside.

When a hallmark of a management culture is to carve out administrative turf and defend it to the last, things like this happen:

Nine years ago, Nigeria spent billions of naira on the National Identity Card Scheme (NICS), and another huge amount was gulped by the National Census in 2006. Last year, the Independent National Electronic Commission (INEC), spent close to N90 billion on a voter registration exercise, while the Nigerian Communications Commission (NCC) spent an unjustified N6 billion on SIM card registration. This year, the National Identity Management Commission (NIMC) is at it again as it seeks to expend N30 billion for a national ID scheme.

The issues discussed in the article are faced by all sorts of large organizations, not just LDC’s. A lot of the complaints would sound exactly the same coming from inside large universities in the United States.

Read the whole thing.

Back to Three Sides of the Same Coin

Translate »