Subscribe to Monitoring Matters RSS Feed

Monitoring Matters

by: Ginger Hill - Wednesday, July 1, 2020

COVID has taken the physical world virtual. As stay-at-home orders abounded, and quite frankly, should still be observed, along with wearing masks, social distancing and washing of hands, colleagues, family, friends, clubs and other groups hit the virtual world to do business, stay connected and attempt to have some sort of calmness amid pure chaos. At the same time, threat actors and cybercriminals were at the ready, armed with a playbook of schemes to run interference. 

The platform of choice quickly became Zoom, offering free and cost-effective paid options, positioning Zoom to not only become more of a household and corporate name, but as a huge target for cybercriminals looking to gather information and data to use in phishing, vishing and mishing attempts, ransomware attacks and other virtual crimes. And, at first, due to Zoom’s lax security, intrusive videobombers were successful and a barrage of privacy breach lawsuits followed to which the CEO vowed to fix security issues in 90 days, starting April 1st. 

Well, it’s July 1st, exactly 90 days out, so is it time for Zoom to take a bow or “zoom” away into extinction? 

Based on Zoom’s CEO’s blog, I’d say, Zoom is here to stay. Here’s the progress Zoom has made toward a safer, more secure platform:

1. Enactment of a 90-day freeze on all features not related to privacy, safety or security and released over 100 features, such as meeting defaults including passwords, waiting room and limited screen sharing.

2.  Worked with a group of third-party experts to review and enhance the company’s products, practices and policies. 

3.  Prepared a transparency report detailing information related to requests for data, records or content. 

4.  Developed a Central Bug Repository and related workflow processes. 

5.  Launched a CISO council to facilitate ongoing dialogue about security and privacy best practices.

6.  Engaged in a series of simultaneous white box penetration test to identify and address issues. 

7.  Hosted 13 webinars every Wednesday since April 1st featuring company executives and consultants who took live attendee questions.

Just as the security industry has and is learning how to pivot, companies like Zoom are also having to pivot in order to stay safe and relevant during COVID and beyond. Being a part of the security industry and in my opinion, we understand this pivoting process and how it creates trust, integrity and fosters strong relationships; therefore, maybe we can all give Zoom a second chance.

Here’s some security tips to consider when using Zoom:

1.  Always join Zoom meetings through a web browser, not desktop software since the web browser version gets security enhancements faster. 

2.  When hosting a Zoom meeting, ask participants to sign in with a password, making Zoom-bombing less likely. 

3.  Don’t use social media to share conference links! Trolls find this information there and can easily figure out how to bomb your meeting. 

4.  Enable the waiting room feature so that participants wait until the host approves each one, giving control over who joins the meeting. 

5.  Limit screen-sharing ability only to the participants who need to share their screens. 

6.  STOP. THINK. ACT. THEN SPEAK. Consider what and how you say things during a Zoom meeting and what perception it will convey to others. Remember, people can actually SEE your facial expressions, but not necessarily your body language, which can interfere with how messages are received. Also, close all other windows on your computer screen to prevent others from seeing what else you’re up to, especially if you happen to be looking for another job or buying a surprise gift for someone! 

by: Ginger Hill - Wednesday, June 17, 2020

I feel like I should start this week’s blog post with “once upon a time …” yet that phrase typically fosters good memories of childhood fairy tales that usually led to happy endings, where the prince and princess live happily ever after. The tale I have for you today, unfortunately, is that of cybersecurity nightmares.

Getting right to the point, our very own Central Intelligence Agency (CIA), the group that should be outfitted with the top echelon of professionals who seek to serve the federal government of the United States by gathering, processing and analyzing global data, was hacked, releasing 34 terabytes of data, approximately 2.2 billion pages of information, where all eyes were privy to “secret” information. 

What’s worse? If that data had not been published, the CIA’s elite hacking unit — Center for Cyber Intelligence — would probably never have learned of the breach. 

Let that sink in for a moment.

Instead of securing systems already in place, the CIA’s team of elite hackers — sophisticated people who secretly access cameras and microphones on foreign targets’ smart devices and hack into adversary’s systems to steal design plans on advanced weapons that could later be used on the United States or our allies — were more enthralled with building cyber weapons. This decision snowballed into what U.S. officials have said was the biggest unauthorized disclosure of classified information in CIA’s history, causing the agency to shut down some intelligence operations and alerting foreign adversaries to the United States’ spy techniques.

According to a leaked report, the breach was an insider job, allegedly committed by a CIA employee, due to security procedures being “woefully lax” within the Center for Cyber Intelligence. The report also discovered that:

  • The United States’ most sensitive cyber weapons were not separated into parts; 
  • System users shared administrator-level passwords; 
  • No effective thumb drive controls were in place; and 
  • Historical data was available indefinitely to users.

 

I’m by no means a lawyer nor a politician, but seems like at the core of this debacle is a simple case of not implementing checks and balances that came back to haunt. And, while most princes are “charming,” I must say, Joshua Schulte, former CIA employee who worked at the Center of Cyber Intelligence and is on trial accused of stealing this data, is not charming in the least.

by: Ginger Hill - Wednesday, June 10, 2020

The struggle is real in this COVID-19 world we’re all living in with so many uncertainties, concerns, distracted thinking, working from home … the list goes on and on. A huge concern that employers and employees must realize is that to enable continued, gainful employment and the ability to work from home, technology/hardware has to be protected from threat actors and processes have to be in place to fend off cyberattacks. 

First, thinking must shift to that of protection, then the light-bulb realization that cyberattacks have and can destroy companies must be understood, followed with proper action taken now. 

Easy access - phishing

People working from home may be stressed and distracted — one of their family members or friends has tested positive for COVID; the dog barks at every slight noise; kids screaming, running around the house; spouses/partners working from home; trying to figure out what to make for dinner; doing laundry; loading/unloading the dishwasher between emails; etc. People are literally “half thinking,” putting themselves in cruise control when it comes to work duties. The bad guys know all of this and are taking advantage of and preying on you and other work from homers. (Doesn’t that tick you off? It makes me furious!) 

What are the bad actors doing? Deploying phishing campaigns that look very real and even “feel” real to recipients. These are known as “client-side” attacks and some are so well-done they can fool anyone!

What can employers do? Ramp up efforts on phishing awareness training and simulations. Encourage work from homers to “go phishing” by sending fake phishing emails to see which employees take the bait. Offer prizes to employees who don’t fall for it, such as awarding grocery store gift cards to the first 5 employees who email a certain person within the organization saying they discovered a phish!

What can employees do? 

  1. Separate devices for work/personal use, if possible. 
  2. Consider using direct Ethernet connection. 
  3. Ensure wireless connection is not open and is very secure. 
  4. Use VPN to access/interact with employer systems/data. 
  5. Upgrade router and modem firmware. (Usually internet and/or cable providers will upgrade modem firmware but verify this with them).

Mobile devices – where have you been? 

Eerily, iOS devices keep a record of all location data, so obviously Apple, third parties, whomever the data is sold to, bad actors who want to stalk or harass others, etc. can access this data. 

In other words, bad actors can determine exactly where you’ve been, physically, and likely to return to at a later date! 

Check this out: on your iOS device go to settings – privacy – location services – system services – significant locations = a list of all past locations you’ve been!

All I can say is: Turn. It. Off.

Smart devices in the home 

Remember, all services tied to smart/IoT devices are accessed through the cloud and a lot of people use the same credential across various accounts. If the cloud is hacked, threat actors gain access to your login information and then use this credential to try to hack all your devices or systems. So, if you’ve heard it once, you’ve heard it a thousand times … “make sure your passwords are robust and use different passwords/credentials for every account you have.”

Should a threat actor gain access to your smart devices, he or she can use knowledge gained or videos of you in your home as blackmail or extortion. And, remember, most of these devices allow sound as well, so bad actors could be listening to conversations you are having with your employer, co-workers, clients, etc. 

What employees can do? When having confidential and/or work-related conversations at home, unplug your cameras, then you don’t have to worry about anything! 

by: Ginger Hill - Wednesday, May 13, 2020

The #SSNTalks’ Team is passionate about recognizing diverse, talented, young security professionals representing the next generation of industry leaders via our yearly “40 under 40” awards. We are thrilled to currently be seeking our “40 under 40” Class of 2020, comprised of consultants, integrators, monitoring professionals and end users. Submit nominations online here.

“I have always considered SSN’s ‘40 under 40’ the ‘gold standard’ in our industry and being recognized really made my family and I proud that colleagues that I worked with valued my work and wanted to have me recognized,” Randy Guarneri, vice president of Loss Prevention, Fresh Value Supermarket and SSN’s Class of 2019 award-winner, told SSN

The “40 under 40” Class of 2019 recognized many with military and law enforcement backgrounds, who showed how the IT sector is drawing young talent into the security industry. The Class of 2019 also gave advice on how to help diversify the industry and many were bullish on cloud, AI, machine learning and analytics. 

“When I received word from Ginger Hill, managing editor of SSN, that I was selected to this illustrious group, to me, it was like a sports hall-of-famer getting that call that they were inducted into the sport they played Hall of Fame,” Guarneri remembered. “Only the ‘best of the best’ can enter this prestigious class each year.” 

The SSNteam is excited to see what the Class of 2020 brings to the security industry in terms of talent, leadership qualities, business acumen, tech-savviness and commitment to our industry, as well as celebrate them accordingly with: 

·      A special ceremony at SecurityNext

·      A personalized profile on our website and in the October and November 2020 issues of Security Systems News

·      A special logo to use in email signatures, on social media, etc., establishing them as part of our Class of 2020; and 

·      Opportunities to be interviewed and quoted in our future endeavors to help further establish them as industry thought-leaders.

“Colleagues, friends and even yourself should nominate for this renowned award that recognizes hard work, leadership, integrity, dedication to their field and true passion for that is done in the field day in and day out, while being committed and making a huge influence in the field,” Guarneri encouraged. “A person can have one year or 25 years on the job to exhibit some of the characteristics listed to enter SSN’s ’40 under 40’ Class of 2020.”

To be eligible for SSN’s ’40 under 40’ Class of 2020, nominees must have been born in 1980 or later; work at a system integration firm, alarm installation company or central monitoring center; work in a security professional role for an end user; or be a security industry consultant; and complete/submit the online nomination form.

“Each year a special and entirely new class enters,” Guarneri explained. “The award is far from a ‘life-time’ achievement award, but rather an award that recognizes ‘best’ in class by those that are ‘best in class.’”

*Questions regarding this prestigious award can be directed to SSN Editor, Paul Ragusa, at editor@securitysystemsnews.com or SSN Managing Editor, Ginger Hill, at ghill@securitysystemnews.com

by: Ginger Hill - Wednesday, April 29, 2020

I venture to say that the “corona-crisis” is not the first “crisis” you’ve had to deal with as a business owner, employee, parent, son, daughter, brother, sister, grandparent, aunt, uncle … nor will it probably be the last. That’s not thinking negatively, either; that’s just based on the uncertainty of life and the human inability to predict the future. 

So, here’s the deal … we are all coping with the same coronavirus crisis right now and that is the one common denominator that we all have with each other, the “crisis connection,” if you will. But, it’s how you communicate with others during this time that will deem you a success or a failure, professionally and personally.

I recently sat in on a SIA MarketShare webinar with Janet Fenner, SIA Membership and Marketing Committee and member, SIA Board of Directors; Kevin Friedman, principal, Maize Marketing and Jody Ross, vice president of sales, AMAG and member, SIA Board of Directors, and their overall combined message really resonated with me as they emphasized the importance of being empathetic.

“We’re learning as we go,” Friedman said, “it’s really about empathy and being empathetic toward our customers and our employees and our sales staff, and showcasing this is one thing we’re all in together.” 

When I was a teacher, I learned that a student doesn’t care what you’re trying to teach them or say to them, if the student doesn’t feel, know and understand that you generally, authentically care — nothing else you try to do with that student matters. A barrier has been placed, blocking all efforts. And, trust me, if you fake it, they know. The same holds true in all human-to-human relationships. 

“Instead of trying to go for the sale, go for checking in on them [customers]," Fenner said. “Make sure that they’re okay; they’re families are okay; and the more you speak with them, you learn about what their ‘after normalcy’ is going to look like, so you know how to support their efforts.” 

Ross added the importance of listening. “You have to listen to them [customers] and again, empathy,” she said. “You can’t be a bulldog moving forward and pushing them [customers] right now. Everyone is struggling. So, you have to listen.” 

So, what exactly is empathy? It’s simply the ability to understand and share the feelings of another. We’re all going through the same coronavirus situation; this common denominator gives us the ability to literally understand what others are going through. People are craving connection right now, and it’s the companies and businesses who take the time to authentically reach out and listen, hear and understand what others are saying that will come out of this pandemic ahead with strong partnerships and relationships in place.

This isn’t the time for simply “hi, how are you?” with the typical reply of “I’m good.” Nor is it “about pushing product down throats; it’s about checking in … let’s just talk in ‘normal,’” Friedman said.

by: Ginger Hill - Wednesday, April 15, 2020

I’ve been hearing and seeing the use of the word “nimble” lately when it comes to security businesses continuing their success during this trying time of the coronavirus, working from home and social distancing as our new norm. A recent example comes from an online panel organized by Arcules in which Ryan Schonfeld, founder & CEO of RAS Security Group and SSN “40 under 40” class of 2019 said: “ … I think being able to be nimble and adapt to changes quickly is going to be critical.” 

What does “nimble” actually mean and how can it be used in business? 

According to Merriam-Webster, nimble is an adjective that means quick and light in motion, like being agile as well as marked by quick, alert, clever conception or resourcefulness, responsive and sensitive. 

For me, the word nimble brings back memories of nursery rhymes  — “Jack be nimble; Jack be quick; Jack jump over the candlestick.” Which, you’re jumping over fire, it’s a good quality to be “light in motion, agile.” 

Let’s suppose for a minute that the candlestick in full flame in this age-old “rap” is 6-foot-tall and represents the coronavirus and let’s pretend you’re Jack, a well-dressed, savvy, security-industry business man (or woman, “Jackaline”). The only thing holding you back from your next million-dollar deal is a 6-foot burning candle right in front of your face. 

You can see the wax melting, drip by drip and feel the heat from the flame. You have no room to back up and gain momentum as you run forward to leap over it; there’s no room on either side to sneak past; there’s no way under it; there is no sort of hoist to lift you over dangling from the ceiling … it’s just you and a 6-foot burning candle. What are you doing to do? 

Simple. Be nimble. Be quick, agile, clever and resourceful. Be responsive yet sensitive. 

  1. Quick – fast in development … make/devise a plan. 
  2. Agile – well coordinated in movement … effectively execute the plan.
  3. Clever – mentally bright, sharp intelligence … use the things you’ve learned in the past, and don’t be afraid to try and learn new things.
  4. Resourceful – capable of devising a way … don’t second guess yourself; once you’ve made a plan, stick to it, but also be “responsive” to your plan. 
  5. Responsive – being prompt and willing … ready and inclined to take charge and make changes if necessary to your plan, business, personal life, etc.
  6. Sensitive – aware of and responsive to the feelings of others … consider your employees and customers needs, and do whatever you can to help. 
by: Ginger Hill - Wednesday, April 8, 2020

One thing I’ve noticed throughout this whole COVID-19 pandemic is the increase in cybersecurity hardening tips, tricks and solutions promoted on social media, adding to the already seemingly constant mentioning and discussion of data breaches taking place all over the globe. The more people see or hear of something, the less likely they are to take notice and actually do something.

Take the car alarm as an example. When this technology first became popular, very few people had heard the sound that a car alarm makes, so when it went off, people took notice. Now, in present day, car alarms are hardly even noticed, perhaps only when one is going off outside our bedroom window at 2 a.m. 

Therefore, it’s easy to understand how people can become fatigued with cyber breaches and why complacency can result. Of course, this is right up cybercriminals’ alleys. As consumers become more and more desensitized to data breaches, the more each becomes just “noise,” and not a thing to take seriously.  

I recently sat in on a virtual Women in Cybersecurity (WiCyS) panel discussion, “Cyber Breach Fatigue,” to gain more information. Panelists included Rhonda Bricco, service delivery manager and Cat Goodfellow, cyber engineering director, both at UnitedHealth Group and at Optum, Deb Doffing, information security, technology management professional and Sue Perkins, general management director.

Fact: During Q1-Q3 of 2019, 5,183 cyber breaches were publicly disclosed, resulting in 7.9 billion exposed records.

“A billion, a trillion … I don’t think the number of exposed records moves the needle anymore,” Goodfellow said. “I doubt there’s an adult today who’s personal information hasn’t been inadvertently released.” 

The thing is, unless you’ve been personally affected by a data breach and/or suffering a painful experience as the result, then, more than likely, reports seen about data breaches in all media outlets become just meaningless background noise. 

“A lot of [people] out there are becoming apathetic and despondent, and these breaches are becoming the norm, especially when the breaches are caused from a huge range of skills, from teenagers to very sophisticated teams extracting or manipulating information,” Doffing said. 

And, now for the “elephant in the room,” COVID-19. This pandemic has prompted breaches and phishing campaigns like never before seen. 

“We really need to pay attention and educate how important it is to be diligent during this time because people are really getting damaged personally, just with a click of the mouse,” Bricco warned. 

In the current virtual landscape and moving into the future, we all must fight cyber breach fatigue and complacency. It’s time to once and for all acknowledge that data breaches will happen; they impact lives; and there are actions to take to prevent personal data from getting breached/stolen, so complacency isn’t an option. 

“Understand the cost [not just financially] of potential breaches … and the risk of that breach,” Perkins said, “understanding these two components helps people understand what needs to be done.” 

Make now the time you took control of your personal information by taking action:

  • Demonstrate good password hygiene by using strong, different passwords for each log in.
  • Use different user IDs for each of your accounts. 
  • Don’t click on unknown URLs.
  • Be careful what you put out there about yourself and your family, including pictures, on social media platforms. 
  • Be mindful on what ads you click on. Cybercriminals watch these habits, learn what you like and then use that against you, for example, via a phish, vish or smish
  • Become more cybersecurity minded by asking for and researching security tool recommendations from trusted colleagues and friends.
by: Ginger Hill - Wednesday, March 18, 2020

I refuse to give the coronavirus power by using it as click bait in my blog title; however, staying true to my blog, “Monitoring Matters,” I do see that education is necessary during this time of our lives. I feel that the more people understand and know what to do, the better we are prepared to handle any situation, whether that be a pandemic of any kind, a major cyberattack, etc. So, before we get started, I want to first sincerely thank you for reading my blog and I hope that you not only enjoy the content but find it helpful and useful. 

In my opinion, all the security industry associations are doing a great job at keeping their members as well as the security-related press well informed about the state of our industry at this time; offering up-to-date information about business continuity; etc. 

There’s also a whole other aspect to contend with when it comes to this time of social distancing, quarantining and working from home: cybercriminals! In my lifetime, this is the first time for such an influx of people working digitally; I can picture it now … cybercriminals rubbing their greedy little hands together, excited to attack digitally! Think about it … if you were a cybercriminal, wouldn’t you find it the best time to strike with some businesses and their employees struggling to keep “business as usual,” some even digitally working for the very first time? 

Additionally is the influx of scams already taking place, from people physically knocking on doors of seniors’ residents pretending to be Red Cross representatives offering coronavirus testing for money and/or robbing the individual(s) to unscrupulous online offerings for products to treat or cure COVID-19 (which do not exist at this time) to phishing scams via phone, text and email. 

Here are some quick “to-dos” to immediately enhance your, your business and your loved ones’ security: 

  1. Do not post pictures of the inside of your home on social media. Working from home can feel isolating and while it seems fun and entertaining to post pics of yourself working from home, things that show up in the background of pictures gives a preview of all the valuables you own to possible robbers. 
  2. Change all passwords into passphrases using a series of numbers, letters and symbols. Use a password manager or write the new passphrases onto a piece of paper and keep in a secure place, such as a locked desk drawer, file cabinet or fire-proof lockbox. 
  3. Don’t leave any accounts “open.” When you’re finished with a program or website that requires a login, be sure to physically take your mouse and click to logout. 
  4. If you receive an email, work or personal, from someone you don’t know or recognize, do not open it. Instead, send a group email or use your company’s recommended communication tool, such as Slack, to ask if anyone sent out an email regarding keywords used in the subject line of the questionable email. 
  5. Do not open your door to strangers or people you do not know, and remind senior relatives and friends to do the same. 

 

**Here are some FREE, reliable, valuable resources to have at your fingertips, specific to COVID-19, business continuity, scams, best practices, etc

by: Ginger Hill - Wednesday, March 11, 2020

The more I think about it, the more I realize I’m a “house purist.” I like my home to be as free as possible from “extra” electronics of any kind. Sure, I have a laptop, smartphone and a rebuilt iPAD from 10 years ago, and I’m connected to the Internet, but I don’t have cable TV and quite frankly, I refuse to put a voice assistant of any kind in my home … ever! It creeps me out that some random person can be listening, inserting themselves into my daily existence at any time. 

Recent research backs up my no-voice-assistant decision: 75 percent of U.S. households will be at risk to get hacked via voice assistants by 2025 and inaudible, invisible commands can be injected into voice-controlled devices simply by shining a laser at the device; no spoken words needed. 

Researchers at the University of Michigan and the University of Electro-Communications found that light can be converted to sound using a microphone. This means that a remote attacker standing several meters away from a device, most of which are embedded with the common MEMS microphone, can inject arbitrary audio signals to the target microphone by aiming a laser at the microphone’s aperture, covertly triggering the production on an acoustic pressure wave. Basically, the microphone responds to the laser light as if it were sound. 

So, what devices are vulnerable to this attack, now known as LightCommands? The researchers demonstrated this attack on many commercially available voice-controllable systems that use Siri, Portal, Google Assistant and Alexa. They successful injected LightCommands at a maximum distance of more than 100 meters while penetrating clear glass windows. 

The researchers concluded that additional compromises of third-party hardware, such as lock and cars, can be vulnerable to LightCommands attacks and they believe that the heat caused by lasers can also be an effective way to inject false signals into sensors. 

If you still choose to have voice assistants in your home, at this point the only protection against LightCommands attacks is to: 

  1. Keep all voice assistants non-visible from the outside by physically blocking them from sight from windows; and 
  2. Because LightCommands allows attackers to inject commands as a legitimate user, avoid giving voice assistants access to every single connected IoT device/sensor that you have invited into your life as hackers can hijack any digital smart systems attached.
by: Ginger Hill - Wednesday, February 26, 2020

Having had the privilege of attending three shows during February, I’ve heard this phrase most: “It’s hard to believe that ISC West is already here!” And, quite frankly, I couldn’t agree more! 

As I think back to last year’s ISC West, there were three key trends that resonated with me: 1. deep learning, artificial intelligence (AI) and machine learning (ML); 2. video doorbells; and 3. RMR for integrators. 

Last year, right after ISC West, I reached out to some experts to gather their thoughts regarding these trends. Here’s some of the responses I received to help whet our appetites for ISC West 2020: 

(I wonder how these trends have evolved over the course of about a year; I’m excited to find out in less than a month!) 

How is deep learning/AI/ML currently enhancing the security industry? 

“It’s hard to say … it’s an overused buzzword that is difficult to actually nail down what it means or what it’s doing. Future … likely … now … unlikely.” 

— Mark Hillenburg, executive director of marketing, Digital Monitoring Products

“Deep Learning, a subset of AI research, is primarily helping the security industry in the world of video surveillance/video management. Video is typically the largest source of unstructured data, data with no predefined format on the information contained inside, so in order to process out people, objects, events, etc., typically requires a large amount of processing power and can be very costly. Most of the world’s video typically is recorded and not watched because the manpower to review the amount of video recorded is impossible to achieve. 

Computers are very adept at repeated tasks, such as processing video; however, traditional algorithms for computer vision, the realm of research into video and image processing, were not really able to scale to that high volume without massive computation resources investment. The computer vision research world has really seen a large improvement in the advances deep learning is bringing in terms of increased speed to results, increased accuracy and reduced computation requirement. This will likely continue as time progresses, but the deep learning revolution for video can bring actionable information in previously unmonitored video to operations at a very powerful pace.”  

—Dr. Sean Lawlor, data scientist, Genetec Inc. 

“AI is used today in the security industry to perform tasks like facial recognition and video analytics. While these are impressive accomplishments, they are still atomic in nature in the sense that they represent isolated inputs to the system as a whole.” 

—Paul Saldin, vice president of engineering, Alula

“There has been tremendous progress in video analytics through deep learning and artificial intelligence that surpasses anything created so far. Facial recognition, license plate readers and even things like hard hat and safety glass detection now are a reality. These processes not only enhance security by providing detailed information on who many be coming or going at a business and at what exact time, but they can also improve operations and safety.” 

—Robert Messer, president, ABP Technology 

“Technology advances from deep learning and AI can help improve the accuracy in intrusion detection, and help to reduce false alarms. The security system needs to know when a homeowner is home or away, and needs to track occupants’ movements to initiate activities across the home. Features like smart sensors, geofencing, voice controls and facial recognition have been making systems more intelligent. And, as security continues to integrate with home automation, we’ll see the home become more capable of anticipating the needs of its occupants.” 

—Alice DeBiasio, vice president and general manager, global residential security, Resideo

“Deep learning and AI are making smart security smarter based on data analytics, sample teaching, and intelligent decision making. In other words, it isn’t enough for security devices to simple collect large volumes of data, which they are certainly capable of doing. Deep learning and AI methods can help analyze that data and separate what is important from what is not — or analyze the data to uncover deeper trends and more complex information that the collected data alone cannot. Take video analytics, for example. AI powered video analytics are event-based solutions that apply deep learning and artificial intelligence, efficiently analyzing vast amount of data generated by videos, and generates quick response in real time. This system reduces manual monitoring and associated costs and increases productivity of video surveillance systems. Through the application of AI, video analytics can go far beyond just informing users that a person or other object has entered an unauthorized space. With the information collected from a large number of cameras, companies can apply facial recognition software to identify a specific person approaching a building. In addition, by running analytics, a company can not only alert the user to an unauthorized vehicle approaching a building but can also scan the license plate, giving the security officers information that can be checked with existing databases to determine potential-threat status.”

—Joe Liu, CEO, Miotta

Why are video doorbells so popular among consumers? 

“Marketing and promotion and the proliferation of video as ‘security.’ In reality, security prevents someone from stealing your stuff … where video just lets you know who did it. Video doorbells are very popular, but after living with one for almost two years, I’ll be interested to see if there is a market demand for a second generation of owners. Once you have one, will you spend the money the second time? We will wait and see.”

— Mark Hillenburg, executive director of marketing, Digital Monitoring Products

“Video doorbells are set to experience massive adoption in the security industry in 2019, and it’s no mystery why. Customers love being able to monitor their front door remotely and protect deliveries from would-be porch pirates. This also naturally extends the perimeter of protection for homeowners, and when paired home automation for locks, video doorbells can assist to enable greater access controls for engagement and remote entry management. That said, not all video doorbells are created equal. If you don’t have a fast network on the backend, you’ll experience late alerts and lag during two-way voice chat, which compromises the functionality. You really need a fully integrated system to get the most out of this popular technology.” 

—Brad LaRock, vice president of marketing, Alula

“Situational awareness has always been one of the key attractants in surveillance solutions and video doorbells give us another means to improve our situational awareness. Just like with our businesses, we all want to protect our homes and now what is going on. And, we are also ‘linked in,’ so to speak. Our smartphones, tablets and computers are essentially a part of us and if we can use those devices to see who is at the door and respond in real time, then it makes life for us that much easier.” 

—Robert Messer, president, ABP Technology

“Video doorbells have been a popular trend in the industry and continue to gain momentum. They solve an immediate need, and more consumers are asking for them. Homeowners see the value in being able to see and speak to visitors, and have access through their mobile devices. Dealers should be including video doorbells on every installation.” 

—Alice DeBiasio, vice president and general manager, global residential security, Resideo

What does your company offer in terms of RMR for your integrator partners?

“Recurring monthly revenue (RMR) is the lifeline savvy systems integrators seek to stay profitable, and it can be found in many different technologies, including power solutions. For the end-user customer, managed power solutions offer a value-added solution that ensures system uptime, integrity and reliability. The possibilities to perform managed power services can encompass many physical elements: the main power supply; power system outputs; supervised inputs; and standby batteries. Managed monitoring can include event reports; AC loss notification; service due reminders; overcurrent alert; low-battery warning; and insufficient battery standby. Remote servicing capabilities of power solutions can cover output supervision; battery load testing; remote power cycling; and system health log/trouble alerts. There is also the opportunity to create real-time action alerts and reports via email, XML, web-browser notification or Simple Network Management Protocol (SNMP).” 

—Michael Bone, marketing manager, LifeSafety Power, Inc.

“Mobile medical alerts are a natural fit for security companies. Adding medical alerts expands your security offerings and increases perceived value for your customers because you now offer safety and peace of mind for your customers both at home and away. Security companies have an established customer base comprised of safety-minded individuals who may need medical alert themselves, and there are scores of new customers opportunities available through referrals because each existing customer has a relative or friend who could use a medical alert device.” 

—Craig Pyle, VP of product, Freeus

“March Networks currently offers RMR models to our certified partner community through two hosted services offerings: March Networks Insight and March Networks Searchlight as a Service. Both soutions provide customers with flexible service terms and payment options, and help integrators reduce service costs through expert video system health monitoring support delivered via March Networks’ secure Network Operations Center (NOC).”

—Dan Cremins, global leader, product management, March Networks

“Video is a major driver for new RMR and we are leaning into that opportunity. Our modular approach also means that our partners don’t pay for home automation capabilities unless they will be getting additional RMR from their customers for those services. Because we are vertically integrated and own the network, more of the RMR goes into the integrator’s pocket rather than a third-party provider. All our services are provided at a wholesale rate with no stipulation on what the integrator can charge their customers, so they set their own pricing and can reap the RMR that their market will bear.” 

—Dave Mayen, vice president of product management, Alula

“ABP Technology offers an advanced platform for integrators that allows them to offer customers basic cloud services as well as their own service and value. That means that integrators now can sell their skills integrating, tuning and maintaining their systems”

—Robert Messer, president, ABP Technology

“As the residential security landscape continues to evolve, there is an increasing opportunity for RMR around smart home technologies. Our products are connecting the major systems of the home – on the exterior, behind the wall, on the wall and in the cloud. We believe the security dealer is best positioned to win in the smart home market, and we’re fully committed to helping them deliver the connected experience their customers demand.”

—Alice DeBiasio, vice president and general manager, global residential security, Resideo

“Miotta offers an ‘in-a-box self-configuring connected system’ and collaborative Video-IoT RMR security service for security integrators/operators to offer to their residential and enterprise customers. Miotta’s mobile-cloud ‘virtual’ security service platform allows integrators, security dealers, ISP’s, mobile carriers and more to offer mobile-cloud security services to both residential and enterprise customers.”

—Joe Liu, CEO, Miotta

Pages