This is the 52nd article in the award-winning “Real Words or Buzzwords?” series about how real words become empty words and stifle technology progress, also published on SecurityInfoWatch.com.
By Ray Bernard, PSP, CHS-III
The proliferation of IoT sensors and devices, plus the current impacts of the COVID-19 pandemic, have elevated the capabilities and the importance of presence technologies.
★ ★ ★ GET NOTIFIED! ★ ★ ★
SIGN UP to be notified by email the day a new Real Words or Buzzwords? article is posted!
Real Words or Buzzwords?
The Award-Winning Article Series
#1 Proof of the buzzword that killed tech advances in the security industry—but not other industries.
#2 Next Generation (NextGen): A sure way to tell hype from reality.
#3 Customer Centric: Why all security industry companies aren't customer centric.
#4 Best of Breed: What it should mean to companies and their customers.
#5 Open: An openness scale to rate platforms and systems
#6 Network-friendly: It's much more than network connectivity.
#7 Mobile first: Not what it sounds like.
#8 Enterprise Class (Part One): To qualify as Enterprise Class system today is world's beyond what it was yesterday.
#9 Enterprise Class (Part Two): Enterprise Class must be more than just a top-level label.
#10 Enterprise Class (Part Three): Enterprise Class must be 21st century technology.
#11 Intuitive: It’s about time that we had a real-world testable definition for “intuitive”.
#12 State of the Art: A perspective for right-setting our own thinking about technologies.
#13 True Cloud (Part One): Fully evaluating cloud product offerings.
#14 True Cloud (Part Two): Examining the characteristics of 'native-cloud' applications.
#15 True Cloud (Part Three): Due diligence in testing cloud systems.
#16 IP-based, IP-enabled, IP-capable, or IP-connectable?: A perspective for right-setting our own thinking about technologies.
#17 Five Nines: Many people equate high availability with good user experience, yet many more factors are critically important.
#18 Robust: Words like “robust” must be followed by design specifics to be meaningful.
#19 Serverless Computing – Part 1: Why "serverless computing" is critical for some cloud offerings.
#20 Serverless Computing – Part 2: Why full virtualization is the future of cloud computing.
#21 Situational Awareness – Part 1: What products provide situational awareness?
#22 Situational Awareness – Part 2: Why system designs are incomplete without situational awareness?
#23 Situational Awareness – Part 3: How mobile devices change the situational awareness landscape?
#24 Situational Awareness – Part 4: Why situational awareness is a must for security system maintenance and acceptable uptime.
#25 Situational Awareness – Part 5: We are now entering the era of smart buildings and facilities. We must design integrated security systems that are much smarter than those we have designed in the past.
#26 Situational Awareness – Part 6: Developing modern day situational awareness solutions requires moving beyond 20th century thinking.
#27 Situational Awareness – Part 7: Modern day incident response deserves the help that modern technology can provide but doesn’t yet. Filling this void is one of the great security industry opportunities of our time.
#28 Unicity: Security solutions providers can spur innovation by envisioning how the Unicity concept can extend and strengthen physical access into real-time presence management.
#29 The API Economy: Why The API Economy will have a significant impact on the physical security industry moving forward.
#31 The Built Environment: In the 21st century, “the built environment” means so much more than it did just two decades ago.
#32 Hyper-Converged Infrastructure: Hyper-Converged Infrastructure has been a hot phrase in IT for several years, but do its promises hold true for the physical security industry?
#33 Software-Defined: Cloud-computing technology, with its many software-defined elements, is bringing self-scaling real-time performance capabilities to physical security system technology.
#34 High-Performance: How the right use of "high-performance" can accelerate the adoption of truly high-performing emerging technologies.
#35 Erasure Coding: Why RAID drive arrays don’t work anymore for video storage, and why Erasure Coding does.
#36 Presence Control: Anyone responsible for access control management or smart building experience must understand and apply presence control.
#37 Internet+: The Internet has evolved into much more than the information superhighway it was originally conceived to be.
#38 Digital Twin: Though few in physical security are familiar with the concept, it holds enormous potential for the industry.
#39 Fog Computing: Though commonly misunderstood, the concept of fog computing has become critically important to physical security systems.
#40 Scale - Part 1: Although many security-industry thought leaders have advocated that we should be “learning from IT,” there is still insufficient emphasis on learning about IT practices, especially for large-scale deployments.
#41 Scale - Part 2: Why the industry has yet to fully grasp what the ‘Internet of Things’ means for scaling physical security devices and systems.
#42 Cyberspace - Part 1: Thought to be an outdated term by some, understanding ‘Cyberspace’ and how it differs from ‘Cyber’ is paramount for security practitioners.
#43 Cyber-Physical Systems - Part 1: We must understand what it means that electronic physical security systems are cyber-physical systems.
#44 Cyberspace - Part 2: Thought to be an outdated term by some, understanding ‘Cyberspace’ and how it differs from ‘Cyber’ is paramount for security practitioners.
#45 Artificial Intelligence, Machine Learning and Deep Learning: Examining the differences in these technologies and their respective benefits for the security industry.
#46 VDI – Virtual Desktop Infrastructure: At first glance, VDI doesn’t seem to have much application to a SOC deployment. But a closer look reveals why it is actually of critical importance.
#47 Hybrid Cloud: The definition of hybrid cloud has evolved, and it’s important to understand the implications for physical security system deployments.
#48 Legacy: How you define ‘legacy technology’ may determine whether you get to update or replace critical systems.
#49 H.264 - Part 1: Examining the terms involved in camera stream configuration settings and why they are important.
#50 H.264 - Part 2: A look at the different H.264 video frame types and how they relate to intended uses of video.
#51 H.264 - Part 3: Once seen as just a marketing term, ‘smart codecs’ have revolutionized video compression.
#52 Presence Technologies: The proliferation of IoT sensors and devices, plus the current impacts of the COVID-19 pandemic, have elevated the capabilities and the importance of presence technologies.
#53 Anonymization, Encryption and Governance: The exponential advance of information technologies requires an exponential advance in the application of data protection.
#54 Computer Vision: Why a good understanding of the computer vision concept is important for evaluating today’s security video analytics products.
#55 55 Exponential Technology Advancement: The next 10 years of security technology will bring more change than in the entire history of the industry to now.
More to come about every other week.
About a year and a half ago I wrote about Presence Control, because technologies were emerging for presence control and I provided two definitions and three technology examples. I also wrote about the four privacy perils that presence control brings. Now more presence-related technologies are emerging, some relating to the COVID-19 situation, and as technology has greatly advanced – so have the privacy perils.
In that previous article, I wrote, “As technology advances, we must continually be on the alert not to restrict ourselves to legacy thinking and concepts regarding the design and management of built-environment security, safety and productivity. Built environment refers to human-made surroundings that provide the setting for human activity, ranging in scale from buildings to transportation systems to parks. We must also be alert to new terminology that better defines or describes emerging technologies and how we can apply them – or we’ll miss out on new security capabilities simply because we’ve given them legacy labels.” It’s still very true.
“Presence control” is one such term. It describes what is already being done in smart buildings and elsewhere but has been given ho-hum labels like “integration”, “trigger” and “activation”, which describe how it is accomplished but not what it actually is. It is the concept that is most important, because it opens the door to new thinking and, as is the case with this term, can inspire us to extend the capabilities of systems and devices we already have in place.
I’m now adding to the initial two definitions of presence control to give us a list of the current uses of presence technologies.
Presence Technology Uses
- Controlling or directing where individuals and groups should go or be at any given moment within a built environment.
- Using the presence of individuals or groups to control the elements or behavior of a built environment.
- Sensing and monitoring presence factors, such as social distancing and occupancy levels, for health, safety, security or environmental control reasons.
- Realtime remote presence monitoring of people, animals, vehicles and so on for a wide variety of situational awareness and situation management reasons.
- Establishing a passive or active remote presence, such as drone surveillance, telemedicine or robotic surgery, where actual presence isn’t feasible, but some presence-related capabilities are desired or needed.
Advances in ground-based and satellite communications, data processing and cloud technologies are bringing massive-scale real-time capabilities to presence technologies, enabling levels of situational awareness and real and near-real time control that haven’t been possible before. These include wearable and other mobile technologies.
Again, thanks to go the Ticto folks (pronounced “tic-too”), now part of RightCrowd, for introducing the term “presence control” for built environments, relating to their visual security wearables that are used to monitor, control and provide visual status of who is authorized be present within a facility or managed open area. This contrasts with traditional access control, which only controls who can open a door or gate.
Digicon is a manufacturer of the dFlow line of optical turnstiles (dFlow) that facilitate the rapid flow of people through their innovative pedestrian gate design, dViator, which, for example, routes authorized people straight ahead or to the left or right, while routing unauthorized people in a different direction to a receptionist, security desk or back out to the entrance side of the turnstile or gate area. The traffic flow is not stopped due to the presence of an unauthorized individual. People are simply sent in different directions based on their status. (See the videos at the dFlow link.)
The dViator system can send messages to a display monitor (or other types of electronic displays) that provide specific instructions based on individual or group status such as being unauthorized, having an expired credential, being a contractor whose company’s insurance has expired, or other qualifications. For example, an unknown person might be displayed one set of instructions, while personnel with an expired credential may be told to obtain a visitor’s pass and given directions to the badging office. An contractor whose company’s insurance certificate has expired may be directed to a security office or other service desk so that appropriate arrangements can be made to regain access.
Due to COVID-19, this and other approaches to personnel flow control are now having one-second pre-entry temperature screening applied, an area of emerging technology that will require this article to be updated within a few months.
Contract Tracing with Privacy
I was recently introduced to a new contract tracing solution, AlertTrace, that was specifically designed with data privacy in mind and is deployable within hours, thanks in part to the system being cloud-based. The system can also be deployed fully on-premises where that is an organizational preference or requirement. Importantly, the product is not based on smartphone apps, but on small purpose-built wearable devices. That eliminates a whole host of deployment rollout and user concerns. It can be deployed completely consistent with the guidelines in the ACLU white paper titled, Government Safeguards for Tech-Assisted Contact Tracing.
The wearable devices are about the size of a stack of five U.S. quarter coins and can be clipped onto clothing or an ID badge, or worn around the wrist. The system uses end-to-end encryption and anonymizes its data to prevent the ability to identify users from the raw data alone. It doesn’t track employee whereabouts, only the distance between one device and another. It’s like an unmarked employee ID badge that knows when it’s near other ID badges. The data belongs to the customer organization, and data handling can be performed consistent with the organization’s existing data security practices. The system can perform automatic firmware updates of the wearables, an important product security feature required for manageability at scale for high device count deployments.
Human Factors Detection
It is now possible with reasonably priced low-power radar sensors, the size of a two or three hockey stacked up, to monitor body motion, breathing and heartbeat in a work or home area for detection of falls, sleep apnea episodes, and other situations. This type technology can be used to reduce lone worker risk, for example. The technology can monitor balloon-shaped zones up to about 32 ft. from the sensor, the size of the zone depending upon the sensor model. The technology allows for overlapping zones and has very high accuracy. It’s also capable of zone occupancy counting, passageway traffic counting and room entry/exit counting. This article will be updated soon to mention at least one such technology.
There are important privacy concerns that need serious consideration when implementing any product or system feature that uses presence technologies:
- Information oversharing
- Cyber tracks
- Cyber snooping
- Data stewardship
- Data governance
Information oversharing occurs when more information is shared than is needed for the specific purpose of the feature or function. For example, listing the full contact information of all meeting participants, when all that’s needed is the individual’s name – because the individuals are already known (or will be) to the other meeting participants.
Cyber tracks are the bits of information left behind that others can see later, after time period when the information is needed has passed. This is information lifecycle management in miniature: where is the information going? How long must it stay there? How will it be permanently deleted?
Cyber snooping is what it sounds like, people looking around for bits of personal information that they have no business knowing. Information oversharing and cyber tracks are what make cyber snooping possible.
Consent is especially important given the arrival of GDPR and other privacy regulations. Consent must be an element of any personal information collection and distribution. Before you use personal information that is available to use, you should be aware of the conditions that govern the use of that information, including the specific elements of utilization that the individual consented to when providing that information. For example, if a security or other system interfaces with an Active Directory database, was consent given to use that information for the purpose that is now being considered? This warrants close attention due to the personal and corporate legal issues and related penalties that are involved.
The overall concept of stewardship is the performance of responsible planning and management of resources. Data stewardship is the management and oversight of an organization’s data assets to help provide business users with high-quality data that is easily accessible in a consistent manner. Data stewardship ensures the integrity, usability, and security of the organization’s data.
Data stewardship involves hands-on roles that are typically performed by individuals referred to as data stewards, usually not a full-time role but simply an assigned responsibility. Usually there are multiple data stewards who are individuals that have operational roles in deploying and using the technologies involved in the data generation, storage and usage. Data stewards’ collective efforts improve the utilization and accuracy of data and information in a way that drives business performance and mitigates organizational risk.
Data stewardship is part of the organization’s data governance program. Data governance assures the availability, visibility (knowing what data is available where, and ensuring that business functions for whom the data has value are aware of it and can obtain appropriate access to it), usability, integrity and security of the data employed in an enterprise.
Data governance is a strategic function that does not directly deal with data, but sees that the people, policies and processes are in place and functioning as they should be to manage the data assets. Data stewardship is tactical in that each data steward’s focus is on a particular set of data being used by or generated by a particular business function.
The definitions above are based on those in a white paper I wrote for the Security Industry Association titled, Big Data and Privacy for Physical Security, which you can read online or download.
Note that future updates to this article will include emerging technology satellite video applications.
Emerging technologies are providing new capabilities that enhance security and safety, enhance business operations, and also improve the built environment experience. As with all trends relating to information technology the two IT megatrends apply: technology capabilities go up, as technology costs go down. These trends are a factor in the increasing use of presence technologies, which should always be brought under the umbrella of the customer organization’s data governance practices.
Ray Bernard, PSP CHS-III, is the principal consultant for Ray Bernard Consulting Services (RBCS), a firm that provides security consulting services for public and private facilities (www.go-rbcs.com). He is the author of the Elsevier book Security Technology Convergence Insights available on Amazon. Mr. Bernard is a Subject Matter Expert Faculty of the Security Executive Council (SEC) and an active member of ASIS International.