Critical Condition: Addressing Cyber-attacks on Healthcare Facilities

Cyber-attacks are a mounting threat practically impossible to ignore for any individual, let alone a large organization. The past year alone has seen a major increase in cyber-attacks on government agencies, banks, and other major businesses.

Healthcare facilities use policies like HIPAA and HITEC to cover personal health information, often with obligatory breach notifications and potential financial penalties. Nevertheless, they are increasingly vulnerable to data breaches and other cyber-threats. Hackers are particularly interested in accessing health systems and acquiring patient information. Medical records often include social security numbers, dates of birth and other information that can be used for identity theft.

To combat breaches like this, healthcare facilities need intelligent surveillance solutions that keep data secure so patients, visitors, and employees can be rest assured knowing that their sensitive information won’t get into the wrong hands.

The cost of attacks

Though privacy regulation measured such as HIPAA and HITEC exist to protect patient data, recent examples of successful cyber-attacks on healthcare facilities include a 2016 ransomware attack on Hollywood Presbyterian Hospital in Los Angeles; they agreed to pay $17,000 in bitcoin to remove ransomware that infiltrated their surveillance system. In 2018, Hancock Health, a large hospital based in Greenfield, Indiana, paid a $55,000 ransom in a similar incident.

Those ransom payments are just the tip of the iceberg. Lower-profile attacks are often much more expensive. An analysis by Ponemon Institute last year estimated that cyber-attacks cost the average healthcare facility $6.5 million a year.

The targeted facilities are not the only victims of the attack. When a patient enters a doctor’s office, they should be able to expect that the information gathered in that room will not be shared without their authorization. Cyber-attacks undermine that most basic assumption about the doctor-patient relationship that is the foundation of our medical system.

Surveillance systems are targets

Surveillance equipment is a top target for cyber-attacks. For one, criminal organizations can infiltrate the system with the objective of stealing valuable data or shutting it down. Even if a hacker is not interested in the data on the surveillance system, it offers an entry point to the broader IT network, which includes plenty of valuable data as well as devices that can be co-opted to attack other systems.

As hospitals and other healthcare environments seek to protect their data, they need to make sure that their video management systems are also invulnerable to attacks. A critical first step is to work with a surveillance provider who prioritizes cybersecurity with a proactive approach.

Why Pelco?

We view every part of our business through a cybersecurity lens. Our mission is to build cybersecurity into our internal processes so that we are always a few steps ahead of hackers and other cybercriminals. That’s why our cybersecurity team works in tandem with our engineers at every stage of product development.

That’s why discerning customers around the world trust us to provide them with surveillance solutions that keep patients, healthcare professionals, and their data safe all year round.

Learn more about Pelco’s innovative offerings here.

Choosing A Surveillance Provider Who Values and Protects Privacy

At Pelco, we firmly believe that the data revolution in which we’re playing an active role will make the world a better place.

On a daily basis, we see the value that predictive analytics provides to communities around the globe. Traffic managers rely on us to reduce congestion, pollution, and accidents. Police leverage our solutions to react to situations more quickly and to investigate past incidents.

However, with the great power that data brings comes great responsibility for all of those involved, from vendors to end-users. For entities that are looking to invest in surveillance solutions, it’s important to consider what your approach to safeguarding data and privacy will be. It’s just as critical that you ensure that you are working with a solution provider who can accommodate your values.

Laws

Above all else, you need to make sure that your surveillance solutions don’t risk running afoul of the law. Laws on privacy and data differ dramatically based on your location. A notable example is the General Data Protection Regulation, or the GDPR, which is a comprehensive set of privacy regulations that apply in every European Union member country. In the United States, there are federal regulations as well as state and local rules that occasionally impose stricter standards.

Navigating the legal landscape for surveillance, data protection and privacy is not something that you should leave up to a quick Google search. If your entity has access to lawyers, then get in touch with them and give them time to consider the issue and develop recommendations.

What are your options?

You always have options when it comes to surveillance solutions. At Pelco, we offer a range of customizations aimed at privacy protection.

One of our most popular customizations is “Window Blanketing.” “Window Blanketing” blocks the surveillance camera from viewing anything that’s happening behind a window. This means that people who live on the street can be assured that the camera is shooting footage of what is occurring in the public domain but they don’t have to worry about the camera peering into their homes.

Not only is it important to choose a surveillance provider that is dedicated to protecting the privacy of customers and the general population, it is also critical that the company be able to demonstrate that it has strong measures in place to protect sensitive data from being compromised.

Pelco’s engineers and product managers take every precaution to prevent known privacy and security risks from occurring by implementing major IP-based protocols aimed at delivering security on network devices such as https, 802.1x, authentication, etc. When new risks arise, Pelco engineers immediately address the situation to eliminate the risk as quickly and as efficiently as possible.

Asking the tough questions

Make sure your surveillance provider can provide you with clear responses to questions about how their solutions can accommodate your organization’s privacy standards. A stated commitment to privacy and data security is easy; it also proves that commitment through evidence will distinguish those who can serve your needs from those who can’t.

Want to learn more?

Click Here to speak with our experts.

Defending Against Potential Security Fouls at World Cup 2018

The 2018 FIFA World Cup Russia, which is scheduled for mid June through mid July, will include 32 national teams competing in 11 cities. The month-long soccer tournament will wrap up with the final at Moscow’s Luzhniki Stadium. With ticket requests of nearly 5 million by the end of the January 2017 sales window, the attendance is expected to be massive.

It’s predicted that World Cup attendance will dwarf that of the 2014 Winter Olympics hosted by Russia in Sochi, where some 37,000 security guards on hand. An event of the size and sprawl of a World Cup will almost certainly put Russia’s security and surveillance apparatus to a test it’s likely never seen. Add to that the threat of a potential terrorist attack from any number of malevolent actors plus 11 different host cities to protect and it becomes clear that the security monitoring requirements will be staggeringly complex.

What’s the translation for security professionals and event organizers? Security will play a vital role in ensuring the safety and enjoyment of players, tourists and residents all over Russia. City streets, sports venues, metros, hotels, airports, cafes and bars — all must be monitored for a heightened risk of violence and mayhem, whether it involve fist fights, car accidents or worse.

Here is why: Germany’s Federal Criminal Police Office projects a high risk of terror at the World Cup this year with as many as 4,500 ISIS jihadists traveling to Russia from Syria and Iraq ready to make a statement on the world’s stage. Such militants could seek to avenge Russian attacks against ISIS in Syria. Or there could be Chechens with a long-standing and simmering hatred of Russia. As recently as late last year ISIS displayed posters as part of a terror campaign targeting the event. It was a kind of jihadist call-to-terror campaign it has used to great effect in the past.

Russian security officials  have unique enforcement powers in dealing with bad actors expected during this summer’s FIFA World Cup. Law Enforcment rules in Russia enable the restriction of mobility of visitors and the detention of suspects without charge for up to 5 days. Such dynamics allow police officials to be more aggressive than they might be in other countries, says Stuart Rawling, Pelco’s director of segment marketing.

“If they get the intelligence, I’m sure they’ll act on it without reservation.”

Technology such as facial recognition and tracking movements through smartphone location devices could play a major role in security measures, Rawling notes. “Privacy tends to take a back seat to overall event safety when so many people are in a closed space like a stadium or arena,” he says. “And while privacy is sacrosanct in Europe, in Russia, especially during the hosting of a large event, security is for more a paramount concern.”

To help law enforcement quickly pinpoint and address undesirable behavior, the 11 Russian host cities have worked tirelessly to put their own security systems in place. As early as November of last year, for instance, Moscow launched pilot programs for facial recognition technology in the metro area and train stations surrounding the stadiums where World Cup matches will be held. This, of course, is in addition to the surveillance systems each individual stadium is already equipped with.

Take Spartak System, more commonly known as Otkritie Arena, that is slated to kickoff the quadrennial international soccer competition on June 16th. As a valued customer of Pelco’s, Otkritie Arena’s defensive line features power packed surveillance solutions through our Sarix Professional fixed IP cameras. Each Sarix dome camera delivers high resolution images within large areas and has advanced zoom capabilities allowing operators to view detailed scenes while maintaining evidentiary data. Participants of the events at Otkritie Arena can feel assured that their only worry will be whether or not their favorite team will be able to perform on the pitch or not.

Coupling video surveillance and facial recognition technology with the collection of quality security intelligence supplied by other nations will play a crucial role in how well the World Cup plays out both on and off the pitch. Safety is an important component of any event, and ultimately that should be everyone’s goal.

Tracking Undesirable Behavior in Casinos

Casinos with hotel properties are popular vacation destinations, and with good reason. They provide numerous forms of entertainment and amenities from one location to the next, including gaming halls, pools and beaches, spas, retail shops, amusement parks, and restaurants. Surveillance and security personnel need to be on top of all of these high traffic areas, and the unique challenges that these amenities face as complements to gaming operations.

Because they are attractions across all demographics and cultures, gaming properties and casinos attract a very wide variety of visitors, many of whom elicit undesirable behaviors ranging from alcohol and substance abuse to cheating.

Casino security has to balance a welcoming guest-focused attitude with a firm and capable presence to prevent and handle problems as they arise. Surveillance and security operations are a mainstay at casinos because they support a range of business imperatives, including not only the protection of employees, patrons and assets, but also compliance with stringent gaming regulations.

For many casinos, one of the best ways to create a highly structured, discreet and secure environment is by employing advanced video surveillance technologies that support high-quality analytics. In addition to delivering high levels of situational awareness, these systems also deliver documented evidence for investigations and court cases.

Integrated analytics in fixed, PTZ, 360 degree, and panoramic security cameras can help to detect undesirable behaviors – such as an object left behind, card counting at the gaming table, a door propped open, a guest whose behavior is inappropriate, theft from employees or vendors, and more – and send alerts to security personnel. Surveillance analytics can also track identified individuals from camera to camera throughout the premises. Additionally, facial recognition analytics can alert operators if a known offender enters the casino, freeing security officers from constant monitoring of entrances and exits. And heat mapping can provide valuable insight into loitering statistics so that security officers can better allocate staff to problematic areas. The vast amounts of data provided by the surveillance system can be reviewed for specific trends to prevent further incidents from taking place, and deliver new sources of business intelligence.

With integrated video imaging, camera control and management, and analytics technologies in place, gaming facilities can have the real-time situational awareness and data needed to respond to and deescalate real potential threats and incidents from guests with simply bad manners and behavior.

Why Securing Your Airport Starts at the Perimeter

In recent years, airport security has been identified as a top priority. Inside the terminal, surveillance and security systems have been modified, enhanced, and strengthened. However, security weaknesses remain—most prevalently, at the perimeter of the airport. While any flier can easily see the changes that have made interior security more stringent, perimeter security is much less tightly controlled. There are a number of concerns that are specific to airport perimeter security, and ensuring that an airport is secure at the perimeter presents a variety of unique challenges.

Many airports have no more than a chain-link fence between the Air Operations Area (AOA) and the outside of the airport. Runways, taxiways, aircraft, and other assets protected only by that fence are incredibly vulnerable to anyone with reasonable climbing skills. It’s even easier to use a vehicle to break through a chain-link fence, as shown by several recent high profile perimeter breaches where civilians have taken their car for a joyride down an airport runway. Airports near water are less vulnerable from vehicles, but anyone with a boat can paddle up to the site and gain access to the AOA. Reports find that airport perimeter security is breached almost once every ten days.

Solutions for automated perimeter security can help to address this challenge. Today’s surveillance systems can incorporate analytics to monitor the fence line, detect breaches or potential breaches, filter out time-wasting false alarms from animals or blowing debris, and alert authorities quickly when action is needed. And because perimeter security can be integrated with the airport’s surveillance system, there is no need to train personnel on a new system or increase your personnel deployment to compensate for new security operations. These solutions are easily deployable, and they function in all environments and weather conditions.

Users have a variety of options to tailor the system to their perimeter security needs. If your terminal has several distinct restricted areas, your virtual perimeter can designate those areas individually. Automated alerts can be sent to localized security personnel to control incidents as they happen in real-time, and these intelligent alerts will only be sent out if a breach event is occurring—ensuring that personnel need not make trips to the perimeter every time a bird flies over your fence. Smart thermal imaging is easily deployed over a wide area, with instant alerts notifying personnel where the breach is occurring. By monitoring both sides of your fence, perimeter security helps ensure that you are able to respond to breaches even before they occur, preventing costly maintenance and downtime and helping to ensure the safety of planes and passengers on the tarmac and in the air. Because large flat areas that have planes flying over them will have obvious issues with wind and vibration, it makes sense to choose cameras with built-in image stabilization in order to prevent shaking from causing false alarms. Perimeter security solutions with options that are tailored to your airport perimeter will make it easier for you to prevent breaches and other issues.

Airport perimeter security presents a significant risk and may be overlooked as a security issue in favor of security inside the terminal itself. However, overlooking the perimeter can result in costly, time-consuming, and incredibly dangerous incursions onto the tarmac, into aircraft or into the terminal. Automated security solutions make controlling the perimeter much simpler and more cost-effective, helping to reduce risk throughout the entire airport.

Security for Commercial Spaces: Does Your Current Strategy Need an Upgrade?

Overseeing the security for a commercial building, housing many different tenants, brings with it a wide array of challenges for even the most seasoned security professional. How you develop a security plan for a high-rise building may be slightly different in your plan for a mid-size building.

A major challenge for any size commercial building is the ability to adequately control a public space, like a lobby or garage. Having on-site personnel may be cost-prohibitive for many property managers. But this does not mean that there are no solutions available. With current technology, protecting a commercial property has gotten easier and more cost-effective.

Let’s dive into this challenge– and a few others that you may be experiencing when protecting your commercial property and its tenants.

Property managers often like to cultivate an open, welcoming feeling in their lobby, so this space is likely to be large, with lots of windows. Because this may create areas of very intense lighting, contrasted against darker areas, lighting may be a challenge. In a high-rise setting, there may even be some high value items, like artwork or furniture, in a commercial lobby, that could require large investments if replacement were needed. If your cameras are working 24/7, the changing light may also present problems. You might require cameras with options in low-light, to make sure that they record nighttime data as well as daytime, or anti-bloom technology, to keep your video glare-free, in areas with lots of natural lighting.

You might feel as though you don’t have enough of a budget to offer the level of protection that your property requires. It’s important to realize that there might be support available from other locations. Perhaps you can only put one or two officers on the property at a given time. If there is a central property management office in your building, you may be able to augment your on-site security personnel. How is this possible? In many cases your VMS can be accessible remotely. By leveraging the remote access ability of a VMS, you can augment your on site security personnel with additional security personnel that are centrally located. A partitioned VMS allows each group of tenants at your property to access the parts of the system that contain their assets, while security personnel at the managing agent can maintain centralized, system-wide monitoring. Centrally located personnel could monitor video from several locations at once, and in each case, they have the ability of alerting security officers on site if needed.

Let’s say that’s not a possibility. How else might you mitigate risk? Consider the earlier example involving high value items in a commercial lobby. There are a variety of technological options to protect property. A fixed CCTV camera gives you a constant view of high value property, such as a painting. Analytics implemented on fixed cameras can generate an alarm if the painting is removed. This alarm is then easily disseminated to the local security force or to a centrally managed security command center, so that action can be taken.

These are just a few possible solutions for some surveillance challenges in a commercial space, but of course, there are many more. Tune in to our August 9th Webcast to learn about additional challenges, and how we can mitigate them.

What Security Challenges is your Campus Facing?

As the lead for a campus security team, every day brings with it new and unique challenges that your team must be ready to respond to with a moment’s notice. Having the right tools and strategies in place will undoubtedly aid in your team’s overall success.

For the purposes of this article, we’re thinking of a campus that contains multiple buildings with common outdoor gathering areas, that is situated on large, easily accessible area. This could be a college campus, a large private high school, a large corporate property, a resort, or even a religious institution. Your campus may have residences on site or not, but there are going to be similar challenges faced across these environments.

One of the first things that comes to mind is that you are going to need cameras that have the capability of maintaining a pixel density that allows you to identify people from a long distance of perhaps hundreds of feet. While this is possible with fixed, megapixel cameras, and those would be a great place to start, augmenting these fixed cameras with High Definition Pan-Tilt-Zoom, or HD PTZ cameras will add versatility and usability to your surveillance deployment, if you have a named public safety office. A camera like this would enable security personnel to take control over a camera as needed to perform real time investigation of incidents as they happen.

Perhaps a flash mob has formed, or that there is a car accident, or even a medical emergency on a public area. Instead of having to watch from a distance, you can move a PTZ camera and zoom it in to maintain a high level of detail even from long distances. Making sure your camera is high definition will also help make sure that the image is clear and usable. How many times have you seen security footage from a local TV news segment and thought, “what’s the point of having a camera if you can’t make out anyone on the video?”

Even if you don’t have a public safety officer available to monitor your campus, a PTZ camera can still make sense as a solution. Perhaps there is an emergency intercom system strategically placed throughout your campus. A PTZ camera can be integrated and programmed to automatically pan tilt and zoom to a preset location based on an event from your intercom system. At that point, even if no one is watching, having surveillance on the person using the intercom can still be of value when video footage is reviewed later.

Does your campus have any unique challenges that you’re currently reviewing and looking to solve? I’ll be available to take your questions live on August 9th, during the Security Professional’s Guide to Mid-size Solutions Webcast. I would be more than happy to discuss possible solutions and strategies for you and your team during this free digital event. Register below for more information.

Advanced Considerations for Choosing a Surveillance System

Whether you are purchasing your first surveillance system or updating an older system, there are many questions to ask before choosing a vendor. As a first step, you need to determine the primary purpose and scope of the surveillance system. You also need to identify any environmental or other restrictions that will affect system operation

Once the basic objectives and restrictions are mapped out, there are a number of more advanced considerations that will need to be addressed. These include the following examples:

What other systems, if any, will be connected to the surveillance system?

In a networked world, almost any security or building system could be connected to surveillance. Working with an integrator and a manufacturer that support 3rd party integrations from technologies from legacy systems all the way to the latest ONVIF and manufacturer-API standards can make a significant difference in the success of the installation.

What are the needs for redundancy in the system?

For the vast majority of systems, simple RAID5 or RAID6 redundancy in storage is sufficient. Planners should also consider budgeting for “Failover” recorders and other server hardware on your VMS back-end, as well as spare cameras. If the intended system use has demanding uptime requirements, then the budget should include spare cameras that can immediately replace failed cameras, hard drives to replace failed units, and possibly extra joysticks, mice and keyboards so operators don’t face downtime if a peripheral device fails. Remember, a failed piece of hardware that doesn’t have an immediate backup will result in at least two days of downtime. If the replacement hardware is not available, or not shipped overnight, then downtime will quickly grow to four to seven days, or longer. Budgeting for and providing spares eliminates this risk.

Are there CapEx and OpEx considerations?

Today, most VMS systems have Software Upgrade Plans (SUP) or Service Level Agreements (SLA) to cover everything from higher tiers of support to future upgrades. The recommendation is generally to buy as much of this as is needed and as the end-user can afford in the initial project, or alternatively, build it into operating expense budgets for future years. Without such a continuity plan, out-of-date software can become a significant expense to bring the system back into compliance or to obtain the required support.

Are solutions manufacturers being considered?

It is best to work with integrators and manufacturers who are extensively steeped in end-to-end solutions experience. A given provider might offer excellent quality, or a lower price, but if cameras are their only product, then they will not be in a strong position to provide comprehensive support. Suppliers who offer a complete solution will be better able to solve any problems encountered during and after installation without finger pointing.

What’s the support escalation path?

Beyond the capabilities of the end-user to support its installations, how is support escalated? Does the installer have personnel that are trained and able to support the planned installation? If support issues exceed the installer’s capabilities, does the manufacturer have resources close to the site?

What’s the long-term support picture?

Successful surveillance systems are as much about continuity and relationships as they are about quality and a good price. Choosing an integrator partner and a manufacturer partner who have been there, and who will be there for the long haul, guarantees the ongoing support needed by most end-users.

Surveillance systems are a major business expense, so it’s important to ask the right questions and perform the required research prior to making any purchases. With proper planning, you can avoid costly downtime, extend the life of your system and save your company money.

2016 Accomplishments and a Bright 2017

Looking back on 2016, we had a number of accomplishments and set our course for the New Year with a refocused direction for 2017.

Last year, Pelco has continued to work hard to implement a number of changes – both in the way we conduct business and in the growth and improvement of our products and solutions offerings to better serve our customers. These efforts have strengthened our core competencies, and set the foundation for a very successful 2017.

In 2016, Pelco increased its focus on four core vertical markets: airports and seaports, casinos and gaming, Safe City, and oil and gas applications. We have invested in research and development, focused our sales and marketing strategy, and developed strengthened relationships with key partners to better serve these areas. As a company, we reorganized our renowned support capabilities and dedicated a great deal of personnel time and resources to fully understand the needs of end users in these sectors.

As a solutions provider, we’ve honed in on the specific capabilities that these markets want and need most, and worked with our engineers to develop new products with these capabilities in mind. As a result of all these efforts, we will be unveiling a number of new systems solutions and products that we have either developed organically or integrated from one of our many technological partners.

Going forward in 2017, our focus will be on delivering the best possible comprehensive security solutions – from video surveillance cameras to analytics software to video management and storage systems. Integrations with leading software and hardware partners will also further enhance our offerings. We’ve got it all covered.

Another key element of our extensive foundational work in 2016 was an investment in bolstering our emphasis on quality at every level of product development. We established a four-tiered approach to excellent quality, which is described in these blog posts.

Everyone at Pelco is looking to 2017 as a year of substantial global growth. We look forward to working with our customers, integration partners, consultants and industry leaders to deliver the best possible video surveillance and security solutions in the industry. We are moving ahead by your side!