Saturday, September 22, 2018

Role of IT in Access Control System

Role of IT in Access Control System


It is a fact that IT is becoming more involved in the physical security world. In a small minority of companies, these two departments are actually merging, although this is a mammoth task fraught with problems, not only in terms of technology, but primarily in terms of culture.

In the access control world, one could say it’s normal for IT to be involved in networking (assuming the access systems make use of the corporate network and/or the IP protocol), but the scope of IT has slowly been creeping into more of the access control functions. In smaller companies, for example, it’s not unusual for the service provider responsible for the company’s IT to also take the responsibilities of physical security.
So how far has IT made inroads into the access control world in general? HID Global broadcast arrange a webinar in October 2018 in which it revealed some new research into the increasing role IT departments and personnel are playing in the physical access control world. The webinar was hosted by HID Global’s Brandon Arcement and Matt Winn. After discussing the findings of the research, they went on to advise physical security operators as to how they can embrace their IT colleagues further, with the goal of improving the holistic security posture of their organisations.

The survey was conducted by The 05 Group, sponsored by HID and was completed in March 2018. As the title of this article notes, the research found that IT departments are now more involved than ever in organisations’ physical access control decisions and implementation, and that trend is set to increase.

The 05 Group surveyed 1 576 individuals from more than a dozen industries, including education (19%), information (16%), government (11%), manufacturing (8%), health services (8%), and security, professional and business services (8%). Of the respondents, 35% were IT managers, 26% were IT directors, 13% were IT staff, 8% were CIO/CTO, and 3% were VPs of technology. The survey also spanned companies of different sizes, with 24% having less than 100 employees, 22% 101-500 employees, 11% have 501-1000 employees, 17% have 1001-5000, 6% have 5001-9999, and 6% have 10 000-24 999 employees. The results therefore cover a broad spectrum of companies and industries.
 The numbers tell a story
The research offers a significant amount of data about the role of IT in access control, however the webinar brought out a few pertinent facts (a link to the white paper written by HID from the research is at the end of this article). When asking the organisations being surveyed “Who is primarily responsible for physical access control in your organisation”, the responses were as follows:
• 29% said both IT and physical security.
• 26% said IT only.
• 25% said facility management handles the job.
• 12% said physical security only.
• 8% said the property management company was tasked with access control.
With a quarter of the respondents already saying IT is responsible for access control, and a further 29% saying it is shared between the two departments, it’s clear that the divide between IT and physical security is rapidly vanishing – and in some cases, altogether gone. And this is a trend that will continue; in organisations where IT is not involved in access control, 36% of the respondents said it will be within the next five years.

For those organisations where access control responsibilities are shared, 47% of the respondents report it had been shared within the past five years. Similarly, where IT owns the responsibility, 42% of the companies say they were given this task within the last five years. Once again we see that IT/physical security convergence in the access world is an expanding reality.

We mentioned IT’s influence in access control above in terms of the networking of access systems, however, this is an old function. The webinar showed that both IT professionals as well as physical security professionals see IT being involved in all areas of access control. When it comes to physical security professionals:
• 66% of physical security professionals see IT involved in influencing the decision-making process.
• 48% see IT’s involvement in integrating access and other systems.
• 37% see IT involved in implementation.
• 22% see IT involved in managing the systems.
From the other side of the table, IT professionals have a similar view:
• 76% expect to influence decision making.
• 72% will be involved in integration.
• 59% will be involved in implementation.
• 39% expect to be involved in managing systems.

Not all wine and roses
Of course, as these different cultures work together, there are bound to be some issues. It is in the field of integration where IT sees problems. Half of the IT people surveyed have issues with the lack of integration of access systems with other IT systems. This is an area in which the access control industry could make significant changes in the short-term to ensure their software and hardware can be more easily integrated with existing business management and security systems.

When it comes to new access control systems, the IT school has a few things it wants to see on the vendors’ to-do list. They want improved ease of use (71%), the ability to support or add new technologies (68%), mobile access (59%), and integration with existing security platforms (54%).

It’s also clear from the survey that IT is not all that comfortable with access control technology. Areas such as credential management, decision making with respect to access control systems, how system components work and also individual features within access systems can cause a bit of nervousness among the IT folk. These are areas in which physical security professionals can make their mark, as they are more skilled in dealing with these issues as well as others unique to their industry. 

Helping IT in access
The driver behind this convergence is not a technical issue, but is itself a convergence of a number of separate drivers. HID notes the primary drivers are:
• Converged threats that impact both physical and logical infrastructure. If you have a physical vulnerability it puts your logical systems at risk, and vice versa.
• Proliferation of networked devices in the age of IoT (the Internet of Things) which all require both physical and logical security. Interestingly, the webinar held its own real-time survey of the attendees and this topic was selected as having the biggest impact on access control’s shift to IT with half of the audience selecting it.
• Compliance to new regulations, which again rely on both sides of the table.
• Budget consolidation, which we are all suffering through.
• A shift in reporting structures as executives try to get a handle on the seemingly endless threats companies face on all fronts.

When it comes to the role of physical security professionals and how they can assist in the convergence between the two sides and help improve organisational security, 80% of the respondents said they play a role in establishing best practices, while 50% see physical security having a role in preventing unauthorised access in general, and 49% say they can help in achieving compliance. In order to streamline collaboration, the HID webinar suggests, among other issues, that both sides need to work on aligning project priorities and determining responsibilities, and balancing the technical acumen of IT when it comes to access products and management. 

A converged example
The webinar went on to provide an example of how the two divisions could work together in an access control installation. When it comes to the physical access control host, HID advises organisations to integrate physical access control systems (PACS) with an IT source of identity such as LDAP. Furthermore, administrators should ensure there is a set policy around regular software updates and patches, while they should also take advantage of IT’s experience (and equipment) to ensure high availability.


When it comes to the controller, HID advises organisations to settle some of the issues raised above by requiring an open controller platform that can be integrated with other technologies and other vendors’ products. Preventing vendor lock-in is a costly lesson IT departments have learned. It also suggests considering an ‘IP-at-the-door’ topology, keeping controller firmware updated to the latest versions, using strong passwords and encrypting communication between controllers and hosts (and using OSDP – Open Supervised Device Protocol – for encrypted reader communications).

Another strong warning was to take care when selecting access credentials as many of the card and fob technologies available are easy to replicate, making it simple for the wrong people to easily gain access. There are secure card technologies out there and these should be used as a standard. A business benefit of these more advanced credentials is that they can also be used for additional business functions, such as secure printing, vending machines and network logon.
The webinar presenters also touched on the benefits of using users’ mobile devices as credential holders. These can offer higher levels of authentication, easier administration and more user convenience that does not come at the expense of the company’s security.

Whether you are on the IT or physical security side, the most important part of the research (depending on your biases) can be seen in the answer to the question “Do you believe that increased collaboration between physical security and IT can improve the overall security of your organisation?” An overwhelming 95% of all the respondents said “yes”.

While the full convergence of physical and logical security is still some way off, people in the access control sector obviously understand that IT and physical security working together is critical to develop a successful security defence strategy for their organisations. In the access control industry this may be easier to achieve, but as noted in the introduction, it is often a question of culture (or ego, to be blunt) that prevents collaboration and results in organisations being vulnerable to the ever-increasing threats they face from well-organised criminal syndicates, as well as unhappy teenagers with too much time on their hands.

End of the article thanks to Mr. Andrew Seldon, for valuable time to us & security sa team.

Saturday, September 8, 2018

CCTV HDD Bad Sector Repair Steps

CCTV HDD Bad Sector Repair Steps

If you are a Electronic Security Technician you must know how to repair DVR / NVR HDD Bad Sector.
Some Common surveillance Hard Drive Problems.

Three Methods:Windows XP, Windows 7, Windows 8
Bad sectors are sections of your computer’s hard drive that have been damaged, and have lost the ability to save and store your data. If your computer makes grinding noises when using the hard drive, that’s a good sign that your hard drive has bad sectors. When you repair a bad sector, your computer will replace the bad sectors with good sectors and ignore the bad sectors. The methods for repairing bad sectors are different, depending on what version of Windows you’re using. (This is all falls under common hard drive problems )

The larger your hard drive, the more sectors there are to check, and the longer this process will take. Start this process when you won’t need your computer for a while, such as overnight.

Windows XP
Close all of your open programs and files. Windows XP can’t scan or fix a bad sector if that sector is being used by an open program or file.

Windows XP uses a system utility called Chkdsk to scan for and fix bad sectors.
Open My Computer. Double-click My Computer to open it.
Choose a hard drive to check for bad sectors. In the Explorer window, in the sidebar, right-click the hard drive you’d like to check for bad sectors, and then click Properties.

The C: drive is often the hard drive.
In the Properties window, click the Tools tab.
In the Error-checking section, click Check Now.
Choose the Check Disk options you’d like to use. In the Check Disk dialog box, you can have Check Disk fix file system errors it finds and recover bad sectors.
If you’d only like to scan for and fix bad hard drive sectors, make sure that Automatically fix file system errors is unchecked.
Click Start. Windows will start checking your hard drive for bad sectors and will fix any that it finds.
If you have any open files or programs at this point, you’ll get an error message asking if you’d like to schedule the disk check when you restart your computer. If you click Yes, it will restart your computer and perform the disk check.
Review the Chkdsk report. When it’s done.
(This is all falls under common hard drive problems )

2 of 3: Windows 7
Close all of your open programs and files. Windows 7 can’t scan or fix a bad sector if that sector is being used by an open program or file.
Open Computer. Click Start, and then click Computer.
Choose a hard drive to check for bad sectors. Right-click the hard drive you want to scan, and then click Properties.
In the Properties window, click the Tools tab.
In the Error-checking section, click Check now.
Check the Scan for and attempt recovery of bad sectors.
You can also check the Automatically fix file system errors to check the hard drive for software-based errors.
Place a check mark within the box next to “Scan for and attempt recovery of bad sectors.”
Click Start. Windows will start checking your hard drive for bad sectors and will fix any that it finds.
Don’t use your computer while Windows attempts to fix errors.

If you have any open files or programs at this point, you’ll get an error message asking if you’d like to schedule the disk check when you restart your computer. If you click Yes, it will restart your computer and perform the disk check.
Review the check disk report. Click the See details down arrow to see more details about your report.
(This is all falls under common hard drive problems)

Method 3 of 3: Windows 8
Move the mouse cursor to the upper-right corner of the screen, move the mouse pointer, and then click Search.
If you’re using the touch interface, swipe in from the right edge of the screen, and then touch Search.
For these steps to work, you will probably need an admin account and password.
In the Search field, type This PC, and then click or touch This PC.
Right-click the drive you want to repair, and then click Properties.
If you’re using touch, press and hold the drive you want to repair, and then touch Properties.
Select the Tools tab.
Under Error checking, click or touch Check.
You may be asked for an admin password. Enter your admin password. If you don’t have one, contact the person who has the admin account.
Review the scan results. The error checking scan will tell you either that there are errors or there aren’t errors. You can still repair the drive, even if there are no errors, but you don’t need to.
Click Scan and repair drive.
Choose when to repair the file system. In the Restart your computer to repair file system errors dialog box, click Schedule on next restart to repair your hard drive the next time you start the computer. Click Restart to repair the hard drive now.
Wait for Windows to scan and repair the hard drive sectors. Do not try to use your computer or interrupt the sector scan while it’s happening.


Surveillance is one of the segments where most of the time normal hard drives being used. However there are surveillance drives available with a little price difference, but performance is far better. On the other hand, surveillance HDDs are built to record data 24×7 from multiple camera streams or channels.