Homeland Security has captured the attention of large corporations and companies whose assets and employees are exposed to terrorist threats. Funding is available for companies that focus on bolstering security. The government contributes significant funding for those companies willing to...
Homeland Security has captured the attention of large corporations and companies whose assets and employees are exposed to terrorist threats.
Funding is available for companies that focus on bolstering security. The government contributes significant funding for those companies willing to complete the funding for projects that improve security infrastructures.
Recent grants lean toward the upgrade of cameras over all other security infrastructures. The main reason for this is that cameras can easily be networked to governmental agencies, creating a “one-stop” shop for surveillance. This is a highly prized resource; therefore, funding is easier to get.
Institutional locksmiths sometimes wonder why the request to upgrade locks is turned down. These locksmiths are aware of the number of keys reported lost, misplaced, stolen or duplicated without permission. An upgrade that would involve the replacement of existing lock cylinders with high-security equivalents would directly enhance physical security.
Even in an environment where management is willing to fund security projects, getting upgrades to locks and keys is next to impossible. Unless spurred by tragedy or serious compromise, upgrades to locks and keys are not generally recognized as the best means to use precious funds. It is also difficult to gage the effect a lock upgrade would have to the overall status of security.
When a lock and key upgrade is installed, experienced managers know to expect an immediate improvement which will (slowly at first) decline over time. By the nature of mechanical keying systems, important keys are routinely misplaced, lost, stolen, copied, or given to the wrong persons. At no time during the service life will the upgrade be more secure that when it is first installed.
High-security keying systems strictly rely on patent-protection to keep keys from being duplicated or master keys from being reverse-engineered. Patents are usually in effect well before a customer invests into the high-security system so the all the customer can hope for is about a dozen years before the system becomes ineffective.
VIDEX CYBER PRODUCTS
There is a product that overcomes the inherent weaknesses in conventional keying systems by replacing the existing mechanical lock cylinder (inside the lock) with an electronic equivalent. Once converted, the new system has all the advantages of a key system, yet will outperform electronic access control systems.
The administration of CyberLocks® and CyberKeys® is similar (by design) to mechanical locks and keys. Therefore, the locksmith is the likely candidate to maintain the system.
CyberLocks® are electronic lock cylinders that easily replace the lock cylinders found in mechanical locks for doors, cabinets, drawers, padlocks, safes and more. Once replaced, the lock is only accessible by a CyberKey.
CyberKeys® cannot be duplicated like a key or cloned like a card. The information held in the key is encrypted and can only be read by the authorized source. CyberKeys® are programmed with access assignments and schedules.
Both CyberLocks® and CyberKeys® record who, what, when, and where with every contact. Even attempts to access locks where access is not granted is recorded and reported.
Once a CyberLock® is installed, it never has to be rekeyed in the field. This does not prevent an administrator from making a routine audit or downloading access history directly from the lock.
The CyberKey® Authorizer provides a way to communicate with keys over a wide area, while managing the system from a central computer. The Authorizer consists of two parts: the hub and the keyport. The Authorizer hub connects to the host computer either via Ethernet or via its built-in modem. In network installations, the hub and the database synchronize every few minutes. In modem installations, the hub receives instructions from the host computer on a regular basis, and stores these instructions in memory. The Authorizer hub connects to one or two keyports. Keyports can be installed wherever it is convenient for CyberKey® users, indoors or outdoors. Keyports consist of a CyberKey® connection, a numeric keypad, and a display. Each time a user inserts a key into the keyport and enters a PIN, the program information in the key is updated and the log of events is transferred to the computer via the hub.
Initially, Cyber products are more expensive to retrofit into existing locks when compared to a high security keying system retrofit but over time there is a break-even point. Figure 1 shows start-up expenses and ongoing expenses relating to day-to-day rekeys combined with periodic “whole-system” upgrades.
The ongoing expense to maintain high-security keying systems is attributed to labor. Lock cylinders are continually rekeyed as access to areas change. Rekeying requires visits to the location where the lock is and time-intensive bench work involving re-combination.
Expenses relating to CyberLocks® are less labor intensive and pertain to the initial retrofit of the lock cylinder.
Figure 2 shows how many times a “whole-system” change out should occur within a high-security keying system. Unfortunately the decision to rekey is often delayed even when it needs to be done. The cost to perform a change-out becomes an issue and a decision is made to leave the system in a continuing state of low integrity.
The performance level of CyberLocks® is also displayed in Figure 2. Unaccounted keys are not an issue and CyberLocks® do not rely on patent protection to maintain integrity. Even after patents expire, the product is inherently secure.
Once installed, the Cyber system has all the advantages of both an electronic access system and high-security keying system. These facts alone may not be enough to convince management to invest in a Cyber system.
Company time clocks or kiosks that normally allow employees to “clock-in” or “clock-out” can be replaced with Cyber Authorizers (and hubs). Employees clocking in-or-out can insert their CyberKey® into the Authorizer, and then enter a personal identification number.
This action is sent to the company's in-house applications that are responsible for time management.
Not only does this facilitate the timekeeping process, bit it also allows the CyberKey® to download past activity into the Authorizer while the Authorizer uploads new access instructions into the CyberKey®.
When completed, some of the instructions loaded to the key govern how long the key can be used. Keys can be programmed to stop working after the shift, rendering the key useless. This can mean that most employees leaving work do so with no means to re-enter without authorization.
Changes made to an employee's access list are uploaded into the CyberKey® the next time the employee uses an Authorizer. This usually occurs at the beginning of a shift.
These features exceed the capabilities of keying systems and card-driven electronic access systems.
Today, large companies automate their business practices using customized software designed for their specific needs. Cyber products free up time by collecting the data that employees input via keyboard. This is especially effective when freeing up those employees who don't normally use keyboards in their job functions.
From the key holder's perception, the CyberKey clocks them in and out, tracks when and where they use company vehicles, logs them on and off work orders and energizes their keys during their shift.
While the perception is inaccurate, it does act as a powerful reminder that everything is being accounted for.
Technically, what is downloaded from the CyberKey® (from the Authorizer) is a list of transactions. Each transaction includes: a key, lock, or point serial number; the user of the key; the location of the transaction; time of the transaction and the result.
Some results of the transaction can be reported as “denied,” “out of schedule,” “lost key” and “key authorized.”
The downloaded list of transactions is appended to a transaction table. Because each asset is identified by a unique serial number, the transaction table can be used by the company's in-house applications to develop work order history and to validate preventative maintenance schedules.
Cyber systems save time and money as they work to gather data for time management applications while providing world-class security.
In the following model, a transit authority implements a Cyber program where the primary goal is to gather the data that will yield real-time productivity while secondarily providing for a high security environment.
Figure 4 shows the company electrician logging into the system by using an Authorizer. He seats the CyberKey® into the Authorizer and enters a personal identification number; in this case his 5-digit badge number. In seconds his personal access is uploaded to his Cyberkey® and is limited so use will expire at the end of his shift.
His supervisor gives him an automated report of work orders that are still pending or were added before he came on shift.
The electrician's access for the day was partially tailored to these work orders as he may need to access locks that he normally doesn't have access to. After these work orders are cleared, so will be the temporary access.
Before starting his truck, the electrician places his CyberKey® into a CyberPoint® mounted on the dashboard. This action will be used later to account for travel time.
When the electrician arrives at the work site. He locates the asset he will be working on. The work order reports: “The power is down at the bus washer” so the asset will be the bus washer.
He locates the CyberPoint® on the bus washer and uses his CyberKey® to “log on” to the asset. This action will be used later to monitor the amount of time to service the asset.
As he leaves the site, he again “logs on” to the CyberPoint® on the dashboard of his truck. This action terminates the amount of time to service the bus washer.
The last 30 minutes of the shift is designated to reconciling work orders. Again an automated report is generated and the only activity that the electrician must enter is a brief narrative on each work order and a checkbox if the work order can be closed.
The company's in-house application generated the reports and was updated by the data collected by the Cyber products from the day before.
As the electrician leaves for the day, he “logs out” by repeating the same procedure as when he logged in.
The Authorizer downloaded all the transactions used by the electrician through the day and forwards that to the in-house applications. This information will partially update the report he will get the next day relating to pending work orders. This drastically reduces the amount of time the electrician would spend entering the information into the database. The electrician's time is better suited to performing his trade than keying information into a database.
At the same transit authority, 22,000 persons travel through a terminal daily. The restrooms are to be opened and closed at a certain hour and serviced hourly. To facilitate this type of control, deadbolts are retrofitted with CyberLock® cylinders and a CyberPoint®.
The custodian uses his CyberKey® to open the restroom in the morning. Each time he services the restroom, he “hits” the CyberPoint® in the restroom. At the certain hour the restroom is locked.
In Figure 6, a CyberPoint® is mounted to a towel holder for the custodian to use when cleaning the restroom. At any time the supervisor can run an in-house report that simply identifies how many times and when the restroom was looked at and when it was locked and unlocked. This is another example how passive supervision can be implemented.
Another example deals with persons from the city utility company coming in to check meters.
In the past, there were continual complaints that master keys left in control boxes (used exclusively by the utility company) were intermittently missing. It could not be determined exactly who opened the control box. Some utility persons would keep the keys to streamline their work.
The Cyber system identifies who last had access and makes them accountable for the keys.
Throughout the authority large numbers of non-controlled utility keys are issued. These are keys that do not open doors or gates to important areas but do open controller boxes, cabinets, metal enclosures, electrical switches, etc.
To eliminate the need to carry large quantities of utility keys, the authority placed strategic boxes at entries to rail platforms and buildings so that authorized persons could open the box and temporarily borrow keys.
Because Cyber systems can track the last person opening the box, the keys are always returned.
A more advanced concept is missioning. Any key can be assigned a specific “mission.” For example the transit authority might have 50 supervisors. Each week a duty supervisor is chosen to cover after-hour emergencies throughout the authority. A “mission” is set up that give the chosen supervisor universal access for that week.
The supervisor is given a special mission number. The supervisor can insert his key (or any spare for that matter) into the authorizer and enter the mission number. The key is ready for universal access for that week.
A painter might need to temporarily access some important executive offices. A mission can be set up to access those areas for a given time. The mission can be added to the painter's key.
(photos will be available soon)