AMPS Sundown Impact On Certificated Alarm Systems

In UL 2007 Issue 3 Steve Schmit has a interesting article on the impact of AMPS Sundown on Certificated Alarm Systems.

In a Memorandum Opinion and Order released June 15, the Federal Communications Commission (FCC) denied a Petition for Rulemaking filed by the Alarm Industry Communications Committee.

The petition sought to extend the 2/18/08 “sundown” date on the requirement that cellular licensees provide analog service to subscribers whose equipment conforms to the Advanced Mobile Phone Service (AMPS) standard. This effectively means that analog cell phone service in the US will begin to disappear on 2/18/08.

The alarm industry petitioned for an extension because there are a large number of installed alarm systems that employ analog cellular technology as either the primary or secondary backup communication method. Sourcing replacement equipment and retrofitting installed bases will be a challenge for the industry.

This fall, UL will be working with alarm companies that have issued Alarm System Certificates for systems using cellular technology as a required means of communication. An Alarm System Certificate is the issuing alarm service company’s declaration of ongoing conformity with the appropriate Code or Standard. UL’s audit services for systems covered by a Certificate provide an increased level of conformity confidence for alarm system owners, insurance carriers, security managers, fire code authorities and others with a concern for alarm protection.

In order to be in conformity, off-premise reporting systems have to maintain their ability to communicate with a monitoring station at all times. UL will help Listed alarm companies identify Certificated installations that employ cellular technologies and seek their declaration of continued compliance past the 2/18/08 AMPS sundown date. In cases where ongoing conformity cannot be assured, UL will assist alarm companies with the task of canceling the Certificates involved. During the 2008 Certificate Service audit cycle, UL will put an increased focus on Certificated accounts where cellular technology is declared to validate conformity.

UL will work diligently with the alarm industry to maintain uninterrupted certification coverage for alarm systems covered by a UL Certificate. At the same time, UL recognizes the value of the conformity confidence brought by Certificate coverage. We will take appropriate actions to assure that systems covered by a Certificate do indeed comply with the applicable Code or Standard.

By Steve Schmit
For questions regarding Alarm System
Certificates, please contact Steve Schmit
In Northbrook, Ill. at +847-664-2128 or at
Steven.A.Schmit@us.ul.com

- The Hackett Security Team

Survey: Few Doing Basic Steps To Prepare, Prevent Home Fires

Security Products has a nice article on some basic steps to prevent home fires:

Released recently during Fire Safety Month, a new Home Safety Council survey finds the majority of adults rank fires and burns as their leading home safety concern, yet many neglect to take basic safety steps to prepare for and prevent home fire emergencies.

The survey was commissioned by the Home Safety Council and polled adults in 20 metropolitan cities to better understand the home safety perceptions and practices in place across the nation. When asked about fire prevention practices, more than 90 percent of respondents said they had not conducted a home fire drill at night -- a key step in testing each family member's ability to wake up and respond properly to the sound of the smoke alarm. Also causing alarm, the survey found that nearly 80 percent of adults did not know to test their smoke alarms once a month -- the frequency recommended by the Home Safety Council.

"Unfortunately our research shows that families are not taking the steps needed to protect themselves against fire dangers at home," said Meri-K Appy, president of the Home Safety Council. "With less than three minutes to escape if a fire occurs, it's critical that every home is equipped with working smoke alarms and every family has a well-rehearsed fire escape plan."

According to Home Safety Council research, fires and burns are the third leading cause of home injury-related death, causing an average of more than 3,400 fatalities each year.

- The Hackett Security Team

Average Cyber Loss Increases For U.S. Companies

Security Products (http://secprodonline.com/) and The Computer Security Institute (CSI) have a great article on increase of company losses due to cyber-crime.



Average Cyber Loss Increases For U.S. Companies

The Computer Security Institute (CSI) recently released its 2007 report with news that the average annual loss reported by U.S. companies in the 2007 CSI Computer Crime and Security Survey more than doubled, from $168,000 in last year's report to $350,424 in this year's survey. This ends a five-year run of lower reported losses.

Financial fraud overtook virus attacks as the source of the greatest financial loss. Virus losses, which had been the leading cause of loss for seven straight years, fell to second place. Another significant cause of loss was system penetration by outsiders.

Additional key findings include:

Almost one-fifth of those respondents who suffered one or more kinds of security incident said they'd suffered a "targeted attack," i.e. a malware attack aimed exclusively at their organization or at organizations within a small subset of the general population.

Insider abuse of network access or e-mail (such as trafficking in pornography or pirated software) edged out virus incidents as the most prevalent security problem, with 59 percent and 52 percent of respondents reporting each respectively.

When asked generally whether they'd suffered a security incident, 46 percent of respondents said yes, down from 53 percent last year and 56 percent the year before.

Click here for the original article

- The Hackett Security Team

Energy Policy Act of 2005

Beginning this year, the Federal Government's Energy Policy Act of 2005 on Daylight Saving Time (DST) went into effect. With this Act, the start time of DST has been changed from the first Sunday of April to to the second Sunday of March (March 11). Also the end time has been changed from the last Sunday in October to the first Sunday in November (November 4). This has been done to save energy and to have more hours of daylight in the evening.

The new end date of November 4th for DST is fast approaching. There is relevant to our customers because you may have older equipment which was programed with the old DST in mind. You may need to take steps to make sure your equipment is set to the correct time. Your systems may be off by an hour for one week unless corrections are made.

The effect could be just a minor one, that is the display is off by one hour for that week to significant, with events that are programmed for certain times, can occur at the wrong time.

Please note that only systems with internal clocks that automatically change time for DST are affected by this. However if you would like help in determining this, give us a call and we would be more than happy to help you. (314)432-4200

- The Hackett Security Team

Michael J. Hackett and His Good Friend Justice Antonin Gregory Scalia :

Things have been really busy of late, but I intend to keep the updates coming. First up is a nice photo of President & CEO of Hackett Security, Michael J. Hackett and his good friend Justice Antonin Gregory Scalia. The key part in this picture is that Justice Scalia is a Cardninals fan! :D



- The Hackett Security Team

Everglades High School uses smart cards to move toward a safer, cashless campus

Everglades High School uses smart cards to move toward a safer, cashless campus

“I remember when my fifth grade teacher said we would be able to buy things without cash,” said Everglades High School Principal Paul Fetscher. “I thought that was the most outrageous thing I’d ever heard. And here we sit, at the beginning of the 21st century. Our kids don’t have cash, they have credit cards. It’s time schools followed suit.” With that objective in mind, Fetscher began a campaign to create a cashless campus at Everglades High School in Miramar, Florida.

All students in Broward County, where the 3,200-student Everglades High School is located, have been using ID cards for school identification for approximately 10 years. Two years ago, the staff at Everglades added a smart chip to its cards, enabling debit card privileges in a number of areas, such as vending machines, media center and certain student activities. Now Everglades students can even purchase yearbooks and prom tickets with their ID cards.

“Broward County had a rash of vending machine break-ins,” said Fred Azrak, athletic director and overseer of the Everglades ID card program. “We discussed using ID cards to allow cashless purchases from our vending machines. They suggested adding a smart chip to our cards. Now, our students can conduct a variety of transactions on campus without cash.”

“This is a unique solution for a high school,” said Alan Mendelson of Plasco. “Many colleges and universities use smart cards for cashless transactions, but Everglades is one of the first high schools in the country with the foresight to create a cashless campus.”

Everglades was able to upgrade its system using its two existing Fargo ID card printers. Already printing bar codes on the cards, the printers now simultaneously enable smart card options. The new, smart ID cards retain the printed bar code because not all applications at Everglades are integrated into the smart card system yet. The cafeteria program, for instance, is run county-wide out of New York using the students’ bar codes. Likewise, the library check-out system references the students’ ID numbers via the bar codes because there is no money involved in checking out a book so the smart card application isn’t needed.

Immediate Rewards
It didn’t take long for Everglades High School to see results from the smart card program. “Vandalism has become non-existent, despite the fact that vending machines stay unlocked outside all night,” said Azrak. “These machines use card readers instead of typical coin or dollar bill slots. Students know there is no money in them. We can’t get a bag of potato chips at our school without an ID card.”

Everglades makes it easy for students to deposit money into their account. They can insert cash into machines conveniently located in the guidance office and the cafeteria, and the money is transferred to the student’s card automatically.

Students have been very responsible with the cards, according to Azrak. They know that if they lose their card, they lose the money in their account. Everglades also charges a small fee for replacing the card. Starting next year, students will be allowed to keep their cards from year to year to defray school expenses. The Fargo printers laminate the cards to enhance their longevity.

Everglades High School paid for its smart card program using Broward County capital funding. “We also had help from companies in the area that donated money to our program,” said Azrak. Everglades has arrangements with three different financial organizations to act as global banks for the school’s activities.

Expansion Plans
The next phase of the Everglades’ smart card program will allow students to use their cards to get into athletic events for a discounted fee, a project that is near and dear to Azrak, especially with the school’s new 4,000-seat stadium for football, soccer and track events. “If someone went to every athletic event on our campus, it may cost $400,” estimated Azrak. “For a discounted upfront fee, students soon will be able to use their cards to get into any athletic event on campus.”

Currently, student ID cards are run through hand-held card readers by staff members at the entrances to events. The simple addition of an icon on the card, such as the school’s mascot, an alligator, will identify the student as having paid in advance. Azrak believes the new system will enable faculty to get the students in and out of an event faster, in addition to improving security at the games.

Before the athletic events are added to the cards, however, Azrak and his colleagues need to address the issue of how to split the ticket revenue with other teams. “Because we will be selling the cards at a reduced rate, we have to consider how this will affect the revenue going to other schools,” he said. “If every school began using smart cards, each school could just keep its own money. There would be no money changing hands.”

Azrak is rightfully concerned about the exchange of money. “Last year, we played a game where we collected more than $12,000,” he said. “I was the one who had to transport the money to the bank. I see a lot of benefits to using smart cards.”

Everglades staff also want to expand smart cards to incorporate access control. Currently, the school uses PlascoTrac, a student violation tracking system, to track infractions such as tardiness. Using a mobile, hand-held device, administrators scan student ID cards at the door and issue late passes to allow students to return to class. On the fifth disciplinary action, students receive an automatic internal suspension. “Someday, we might use palm prints and tie the system into our software,” Azrak said. “If I had the money today, I’d love to do this. I wish I could put a card reader in every room for attendance.”

A Win/Win Situation
Even two years after the introduction of smart cards, Azrak still is impressed with the capabilities of his system. “What’s so neat is that I can tell you that John Doe bought 20 Pepsi drinks at machine number 8,” he said. “When the application expands to athletic events, our system will give me a printout, and within five minutes I will be able to tell parents if their son or daughter was at the game on Friday night. I can even tell them what time he or she came in.”

“Setting this up was a little work at the beginning,” Azrak admitted, “but it’s been worth it. We have had no incidents of robbery, because our students don’t need money here. It is a more secure school now.”

Fetscher agreed. “When the athletic fee system is engaged next year, we will finally arrive at a point where there are no cash transactions on campus,” he said. “Parents will feel better. Staff will feel better. Using smart cards is a win/win for any school.”

Working With Smart Cards

Hackett Security, an authorized Fargo Reseller, is proud to bring you this article on smart card technology from Fargo.

Working with smart cards
Technology cards, or “smart cards”, offer dramatic advancements in ID card security and functionality. Smart cards are small and tamper-resistant. They store, process, communicate and encrypt large amounts of data, including biometric data and monetary values. Smart cards are often used for logical access control to networks or databases, or physical access control to buildings or rooms.

Four current Fargo printer/encoders — HDP600, HDP5000, DTC550 and DTC400 — can encode data in up to three different smart card technologies in the same pass as card printing, when optional encoding modules are installed.

Smart cards defined
Generally speaking, a smart card is any card with embedded circuitry — typically a microprocessor with internal memory — programmed to store information or execute tasks. Data transmission is made via either direct physical contact with a reader, or by holding a card within a few inches of a secure contactless interface.

Unlike other authentication technologies, smart cards can confirm identities in three ways:

Something you have (a secure ID card)
Something you know (a password)
Something you are (a palmprint or eye retinal scan)
Combined, these security layers create the most advanced card security in the marketplace.

Types of smart cards
Smart cards fall into two categories: contact and contactless.

Contact smart cards have a copper interface pad embedded on the surface of the card. The card must be inserted into a smart card reader to make a direct connection for the transfer of data. Contact smart cards typically have more memory and processing power than contactless cards. Some data encryption processes (used in high-security financial or legal applications) can only be performed by contact smart cards. Contact smart card readers work well in office environments, but not outdoors or in industrial applications.

Contactless smart cards only require close proximity to a reader (usually within a few inches) to achieve data transmission. Both the smart card and reader have internal antennas and wireless circuitry for secure communication. Using advanced data encryption techniques, contactless smart cards are every bit as secure as their contact counterparts. Contactless smart cards are ideal for access control, mass transit, vending and cafeteria payment, and dozens of other applications.

Other types of technology cards
While not actually “smart cards”, these other card technologies can enhance the security and functionality of your ID cards:

Proximity cards bring keyless convenience to physical access control systems. Prox cards contain an internal antenna that cardholders wave within a few inches of the reader to request access.

“Combi” proximity cards integrate photo ID, prox, magnetic stripe and even smart card technology into a single card, eliminating the need to carry multiple cards for different purposes.

“Combi” smart cards allow a single smart chip to securely interface with both contact and contactless readers.

Hybrid smart cards contain two smart chips — one with a contact interface, the other contactless — effectively doubling the functionality and security of the card.

Optical laser cards transform CD-ROM technology into ID card form, capable of securely storing megabytes of information.

Learn more about smart cardsFind out how smart cards can enhance your operations by contacting an Authorized Fargo Integrator.

Members Of Congress Briefed By Smart Card Alliance, Secure ID Coalition

Original article found on Security Products's website (http://www.secprodonline.com)

The Smart Card Alliance and Secure ID Coalition briefed members of Congress and staff in July about the best practices and standards for secure and private identity credentials.

“There is a critical need to secure identity documents not only to verify people are who they claim to be, but also to ensure personal information is secure and citizen privacy is protected,” said Randy Vanderhoof, executive director of the Smart Card Alliance. “Government officials need to be aware of how to maximize security while maintaining the principles of good privacy protection and disclosure for the citizens who often have little choice in what type of credential they are issued. Nothing is more personal or valuable than one’s identity; therefore, it is the government’s responsibility to manage it properly.”

Identity documents are utilized in many different areas including: financial services, border security, driver’s licenses, employee credentials, e-government authentication and immigration.

“As the government examines initiatives such as REAL ID, the Western Hemisphere Travel Initiative (WHTI) and immigration visa programs it is imperative that they understand the use of technology to implement these types of programs in the most secure manner,” said Kelli Emerick, executive director of the Secure ID Coalition. “There is a lot of confusion about secure smart credentials, and we are here to show Congress the best way to use this technology for identity.”

The Smart Card Alliance and Secure ID Coalition advocate best practices for use of technology to verify identity. Specifically, that an organization’s requirements for safety and security must be balanced against the genuine desire to protect the privacy of the individuals whose identities need to be verified. This requirement -- how to identify people unequivocally while also protecting their privacy -- must shape every discussion of how to design, build or implement a new, secure, identity management system.

In addition, the ID technology used must be one that can both facilitate and reinforce the system’s privacy and security design and goals. Many ID or badging systems currently rely on technologies such as magnetic stripes or bar codes. Such technologies are no longer appropriate, since it cannot meet the requirement to provide strong security while guarding privacy. IDs based on these technologies are tamper-prone, can easily be counterfeited and provide little or no protection for the information they carry. IDs that use the strong security features contained in smart card technology, like anti-tampering and protection against unauthorized access to personal information, can enhance privacy protection in a well-designed and properly implemented system.

Click here for original story.