Subscribe to Monitor This! RSS Feed

Monitor This!

by: Rich Miller - Wednesday, September 19, 2012

Is your cloud provider secure?

That question, the basis of a TechSec forum in February, came to mind again this week with the release of Alert Logic’s “State of Cloud Security Report—Fall 2012.” The company, a provider of security solutions for the cloud, issued the report after analyzing more than 70,000 security incidents among 1,600 business customers.

Among the key conclusions was that “on-premise IT infrastructure is more likely to be attacked, more often, and through a broader spectrum of attack vendors than cloud-based infrastructures.” The report also cited a higher incidence of “brute force attacks and reconnaissance attacks” in on-premise environments.

The findings echo one of the points made at TechSec: While many security companies don’t trust their data in the cloud, having it on-site doesn’t guarantee it’s going to be safe.

“[Cloud] security is far greater than open data systems,” said TechSec panelist Brian McIlravey, co-CEO of PPM 2000, a manufacturer of incident reporting and investigation management software. “The enterprise-class cloud is very secure. Third parties that hold data take it very seriously—we don’t want it accessed any more than you do.”

McIlravey stressed due diligence when selecting and moving data to a cloud provider, including asking for certification and knowing what is covered in the service-level agreement. He said the same scrutiny should occur internally in the company that is moving data off-site.

“The cloud provider must have certification, but you should be asking the same questions of your IT group,” McIlravey said, referring to data access, encryption and other safeguards.

Due diligence aside, skepticism could well linger in the security industry because of the “myth” that the cloud isn’t as secure as on-site environments, said Stephen Coty, research director at Alert Logic.

“[It] is a stereotype that has prevented the industry from focusing on the real issues impacting enterprise security,” he said in a news release announcing the fall 2012 report. “Rather than falling victim to perception-based beliefs, businesses should leverage factual data to evaluate their vulnerabilities and better plan their security posture.”

by: Rich Miller - Wednesday, September 12, 2012

You don’t have to look very hard to find an alarm company that isn’t keeping pace with technology. It can be difficult to stay on top of the latest and greatest, and some people are reluctant—or even defiant—when it comes to saying goodbye to the tried and true in favor of the Next Big Thing.

That attitude often spills over to the world of social media. Facebook? Twitter? “Friends” and Tweets fly just fine for the junior set, but we’re adults here. Besides, who has that kind of time to throw around?

Maybe your competition.

Social media is rapidly becoming a must-have business tool, and companies that aren’t wielding it effectively risk selling themselves short in an increasingly aggressive marketplace. Exposure and name recognition can translate into accounts no matter where you’re based or how big you are.

That fact hasn’t been lost on the Central Station Alarm Association, which will host a webinar Nov. 7 on social media strategies and how they can affect your business. Teresa Brewer of System Sensor and Michael Kremer of Intertek/ETL will discuss how to use social media to acquire customers or get referrals, boost attendance at company-sponsored events, and increase inquiries via your website or over the phone.

For those who have a success story to pass along, email Brewer at Teresa.brewer@systemsensor.com or Kremer at Michael.kremer@intertek.com. Registration information for the webinar will be available soon on the CSAA’s website.

Welcome aboard: In other CSAA news, the group’s international board of directors has approved Jay Hauhn as first vice president of the Executive Committee and Peter Lowitt as secretary. Hauhn is CTO of Tyco Integrated Security; Lowitt is president of Hicksville, N.Y.-based Lowitt Alarms & Security.

“The CSAA Nominating Committee did an exceptional job in vetting these outstanding candidates, and the unanimous vote of the board of directors reflects the complete confidence of the board in both of these exceptional gentlemen,” CSAA Executive Vice President Steve Doyle said in a prepared statement.

Topic:
by: Rich Miller - Wednesday, September 5, 2012

The headline on the news release is an attention-grabber: “PhantomLink technology pushes alarm monitoring to the cloud, threatens industry.” If that isn’t clear enough, the subhead rephrases it: “Cloud-based technology set to undermine traditional alarm monitoring industry.”

The PR piece from Phantom Data Services proceeds to trumpet the company’s new PhantomLink project, which encourages homeowners to monitor their own security systems for no charge via the Web. The project “leverages existing equipment, requires only a simple retrofit, and is offered for free with no recurring costs.”

“Nearly 80 percent of households in the U.S. have Internet access,” states Adam Peters, founder of PhantomLink.com. “So why are people still paying their hard-earned money to a central station to monitor their alarm? Just connect it to the Internet and monitor it yourself!”

The news release describes PhantomLink as a small, easy-to-install, build-it-yourself device that links an existing security system to the user’s wireless Internet connection. If the device senses an alarm, company servers alert the user with an email or a text message. Circuit schematics, interface specifications and instructions for using the “self-monitored security system solution” are available for free on PhantomLink’s Web page.

“Do-it-yourself alarm installers and electronics hobbyists are encouraged to participate in this project to develop and expand the capabilities of this technology,” the company states.

Visitors to the PhantomLink website will find all of the information mentioned in the news release, but little about the company promoting the device. Phantom Data Services is described only as “a New Mexico limited liability company specializing in website development and data-processing products and services.”

So is this the new age of monitoring? Is it time to mothball the central station and say goodbye to RMR? Will homeowners tired of “simply paying for piece of mind,” as the news release states, now opt for self-service?

Grammatical glitches aside, peace of mind is what many alarm customers are seeking. Millions have shown the willingness to pay a professional for it, even in a down economy. Do-it-yourself security will obviously appeal to some, but free doesn’t mean free of responsibility.

This also isn’t the first time the alarm industry has been down this path, said Morgan Hertel, vice president of operations for Rapid Response.

“This kind of stuff has been around for years,” Hertel told Security Systems News. “In the ’70s, it was tape dialers calling neighbors, work numbers and sometimes police departments. In the ’80s, we moved to pagers—you could get paged on alarms. Now we have email, SMS and IVR.”

While there is always something new coming down the pike, the bottom line remains the same for alarm companies: provide professional service at a competitive price and chances are you’ll stay in business. PhantomLink and other do-it-yourself offerings are unlikely to change that.

“The professional monitoring and installation companies are still here doing their thing,” Hertel said. “What most [customers] come to realize is that the cost of a monitored security system is so affordable these days, and is packed with so many features, that most people who take security seriously don’t ever consider [a DIY] solution.”
 

Topic:
by: Rich Miller - Wednesday, August 29, 2012

A Long Island, N.Y., city frustrated by unpaid false-alarm fines is taking a familiar corporate path to change its fortunes: It’s outsourcing the collection work.

Long Beach Police Commissioner Michael Tangney told CBS News that the city of 35,000 is the first on Long Island to hire an outside company to go door-to-door collecting the fines.

“I’m proud that we are innovative and the first ones doing this,” Tangney said. “And I think many municipalities will follow suit.”

The City Council on Aug. 7 voted to hire Texas-based PMAM Corp. to collect the fines, which start at $100 and rise to $700 for chronic offenders. The company will receive 24 percent of all revenues collected.

While the work went to a firm with stateside headquarters instead of one based in Mumbai, many city residents have voiced their displeasure about the outsourcing and have questioned why the city can’t do the job itself.

“I think it shows how desperate the community is for collecting revenue, and turning it over to a collection agency is a little ridiculous,” business owner Steve Felix told CBS.

City Manager Jack Schnirman defended the move, saying the city doesn’t have the resources to collect the money.

“Like many other municipalities across the nation, this is the form we’re choosing to move forward and go out and collect the fines,” he told the Long Beach Patch, adding that outsourcing is “a lot more cost-effective.”

Apparently lost in the discussion is what could be done to reduce the 1,100 false alarms that city police respond to annually, which would mitigate the fines and the need for the collection work.

Maybe a SIAC session is in order.
 

by: Rich Miller - Wednesday, August 22, 2012

Make it five for COPS.

The wholesale monitoring company, headquartered in Williamstown, N.J., has opened its fifth central station, an 8,000-square-foot facility in Lewisville, Texas. The new center will share live alarm traffic with the company’s centrals in New Jersey, Florida, Arizona and Tennessee.  

Four-year COPS veteran Derek Kopko will manage the new facility, which has 26 employees. Kopko relocated to Texas from COPS’ headquarters in December 2011 and has been hiring and training new dispatchers for the past seven months, the company said in a prepared statement.

Gene Reed, an industry veteran and COPS’ newest account executive, will oversee sales in the region.

David Smith, director of marketing and communications for COPS, told Security Systems News that adding central stations benefits the company in two key ways.

“First, because all five of our central stations are hot-redundant and actively share the signal load of the entire company, each central station we bring online reduces the probability that adverse local conditions [such as weather] will affect our response times,” he said. “Second, we believe that each geographical region presents its own benefits and challenges to alarm dealers. By operating central stations and having employees in these different regions, we have the opportunity to become more involved with our dealers and better understand how we can support them and help grow their business.”

Smith said the commitment to redundancy proved its worth last August during Hurricane Irene.

“When (Irene) went up the East Coast and actually hit our New Jersey headquarters, it only added about a second to our response time because we were able to overstaff all our other central stations,” he said. “The more we do that, the more that we diversify our staff, the more stable and dependable our fast response times become.”

by: Rich Miller - Wednesday, August 15, 2012

While AT&T has finally set a date and ended the discussion over when it will push 2G into the sunset, the points of contention grow sharper over 3G versus 4G and the merits of each for cellular alarm communication.

Boiling down the argument to its simplest terms, this much is clear: Technology touted as 4G is faster and more expensive. But is that extra speed worth the money, and more importantly for alarm dealers, will it contribute to longevity in the field? And what is “real” 4G anyway?

On Monday, I talked with two industry experts who couldn’t be further apart on the issue: Gordon Hope, general manager of AlarmNet at Honeywell, and Shawn Welsh, vice president of marketing and business development for Telguard. Both made what seemed to be valid arguments, although I confess I’m not qualified to comment on the technical merits of each. What I can do is define HSPA (High Speed Packet Access), HSPA+ (evolved HSPA), and LTE (Long Term Evolution), and offer a bit of what each man had to say:

Hope: “I don’t know whether it’s accidental or intentional, but it seems like our industry is mixing 3G and 4G together in one sentence. In reality, there’s clearly a difference—the carriers delineate it. HSPA+ and LTE from AT&T’s perspective are legitimate 4G technologies, and everything else isn’t.”

Welsh: “At a recent webinar, AT&T and Qualcomm both basically reiterated this statement: 4G is the same as 3G, it just costs more. To get down to the letter version of that, HSPA+ is the same thing as HSPA as it relates to longevity, it’s just that HSPA+ costs more.”

Hope: “We believe the best thing to do is to move up and provide a 4G radio, not stopping at 3G. HSPA+ is a 4G technology … it’s just plain faster. In AT&T’s announcement [about 2G], they even made statements that a third of their postpaid subscriber base is already using 4G technology, not 3G. That speaks to the fact that if you’re not thinking about 4G, you’re probably going to leave yourself shortchanged if you stopped at 3G network capability in the radio module you chose. We went through the additional expense to include HSPA+ 4G technology in our radio. We believe it’s going to directly translate into longevity on the wall.”

Welsh: “There’s a thought that 4G is somehow better than 3G and that somehow it will be around longer, because certainly each generation will be around longer than the previous generation. In this case it’s a misnomer, because 4G as it relates to HSPA+ is really a marketing trick, unfortunately. … What happened was that AT&T and Verizon both went out and bought up spectrum in order to deploy real 4G called LTE. And 4G LTE got a certain level of throughput—it was really fast. Well, T-Mobile did not get spectrum, so they were stuck having to advertise 3G when their major competitors were going to start advertising true 4G LTE. So they simply did what a marketing organization might do. They just said, ‘Hey, you know what? This new 3G HSPA+ is so fast it goes just as fast as that LTE they’re going to deploy, so you know what we’re going to do? Let’s just call ourselves 4G. All that really matters is the speed anyway.’ So overnight they rebranded themselves as 4G in order to compete with the marketing term of 4G LTE. And literally that’s what happened. AT&T was forced to start calling their HSPA+ network— which was really just a 3G network—a 4G network in order to compete with the marketing spin T-Mobile was putting on things. And that’s how we got 4G as it relates to HSPA+.”

Hope went on to say that while speed traditionally hasn’t been important to the alarm industry, it will play a bigger role in attracting future generations of consumers who will be loading their tablets and smartphones with security applications and a whole lot more. Welsh reiterated that longevity will remain the top priority for alarm dealers, and “from a cost standpoint, HSPA+ is a more expensive solution for the exact same longevity.”

For the record, the International Telecommunication Union states on its website that the only “true 4G technologies” are LTE Advanced and WirelessMAN Advanced, neither of which has been deployed on a large scale. The ITU goes on to say, however, that the term 4G may also be applied “to the forerunners of these technologies, LTE and WiMax, and to other evolved 3G technologies providing a substantial level of improvement in performance and capabilities with respect to the initial third-generation systems now deployed.”

That sounds like a gray area open to commercial and consumer interpretation, but there's no arguing this point: Alarm dealers with radios on AT&T’s 2G networks will have to upgrade by 2017 or they’ll be left in the dark. The fadeout due to spectrum harvesting will accelerate before then, so sooner is probably better than later. Then it's just a question of sorting out the Gs.

Topic:
by: Rich Miller - Wednesday, August 8, 2012

On one hand, it’s hard not to see the appeal of Lowe’s new Iris home management system. It’s do-it-yourself for those with the dexterity to install a thermostat, it’s cloud-based so homeowners can control and check on their properties remotely, and it’s inexpensive: starter kits range from $179 to $299, and there are no monthly fees for those who choose to do their own alarm monitoring.

On the other hand, how many homeowners are really prepared to be their own central station?

Sarah-Frances Wallace, a Lowe’s spokeswoman, recently touted the self-monitoring aspect of Iris in an interview with SSN's Tess Nacelewicz. Wallace said homeowners “can respond appropriately” when they receive a security alert, using an Iris camera to see “if there’s an intruder in your home that would require police response … or if it’s the dog knocking something over.”

Wallace said DIY monitoring helps avoid the problem of false alarms, for which many municipalities now charge homeowners a penalty. “This kind of gives the homeowner more control over triggered alarm events in the home,” she said.

But what happens when the homeowner decides the alarm is legit, they call 911, police respond and they find nothing amiss? What happens when the scenario gets played out three or four times in a month at the same residence? Do you think the municipality is going to continue to absorb the cost of dispatching officers and cruisers?

Ask any alarm company owner and I think you'll get a consistent response to that. Municipal budgets are tight and they're only going to get tighter. Just because a professional wasn't involved in the installation and monitoring of a system doesn't mean local officials are suddenly going to forgive and forget when it comes to false alarms.

For homeowners who want a little help when it comes to dealing with alerts from their Iris system, Lowe's offers a self-monitoring service for $9.99 a month. "You can set it up so if there's a triggered event in your home, it would email [or text or call] your neighbor … [or a] small network of people you'd want to receive notification of events," Wallace told SSN.

The service is ideal "if you're on vacation and you receive a notification that there is an event in your home," she said. "You could contact your neighbor—because they've also received [the notification]—and they could look into it for you."In a perfect world, it all ends well. If a pet triggered the alarm and the neighbor happens to be around to make that determination, everyone sleeps easy that night. But what if it wasn't Fido who did the deed and it's an intruder instead? What happens when the neighbor walks headlong into that situation?

Hello, Ken Kirschenbaum.

The point is, there are times when it pays to do things yourself and times when it pays to let professionals handle it. Again, it's hard to dispute the appeal of Lowe's Iris system for many people and for many applications. But should home security be one of them? Let the buyer beware.

Topic:
by: Rich Miller - Tuesday, July 31, 2012

If nothing else, last week's blog on the 2G sunset served to toss another log on the fire in the debate over how long the technology will last in the face of frequency harvesting by carriers. Among the responses I received was an argument that 2G will remain viable in part due to CDMA-based equipment, which could stick around a lot longer than its GPRS and GMS cousins.

"I was reading your 2G sunset blog this morning and wanted to point out that many cellular alarm solution providers support T-Mobile USA or other 2G carriers along with AT&T Wireless coverage," said the reader, who said I could pass along his remarks on condition of anonymity. "AT&T is the carrier making the most noise about phasing out 2G GPRS, but T-Mobile has no current plans to sunset. Also, CDMA-based carriers like Verizon and Sprint still have a long planned life for 2G CDMA."

The reader agreed that the issue is critical for the industry, saying the majority of cellular alarm systems currently deployed utilize 2G GPRS on AT&T. But he took issue with the terminology being used and urged others to do the same.

"While AT&T-based cellular alarm providers certainly have the largest marketing presence, please be careful referring to the AT&T GPRS sunset as a '2G sunset,' because many 2G alarm solutions will stay viable for a long time," he said.

Another reader, Steve Wallace, called attention to the fact that just because no carrier has announced a date for the sunset, it doesn't mean it's not going to happen. He said the process has already begun and commented that companies not paying heed "may be looking at this wrong."

"For quite a while some carriers, such as AT&T, have stopped certifying new 2G devices," Wallace said. "Carriers have begun to re-purpose [refarm] the 2G spectrum into LTE offerings. 2G equipment is retiring and is being replaced for 4G. 3G expansion has virtually ceased."

The reality for alarm companies is that signal strength will decline for a lot of equipment in the field as these changes take hold.

"Alarm systems with 2G radios could become more problematic long before 'sunset' is announced," he said.

Like I mentioned last week, a sunset date by AT&T would likely knock a lot of people off the fence if they've been considering a move to 3G/4G. All is quiet at the moment, but it would be shortsighted to think it’s going to stay that way. Alarm companies would be wise to plan accordingly and keep a sharp eye on the horizon.

by: Rich Miller - Wednesday, July 25, 2012

Still looking for clarity about the “2G sunset” and whether you’ll be left holding the bag if you don’t upgrade your cellular alarm communicators to 3G (or even 4G) right now?   

You’re not alone. The buzz continued last month at ESX, with manufacturers jockeying to try to sway alarm dealers. Telguard, the company sounding the loudest warning about the sunset, went one step further by announcing a program that gives dealers up to $25 for every 2G cell communicator they replace with a Telguard 3G/4G product. The company does not sell 2G.

“We estimate the industry has 3 million 2G radios that will have to be replaced in the next five years,” said Shawn Welsh, vice president of marketing and business development for Telguard.

Unlike AMPS, the date for the 2G sunset will not be determined by the FCC; it will determined by cellular carriers based on capacity constraints and customer demand for 3G. Carriers have already begun reallocating frequency spectrum to accommodate 3G, Welsh said, cutting into the effectiveness of 2G equipment.

But not everyone believes the sky is falling when it comes to 2G, at least not in the next few years. Among those taking a different approach is Mike Boyle, general manager of Uplink. The company is continuing to offer 2G lines while rolling out 4G at the same time.

“People are still buying a lot of 2G products,” he said. “We think we may continue to sell 2G beyond the third quarter of this year. Everything we see in the network says it will be around.”

Uplink backs its business plan with the following assertions on its website:

—2G is a proven technology with falling price points as manufacturing costs decrease.
—No carrier has announced a sunset date for its 2G network.
—Uplink’s communicators operate with multiple carriers and will continue to provide nationwide coverage late into the decade or longer.

The company also offers a lifetime guarantee to replace its 2G products with 4G if the 2G units fail to operate due to a carrier technology change. Boyle said the approach covers all bases by recognizing the realities of the marketplace.

“Requests for 4G are minimal,” he said. “When a guy asks for 4G, we ship 4G. But our business is still 98 percent 2G.”

An industry source who spoke to Security Systems News on condition of anonymity said a sunset announcement from AT&T would be made “in the next few months,” which could knock a lot of people off the fence if they’ve been considering a move to 3G/4G. But longevity is key for alarm dealers, and if they can hang onto their 2G gear for another year or two (or four), many probably will.

It’s the nature of the beast.

Topic:
by: Rich Miller - Wednesday, July 18, 2012

Rapid Response has won preliminary approval for a tax break that could pave the way for an $11.3 million expansion on its home turf in Syracuse, according to a report Tuesday in The Post-Standard.

The project, which would add up to 200 jobs, would include the purchase and renovation of the 37,500-square-foot building that Rapid currently leases, according to the report. Rapid also plans to build a 20,000-square-foot facility nearby.

The “payment in lieu of taxes” deal, or PILOT, approved by the Syracuse Industrial Development Agency would save Rapid about $738,000 over 10 years. A sales tax exemption on construction materials is expected to save the company another $500,000, the report said.

The expansion is not a done deal, however. The tax plan still needs to be approved by the City Council, with a bigger potential hurdle at a higher level: acquiring financial help from the state.

Ben Walsh, the city’s deputy commissioner of neighborhood and business development, told The Post-Standard that the project is contingent on Rapid receiving assistance from Empire State Development, a state agency.

An application has been submitted to the Central New York Regional Economic Development Council, which recommends projects for state funding. ESD officials are expected to announce the list of projects that receive funds by late October.

A start date for the project, which the company says would take about two years to complete, has not been announced.

Topic:

Pages