Blue Collar Security and Access Systems for Industrial Manufacturing

Proprietary security departments at industrial and manufacturing enterprises were among the first to sprout up during the 1920s. Some say that, in additional to charcoal briquettes, Henry Ford invented industrial security – the “IS” in ASIS International – when he established his internal Psychological Department fearing in part that Black Hand American mafia members would kidnap his child, Edsel.

Black Hand tactics involved sending a letter to a victim threatening bodily harm, kidnapping, arson or murder. The letter demands a specified amount of money to be delivered to a specific place. Letters were often decorated with threatening symbols like a smoking gun, hangman’s noose, skull or knife dripping with blood or piercing a human heart, and were, in many instances, signed with a hand “held up in the universal gesture of warning.”

Ford would be shocked today as manufacturing threats have trended to complex industrial espionage and, more recently, ransomware, where hackers encrypt an organization’s computer programs and data attempting to extort money from their victims with promises of restoring encrypted data.

More often, typical physical security products, systems and services protect plants.

For instance, Joseph Marganski, security specialist at Donali Systems Integration Inc. helped Pfizer Pharmaceutical with unique door controls. Ironically, Henry Ford’s friend Thomas Edison was the father of Charles Edison, who founded Sag Harbor Industries in 1946, which added Dortronics, now a wholly owned subsidiary.

Mantrap Designs

Marganski says that Pfizer uses access cards that work with technology from S2 Security. Unique for Pfizer’s very secure areas, “We have used an air lock [sometimes called a mantrap] approach for two-door, three-door and even five-door and even five door setups,” says Marganski. Staff uses a badge to get into one door where there are LEDs to indicate throughput movement while other doors remain locked. Door interlock controllers are mounted above the entry door. “This provides extra security but also a means to pressure balance HVAC where appropriate.” Mantraps are installed in two environmentally sealed interlock enclosures and cover Pfizer areas centering on highly confidential research and testing.

The air lock design standardizes wiring and readers. The locks run off PoE (power over Internet) as well as network-based security cameras, also PoE.

Jay Collins, systems engineer with G4S Secure Integration, says the typical types of access control at industrial and manufacturing organizations are card access and video at the highest level as well as a way to control who has access to what devices. In addition, there is time and attendance, sometimes separate from door controls and at times included in union bargaining and turnstiles. Visitor management and data center environments are also tightly controlled.

Plant Manager Deeply Involved

As compared to other sectors, plant managers have a higher profile in security technology and placement decisions. Infrastructure – both physical and logical is sometimes a shared responsibility. And safety is also a top concern.

Take it to the bank; security technology continues to get more affordable, often when avoiding new on-the-market cutting edge gear.

Video door stations in conjunction with access control cards is sometimes designed into security for industrial and manufacturing facilities. Proximity cards are prevalent and biometrics – fingerprint and hand geometry – is used in certain areas.

People are already gaining acceptance on the consumer side so expect more use in industrial and manufacturing security. In the quest to secure a person’s identity in an increasingly connected digital world, biometrics is flourishing throughout the worldwide banking infrastructure. In many banking services markets, biometrics is successfully authenticating millions of users at the ATM while improving the user experience, increasing transaction security and delivering trust in transactions. Accelerated adoption of biometric authentication at the ATM and related banking solutions (such as securing government pension payments, teller transactions and the opening of new accounts) is in large measure because biometrics is the only authentication method that “binds” a user’s digital credentials to a person. As such, biometrics is playing an important role in eliminating digital identity theft in today’s increasingly complex and vulnerable environment.

One example of this approach is a HID’s Seos-based solutions, which create a device-independent, trusted physical identity verification process. Additionally, the physical devices themselves must be tamper resistant to ensure that all transaction integrity is preserved. Lumidigm fingerprint sensors and modules provide a good example of how to take this approach with a biometric authenticator.

And there is greater emphasis on mobility of access controls, as everyone has a mobile phone these days.

One example of a move to mobility: two new mobile apps from Galaxy Control Systems enhance the firm’s access control software solution. The DoorPoint app provides authorized security personnel with the ability to manage a facility’s doors to enhance security. Additionally, DoorPoint allows users to save certain doors and clusters for easy access and streamlined operation. In an emergency situation, the app also allows security personnel to activate and reset crisis modes, if necessary.

A second mobility example: Growing use of tablets. For instance, an access control tablet from SRI Identity fuses an access control reader, biometrics, keypad, intercom, camera and other capabilities enabling greater ease of use, security and personalization for physical and logical access control, workforce management, enterprise operations and emerging applications within the Internet of Things.

Is that Finger Alive?

Biometrics is an important tool when it comes to industrial and manufacturing security.

One effective liveness detection approach for fingerprint biometrics uses multispectral imaging technology, which virtually eliminates the possibility of counterfeit fingerprints being used for authentication.

The technology compares the complex optical characteristics of the material being presented against known characteristics of living skin. This capability, in addition to the collection of unique fingerprint characteristics from both the surface and subsurface of the finger, results in matching performance paired with the exceptional ability to detect whether the finger is alive or not. Key features:

Uses multiple sources and types of light along with advanced polarization techniques to capture information from the surface and subsurface of the finger – all the way down to capillary beds and other sub-dermal structures.
Built from advanced machine learning algorithms that can be updated in the field as new threats and spoofs are identified, enabling multispectral imaging sensors to very quickly respond and adapt to new vulnerabilities.

For strong and reliable user authentication, organizations should consider, where practical, multi-factor and even multi-modal authentication. For example, personal devices such as smartphones, wearables, RFID cards and other intelligent personal devices can all generally be used as factors of authentication.

Regardless of which additional authentication factor is presented by the user, when it is intelligently combined with the biometric data associated with the identity claim, it is possible to quickly determine a definitive “yes” or “no.”

Strong authentication by means of two or more factors (with one being a biometric) is fundamentally more secure than outdated username/password alternatives.

Security, Terrorism
and Unrest

Mike Payne of iJet urges industrial and manufacturing security professionals to have in hand intelligence-driven, integrated risk management solutions that can package threat intelligence, innovative technology and response services to help organizations avoid threats and mitigate risk. iJet boasts Travel Intelligence and Worldcue with 24/7/365 response hotline, 24/7 access to analysts, medical/security assistance and tailored security/intelligence assessments.

When asked why there still is uncertainty to develop a strategic view of risk and operational measures, Payne points to the magnitude of data. He encourages three actions:

Identify the risk;
Have the means to effectively address vulnerabilities; and
Reduce costs by reducing the probability and impact of risk.

“Assess your environment regularly. And focus on training, exercises and drills,” especially when executives travel abroad, he advises.

How Deep Learning Sensors are Transforming

Sensor technology is not new to building automation. Millions of plants and industrial buildings around the world today are equipped with sensor-based systems designed to conserve energy, performing simple tasks such as automatically turning the lights on and off when someone enters or leaves a room. These simple tasks are enabled via an array of passive infrared sensors, simple photocells and/or CO2 sensors to ensure robust coverage throughout the office building.

The Internet of Things (IoT) revolution introduces a new paradigm to industrial and manufacturing building automation that supports a decentralized architecture where a great deal of analytics processing can be done at the edge (the sensor unit) instead of the cloud or a central server. This computing approach, often called “edge computing” or “fog computing,” provides real-time intelligence and greater control agility while at the same time off-loading the heavy communications traffic.

New developments in computing technology provide cheap and energy-efficient embedded processors that are suited for such data processing. This affords the ability to process the sensor analytics inside the sensor unit itself. With this approach, the data that is sent over the network can be merely the final summary of the analysis, which is thinner in volume, and allows shorter response time. This capability sets the foundation for the next generation of rich data-driven smart sensors.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Blue Collar Security and Access Systems for Industrial Manufacturing