Chapter 1: Security And Technology

Figure 4.1 Source: Antonio L. Rappa, “Notes on Modernity, 1999”

Security technology has gone through multiple phases of development. “Technology can be defined as the activity by which people give form to nature for human ends by means of tools.” (Schuurman, 1980) By phases we mean overlapping kinds of technologies that emerge to solve problems in some areas while inventing new efficiencies in other areas. One example is prison technologies where there are reinventions of lock-ups and cells on the one hand, while on the other hand internal surveillance technology and movement monitoring devices have also changed significantly. These changes in turn continue to impact prison systems that have had an impact on the manner through which security technology has impacted security within prison systems.

While newer forms have replaced some of the earlier forms of security technology, not all of them have. In other words, some earlier forms of security technology are still retained for use, albeit in a modified manner or for specific purposes only. Understanding the role that technology places in the larger security architecture and in modernity presents the challenge that scholars and practitioners alike strive to undertake. Central to discussions in this Study Unit is the work of French scholar Michel Foucault who “sought to denounce the pernicious effects of what he called modern ‘technologies of power,’ but also deliberately evoked the more positive values associated with ‘technology’.” (Behrent, 2013) It is this complexity that modernity is compelled to embrace with speed.

1.1 First Generation Security Technology

The first generation of security technology for a campus, building, office, or physical space uses crime prevention through environmental design to deter threats. Some of the most common examples are also the most basic - barbed wire, warning signs and fencing, concrete bollards, metal barriers, vehicle height-restrictors, site lighting and trenches.

Source: “First Generation Technology” Antonio L Rappa, 2008

Over time, the instinctive security and adaptive nature of human societies helped map a second generation of security technology for the built-environment. Note that technology is not about a computer, plasma TV, iPod, AppleTV alone or iPhone5 alone. Technology is about controlling the environment in which humans live to make life more efficient, pleasurable or less stressful.

Examples of first generation food security would include such basic measures seen in early forms of food preservation using salt, vinegar, hot lava rocks, or food kept fresh in cold water streams. This is closely tied with the environment as well as health.

Early humans had higher tolerance for higher levels of bacteria. People in modernity have had their levels of tolerance shift from high to low. Indeed, increasing amount of allergens in the environment is itself a security hazard.

These food/health/energy security issues were often learnt from interacting with the existing environment.

Activity 4.1

Reflect

Identify challenges in food safety and security. How have these challenges been mitigated by the use of technology?

1.2 Second Generation Security Technology

Remember that technology is about controlling the environment in which humans live to make life more efficient, pleasurable or less stressful. It is also about making the human environment more humane and less animal-like.

The second generation of security technology is mechanical and includes gates, doors, and locks. Key control of the locks becomes a problem with large user populations and any user turnover. Keys quickly become unmanageable forcing the adoption of electronic access control. Electronic access control easily manages large user populations, controlling for user lifecycles times, dates, and individual access points. For example, a user's access rights could allow access from 0700 to 1900 Monday through Friday and expires in 90 days. Another form of access control (procedural) includes the use of policies, processes and procedures to manage the ingress into the restricted area. An example of this is the deployment of security personnel conducting checks for authorised entry at predetermined points of entry. This form of access control is usually supplemented by the earlier forms of access control (i.e. mechanical and electronic access control), or simple devices such as physical passes.

Figure 4.2 Source: Antonio L. Rappa Photography, 2011

1.3 Third Generation Security Technology

Remember that technology is about controlling the environment in which humans live to make life more efficient, pleasurable or less stressful. It is also about making the human environment more humane and less animal-like. It is also about making redundant technologies work in tandem with new technologies. It is not about merely shifting from one technological paradigm to another. There is as such always a technological overlap.

The third generation of security technology is intrusion detection systems or alarms. Intrusion detection monitors for attacks. It is less a preventive measure and more a response measure, although some security specialists would argue that it is a deterrent. Intrusion detection has a high incidence of false alarms. In many jurisdictions, law enforcement will not respond to alarms from intrusion detection systems.

1.4 Fourth Generation Security Technology

The fourth generation of security technology is video monitoring systems. Security cameras can be a deterrent in many cases, but their real power comes from incident verification and historical analysis. For example, if alarms are being generated and there is a camera in place, the camera could be viewed to verify the alarms. In instances when an attack has already occurred and a camera is in place at the point of attack, the recorded video can be reviewed. Although the term closed-circuit television (CCTV) is common, it is quickly becoming outdated as more video systems lose the closed circuit for signal transmission and are instead transmitting on computer networks. Advances in information technology are transforming video monitoring into video analysis. For instance, once an image is digitised, it can become data that sophisticated algorithms can act upon. As the speed and accuracy of automated analysis increase, the video system could move from a monitoring system to an intrusion detection system or access control system. It is not a stretch to imagine a video camera inputting data to a processor that outputs to a door lock. Instead of using some kind of key, whether mechanical or electrical, a person's visage is the key. FST21, an Israeli company that entered the US market, markets intelligent buildings that do just that. When actual design and implementation are considered, there are numerous types of security cameras that can be used for many different applications. One must analyse their needs and choose accordingly.

1.5 Fifth Generation Security Technology

Remember that technology is about controlling the environment in which humans live to make life more efficient, pleasurable or less stressful. It is also about making the human environment more humane and less animal-like. It is also about making redundant technologies work in tandem with new technologies. It is not about merely shifting from one technological paradigm to another. There is always a technological overlap.

In recent times, new developments in information and communications technology have widened the scope of physical security apparatus. Fire alarm systems, for example, are increasingly becoming based on Internet Protocol, thus leading to them being accessible via local and wide area networks within organisations. Emergency notification is now a new standard in many industries, as well as physical security information management (PSIM). A PSIM application integrates all physical security systems in a facility, and provides a single and comprehensive means of managing all of these resources. It consequently saves on time and cost in the effectual management of physical security. A PSIM system is used to tie various security systems together through a single interface for total security control. The single operating platform helps to consolidate and integrate existing systems on a unified platform. This in turn helps to simplify employee training. Time saved through training and response highlights the time and effort saved when conventional disparate systems attempt to be integrated through less technologically sophisticated means employed. Instead of learning how to use each and every security system in a complex, employees now need only learn one—the PSIM platform. It is since seen as a method of increasing productivity and performance. This interoperability needs to be continually enhanced with sophisticated automation and AI. (Xie, 2018)

Figure 4.3 PSIM Best PracticesSource: My Tech Decisions

Hyper connectivity and smart systems will require the dynamic sharing of real-time threat intelligence across network systems and then coordinate resources to stop large-scale attacks. Anticipating and responding to threats before they can impact our network of networks, including critical infrastructure, will let us successfully defend ourselves against the next generation of cyber threats targeting our digitised society. (Xie, 2018)

With the presence of hyper connectivity is the presence of dominating challenges. Bring Your Own Device (BYOD), otherwise also known as Bring Your Own Technology (BYOT), Bring Your Own Phone (BYOP) and Bring Your Own PC (BYOPC) initiatives have unyieldingly added to the complexity of the cyber security landscape. While all of them have evolved to empower workforces through the so-called 'consumerisation of IT', the nightmare of BYOD is giving rise to a new generation of intelligent, highly scalable security products and platforms. (Kleyman, Information Week, 2013)

In a Cisco Enterprise Mobility Landscape Survey in 2015, it was noted that BYOD helps in several key areas, namely (a) Provide more work options, (b) Give employees the flexibility to work where and when they want, (c) Reduce your employees' risk of introducing malware or losing sensitive data, (d) Streamline operations, (e) Decrease company expenditures, (f) Alleviate work delays, and lower operating costs and finally, (g) Help staff get more done while Improve collaboration and productivity with greater speed and efficiency. (Cisco, 2018)

On the other hand, for lost or stolen devices, if devices with company data are lost, stolen or misplaced, this could enable unwanted third-party individuals to gain access to your business’s valuable information. This is especially true if devices aren’t secured with passwords or passcodes. While this is true regardless of whether the devices belong to the individual or that of the company, the challenge is perhaps more pronounced when individuals leave the company. If an employee leaves the company abruptly, one may not have time to wipe devices clean of company passwords and information especially if they belong to the employee. This will allow former employees to gain unauthorised access to systems after they’re gone.

Broadly, the lack of firewall or anti-virus software updates done, although efforts are made to widely encourage to regularly update firewall and anti-virus software when utilising their own devices in the workplace, can create weak networks and holes in systems.

The accessing of unsecured Wi-Fi by employees who will mostly be utilising their devices outside of the workplace, will have them run the chance that they’ll access unsecured Wi-Fi connections at airports, coffee shops, stores, or even their own home. Unsecured networks can provide hackers with easy access to your company’s systems or networks.

Activity 4.2

Reflect

Critical Infrastructure Protection is at the heart of food/health/energy security. Explore the challenges and measures that have been put in place to protect these critical infrastructures that impact security.