"Hello security office? Could you zoom in on camera 12 to catch the guitar solo?"

From Telegraph.co.uk

Giving credit where credit's due - this is a pretty innovative idea.
A Manchester band has used municipal CCTV systems to record their video.

They set up in front of 80 locations - to include mobile ones to get on film and than used the Freedom of Information Act to request the footage.

However, after watching the video I question the set-up of some of the camera angles and their usefulness, but than again it could be a pretty tight crop.

It's estimated that there are over 13 Million CCTV cameras in Britain, and there's no doubt they didn't get footage from every request. But they did get enough to produce the video below and I have to admit - pulled it together nicely.

Of course there is a huge problem here, but when the line between corporate and municipal use of systems becomes more and more a gray area - you can expect more of this kind of thing in the future.

*OFFICIAL* CCTV MUSIC VIDEO - The Get Out Clause - Paper

Guard Service Horror Story

Sam Pfeifle posted this little piece of news on his On the Editor's Desk today.

Basically, the University of British Columbia's Museum of Anthropology reported a heist that targeted pieces of native Canadian artist Bill Reid.

Cameras were in place - but went out (probably disabled) and no-one responded.
Alarms went off - but no-one responded.
The suspect(s?) even used gas masks and "bear spray" in case security responded..
but no-one responded.

The theft wasn't discovered until the shift change the next morning.

I agree with Sam that this sinks of inside involvement - but that's why you plan
overlapping processes and coverage.



Guard service is one of the most difficult aspects of security. There is no easy way to do it properly, which is why more often than not you come across deployments that are not set up to mitigate the likely risks to a site.

When it's done right - there's no substitute for a well trained, staffed and equipped guard force. When it's done wrong - it's more of a liability than anything else.

The lessons here?

• Plan your officer coverage out fully, overlap processes and systems and keep up with sustained training, supervision and enrichment.
• No matter what kind of systems you have in place. It all boils down to the human who's getting the notification something's wrong and the human's that respond.

Standards, Forums and Alliances

I'm not sure if I'm right about this, but it seems that the desire to develop "industry wide" standards through a forum of stakeholders is an aging concept. I'm an idealist, and an optimist but it just does not seem to be the way the world is going - especially in the high tech sector.
And like it or not, physical security is much more in the high tech sector than any other at this point.

I've seen that Axis, Bosch and Sony are working on a "Standards Forum" for IP based video details. Axis is the driving factor, and along with Sony represent the upper crust of the IP video (in camera) market. I applaud the effort, and I'm interested in seeing what they come up with but I'm not holding my breath.

In the same vein, there is a more broad viewed "Physical Security Interoperability Alliance" made up of; Adesta, ADT, Anixter, Axis, Cisco, CSC, DVTel, GE Security, Genetec, HID Global, IBM, IQinVision, Johnson Controls, March Networks, Milestone, Orsus, Panasonic, Sony, Texas Instruments, Pelco and Verint.
This looks like a "you're with us or against us" forum at first glance, or they are holding meetings in more desirable venues but I'm not close enough to the action to form much of an opinion other than the basic concept. But do a search for this alliance (in quotes) and you'll see how much buzz is around it (I found two sites).

One case-in-point for this is the smart card industry. How many formats and technologies do we have? This argument can go either way because there were groups formed to standardize the technology and there were also companies that blazed ahead following their own way. What we ended up with is a mess by most people's definition.

I know there are standards forums across high tech, not just for security. But I don't see any substantial impact from them. Change occurs when a new technology is released and that technology is the right fit (or is sold successfully). It's up to the company releasing the technology to gauge the impact that integration will have on it and vice-versa. It's a calculated risk, but maybe it's best if the company with the technology does a good job working with users and other manufacturers to make sure it's going to be a good fit with most systems. Most of the "big boys" do a good job of this already if they want their product to be part of the more intelligent integrator's convergence arsenal.

SpotCrime.com - Google Maps based crime mapper ties it all together

Very Nice --
SpotCrime.com's interface is slick, mouse-over information pop-ups work well and is very easy to use. My first impression is that it lags a little behind current crime reports but I have not looked into it enough to confirm that.

The bad:

• It looks like there wasn't any larceny informaiton updated for Durham in a month but that could just be a configuration issue that needs to be worked out.
• The calender drop-down interface was a little buggy.
• Not too fond of using a picture of a pistol as the graphic for assault. I think they should use the pistol for the shootings and have a picture of Naomi Campbell or someting for assault.
• Major cities only at this point

Hey, it's hard to pull data from police departments and put it into standardized and integratable form. It does look as if SpotCrime's beena able to do pretty well at it.

Bottom line is, I've just replaced all my crime mapping resources with this one site.

Found through: MakeUseOf.com

Related Posts (2)

UPDATE - I just received an email from Colin Drane at SpotCrime. They saw my Twitter Message and wanted me to know they are working on the Durham feed.
BIG THUMBS UP guys - That's what I call customer service.

Protect Your Field Agents and Auditors

"Maybe later tonight" turned into "definitely tonight" when I started thinking about this case.

Missing State Worker's Body Found in SC - WRAL

Between home health care, child protective services, state aid investigators and the other numerous fields where workers venture into the homes or offices of others -- lots of people are exposed to risk that should be addressed.

Granted, some organizations are more squared away than others when it comes to protecting their field workers, but from what I've seen the vast majority are not. The corporate agencies have a little more money and support behind field employees than state agencies so that's a factor, but this kind of thing can boil down to local management more often than not.

In this specific case, it looks like a state insurence examiner was performing an audit. The insurence agency owner (being audited) is charged - but the details are unclear. I've been looking into this kind of issue for the last few months for home health care workers, and so far - I've come up with these recommendations:

• Most mobile phone providers offer GPS phones and GPS tracking services. At a minimum, the workers should have GPS phones with tracking enabled. At a maximum some providers can even put apps on the phones for sending updates and even features that could be used to discretely send a "help me" message. The downside is that someone from your origination would need to be online, monitoring the service to keep tabs on everyone if you want real time response to problems.
• There should be strict rules for how workers keep the phones with them at all times, etc..
• For recurring services - coordination should be made with the law enforcement agency responsible for the district that the target house/office is in. This should be done at the lowest level (district captain). I know this seems like a bit much but if some coordination can be made at the front end it will pay off. Take the district captains out to lunch and go over what you do, and what the risks are. This could end up being a very basic introduction / interaction but it has a lot of potential. You dropping the squad a line when you've got field agents in their district could end up with officers keeping an eye on things if they are not handling other calls.Of course this may not be feasible in all agencies but you can hit the high risk districts based on risk / threat assessments.
• (Use risk and threat assessments to categorize basic types of calls)
• Train field agents in conflict deescalation, personal safety / security and any other applicable skills.
• Seems like a no-brainer - but make sure field agents have a method and process for checking in and out of visits. No contact after a set period of time could trigger a call to check on things. No answer could trigger response.
  
• Remember that it's not just the subject you're visiting that you should consider. Multiple family homes and all sorts of other situations bring unknown individuals into the picture.

There can be many more industry specific items, and I could be missing something, but what's listed above may be a good start. Many jobs put employees in this type of situation, but based on on statisitcs it's the female employees working alone that are at the most risk.

Fire Department using Twitter

I've got a few things to write about but no time. Maybe later tonight. However, I did come across the WiredPig blog and he's talking about Twitter for First Responders. Apparently, the LA Fire Department uses Twitter to communicate - pretty cool. This does not fit directly into what I'm working on with Twitter alerts and tips reporting but it is loosely connected. (Twitter for PS1 ), (Twitter for PS2 )

Twitter kick? A little, but I think there is a need and desire for some security aspects of the Twitter possibilities. I've got a few other topics in the works so we'll be back to other security matters very soon. (No - not another post about how Harrah's is partnering with Cisco for security technology - nothing against it but it's covered pretty extensively already).

If you're reading this blog through the website, that's cool but why not let the info come to you? And not just from my blog - just about any other source. If you're not familiar with RSS Feeds than I highly suggest you check into it.

You can read a quick overview here.

You can subscribe to my feed here.

"The air conditioner called the police?" - Intrusion Detection Through Infrastructure

Info found via Geeks are Sexy and New Scientist

Using air pressure to generate intrusion alarms is nothing new, but this is an interesting integration. Shwetak Patel at the Georgia Institute of Technology are working on HVAC applications and have discovered that sensors put on the building's central filter have the potential to accurately signal pressure changes in specific places of the building.

It's much more effective with closed rooms, and intruders opening and closing doors but pressure changes are seen regardless of door state changes and even if the HVAC system is on or off. The key use for this technology is usually to automatically control building automation systems but security may be another application. (One good side effect of the increase of security awareness is scientists considering security in their research)

Patel describes this method as an infrastructure mediated sensing approach rather than the usual distributed direct sensing approach. I believe the shift to using infrastructure to sense occupancy and movement is a trend worth keeping up with for many reasons. It's a tempting idea, especially since it would be much more cost effective in theory to place sensors on central filters than wire them up into every room. However - the stats I've seen are not nearly accurate enough to rely on for security intrusion, but the technique is very promising.

"After a lengthy training process, software could use the sensor data to identify which particular door was active in a 10-20 room house 75-80% of the time. It could also detect when a person walked through a particular door 60-75% of the time.

"When a door movement event occurs, the pressure differentials are slightly different at each of the sensors," says (Shwetak) Patel. Those small differences are used to calculate exactly where in the system the pressure shift originated."

The stats are reduced by 20% if the system is not running, so you can see that this is no-where ready for prime-time.

Two general notes here:

1. Sensing pressure changes on a central filter and pinpointing the location of the pressure changes is pretty amazing. Although this is not accurate enough yet to use as intrusion detection, maybe it can be a usable back-up on systems that should have a fall-back detection method that's not easy to identify and circumvent?

2. Reverse the motivation here and consider how useful that central point of control and monitoring is. It's no secret that HVAC systems can be one of the most useful methods of deploying chemical and biological agents, but I'm sure smart people with malitious intent can think of many other uses for that central filter location.

Twitter + Webcam = DIY Remote Intrusion Alerts

(Found via Lifehacker)

Not what I would consider a security solution, but definitively something to think about.
Shantanu Goel writes in his My Technophilic Musings blog about how he rigged up his webcam through linux code to a Twitter account.

File this away under things that can be done through the new wave of web-apps.
But as discussed before, and in the comments here, Twitter isn't exactly what you can consider a "secure" web based communication method. Shantanu's project is purely for personal use.

The more I come across Twitter based techniques, the more I think security organizations could and should host their own twitter-like services. Make them secure and use them for various communications and automated security options.

Link to blog post

More "Mainstream" Coverage of Security Video

I like seeing mainstream media reports of video analytics. Well - mainstream in a non-security industry way. Engadget is running a story on Chicago's new analytics system.

Video analytics systems are undoubtedly one of the most significant advancements to security in some time. At it's root, the systems are "smart" enough to sense specific activity and execute display commands (or other outputs) based on the activity, priority, time and other factors.

To some, that's the equivalent of computers being cops, and that brings up all sorts of interesting problems. However, all that's happening is that the system's algorithm programming is detecting behaivor based on indicators that usually mean specific human activity. If there were a market for it, the systems could alert the monitors every time someone picked their nose or scratched their ass.

One of the most overlooked factors that I see in all this is the huge amount of time and resources that's needed to set up this kind of system properly. But it's worth it. I mean, imagine every possible activity that can be sensed by the system- plot them out by importance, location, time and frequency and than program the system to alert in a way that depends on all the factors. That's huge, but at the end of the day:

"There's no way that human beings can effectively watch all those feeds, so enter video analytics. By programming algorithms, you give the camera intelligence. " (boingboing.net )

Looking at Twitter for Physical Security Pt. 2

This is an expansion of the second point listed in the last post.
Basically, I'm starting my little project to distribute local crime and safety alerts through social media mediums.

The goal is to provide a service where it's possible to use social media applications or sub-apps to:
a. receive real-time crime and safety alerts pertinent to your area or area of interest
b. interact with the administrator of the service - now it's me but it could be a department or company
c. possibly interact with other users of the service (?)

For the moment I'm going to focus on Twitter, and from there Facebook.
It's easy enough to post information to an account, and RTPPhySec is set up and ready to go.

I'm thinking now about how to get the alerts themselves, and if the posting to the Twitter account should be automatic
or manual.

For now at least I think it will have to be manual because there is really no reliable format I can find from local police, news or corporate sources that I could just feed into the account. If I could get the news sources to preference their alerts with "Crime Alert" than I could just filter them out of their RSS feeds. Or better yet - the best thing would be to get them to create specific feeds for crime alerts.

From what I've seen though - a lot of police departments have a hard time keeping that kind of thing to strictly alerts, and I doubt subscribers to the service want to be alerted to a police department's spring engraving picnic.

This would just be one aspect of using Twitter for physical security.
Although it's not the focus of this initial project, if subscribers could be broken down into "alert groups" than that group could be used by other members in emergency situations to communicate with subscribers nearby.

If anyone has any ideas, suggestions or issues let me know! Feel free to email if you'd rather not leave a comment.

Looking at Twitter for Physical Security Pt. 1

What's Twitter? Good question. Here is a great article that explains it all (from iAdam.org) but basically,

Twitter is a service that friends, family, and co–workers can use to communicate and stay connected through the exchange of quick, frequent answers to one simple question: “What are you doing?”

While blogs post fairly lengthy articles on all types of topics, Twitter posts are conveniently limited in size to just 140 characters, which happens to be the maximum number of characters allowed in an SMS text message sent to a cell phone. This cap on posting size forces users to be brief and concise in what they’re posting and makes it far easier for those reading the posts to quickly scan posts for relevance and interest.

What does this have to do with Security?

Lots.

Although it may not be the most reliable medium now - it's sure to become a staple of the communication landscape in the future. And as we all know, communication is one of the key factors in any kind of security.

Example?

(Emergency Communications)

Recently a professor who was visiting the University of Richmond experienced a lockdown (possible gunman on campus) and wrote in his blog about how Twitter impacted the situation.

during this time (a UR librarian and tech guru) had been escorted from the other lab across the hall to go to the library to get an image of the suspicious gunman from the libraries security camera. I knew this all because of Andy posted the details to Twitter along with the image.

Those of us on Twitter brought this to the attention of the room, which made for some marveling at Twitter, as well as a sense of security that we are well-armed with information about the situation. In fact, not too long after this many in the room signed-up for Twitter and were monitoring the situation there.

Sure, you can sign everyone in your organization up for group text messaging with mobile phones, but would they turn to it the one time they need it instead of a service they are already using daily like Twitter? Plus - can you stream a feed of all text messages with a specific word? (no)

People use twitter in many ways, and even though everyone may not use it when they are mobile - they know how and have the option to do so if they feel like it. If a large percentage of your people are using Twitter regularly - they have their own on-demand communication infrastructure that let's them communicate as a group although they are not all in one place. And since they are not all in one place they can relay information they are getting from their separate locations.

Another great use for Twitter is to make a "corporate" ID that people can "follow" (subscribe to it's posts) and get the information you want them to when it counts. AND - they have a way to communicate to you directly through Twitter.

(Sustained Use)
Take that concept of using a corporate Twitter account - and use it to distribute pertinent information on a daily basis. Parking garage companies have accounts where they post daily status messages for people who park in their garages - networks of commuters "twit" traffic updates and share real time driving conditions as they drive back and forth to work. I have an RTPPhySec twitter account, and right now just twit links to new blog posts but when I get it set up - I'll be twitting security related news alerts for local people.

I could see how a security department can have a Twitter account and keep the interface up and running in their communications center. Employees, students, etc could "follow" (subscribe) to the "YourDeptSECURITY" account and get alerts, updates, tips and have a way to communicate - ask questions - have discussions with your department in a way that the other subscribers can follow along with. Plus - if the shit hits the fan you'll have a ready-made emergency communication method already running.

I don't suggest just jumping in. Your company probably already has a good number of employees already using Twitter and they could help you figure out the best way to move forward. There is a lot more to it than I can include here, but this is something to think about and look into.
This is just the tip of the iceberg. I'm pulling together some ideas and concepts for Twitter that can hopefully, help bridge some gaps and further relationships between security / police departments and the people who rely on them for protection. Stay tuned for Part 2.

Physical Data Security - 2 Birds With One Stone

I'm glad to see that a recent trend is to look just as closely at physical security at data security. It may be a no-brainer to most but I hate to see data centers wide open, laptops sitting all alone, and workstations up and running in an empty office.

A good way to look at this is to understand that by securing physical equipment, you are not only protecting against data theft but equipment theft as well. Believe it or not, a huge amount of critical data is lost through equipment theft. The thief could care less about what's on the computer - they just want the system itself. So - by taking physical security seriously, you're killing two birds with one stone.

Laptop protection:
Lifehacker is running a post now based on a PC World story on laptop theft. Some of the key points I'm always reminding people of are:

1. Go ahead and install something like TrueCrypt to easily mount and dismount a volume to store sensitive data.
2. Laptop bags are to thieves like honey is to a bear. They can smell one a mile away. Keep yours with you or locked up all the times (i.e. put the damn thing in your trunk when you're at lunch instead of on your front seat).
3. If you're using a shared workspace in a library or similar setting - be the geek that uses a physical locking cable. They work. They may be easy to cut but keep in mind that you're only using it in public areas that it would be much more obvious for a thief to cut a cable than grab your computer.
4. Consider some kind of lo-jack type software that will let you find it if it's connected to a network.

Data Centers:
I'm working on a few data centers now. If the resources put into HVAC systems, power conditioning and back up were put into security than there would rarely be issues. Think about it, you've already made the decision to invest in protection of your data against overheating servers, power spikes or outages (I hope)- why not protect it against the part time worker who wants an easy cash for a server? Are all your code monkeys perfectly content at work? None of them would love to stick it to the man? Any one of them could do untold damage to your systems and be much less detectable or traceable by physically accessing it from the data center instead of over the network. (no offense to code monkeys in general, I love you personally) Then tack on all the risks associated with people wandering into the data centers looking for a place to hide out on break etc.. etc..
When it comes to data centers - card readers on the doors are not enough. You need to record all entry and exits as well as make sure someone knows if there is activity inside. People "piggyback" behind each other with card readers so you have to either install anti-piggybacking components (link is just one example) or enforce anti-passback.
There's a lot more to data center security than can be summed up here - so maybe I'll write a more comprehensive post in the near future.

On one hand, it's much more "low impact" for someone with nefarious intentions to get into your system remotely over a network connection or some other way. But at the end of the day:

Value of your information + amount of desire the threat has for your information = the lengths they will go and the exposure they will risk to get it.

Even though most of the people who commit information theft don't consider the information worth their jobs or freedom, there are many situations where it's not that risky for them to commit the crime because of the low risk they will get caught. In cases like that, where it's technically easier for them to get the data physically through your system or a server - you can bet how they will do it.

Security System Holds Up Opening of NJ Psychiatric Hospital

from Securityinfowatch.com

New construction projects have a certain element of stress associated. Time-lines seem like they are shifting daily as the logistics of equipment, supplies, operations and just about every other factor change with the wind. But I must say, this is the first time I've ever seen a case where the security system is being held up as the reason completion is delayed. Granted, it's a psychiatric hospital and that kind of scenario is tricky (we have our own problems here in NC with the construction of psychiatric hospitals).

This makes me think of all the times subcontractors blame their lack of progress on the security system - especially when they don't take the complexity of the systems set up seriously.

For what it's worth, it does sound like a pretty interesting system - I'd love to get a psychiatric facility from scratch.

Residential and Small Business Alarms - Think it Through

I'm always surprised when I talk to people who are completely unaware, or have been given a false picture of how residential and small business alarm companies operate. They are what most people consider solution providers to their security problems and fears. But in reality - the mitigation of risk and the true protection you're looking for is absent.

The risks that homes and small businesses face have only started to change from what they have been for decades. And over that time, the security providers have turned into corporate franchise monsters, whipping out cookie-cutter solutions that look good, and appease the majority of customers, but in truth fall short of the true needs out there. There are new threats to homes and businesses, and a unique approach is needed.

Currently, I'm wrestling with these "monsters" over the way they decide what response agency is contacted when an alarm goes off. Seriously, hundreds of small monitoring services are part of a huge network that pulls information based on a few data sources. They choose your response agency by plugging in your address and the system does the rest. The same logic that decides what network switching site your home computer connects to based on traffic and status is used to decide who comes to help you in an emergency. None of this is really done locally, the installer company subscribes to the monitoring network and provides your basic information, gets a check and walks away.

That is a story in itself, but my point here is to be careful when using one of these services. For a small business trying to secure their employees and property, they can be a great asset. But don't rely on them as a total security provider. Think of them as your Time Warner installers who know a thing or two about how security systems are usually used. Don't expect them to know or care about the risks and threats specific to your business or family.

Here's a few tips to consider when using these systems, not a comprehensive list but some good points:

• Never have your control keypad in the same area as the "brains" of the system, power supply and battery.
• Protect the "brains" of the system, don't install them in obvious locations and keep them in secure closets / rooms if possible. At a minimum make sure they are securely attached to the wall and have a locked access door with a tamper switch.
• Run the power to the "brains" though the wall and into the back of the box, not exposed up the wall - even with battery back-up.
• USE BATTERY BACK-UP
• Protect the communication method used between the system and the monitoring service. If it's a phone line - it should not be exposed around the control panel ("brains") or even outside. You can install a piece of conduit from your phone box to the ground to protect it if it's buried, or up the side of the wall if it's a pole connection.
• Consider using a network connection as your primary communication method. If a phone line is cut - the only way anyone knows is if the system sends an alert to the keypad to tell you. If you're not in the house/building you'll never know. The monitoring service MAY dial your system once a day and establish a test connection but don't think anyone's coming to help if your phone line is cut. Monitoring services can actively ping your system if it's networked and generate an alarm if your system doesn't' respond. (Then call your phone to check on things or dispatch help).
• Consider using two way voice communications with the monitoring service through the keypad or similar device.
  
• Either way - have two connection methods (dial-up, network or cellular)
  
• Give each person who can deactivate the alarm their own code. That way you'll know who turned the system off and when.
  
• Have your alarm company send/fax/email you system reports monthly and look through them for issues or suspicious activity (John Smith coming to work at 2am a few days here and there)
  
• Establish duress codes and words with the monitoring service.
• Reach out to whoever will be responding to the alarm, establish a relationship. Try not to expect specific response actions from them because officers are always changing, but tell them the conditions of your situation and let them develop the ways they can respond to an alarm.
  
• Maximize the system - look for "value added" opportunities. Most systems have basic configuration instructions that will allow you to set up text messages, emails and other notification methods based on alarm inputs. For instance - you get a SMS message when your son comes home at night and deactivates the alarm. Or, you can know if the power to your house / business is lost.
  
• If you're a business, and use panic alarms, the local policy for using them is more important than the alarms themselves. Come up with a good way for other employees to know what 's going on and everyone should know what to do. The alarm system can be fitted with chimes or lights in specific areas of your building to help with this.
  

Remote Video Monitoring - Good Idea? (Pt 2 The Rest of the Story)

As much as I've been trying to be brief but informative here, there are so many important details that may not make it into posts. It's difficult to produce content that's not going to be too long to read comfortably, especially when your passionate about the topic.

Specifically, when it comes to remote monitoring, there as nothing in that last post about the exposure to malicious data manipulation, theft or disturbance. It's not the primary threat, but it is one that should be considered.

If you have data leaving your network to get from your building in South Carolina to RTP (example), it's much more exposed. Even though most security video and security system data is encrypted as it's sent, it's not hack proof. There are choices in encryption methods, but from my experience, what you get out of the box most of the time is not very secure when it comes to network traffic.
Even if you're using VPNs and other methods, the fact remains - you've got information critical to your security operation "out there" where it can't be protected as well as in your network. Not the kind of thing that's a definite deal killer, but a serious consideration to be planned for.

That being said - having back-up routes for data to use is essential to mitigate both connectivity risks as well as malitious ones. But - with your alarm system and access control system you can always send the data over a standard telephone line or cellular signal as a back-up. That kind of method is not really an option for streaming video - especially if you've got a ton of cameras.

Remote Video Monitoring - Good Idea?

A new study by IMS Research is showing that the fastest growing segment in the "remote monitoring" industry is the remote monitoring of video. This is one area that I'm glad to see the possibilities through technology being used in the real world. However, I do believe there is a little too much haste in some cases. The systems integration field is one of the only fields out there that's growing and advancing as quickly as it is. With the introduction of the big -boy technology companies into the mix, integrators are looking for the edge and everyone wants to offer the "next big thing". This is nothing new in the industry, it's just at a scale that I believe is larger than ever before.

Couple the "next big thing" factor with the "let's save you some effort / money" factor, and the topic of remote video monitoring will probably come up. Not necessarily a bad thing, but definitely something that should be looked at from all angels before considering. I've seen some remarkably effective consoles that monitor remote locations. Even overseas locations, monitored real time with direct communications to security responders on site. It can be done, it can be done well, but can it be done reliably? You can control the network connections on your sites, and you can require the monitoring service or monitoring site to meet specific communications needs as well. But even the companies that supply most of the communications equipment can't control the multiple networks the data has to travel over to get from point A to point B. Now I know - I know, network providers have come a long way. They have secured agreements to provide redundant networks and back up data routes, so the user hardly ever experiences service problems. But in a security video situation, where two critical factors of the remote monitoring equation rest on network reliability (video feed and communication with local responders), there is a lot that can go wrong.

How many times has part of your network been offline, or you can't connect to a remote server? No big deal, just wait a few minutes - but when your dealing with an active shooter situation, or trying to monitor a safety issue - a few minutes can spell disaster. I'm not saying remote video monitoring is a bad idea, it's perfect for some situations - just make sure you're not putting all your eggs in one basket.