Eyes On Envisalink 3 Ip Security Interface

[norman]

Taking the security industry aside, is the idea if people controlling things via a smartphone or tablet such a weird idea?.

No, and it's the next step just around the (approved) corner imo.

[jb-eye]

I wonder how that goes with regs? I have never thought about it.

Strange as it sounds I did. Then dismissed the idea. A few of us do the same as Matt only difference is WE hide the keypad usually next to the CPU for convenience.

No, and it's the next step just around the (approved) corner imo.

W have an app that will control our intruder as in Arm disarm, switch outputs and isolate devices. We have no intention of implementing this its a toy.

[matthew.brough]

Matt it does. Ie where's your tamper, grading etc on your iphone

I thought you'd come back with that, but, when you use your virtual keypad in rss, that doesn't have a tamper or grade does it? It also wouldn't be possible to grade or tamper an ipad as its a portable device.

Also, as the ipad is a portal to the arc software, when setting and unsettling and unsettling via the arc, it doesn't say anything about grading or tampering?

No, and it's the next step just around the (approved) corner imo.

I think it's inevitable. Panels already have this functionality out of the box and in the states been done for yonks already. Why should we not offer it to our customers. I can control everything else via an app, why not an alarm panel?

[SoupDragon]

I thought you'd come back with that, but, when you use your virtual keypad in rss, that doesn't have a tamper or grade does it? It also wouldn't be possible to grade or tamper an ipad as its a portable device.

 

 

Why would a virtual keypad need a tamper? There's no physical keypad to pry open! Security would have to be done right though, none of this sending your pin in plain text ****.

 

Not sure how you would get different "grades" in computer security either as anything less would be a way in.

[matthew.brough]

Why would a virtual keypad need a tamper? There's no physical keypad to pry open! Security would have to be done right though, none of this sending your pin in plain text ****.

 

Not sure how you would get different "grades" in computer security either as anything less would be a way in.

You've open up a valid point where the standards don't really have anything to define whats what. Even in BS5979, it is very weak in terms of acceptable security levels. It does allow the user of 2 passwords, which imo isn't great as it you can compromise one password it is as easy to compromoise the second eg keyloggers, snooping etc.

 

The apps are in a way a virtual keypad, therefore as you suggest what is the requirement for a tamper and grading.

 

We have a number of security measures on our network, but non of them are madatory and there is nothing definded about sending things in plain text. Another example of where standards haven't caught up with the technology.

[james.wilson]

Re the arc point good point. But doesn't it state that remote access must be done in the arc or alarm co offices. Not anywhere?

[matthew.brough]

This is another interesting point. There are a couple of standards. Lets firstly look at BS5979

 

While remote access  to remote centre data systems  can
be made as secure  as a client requires,
at least two levels of security  should  be employed.

 

a)    Remote access level
 1: the client should
log on to the operating
system  which allows access
 only to the application program.

b)  
 Remote access level
 2: a different
 pass code is then required to
gain access  to the application level.

Access to the application software  can be granted by
means  of a log-on identification code together with a pass code of not less than eight characters. After 5 min of inactivity  the client should
be automatically logged off the system  and connection to
level 1 terminated. Reconnection should necessitate
that the log-on procedure has to be carried out from the beginning.
Client access  by telephone to a remote centre  is no different  to a manual  system 
(see 6.2  and 6.3.1.8).

 

Placing a system on test

 

The facilities for placing  a system 
on test should
not be available at access  level
1. It is important that a differentiation is
made between  a test and the suspension of the monitoring
service. Suspension of service would normally be the responsibility of
the remote centre. It should only be possible
 to place a system  on test remotely
 if it is known that the system  is unset.

 

Tests would normally be for the purposes of
fault diagnosis, or routine maintenance. An engineer or client
should enter  both his/her
 own pass code and the site identification code in order  to gain access  to the system.
 Tests should  be for no longer  than
2 h.

 

The remote centre  data should
revert to its original
status  after 2 h. The client/engineer would be required to log on again if testing
 is to be continued.

The points above in red neither custodian, southern monitoring, ADT or securitas comply with.

 

Regarding the rules we as installers have to conver for access is covered under DD263

 

 

secure computer

computer at a remote location used to access remote
servicing or support functions, which are not accessible
without applying  security measures, so that unauthorized persons cannot gain access to data
by normal means

 

Authorization

 

Access to the I&HAS for the purpose of remote
service checks or remote support, requires authorization to access the communications software running on the secure computer.

 

Authorization should conform to the access level requirement of

BS EN 50131-1:2006+A1, 8.3.1 and 8.3.2.

 

Remote service personnel, accessing the communications software
running on the secure
computer, should be uniquely  identifiable in the audit trail (e.g. by use of individual PIN codes).

 

if PIN codes are used for access to the communications software

running on the secure computer, the codes are changed
at regular intervals;

remote service personnel log out of the communications software
running on the secure
computer, before allowing others to use it or leaving
it unattended;access to the secure computer/communications software, is promptly barred to personnel leaving employment.

So the requirements of the secure computer are pretty clear, however what doesn't seem to be defined is about our access to the secure computer whilst away from the office. For example is log me in sufficient, should there be a VPN connection, should a hardware key be used in conjuntion incase of password compromise? It doesn't seem to have any answers. There seems no reference in any standards about user remote access, just our remote access.

 

 

 

 

[SoupDragon]

You've open up a valid point where the standards don't really have anything to define whats what. Even in BS5979, it is very weak in terms of acceptable security levels. It does allow the user of 2 passwords, which imo isn't great as it you can compromise one password it is as easy to compromoise the second eg keyloggers, snooping etc.

 

The apps are in a way a virtual keypad, therefore as you suggest what is the requirement for a tamper and grading.

 

We have a number of security measures on our network, but non of them are madatory and there is nothing definded about sending things in plain text. Another example of where standards haven't caught up with the technology.

 

I can't find a copy of BS5979 but two passwords might be referring to the use of 2 factor authentication? I believe Thorn used encryption on their keypads but it has to be decrypted somewhere on the panel!

[matthew.brough]

I can't find a copy of BS5979 but two passwords might be referring to the use of 2 factor authentication? I believe Thorn used encryption on their keypads but it has to be decrypted somewhere on the panel!

It doesn't mention 2 factor authentication, but we use password and hardware tokens which I believe should be madatory. it just specifies the minimum length. But then again it opens the question. Which standard are we trying to comply with, installer rules, arc rules or the non existent end user rules? It opens up so many questions.

 

 

Access to the application software  can be granted by

means  of a log-on identification code together with a pass code of not less than eight characters. After 5 min of inactivity  the client should

be automatically logged off the system  and connection to

level 1 terminated. Reconnection should necessitate

that the log-on procedure has to be carried out from the beginning.

Client access  by telephone to a remote centre  is no different  to a manual  system 

(see 6.2  and 6.3.1.8).

 

[SoupDragon]

It doesn't mention 2 factor authentication, but we use password and hardware tokens which I believe should be madatory. it just specifies the minimum length. But then again it opens the question. Which standard are we trying to comply with, installer rules, arc rules or the non existent end user rules? It opens up so many questions.

 

I would use hardware tokens for things like VPN/banking ect. For my webserver I have to have the correct passcode and certificate to gain access over SSH. It's also locked down via IP range.

 

if PIN codes are used for access to the communications software the codes are changed at regular intervals

 

To me that suggests time based hardware token with passcode but I bet it's interpreted as the passcode should be changed every 29 days (or whatever) which makes very little sense as the bad guy isn't going to wait a month before trying the passcode he's just captured.