IST Announces Partnership with Unlimited Technology

We have recently announced a strategic partnership with Unlimited Technology, a security systems integrator with offices across the United States.

The partnership will enable IST to expand its geographic reach and help Unlimited Technology advance its service offerings in the government sector. Both companies see the partnership as a strong strategic fit and expect to grow their customer bases.

Partnership Synergies
IST is a leading regional provider of integrated enterprise security solutions and full lifecycle support for private industry, education, healthcare, government, and data centers. Enterprise solutions include logical access control, video surveillance, intrusion detection, and safety incident and compliance tracking.

Unlimited Technology’s national reach will help IST scale its ability to design and deliver enterprise solutions to protect people, property and data across multiple locations, time zones and continents. IST currently has several relationships with organizations that have locations throughout the United States and Europe.

Alexander Oppenhimer, CEO of IST, says, “Since our founding in 1997, IST has grown to become the largest independent systems integrator in the Washington, D.C. region. We evaluated many strategic options for our future and are pleased to have selected Unlimited Technology as the best partner to advance our shared vision. We look forward to partnering with the entire Unlimited Technology team to expand our combined client bases, geographic footprint and service offerings.”

Unlimited Technology is a leading provider of physical, network and cyber security, along with managed services and compliance solutions for customers in critical infrastructure, transportation, commercial real estate, financial services, municipalities and education. The company completed more than 1,400 systems integration projects in 2020.

IST will provide Unlimited Technology with its expertise and experience in government contracts, giving it better access to a market that’s difficult to break into and stay in.  “This partnership expands our leadership position in the Eastern Seaboard and adds expertise serving the highly regulated federal government sector,” says John Palumbo, CEO of Unlimited Technology. “We are excited to partner with IST’s team of highly trained, seasoned security experts who have successfully managed hundreds of complex, large-scale integrated security and IT projects throughout the United States.”

What binds the two companies together is their focus on building strong, long-term customer relationships based on exemplary service and modern, innovative solutions that meet the needs of a continuously evolving security landscape. For years, IST has consistently ranked among the top security systems integrators by SDM magazine, and Unlimited Technology was named 2021 Integrator of the Year by SDM.

IST Enterprise Account Offerings
The partnership offers IST and its customers a unique opportunity to upgrade and integrate security solutions consistently across locations using the IST way of developing unique, pragmatic security solutions with full life cycle support.

The partnership will help IST scale out its ability to serve enterprise accounts with flexible systems that are consistent across locations. IST’s internal expertise, combined with Unlimited Technology for delivery, ensures the highest level of ISO standards are maintained throughout the design, installation and life cycle of all enterprise solutions.

IST enterprise solutions include:

IST’s Centralized Project Management
Each IST project will be administered through its Program Management Office to deliver industry leading customer service for system design, development, implementation and full life cycle support. The partnership will enable IST to further leverage its unique, centralized management platform that enables enterprises to streamline communications and efficiently scale security solutions across locations. IST will continue to draw on its relationships with top-tier security manufacturers and delivery partners for best-in-class capabilities and innovation.

IST’s management team, including CEO Alexander Oppenhimer, COO Michael Margolis, Chief Strategy Officer Michael Ruddo, and President Jon Langhorst, will continue to lead IST and will retain meaningful equity ownership in the partnership.

Top 10 Security Industry Megatrends for 2022

Some trends endure. Some don’t. The nice thing about the annual Security Industry Association (SIA) Security Megatrends™ report is that SIA really does its homework to identify what’s really hot in the security industry. Now in its sixth year, the report has seen trends come and go. But for the most part, SIA identifies long-term trends that are shaping the future of the security industry.

Input for the report comes from the association’s annual member survey, with additional input from industry executives and the association’s Securing New Ground event speakers and attendees.

While AI and cyber security remain in their #1 and #2 spots, respectively, for 2022, the report identifies three new trends that indicate a shift in the industry mindset: Interoperability, data privacy, and health and sustainability. These trends show that the industry is becoming more cognizant of how its activities affect the world around them.

The full list of 2022 trends are:

  1. Artificial intelligence
  2. Cyber security
  3. Supply chain assurance
  4. Service models and the cloud
  5. Workforce development
  6. Increased interoperability
  7. Data privacy
  8. Security as proptech
  9. Expanded intelligence monitoring
  10. Health and sustainability

AI Tops the List
Sitting at the top of the list for the second year in a row is AI, a broadly defined class of technology that suffers from marketing hype and immaturity. Which is, of course, where all new, cutting edge technologies start.

While simple algorithms that recognize license plates and masks are considered AI by some vendors, AI with actual intelligence is beginning to mature in the marketplace. Up and coming AI systems are correlating data that hasn’t been correlated in the past, and surfacing insights that can improve security and save time by automating common repetitive tasks and processes that are otherwise a time drain for busy security professionals.

According to the report, AI as a Megatrend promises to influence every sector of security and current development of AI-specific chips is propelling new advancements.

Cyber Security Is Becoming Top of Mind
While AI is the shiny new object, cyber security is the houseguest who won’t go away, despite your best efforts. Ranked #2 last year and this year, cyber security was once listed as “cyber security of physical security.” This has evolved to include cyber security in general. That’s because an attack can be launched through places other than an access control server or camera. Company servers and network infrastructure are also at risk. For more background, IST’s Chief Strategy Officer, Michael Ruddo, gives his expert input on cyber security in this SDM magazine article.

It’s not surprising that cyber security is still at the top of the list. Particularly since the global pandemic, ransomware attacks have soared, hitting every sector of society, with a particular emphasis on healthcare organizations, municipalities and the operational technology that underpins critical infrastructure such as water works, energy pipelines and energy generation.

The good news is that cyber security awareness has never been higher, and customers are now asking better, tougher questions on how to best validate or update their cyber security approach, and are more willing to invest extra money for extra protection. The key, of course, is spending the money on the right solutions to get the results you really need.

Interoperability Is Gaining Traction
SIA’s megatrend report says that unless you’re in a big corporation or a government agency, current integration between technologies like video and access control or intrusion systems is “surprisingly low.” However, this is changing as more systems are becoming based on open architectures and as customers are coming to expect the ability to correlate data sourced across systems.

The report identifies interoperability as a tremendous opportunity to connect disparate security systems using common protocols to enable communication between systems and can connect security systems with other business systems. To work, the industry will need to adopt more standards so that connecting systems doesn’t require custom programming and engineering.

Data Privacy Is a Big Concern
The public is now more aware that their data is being collected and stored and have concerns about how that data is used. Since the security industry is in the business of collecting and storing personal data, including identities and locations gleaned from access control and video surveillance, data privacy has become a hot topic that IST has been aware of for some time.

Privacy is particularly important when data captures people in environments where they have a right to expect privacy. So, you can’t collect this data without processes and policies in place to ensure privacy and an audit trail to prove it.

Currently, every state has laws regulating how organizations need to respond to a data breach. But only California, Virginia and Colorado have comprehensive data privacy laws similar to the GDPR in Europe. This megatrend is being closely monitored by legislators and regulators, so you can expect more government regulation moving forward.

Health and Sustainability Is Driving Industry Change
The global pandemic has added new responsibilities for security teams to use security technology to protect the health of employees and visitors. The conversation about how security teams will actually do this has been in flux, having moved on from temperature screening and touchless functionality towards more generalized health and comfort topics. For example, security teams may become more responsible for detecting toxic chemicals and monitoring indoor air quality.

On the sustainability side, manufacturers are beginning to build energy efficiency into their products and taking steps to ensure products use less materials and more efficient packaging.

According to the report, improvements in health and sustainability, especially for building environments, will require better interoperability between security and building systems.

If any of these megatrends are of particular interest to you, download the full report, which is full of detail, statistics and interesting insight from industry leaders.

Work Safe: Top priorities for securing remote workers

The global pandemic has certainly changed things. Before the pandemic, working from home was rare. Today, commuting to an office is the exception rather than the rule. While the percentage of those working remotely will likely drop over time, it’s estimated that about a quarter of the workforce will continue to work from home permanently. For those returning to the workplace, the transition will be gradual. As a result, the need to secure data for remote workers will persist.

The transition to remote work has amplified risk. Cyber crime has increased dramatically, particularly phishing, malware and ransomware attacks. Unsecured remote network connections are also attracting criminals. In other words, your organizational data is now more vulnerable than ever. A data breach can have serious consequences and the cost to recover can be staggering. Business disruptions can also impact your organization’s reputation, leading to lost sales and customers.

At the outset of the lockdowns, getting remote workers the functionality they needed was a mission-critical priority. With vulnerabilities and attacks on the rise, now is the time to revisit and formalize your strategy for securing data for home-based workers, which involves:

  • Formalizing policies for remote work, including policies for data protection
  • Shoring up existing cybersecurity technology
  • Educating employees on policies and threats

Remote Work and Cybersecurity Policies
A remote work policy can be wide ranging and include aspects that promote quality of life when working from home. It should also include data protection considerations and clarify the role of home-based workers in keeping organizational data safe.

Cybersecurity considerations to include in your policy include guidelines on device usage. For employees doing work on their personal computers, there should be policies around keeping work and personal data segregated, for example, not using personal Google, Microsoft or other personal accounts for company email, file storage and document creation.

Another policy to consider is requiring users to change their password regularly, for example, every three months. Passwords can be stolen and sold on the black market. Keeping passwords fresh puts you a step ahead of these criminals.

Technology Solutions
Even if you don’t have remote work policies in place, there are several ways you can mitigate risk in the short term. For example, at the outset of the pandemic, there was a big rush to enable remote access. In the process, many remote access solutions were misconfigured and regular patching may have been suspended. Now is a good time to review remote access configurations and get caught up on software patches.

In addition, these technologies can help you further mitigate risk:

Virtual Private Network (VPN): Unsecured network connections are flypaper for threat actors. To ensure data and communications security, it’s recommended to route all organizational network traffic for home-based workers through a VPN. In addition, all traffic should be encrypted in both directions, which can be accomplished by using SSL (Secure Sockets Layer) or IPsec (Internet Protocol Security).

Multi-factor authentication (MFA): Password-only authentication is so 20th Century. Threat actors have plenty of tools and methods to steal passwords without being detected. MFA requires one or more steps beyond the password to authenticate remote workers.

Company-issued devices allow for standardization of security features across your remote devices. A pool of company devices can be configured and managed remotely by your IT staff, including security features such as endpoint agents that help protect against malware.

Be Prepared
Incident response plans are effective tools to organize a quick response to an attack or intrusion. Even with comprehensive policies and security measures in place, attacks and intrusions happen, and in the event of a ransomware attack, your files can be gone in an instant. Now is a good time to update or prepare an incident response plan. A good plan will save time, money and headaches if an attack does occur. If every stakeholder understands their role when responding to an incident, recovery will be much faster and more effective.

Develop a backup plan that covers all of your servers and workstations. For example, if faced with a ransomware attack, your recovery will be much faster, much easier and a lot less expensive if you can restore your files and keep your business operational. You’ll also avoid paying a ransom, which may or may not get your files back.

Vulnerability assessments and penetration testing are valuable for finding and prioritizing issues with your cybersecurity. With systems and configurations in flux, you may be thinking that now is not a good time to do an assessment. However, given that cyber criminals are using this time to scale out their efforts, the need for security assessments has never been greater.

Employee education
Employees really want to do the right thing when it comes to data security. Give them a lift by being clear about security expectations and educating them on remote work and data security policies. For example, employees should be aware of the dangers of using unsecured public WiFi connections. And even though phishing attacks are not new, it’s important to continue to emphasize vigilance in handling emails, even those that appear to originate internally.

Working from home has quickly become a part of American work culture and is not going away. To get ahead of threats and manage risk, make a concerted effort to find and fix vulnerabilities associated with remote work.

IST is here to support you. These generalized guidelines are a good starting point for mitigating risk. For a deeper dive into risks specific to your environment, don’t hesitate to contact us. Some solutions may already be at your fingertips. Others may require some investigation. We’re here to help ensure your organization is secure from every angle.