GDPR For Access Control Guide

Author: IPVM Team, Published on Jul 03, 2018

Electronic access control is common in businesses plus organizations are increasingly considering biometrics for access control. With GDPR coming into force this Spring, it is important to understand how this will impact these systems.

IPVM has already published an extensive guide about the GDPR’s effect on video surveillance. This new 13-page guide covers GDPR’s effect on the access control industry since much of the data collected for access control purposes – e.g., names, addresses, fingerprints – are personal data whose processing is clearly regulated by the GDPR.

The guide has the following core sections:

  • Where Access Control Providers Fit into GDPR categories of controllers and processors
  • Why Processors Aim To Keep Distance
  • Legal Basis for Processing Access Control
  • Impact of Biometrics on Access Control GDPR Requirements
  • Dealing With Employees Who Refuse Biometrics Consent
  • Access Control Systems Excluded From Biometrics Claim
  • Guidelines for Storing Access Control data
  • Handling Right to be forgotten/Right to information requests for access control systems
  • Encrypting / Anonymizing access control information
  • Concerns with AD / LDAP integrations
  • Data breach response for access control
  • Data Protection Impact Assessments for access control systems
  • Dealing with Data Specific to Access Control, e.g. Physical Activity Log
  • Manufacturer GDPR guides including Avigilon, Brivo, Genetec, Lenel, Paxton, RS2, S2, Tyco

Introduction

To start, it’s important to realize that the GDPR is a broad set of regulations which do not mention particular industries, including access control or its products.

Therefore, anyone claiming to provide “GDPR certification” for particular products in access control or any other industry is wrong. (See IPVM’s previous report: Dahua Products Are Not GDPR Compliant, No Products Can Be.)

Data Controller and Data Processors

The GDPR creates two distinct categories – data controllers and data processors. Controllers are the firms which gather and control the use of peoples’ personal data, and processors are the ones who process that data on behalf of controllers.

The distinction is important as data controllers typically have more responsibilities under the GDPR; for example, only controllers have a duty to report data breaches to authorities.

Access Control GDPR Category Examples

As in video surveillance, access control end users would typically be considered “data controllers.” For example, if a pharmaceutical company buys an access control system for a new building and its employees, the pharma company is the data controller.

Data processors are the companies which handle the personal data collected by end users. For access control, in most cases this means firms like Genetec, Lenel, Software House, S2 Security, etc..

Access control integrators/installers could also be considered data processors depending on whether they handle their end users’ personal data or not. For example, an integrator with temporary access to employees’ personal addresses for maintenance purposes would be considered a data processor in this instance.

Processors Keep Distance

Many data processors in the access control industry emphasize that they can only provide the means to comply with the GDPR’s provisions, rather than assuring compliance in and of themselves.

Because access control involves data which is very easy to immediately identify people with (unlike video surveillance), processors are keen to distance themselves from end users/data controllers in case those end users mishandle the data.

For example, S2 Security says in its public GDPR guide that it may not be considered a data processor in some cases because “on-premises deployments of access monitoring and video management systems often do not involve a Data Processor because the Data Controller handles all personal data.” S2 is correct when it comes to on-premise deployments.

However, it is worth remembering that firms providing cloud-connected access control solutions would be considered data processors under the GDPR. Moreover, as more systems are moving to the cloud, either for hosting, management or access, access control providers are more likely to fall under the data processor category.

Main Points of Compliance for Access Control

Legal Basis of Processing

********** ****** ******* ** ****** ** ********** **** ************* *** increasingly *********** ********** *** ****** *******. **** **** ****** **** force **** ******, ** ** ********* ** ********** *** **** will ****** ***** *******.

**** *** ******* ********* *********** ***** ***** *** ****’* ****** ** ***** ************. **** *** **-**** ***** ****** ****’* ****** ** *** access ******* ******** ***** **** ** *** **** ********* *** access ******* ******** – *.*., *****, *********, ************ – *** personal **** ***** ********** ** ******* ********* ** *** ****.

*** ***** *** *** ********* **** ********:

  • ***** ****** ******* ********* *** **** **** ********** ** *********** and **********
  • *** ********** *** ** **** ********
  • ***** ***** *** ********** ****** *******
  • ****** ** ********** ** ****** ******* **** ************
  • ******* **** ********* *** ****** ********** *******
  • ****** ******* ******* ******** **** ********** *****
  • ********** *** ******* ****** ******* ****
  • ******** ***** ** ** *********/***** ** *********** ******** *** ****** control *******
  • ********** / *********** ****** ******* ***********
  • ******** **** ** / **** ************
  • **** ****** ******** *** ****** *******
  • **** ********** ****** *********** *** ****** ******* *******
  • ******* **** **** ******** ** ****** *******, *.*. ******** ******** Log
  • ************ **** ****** ********* ********, *****, *******, *****, ******, ***, S2, ****

************

** *****, **’* ********* ** ******* **** *** **** ** a ***** *** ** *********** ***** ** *** ******* ********** industries, ********* ****** ******* ** *** ********.

*********, ****** ******** ** ******* “**** *************” *** ********** ******** in ****** ******* ** *** ***** ******** ** *****. (*** IPVM’s ******** ******:***** ******** *** *** **** *********, ** ******** *** **.)

Data ********** *** **** **********

*** **** ********** ******** **********– **** *********** *** **** **********. *********** *** *** ***** which ****** *** ******* *** *** ** *******’ ******** ****, and ********** *** *** **** *** ******* **** **** ** behalf ** ***********.

*** *********** ** ********* ** **** *********** ********* **** **** responsibilities ***** *** ****; *** *******, **** *************** * ****** ****** **** ******** ** ***********.

Access ******* **** ******** ********

** ** ***** ************, ****** ******* *** ***** ***** ********* be ********** “**** ***********.” *** *******, ** * ************** ******* buys ** ****** ******* ****** *** * *** ******** *** its *********, *** ****** ******* ** *** **** **********.

**** ********** *** *** ********* ***** ****** *** ******** **** collected ** *** *****. *** ****** *******, ** **** ***** this ***** ***** **** *******, *****, ******** *****, ** ********, etc..

****** ******* ***********/********** ***** **** ** ********** **** ********** ********* on ******* **** ****** ***** *** *****’ ******** **** ** not. *** *******, ** ********** **** ********* ****** ** *********’ personal ********* *** *********** ******** ***** ** ********** * **** processor ** **** ********.

Processors **** ********

**** **** ********** ** *** ****** ******* ******** ********* **** they *** **** ******* *** ***** ** ****** **** *** GDPR’s **********, ****** **** ******** ********** ** *** ** **********.

******* ****** ******* ******** **** ***** ** **** **** ** immediately ******** ****** **** (****** ***** ************), ********** *** **** to ******** ********** **** *** *****/**** *********** ** **** ***** end ***** ********* *** ****.

*** *******, ** ******** **** ***** ****** **** ********* ** *** *** ** ********** * **** ********* ** some ***** ******* “**-******** *********** ** ****** ********** *** ***** management ******* ***** ** *** ******* * **** ********* ******* the **** ********** ******* *** ******** ****.”** ** ******* **** ** ***** ** **-******* ***********.

*******, ** ** ***** *********** **** ***** ********* *****-********* ****** control ********* ***** ** ********** **** ********** ***** *** ****. Moreover, ** **** ******* *** ****** ** *** *****, ****** for *******, ********** ** ******, ****** ******* ********* *** **** likely ** **** ***** *** **** ********* ********.

Main ****** ** ********** *** ****** *******

Legal ***** ** **********

[***************]

*** ****’******** ******* ******* ***** ***** *** **** **********, ** ***** *** of *** ********* ***** ** ****** *******:

  • *** **** ******* *** ************** *** ********** ** *** ** *** ******** **** *** one ** **** ******** ********
  • ********** **necessary *** *** *********** ** * ********** ***** *** **** ******* ** *****
  • ********** ** ********* *** *** *********** ** * **** ******* outin *** ****** ********** ** *** ******** ** ******** ********* ****** ** *** controller
  • ********** ** ********* *** ***purposes ** *** ********** ********* ******* ** *** ********** ** ** * ***** *****, ****** ***** **** ********* *** ********** ** *** ********* or *********** ****** *** ******** ** *** **** ******* ***** require ********** ** ******** ****, ** ********** ***** *** **** subject ** * *****.

Biometrics *** *******

********** (************, **** *****, ****** ***********, ***) *** ** **** that **** ****** **** ****** ******* ***** ******* ** ****** with *** ****’* ********* ******* ************.

********** ********* ** ********** ***** *** **** **** ******* **********. The **** **** ***** ***** ** ****** ******* *** “*********** public ********” *** “******** *******.”(******* *).

*********, ****** ** ****** ******* **** *** *********** ***** ********** gathering *** * “*********** ****** ********,” ** ***** **** ** make *****, ******-*****, *** ******** ******* * ********. **** *****:

  • ******* ***** **** ** ********* * *******, ***********, ************ *** ****** ********** ****, ***** clear *** ***** ********(******* *)
  • **** ******** *** ******* *** ***“******** *** ** *** ******* ** *** ****” **** ****(******* *)
  • ** ****** ********* *, *** ******* ***** **** ******* **** **** ** ********** are ***** **** *** ***
  • ******* **** ** “****** *****”, *.*. “******* ****** *** ** ******** ** ****** ***** ** *** data ******* *** ** ******* ** **** ****** ** ** unable ** ****** ** ******** ******* ******* *********.” (******* **.)

**** ***** ** * ********** **** ** ********** ****** ******* for *** ********* ***** ******** **** *****, ** ***** ** obtain ********, *****, *** ******-***** ******* **** ****.

Refusing ******* *** **********

************* *** **** * ******* **** ********* ** ****** ** their *********-***** ****** ******* ****** ********* ********:

******* ****** *** ** ******** ** ****** ***** ** *** data ******* *** ** ******* ** **** ****** ** ** unable ** ****** **withdraw ******* ******* *********. [emphasis added]

** **** ***, ** ** ******** **** ** ************ *** fire ** ****** ***** *** ** *** **** ******* *** their ********* *********** ** ** ****. ** *********** *** ******* non-biometric ***** ****** ******* *** ***** *** **** *******.

**** *****, ** **** ** ** ***** *** ********** **** and ** **** ****** ******* ******* *********** **** ******** *** clear ******** ** **** ***********. *******, ************* ****** ********* ******** the ************ ** ******* ** **** ***** ********** *** ****** control.

Access ******* ******* ******** **** **********?

**** ****** ******* ****** ********* ******* **** ***** ******* ** not **** ***** **** ******* ******* **** **** ***** **** that ****** ** **** ** ******** ****** – ****** ******* a **** ***** ** * **** ** ***********, *** *******. This *** ** ****** ** * **** ** *************.*** **** ***** ********* ************, *** **** ********* *** ****** by *** ****** ** ******** ** *** ****** ******* ****** entirely, *** *** **** **** ******** ** *** ****** ****** is * ******* ** **** **** ****** *********** * **********.******, **** ********* ******* (**** ***** **** ** ‘************’ *****) may *** ***** ********* **** ** *** ****** ****** ** all, *** ****** ********* *** **** *** ****** ** ********** cards ** ****** ******-***** *********.

**** ** * ***** *** ******** ******** ** *** **** itself **** *** **** *** ********** ** **** ** ********* to ** ********* ****, ** **** ** ** ** “********* data *** *** ******* ** ******** *********** * ******* ******” (******* *) - ******* **’* ********** ** ***.

****** ******* ********* ****** *** ** *** **** ** ******* when ******* **** *** ********** ***** *** “******* ******** ** personal ****” ****** ** *** ****. ** *** **** * GDPR *********/******* ** ***** ******* ******* ****** **** **** **** strings *** ********** ********** ***** *** **** ** ***.

Storage ****** ******* ***********

*** **** *** ** ******* ********** ** *******, ********** ****** ** ***** **** ******** **** ****** *** ** ****** for "****** **** ** ********* *** *** ******** *** ***** the ******** **** *** *********".

** ****** *******, **** ***** **** ****** ***** ******** ***** storage *** ****** **** **'* *** **** ****** **** ** indefinitely ****** *** *** ***** **'* *** “****** ********, **********, or ********** ******** ********”. **** ***** ********* *** ***** * firm ****** **** ***** **** ******* ********.

**** ******* ** *** ********** ************ ***********, **** ** ****** logs ********* **** * ******** ****** **** ******* * **********. However, ** **** ****** **** ** *** **** ** * specific ******, ** ***** ****** *** **** ***** *** **** and **** ** ******** ******* **********. (*** **** ** ****, see***** ** **** ******** ** ****** *******.” *****)

Right ** ** *********/***** ** *********** ********

*** **** ***** ***** ****** *** ****** ** ****** *** delete ***** ******** **** ********** *******, ** ****** ******* ***** **** ** **** *********** ********** to ******* ***** ******** *** *** ***** **** ** ***** of *** ** *** ****.

***** *** **** ******** ** ****** ******** **** ******* **** justifications **** ****** ********* *** ****, *** **** ******* ** least *** ***********, **** ******* *** **** ** “** ****** necessary ** ******** ** *** ******** *** ***** **** **** collected” (******* **.)

*** ****** ******* **** **** **** **** **** ********** **** how ** ********* *** ****’* ****** *** ******** ************. ** would ********* **** ****** *** ***** *** ***** ****** ***** access ******* ******** ** ***** **** ******** ** *******, ****, and ****** ***** *** ****. *** *******, ******** **** **** company ****’* ******** ********** **** ****** ********** ********* ******** ***** “****** **” ********.

*** ****** ******* *******, **** ********* ** ****** ***** *** deletion ** *** **** *********** *** ********, ******** *** ***** needed ** ** **** *** ***** ****** ****** ‘**** *******’ functions ****** ********* *** ***** ** ********** *******.

*** ****** ** ‘*********** *******’ *** ******* ** * ****** may ******* * ***** ****, *************, ** ******* ********** ****** simple ******** ** ****** *******, *** ** ***** ******* *** shared **** ***** ***********, **** ** ‘**** & **********’ ** ‘Visitor **********’****, **** ******** ****** ******** *** ******* *********** **** multiple *******.

***** ********* **** *** ***** ** ** ********* *** *** right ** ***** ******** ****. *** **** ******* ** **** the **** ******** *** ****, *** *** **** *******’* ********** status. *******, **** ***** *** ** ******** ** *** ********’* personal **** *** **** ******* ********* *** ** *** ********* from * **** – ** ****** ** **** ** ********** with *** ****’* ******* *************** (*** “*******.”)

*******, **** ** **** **** ***** ***** ** **** ** respond ** *********** ********, **** **** * ***** ** ** so, ***** *** ** ******** ** ********** * ******. **** also ** *** **** ** ******* **** ** **** *** “manifestly ********* ** *********.” (******* **.)

Encryption *** *************

******* ****** ******* ********* ****** *********** ******* ** ********* *** special ******** ****, ****** ********** ** ***. *** **** ********** encourages ****** ********** ********* **** ****** *******’ ******** **** ** *********, ** **’* ****** important *** ****** ******* ********* *** ***** ** **** **** they *** ******** ***** ********* *** ******** ****-**** ********* **** General ****** **** **.******* **** ********** ***** ***-****** **************, ********* ***** ********, ** default *********, ***.

*******, **** ****** ******* ******* ******* ************ **** ********* ****** Directory ** **** ** ******** ***** *********, *** ***** ******* utilities *** *** ** ******* ** **********. ** *****, ****** control *******, ********** ***** **** ** ***** ********** *** *****-******** deployments **** *****, ******** *****, *******, **, *** ******** *** may ** ** ****.

*************/**************** ** **** ********** ** *** ****. ***** ***** **********, which ****** ****** **** ***’* ** *********** **** ** ****** people, ** ****** ** ** ******* ********* ************ ** **** of * ******. *** *******,******* *********** **** ********** **** ******** *** *** **** ** ** contacted ** *********** ************* ********** *** ****.

****** ******* ********* ***** *********/**** *********** **** ** ****** *** impact ** * ******, *** ********. ***** *** **** ** anonymized ** ********* **** ****** * ****** *** ******* ** referring ** **** ******** ** ***** **** ****.

Data ******** – ********** ***** *** ******* ******

****** **** ** ****** *******, *** ***** *** **** ****** to ** ********** **** ***********, ***** ****** ****** ******* ***** like ******* *** **** ****** ** ** ********** **** **********.

***** *** ****, *********** **** ** ***** ** ****** *********** in *** **** ** * ******. *********** **** *********** **** inform ********** **** ******** ** **** ** **** *** ****** poses* **** **** ** *** ****** *** ******** ** ******* persons”(******** **&**.)

**** *********** **** ****** ** * *** ************ ************* **** either ********** ** ****** **** *** ***** ** *******. ************* of **** ******** *** *** ********, ********, ** ****** ********** with ******* *************, *** **** **** ********* ********* *** ******* breach ************ ************.

****** ******* ********* ***** ********** ****** **** *** ******* ********* to ****** ********* ************, ** *** **’* ******* ** ******* Party, ** ******** ** ******** ****,*** ********* ****** ********* ********** ** ************ **** ****, **** ********* ************ of ********** **** ******** ***** **** ***********: “** ******* ********** ** ******** **** [**********] *** ********* ******, the ********** ****** *** ******* ***** ***** ** ******* *** breach *** ** *********** ** ** *** *********** *********.”

**** ********** **** **** ************** ** *** ***** **** **** are **** ******* ** ******* **** ***********, ****** **** *********** and **** ********, ****** ** ***** ** ******* ** * breach ***** ********* ******** **** **** ***********.

Data ********** ********

***** ** ** *** ********* *** *** ****** ******* ***** to ******* * *** (******* ****** **** ********** **** **********), an ****** ******* **** ***** ********** *** **** ** ** so.

*** **** **** *** * ********* ********* ****** **** **** ** ** *********, ********* **** “*** **** ********** ** *** ********** ** *** ********* ******* of ********** ** * ***** ***** ** ******* ********** ** data [**** ******** **********]”.

***** **** ****** ******* *********’ ********** *** ** ********* ***********, appointing * *** ***** ** ****. **** **** *** ** especially **********, ** *** **** ****** **** * *** *** be ********** ** ** ** ******** ******** ****** **** *** more ****.

Data ********** ****** ***********

******* ******** **** ***** *** ******** ** ***** “****** ** ****** ** * **** **** ** *** ****** and ******** ** ******* *******”, ********** **** "********** ** * ***** ***** ** ******* categories ** **** [*.*. **********]" ***** *****.

*******, ***** **** *** **** *****’* ****** “***** *****” *** that ********** ***** ** ******* ** “********** ********” – **** access ******* – ** *** ****** ** ****** ** * risk ** ******’* ********, ** ***** ******** ***** ***** ** required ** ***** ******** ** ****** *******.

******* ** ***** **** *** ** *** *** ** ********* will ***** ***** **** ************ ** ********, **** ***** ******. So *** **** *** **** ** ******** ** ****** ******* firms ********* *** ********* *****.

Data ******** ** ****** *******, *.*. ******** ******** ***

*** **** ********* ******** ****, ** "*********** ******** ** ** identified ** ************ ******* ******". (******* *). *******, ***** *** ***** ** **** ** ****** ******* which **** ***** * **** ****, ************ *** **** ** physical ******** **** ****** ***** **** ******* **** * ********* to ***** * ********, *** *******.

****** ******* ***** ********* ** **** **** **** *** *** consider **** **** ** **** ** ** ******** ** ********* data, ***** ** *** ***** ************* ** * ******** ****** and ***** *** ** **** ** ******** *******. **** ***, if *** ******* ** ******** ****** * *******, *** **** controller ***** ****** *** ******** *********** *** **** *** *********** anonymous ******** *** (** ** ******* *** ******** *** **** firms).

***** *** ********** ** ******** **** ***** ** *** ****, this ******** ***** *****. *******, ** ******* *** **** ********* realize **** *** **** **** ******* ***** *** ** **** to ******** * ******** ****** ***** ***** *** ****** ******* of *** ****.

GDPR ********** ** ****** ******* *****

**** ****** ******* ******** ********* **** ********* **** **********, ****** generally **** *** ***** ** *** ********* ** ****'* ****** on ****** ******* *******. ***** *** ***** ** ****** **** ********** ** ****** ******* *****, **** relevant **** **********:

******** **** *********:******** ********** (**** ** ******** ******* ****** (***) ***** ********** software) ****** ****** ** **** *********, *** ********** ********* **** consider *** ***** ******** *** ********* *** ****** *********** ** deploying *** ********* * **** ********* ******. ******** *** ***** care ** ****** **** *** ***** ******** ********* ******* ******** and ************* **** **** ******* **** **********.”

**** *******: ******** ********* ****** **** *** **** ** ** provide *** ***** ** **** ********** ****** **** *** ********** itself.

***** **** *********:“*********** **** **** ****** ** ***** ***** ** *********** ***** Brivo ************ *** ********** **** ********. ***** ***-***** *** ** some ***** ***** ********* *** ********** **** ***********. ***** ** a **** *********.”

**** *******: **** *** **** *********** ** *** **** ***** ******* ** ****** control. **** **** ***** ** *** *********, ***** ********* ** has ********* * *** *** ***** ** ***** ** ******* them **** **** *******.

******* ****** **** *****:“**** ******* *** ***** ************ *** ********* ***** ** ********* who ****** **** ******** **** ****** ***. ****** **** *** data *** ******* ** ********* ******* ************ ****** ** *** first **** ** ********* *** ****. *** ********* ******* *** the ***** *** **** ** ****** **** *** *** ******** and ****** ** *** ******** ******* ** ***** *******.”

“**** ****, *********** *** *** ******* ****** ** * **** of *** **** ** ************ *** ********* ***** ****. ********** *********™ ******* ******** ********** ******** ***** **** *** *** ***** to ******* ** ***** ********. ** ******** * ****** ***-***** portal ***** *** *** ****** *** *********** ***** ******* ****. It **** *** ******* *********** ****** ** ***** ******** *********** in * ********** *** ****** ******.”

**** *******: * ******** ** *******’* ***** ** *** ******* video ************ ****** **** ****** ******* *********, ******* ** ******** identifies *** ********** ** ****** ************* ********* *** ******** ******** to **** **** ********** ******.

***** **** *****: “***** *** ******** *** ******** ** ***** ********* ** *** them ** ****-********* ****. ***** ******* ****** ******* ****** ** security ** ******* *** ******** **** ** ********* *** ********. Respected ******** ********* *** ***-********* ********** ******* *** ** ********** in *** ***** ******* ****** **** ** ******* ******* **** and ******, **** ******* ****** *** **********, ****.* ******* ********** and ******, *** ***** *** * ****** ******** **********. ********, Lenel ******* ******** ************* ****** ************ ** ***** ****** ** authorised ********* *** ******** *** *********** ** ******* **** ******, to **** ***** ** ********* ******** *** *** ****** ** function.”

**** *******: *****'* ***** *** *** ** *** **** ******** and ******** ***** ****'* ****** ** ****** *******.

****** **** *********: “** **** **** **** **** *** ******** **** ******* *** tools ******** ** ***** ********** ** **** *********, *******, ****** is *** *********** *** * ****’* ********** **** **** *** do *** ***** ****** ** *** ** ** *********.”

**** *******: ****** **** ********* ***** **** ***** ** *** give *** ***** ** ****** **** ****, *** ******** ****** automatically ****** **.

*** **** *********: “** *** **** ** ****** ** ***** *** ***** ******** Data ** **** ***** ***, ** ** ******* **** ** delete *** *********** ***** ***, *** *** ******* ** ** emailing ***@***.***. ** **** *********** **** ******* ****** *******-*** (**) hours *** ****** ** ********. *** ******** *.*.*. **** ******* to ***** ******** ****** * *****, **** * *********** ** extend **** ****** *** ************ ******* ******** ** ********** **** Applicable ***. ** **** ****** **** *********** *** ** **** as **** ******* ** ******, ** ****** ** ******* *** services, ** ** ****** **** *** ***** ***********, ******* ******** and ******* *** **********.”

**** *******: **’* *** ******** ********* *** *********** ** ********** to ******* ** ***** ******** ****** ** *****, ***** ** the **** ******** ** ****** ********. *** **** ***** *********** and ********** ** ** * ****** ** ******* ** ***** requests.

** **** *****: “*** ******** ********** ****** ***** ** *** **** **********, *** entity **** ******* ***** ******** **** ** ******* *** *** the ******** ************** *** ************ **.”

“********* **** ****** ***** ********* ******** **** *** ******* ****** issues. ****** *** ***** ****** ** ******** **** *** **** for ******** **********. ****** **** *********** *** *** ******** ****** of **** *********. ***, ******* **** ***********, ** *********** ***** your ******** **** *********.”

**** *******: ***** *** *** ******* ********** *** ********* *** heavier ********** ****** *** ****** ******* *** *****/***********.

*** / **** ************ ******* *** ******** ***** ***** *** same **** ****** (*.*.*****) *** ***** ****** ******* ***** ****** ***** ** ** for ***** ************:“** ** ********* ** **** **** ******* ***/** ******* ********* are *** ** ********** **** *********. *** ******* **** ** subject ** *** **** **** **** ** ****** **** ******** and ********** *** ******** ** ****** **** ***** **************** ***** the **********, *** ** *******, ********* *** *** ******** ***/** product ********* ** * ****** **** ** *********.”

“******* ********’ ***** ******* ********* ******** * ****** ** ******** and ********* **** *** **** **** ******* ** **** ********** ************ *** ************ *** ******** *** ********** ** **** processed. **** ******** *** ******* **********, ****-***** ****** ******* ** limit ***** ***** *** ****** ****, *** **** ** ***** provide ***** ****** *** **** ****** *** *********. *******, ********** with *** **** *** **** ** ******** ******* ********** ******* and ******** ******** ******* ************ ** **** *** *********** ***** of **** ********** ********. *********, **** ********** ****** ** ****** by * *******’* ******* ***. ***** *** *******’* ******* *** can **** **** ********** ****** ** *******, ***** **** ********** be ********** ******** *** ******** ******** ******* ******** ** ****** compliance **** *** ****. **** ******* **** **** ******* ************ about ***** **** ** ******, **** *********** ** ****** *** user ******* ************ **** ******* ******** ****** *******.”

**** *******: **** ******* *** ******** *****, **** ***** ** Johnson ********, ***** *** ******* ******* ** ****** ******* ***** distancing ********** **** *** ***** **** ** ***** ** **** compliance, ****** **** ******* ******** ***** ****** ****** **********.

Future *******

**** **** ******* ******* ******* ** *** **** ******* ****** control *********** ****** *** ** ***** ********* **** *** ****** control *** *******.

Comments (0)

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

Higher Power PoE 802.3bt Ratified, Impact on Security Products Examined on Oct 12, 2018
Power over Ethernet has become one of the most popular features of many video, access, and other security products. See our PoE for IP Video...
Door Hinges Guide on Oct 10, 2018
Some of the trickiest access control problems are caused by bad door hinges. From doors not closing right, to locks not locking, worn or warped...
Default Passwords Outlawed in California, US To Follow on Oct 09, 2018
UPDATES A new California bill aimed at improving security for connected devices has been signed into law. The law takes aim especially at...
Security System Health Monitoring Usage Statistics 2018 on Oct 09, 2018
How well and quickly do integrators know if devices are offline or broken? New IPVM statistics show that typically no health monitoring is...
IP Camera Installability Shootout - Avigilon, Axis, Bosch, Dahua, Hanwha, Hikvision, Uniview, Vivotek on Oct 08, 2018
What are the best and worst cameras from an installation standpoint? Which manufacturers make it harder or easier to install their cameras? We...
IACP 2018 Police Show Final Report on Oct 08, 2018
IPVM went to Orlando to cover the 2018 IACP conference, the country's largest police show (about as big as ASIS), examining the 700+...
UTC Merges Lenel and S2, Creates LenelS2 on Oct 03, 2018
UTC has completed the acquisition of S2, launching literally Lenel's2 LenelS2 with UTC declaring that "LenelS2 unites two world-class teams with...
Anti-Tailgating Startup: Spyfloor on Oct 03, 2018
A Canadian startup, Spyfloor, is using a different approach to warn against tailgating, a common access control problem. By counting feet,...
ASIS GSX 2018 Mixed Manufacturer Reviews With Declining Overall Attendance on Oct 02, 2018
ASIS GSX 2018 show drew 9% fewer total registrants, however, it gained 15% more paid registrations, according to ASIS. In this note, we look...
Network Cable Testing Guide on Oct 02, 2018
Proper cable installation is key to trouble-free surveillance systems. However, testing is often an afterthought, with problems only discovered...

Most Recent Industry Reports

ADI's Financials Revealed + W-Box Growth Priority on Oct 15, 2018
  ADI is one of the most powerful distributors in the security industry but how big are they? How much profit do they make? How much do they sell...
Dahua Face Recognition Camera Tested on Oct 15, 2018
Dahua has been one of the industry's most vocal proponents of the value that AI creates: As part of this, Dahua has released a facial...
Amazon Touts Home Security Market Disruption on Oct 15, 2018
Amazon is coming for ADT and all of home security. Indeed, Amazon is advertising this as, in their own words, calling home security a: Inside...
Higher Power PoE 802.3bt Ratified, Impact on Security Products Examined on Oct 12, 2018
Power over Ethernet has become one of the most popular features of many video, access, and other security products. See our PoE for IP Video...
"New Zealand Govt Uses Chinese Cameras Banned In US", Considers Security Audit on Oct 12, 2018
Newsroom NZ has issued a report: "NZ Govt uses Chinese cameras banned in US": This comes after the US federal government banned purchases of...
Mysterious Patent Troll 'Secure Cam' Targets Industry, Sues Hanwha, Hikvison, JCI, Panasonic, More on Oct 11, 2018
A company named "Secure Cam," who is actively hiding their ownership, has acquired a slew of video patents and is systematically suing video...
Unfixed Critical Vulnerability In Millions of XiongMai Devices Disclosed on Oct 10, 2018
XiongMai, one of the biggest OEMs alongside Dahua and Hikvision, has suffered a critical vulnerability impacting millions of their devices. This...
Honeywell Hides Selling US Gov Banned Chinese Video Surveillance on Oct 10, 2018
Honeywell hides selling US government banned Chinese video surveillance as their own 'Honeywell' products, deceiving buyers and putting US security...
Door Hinges Guide on Oct 10, 2018
Some of the trickiest access control problems are caused by bad door hinges. From doors not closing right, to locks not locking, worn or warped...
Default Passwords Outlawed in California, US To Follow on Oct 09, 2018
UPDATES A new California bill aimed at improving security for connected devices has been signed into law. The law takes aim especially at...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact