Month: July 2018

The Goods and Services Tax in India that is hailed as one of the most successful accomplishments of the current Government turned one year old on 30 June 2018.   The imposition of GST regime has echoed a mixed bearing on the service sector. On one hand, it is beneficial in various aspects such as one country one tax mode, seamless flow of credit, avoidance of multi-taxation etc., on the other it has produced snags in ease of doing business.  The Private Security Industry in particular, which is one of the largest employment generating industries in India making a workforce of over 7 million personnel is not going well along with the GST executions. They have shown utter disappointment with the regime and raised strong objections on the GST implementation.  Amongst others, the major impediment stems from the fact that GST is due to be deposited on the 20th day of every month while private security agencies receive payments for their respective services after 60 to 90 days; in the interim, however, they are mandated to meet the statutory compliances without fail. The gap between the business module of the private security industry and the imposed GST compliance regulations has created an unpleasant state of affairs for the industry. Central Association of Private Security Industry (CAPSI), the preeminent organisation for private security professionals in India have made several representations with the Government to amiably reach out to a rational reconciliation, but they could not fructify well. The CAPSI delegations knocked the doors of the Secretary, GST, CCI and MSME to suggest them to enable the system of reverse charge mechanism for security. Although the delegations at each stage were given a patient hearing, but no assurance towards the rectification of the anomaly has been suggested so far. The industry has decided not to give up and to proceed more pro-actively to counter the indifference. To begin with afresh, CAPSI has recently resolved to stage a nationwide peaceful protest (Dharna) on 18 July 2018 in front of GST offices of the respective states. The basic ethos of the protest is to simultaneously carry out multiple Dharna’s across the country with adequate media coverage in order to make the authorities aware about the seriousness of the issue. In this respect CAPSI State Chapter Presidents will sensitise all the security agencies in their states to participate whole heartedly in the protest. Along with CAPSI members, non-members of the industry are also requested to support the cause and participate in order to ensure adequate strength from the Industry. The participants will wear black T-shirts. CAPSI will also hold a press conference prior to the main event on 16 July at Press Club of India, which will coincide with the scheduled media conference at Delhi by CAPSI. The Dharna envisages an active involvement of APDI as well. APDI State Chapter Presidents are requested to garner the cooperation and indulgence of all the detective agencies operating in the states to actively participate in the Dharna and make it a huge success.  

The private security industry in India has gained a strong footing in the last decade. With the largest number of private security agents – estimated at 7 million – this industry provides employment to a huge section of people. Urbanisation, and introduction of government proposals such as Mission Smart Cities and Make in India have created a demand for more and more security personnel. Current state of affairs Private security industry plays a huge role in the safety of commoners. For a densely populated country like India, the police to people ratio is not significant enough, which has made the private security industry all the more popular. However, this industry grapples with many crises every day. One of the major problems is the lack of accountability from the security personnel. Security industry in India is largely unregulated, and it’s not uncommon to see guards swapping their shifts without intimating their employer. This impersonation can be potentially harmful, not just for the customer, but also for the security company This is just one of the many problems plaguing the security service providers. Unless there’s a scheduled visit or patrolling by a supervisor, there’s no way to monitor if the guards are alert on their job. Surprise visits to the premises are not a productive alternative either. The human body which is designed to retire at sunset starts to inevitably feel tired and dull during night shifts. Therefore, it makes sense to place your trust in systems, rather than a person to supervise the security personnel. How cloud telephony can help Automated Calls with IVR based check-in To check if the guards are alert, a simple mechanism such as an automated call can be set to trigger at particular time intervals. These calls can solicit input from the guards to ensure that they’re alert. Alternatively, they can be imparted with small training modules in vernacular that are a minute long, asked a related question towards the end of the module, and solicit a response from them. A lot has been said about the lack of training for the security guards. This is an interesting and engaging way to keep them alert and awake. Their call response is an attestation to their situational awareness and alertness. Actions can be initiated by the agency if they fail to respond or answer the call. This method is more proactive than reactive, and adheres to the urgency of the situation. Apart from these call check-ins that fall into a predictive pattern, surprise check-ins can be done by triggering calls at random times. This keeps the security officers alert and ensures they don’t nod off on duty. Automated check-in calls are a more sustainable solution, and the message or structure of the call can be changed every now and then to break the monotony, which is one of the major gripes of security officers. Reminder calls for shift changes Automated reminder calls can be set to go out an hour or 30 minutes prior to the shift, which ensures that the security officer is on time to relieve the on-duty officer. This reduces the chances of no-show or turning up late to the shift. SMS updates to the customer Since the shift rotation chart is prepared in advance, the details of security personnel on duty can be setup to be sent to the customer via an automated SMS message, which they can verify with the help of the personnel identification card. This ensures no impersonation can take place, thus assuring the safety of the customer. IVR to handle new/ potential customer queries For a security services provider, it is essential to be available at all times and put the customer’s safety interests first. Instead of employing a full-scale call center solution, IVR automation can be introduced to answer FAQs. This helps to optimize existing resources better, while also ensuring that an agent does not have to be on-call at all times. A technology like cloud telephony can bring responsibility to this unorganized sector. What’s more – it is not a stand-alone solution. A virtual number that is obtained from a cloud telephony service provider can help provide all the features mentioned above. By Shivakumar Ganesan – CEO & Co-founder of Exotel  

Convergence has been a continual trend in the security industry for over a decade. It began with simple integrations of similar types of security equipment such as adding video cameras to an intrusion system or break-glass detectors to an access control system. The level of integration, however, has quickly evolved – now physical security is being integrated with systems designed with functionality outside of security applications. End users are no longer satisfied with a lack of return on investment from security equipment. Rather, their priorities have shifted from wanting to improve the effectiveness of their security systems toward finding new ways to earn a positive return on investment from these very systems. Historically, physical access control has always been a local, on-site responsibility for those in charge of security management. This is due to huge variations in the methods used to secure buildings, both regionally and by building type. As such, it has always been difficult for larger enterprises to roll out ‘one-size fits all’ access control solutions across multiple sites because of huge variances in the requirements for a given system. The result therefore is that end users responsible for managing these systems now require different training or must issue multiple credentials for multiple locations. Many of these pain points and inefficiencies could be eliminated if credentials are managed centrally; this is where logical integration becomes beneficial. Despite companies often possessing multiple access control systems (each with their own unique database of access rights), they also often have a central database, known as an active or corporate directory. An active or corporate directory is a database that companies use to keep track of employees, contractors, and even customers for a variety of purposes including human resources or IT login credential management. As this database spans multiple sites, it could potentially be used to pull user credentials to create physical access control credentials for the entire enterprise. There is already a wide variety of different levels of logical and physical access control integration. However, pulling physical security access rights from the corporate or active directory is essentially doing so in its most basic and simple form. Features and benefits of integrating these two systems Automation of credential management: Rules-based access control can be implemented by automating system assignments. For example, when a new user is added from the corporate/ active directory, the system can also look every attribute (location, job role, time with the company, etc) associated with the employee. The system then sets default access rights depending on an employee’s attributes. This can greatly speed up the process of adding new users, and it also helps sync access rights with the company’s corporate structure. Unifying credentials: Integrating logical and physical security systems also creates more opportunities to unify credentials. Access control badges or cards can be used for additional functions outside of physical security. Examples include using the credential for two-factor authentication when accessing the IT network, secure printing, or micropayments in the company cafeteria. Improved auditing capabilities and increased accountability: Across an enterprise, the summation of access right changes, on-boarding/off-boarding, and temporary access rights provisioned from its access control system equals a huge volume of requests each month. Without an overarching system, the methods available to senior management for accessing and reviewing logs are limited and inefficient. Corporate governance integration and automation: Logical integration provides the potential to roll out uniform governance across all of the company’s access control systems by enforcing company policy through identity management. Policy checks can be programmed into permission requirements, allowing companies to ensure that best practices are followed. The system also allows the company to verify whether policy was followed, further increasing accountability among employees. Barriers to further adoption Cybersecurity concerns: Connecting every access control system to the IT network, and also managing all of the identities associated with the company via a single system creates huge network risk. If the system is hacked, every identity associated with the company is quickly compromised. Additionally, connecting all the new devices offers hackers new routes into the network, which means that all of the hardware’s software needs to be updated regularly to reduce cybersecurity risk. The lack of an ‘off-the-shelf’ solution: Logical integration projects often require large commissioning and design efforts because they are highly complex both initially and after implementation, particularly with respect to maintenance. This means there is a cost involved for the entire lifecycle that the system remains in place. Lack of developed identity management infrastructure: Many smaller-sized enterprises lack identity management platforms capable of supporting physical access management. And with many larger-sized projects, end users often find that their current authorization policies and best practices have not been updated since they first adopted the identity management system. The result is that these systems must be updated before being integrated with physical access. By Jim Dearing – Analyst, Access Control & Fire, IHS Technology