Integrated Security, Safety and Surveillance Solution i3S

713 views

Published on

An integrated safety, security, surveillance approach to Society, Community, Central, State & Local applications.

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
713
On SlideShare
0
From Embeds
0
Number of Embeds
16
Actions
Shares
0
Downloads
26
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Integrated Security, Safety and Surveillance Solution i3S

  1. 1. White Paper & Solution(s) options © Casper Abraham, FEB 2010 http://www.edgevalue.com Email : casper@edgevalue.com Cellphone : +91 98450 61870 Integrated … „S‟afety, „S‟urveillance & „S‟ecurity Physical, Virtual, People, Cash & Information Security
  2. 2. Base of Experts, Advisory, Staffing & Consulting. The Firm Software, Backend, Tool & Platform Business Model, Methodology, and System(s) Full-range services in Governance, Risk & Compliance Systems Integrators
  3. 3. General
  4. 4. 2012 Global Numbers
  5. 5. Systemic Failures 1. Buying, Installing & Infrastructure is the easy part. 2. Maintenance. Uptime. Spares. 3. Is it working at all? Display Signage problems. 4. It‟s not just cameras. Lighting. Night-vision. Audio. 5. Sensors. Trip. Vibration. Light. Sound. Patterns. Detection. Intelligence. 6. Recording. It‟s TOO-BIG. Imagine 10,000 cameras in HDTV, 24x7x365. 7. No one can watch all, all the time. It‟s boring work. Impossible to motivate. 8. How do you know when an event occurs? 9. You have to RECORD before, DURING and after the event.
  6. 6. List of NATURAL Hazards …  Displaced Persons  Drought  Earthquakes  Epidemics and other Health Threats  Extreme Temperatures  Floods  Global Climate Change  Hail  Hurricanes and Tropical Storms  Infestations/Invasive Species  Landslides  Power Outage  Structural Fire  Technological Hazards/HAZMAT  Terrorism and Civil Hazards  Thunderstorms and Lightning  Tornadoes  Wildfire  Winter Snow/Ice Storms
  7. 7. List of MAN-MADE Threats …  Vindictive Behaviour  Weapons. Firearms. Chemicals. Explosives.  Hostage Situation.  Dacoit.  Ideology, Psychological and Behavioural Situations.  Selfish Behaviour  Petty Theft.  White Collar Entry.  Identity Theft / Fake Identity.  Fudged paperwork / documentation.  Unauthorised Vehicles vs Changed Licence Plates.  Removal of Assets.  Co-Operative Behaviour  Cartels of Security + Staff + Others.  Lax systems. NOR Audit NOR Oversight.
  8. 8. Aspect. It‟s about …. 1. Choice 1. Better to be „safe‟ than „sorry‟. 2. Insurance 1. If nothing is going to happen … you don‟t need it. 3. Uncertainty 1. An attempt to Predict / Quantify the future. 4. The opposite of „Risky‟ is „Secure‟.
  9. 9. Priorities … 1. Databases. 2. People logins. 3. Remote access. 4. Storage & Backup issues. 5. Down & Repair related issues.
  10. 10. Two sides of the same coin Risky … • Greed • High risk – High rewards • Force Majeure. • Requires Insurance. • Contingency & Backup Plans. • Exit options. • Speculation vs Gambling. • Unknown threats / weaknesses. Security … • Safe • Average Returns. • Known threats / weaknesses.
  11. 11. Today‟s Reality … Event, Incident, Crime, observable ‘physical’ or ‘virtual’ action takes place. Investigation, Modus operandi, Witnesses, Suspects, Evidence, Forensics, Motive, Detective work, legal or illegal. Law & Constitution. Police. Courts. Jail. Intent to destruct. Sixth Sense. Intuition. Suspicious. Pattern. Intelligence Gathering. What if …and IF. Word & Observations of others. Behavioural Patterns. Prepared to die. PROFILING.
  12. 12. Track the WHOLE population? 1. Create-Identify, Train, Motivate & Manage a base of PROFILERS. 2. Start with the Criminals in Jail. Of course you can PROFILE them. 3. Database of their accomplices. 4. Foreigners in INDIA. 5. Foreigners in INDIA STATE(s). 6. A risk metric on every TARGET. 7. Do you want to know more about who is IN? 8. Do you want to know more about who is OUT? 9. Do you want to monitor or watch their movements? Monthly? Weekly? Hourly? Real-time? 10. Public? Households? Private? Key-patterns … 1. Lifestyle. 2. Family, friends & relationships. 3. Travel. 4. Opinions & Beliefs. 5. Behavioural Assessment. 6. Observable Behaviour Profile. 7. Income & Sources. 8. Spending on what. 9. What do they possess? 10. What was; and is now not with them?
  13. 13. Going to be a criminal … 1. Manual 24-hour Surveillance. Detective work. Night Vision Binoculars. Photo & Video Cameras. Bugs & Microphones. Recorders. Telephone Taps. Your life was hardly threatened. Intuition, Sixth Sense, “I can feel it” & Behavioural Pattern Recognition. “I know this guy did it.” 2. Challenges today … Surveillance presence detection. CBRN Presence. Mobile phones. Internet. Radio monitoring. Encryption. Aspirational threat to Planning threat. Your own life is threatened if you challenge OR become a part of the “situation”. Intuition, Sixth Sense, “I can feel it” & Behavioural Pattern Recognition. “I know this guy is up to no good … but is that a Homeland Security threat?”.
  14. 14. Further challenges … 1. There may yet be no infringement of the law. 2. Is it a law-enforcement, Police, State issue? 3. When is it a central, Defense or Homeland, Central issue? 4. Our man (or woman) … the whole range. Personal Values; Individual behaviour; Current Stress; trigger-happy; Moral issues … Human Rights; Encounters; Self- defense; Whether armed; adequate protection; on-the-spot „manual‟ or „automated‟ information; information-on- demand. Real time Decision-making
  15. 15. So how real is a threat?
  16. 16. Threat nuances … 1. What are the Force Majeure threats? 2. Are lives at stake? 3. Can Insurance solve it? 4. Airlines were downed for 3 days … so what. The city came to a stand-still for 5 days … so what. The US economy is slumping … so what? The Delhi CWG games was a disaster … so what? 5. Katrina. Asian Tsunami. Gulf oil spill. Hungary toxic spill. Pakistan floods. What could have been done? Is something being done about other FUTURE such events? 6. Even if someone knew something was going to happen … Clairvoyants? Hollywood? Witches? Aliens? 7. And if it never happened … perhaps it was not going to happen at all. Who pays? How do you prove this?
  17. 17. Security Activity Monitoring Traditionally, security has focused on putting up a perimeter fence to keep others out, but it has evolved to monitoring activities and identifying patterns that would have been missed before. Information security professionals face the challenge of detecting malicious activity in a constant stream of discrete events that are usually associated with an authorized user and are generated from multiple network, system and application sources. At the same time, security departments are facing increasing demands for ever-greater log analysis and reporting to support audit requirements. A variety of complimentary (and sometimes overlapping) monitoring and analysis tools help enterprises better detect and investigate suspicious activity – often with real-time alerting or transaction intervention. By understanding the strengths and weaknesses of these tools, enterprises can better understand how to use them to defend the enterprise and meet audit requirements.
  18. 18. Risk Management is like Cricket 1. You have limited resources. You are allowed only 9 fielders. 2. Never equally placed. You have to focus on manageable higher risk areas. 3. If you want stop the 4’s you will be giving away singles. 4. If you are stopping the singles, going over the top is a danger. 5. You need some good, fast fielders in the first place. 6. Catches win matches. 7. Everything depends on the Game Situation. What are your objectives? 8. Do you know the batsmen? Your competitors? 9. You need a Plan B at all times. 10. You have to think on your feet.
  19. 19. Financial Risk
  20. 20. High Risk – High Rewards Good … • Sound as a Bank. • Ensure capital return. • The Markets • EQUITY. • DEBT • COMMODITY • CURRENCY • Safe as houses. • Property • Art & Antiques. Bad … • Islamic Banking. • Gambling. • Speculation • Throw good money behind bad • Ponzi Schemes. • MLM
  21. 21. Risk 1. Controllable – Manage it. – Eg. Forward Contracts / Commodities Exchange. 2. Un-controllable – Insurance – Force Majeure Management.
  22. 22. Systems Thinking & Systems Dynamics related to Risk 1. Behavioural Systems Thinking. 2. Financial Systems Thinking. 3. Risk Systems Thinking. 4. Systems Dynamics Modeling. 5. Team, Systems, Practice, Instrument level Systems flowcharts. 6. Mathematical Modeling. 7. Behavioural Modeling.
  23. 23. ALM Flow Example
  24. 24. Classical Risk Curve
  25. 25. Staff at Risk Management Steps 1. Identify the hazards 2. Decide who might be harmed and how 3. Evaluate the risks and decide on precaution 4. Record your findings and implement them 5. Review and update (if necessary)
  26. 26. Risk Factors Asset(s) Vulnerability Threat Risk Risk_Metric R% = A% x T% x V% Internal
  27. 27. Choose .. Sharing Integrity SecurityIdeas for implementation :- • IT Policy • Intangible Assets • List. Cost. Manage. Usage. • Internal Patent System. • USA Defense Services Orange Book • Setup a MarComm, Communications, Documentation Division. • Establish a „VI‟ practice. • Develop a part-branded „consumer-usable‟ line of products. • Design & Manage a Catalogue. • Push OR Pull „strategy‟ …. Sharing + Security + Integrity = 100%
  28. 28. Paper Wealth
  29. 29. Built on shaky fundamentals
  30. 30. Risk because of Information & Communications Technology
  31. 31. Six sigma credo …  We don't know what we don't know.  We can't do what we don't know.  We won't know until we measure.  We don't measure what we don't value.  We don't value what we don't measure.
  32. 32. Your personal data 1. Credit-card numbers. 2. CW2 security numbers. (back of credit-card). 3. Credit reports 4. Social Insurance numbers. 5. Driver‟s License numbers. 6. ATM cards. 7. Telephone Calling Cards. 8. Mortgage details. 9. Date of birth. 10. Passwords, PIN‟s. 11. Home address. 12. Phone numbers. 13. Address book and Personal contacts information.
  33. 33. Corporate data … 1. Trade secrets. Recipes & Formulations. Bill of Materials. 2. Cost information. Vendors; procurement costs; supplier chain information. 3. Price information. Customers; selling costs; customer relationship information. 4. Purchase track record – Sales History.
  34. 34. Exposure cases … 1. DSW, USA. Credit-card information from 108 stores; from 96,000 USA check transactions exposure of US $ 1.5 M. 2. CardSystems, USA. Card-information of Japan; HongKing; Phillipines; and Australia. Exposure US $ 40 M. 3. Mphasis-Citibank. Stolen US $ 350,000/- 4. Sumitomo Bank. Stolen passwords caught prior to stealing US $ 397 M. 5. Citibank UPS shipment of customer data; 123,690 Japanese customers; exposure US $ 3.9 M. 6. Accura Bank; stolen micro-film data; exposing 26,400 customers. 7. Commonwealth Bank of Australia – ATM cash-transfers. Stolen US $ 17 M. 8. Central Bank of Russia. Bank transfer information sold on-line. 9. Michinoku Bank. Thrown CD‟s retrieved of nearly all its customer- information; exposure US $ 1.3 M.
  35. 35. Who‟s got it … 1. Banks 2. Card companies. 3. Credit reference Agencies. 4. Merchants. 5. Government Agencies. 6. Phone companies. 7. Insurance Firms. 8. Data brokerage firms. List Managers. 9. Payment Processing Agencies. 10. Direct Marketing Agencies. 11. Market Research Firms.
  36. 36. Priorities … 1. Databases. 2. People logins. 3. Remote access. 4. Storage & Backup issues. 5. Down & Repair related issues.
  37. 37. The only three … 1. What you know. o Login ID. Passwords. PIN. Personal data. Public and Private Keys. (PKI). 2. What you have. o ID Card. Token number. Ticket. Boarding Pass. PKI Digital Certificate(s). 3. Who you are. o Signature. Fingerprint. Blood Group. Your walk. Iris Pattern. Hand Geometry. Body language. Voice Recognition. DNA.
  38. 38. AutoID : A key Technology DeviceAutoID Smart Tag 1. ID 2. Pull data 3. Push data Enormous cloud of devices
  39. 39. Collective or Group Risk
  40. 40. Mixed community Handling 1. Purple Zone Residential Towers. 2. Orange Zone Manufacturing (EZ) 3. Green Zone Commercial Complexes 4. Cream Zone Retail Public Access 5. Red Zone Utilities. Admin. Control Rooms.
  41. 41. Mapped Systems 1. Perimeter Controls. 2. Roads. * 3. Conduits/Pipes. * 4. Water. Sewage. * 5. Power. * Lighting. 6. Sensors – Cameras. 7. Key-Cards. Access Control. 8. Display Signage 9. Vehicle Parking. 10. Vehicle Movement. 11. Access Point(s Control. 12. Fibre Communications. 13. IT Infrastructure 14. CED Wireless Network. 15. Security Manpower Information System. 16. Law Enforcement. * 17. Operational Systems. 18. Tactical Systems. 19. Emergency. Crises. 20. Miscellaneous Manufacturing 21. Integrated Software Tool(s). * Systems with likely Central, State, City or Municipal Authority.
  42. 42. Layer Codes A = B = Perimeter. Fence. Access Points. Boundaries. C = Sensors. Cameras. Microphones. D = Disaster. Risk. Emergency. Crisis Points E = F = Fire-Handling Points G = to K = L = Lighting. M = Manned. Security. Rest-Stop-Points. N = Conduits. Cabling. Fibre. Networking. O = P = Power Lines. R = Roads. Parking. Traffic Direction. S = Sewage. W = Potable Water. Pipes. Junctions. Outlets.
  43. 43. It SHOULD NOT be … what most people think of as Security Today. 1. Security Staff • 10, 50 … 200 „uniformed jokers‟ floating around. • Not empowered. • Not trained. • Not civil, nor helpful. • Gate Pass. In-Out Register. ID Card. Plate recording. • Happily out-source to so-called „ex-Services Experts‟. 2. CCTV • A bunch of cameras connected to a few TV‟s. • No one sees it. • If you see something, no action is taken or actioned too late. • Footage not available when needed. • Analog is „cheap‟ but „dead‟. • Inadequate Lighting. Poor angles. Low coverage. You thought …….. BUT the reality.
  44. 44. i3S Imperative Elements Statutory Element(s) * Constitution Adherence * Federal Subject(s) * State Subject(s) * Statutory Reporting Intelligence (Elements) * Doing the Best / Footwork * CCTV (Visual intelligence) * Sensory Intelligence / Alerts * Virtual Convergence World * IT aided Intelligence. * Automation. Staffing Element(s) * Operational STATE Deployment. * Owned STAFF Deployment. * Outsource STAFF Deployment. * Stakeholder(s) STAFF – ADMIN – MGT. Infrastructure Element(s) * Fibre-Wired and Wireless Network. * Server(s), Client(s), CEDs, Handhelds etc. * Connectivity, Availability, Redundancy & Backup. * Devices, Cameras, Sensors, Lighting, Power-Supply etc. * Control Rooms, Access Points, Distribution Points etc.
  45. 45. Roads vs IT analogy Network Roads, number of lanes, number of check-points, signal lights, flyovers. Wired or wireless. Analog, Digital or IP. Servers Parking Lots. Car Lifts. Parallel Parking. Data and Information stored remote centrally Bandwidth Per-hour vehicle capacity, Types and Speeds of cars, uphill, curves Size and speed of data transfer Connectivity Toll Gates, Exit Ramps, Security Checks, Weather conditions, Sex (!), Age and Health of Driver, VIP in-town Availability and usability to an end- user.
  46. 46. Connectivity Tap-Points FROM TO • Camera Station • CED (Mobile-Handheld) • Public Alarm • Action to i3S Policy • WorkStation Access • CED (Mobile-Handheld) • Helpdesk Request • Subscriptions View • Self-Service • Accountable Staff External Access; Inputs and Out Internal Management; Inputs and Out
  47. 47. Financial
  48. 48. Types … 1. Cash. 1. Theft. Fraud. Loss. 2. Liquidity. Un-availability. 3. Bad Debt. 2. Assets. 1. Plant & Machinery / Office Equipment. 2. Non-performing Assets. 3. Lower than planned ROI. 4. Depreciation. 5. Cost vs Performance. 6. Availability. Reliability. Maintainability. 3. IPR. 1. WTO. WIPO. GATTS. Country-Statutory-Industry. 2. Patents. Copyrights. Trademarks. Secrets. 3. Appreciation. 4. Capital vs Expense. 5. Inventory 1. Over-stock. Under-stock. Just-in-time. Carrying Costs. 2. Obsolescence. 3. Re-work. Re-cycling. Inefficiencies. Quality issues. 4. Waste. Write-off.
  49. 49. „Accountability‟ Transfer … “Whose „cash‟ is it anyway?” 1. Extremely INDUSTRY specific. • Compare. Automobiles vs Pharma. vs Music CD‟s vs Bollywood Films vs Your Industry. 2. Manufacturer OR Distributor OR Retailer. 3. Investors. Share-holders. Stake-holders. 4. Banks. FI‟s. Mutual Funds. 5. Mortgages. Loans. Leasing. Hire-purchase. 6. Purchase of risk. In-transit documents. Invoices. Payments. Letters of Credit. Hundi (in Asia). 7. Futures and Options.
  50. 50. Cost of FAILURE! Regulatory Action Corporate Liability Indirect Costs Loss of Customer Confidence
  51. 51. Force Majeure 1. Those "physical" events that are foreseeable, although unpredictable, such as fires, floods or vandalism. 2. Those day-to-day "business" events or governmental actions that cannot be forecast, but which are foreseeable, such as strikes or regulatory activities. This includes your service provider's subcontractors and vendors not performing tasks possibly necessary to your provider's performance under the agreement that your provider may claim are "beyond its reasonable control." 3. Those events that, although admittedly still pretty rare, are now unfortunately quite plausible in a world where commerce is easily touched by international politics, such as military actions, embargoes, rebellions and terrorism. 4. Those events caused by extraordinary elements of nature or "acts of God," which are truly unforeseeable force majeure events.
  52. 52. Business Continuity Factors vis-à-vis Information & Technology 1. Uptime (near 100%) 1. Backup, Housekeeping, Mirror, Geographical Spread, Employee Standby, Hotfix, 24x7x365 service(s) availability. 2. Downtime (near 0%) 1. MTTR, MTBF, 24x7x365 service(s) availability. 3. Assess, Quantify, Measure 1. Information Costing. Investor, Vendor, Customer & Co-worker „impact‟. What-if scenarios. 4. Risk & Qualify. High, Medium, Low, No. 1. Insurance. Personnel standby. Internal & External Audits.
  53. 53. GREY QUADRANT - Low severity - High Probability RED QUADRANT - High severity - High Probability YELLOW QUADRANT - High severity - Low Probability GREEN QUADRANT - Low severity - Low Probability Real Trouble Try to reduce Impact Nuisance Problems Closely Monitor for increasing Probability Problems not significant 0 0 10 10 Probability of occurrence SeverityofImpact
  54. 54. When „risk‟ happens …. 1. On-track plan. (Backup, contingency) 2. Insurance, premiums & documentation. 3. Handling the Media (and fallout …) 4. Not repeating a mistake … 5. Factor #1 - Probability. 6. Factor #2 - Outcome or hazard.
  55. 55. Tools 1. Sensitivity Analysis. (What if …) 2. Statistics - Normal Distribution.
  56. 56. Access Risks
  57. 57. The only three … 1. What you know. 1. Login ID. Passwords. PIN. Personal data. Public and Private Keys. (PKI). 2. What you have. 1. ID Card. Token number. Ticket. Boarding Pass. PKI Digital Certificate(s). 3. Who you are. 1. Signature. Fingerprint. Retinal Pattern. Body language. Voice Pattern. DNA.
  58. 58. IT Best Practices 1. Without SSL encryption, the integrity of data is compromised. 2. Without robust physical and network security, sensitive corporate data is at risk of intrusion 3. Building an effective in-house PKI system will take considerable time and expense. Opt for managed PKI services. 4. Free software will crack your password in 30 minutes. 5. Email is leaking your business secrets. 6. Traditional access control solutions are either ineffective or costly 7. Your web site can be spoofed with a point and a click. 8. Testing in production is tempting fate. 9. The weakest link in your security is your people. 10. On the web, nobody knows if you are a Martian.
  59. 59. Reality checklist 1. Almost everything is turning electronic & digital. 2. Applications will never be secure. 3. The perimeter is disappearing. 4. The determined hacker will get in, always. 5. Awareness training will help, only so much.
  60. 60. ID Theft. 24% 16% 15% 11% 7% 5% 4% 18% Credit-Card Fraud Phone or Utilities Fraud Bank Fraud Employment-related Fraud Govt. documents fraud Attempted ID Theft Loan Fraud Other Identify Theft
  61. 61. Key threats in 2011
  62. 62. Our offer
  63. 63. Physical +Virtual (Lobby) DMZ on Extranet
  64. 64. The proposal 1. Approach your „I.T.‟ as you would your physical office. You have a centralised reception area. 2. You have physical security. You have cameras. You have off-office hours infrastructure. 3. You have a back-gate for materials. In/Out registers. Documentation. 4. You also have Policies, Rules & Regulations, Guidelines, Methods, Processes & Systems. 5. There is „Human Decision Making‟ in terms of out-of-policy, contingency & crises.
  65. 65. The Service Business Continuity is a matter of Practice and includes :- 1. Study of Existing Systems. 2. Desired State Definition.. 3. Gap Analysis. 4. Budgets & Costs Allocation. 5. Design & Plan. 6. Implement. a. Buy-out, License, Acquire, Recruit. b. Integrate, Implement, Train, Setup, Establish. c. Intensive Monitoring Services. (Typically 3 months). d. Regular Monitoring Services. (Annual Contracts). 7. Review, Feedback, Correction.
  66. 66. Possible Scope of Supply … From your India-based establishment … as your Worldwide Single-Point Source …. 1. Study of Existing Systems. 2. Desired State Definition.. 3. Gap Analysis. 4. Budgets & Costs Allocation. 5. Design & Plan. 6. Implement. a. Buy-out, License, Acquire, Recruit. b. Integrate, Implement, Train, Setup, Establish. c. Intensive Monitoring Services. (Typically 3 months). d. Regular Monitoring Services. (Annual Contracts). 7. Review, Feedback, Correction.
  67. 67. … including … 1. Top Management „Interaction‟ & „Support‟. 2. Design & Management of your „Red Book‟ 3. Physical Manning at all physical server locations. 4. 24x7x365 Manned Monitoring 5. 24x7.x365 Automated „Sniffiing‟ & „Snooping‟ Conrols. 6. Hardware & Software Firewalls. 7. Internal Audit(s). Infrastructure, Administrators & I.T. Departments of Internal, Vendors, Customers, Investor & Co-worker Groups access. 8. External Audit Support 9. Downtime Services. 10. Crises Services. 11. Choice of Technologies. 12. Online Certificate Design, Method & Systems.
  68. 68. If I.T. down assessment … 1. If Hardware, Networking, Storage goes down …. 2. If Systems Software goes down … 3. If Application(s) Software goes down … Bugs, Staging, Testing, Y2K type scenarios …. 4. If Data goes down … 5. If Information unavailable … 6. If unable to find-out what has gone down …
  69. 69. Security Policy 1. Written General Security Policy. 2. Written IT Security Policy. 1. IP‟s. Listed & Controlled. 2. Allow & Deny. Group, individual & others. 3. Logs. Logs backup. Logs Analyses. Decisions. 4. Disaster Recovery. 5. DOS, DDOS etc. 3. Client „transparent‟ document. 4. Internal audit. 5. External audit.
  70. 70. Information or Intelligence Domain
  71. 71. Central Intelligence •Gather Information, OR Intelligence. •Data. Images. Audio. Video. •Store. Retrieve. Analyze. Pattern Recognition. Intuition. Assign Field Work. •Gather MORE information. •Sort. Extract. Merge. Collate. Integrate. Consolidate. Automate. • Efficiencies. ROI. TCO.
  72. 72. Disseminate. Execute. Act. Assist. Support. Help. Facilitate. • Assign Work • Intelligence on Demand. • Verification. Authentication, Fact- Checks. • Friend or Foe Decision Making.
  73. 73. People Risk The „Human Being‟ behind every „Risk‟ related event.
  74. 74. Shrinkage One word for Risk, Safety, Security, Surveillance, Graft, Corruption, Negligence; Stupidity; Ignorance; ill- informed; uneducated; Theft. Fraud; Counterfeit; Negligence; Attrition …??? PRAY (People Risk Assessment & Yield) Model
  75. 75. Risk from People People Actions Costs Employees Suppliers Customers TEMPS Catering Staff Housekeeping Security Staff Drivers Ghost Employees Order Acceptance Procurement Wrong Vendor Wrong Hiring Poor Decisions Direct OR Indirect Fixed OR Variable Liable for Litigation Negligence Graft (CORRUPTION) Cartel Behavioural Not Insured 100% Revenue Loss Increased Cost Lower Profits High Risk Behavour Stopped Learning Ego – Alpha-Male Long term consequence Personal Debt Greed Clinical Problem(s) No Succession Planning Poor Due-Diligence Obsolescence Re-work & Waste
  76. 76. New Economy Organisational Design Delivery / Production / Manufacturing People Commercial Sales Customer Contact Marketing Contract Staff Our Staff External Outside Control Internal Our Control Modern Organisations do not work from one premises. All Staff may not be homogenous; not from one area; community; state or even country. Wireless allows into and out of any location; voice, video & definitely data. The Enterprise has to be MORE in control while being forced OUT-OF-CONTROL by the pace of Technology.
  77. 77. Out-sourcing • Benefits 1. Required Skills. 2. Lower Costs. 3. Quicker Access. 4. Better Systems. 5. More Professional. • Risks 1. Culture mis-fit 2. Increased Costs. 3. Less co-ordinated. 4. Integration issues. 5. Less-in-control
  78. 78. Types / Categories of Workforce … Class A 1. Board, Committee, Association. 2. Our Staff. Permanent. 3. Key Owners, Managers, Stakeholders of Members. 4. VIP‟s. Statutory Authorities. Pre-approved Guests/Visitors. 5. Out-sourced Security Key-Managers, Authorised Staff. Class B 1. Our Security Staff 2. Out-sourced Permanent Security Staff. Class C 1. OUR or external Part-time OR Temporary Security Staff. Class D 1. Staff of „Member-Units‟. Permanent. 2. Temporary Staff. TEMPS. 3. Service-Provider. Utilities. Supplies. Catering. Transport Drivers + Support-Staff. 4. Any new Employee / Regular LESS than one year of Regularity. Class E 1. Contractor. Staff. Labour-force. Contractor Suppliers. Contractor Services. 2. Trade or Manufacturing. Goods Inward and Goods Outward. 3. Waste Disposal. IN and OUT movement.
  79. 79. Risk Level Rating of People 1. 0 to 9 : 9 = no risk; 1 VERY HIGH RISK. 0 = unknown / not assigned. 2. Everyone is assigned a Level 5. Has to earn by time, inputs, self-service, behaviour, references, feedback to lower the Risk LEVEL. PRAY (People Risk Assessment & Yield) Model
  80. 80. Negligent Hiring 1. What is negligent hiring? 2. Should all companies be expected to have a screening policy? 3. Does every employee need to be screened? 4. How much should a company expect to pay for screening? 5. What can it cost a company should they chose not to have a screening program? 6. Do you have enough „Johari-window‟ information to make an offer? 7. Are all screening companies alike?
  81. 81. Negligent Hiring Problems … 1. Shrinkage. Theft. Robbery. White collar crime. 2. Security Staff are compromised! 3. Cartels / Organised Crime are formed! 4. IT, data, Information & know-how leaks. 5. Rapists! Women‟s Issues. 6. Pornography. Video-Cam. Exploitation. 7. Pedophiles. Children abuse. (Where applicable). 8. Fellow-workers being blackmailed. 9. Paper-work fudging albeit for personal gain.
  82. 82. People Risk examples 1. Ghost Employees. Not on your payroll, not coming to work being paid maybe electronically. 2. Cartel of Security, Catering, Housekeeping & Admin. in waste (and other) removal from the premises. 3. Labour (HR or line Staff) taking a „cut‟ in recruitment, placement, promotions. 4. Poor Decision-Making. Order Acceptance, Vendor Identification, Technology due-diligence, Loan disbursement. Based on wrong or Inadequate data or information. 5. High-risk behaviour in their personal, private life. Gambling. Drugs. Debt. Wine. Women/Men. 6. Time-allocation. Priorities, motivation, interests in a different direction or area. Non-professionalism. 7. Travel + Stay when it could have been done with Video- conferencing.
  83. 83. Some Solution(s) Step(s) 1. Rating : Keep a simple score-card. On a scale of 1 to 9 everyone is a 5 till proved otherwise based on Actions and Performance. 2. Internal FIR : Maintain a database of any and all incidents (tangible and intangible) transparent ensuring personal privacy; warnings; let-offs; rewards & recongition. 3. PMS : Perform periodic Reviews. Behavioural as important as Performance. 4. Voperty : The modern-organisation is no longer on one-premises. It is virtual and on-line as much as off-line. Intellectual Property is as important as Property. Trade-secrets, diagrams, customer or supplier databases. 5. Infrastructure Enhancement & Technology Support. 6. KRI : Acquire, implement, maintain and manage a set of Key Risk Indicators. 7. Process, Methodology, Workflow. Checklists. Visual Maps. Step- accountability.
  84. 84. Infrastructure Recommendations 1. Single-window Access Control System. (Staff, Catering, House-keeping, Temps, Security). Audited Attendance. 2. Eyes and Ears on the ground. Networked Cameras; Adequate Lighting; Sensors for required needs. 3. Triple-play convergent digital networks. 4. Things monitoring. Raw materials & Finished Goods. Consumables. Fixed and Mobile Assets. Repair-men kits. Catering, Housekeeping, Waste removal. 5. Centralised Servers + Platform for Intergrated, Real-time, Remote & Localised Routine Reporting, Audits and Alert/Alarm Systems. 6. Transparency, Convenience, Ease-of-use, Ergonomics, Managed Queues, Systems, People-flow.
  85. 85. Infrastructure Functionality Information or Intelligence Domain Central Intelligence •Gather Information, OR Intelligence. •Data. Images. Audio. Video. •Store. Retrieve. Analyze. Pattern Recognition. Intuition. Assign Field Work. •Gather MORE information. •Sort. Extract. Merge. Collate. Integrate. Consolidate. Automate. • Efficiencies. ROI. TCO. Disseminate. Execute. Act. Assist. Support. Help. Facilitate. • Assign Work • Intelligence on Demand. • Verification. Authentication, Fact- Checks. • Friend or Foe Decision Making.
  86. 86. Risk from Graft / Corruption
  87. 87. Managed Services 1. Choose to work with Riskpro India. (http://riskpro.in) Typically a minimum of 15-month contract. 2. Study, Report, KRI-set & GRC (Governance, Risk & Compliance) Roadmap within one month. 3. Put in place our clextra Software Platform. 4. Identify and Train the „Task-force‟ on GRC Roadmap. 5. Maintain, Monitor, Manage, Analyze. „Routine‟ and „Alert‟ Reporting to Management.
  88. 88. Risk Management
  89. 89. Based on the COSO model
  90. 90. Another Model
  91. 91. IT Risk Model
  92. 92. Risk of No Information Risk of No Information & Communications Technology E D C B A Source Interface Distribution Interface Request SERVERS Web-Pipe Ether-Space Local ISP CLIENTS 1.4 90% plus 1.3 60-89% 1.2 Ok 1.1 Less than 50% 2.4 Predictive 2.3 In-time 2.2 Yesterday 2.1 Post-mortem 3.4 DataHouse 3.3 Database 3.2 11-500 Pages 3.1 1-10 Page 4.4 Video 4.3 Audio 4.2 Visuals 4.1 Text 5.3 Sharing 5.2 Integrity 5.1 Security 5.3 Backup 5.2 Hardware 5.1 Power Supply Side Supply Side 1 2 Relevance Timeliness 3 4 5 6 Infrastruc ture Quantity Media Quality
  93. 93. Any „IT-record‟ in your Business … 1. Tangible Assets Master 2. Buy Purchase Orders Master 3. Main Metrics 4. Expenses Master 5. Firms Master 6. Inventory Master 7. Invoices Master 8. Mfg. Job-Work Orders Master 9. Intangible Assets Transactions 10. Intangible Assets : Library : Info.Units 11. Owners : Contacts - Customers - Vendors 12. Individual Employee Master : Login II 13. Teams Master 14. Unit Master 15. RFID Hardware etc. 16. Seats Management Database 17. Individual Users Master : Login I 18. Vehicle Master
  94. 94. User definable … #1/3 A000,FORCE MAJEURE A001,Unpredictable A002,Political Forces A003,Terrorism A004,Genuine B000,FINANCE B001,Cash Liquidity B002,Market valuation of Equity B003,Audit B004,Financial due-diligence B005,Technology due-diligence B006,Theft of cash B007,Mis-use of cash B008,Mis-use of documents B009,non-Performing Assets B010,Tax B011,External Audit B012,Internal Audit B013,Depreciation B014,Credit Risk B015,Bad Debt B016,Book Value of Equity-Shares B017,Market Value of Equity-Shares B018,Bull-run B019,Bear-run C000,COMPLIANCE C001,Regulatory Compliance C002,Central Compliance C003,SOX Compliance C004,Stock-Exchange Compliance C005,Central Labour Compliance C006,Local Labour Compliance C007,Local Safety Compliance D000,LEGAL D001,Major Lawsuit D002,minor Lawsuit D003,Loss of original documents D004,Legal fees D005,Stay order Costs D006,Stay order Time E000,PLANNING E001,Vendor Base. (Contractual and Moral) E002,Customer Base. (Affinity and Purchasing). E003,Sales Projections E004,Expenses Projections E005,Cashflow Projections E006,Meeting Manpower Plans F000,HR FA00,INVESTORS FA01,The Head of the Board FA02,The Board FA03,The CEO FA04,The CEOs Team FA05,Investors ROI needs FA06,Investors Values FB00,EMPLOYEES FB01,Absenteeism FB02,Non-performance FB03,Quality
  95. 95. User definable … #2/3 FB04,Quantity FB05,Negligence FB06,Fraud FB07,Unionism FB08,Training FB09,Requisite Operational Skills FB10,Motivation FC00,MANAGERS FC01,Not a Manager FC02,Not a Coach-Leader FC03,Manager Unionism FC04,Labour Unionism FC05,Fraud FC06,Planning FC07,Plan adherence FC08,Gap closure FC09,Training FC10,Requisite Operational Skills FC11,Motivation FD00,BEHAVIOURAL FD01,Narcissistic FD02,Nepotism FD03,Authoritarian FD04,Physical Male-Female FD05,Verbal Male-Female FD06,Submissive FD07,Sycophancy FD08,Destructive Intelligence FD09,Stupid-Dumb-Idiotic FD10,Hands-off FD11,Hands-on FD12,Motivation FD13,Time-wastage FD14,Gambling FD15,Other pursuits FD16,Indoor inclinations FD17,Outdoor inclinations FD18,Commitment to Quality FD19,Commitment to Quantity FD20,Personal problems FD21,Financial burden FD22,Family problems FD23,Personal Health FD24,Alcoholism FD25,Drugs-Chemicals effect FD26,Obsessive Compulsive Disorder FD27,Attention Deficiency FD28,Hyperactive Syndrome G000,INVENTORY G001,Book Valuation G002,Market Valuation G003,Physical Checking G004,Obsolescence G005,Over-stocking G006,Under-stocking / Stock-outs G007,H. LOGISTICS RISKS G008,Delayed inflow G009,Delayed outflow G010,Transit Damage G011,Transit Theft
  96. 96. User definable … #3/3 G012,Transit Spoilage G013,I. PURCHASE RISKS . G014,Quality. Re-work G015,Wastage and write-off. G016,Short-supply H000,MANUFACTURING H001,Line Downtime H002,Partial Downtime H003,Shopfloor Accidents H004,Labour - unionism H005,Capacity availability H006,Output efficiency H007,In-logistics Space H008,Out-Logistics Space H009,Power-Energy availability H010,Water availability H011,Flow constraints H012,Process inefficiency H013,Safety Systems J000,REDUNDANCY - BACKUP J001,Duplication J002,Backup J003,Alternate System J004,mis-matched capacities J005,Absenteeism J006,People Training J007,Use of Consultants-Advisors K000,MARKETING KA00,EXTERNAL KA01,Customer understanding KA02,Customer need specifications KA03,Quantity of Reach KA04,Quality of Reach KA05,Too much communications KA06,Too little communications KA07,Market segmentation KA08,Choice of channels KA09,Delivery-Install-Commissioning KA10,Training KA11,Customer Usage KA12,After Market Services KA13,Product Lifecycle Revenue KA14,Product Lifecycle Expenses KA15,Product Lifecycle Profit KA16,Reputation Risk KA17,Brand Dispersion Risk KB00,PUBLICITY KB01,Bad Press due to internal incidences KB02,Bad Press due to extraneous incidences KB03,Investor relations. KB04,ex-employee relations. KB05,Customer relations. KB06,Vendor relations. KB07,Press relations. KB08,Political relations.
  97. 97. Define & Manage Sets Set 1 Set 2 Set 3 Set 4 Set 64 Set 65 Set 7821 A000,FORCE MAJEURE  A001,Unpredictable A002,Political Forces A003,Terrorism  A004,Genuine B000,FINANCE B001,Cash Liquidity   B002,Market valuation of Equity  B003,Audit  B004,Financial due-dilligence  B005,Technology due-dilligence  B006,Theft of cash  B007,Mis-use of cash  B008,Mis-use of documents B009,non-Performing Assets B010,Tax B011,External Audit B012,Internal Audit B013,Depreciation B014,Credit Risk B015,Bad Debt  B016,Book Value od Equity-Shares  B017,Market Value of Equity-Shares  B018,Bull-run B019,Bear-run   A set can have any number of user-definable metrics.
  98. 98. Assign Set to a Record … 1 Tangible Assets 2 Buy Purchase Orders 3 Main Metrics 4 Expenses 5 Firms 6 Inventory 7 Invoices 8 Mfg. Job-Work Orders 9 Intangible Assets Transactions 10 Intangible Assets : Library : Info.Units 11 Contacts - Customers – Vendors – Agents – Drivers - Traders 12 Level II login users : Employee, Customer, Doctor, Patient, Student 13 Teams 14 Unit – Group – Household (In addition to Teams). 15 RFID Hardware etc. Gates, Doors and Access Equipment. 16 Seats - Workstations – Desks etc. 17 Level I login users 18 Vehicle
  99. 99. Each Metric includes … 1. Cost. On a scale of 0 (no-cost) to 10 (very high); this is the means to „level‟ ANY and ALL Threats to a business. 2. Vulnerability On a scale of 0 (none) to 10 (definite) Internal weaknesses and under reasonable control factors. 3. Threat On a scale of 0 (none) to 10 (definite) External factors perhaps with minimal or no control. 4. Percentage This is a percentage for leveling. P = C x V x T (Multiplication and Percentage of the above earlier 3 parameters). 5. Statistical Chance Independent of the above, a Standard Market statistical percentage of an occurrence for this type of risk. Allows upto 4 decimal places. Ie. 1 in 10,000 chance of occurrence.
  100. 100. ICT Best Practices 1. Without SSL encryption, the integrity of data is compromised. 2. Without robust physical and network security, sensitive corporate data is at risk of intrusion 3. Building an effective in-house PKI system will take considerable time and expense. Opt for managed PKI services. 4. Free software will crack your password in 30 minutes. 5. Email is leaking your business secrets. 6. Traditional access control solutions are either ineffective or costly 7. Your web site can be spoofed with a point and a click. 8. Testing in production is tempting fate. 9. The weakest link in your security is your people. 10. On the web, nobody knows if you are a Martian.
  101. 101. Report : Screenshot
  102. 102. RFID and Physical Location based.
  103. 103. Checklist Approach …
  104. 104. Checklist Library(s)
  105. 105. Cycles Feature …
  106. 106. hdocs
  107. 107. mdocs (Broadband Scalable )
  108. 108. Inventory Approvals
  109. 109. Incident „areas‟ and Bibliography 1. clextra Cupboard dodocs 1. archival system for all periodic Reporting. 2. clextra Cupboard cdocs 1. archival system for all random Reporting. 3. Organisational Filing System. 1. Individual and/or Team based. 2. Selective access to everyone in the organisation. 3. Supports MS Office, schematics, multimedia and/or any other format. 4. Numbered email. PULL System. (No PUSH). 5. Multimedia File binning. 6. Technology permitting …. SMS, Mobile etc.
  110. 110. Coding System(s) : 2 of 10‟s, dozens. 1. Location Code. Eg. inKAblrAZON01 (13 character code). 1. 2 chars – ISO country code. 2. 2 chars – Country State code. 3. 3 chars – City code. 4. 1 alpha – Zone code. 5. 3 chars – Preferably 9 or 81 directions N,E,W,S,C 6. 2 chars – Cna be sub-zones OR floors OR any other. 2. Device Code inKAblrAZON01-rc000006 1. Device no. 6 Grouped treatment as a Particular type of Display, or Camera, or IN or OUT gate, reader, writer, sensor etc. 3. Also supported EPC codes; GPS codes and point- maps on ANY image(s).
  111. 111. Shrinkage, Risk, Security Shrinkage Euphemism for Theft. Fraud; Counterfeit; Negligence; Attrition;
  112. 112. Inventory Shrinkage ... 1. - Empty boxes or "hollow squares" in stacked goods. 2. - Mislabeled boxes containing scrap, obsolete items or lower value materials. 3. - Consigned inventory, inventory that is rented, or traded- in items for which credits have not been issued. 4. - Diluted inventory so it is less valuable (e.g., adding water to liquid substances). 5. - Increasing or otherwise altering the inventory counts for those items the auditor did not test count. 6. - Programming the computer to produce fraudulent physical quantity tabulations or priced inventory listings. 7. - Manipulating the inventory counts/compilations for locations not visited by the auditor. 8. - Double-counting inventory in transit between locations. 9. - Physically moving inventory and counting it at two locations.
  113. 113. Inventory More Shrinkage 1. - Including in inventory merchandise recorded as sold but not yet shipped to a customer. 2. - Arranging for false confirmations of inventory held by others. 3. - Including inventory receipts for which corresponding payables had not been recorded. 4. - Overstating the stage of completion of work-in-process. 5. - Reconciling physical inventory amounts to falsified amounts in the general ledger. 6. - Manipulating the "roll-forward" of an inventory taken before the financial statement date.
  114. 114. Inventory & shrinkage 1. - Not retiring WIP and not classifying completed jobs as finished goods after dispatching them to customers. 2. - Falsifying computer runs by overriding the WIP applications. 3. - Including extraneous elements, like period costs, in WIP tabulations. 4. - Excluding job-related direct costs, such as special- purpose tools and jigs, from WIP tabulations. 5. - Tinkering with process cost allocation and overhead calculation functions. 6. - Including abnormal process losses in WIP. 7. - Overstating the stage of completion of work-in-process. 8. - Programming the computer to produce fraudulent physical quantity tabulations or priced inventory listings
  115. 115. Inventory Not the final word on Shrinkage 1. - Physically counted percentage factor. 2. - Items requiring further audit scrutiny. 3. - Surreptitious check(s) percentage factor. 4. - Physical opening and case-label match factor. 5. - Increase in count factor from original plan due to findings. 6. - Time-gap between disparate location physical counts. 7. - Factor of likely owned property/materials/stock. 8. - Specialist factor. Does observer understand the inventory?
  116. 116. Loss of Original Documents 1. Litigation. 2. Direct cash loss. 3. Lack of control over your „Staff‟. 4. Reduced Customer confidence. 5. The „good faith‟ in which these were given to you in the first place. 6. Perception of „corruption‟ and „deliberate‟ act. 7. Negligence. 8. Inability to „store‟, „monitor‟ and „manage‟ over long periods of time. (10+ years). 9. Inability to use technology such as Library Science methods, barcode, RFID etc. 10. Inability to cost per-document storage and ROI, TCO for Document Management.
  117. 117. Other fraud … 1. Identify Theft. 2. Credit Card. 3. Password Theft. 4. TCP-IP Theft. 5. Patent Infringement. 6. Copyright, Trademark Theft. 7. Industrial espionage. 8. Counterfeits and Knock-offs.
  118. 118. GPS etc. Integrating GPS, GIS, GPRS, 3G, RFID, AutoID & related technologies onto a Single Unified Integrated Real-time Remote Triple Play Solution.
  119. 119. Geography : 7 level Detail
  120. 120. Map Tracks : Actual Path(s)
  121. 121. Route Maps : Commute etc.
  122. 122. Beats, Timings, Circuits …
  123. 123. i3S Incident(s) Database 1. MANUAL and/or AUTO-ENTRY Recording of all incidents. 2. MANUAL cataloging and bibliography of incidents. 3. THEREFORE search of incidents. 4. Checklists for follow-up & Tracking. 5. Opening of a „Case‟ for legal procedure. Information and evidence handling, court follow-up.
  124. 124. i3S Case(s) Tracking 1. If FIR is registered. 2. Case Development and Management. 3. Evidence and Support information. 4. Court dates and Follow-up. 5. Long-term tracking of all Cases. 6. Costs and Decision making related to each Case.
  125. 125. i3S Storage Solution
  126. 126. i3S Bibliography, Search etc.
  127. 127. Individual Risk The „Human Being‟
  128. 128. Typical Certification Areas … 1. Access Control 2. Application Development Security 3. Business Continuity and Disaster Recovery Planning 4. Cryptography 5. Information Security Governance and Risk Management 6. Legal, Regulations, Investigations and Compliance 7. Operations Security 8. Physical (Environmental) Security 9. Security Architecture and Design 10. Telecommunications and Network Security
  129. 129. Video Analytics
  130. 130. Features … 1. Assuming 100‟s of 1000‟s of camera / eyes are deployed … 2. Primary thinking and application is deterrence. 3. Can‟t CAPTURE, TRANSMIT and STORE ALL in high-definition; 25 fps; Colour … the costs are astronomical. 4. Any „real-time‟ alerts from streaming-live from multiple camera automation based on Pattern Recognition is WAY TOO EXPENSIVE and NOT REALISTIC. 5. Being pro-active cannot imply predicting „what will happen‟ or „the future‟. 6. So what do you capture … 1. Assume last-hour or last 3-days or whatever. 2. Pre-alert and post-alert EXTRACT from the above stream. 3. CLEAR bibliography; date, time, physical location, camera, view, quality, quantity, length, guard-on-duty etc. etc. 4. Alerts can happen … 1. in-camera – Motion Detection. Field of View. Range of programmable features. License Plat recognition. 2. non-camera – Sensors. Vibration. Trip-wire. Light. Noise. RF. Optical etc. etc. etc. 3. Currency. Cheques. Documents or other Verification. 7. Intelligence on the Edge 1. Camera stores full-streams locally. Discarding after pre-set life-cycles. 2. UPLOAD to central STORE any and all incidents. 3. Create an clextra bibliography record for every UPLOAD. 8. Guard-Services Alert 9. Forensics. Evidence. Search. Analytics.
  131. 131. Guard Services … 1. Guards have to watch 100‟s at a time. NOT POSSIBLE. 2. Guards are human. Don‟t expect them to watch even ONE all the time. 3. When an ALERT happens; must be able to localise; locate; have decision-options and mobilise to tackle the ALERT as appropriate. 4. Systems of ALERT prioritisation. 1. Fire. Earthquake. Flood. 2. Dacoity. Terrorist Threat. Bomb. 3. Single Incident. Armed vs Un-armed. 4. Small start threat. Smoke. Water. Gas-Lead etc. 5. Tampering alert. Door. Window. Cables. Camera etc. 6. Client or Customer THEFT vs Employee THEFT. 7. System Authority. CEO. Police. Guards themselves. 8. Infringement. Person in non-authorised zones. 9. Infringement. Animals. Dogs. Cats. Rodents. Pests. 5. Risk and False-alarm RULES Management.
  132. 132. Not just your cameras … there are more 1. Storefronts 2. In-Store Cameras. 3. Gas Stations 4. Police stations 5. Businesses 6. Government & Office Buildings 7. Houses. Estates. Gate Security. Guard Security. 8. Traffic cams. Red light cams. 9. Taxi companies – Most taxis nowadays have dash cams, and a driver can manually trigger them 10. Any witnesses with cellphones 11. Any witnesses with digital cameras, camcorders 12. Any witnesses. Record their statements with your on-hand camera.
  133. 133. Someone … should want to 1. Pay for it. 2. Look at it. 3. Use it. 4. Make it count. 5. Just evidence. Seeing is believing. 6. Use it as evidence in a court of law. 7. Save a life. 8. Save property. 9. Save time. 10. Do something … for someone.
  134. 134. The „face‟ of „Information Security‟ 1. There is someone looking over your shoulder. 2. Uniform & Authority Matter. 3. He is trained and tough. 4. This person is authorised ‘internal’ and ‘by law’ to act on our behalf. 5. This person is Technically Qualified and aware. 6. If you ‘cross the line’ … you are in trouble. 7. You can ask me as to ‘what the line is’. 8. Honestly; I am here to help you do your job ‘honestly’.
  135. 135. Cash Security
  136. 136. Counterfeit Management 1. Identifying counterfeit NOTES and COINS requires a combination of AUTOMATION & PEOPLE skills. 1. Automation Concerns 1. Automated kiosks DO NOT have this luxury and have to be able to stand-alone and independently decide to ACCEPT or REJECT. 2. Reject in many instances can mean loss of Business and Consumer confidence. 3. Automated kiosks can be mis-used for money-laundering; coin hoarding; higher-note disposal etc. 2. Manual Concerns 1. Remove the drudgery of counting. 2. ONUS on protecting and end-of-shift settlement. 3. Know how to be able to identify counterfeit.
  137. 137. The Solution 1. Coin operated Vending Machines. 2. Coin or Cash based Media Dispensing. 3. Ticketing kiosks. 4. Utilities Bill Payment by Cash and/or Smartcards and/or Debit and/or Credit Cards. 5. GPS, GIS, GRPS, GSM, RFID based Tracking. 6. Touch screen based interaction. 7. Network integration with central computing facilities. 8. Local alarms & alerts; including automated and manual video surveillance. 9. Supply of HARDWARE, SOFTWARE, SYSTMES- PROCESS-METHODOLOGY starting with Awareness Training. 10. Pre-Sale; In-Sale and Post-Sale Staff & User training.
  138. 138. Who needs this … 1. Any business handling cash. 2. Banks. Cash deposit. Cash withdrawal. 3. Coin-to-cash and cash-to-coin exchangers. 4. Retail operations. 5. Notes and/or Coins counting. 6. Government Utilities. Receipt Printing. 7. Parking. Ticketing. Events. Journey slips. 8. Vehicle Parking. 9. Toll Gates and pay-per-use applications. 10. Currency Exchange.
  139. 139. Base of Experts, Advisory, Staffing & Consulting. The Firm Software, Backend, Tool & Platform Business Model, Methodology, and System(s) Full-range services in Governance, Risk & Compliance Systems Integrators
  140. 140. http://www.edgevalue.com http://www.clextra.in casper@edgevalue.com © JAN 1999 Edgevalue 62 B Modi Residency Miller Road Bangalore 560 042 INDIA Phone : 91 (india) 80 (bangalore) 2595 0059 Cellphone : 98450 61870

×