Providing Access

Integrator collaborator creates major healthcare security solution

A Michigan based health care provider that features two main campuses and has dozens of remote and satellite care centers had, for years, deployed a magnetic stripe card-based Galaxy Control Systems access control system integrated, installed and serviced by VidCom Solutions in Lansing. The system included both ID badging and video integration.

“The system kept expanding and, ultimately, the end user decided to update the system to the latest Galaxy platform and, simultaneously, upgrade from magnetic stripe to 125 kHz proximity cards and readers,” said Greg Simmer, president/owner of VidCom Solutions. “By this time, the size of the system was impressive, having grown to more than 1,000 doors and 40,000 card holders.”

“After contacting Galaxy Control Systems and Farpointe Data, the industry OEM for RFID-based access cards and readers, a bid was submitted for changing out the installed magnetic stripe card system.

“ “Since the transition would happen over time, our quote to Vid- Com included Farpointe’s combination proximity/magnetic stripe cards,” executive vice president of Galaxy, Rick Caruthers said.

“Greatly simplifying the administration of the change-over, this would allow employees to use their new card on the legacy magnetic stripe readers and, once the new proximity readers were installed, to keep using the same card.

““Our team secured the deal and, as always on a win, we were ready to celebrate when I got a call from the customer,” Simmer said. “When they told us to tear up the P.O., I almost swallowed my tongue. However, this surprise was followed by learning they were still going ahead with the upgrade but they wanted to future proof the hospital system by moving to contactless smart cards. That made me feel much better.”

Hospital Required Heightened Security

It turned out that this health care provider wanted to create a onecard solution leveraging the use of 13.56MHz technology to ultimately support a cashless medical campus, eliminating internal security threats while facilitating higher levels of security. Among the functions of the new system would be secure reads of access data with the ability to utilize the remaining sectors and secure storage for other identification uses in applications other than electronic access control at doors.

“Realizing the new request for even tighter security, we went beyond simply bidding smart cards,” Simmer said. “We thoroughly explained the built-in encryption features of the cards and also added a major security option that Farpointe offers, MAXSecure.”

“Simmer explained that many customers have heard that smart cards are more secure than proximity cards but don’t know why. He feels that integrators that explain the importance of MIFARE, and in particular DESFire EV1 technology, will always have a step up on integrators that don’t.

“That’s because a 13.56MHz contactless smart card based upon DESFire EV1 uses 128 bit AES encryption, the same as used by the U.S. federal government. DESFire EV1 is based on open global standards for both air interface and cryptographic methods. It is normally compliant to all 4 levels of ISO/IEC 14443A and can make use of optional ISO/IEC 7816-4 commands.

“Smart cards with MIFARE DESFire EV1 protection are ideal for sales to large health care service networks, such as the Michigan provider we service, wanting to use secure multi-application smart cards in access management or closed-loop e-payment applications,” Simmer said. “They fully comply with the requirements for fast and highly secure data transmission, flexible memory organization and interoperability with existing infrastructures.”

“Featuring an on-chip backup management system and mutual three pass authentication, a DESFire EV1 card can typically hold up to 28 different applications and 32 files per application. The size of each file is defined at the moment of its creation, making DESFire EV1 a truly flexible and convenient product platform. Additionally, an automatic anti-tear mechanism is available for all file types, which helps guarantee transaction oriented data integrity. With DESFire EV1, data transfer rates up to 848 kbit/s can be achieved, allowing fast data transmission.

““Adding MAXSecure to the card makes it even more secure,” Simmer said. “MAXSecure provides a high-security handshake, or code, between the card, tag and reader to help prevent credential duplication and ensure that customer’s smart card readers will only collect data from the hospital’s specially coded credentials. In the MAXSecure electronic access control scenario, no other company will have the reader/card combination that our customer gets from us. Only their exclusive reader will be able to read their exclusive card or tag and their reader will read no other card or tag.”

“Once more, VidCom Solutions won the job with the health care provider purchasing the MIFARE printable contactless smart cards with embedded magnetic stripe to facilitate change-over and further protected by MAXSecure. Quickly after the upgrade, they also wanted to set up an identification and a payroll deduction scheme for purchases made in the cafeterias. For this application to function properly, they would need a combo keypad unit that could read credentials and further validate with a pin.

““This was easily solved by using Farpointe’s Delta 6.4 combo contactless smart card reader/keypad unit at each cash register station,” Simmer said. “The tricky part was the integration with the health care provider’s payroll system. To do this, Farpointe assisted us in enlisting the help of another Farpointe partner, Cypress Computer Systems in Lapeer, Mich. Cypress provided the communication middleware to satisfy the desired function.”

50,000 Users Across 1,750 Access Points

Today, operating on the Galaxy Control Systems models 500, 600 and 635, the Michiganbased health care provider controls approximately 1750 access points, 50,000 users and 850 cameras, as well as effectively integrating badging, a payroll deduction application and intrusion systems. In addition, there are some 50 remote sites that tie into the system with credential interaction between sites.

“Maintaining a site of this scope can be a full time job in itself,” Simmer said. “For life safety reasons, we are on call around the clock. In addition, this is a very functional system as it is being used 24/7, 365 days a year. With this kind of wear and tear, there is a huge demand on the deployed equipment. Quality is critical. We heavily rely on the valued support we receive from our suppliers to help us with any new challenges and technology. Our vendors have been awesome.”

This article originally appeared in the March 2017 issue of Security Today.

Featured

  • Analysis of AI Tools Shows 85 Percent Have Been Breached

    AI tools are becoming essential to modern work, but their fast, unmonitored adoption is creating a new kind of security risk. Recent surveys reveal a clear trend – employees are rapidly adopting consumer-facing AI tools without employer approval, IT oversight, or any clear security policies. According to Cybernews Business Digital Index, nearly 90% of analyzed AI tools have been exposed to data breaches, putting businesses at severe risk. Read Now

  • Software Vulnerabilities Surged 61 Percent in 2024, According to New Report

    Action1, a provider of autonomous endpoint management (AEM) solutions, today released its 2025 Software Vulnerability Ratings Report, revealing a 61% year-over-year surge in discovered software vulnerabilities and a 96% spike in exploited vulnerabilities throughout 2024, amid an increasingly aggressive threat landscape. Read Now

  • Evolving Cybersecurity Strategies: Uniting Human Risk Management and Security Awareness Training

    Organizations are increasingly turning their attention to human-focused security approaches, as two out of three (68%) cybersecurity incidents involve people. Threat actors are shifting from targeting networks and systems to hacking humans via social engineering methods, living off human errors as their most prevalent attack vector. Whether manipulated or not, human cyber behavior is leveraged to gain backdoor access into systems. This mainly results from a lack of employee training and awareness about evolving attack techniques employed by malign actors. Read Now

  • Report: 1 in 3 Easily Exploitable Vulnerabilities Found on Cloud Assets

    CyCognito recently released new research highlighting critical security vulnerabilities across cloud-hosted assets, revealing that one in three easily exploitable vulnerabilities or misconfigurations are found on cloud assets. As organizations increasingly shift to multi-cloud strategies, the findings underscore significant security gaps that could provide attackers with potential footholds into networks. Read Now

  • Built for Today, Ready for Tomorrow

    Selecting the right VMS is critical for any organization that depends on video surveillance to ensure safety, security and operational efficiency. While many organizations focus on immediate needs such as budget and deployment size, let us review some of the long-term considerations that can significantly impact a VMS's utility and flexibility. Read Now

New Products

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.