Subscribe
Share
Share
Embed
Welcome to the Rail Technology Magazine Podcast. Keeping you up-to-date with the most current rail industry news, giving you an all-access pass to the key insights and innovations helmed by the decision makers in our industry
Something like clearance allows that level of collaboration where anybody can go onto the system, anybody can access or can request access to video, when they need it.
You have these little silos within the security system itself. And then sharing evidence again, it's time consuming, it's frustrating. I think we can really make changes here and deliver, benefits for the industry.
Make sure the operators know who to send the footage to, who's got to have access to it, who needs to approve it, that needs to be understood as well, or at least automated.
This is the Rail technology magazine podcast, bringing you views, insight and conversation from leaders across the rail industry.
Hello, welcome to another episode of the Rail technology magazine podcast. I'm Peter Johnson. I'm joined today by John Hill and Ben Parrish from Genetech Clearance. Now, in a time when transit authorities are leveraging new technology to improve their security operations, Genetech clearance is at the forefront of that helping companies to streamline, their security, improve, tighten their operations and create a slicker, more streamlined security process. And I'm joined with John and Ben today to discuss how genetic clearance are really leading in that field. Now, it doesn't make sense for me really to introduce them when they hear themselves to do just that. So I'll throw over, I think, to John. First of all, if you just want to introduce yourself and what your role is within Genetech clearance.
Hello Peter. Good morning. as you say, my name's John hill. I'm an account executive with Genetec in the UK. I look after several verticals, but the biggest of that by far is transport. I've been with Genetec for about a year and a half now, so relatively new. But I've been in the rail industry working and delivering to the rail industry for just over a decade now. but yeah, happy to be here.
Fantastic. Thank you very much for joining us. And now on to Ben. Now, you, I believe, have been at Genetec for much longer than that. Back in 2008, I understand, is when you start there, do you just want to give us a bit more of an introduction of what your role is at the company?
Yeah, well, back in 2008, I was working at security integrators and we were installing a lot of security systems using software. Ah, made by Genetech. I started working directly for Genetech in 2012, so been here for about twelve years now. and originally I was working on the security system design, in the sales engineering team here. Then a few years ago moved over into the clearance products team looking after clearance, across Europe and the UK. And as John mentioned, certainly one of the biggest markets that we have particularly for our dems, clearance is rail and other transit, areas. So it's been a big eye opener for me, moving from the more kind of security, larger kind of system design to more kind of operational side of things.
Fantastic. Ah, now as you say there, dems, your digital evidence management system. That's a lot of what we're going to be talking about today, helping to tighten security operations in the rail industry across the country. And that's something I believe that you have been trialling as well. You've been working very closely with Scott rail too, as we'll come on to later on. But just to set the scene, I believe I'm right understanding that a lot of this, it sort of ties in really with the introduction of GDPR to an extent, I think, doesn't it? And the steady rise of data subject access requests and you know, common requests for video footage placed increased demands on legal departments and security teams. And it's really to do with tightening that process, speeding up the process of how quickly you can deliver this security footage, isn't it?
Yeah, exactly. So I don't know, John, if you want to if you want to take this one, it might be helpful actually, John, if you were just to cover a little bit of the background on how actually video surveillance, is dealt with m in rail. Because sometimes given the large disparate area that rail networks operate over, it's sometimes slightly different to some of the other customers we have.
Yeah, sure. it's quite a complicated issue so, bear with me while I try to explain. But yeah, you're right, Peter GDPR certainly has introduced a little bit more urgency, into the debate about how they manage, video surveillance, and particularly digital evidence. but the industry as a whole is still relatively siloed, which you might expect since post privatisation. Everyone's doing their own different things, but most will still, observe network rail surveillance guidelines. So m nrl two tel 30135, has had various iterations and that just sets the scene in terms of where you position cameras and other devices, how you gather the evidence in the first place. most players will use approved products. Not all, but most will use approved products like, istore pads, approved equipment, etcetera. The newer standards such as istore have arguably been a little bit more lenient. And that's with the express intention of introducing a little bit more newer technology and a fast pace for injecting that technology into the marketplace. But for me, I guess there are about three main areas within the industry network. rail, obviously is the main body there. They look after the track, they also look after major stations. And they are, they're not really a governing body, but they're kind of viewed that way. you've then got the train operating companies, of which there are approximately 29 at the moment, and they're all separate. And you also have 25, freight operating companies. So those three areas will sort of coexist and interact. But they all are also quite siloed, a lot of the time. and obviously you're then looking at various, different applications. I mean, the network rail, as I said, we'll be looking predominantly at the track side and that the Tocs will be looking at, stations, they'll be looking at depots, they'll be looking at rolling stock, of course, as well, making sure that the passengers are safe and they're travelling in a comfortable, environment. So they've got a lot going on, in order to try to. And I'm looking off the point a little bit here, they've got a lot going on to try and make sure that they manage the journey for the passenger. One, of those aspects is security and surveillance. So, making that evidence available. Most, of the time it's internal and it's things like they're looking at, either sort of some minor, non prosecutable things, or they might be looking at criminal activity, where it needs to be shared externally. Or they could be looking at operational footage or safety footage where they're trying to sort of learn from what's occurred. M also maybe gathering, data such as, looking at the occupancy on a platform or within a railway carriage just to try and again learn, from that, from an operational perspective. but when we get to the more serious crimes and we're prosecuting people for criminal activity, that's, I think, where there becomes more of a challenge, especially with the introduction of GDPR. I mean, how are you going to share that data in, a secure fashion? and how much time do you have as an operator to do that effectively, most, operators that I've encountered are extremely busy. they've got a plethora of different things going on and they need to find time to sort of collate the evidence that is interested people are interested in and present that to those interested parties, in various forms. I mean most I think, still revert to things like DVD's and USB's. nothing majorly wrong with that as long as you approach that in a very secure form. sorry, a very secure approach but it's not always done in the most secure way. And that evidence is by nature it's open, it's available, people forget to password protect the footage. That kind of thing can have some fairly serious consequences, especially if it's a serious crime. Haven't had a chance to redact the footage properly yet and there are members of the public court, do you know what I mean? There's all sorts of potential pitfalls for them to look at. just to sort of set the scene about who actually wants access to that. I mean internally within various different organisations it will be the management team. It's normally withheld in terms of the security and surveillance. teams will have unrestricted access to that. the british transport police will have access to it as well. when you share it externally that's when you've got to be a little bit more careful about who's getting access, understanding the audit trail of who wants it, why and when and how long for and all that kind of stuff. So it is a complex story. but overall as I say, I think there's a lot of improvements that could be made and I think I would argue that's where we come in, we can help with this quite significantly.
Fantastic. Now there was one specific point within that that I just want to pick up on just to kind of further discussion. And that is when you talked about DVD's and USB's which of course inherently there's nothing wrong with that technology per se, but it's a very manual process isn't it? You know often you've got to go to the site of the cameras to extract that footage and that's really where genetic clearance comes in isn't it? It's the speeding up of that process. It's the digitization of that process I suppose in a sense isn't it, really? So can you just talk to me a bit more then about that? How requests of video footage are being processed and wherever, whether the areas are within that process where it can be sped up.
Yeah. So on the physical media side of things, often it's just the way people have always done things. And actually for an operator that's using a CCTV system. It might seem fairly quick to them. They just click export. They're going to export the footage into their export folder on the desktop, drag and drop it to a USB stick and seems like their job's done. it seems to be a quick process for them but it doesn't take into account all the other inefficiencies around that. So when you've got that data on that physical media, firstly you've got to make sure it's secured adequately so that it can't be accessed, if it's lost. Also to actually get that physical media to whoever's requested in the first place it's either going to need to be relied on the courier, or the postal service or somebody physically coming to collect it from a control room which obviously is horrendously inefficient. At that point where you've got something like a rail or transit agency where you have multiple different sites that you might need to collect evidence from, then it actually compounds the problem because you've got to do that multiple times, bring it back centrally, process it or do whatever you need to do with it to build a case and then ship it externally on your physical media. So large disparate organisations, like a rail network really compound that issue. The other thing is that the requests for that video, it's often non standardised in how they come in in the first place. So the requests and we've touched on them, John touched on them a little bit earlier on but subject access requests that might come in from the public, that might come in over email or have been entered on a web form, on a website. a request from the police though could be by phone or just by having the police physically arriving at the control room and asking for footage. Other stakeholders and John mentioned this earlier on that. What was surprising to me is that in many of our rail customers they'll often state that around about 50% of their requests for footage, it's not external or related to security at all. It's all internal operational stuff. those are the internal stakeholders could be through a mix of email, phone calls, somebody popping into the control room, and they might also all be dealt with completely separately because you've got so many different sources, not having a standardised way of dealing with them just takes so much time, I think as well. Another add on issue to that is that actually there's different type of, in different types of information. That you need to collect depending on the type of request. So if you've got the police, there might already be a crime reported that's under investigation and you want to collect details like such as the crime reference number, an investigating officer, the time and date of the incident and so on. But if you've got a request from a member of the public for a subject access request, you need to know when and where the video was recorded, what the requester looks like, an explanation behind the request so that there's a full justification. So it isn't actually that easy to create a standard formula for those multiple different types of requests that come in.
They kind of write it into a physical document. I've seen that done before as well.
Rather than that ah, it's a physical document, a, ah, physical log or maybe an excel spreadsheet. But either way, it's not an easy way, to log and then review it if you need to review.
It later on the next element then, which I believe is to discuss the issues that this then raises in terms of security for operators. What are the repercussions in terms of security, privacy and efficiency that they then face as a result?
So one of the big areas is the time taken to complete these requests. So if you think about a subject access request, you've got a fixed window of 30 days to respond to that subject access request. okay, it can be extended and there's ways to kind of extend that time period out, but typically you want to be aiming to respond to that within 30 days. if you've got to collect video in from multiple sources and you're using physical media, that can take a few days to do that. If you've then got to redact some of that footage. So mask other people out of the camera field of view before you can release it. That might take some time as well. If you then got to compile it all into a case, and then put it on physical media and ship it via a courier or have somebody come to collect it, all of that starts to eat into that 30 day time window. so the more inefficient the process and the more different people need to be involved and the more different sources that you have, for that request, it all eats into the time. So it's taking time for the operators, but it's actually reducing the amount of time that you actually have to deal with that subject access request. so anything that can be done to try and sort of speed that up or reduce some of those inefficiencies is going to really improve things as part of that as well. When you're wanting to release video in many circumstances for ah, an operator in the control room, they may not have the authorization to release video themselves. For the police it might just be that operator's manager or a supervisor who has to approve the release of the video so the operator can get it approved and send it relatively quickly. But for subject access requests they might need to go to the DPO, the data protection officer internally to approve before it's then sent externally. something like a video that might need to go to insurers or external legal teams. They might be dealt with by a different team like the internal legal team that's there internally as well. So getting that process and make sure the operators know who to send the footage to, who's going to have access to it, who needs to approve it, that needs to be understood as well, or at least automated. And all of that can also eat into that time. So it's just really that time window that the operators have to get this job complete and sent externally. There's also then the level of risk. So there's going to be a risk level that's associated with all of the exports that they have. If they've captured a crime or an incident on video, that's evidential, that needs to be stored securely, it can't be leaked, it needs to be managed and audited so that it's not going to have been accessible externally. So it needs to be secured. and there is a fairly high level of risk to some of these video exports, particularly with some of the incidents that might be occurring across the rail network, which certainly shouldn't be seen by others. There's different types then of actual requests for footage and different incidents that might have been captured. And there'll be different risk levels that are associated with those. So as I mentioned, a crime is going to have a higher level of risk associated with video export than something that might just be involved of say an operational issue on the track which is being investigated internally.
Another element is infrastructure. Quite often major projects will lag behind which is a bit of a challenge. it's no one's fault but they'll upgrade, for example the CCV solution. They won't upgrade the network for a year or two later. And bandwidth, as I found has always been a real problem where you've upgraded from analogue to hd, for example, and now there's a thirst for more data and for better resolution of images, particularly at night. that goes hand in hand with higher bandwidth when you're transmitting data. so without those improved network speeds, that's a major problem. So you want a way of sort of collating that evidence and then pushing it to one side effectively to be uploaded. Sorry. over a period of time, perhaps out of hours, overnight would be useful as well, just to sort of counter, the problems associated with Bamdhead. with now the industry is getting over that slowly but surely. But it is about, as always, funds, and the timescale to actually complete that kind of major infrastructural change.
Raoul, if we want to move that on then and talk about it in kind of a real world perspective, I suppose, and apply some real life examples to everything we've been discussing. I know genetic clearance has been helping the likes of Scott rail, for example, over the last couple of years and you've really helped Scott rail a huge amount in terms of streamlining their security processes. I just wondered if you could talk me through a little bit the ways in which you have helped Scott rail, for example, to streamline that process. What innovations, what differences Dems is making to Scott rail and helping them to speed up that process.
Yeah, I think I touched on this slightly earlier as well, that what was surprising for me was just that quantity of requests that come in for video that are unrelated to security and just for operational reasons. and if we think about an organisation like Scott Rail and this is often the same for many of our customers though, that actually allowing access to dems like clearance across an organisation can really help to encourage collaboration between different internal teams. So often there's understandably a resistance and a concern about having too many people in an organisation getting access to the security surveillance system. They should only really be given access if they need to be able to view cameras. But there's some justifiable, understandable reasons why you might want to grant users access to recorded video, but it's too much of a risk to give them access to the surveillance system. So something like clearance allows that level of collaboration where anybody can go onto the system, anybody can access, or can request access to video, when they need it. So it actually opens up the video system when it's a justified reason to get access to the video that's been recorded on it. I think as well. One of the main outcomes for most of our customers is also that huge increase in efficiency. If we can reduce that time that it takes to deal with video requests, standardise the process so operators aren't having to waste time trying to find the correct people to approve a request or having to send footage externally for redaction. That's probably one of the number one benefit of a Dems like clearance. And this also significantly reduces that risk level that they might have been exposed to when it comes to sharing video either internally or externally.
Now there was just one more point really that I wanted to come onto before we close, and that is to do with the implementation of it. If you're an organisation that hasn't previously worked, hasn't previously used this system, how easy is it to install? I know that you use the cloud, it's cost effective. For example, it's relatively easy to install, no hardware is necessary. Can you just talk to me a little bit how simple the implementation of such a system is if you're a company that's not previously used it in.
Terms of the deployment, it's very straightforward. It's a cloud based service. Getting access to it, as you'd expect from most cloud services, it's instant, there's no installation or on site hardware required. And actually we'll work with pretty much any system out there. So you'll find that some digital evidence management systems tend to be tied to their own manufacturer's, security systems. Clearance in particular, and there are some others out there as well. Clearance in particular. It's open so it'll work with any files, and exports from any system out there on the market. There's obviously some implementation that needs to be done. Things like workflows, request forms, the types of data that needs to be collected, the type of categorization, and internal teams that we need to configure in the system. But this is pretty straightforward to do. It's not something that needs advanced levels of training to actually set up and complete. So it's pretty quick, to get started with the application.
The other point to make very quickly is most of our client base, understanding that everyone's ecosystem where they're working is slightly different. we'll do a trial, we'll make sure actually clearance fits within that organisation and works before you commit to any kind of a purchase. And I think that's a very sensible approach. It also gives people the chance to use it operationally and understand actually as good as the salespeople are, can't always convey just how useful and how beneficial this platform is going to be until they actively start using it. So that sort of 30, 45 day, even a two month trial is absolutely crucial, I think, to securing the deal, if that makes sense.
Well I think that's one of the benefits of a cloud based service. Firstly, that's actually it is very easy just to try it out, see whether or not it's going to work for you. but also with it being a cloud service, you'll often get the question that ah, hey, we already have an internal storage area, so we already have a device or somewhere on the network that we put all our exports, into. but that doesn't really address what you're going to do with those exports. If you're sharing it externally, then you're going to be using some form of cloud service, whether it's email or whether it's some other kind of cloud service, to try and transfer that over the Internet. If you want to go that way, you're going to have to transfer externally one way or the other. So it makes sense storing that in a cloud service to do that, but also allowing those other internal teams as well to get access to it. You don't want to expose all of those exported files across your network. You want to make sure that it is an auditable, secured way that people have to get access to those, and that allows you to open the service up to different users by virtue of it being hosted, in the cloud.
Brilliant explanation there. Just finally then before we close, is this then the future of security operations? Is this a system that can dominate the rail industry in terms of making it more secure, catching, you know, people who are, you know, out of order, for example, on the network, improving security, helping to cooperate with the police force. Is this a system that will do that for the rail industry?
I really believe it is, actually, yes. I mean I worked in the industry, like I said earlier, just over a decade, and there's a, there's a lot of frustration I think, in that tying things together, making things, you know, work together and drawing information out of your system is often missing. You know, you have these little silos within the security system itself. and then sharing evidence again, it's time consuming, it's frustrating. I think we can really make changes here and deliver benefits for the industry, not just in evidence management actually. I mean, restricted area surveillance, that kind of thing, you know, early warning, understanding that there's been some trackside intrusion. I mean, what's happened in Paris, just, yesterday, is a classic example of that. You know, understanding that, somebody's in a restricted area, you know, like lineside trackside is not somewhere for the public to be. so if you get somebody looking at cable theft or moving to those areas and there's a threat to life, for example, having an early warning of that can make all the difference. but, yeah, sharing the evidence, I think Scott rell a shining example of, how transformative that can be from a business perspective, as well as for passengers, because it impacts everything, doesn't it? Any disruption you want to try to correct. and, put everything back to normal as quickly as you possibly can so your passengers aren't too badly inconvenient. What do you think, Ben?
Yeah, I think, John, you're correct. You use the right word there in that it can be transformational, in how it's able to be used to, grant access to video when it's justified to a wider audience. Keeping it, quick, but also making sure there's the security and auditability behind it as well. So that actually the people that you're granting access to, they should have access to it, to video. Being able to kind of open it up to that wider audience.
Fantastic. Gentlemen, thank you very much for that discussion today. John Hill and Ben Parrish from Genetec clearance, thank you very much for your time.
Thank you, Peter.
Thanks, Peter.
You've been listening to the latest podcast from Rail technology magazine. Don't forget to like and subscribe to. Make sure you receive every new edition.