But the best access control systems guard against cyber as well as physical threats.
Here are some features to look out for when procuring or upgrading access control systems.
Secure communications are paramount for cybersecurity, whether that’s via in-house private communication networks or between access control system controllers, servers and door modules, or when the core system integrates with third-party products, such as CCTV.
A robust level of end-to-end encryption across all these communications channels and interfaces is vital. Data encryption ensures secure LAN communications at all times and continuous monitoring will detect any fault or attempted module substitution.
Ensuring the communications network is isolated also helps reduce the risk of interception.
Sandboxing is a software management strategy that isolates applications, such as your access control system, from critical system resources and other programs, such as other products integrated with your core access control system. It provides an extra layer of security that prevents malware or harmful applications from negatively affecting your access control system.
Without sandboxing, an application may have unrestricted access to all system resources and user data on a computer. A sandboxed app, on the other hand, can only access resources in its own ‘sandbox’.
An application’s sandbox is a limited area of storage space and memory that contains the only resources the program requires. If a program needs to access resources or files outside its sandbox, permission must be explicitly granted.
Where a higher than normal level of security is required, you should ensure devices connected to the access control system have their own MAC addresses to help guard against cybersecurity breaches. This measure prevents module substitution.
For example, if an attacker attempted to replace devices for others with lesser level of performance, the system would alert operators to the unauthorised change.
Ensuring your system is ‘always on’ is another key element to reducing the risk of cyber breaches in vulnerable down-time. A security system should offer high availability with an IP network that runs multiple instances of itself – at the same time – across multiple nodes or servers at local, national and global levels.
Solutions such as database failover clustering means it will auto-connect to available nodes when necessary and ensure there is no compromise to the system.
Security systems that allow ‘fine grain’ tailoring for permissions and protocols offer better protection from would-be hackers. For example, systems that allow you to create completely bespoke access credentials for each member of staff and visitor ensure they can only access the correct areas and systems.
Systems offering a full forensic audit trail are vital for robust cybersecurity. Forensic audit reports cover every single action and engagement with the access control system and can be reported at local, national or global levels.
This means security managers can see exactly who has done what to the system and when. A good audit trail system should have the ability to ‘roll-back’ changes made to system programming by any person or entity at a specific date and time.
This means, for example, changes made by a ‘rogue’ operator can be undone in one action and the system programming rolled back to exclude these changes.
For information on how Inner Range’s intelligent integrated access control and intruder detection systems can help you, please contact 0845 470 500 or email [email protected]
Enjoy the latest fire and security news, updates and expert opinions sent straight to your inbox with IFSEC Insider's essential weekly newsletters. Subscribe today to make sure you're never left behind by the fast-evolving industry landscape.
Sign up now!
