Systems procurement

Does your access control system offer robust cybersecurity?

Tim Northwood

General manager, Inner Range

Author Bio ▼

Tim Northwood is General Manager at Inner Range. He has worked in the electronic security industry for more than 25 years, specialising in business development and strategy, sales and marketing.
May 7, 2019

Sign up to free email newsletters

Download

Dorgard Pro: Holding fire doors open – until the alarm sounds

Access control systems are a huge security asset, offering integrated and intelligent responses to events on site.

But the best access control systems guard against cyber as well as physical threats.

Here are some features to look out for when procuring or upgrading access control systems.

Secure communications at every interface

Secure communications are paramount for cybersecurity, whether that’s via in-house private communication networks or between access control system controllers, servers and door modules, or when the core system integrates with third-party products, such as CCTV.

A robust level of end-to-end encryption across all these communications channels and interfaces is vital. Data encryption ensures secure LAN communications at all times and continuous monitoring will detect any fault or attempted module substitution.

Ensuring the communications network is isolated also helps reduce the risk of interception.

Sandboxing

Sandboxing is a software management strategy that isolates applications, such as your access control system, from critical system resources and other programs, such as other products integrated with your core access control system. It provides an extra layer of security that prevents malware or harmful applications from negatively affecting your access control system.

Without sandboxing, an application may have unrestricted access to all system resources and user data on a computer. A sandboxed app, on the other hand, can only access resources in its own ‘sandbox’.

An application’s sandbox is a limited area of storage space and memory that contains the only resources the program requires. If a program needs to access resources or files outside its sandbox, permission must be explicitly granted.

Reduce the risk of module substitution

Where a higher than normal level of security is required, you should ensure devices connected to the access control system have their own MAC addresses to help guard against cybersecurity breaches. This measure prevents module substitution.

For example, if an attacker attempted to replace devices for others with lesser level of performance, the system would alert operators to the unauthorised change.

Create a stable network with failover protocols

Ensuring your system is ‘always on’ is another key element to reducing the risk of cyber breaches in vulnerable down-time. A security system should offer high availability with an IP network that runs multiple instances of itself – at the same time – across multiple nodes or servers at local, national and global levels.

Solutions such as database failover clustering means it will auto-connect to available nodes when necessary and ensure there is no compromise to the system.

Fine grain permissions for users

Security systems that allow ‘fine grain’ tailoring for permissions and protocols offer better protection from would-be hackers. For example, systems that allow you to create completely bespoke access credentials for each member of staff and visitor ensure they can only access the correct areas and systems.

Forensic audit trail and roll-back

Systems offering a full forensic audit trail are vital for robust cybersecurity. Forensic audit reports cover every single action and engagement with the access control system and can be reported at local, national or global levels.

This means security managers can see exactly who has done what to the system and when. A good audit trail system should have the ability to ‘roll-back’ changes made to system programming by any person or entity at a specific date and time.

This means, for example, changes made by a ‘rogue’ operator can be undone in one action and the system programming rolled back to exclude these changes.

For information on how Inner Range’s intelligent integrated access control and intruder detection systems can help you, please contact 0845 470 500 or email [email protected]

Inner Range is exhibiting at IFSEC International 2019, taking place between 18-20 June 2019 at ExCeL London (stand IF1030). Book your free ticket now.

 

Discover the latest in cyber security - join the live conversation

Don't miss the Future of Security Theatre at IFSEC International 2019 - June 18-20, ExCeL London

As Europe's leading integrated security event, IFSEC 2019 is delivering a programme of education dedicated to innovation at the cutting edge of the security industry, courtesy of IFSEC’s education partner Tavcom.

Get your free ticket today to join the CPD-accredited sessions and presentations tackling the critical issues around advancing technologies.

Related Topics

Leave a Reply

avatar
  Subscribe  
Notify of
Topics:

Sign up to free email newsletters