Access Control Design Tips Part #5 (Cybersecurity)
June 22, 2020
Cybersecurity, the Hidden yet deadly Access Control Enemy
With cloud-based access/control systems, remote management, configuration and monitoring has become easier. However, security risks and vulnerabilities have been introduced as more security physical systems are now connected to corporate networks and/or the internet.
Companies large and small should have a robust cybersecurity policy in place as well as company-wide security awareness programs.
Some basic tips for security systems users include:
1.) Ensure your access control system has event logging for all system activity and that it is activated to log all activity on your access control system. Especially who has made system changes, who has logged in and any changes to access control credentials such as tags, QR codes or one-time-pins.
2.) Use strong randomly generated passwords. Never use default or commonly used passwords.
3.) Apply regular Operating System and application patches and software updates.
4.) Many integrators disable the antivirus and/or firewall when they cannot get an electronic security product to work. Avoid doing this as it causes system vulnerabilities.
5.) Consider separate physical networks or make use of segmented networks with VLANs for different security systems i.e video surveillance, Access Control, Intercom, Alarm, Admin etc.
6.) Use appropriate security firewall routers/appliances.