Security Dealer & Integrator

JUN 2017

Find news and information for the executive corporate security director, CSO, facility manager and assets protection manager on issues of policy, products, incidents, risk management, threat assessments and preparedness.

Issue link: http://sdi.epubxp.com/i/835749

Contents of this Issue

Navigation

Page 31 of 59

32 Security Dealer & Integrator / www.SecurityInfoWatch.com June 2017 Access Control N ever before was cybersecurity so prevalent than at April's ISC West; and once that topic was introduced, the subject of encryp- tion was not far behind. Protecting your access control customers from hackers is imperative, and anti-hack- ing encryption schemes should be a mandatory tool to thwart them. In general, most integrators under- stand what encryption does but may find it somewhat difficult to describe. If you are in that class, read on. Using encryption, information or electronic data – such as the number on an ID badge – can be converted How to stop the hacking of card-based physical security systems By Scott Lindley into a code called ciphertext, which cannot normally be translated except by those who have the key. Encryp- tion techniques should be used within access control systems to protect the confidentiality of data that is stored on your customers' computer systems or transmitted over the Internet or other computer networks. Why Encryption Has Become Important When the topic of hacking used to be discussed, the concern of integrators was to simply stop unauthorized people from cloning card information; however, as was highlighted at ISC West, one of the leading gateways for hackers to attack customers' enterprise IT systems is through their physical security systems – especially their contactless card access control systems. ink about it: When a 125 KHz proximity card gets powered-up by getting in "proximity" of a reader, it immediately begins to transmit its fixed binary code number; however, Wiegand – the industry standard over-the-air protocol commonly used to communicate credential data from a card to an electronic access reader – is no longer inherently secure due to its original obscure and non-standard nature. us, to penetrate enterprise IT systems, hackers simply use the fixed binary to enter the systems and access specific computers. en, those com- puters act as gateways to reach the Encryption 101 Access Control

Articles in this issue

Links on this page

Archives of this issue

view archives of Security Dealer & Integrator - JUN 2017