Sorry no products match your search. Your search criteria may have been too narrow. If you remove some of your search criteria, this may yield more productive results.

Browse Access control systems & kits

Access control systems & kits - Expert commentary

Strengthening the physical and cyber barriers around critical infrastructure
Strengthening the physical and cyber barriers around critical infrastructure

It has long been recognised that no one is safe from cyber-attacks, but some sectors face a much higher level of threat than others. Critical infrastructure sectors such as utilities, energy and industrial manufacturing are some of those that face an intense level of interest from cyber criminals and nation-state groups across the globe. The impacts of a successful attack can have detrimental consequences, for both the cyber and physical side of the business, in terms of business disruption, economic dips and other real-life consequences. Compromise of ICS and SCADA systems One of the greatest risks to these critical infrastructure sectors is the compromise of ICS and SCADA systems inside operational technology environments (OT environments). Attackers can move laterally from IT networks to OT environments, with the potential to cause even greater damage or disruption. But even those attackers, who solely focus on compromising IT environments, are still able to trigger major disruption, by disabling day-to-day processes that are involved in the production and roll-out of solutions and services. Rise in cyber-attacks on utility and energy sector Recent events have shown that attacks on the utility and energy sector are ramping up Recent events have shown that attacks on the utility and energy sector are ramping up. The attack on the US Colonial Pipeline, for example, was one of the most high-profile breaches in the industry’s history, particularly when considering the secondary, physical consequences. The decision to shut down the Colonial Pipeline, while considered necessary, triggered a wave of disruption, leading to gasoline shortages and inflated costs. This is just one example of the serious effects that a successful cyber breach can have on an organisation. Ransomware-based attacks Often financially motivated, one of the most common methods that cyber criminals increasingly opt for is ransomware-based attacks, as they are an effective way of blackmailing organisations into handing over valuable credentials or completing financial transactions. Once armed with the company credentials, threat actors can then post a sale of access to compromised networks on underground criminal forums. Armed with stolen credentials and therefore, access to the network, adversaries can then move laterally across the IT systems in OT environments. The ability to travel laterally is a sign of poor network segmentation on the business side between IT and OT networks. Malicious links in phishing emails If files are encrypted by criminals within both environments, businesses are faced with double the amount of disruption. This can lead to companies having to shut down operations, even if just as a precaution, just like in the case of the Colonial Pipeline. Malicious links included in phishing emails are another simple and highly effective method used by criminals to compromise company networks. While there are many security solutions that defend against common phishing attempts, criminal activity is becoming far more advanced, to the point where they are able to bypass standard security systems and gain access to the most sensitive of files. Why critical infrastructure is targeted Common forms of attack involve theft of personally identifiable information (PII) of customers and employees Businesses within the utilities and energy sectors often hold data deemed highly valuable by threat actors, including both basic criminal gangs and advanced nation-state operatives. Common forms of attack involve theft of personally identifiable information (PII) of customers and employees, either for further exploitation or to sell on the dark web. However, motivations can develop far beyond the usual common criminal. Nation-states have also taken great interest in these industries to steal competitive intelligence, in order to gain market advantages over foreign competitors. States including Russia, Iran and China, have all been suspected of targeting competitor countries in the critical infrastructure markets. Cyber threats posed by nation-states Aside from gaining a competitive edge, nations have also been known to engage in these cyber battles as forms of retaliation for previous attacks, or to get one-over on rivals. For example, it’s been recognised that motivations behind Iranian actions on the energy sector are due to the value of oil and gas in being central to the Iranian economy, and international efforts against their nuclear programme. Other Iranian actors have focused their efforts on water infrastructures and attempted to compromise chlorine levels in Israeli water supplies back in 2020. The chlorine levels would have been reset to toxic levels, which could have had devastating physical consequences. On the other hand, motivations in China have revolved around competitive intelligence and intellectual property for cyber espionage. The data is subsequently used to advance economic growth in different industries. Physical and digital disruptions Due to the nature of these industries, in addition to companies facing business disruption and loss of customer trust, consequences could span beyond the digital side of the business. As outlined above, these attacks on utilities and other industrial organisations can result in physical damage, as well as digital disruption. Unlike other markets, utilities are directly involved in people’s lives, and any attack on a company will impact individuals through a domino effect. The incident with an Iranian actor attempting to sabotage chlorine levels in an Israeli water supply is a prime example of this. While the attack was against the water provider itself, the consequences could have been harmful to the wider population, who rely on the water supply. Again, the Colonial Pipeline attack had consequences that expanded beyond the targeted company. Inflated prices and fuel shortages impacted all customers at the end of the supply chain. Attacks on any critical infrastructure could cause both short and long-term physical impacts, including blackouts, disrupted energy supply, and even physical harm to individuals. Need for a multi-layered defence solution The best way to deal with these forms of cyber-attacks is to bring everything right back to basics The best way to deal with these forms of cyber-attacks is to bring everything right back to basics. In most cases, criminals carry out their attacks by first gaining access to IT networks through the usual means of phishing emails and malicious links. Organisations should, therefore, ensure they have a multi-layered defence solution implemented, including advanced email security. There are a number of features that these solutions should deploy, including spam filters to prevent malicious emails from actually making it to the inbox. Sandbox analysis is also critical for scrutinising email attachments, especially for external senders and emails containing suspicious file formats. These solutions should feature rules that block the execution of macros in Microsoft Office attachments to emails from senders outside the organisation. Enhancing cyber security with encryption and authentication Additional features to help prevent lateral movement through the network are also worth considering. Demilitarised zones (DMZs) are also often used to divide IT and OT networks, as part of segmentation efforts and have proven to be highly effective. Further solutions such as encryption and authentication requirements will help restrict adversaries’ access to different areas of the network, should they be successful in breaching the defence line. Everyone should be involved in maintaining an organisation’s line of defence. Education and training are vital, as employers can arm workers with the tools to spot and remove malicious emails, should any make it through the line of defence. Educating employees on enterprise security Human workers are often considered the weak point in a company’s cyber security, often due to lack of understanding of the risks. Keeping employees informed and educated will prove beneficial to the security of an organisation in the long run.

Physical access control: Critical steps to ensure a smarter future
Physical access control: Critical steps to ensure a smarter future

Steven Kenny, Axis Communications, looks at the benefits of physical access control systems within smart environments, and how knowledge gaps and dated methods can inhibit adoption. Physical security is becoming more dynamic and more interconnected, as it evolves. Today’s modern access control solutions are about so much more than simply opening doors, with digitalisation bringing multiple business benefits, which would simply not be possible using traditional models. Digital transformation While the digital transformation of processes and systems was already well underway, across many industries and sectors, it is the transformation of physical security from a standalone, isolated circuit, to a network-enabled, intelligent security solution that brings many benefits to the smart environment. Yet, with more organisations now looking to bring their physical security provision up to date, there are many considerations that must be addressed to maximise the potential of access control and video surveillance. Not least of which is that connecting physical security devices to a network presents risk, so it is increasingly important for IT teams to play a role in helping to facilitate the secure integration of physical and network technologies, as these two worlds increasingly converge. Improved access control in smart environments These urban constructs are capable of reducing waste, driving efficiencies and optimising resources The smart city offers significant benefits, reflected in the US$ 189 billion that is anticipated to be spent on smart city initiatives globally by 2023. These urban constructs are capable of reducing waste, driving efficiencies, optimising resources and increasing citizen engagement. Technology, which is increasingly being incorporated to protect access points within the smart environment, can take many forms. These range from simple card readers to two factor authentication systems, using video surveillance as a secondary means of identification, right through to complex networks of thermal cameras, audio speakers and sensors. Frictionless access control During the COVID-19 pandemic, frictionless access control has provided an effective ‘hands free’ means of accessing premises, using methods such as QR code readers and facial recognition as credentials to prove identity. Frictionless access control brings health and safety into the equation, as well as the security of entrances and exits, minimising the risk of infection, by removing the need to touch shared surfaces. Such systems can be customised and scaled to meet precise requirements. Yet, an increasing integration with open technologies and platforms requires collaboration between the worlds of physical security and IT, in order to be successful. Barriers to adoption Traditional suppliers and installers of physical security systems have built up a strong business model around their expertise, service and knowledge. Network connectivity and the IoT (Internet of Things) present a constantly shifting landscape, requiring the traditional physical security vendor to learn the language of IT, of open platforms, IP connectivity and software integration, in order to adapt to market changes and remain relevant. Many are now beginning to realise that connected network-enabled solutions are here to stay Those who cannot adapt, and are simply not ready for this changing market, risk being left behind, as the physical security landscape continues to shift and demand continues to increase. With end users and buyers looking for smarter, more integrated and business-focused solutions from their suppliers, it is clear that only those who are prepared will succeed in this space. Time will not stand still, and many are now beginning to realise that connected network-enabled solutions are here to stay, particularly within smart constructs which rely on such technology by their very nature. The importance of cyber hygiene Connecting any device to a network has a degree of risk, and it is, therefore, imperative that any provider not only understands modern connected technologies, but also the steps necessary to protect corporate networks. Cameras, access control systems and IP audio devices, which have been left unprotected, can potentially become backdoors into a network and used as access points by hackers. These vulnerabilities can be further compromised by the proliferation of connected devices within the Internet of Things (IoT). While the connection of devices to a network brings many advantages, there is greater potential for these devices to be used against the very business or industry they have been employed to protect when vulnerabilities are exploited. Cyber security considerations Cyber security considerations should, therefore, be a key factor in the development and deployment of new security systems. Access control technologies should be manufactured according to recognised cyber security principles, incident reporting and best practices. It is important to acknowledge that the cyber integrity of a system is only as strong as its weakest link and that any potential source of cyber exposure will ultimately impact negatively on a device’s ability to provide the necessary high levels of physical security. The future of access control There is a natural dispensation towards purchasing low-cost solutions There is a natural dispensation towards purchasing low-cost solutions that are perceived as offering the same value as their more expensive equivalents. While some have taken the decision to implement such solutions, in an attempt to unlock the required benefits, while saving their bottom line, the limited lifespan of these technologies puts a heavier cost and reputational burden onto organisations by their association. The future of access control, and of physical security as a whole, will, therefore, be dependent on the willingness of suppliers to implement new designs and new ways of thinking, based around high-quality products, and to influence the installers and others in their supply chains to embrace this new world. Cyber security key to keeping businesses safe In addition, cyber security considerations are absolutely vital for keeping businesses safe. The integration of cyber secure technologies from trusted providers will provide peace of mind around the safety or corporate networks, and integrity of the deployed technologies. As we move forward, access control systems will become data collection points and door controllers will become intelligent I/O devices. QR codes for visitor management and biometric face recognition for frictionless access control will increasingly be managed at the edge, as analytics in a camera or sensor. The future of access control presents an exciting and challenging time for those ready to accept it, to secure it and to help shape it, offering a true opportunity to innovate for a smarter, safer world.

Automatic Gates – The latest development in access control
Automatic Gates – The latest development in access control

Automatic gates remain an increasingly popular security choice for family homes, business premises or public buildings – anywhere that full control over access is needed. While there is much to consider for installers when advising clients on the right solution for their property, from the size, weight and cost of a gate system, it’s useful to be aware of the latest developments in the market, as this can help to find the right option to fit their needs. The need for speed Gates can be automated to either swing or to slide open, and there are many factors to take into consideration, when advising on which option to use. However, swing gate motors tend to be slower than the speeds achievable for sliding gates, which means the latter are usually more popular, especially for commercial sites where timing can be among the more important factors. One of the most recent developments in the sliding gates market is the introduction of faster motors One of the most recent developments in the sliding gates market is the introduction of faster motors, such as those from Bft Automation, which allow for opening and closing at a quicker speed than has previously been achievable. Fast authorised access control From a security point of view, the ability to allow people and goods in and out of a property at a quicker pace reduces the risk of unauthorised entry, while waiting for a gate to close – an important consideration in both commercial and residential contexts. Other benefits of a faster motor include reduced waiting times. This can be particularly useful for properties in busy areas, where a vehicle could risk blocking traffic, while waiting to turn into a site controlled by a slower gate. Faster motors Also, a faster motor could potentially reduce the risk of an accident from vehicles entering a property at speed. For example, this might happen if someone was making their first visit to a property situated off a fast road in an unfamiliar area. Beyond these practical considerations, in today’s fast-paced world, people aren’t as used to having to wait for things and this applies to the time it takes to get in and out of their own property. So, security benefits aside, faster motors are likely to be more appealing for clients who have sliding gates fitted to their domestic property and who prioritise convenience. The choice of which of the new faster motors to use will be impacted by a number of factors, including the weight of the gates. Essentially, the lighter the gate is the higher the speed achievable. And, as always, it’s important to make sure that any installation complies with safety regulations. Intelligent torque management systems A further development in access control technology includes intelligent torque management systems A further development in access control technology includes intelligent torque management systems, which update the level of torque required to perform the gate’s operation, allowing it to work at the optimum level, regardless of weather conditions, temperature or the degree of wear and tear on the device. Depending on the typical weather conditions experienced at the site and the anticipated frequency of use, it’s worth looking at options that take these factors into account. Importance of security rights In some scenarios, it’s important for particular individuals to have security rights. In which case, there are motors available that come with personalised keys, which are unique, providing an additional level of security. Installers often face the challenge of fitting gate motors in confined spaces, potentially making for a time consuming and technically demanding task. Available space When you only have a small space to work with, simple details can go a long way to helping you. For example, by putting the fastening screws on the front of a motor’s casing, installation and maintenance are easier and more convenient, even in particularly compact areas. Working with suppliers that offer more than just a manual means you’ll have access to advice and support on how new products work in practise and what you need to consider before advising on an installation.

Related white papers

School security moves to the cloud

Wireless Access Control eBook

Four areas to consider in frictionless access control