Correct configuration of readers in the field forms the basis of secure ID solutions. In the latest version of LEGIC Orbit, the option to restrict configuration data to specific reader ICs is a very powerful new feature.

Versatile Configuration Packages

LEGIC Orbit offers the possibility to transmit cryptographic keys and other configuration data from the management system securely to readers in the field. This works via so-called Versatile Configuration Packages (VCP), which are generated in a Hardware Security Module (HSM) and distributed to readers in the field via user’s smartphones or management system.

With this new feature, you can now restrict the validity of each VCP to specific reader devices based on their chipID which uniquely identifies every LEGIC reader IC. This feature provides additional protection against abuse of configuration data and can help prevent configuration errors.

Transmitting cryptographic keys

For example, a cryptographic key for a specific building is generated in the secure LEGIC Orbit environment. Subsequent distribution of this key via VCP can now be restricted to readers installed only in that building. This feature makes it impossible to wrongly configure readers not belonging to that building.

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version

In case you missed it

How a leap year may effect your access control system
How a leap year may effect your access control system

Leap years occur every four years as a way to help synchronise the calendar year with the solar year, or how long it takes the Earth to orbit the sun. While this is necessary, leap years require our security systems to account for an extra day, apart from its normal schedule. As a result, leap years create problems with computing and can cause major issues to access control system functionality if a provider is not leap year compatible. There are a few things to keep in mind as we near February 29 to ensure you and your system are prepared for this uncommon occurrence. Why doesn't my access control system work on a leap year day? A leap year doesn’t occur that often, but if your system is newer than four years old, then this may be the first time you are being hit with this issue. It may be something as simple as the fact that the manufacturer of the system failed to account for leap day in their QA/testing procedures when designing the product. Regardless of the reasoning, it is important to recognise the issues that could arise so you can be prepared. An access control system malfunctioning never leads to a good outcome. What are some of the issues I could run into if my system isn’t leap year compatible? If you have your doors on a schedule, it could lead to doors being open on a Saturday or Sunday — which is the case this leap year — when they should not be open. This could naturally lead to unauthorised individuals gaining access to sensitive areas, putting company assets at risk. This could also lead to problems with credentials that were set to start or expire on a certain date, which could cause problems for new employees needing access, or could extend access privileges to contract workers whose employment terms have ended. In addition to credentialing, other scheduled events will also be off in the system. For example, some access control systems automatically lock or unlock doors on a set schedule based on business hours. With no defined schedules in place for a day that only occurs once every four years, this could lead to issues with scheduling for both authorised and unauthorised individuals. What can I do to ensure my system is ready for Feb. 29? Anything? If your manufacturer hasn’t alerted you that your system is leap-year compatible, it is best to set up your system in a test lab and simulate the leap-year date. This allows you to verify that all of your scheduling type events work correctly. If it works in a simulation, it will work on the actual day. However, beware waiting until the last moment to test your system, in case you do run into challenges that need to be addressed. Are there solutions available that account for this already? This is an important question to ask if you are evaluating a new system. While there are some systems that do not account for a leap day, many systems, like Hirsch Velocity, already do. In fact, Hirsch products have been leap-year compatible for many years now, allowing end-users to ignore the inconvenient day altogether. What if my system doesn’t? If you know for a fact that your system is not leap-year compatible, ask your provider before that date to test and ensure that your system will work properly. If you do this and encounter scheduling issues, you can opt to push off all of your scheduled events until March 1 and validate scheduled doors being opened on February 29 to plan accordingly. While leap day is inconvenient, it is addressable. It is just important to do so early to catch any issues before they arise. Failure to acknowledge the challenges associated with leap years will inevitably lead to difficulties when the day comes.

What impact are data analytics having on security?
What impact are data analytics having on security?

We live in an era of Big Data. Surrounded by a flood of information, more companies are looking for ways to analyse that information (data) and systematically extract information that can help them operate more efficiently and profitably. The data obsession has extended to the physical security industry, too, where large amounts of data have historically been a little-used byproduct of our access control and even video systems. But the picture is changing. We asked this week's Expert Panel Roundtable: What impact are data analytics having on the security market?

Embracing digital transformation in the security industry
Embracing digital transformation in the security industry

Many industries are, to a greater or lesser extent, in the throes of digital transformation. As with any change programme, digital transformation efforts often under-perform against expectations. Yet, the number of digital transformation programmes continue to increase, as commercial pressures intensify. As security professionals we need to embrace our role in digital transformation, as security is everybody’s business. For all those people weary of hearing about digital transformation and believe it’s a business fad, consider your own behaviours. If you use a smartphone to search, find, order, buy, message, watch, learn, play, bank, pay, enter, exit, navigate, communicate and more then you are part of the reason that digital transformation is a commercial necessity. The way we live our lives has changed significantly over the past twenty years and this needs to be reflected into how we rethink the way we do business. Digital transformation is about more than technology, it allows people to solve their traditional problems in new and better ways than before. Better can mean faster, at lower cost, using fewer resources, easier to maintain, more compliant and/or easier to report insights. IoT, criminal activity and security  The number of internet connected devices worldwide is increasing at an exponential rate; by the end of 2025 there are expected to be 75.44 billion. Internet of Things (IoT) means digital transformation converges physical and digital for security professionals. Criminals use smarter digital tools such as malware, drones, key cloners, signal readers and more, which impact both physical and cybersecurity. To counter this, digital transformation provides security professionals with access As security professionals we need to embrace our role in digital transformation, as security is everybody’s businessto valuable actionable insights to identify and deter threats to people and assets. All transformation starts with an idea generated by people and ends with people experiencing the output. Therefore, digital transformation starts and ends with people. To ensure a solid foundation to any digital transformation agenda, people need to have a clear purpose to engage. This is where security leaders can inspire their colleagues with a laudable purpose of embracing disruption at the same time as focusing on safeguarding people and assets. Non-security colleagues should understand that security risks are advancing at a faster pace than enterprises can adapt. As a security leader, you are advocating a movement where your colleagues adopt relevant enterprise security risk management practices in their daily thinking and working. The message is clear that digital transformation presents abundant opportunities and these need to be evaluated alongside the proliferating security threats that can become a business continuity failure. Security professionals and digital influence  The number of internet connected devices worldwide is increasing at an exponential rate; by the end of 2025 there are expected to be 75.44 billionSecurity professionals can influence digital transformation success by translating an enterprise’s strategy into secure operational reality. The security narrative should emphasise the people side of digital transformation and how technology can act as an enabler of a safe and secure experience, both for employees and customers. Operationally, digital transformation is about agility, adaptability and navigating uncertainty. Old ways of thinking and working will be blockers to transformation, so security leaders ought to identify the rapid enablers of a ‘secure’ digital transformation. Better people, processes and overall technology People generally don’t want more in their lives, they want better. Better people. Better data. Better technology. Better processes. Digital transformation creates significant ‘better’ benefits for security: For example, connected (IoT) sensors, video analytics at the edge and machine learning identify threats faster; workflow technologies and automation detect, investigate and remediate routine responses; cloud provides many benefits such as agility, scale and mobility; and, smartphones/digital devices provide real-time communication and collaboration. Tackling all the ‘better’ needs within a security approach is necessary – focusing on the prioritised commercial needs first. Think about how to drive radical simplification into digital transformation agendas to ensure complexity doesn’t create too many unmanageable risks. Designing enterprise security risk management into the business operating model will facilitate colleagues to be empowered for safe and secure change. Communicating security successes and breaches with commercial impact insights in a timely and concise manner across the enterprise will prove the value of active security engagement throughout digital transformation programmes. Transforming the world Digital technology is transforming the world around us, in a way that impacts every area of security. Security professionals are now businesspeople and technologists, in addition to their traditional security remits. Embracing this impacts security recruitment, training and employee engagement, within the security team and with non-security colleagues. Without a doubt, security professionals are integral to digital transformation programmes.