Farpointe will provide multiple options for contactless card systems to stop hackers from entering IT and OT systems |
At the ISC West Exposition, Farpointe Data, the access control industry's global partner of choice for premium RFID solutions, will be emphasising how organisations can remove their card-based access control systems from becoming major targets for hackers to ultimately access Information Technology (IT) and Operation Technology (OT) systems. The show will be held at the Sands Convention Center in Las Vegas, April 6-8.
"To get into critical infrastructure OT systems, hackers leverage many different physical assets, including those within the enterprise security system itself, to gain access into the OT system. They typically start with elements which give them access to specific computers. Interestingly, security people don't seem to secure their own security equipment. For instance, IP wireless cameras are a favourite target of hackers. Card readers in the access control system are also easy to hack," states Scott Lindley, Farpointe Data president.
Multiple anti-hacking options for IT and OT systems
"The Connected Security Conference will highlight the increasingly important role that physical security professionals have in protecting critical infrastructures," stresses Lindley. "That's why we will be providing ISC West attendees with multiple options that they can add to their contactless card systems to stop hackers from entering IT and OT systems and reduce the risks and costs of a cyber-attack."
Besides providing 2-factor authentication via combination card reader/keypad units, including a new mullion reader, Farpointe suggests two other options. MAXSecure provides a higher-security handshake, or code, between the card, tag and reader to help ensure that readers will only collect data from like specially coded credentials. Each facility can have its own unique code that it gets only from its integrator. Only their readers will be able to read their cards or tags with their code and their readers can be made to read no other cards or tags.
Protecting card-based systems
At the manufacturing stage, readers, cards and tags can be programmed with the Valid ID algorithm, cryptographically ensuring the integrity of the sensitive access control data stored on the card or tag. With Valid ID, readers scan through the credential's access control data searching for data discrepancies, which may occur during the counterfeiting, tampering or hacking of a contactless smartcard. Valid ID is an additional layer of protection to Mifare authentication, operating independently, in addition to, and above this standard level of security. In use, Valid ID allows a smartcard reader to effectively verify that the sensitive access control data programmed to a card or tag is not counterfeit.
With the card validation option, cards and readers are programmed with a fraudulent data detection solution. The reader will scan through the credential's data in search of discrepancies in the encrypted data, which normally occurs during credential cloning.
Farpointe Data will be located in ISC West booth #8056.