Securing Access Control Implementations
Chris Wrench, Product Manager, Paxton
We at Paxton recommend following industry best practice to keep access control networks as secure as possible. We would always direct system integrators and security installers to a professional if they have specific questions about network security.
However, we would recommend the following steps as best practice. Always implement strong physical security on company premises, such as the deployment of biometrics or token-based authentication This will prevent unauthorised persons from entering a building with a corporate network.
Ensure compliance with network access control standards such as IEEE 802.1X. This recognised standard enforces security policies by granting only compliant devices access to network assets when those devices are plugged into a physical LAN port or are connected to a WLAN SSID. It also controls the data accessed by specific users by recognising users, their devices and their network roles.
It is also important for integrators and installers to utilise next generation firewalls to prevent external and internal attacks. Also, they should look to implement VLANs (virtual local area networks) when using a corporate system. Doing so will create a collection of isolated, smaller networks so if someone accesses one part, they won’t be able to get into others.
The use of strong passwords is also essential to keep the network secure.
Alongside best practice, Paxton continually looks at strengthening security. Measures include obscuring sensitive data such as code and password information to prevent unauthorised viewing, compliance with EN60839-11-1 Grade 1 and 2, which means enforcing strong passwords, automatic logout after a period of inactivity, and the removal of default passwords on Net2 systems.