Using a simple mobile or desktop interface, the security team can grant or revoke access to any user to
            any particular section of the building or office. The cloud offers enterprise grade security and trouble free
            management and mitigates the risk of data loss, hacking, malware, and physical threats.



            Access Control Devices


            Key Cards: Most RFID cards can be duplicated in a matter of minutes using $10 devices easily available
            on the market. HID and NFC cards can be copied to phones. There are access control companies that
            claim their cards are cyber secure because they use 128 bit AER encryption, TLS and PKI security.
            However, cards or fob access looks outdated with the advent of mobile and  face recognition access
            control.

            Smartphones: Smartphone access is a better choice from the cyber security standpoint. However, bad
            guys can steal or hack smartphones by using malware or even USB charging cables at public phone
            charging points. Theoretically speaking, someone can steal user credentials and clone them into another
            device to illegally enter the workplace.

            Face Recognition: Facial recognition based access control systems provide a better solution to cyber
            threats. Fraudsters may still be able to beat the system by wearing masks, but it would be like Mission
            Impossible.

            Smart Locks: Cnet reports that out of 16 different Bluetooth enabled locks were tested at the Las Vegas
            based hackers convention, 12 had inadequate BLE security. So, yeah, they can be hacked unless your
            access control solution provider has done a really good job at encryption.



            Communication Channels

            Bluetooth,  NFC  and  HID:  Bluetooth  has  several  known  vulnerabilities  that  make  it  as  secure  as  a
            padlock made from pizza dough. NFC and HID are no better—they are just channels that you have to
            make secure by encrypting the data stream.


            LAN/WAN:  Access  control  systems  that  run  on  internal  networks  are  not  cyber-  secure  at  all.  WiFi
            networks are easy to hack. There’s always a risk of data theft or the server crashing or network glitches
            that make the system unusable.

            Internet: Cloud based systems with robust transitory and endpoint encryption make the data stream
            impossible to crack. However, users should make sure their internet connection is secure.


            Face recognition based access control systems offer better protection against cyber security threats; not
            only because they use cyber-secure components and encryption, but also because they allow you to
            monitor and record everyone who’s entering the workplace or accessing its different sections. Moreover,
            you can implement two-factor authentication based on face and mobile credential to eliminate the risk of





            Cyber Defense eMagazine –June 2020 Edition                                                                                                                                                                                                                         56
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.