Access control management is a daily challenge
In actual times, industry is one of the pillars of European sovereign. We are building an industrial environment that is based on principles in our society, comfort of use (UX), security (NIS2-CER) and safety (IEC 62443).
Industrial environments cover from chemical plants and refineries to manufacturing facilities and power grids, these present a unique matrix of physical, environmental, and operational challenges.
- Harsh Environmental Conditions
- Complex User Types and Shifts
- Balance between Security Safety
- Outdated Infrastructure & Protocol Vulnerabilities
- Convergence of Physical Security and Cybersecurity
Harsh environment
Most of plants are relatively isolated and often in flat areas with good roads and junctions. But on the other hand, often this exposes more the installation to weather conditions, extreme hot to extreme cold, heavy rains, or dust storms are common in European territory. In ports or special industries, the corrosive environment will be a problem too. IP certification or electric conformity is a must. Discover our Architect range >
In many industrial sites will be necessary to have specific readers that will match the intrinsically safe ATEX certification. This will protect readers in very extreme conditions and bring operational support to the ATEX Zones. Discover our ATEX range >
Of course, in some points the mechanical vibration or exposures to impacts requires that readers have IK certificates and MIL-STD-810G, ensuring the resistance to 24 hours of vibrations and hits. Discover our Spectre range >
Complex User Types and Shifts
From access control point of view, management of workers may be the biggest challenge, because it´s important to keep fluence, zero-trust security and perfect safety without bottle necks and frictions.
Employees and contractors, the main typologies of workers, every day access the permanent workers, the plant employees, they need to access with total flow and no cues or delays. The contractors come from many different roles like delivery personnel, specialized contractors, maintenance companies, service companies. These people sometimes access only once, and others are working for a season; the correct management of credentials is a key factor. Mixing physical cards for employees with virtual mobile credentials brings the prefect combination and keeps the cost low and the issue and revocation of contractors and temporary aligned with security and management.
Most industrial plants don´t close by night, these it´s a challenge to keep the factory working while people are leaving and reaching the work point. Keeping people flow is important but it´s more important to not leave vulnerable points at time shift. On the other hand, it´s critical not to collapse the vehicle access with hundreds of cars going in and out. Remember the Troyan horse story.
Safety and access make an exigence to have the possibility to bring a system that will update access with the right permission regarding the safety certification of a specific employee. For example, drive a forklift without the right permission. Then the system will update the rights to access but will be possible to bring readers with an extra level of security by supporting double factor identification.
Balance between Security & Safety
From our vision this is something that we will ensure thanks to interoperability. Then as we are proposing only open technologies based on standards, the muster provider just needs to be enabled to work with open technologies too.
On the other hand, our products have enough complexity to bring the multilevel users a real chance to work in complex environments (because of SAFETY). Of course, must be a good system behind to take profit of this but we can offer different levels of security, add multifactor authentication and create exclusion and exceptions.
Outdated Infrastructure & Protocol Vulnerabilities
We are in contact with the market and we know that often in industrial environment we have a bottleneck with the outdated systems:
125 KHz credentials: In many cases we found this dangerous technology, it is because, the capacity to copy, replicate and retransmit is total. There is no protection and it´s unsafe. We propose to migrate to modern technology, DESFire, that up today it´s the only technology that we are totally sure is safe and protected.
Wiegand protocols: By other hand during the las decade or more Wiegand interface was the dominant in the market, but again the obsolescence is total. Wiegand is based in the transmission of binary data and then is not possible to protect the interface from sniffing. Our proposition is to use supervised protocols as minimum for regular access control applications must be OSDP (Open Supervised Device Protocol) or for regular but for high assurance access control applications it´s recommended to use SSCP (Smart and Secure Communication Protocol). Those protocols can use the maximum potential of the cards while bringing real Ent-to-End security.
Convergence of Physical Security and Cybersecurity
In access control till the last decade has changed into server-based systems (on premises or cloud). Then, the situation changes due to now a system must meet cybersecurity policies, but from the perspective of IT management. But in factories this is a little more complex too because access control will be part of the ERP (due production) systems and HR systems (due safety).
Traditionally, Operational Technology (OT) managed the plant floor, while Information Technology (IT) managed the network. Access control bridges both worlds. If a reader or controller has firmware vulnerabilities, it can become an entry point for cybercriminals to pivot into the plant’s industrial control systems (ICS/SCADA), potentially disrupting physical operations.
Industrial operators face tightening cybersecurity regulations NIS2 Directive, and the CER Directive (ensuring cyber compliance for networks and physical access control). Access control systems must comply with these strict frameworks, requiring robust encryption standards (like MIFARE DESFire EV3) from the card to the reader, all the way to the backend server.
Discover our taylor made solutions for hospitals
Explore solutions specifically developed to support your day-to-day operational and security needs
Need help? Contact us
Still looking for product information? Start by consulting our FAQ.
Still no answer? Don’t hesitate to contact us