Interoperability Challenges for CEPAC: Successfully Driving the Transition to New Systems While Strengthening Security
In the realm of security, transitioning to a new system is often a feared challenge. STid stands out by providing interoperable and open solutions that guarantee a high level of seamless security during the transition. Discover how the benefits of interoperability can simplify and secure the shift to new systems, illustrated through the example of CEPAC.
In the challenging context of banking security, CEPAC strategically chose to install STid readers in transparent mode. This approach allows them to comply with the level 1 architecture recommended by ANSSI, ensuring perfect integration with their various security systems. Interoperability holds crucial significance, especially as CEPAC is currently engaged in a transition process to standardize its security systems with the goal of building CSPN-certified systems.
One of their missions involves managing a network of 305 sites across 9 time zones and 13 departments. From the existing six different security systems, the objective is to migrate to just two. CEPAC demands that systems remain up-to-date and in optimal working condition, as they handle daily crisis situations while ensuring both security and operational readiness.
STid Solutions Choice: Integration Ease and Robustness
1.1 Ensuring High Security During Migration
In this context, CEPAC opted for the installation of STid Architect readers (Arc A and Arc1) coupled with STid's Easy Remote interfaces. This solution enhances the response to the high security levels required by CEPAC and its customization needs. The interface facilitates the evolution from an insecure TTL communication protocol to an encrypted and signed RS485 protocol (learn more about the SSCP protocol here). Security parameters are moved to a protected zone, while the interface ensures the conversion of secure communication into RS485 for any standard TTL protocol. Thus, during migration, CEPAC can maintain the same readers in place, resulting in substantial cost savings. This reader solution proposed by STid and chosen by CEPAC will enable a smooth migration of UTL towards a recognized and ANSSI-certified global solution (CSPN: learn everything about certification here).
1.2 Resisting Attacks and Extreme Conditions
- Resistance to a Hybrid Attack in Saint Laurent du Maroni (French Guiana)
During an attack, assailants attempted to remove a reader, triggering a specific alarm. Subsequently, they tried to connect equipment directly to the wired network, but their attempt was blocked by the BUS-type UTL interconnections.
- Resisting Extreme Conditions in Saint Pierre and Miquelon
Readers are designed to be installed in hostile environments, as exemplified in Saint Pierre and Miquelon, where frequent snowstorms and temperatures regularly below -15°C are common, along with high air salinity.
CEPAC: End-to-End Security
The implementation of this solution and the migration of security systems align with CEPAC's best practices for end-to-end security.
- In this regard, CEPAC has integrated an encryption key management process where they generate their own keys, which are then transmitted to providers for encoding. These providers have strictly limited rights granted based on their specific needs. Any remote connection to these keys is done through a CEPAC terminal characterized by restricted capabilities and biometric controls to ensure high-level security. If a provider has the ability to remotely encode a remote control, it does not grant them the ability to open anything. Additionally, CEPAC adds a second internal security factor to ensure that access to sensitive resources remains highly secure.
- CEPAC has implemented a system to counter actions under duress and limit rights, which has proven particularly effective in high-risk situations. For example, a failed robbery attempt occurred because the staff did not have access to the critical area of the premises.
- Security is considered at every stage, starting with physical measures such as armored doors, access control systems, video surveillance, and alarms, as well as logical elements, including information system protection and voice recognition. Interoperability is essential, with intelligent systems bridging the physical and logical aspects of security.
- Finally, the deployment of software and hardware solutions is carefully organized, considering another crucial factor: the human factor. Users are actively involved in the process through training and awareness.
Maintaining a High Level of Security by Challenging Methods
This testimony from CEPAC emphasizes the imperative of maintaining a consistently high level of security, evaluating the potential value of the target for attackers, and implementing necessary countermeasures. Security must be implemented end-to-end to be effective in anticipating the unpredictable – security is a perpetually evolving challenge. Emphasizing the importance of close collaboration with STid solutions and integrators to ensure robust protection.