Unlock Your Access to a Robust Cyber Strategy
A business Case for Roland Berger by DATACOR – HONEYWELL - STid
Data is essential for any business and therefore constitutes a prime target for hackers. Not taking action or being proactive when confronted with these threats poses the risk of experiencing irreparable damage. Although investing in security entails a cost, it remains lower than that of a hacking incident. For businesses, the real question is not whether an attack will occur, but when it will happen. Consequently, securing data and data centers are absolute priorities for their longevity.
Roland Berger, a renowned international consulting firm specializing in corporate strategy, has decided to take action by deploying a cyber defense system for its Romanian subsidiary. It has collaborated with Datacor, a company specialized in cyber defense in partnership with Honeywell, to develop an end-to-end security approach.
The Era of Data: Challenges and Opportunities for Businesses
Data has become the new gold in the business world. Its omnipresence permeates every facet of a company's existence, from shaping strategic decision-making to streamlining day-to-day operations It offers invaluable insights into the market, customers, and internal performance, enabling businesses to:
- Develop innovative products and services aligned with customer needs and expectations.
- Improve operational efficiency by identifying weaknesses and optimizing processes.
- Personalize the customer experience and build customer loyalty by offering tailored offers and services.
- Make informed strategic decisions based on concrete data rather than intuition.
- Thus, it represents the entirety of a company's knowledge, know-how, and even the collective intelligence of all individuals within or interacting with it (customers, partners, suppliers, etc.).
Thus, it embodies the entirety of the knowledge, expertise of a company, and even the collective contribution of all individuals who are part of it or interact with it (customers, partners, suppliers, etc.).
Data: The El Dorado of Hackers
It's clearer now why 50% of SMEs that suffer an attack go bankrupt within 6 months. In this context, hackers have realized that getting their hands on a company's data represents an obvious source of income.
Threats are multiplying and becoming more complex at an alarming rate, while cyberattacks reach unprecedented levels. They could soon rank third globally in terms of GDP, surpassing $10 billion by 2025 (Source: Dell Technologies).
Cyberattacks pose a significant threat, causing direct financial losses (ransom, operational loss) and indirect losses (increased insurance costs, lawsuits...), as well as damage to reputation and image (difficult to quantify).
Hackers think like investors and develop ROI-focused approaches, targeting the easiest and most profitable prey. They constantly adapt their techniques to maximize their profits. Faced with increasingly sophisticated cyber fortresses, they may resort to physical intrusions to access computer systems. These are called HYBRID attacks. Penetrating a building with little defense is often simpler, allowing direct access to computer systems and initiating a logical attack.
Given this alarming situation, it is essential for companies to develop an effective cyber defense strategy to protect themselves (and others).
Lawmakers tackle the issue
Protecting organizations and their ecosystems (as an attack often affects actors related to the target) has become a national and international concern. European and global legislators are beginning to grasp the magnitude of the issue. Laws and regulations, such as the NIS2 directive, are being implemented to establish a legal framework and strengthen companies' cyber defense. NIS2 expands the scope of cyber defense by including the protection of buildings and access points, thereby recognizing the increasing permeability between the physical and digital worlds.
The European legislator has recognized the need to create new regulations to establish a united front in the fight against cyberattacks, integrating access control and end-to-end security into legal obligations.
Datacor's Expertise
In the realm of data center protection, our partner Datacor deploys cybersecurity solutions to ensure the security of these vital data. Datacor stands out with an integrated approach combining advanced cybersecurity solutions with STid access control solutions. This approach ensures an optimal level of data security with enhanced protection against cyber and hybrid threats.
The NIS2 directive will not be fully transposed until October 2024. However, it is never too early to act, as recommended by security experts worldwide: developing cyber defense measures should be undertaken as soon as possible to avoid attracting hackers' attention. In this regulatory context that remains uncertain, STId distinguishes itself with its access control solutions. High-security readers are based on open and interoperable technologies, offering scalable responses that ensure high security today while allowing the system to be upgraded to meet the requirements of future laws (without starting over).
Datacor's Response for Roland Berger
STid's Open and Intuitive Technologies: Tailored Security
STid prioritizes customization in access control systems, aiming to eliminate constraints for users. The main vulnerability of any system lies in the human factor, posing an additional challenge in terms of usability and intuitiveness, especially within a population of digital natives – like Roland Berger's employees. It is crucial to reconcile a high level of security with optimal ergonomics to meet users' habits and prevent any attempt to circumvent security measures.
Therefore, the STid Mobile ID virtual badge solution was preferred due to its high level of security, equivalent to that of a physical DESFire badge, while offering great user-friendliness. Its use guarantees robust access protection while simplifying identification and authentication processes for users, thereby enhancing the overall security and efficiency of the system.
Datacor chose to use STid access control readers and virtual badges, providing Roland Berger with assurance of robust, scalable, and intuitive solutions. Architect ARC A readers were deployed at the site entrance with slide-mode virtual badges. With their smartphone in their pocket, users simply need to wave their hand in front of the reader to initiate contactless identification. This configuration allows Roland Berger to exercise precise control over site flows while ensuring an intuitive user experience and value creation.
For the most crucial part, the Data center hosting all the consulting firm's strategic data, security is enhanced with the use of a another authentication.
Furthermore, STid Mobile ID was selected for its economic model that distinguishes it from the competition: no subscriptions or recurring fees, just a one-time payment for access to the application. After purchasing credits, the company can issue secure badges in a single click (drastically reducing issuance and management times) and has the ability to revoke and reassign them quickly and easily at no additional cost.
In conclusion, Roland Berger has made the right decision to take action now to address cybersecurity challenges. Anticipating future regulations and protecting against future attacks are essential steps. To do so, it is crucial to rely on open, scalable, and intuitive technologies, as well as reliable partners like Datacor and Honeywell. By taking these measures today, companies can strengthen their resilience against cyber threats and ensure their long-term security.
“I find this new access control solution (Honeywell controller and STid card readers) very reliable and sturdy. The use of virtual cards installed on our mobile phones improved the access to our office for my colleagues because there are no more physical cards forgotten at home or in other jackets or purses. Also, tracking the office accesses is very easy by accessing the web dashboard.
The web-based management dashboard is very easy to use and does exactly what we need it to do. The only thing which is missing here is the scheduled automatic backup function which would be really useful.
The access solution installation and customization performed by Datacor was flawless.” Laurentiu Lungu Expert Service IT – Roland Berger