Nedap wins the GIT SECURITY AWARD
End-to-end security solution of Nedap protects access control system against digital threats
Nedap has won a GIT AWARD in category D Access Control for their high end security solution Aeos end-to-end security. This new end-to-end security solution is the first to offer digital protection for access control by unifying best practices from both IT and physical security.
At the 27th of September, Dr. Heiko Baumgartner, chief editor of GIT Security, handed out the Award to Mr. Sieger Volkers, Managing director of Nedap Security Management.
According to Sieger Volkers, this award proves that companies realise that they need to protect their access control system:
“Nedap is the very first manufacturer to unify IT and physical security best practices into one end-to-end security solution. Thus far, IT principles to secure systems have not been applied to physical security systems. Consequently, physical access control systems are vulnerable to cyber-attacks.”
Optimal secure communication from card to server
In contrast to other manufacturers Nedap offers a complete end-to-end security solution where both DesFire keys and digital certificates are stored in the Secure Access Module inside door controllers. This is unique in the market and ensures that all elements of the access control systems can be trusted and communication between all elements of the system is secured.
Consequently, high levels of protection against both physical and digital threats is achieved. It requires much more efforts for hackers to obtain DesFire keys. Moreover, strong authentication ensures that door controllers cannot be replaced by manipulated ones and it is impossible to connect alien devices to the network and send commands to door controllers.
Secure key updates
On top of that the combined storage of DesFire keys and digital certificates in the SAM enables instant recovery when keys have been compromised. Incidents will not go unnoticed and Aeos allows to securely update keys when they have been compromised without the need to physically attend each card reader.