dormakaba
Products & Solutions

Health Security Check - Tip #7

Published on: 30.09.2020
dormakaba Security Tip #7

"When it comes to IT security, also think about the systems that protect access to your company."

Thomas Herling, Global Business Owner (GBO) Electronic Access and Data (EAD)

Security Tips IT security

Imagine locking your most important documents and valuables in a secure safe. And then sticking a big piece of paper with the secret combination on the safe door. You’d never do anything like that? But you make it equally easy for cybercriminals if you don’t keep the software for your access solutions updated.

“Our access system has been working flawlessly for years – even without a software update.” I quite often still hear statements like that or similar from customers. But the older the software version, the greater the risk of vulnerabilities. And anyone who is able to infiltrate your access solution is literally opening all the doors in your company – to company secrets, person-related data and business assets.

The number and the costs of cyberattacks are rising 
Cybercriminals are constantly looking for vulnerabilities and developing new attack strategies.
In the global Accenture study “Cost of Crime”, the companies surveyed recorded an average of 145 cyberattacks in 2018, which resulted in the infiltration of their core networks or corporate systems – 67 per cent more than five years ago. The average cost of cyberattacks was around 13 million US dollars – almost twice as much as five years ago.

Pen tests detect weaknesses early on
One of the most effective strategies against cyberattacks are so-called penetration tests or pen tests for short. Independent IT experts are hired by companies to test the security of their software. Partners specialising in such attacks use the means and methods cybercriminals would use, for example, to break into access solutions without authorisation. Pen tests help to respond quickly to new patterns of attack and identify potential vulnerabilities at an early stage. However, this is just one of several testing methods. 

Manufacturers and customers test together
Reputable software solution vendors voluntarily undergo regular internal security audits to check that their system solutions and development processes still meet current security requirements. Ideally, there is trust-based cooperation between manufacturers and their customers. Large companies in particular perform internal security checks of the systems used. If they notice something, the manufacturer can fix it immediately. At the same time, this knowledge can also feed into the development of new solutions. 

Regular maintenance maximises security
Development is extremely dynamic. What is considered absolutely safe today may present an extreme risk tomorrow. 

The most important point cannot be repeated often enough: only those who update their software regularly will benefit from the latest findings from our extensive internal and external tests of the IT security of our access solutions. As a result, more and more customers have a maintenance contract that guarantees their systems always receive the latest security upgrades. By the way, this model has long been standard practice for banks or energy suppliers. Hardly surprising, because cybercrime leads to very high costs in these industries.