Preventing Consumer Data Breaches with Electronic Access Control

Preventing Consumer Data Breaches with Electronic Access Control

  • By Steve Spatig
  • Jul 07, 2014

Preventing Consumer Data Breaches with Electronic Access ControlThe recent, widely publicized upsurge of cyber attacks on major retailers has brought the need for stronger security controls to the forefront of the retail industry. Regulatory bodies are placing a stronger emphasis on consumer data protection, making it more important than ever for retailers to ensure that their security administration complies with industry standards.

For IT managers tasked with securing retailers’ customer information, implementing the appropriate software programs is essential, but they must ensure physical security of this data as well. IT managers can safeguard valuable consumer information within the data center by extending the same level of security used to access the building perimeter down to the server cabinets and enclosures that house customer data.

Intelligent electronic locks, for instance, offer an extra layer of access to existing physical security solutions when integrated into server cabinets. When combined with access control devices, such as RFID card readers, rack level electronic locks can be networked with the building’s security system to create one cohesive security network. This network can then be used across the data center to control access and demonstrate compliance with data protection regulations.

Meeting Compliance Requirements

Physical security is critical in the protection of valuable data and IT infrastructure, and is mandated by regulatory initiatives that affect the retail industry. Retailers found with non-compliance of industry standards and consumer protection laws that they face significant fines and penalties.

The Payment Card Industry Data Security Standard (PCI DSS), for example, advises the technical and operational requirements for protecting the information of credit card holders. PCI DSS includes standards for tracking and monitoring access to network resources and cardholder data, which includes server cabinets that house this information. Non-compliance with PCI DSS can result in fines, card replacement costs, costly forensic audits and brand damage in the event a breach does occur.

Electronic access solutions can be used to reduce the risk of non-compliance with PCI DSS due to the audit trail capabilities they provide. Electronic locks and access control devices can be integrated with the facility’s security network so access can be monitored in real time – from building entry down to equipment access. When a data center cabinet is opened or closed, a signal is sent to a monitoring system to confirm and log access. This digital record of activity can then be used to demonstrate accountability and reconstruct security breaches should they occur.

Identifying Authorized Personnel

Networked electronic access solutions work with existing user credentials to keep server racks secure, providing an extra layer of security to enclosures that contain wireless access points, network jacks, gateways, handheld devices, networking communications hardware and telecommunications lines.

A complete solution, which includes an access control or input device, an electromechanical lock or latch and remote monitoring capabilities, can connect building security and rack level access though a simplified, flexible platform. Securing server cabinets with electromechanical locks eliminates key inventory and distribution issues commonly associated with mechanical locking mechanisms and ensures that only authorized personnel have access to sensitive equipment and information.

For instance, many data centers already use electronic access control devices like RFID cards and unique pin codes to identify employees, and restrict or grant access to specific areas within the data center. Electronic locks that have been networked into the data center’s security infrastructure can be activated using existing user credentials. Access can then be easily restricted or granted by the IT manager as required.

Electronic locks can also be linked to security and environmental systems. Connecting them to IP video cameras and rack monitoring systems gives facility managers an additional tool for tracking access activity. Additionally, in the event of a power failure, electronic locks can also be equipped with a mechanical override system that enables manual access to enclosures.

Preparing for the Future

As the retail industry continues to expand the scope of its security administration to prepare for the ongoing risk of security breaches, IT managers must extend security measures down to the rack level. IT managers can ensure compliance and prevent data breaches by adding access control devices to the data center enclosures and cabinets that house retailers’ consumer information. By replacing traditional lock-and-key mechanisms with electronic locks and access controllers, IT managers can leverage existing employee ID badges and credentials to promote accountability, protect customer information and ensure compliance with industry regulations.

About the Author

Steve Spatig is general manager of Southco’s Electronic Access Solutions Strategic Business Unit and has over 15 years of experience working in various design engineering and product management capacities with the company.

Featured

  • AI to Help Resolve Non-Emergency Calls Across Utah and Decrease 911 Caller Wait Times

    The Utah Communications Authority (UCA), which oversees the state’s next generation 911 technology services, recently announced that public safety answering points (PSAPs) throughout the state plan to implement Motorola Solutions’ Virtual Response technology to automate the receipt and resolution of 10-digit non-emergency line calls in Utah with the help of AI. Read Now

  • Report: 2025 Video Surveillance Market Set to Grow After Small Decline in 2024

    Novaira Insights has unveiled its latest report, “World Market for Video Surveillance Hardware and Software – 2025 Edition.” The research indicates that the global market for video surveillance hardware and software experienced a slight decline of 0.3% in 2024. This performance fell short of previous forecasts, primarily due to a significant decrease of 7.8% in the Chinese market. Conversely, the rest of the world saw a growth of 4.9%. The global market for video surveillance equipment was estimated to be worth $25.0 billion in 2024. Read Now

  • Report Reveals Local Governments Face Surge in Ransomware Attacks with Minimal Resources

    KnowBe4, the cybersecurity platform that comprehensively addresses human risk management, recently released new research highlighting the critical cybersecurity challenges facing state, local, tribal, and territorial (SLTT) governments. The report details how government organizations have become prime targets for cybercriminals while simultaneously facing severe resource constraints. Read Now

  • Video Surveillance Trends to Watch

    With more organizations adding newer capabilities to their surveillance systems, it’s always important to remember the “basics” of system configuration and deployment, as well as the topline benefits of continually emerging technologies like AI and the cloud. Read Now

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

Most   Popular

New Products

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities