Risk mitigation for supply chain data security

13 Apr 2018

Pip Courcoux discusses the current issues around cyber security.

The landscape of security and access control has changed over the last decade, with the introduction of technology that allows for traceability and time management within mechanical keys. This has meant the conversation has changed - Passkeys, Cryptographic keys, Encryption keys are all becoming more commonplace. By default, we’ve become obsessed with cyber security, and high-profile cases and examples of data theft and loss are rife.

Research shows that 93 percent of large organisations and 87 percent of small businesses experienced a security breach in 2013, with affected companies experiencing roughly 50 percent more breaches than in 2012. Although keys provide access to critical assets, including servers that hold customer data and provide access to offices where customers’ accounts are managed, we see many organisations that don’t know how many keys they have in circulation, or where they are at any given time.
The supply chain

For organisations handling any kind of data, great importance must be placed on resilience within the supply chain. When considering exposure to risk, physical supply chain management presents a number of unique challenges.

Add to this the complex risks that cyber security poses, and ensuring a safe supply chain environment can seem like an impossible task. How ‘stable’ are your suppliers, do you know where they get their products from, how safe and protected are their assets, and how robust are their own relationships with their suppliers?

Mitigating risk can involve identifying dependencies and vulnerabilities that can impact upon supply chains. Increasing the visibility of these areas allows organisations to anticipate their impact and to plan for the contingencies.

The GDPR is a binding legislative act from the European Union for the protection of personal data

Data protection

When it comes to the security of your data, areas that need to be considered include:

  • What information are you sharing within your supply chain?
  • Where is the data located?
  • What are your suppliers doing with that information?
  • Are they reselling that data?
  • Is there a data controller and processing agreement in place?
  • Are they prepared for compliance to the General Data Protection Regulation (GDPR)? Enforcement date: 25th May 2018.
  • How would you deal with a data breach?
  • The GDPR is a binding legislative act from the European Union for the protection of personal data. The Regulation tackles the inconsistent data protection laws currently operating throughout the EU’s member states and facilitates the secure, free flow of data.

    If an organisation fails to comply with the Regulation it could be fined up to 4 per cent of the company’s global annual turnover – and could severely damage its reputation.

    The secure option

    To combat these risks, Abloy UK offers a high level of both physical protection, with its high-quality locking solutions, and data protection using only accredited software and infrastructure providers.

    If an organisation fails to comply with the Regulation
    it could be fined up to 4 per cent of the company’s global annual turnover


    One example of this is PROTEC2 CLIQ, an electronic key system where all the power is retained by the key or locks themselves. This means no wiring is required, whether the system uses door cylinders, cabinet locks or padlocks. Users have secure access to the online management application from anywhere in the world and can change key access permissions, profiles, schedules and validity, even revoking their use virtually at the ‘CLIQ’ of a button.

    Mitigating lost key risks

    CLIQ keys are validated daily, weekly or monthly keeping them continuously secure. Users are required to change their password every 3 months – but when was the last time you changed your keys?

    The CLIQ system enables the organisation to comprehensively track and audit who has access to which locations, when they had access and how often. Access can be granted only at the exact moment it is required, mitigating the risk associated with lost or stolen keys.

    What’s more, Abloy uses accredited software and infrastructure providers that provide enterprise level SaaS solutions, compliant with European and National standards for physically secure key systems. Abloy also uses the latest techniques to secure its customers’ data behind three factor authentications, standard 256-bit encryption, advanced encryption and industry standard SHA-2 SSL certificates.

    So, when it comes to data security within your supply chain don’t leave anything to chance, mitigate the potential risks in advance and only use suppliers you can be sure will keep your data secure.

    School Street
    WV13 3PW
    Willenhall, West Midlands
    United Kingdom

    See Abloy UK Ltd. at IFSEC International 2019

    Abloy UK Ltd. will be exhibiting on Stand IF644 at IFSEC International 2019, 18-20 June, ExCeL, London, UK

    SCHEDULE MEETING
    Padlocks
    Product

    Padlocks

    Abloy UK provide padlocks to meet the strictest standards in the UK and Ireland, which are suitable for a range of security levels, applications and industries. Abloy padlocks can be incorporated into Abloy's mechanical locking systems- Protec, Novel and Sentry, and can also be used in extensive Master Key sy...

    View product page

    CLIQ Connect
    Product

    CLIQ Connect

    Abloy PROTEC2 CLIQ can now be combined with CLIQ Connect, to add a revolutionary mobile functionality to the solution. If you already use the PROTEC2 CLIQ system, the CLIQ Connect solution can be easily and cost-efficiently added as and when required. The CLIQ Connect solution allows the administrator's remot...

    View product page

    Abloy Door
    Product

    Abloy Door

    Abloy UK offers a range of complete security door-sets that feature a lock, lever, cylinder, and panic option, and is LPS 1175 SR2 certified by the Loss Prevention Council Board1 (LPCB).

    The Abloy Door boasts an EL160 Mechanical Lock Case with automatic deadlocking, DH625-H2-4 Lever Handle Set, Pro...

    View product page

    Low Energy Electric Locks
    Product

    Low Energy Electric Locks

    Abloy has been the world leader in developing electric locks since the 1970s. Now, Abloy presents the new energy-efficient LOW ENERGY locks, which are based on the worldwide internationally renowned Abloy electrical handle-controlled locks. Low energy locks are the result of ecologically-oriented product deve...

    View product page

    PROTEC2 CLIQ
    Product

    PROTEC2 CLIQ

    Abloy PROTEC2 which is based on the patented rotating disc cylinder mechanism, secures the mechanical elements of your site, while the electronic CLIQ technology allows flexible control of keys, access rights and audit trails. Abloy PROTEC2 CLIQ combines both technologies into one unrivalled security solution...

    View product page

    Traka 21
    Product

    Traka 21

    Traka 21 is a sophisticated stand-alone key management system which combines innovative RFID technology and robust design to provide small and medium sized businesses with the advanced management of 21 keys or keysets in an affordable plug and play unit. 
    Operation:-Stand-alone Plug & Play solut...

    View product page

    List your business for free

    Create a business listing on the UK's leading security and fire directory

    Get the IFSEC Global newsletter

    The latest security and fire news, trends and insights

    Close
    FOR MORE INFORMATION CONTACT ABLOY UK LTD.
    * Oops!
    * Oops!
    * Oops!
    * Oops!
    * Oops!
    I have read, understood and consent to your Privacy Policy
    * sorry this is a required field
    MESSAGE SENT!

    Thanks for using IFSEC Global Directory,

    Your enquiry has been sent to the selected companies, they will be in contact shortly.