Risk mitigation for supply chain data security

13 Apr 2018

Pip Courcoux discusses the current issues around cyber security.

The landscape of security and access control has changed over the last decade, with the introduction of technology that allows for traceability and time management within mechanical keys. This has meant the conversation has changed - Passkeys, Cryptographic keys, Encryption keys are all becoming more commonplace. By default, we’ve become obsessed with cyber security, and high-profile cases and examples of data theft and loss are rife.

Research shows that 93 percent of large organisations and 87 percent of small businesses experienced a security breach in 2013, with affected companies experiencing roughly 50 percent more breaches than in 2012. Although keys provide access to critical assets, including servers that hold customer data and provide access to offices where customers’ accounts are managed, we see many organisations that don’t know how many keys they have in circulation, or where they are at any given time.
The supply chain

For organisations handling any kind of data, great importance must be placed on resilience within the supply chain. When considering exposure to risk, physical supply chain management presents a number of unique challenges.

Add to this the complex risks that cyber security poses, and ensuring a safe supply chain environment can seem like an impossible task. How ‘stable’ are your suppliers, do you know where they get their products from, how safe and protected are their assets, and how robust are their own relationships with their suppliers?

Mitigating risk can involve identifying dependencies and vulnerabilities that can impact upon supply chains. Increasing the visibility of these areas allows organisations to anticipate their impact and to plan for the contingencies.

The GDPR is a binding legislative act from the European Union for the protection of personal data

Data protection

When it comes to the security of your data, areas that need to be considered include:

  • What information are you sharing within your supply chain?
  • Where is the data located?
  • What are your suppliers doing with that information?
  • Are they reselling that data?
  • Is there a data controller and processing agreement in place?
  • Are they prepared for compliance to the General Data Protection Regulation (GDPR)? Enforcement date: 25th May 2018.
  • How would you deal with a data breach?
  • The GDPR is a binding legislative act from the European Union for the protection of personal data. The Regulation tackles the inconsistent data protection laws currently operating throughout the EU’s member states and facilitates the secure, free flow of data.

    If an organisation fails to comply with the Regulation it could be fined up to 4 per cent of the company’s global annual turnover – and could severely damage its reputation.

    The secure option

    To combat these risks, Abloy UK offers a high level of both physical protection, with its high-quality locking solutions, and data protection using only accredited software and infrastructure providers.

    If an organisation fails to comply with the Regulation
    it could be fined up to 4 per cent of the company’s global annual turnover


    One example of this is PROTEC2 CLIQ, an electronic key system where all the power is retained by the key or locks themselves. This means no wiring is required, whether the system uses door cylinders, cabinet locks or padlocks. Users have secure access to the online management application from anywhere in the world and can change key access permissions, profiles, schedules and validity, even revoking their use virtually at the ‘CLIQ’ of a button.

    Mitigating lost key risks

    CLIQ keys are validated daily, weekly or monthly keeping them continuously secure. Users are required to change their password every 3 months – but when was the last time you changed your keys?

    The CLIQ system enables the organisation to comprehensively track and audit who has access to which locations, when they had access and how often. Access can be granted only at the exact moment it is required, mitigating the risk associated with lost or stolen keys.

    What’s more, Abloy uses accredited software and infrastructure providers that provide enterprise level SaaS solutions, compliant with European and National standards for physically secure key systems. Abloy also uses the latest techniques to secure its customers’ data behind three factor authentications, standard 256-bit encryption, advanced encryption and industry standard SHA-2 SSL certificates.

    So, when it comes to data security within your supply chain don’t leave anything to chance, mitigate the potential risks in advance and only use suppliers you can be sure will keep your data secure.

    Abloy UK Ltd.
    Website
    Email Us
    T: 01902 364538

    School Street
    WV13 3PW
    Willenhall, West Midlands
    United Kingdom

    See Abloy UK Ltd. at IFSEC International 2021

    Abloy UK Ltd. will be exhibiting on Stand IF2230 at IFSEC International 2021, 18-20 May, ExCeL, London, UK

    SCHEDULE MEETING
    Integrated Access Management
    Product News

    Integrated Access Management

    Steve Wintle, Head of CNI at Abloy UK, discusses integrating smart technology and enhancing physical security for critical national infrastructure.

    Read more

    Abloy UK Secure the O2 Arena with Ballistic Doors
    Product News

    Abloy UK Secure the O2 Arena with Ballistic Doors

    Abloy UK has supplied the O2 Arena in London with Hillsborough BR4 ballistic doors. The aim was to enhance the security of the venue as well as offering protection to its occupants from specialised weapons or gunfire. 

    Read more

    Abloy UK secure South Staffs Water
    Product News

    Abloy UK secure South Staffs Water

    Abloy UK has supplied South Staffs Water (SSW) with a bespoke PROTEC2 CLIQ electromechanical security system for 91 of its operational sites.

    Read more

    Abloy UK supplies ScottishPower with a Fire, Escape and Security solution
    Product News

    Abloy UK supplies ScottishPower with a Fire, Escape and Security solution

    Abloy UK has supplied ScottishPower with a compliant fire door solution to secure their Battery Rooms without compromising on health, safety or aesthetics. ScottishPower is part of the Iberdrola Group, a global energy company and world leader in wind energy. They operate in the generation, transmission and distribution of electricity, energy management and supply of gas and electricity in the UK. 

    Read more

    Protec2 CLIQ® solution secures over 23 terawatt hours of electricity
    Product News

    Protec2 CLIQ® solution secures over 23 terawatt hours of electricity

    Electricity North West Limited is the distribution network operator for theNorth-West, England. The company serves around 5 million people via 57,000 km of overhead lines and underground cables, and more than 34,000 transformers. Electricity North West Limited sought a solution to control access at its sites, which are spread across urban and remote rural locations.

    Read more

    PROTEC2 CLIQ® secures electricity network operator
    Product News

    PROTEC2 CLIQ® secures electricity network operator

    PROTEC2 CLIQ® solution secures over 23 terawatt hours of electricity for Electricity North West Limited, the distribution network operator for the North-West, England.

    Read more

    Protecting Critical Infrastructure
    Product News

    Protecting Critical Infrastructure

    Society is highly reliant on the safety and stability of critical infrastructure. From boiling a kettle to maintaining national security, an interruption in the electricity supply can cause serious damage to businesses and the economy.

    Read more

    Abloy Locks Up Transport at Multimodal 2017
    Product News

    Abloy Locks Up Transport at Multimodal 2017

    Abloy UK is showcasing its range of compliant security solutions for the transport sector at Multimodal 2017, and inviting visitors to stand 1024 to discuss the evolving challenges faced by the industry and how they can be overcome.

    Read more

    Reluctance to accept attack in crowded places within the UK?
    Product News

    Reluctance to accept attack in crowded places within the UK?

    The threat posed by anyone intending to cause carnage with a firearm is extremely difficult to predict or plan for. Clearly there is a wider range of people or groups who could potentially use firearms as part of an attack on a crowded place within the UK including people with mental health issues

    Read more

    List your business for free

    Create a business listing on the UK's leading security and fire directory

    Get the IFSEC Global newsletter

    The latest security and fire news, trends and insights

    Close
    FOR MORE INFORMATION CONTACT ABLOY UK LTD.
    * Oops!
    * Oops!
    * Oops!
    * Oops!
    * Oops!
    I have read, understood and consent to your Privacy Policy
    * sorry this is a required field
    MESSAGE SENT!

    Thanks for using IFSEC Global Directory,

    Your enquiry has been sent to the selected companies, they will be in contact shortly.