You typically hear two things about Cloud-based access control systems: they are convenient and cost-effective but also not as secure as a locally hosted option. However, that isn’t necessarily true. There are many steps that a security company can take to make their cloud security more secure and a better option for you than local hosting. OpenPath takes dozens of steps to protect from cloud security vulnerability. Here’s why their cloud system is still secure.
You Own Account Permissions
Sure, we have expertly trained staff, but allowing them access to your permissions would be a mistake. Only you have control over your account permissions when you use OpenPath. In fact, you can disable (and re-enable) your installers access to your account. Our staff can always view your system, but they cannot modify or unlock it either. This means that you retain ultimate control over your system and it stays more secure for that reason.
In fact, among our employees, we operate on the principle of least privilege. That means we only give access to people who absolutely need it. Only a small number of employees have access to our cloud operations, and fewer have platform layer access to the cloud infrastructure.
When you use a cloud security system, data has to travel out of your facility to the OpenPath server and then back to you. OpenPath uses encryption for all data in transit or at rest. The company uses the strongest encryption available for this.
What if someone wants to target your servers to get into your facility? There is no local data stored on the Smart Reader. While the hardware is tamper-resistant, even if someone does tamper with it, they will not find the information they need.
Certification and Audits
Security companies need to stay one step ahead of hackers who find new vulnerabilities in cloud technology and other technology. OpenPath does. They are SOC2 certified and perform 3rd party penetration testing on a regular basis. Internally, they have constant security testing and vulnerability scanning. As a client, you have access to your own audit log of all operations in your system, and it is immutable, so it cannot be altered. You can therefore audit who has been accessing your system when you want to.
We’re not picking on some person named Jenkins. Jenkins was a part of the Verkada cloud security vulnerability exposed in March 2021. Even before this, Openpath did not use Jenkins or any other system where you can bulk edit the cloud or its infrastructure.
Processes that Protect the Cloud
OpenPath also has a reputation for following smart security principles among their own staff to ensure the security of the cloud. This includes:
- Defined policies to handle access, electronic distribution, storage and disposal.
- All employees receive yearly security training.
- Centralized asset inventory and management tool to make sure every server and machine is up to date.
- Access to the cloud infrastructure requires strong password, physical tokens, IP-based restrictions and VPN access.
While no system is entirely secure, we’re confident that the OpenPath access control systems we provide offer among the strongest cloud-based security you can get.