Genetec highlights risk of legacy access control systems in light of rising cyber-attacks

Cybersecurity and access control

Share this content


Genetec Inc. has cautioned organizations of all sizes to be vigilant about the cybersecurity risk posed by legacy access control systems.  

“Many organizations are operating with access control systems that date back 10 years or more. While these older systems still allow employees to badge in and out, there’s a very high likelihood that these systems employ technologies that are extremely vulnerable to modern cyber threats,” said Christian Morin, Vice President of Product Engineering and Chief Security Officer at Genetec.

According to the company, vulnerabilities in legacy systems can introduce cybersecurity weaknesses that may put an entire organization at risk. Cyber-criminals can exploit weaknesses in access control system credentials, controllers, servers, readers or workstations connected to the network.

Once a cyber-criminal has breached access control system credentials, they can then move on to an organization’s network and can gain control of other building systems, view or steal confidential information from internal records or launch attacks designed to take key systems offline.

To improve the cybersecurity of access control systems, Genetec recommends:

  • Upgrading the system to a newer system
  • Using advanced secure credentials and the latest communications protocols to secure data transmission
  • Educating employees and partners about cybersecurity best practices and ensuring they are prompted to change passwords often
  • Regularly checking for firmware and software updates
  • Using a centralized identity access management system to ensure virtual and physical authentication and authorization of employees
  • Creating a dedicated network for access control systems
  • Choosing a security provider who can demonstrate compliance with established security certifications
  • Ensuring that the access control system uses proven data encryption standards as well as multi-factor authentication
  • Working with a partner that has strong supply chain risk management, a dedicated team to monitor cyber threats and ensures software is updated frequently and patched as needed 
Receive the latest breaking news straight to your inbox