Three things high security sites should look for in an access control manufacturer

Digital lock icon

Protecting the world’s highest security environments requires a robust security solution that satisfies three important factors: compliance, certifications, and cybersecurity.

These factors play a crucial role in ensuring that only authorised individuals have access to secure systems and data. By understanding and implementing these necessities, organisations can effectively safeguard their information and prevent unauthorised access.

Gallagher’s reliable, efficient, and effective solutions have a proven history of meeting – and exceeding – the three factors of compliances, certifications, and cybersecurity, satisfying the world’s most stringent government standards and earning us a reputation as a trusted provider for high security solutions around the globe.

Compliance: Meet government regulations with confidence

One of the most important factors that high security sites should consider when implementing access control measures is compliance with government regulations. These regulations outline the specific requirements and standards that organisations must adhere to in order to protect sensitive information.

Gallagher’s security solutions are engineered to meet the stringent standards that define how high security sites around the world should be protected. Designed for compliance with government standards around the globe, Gallagher’s end-to-end security architecture enforces business policies, identity, and credential management for secure environments. Although standards vary by region, legislation, and the degree of protection required, they are all met by our unwavering dedication to providing security that is intrinsic: always present, always working.

We lead the way in delivering high security solutions for governments in the Five Eyes alliance which is testament to our strength in security. Organisations can be assured that our solutions are capable of protecting against both cyber and physical attacks.

Gallagher’s specialised high security solutions enable organisations to protect what’s important, by creating controlled, safe spaces that meet uncompromising security standards.

In the United Kingdom, Gallagher was the first manufacturer to achieve the CAPSS 2021 standard with our Command Centre software and High Security Controller 6000. The CAPSS standard is a collaborative effort between NCSC (National Cyber Security Centre) and NPSA (National Protective Security Authority). Its purpose is to provide critical national infrastructure (CNI) sites with confidence that the software and hardware security solutions they have or are considering purchasing have effective cyber protections at their core.

This compliance standard assures critical national infrastructure sites that Gallagher’s software and hardware meet the most stringent cyber security requirements, providing every organisation that uses the Gallagher solution with confidence they have the industry's most up to date and cyber-resilient security platform.

Gallagher’s solutions also meet the GovPass standard developed by the Cabinet Office to provide a unified access credential to government department buildings. We were invited to work with the Cabinet Office in the development and testing of this standard as it was being initiated, exemplifying the close relationships our team maintains with the UK government.

Certifications: Leading the way in government and high security solutions

Another important factor for government agencies to consider when implementing access control measures is the availability of certifications and standards.

Gallagher Security has a proven history and reputation in the delivery of high security solutions around the globe, meeting some of the world’s most stringent physical and cyber security government standards. We are widely recognised as one of the most trusted providers for high security solutions and have developed innovative perimeter, access control, and intruder alarm solutions, which are used to protect some of the world's most significant assets and locations.

We are proud of the many regulations, standards, accreditations, and awards we’ve earned by being an industry-leading, cybersecurity responsible vendor. Gallagher’s end-to-end security architecture enforces business policies, identity, and credential management for secure environments.

Some of the many global certifications and standards, we are proud to uphold are:

  • GovPass Compliant
  • CAPSS Approved
  • NPSA Assured
  • CSE Listed
  • FIPS 201-3 Approvals; 13.01 and 13.02 Topology
  • FICAM Compliant
  • Global ISO9001
  • ISO27001
  • DCID 6/9 ICD 705
  • NIST FIPS199, SP800-53
  • FIPS 140-2 Level 3 Validated
  • FISMA / NIST RMF
  • UL 294, UL 1076, and UL 2050 Capable
  • Section 889 Compliant
  • NDAA, TAA Compliant
  • IEC 60335-2-76 Edition 2.2 2013-05
  • AS/NZS 60335.2.76:2003 Edition 2.1 Incorporating A1, A2 & A3
  • BS EN 60335-2-76:2005 + A2:2015
  • SANS 60335-2-76:2006 Edition 2.1
  • RoHS
  • CE (EN50130-4 & CISPR 14-1)
  • FCC
  • EN50131 certification
  • SOC2 Type 2 certified

Cybersecurity: Protecting against evolving threats

Cybersecurity is a critical concern for government agencies when implementing access control measures. With the increasing threat of cyber attacks and data breaches, it is essential to prioritise the security of sensitive information.

We look to the advice and guidance from the National Cyber Security Centre (NCSC) to define best practice. A strong cyber vendor is one who:

  • Designs cyber protective measures into all parts of their system.
  • Aspires to meet robust credential standards, such as Mifare Desfire EV2 and the FIDO Alliance specifications
  • Has empathy for the IT Security professional with a security hardening guide, allowing them to mitigate risks they deem important
  • Solves business problems across a wide range of areas in your business - a business integrated security solution, not just a solution to open and close doors
  • Undertakes regular internal and external penetration testing to ensure solutions are hardened and secure
  • Aspires to be a CVE Numbering Authority, which grants the authority to publish security vulnerabilities identified within their own product suite
  • Offers a security health check to assist sites with identifying and responding to any vulnerabilities

Government agencies should look for access control solutions that offer robust cybersecurity features, such as encryption, multi-factor authentication, and intrusion detection systems. These measures can help prevent unauthorised access and protect against potential cyber threats. Additionally, regular security audits and updates should be conducted to ensure the ongoing effectiveness of the access control system.

Gallagher has a goal of being the most cyber secure physical security manufacturer. Our solutions are created with security baked in from design to be as cyber secure as possible. We continuously evolve our solutions to meet the changing threat at a software and physical level, building in robust cyber security at every stage. Our commitment, as a cybersecurity responsible supplier, means we are constantly practicing proactive measures to identify where new cyber-attacks occur and potential vulnerabilities exist, including:

  • Software updates every 6 months
  • Controlling the supply from components to shipping
  • Numbering authority for MITRE’s CVE (Common Vulnerabilities & Exposures)
  • Internal and external penetration testing and documentation

With a dedicated cyber security research team, we regularly carry out internal and external vulnerability testing that provides ongoing protection in a forever evolving cyber threat landscape. This ensures our customers are confident that their data is secure and protected from breaches and the ever-increasing threat of cyber-attacks.

Our dedicated security and penetration testing team employs automated testing that runs thousands of scripts to ensure systems are as robust as possible. With 150 virtual machines running 20,000 tests nightly on Gallagher Command Centre, you can trust that we are continuously improving and validating that your site is secure, inside and out.

Gallagher is also authorised as a CVE Numbering Authority (CNA). In becoming a CNA, Gallagher demonstrates a level of maturity in cyber security and a commitment to communicating vulnerability information to customers.

Gallagher is extensively involved in securing critically important sites around the world. We bring that experience with us when our security specialists work with consultants and advisors to deliver solutions that are both right for the site and require an uncompromising degree of security.

Regardless of location, whether it is an embassy, military base, national utility facility, data centre, or research lab, we know what it takes to protect sensitive sites. For operations in the United Kingdom and beyond, there has never been a more important time to keep systems current and secure.

Don’t risk system vulnerabilities. Invest in a secure future.

Chat with our team of high security experts today.

What if security is capable of so much more?

By challenging what's possible, Gallagher empowers businesses to be more connected with their people, their goals, and their potential.

Unlock More


Do you have a question?

Let us put you in contact with one of our team members.

CONTACT US


Want to hear more from Gallagher?

Get the latest Gallagher news, updates, and event information delivered straight to your inbox.

SUBSCRIBE

Stay up to date with Gallagher

Get the latest Gallagher news, updates, and event information delivered straight to your inbox.