The Silicon Review
Protecting important data, confidential information, networks, software, equipment, facilities, company’s assets, and personnel is what physical security is about. There are two factors by which the security can be affected. First attack by nature like a flood, fire, power fluctuation, etc. Though the information will not be misused, it is very hard to retrieve it and may cause permanent loss of data. Second is attack by the malicious party, which includes terrorism, vandalism, and theft. All the organization faces different kinds of physical security threats. Physical security is very important, but it is usually overlooked by most organizations. It is necessary if you do not want anyone to snatch away your information or destroy it, in case of natural calamity. The reason could be anything, the attacker doing it for personal gain, financial gain, for seeking revenge or you were the vulnerable target available. If this security is not maintained properly, all the safety measures will be useless once the attacker gets through by gaining physical access. Though physical security is proving to be challenging than previous decades as there are more sensitive devices available (like USB drives, laptops, smartphones, tablets, etc.) that enables the stealing of data easy and smooth. In 2012, a group of innovators built the first prototype of what is now known as Kisi (kē-zē). While starting small, the vision has always been to change the way enterprises secure facilities. As an IoT company, Kisi’s goal is not to create an extra product to buy, but actually enhance an everyday experience—working and living indoors.
Today Kisi is the industry-leading physical security system for modern facilities. Arming your team members with a keyless entry system does more than eliminate keys—it builds a vibrant office culture. Simple web dashboard and easy-to-use app save administrators and employees time, result in fewer interruptions, and add up to a positive work experience day after day. Kisi is the only access system that offers a future proof end-to-end solution. Over-the-cloud updates occur in real time and enable full automation through third-party software integrations.
Devices implement secure boot, ensuring that no code is run by the embedded CPU unless code signatures match. Code is run from memory on the same die as the CPU, and all debug interfaces are permanently disabled.
Devices connect to the Kisi Cloud over TLS 1.2 with mutual authentication and ephemeral key exchange to ensure privacy and integrity with full PKI chain validation. Devices connect to the Kisi Cloud over TLS-secured IP channels to ensure privacy and integrity with full PKI chain validation. One of the biggest threats to device security is to run a different firmware without the device knowing it. To prevent this, Kisi uses (aside from industry best practices including 2FA for any deployment accounts) a method called “secure boot” with encrypted code loading. Storage is encrypted with a per-device key meaning that each time a Kisi device starts, it can only run previously verified firmware—an absolute novelty in the physical access industry.
Network security is one of the most critical components for cloud-connected infrastructure and any communication between Kisi devices, Kisi apps and Kisi services is encrypted in-transit using HTTPs. Kisi is a future-proof product that works on the IP layer. This means that Kisi operates on the same local network as your other devices, so you don’t have to pull specific cables for your access control system. Controllers and Readers communicate with each other through the Kisi Cloud over TLS. Where available, Controllers and Readers also communicate over the local network using AES-encrypted UDP channels. Network communication over UDP signed and AES / HMAC encrypted. Kisi data is hosted on Amazon's servers (AWS), which features the best data security and reliability in the world.
Security starts with Kisi, but it extends to each user who logs into the software. Kisi gives you the tools you need to control who has access to your system, and what they do with that access. Kisi partnerS with the most trusted single sign-on (SSO) providers in the industry using SAML 2.0 with signature verification for organization users, including Okta, OneLogin, Google Business Apps and Azure Active Directory—not only for administrative access but for end-user access as well. This means that your doors are secured with SSO.
Bernhard, CEO & Co-founder