Menu

Security

Risk is everywhere. Keys can be copied, badges passed around, and an unattended desk can give the wrong person the right credentials. Access control systems are only as secure as their fundamentals. We designed Openpath as an ecosystem, complete with solutions to some of the most common complaints in the industry.
Everyday threats
PINs
Personal Identification Numbers are easily shared, and troublesome to change.
Cloning
Low frequency proximity cards and magnetic stripe cards are very vulnerable to record and replay cloning.
Cards
Cards are easily lost, stolen, or shared between employees, with low ability to identify individual users.
Reader Vandalism
Card readers that store any data on them are vulnerable to physical tampering and can expose data or even compromise an access control system.
The Openpath Approach

As an Openpath customer, your safety is our highest priority. We've worked hard to build a system with layers of security to outsmart a world of evolving threats.

Your workspace or building will be protected from the threat of unauthorized access by advanced systems designed to meet the requirements of the most security-sensitive organizations.


Watch and learn about our approach to security from Samy Kamkar, Chief Security Officer and Co-Founder, Openpath

Physical Security
Smart devices can instantly improve your security profile by enabling multi-factor and/or biometric authentication, one time passwords, employee location awareness, and immediately effective credential revocation.
Virtual Security
The cloud is continuously upgraded and updated to protect against emerging threats. Local computers will often remain vulnerable, and need time-consuming upgrades to various system software.
Directory Integration
Maintain a single source of truth for all your users. Synchronize your Openpath users with your directory like Google G Suite or Office 365.
Real-Time Monitoring
Dashboards display successful and failed entries, sensor alerts, and ajar notifications in real-time and help you track the state of access controls around your physical perimeter.
Audit Trail Integrity
Create and securely store an ongoing log of all confirmed access to your location to help support forensic investigation of any incidents and meet record retention requirements.
Biometric Authentication
For any sensitive locations and entries, you can leverage fingerprint authentication or facial recognition that is already built into smartphones.
Encrypted RFID Cards
Openpath recommends and offers DESFire EV1 access cards. They offer some of the strongest encryption and security available, with no publicly known vulnerabilities.
Multi-Factor Authentication
Enable multi-factor authentication on any entry for added security.
Reader Security
Reader security may be the most overlooked, vulnerable point in an access control system. Our readers store no sensitive data or secret material. They act as a blind proxy between the credential and control unit and offer no value to those who attempt to tamper with it.
Cloud Security
All communication with the cloud is encrypted end-to-end with strong public key cryptography and mutual authentication.
Identity Oversight
If an employee or user joins or leaves the company, authorization is instantly granted or revoked.
IoT
Companies are faced with the challenge of managing IoT devices, often running old, insecure, and difficult to upgrade firmware. Because our system is fully managed, we keep your system secure from emerging threats.
CloudSync
CloudSync is our offline first technology, which allows the system to operate even if your Internet connection goes down.
Mobile Security
All phone communication is fully encrypted, end-to-end, without any dependence on the security of the underlying wireless protocols.
Compliance & Certifications

Openpath access control system was designed to help organizations meet all their compliance requirements for physical security. Deploying Openpath in your locations specifically helps meet:

  • UL 294 Standard for Access Control System Units. We are registered and listed with MET Labs, a UL certified compliance agency. https://www.osha.gov/dts/otpca/nrtl/met.html
  • PCI Requirements for Physical Security (Requirement 9), and Track and Monitor All Access to Systems (Requirement 10).
  • ISO 27001 requirements for Physical entry controls (A.11.1.2) as well as Securing offices, rooms and facilities (A.11.1.3).
  • MPAA Best-Practices Requirements for Entry/Exit Points (PS-1.0), Visitor Entry/Exit (PS-2.0), Perimeter Security (PS-4.0), Authorization (PS-6.0), Electronic Access (PS-7.0), and Logging and Monitoring (PS-10.0).
  • CJIS Requirements for Auditing and Accountability (5.4), Access Control (5.5), Identification and Authentication (5.6), Physical Protection (5.7), and Media Protection (5.8).
  • HIPAA Requirements for Workforce Security, Information Access Management, Facility Access Controls, Access Controls, Audit Controls, and Person or Entity Authentication.
Stay in Touch:

Sign up for the latest news on how to make your access control system work harder, so you don't have to.

This website stores cookies on your computer. These cookies allow us to remember you, customize your browsing experience, and analyze web traffic. To find out more about the cookies we use, see our Privacy Policy.

+