A unified physical and logical access management solution in one Security Key

In my first blog post, I will explore why it is advantageous for companies to consider physical and logical access management together. First, I will explain the difference, and then I will discuss the advantages of such a combined solution for companies. Finally, I present the solution that Swissbit offers.

Introduction
Identity and Access Management (IAM) is an integral building block in a defense in depth security strategy. Simplified, the IAM system with its policies defines which user has access to which resources. It also defines which type of authentication is required to get access to a specific resource. Some might require no authentication at all, while others require strong multifactor authentication using FIDO or an authentication method based on certificates. All that is required to protect organizations from data leakage, unauthorized change of data or even attacks against the availability of systems. But is that enough?

Physical and Logical Access Management
Of course not! A holistic defense in depth strategy requires more than logical/digital identity access management – it also requires that the access of individual users to physical objects, like buildings, floors and individual rooms needs to be managed and controlled as well.

Increasing demand for unified physical and logical access management through FIDO2 and secure authentication solutions
Currently, two developments can be observed in the market. First, there is a constantly growing demand for increasingly secure authentication solutions. This applies to both the logical/digital access such as workstation access or logins to cloud services as well as the physical access the workplace as such.

Furthermore, the organization require authentication methods which are secure by design and not prone to typical attacks such as phishing or man in the middle attacks. The increasing acceptance of the FIDO2 standard in enterprise environments is a clear signal: The commitment to passwordless, phishing-resistant authentication is key to success in the logical/digital IAM space.

However, organizations began to understand, that logical/digital access can be combined with physical access control. In the past, for example, large companies have introduced access cards to manage physical access. Sometimes these cards could be used for logical/digital access. This required in most cases the rollout of separate smart card readers. Sometimes the physical access card couldn’t be used for logical/digital access at all which led to a conceptual separation of logical and physical authentication in the minds of users.

And while every employee always took their physical access card with them to be able to move through the building, the logical/digital access card was left in the, if things got really worse unlocked, workstation.

And this is precisely where Swissbit with its next-generation FIDO and multiprotocol security keys, the iShield Key 2 series, comes into play. They eliminate the need for external readers, require user interaction for verification and provide feedback via LED indicators, closing the usability and security gaps of legacy systems. They also provide rock-solid support for Mifare Desfire, Legic or HID based physical access systems.

In other words: They combine physical and logical/digital access control in one robust device.

What are the advantages of unified physical and logical access management?

• Foundation for a defense-in-depth architecture on which a zero-trust strategy can be built: Converged access contributes to a zero-trust architecture by ensuring that access to sensitive systems depends not just on login credentials, but also on physical presence in a verified location.
• Company (cyber-) security is strengthened: Security benefits by implementing a more holistic approach to access controls. Security Operations can benefit from integrated systems that can consolidate monitoring of security events and improve incident response.
• Improved user-friendliness for employees: User experience improvements by simplifying access by providing users with a single credential to manage. This has historically been a driving factor for issuing dual-interface smart cards or leveraging iOS and Android apps when smartphones are managed by the organization.
• No conceptual separation between logical and physical access: Helping to improve user acceptance and awareness
• Financial benefits: By converging physical and logical access controls into a single token, less hardware is required to be purchased, resulting in lower costs, also less efforts to manage logcal/digital and physical access tokens

Swissbit's Hardware Authentication Solutions for Companies

Swissbit redefines secure access with its innovative and reliable hardware, enabling companies to take control of their digital sovereignty. The iShield Key 2 MIFARE is at the forefront. The first device to combine digital and physical access control, it demonstrates how Swissbit is redefining hardware security in response to growing cyber and physical security challenges.

Why Swissbit is a technology leader in hardware authentication solutions

The iShield Key 2 provides strong FIDO2 authentication and enables secure building access with a compact, robust USB token. Additionally, the device supports secure updates via encrypted channels, enabling companies to deploy on-site firmware and new applications, thereby maximizing flexibility and ensuring future compatibility.

As cyber threats increase and work environments become more hybrid, evolving regulations such as NIS2, DORA, CRA, KRITIS-V, OMB M-22-09, and the U.S. Executive Order on Cybersecurity require organizations to have strong, flexible authentication tools.

With its FIDO2-compliant iShield Key 2 series, which includes the first FIPS 140-3 Level 3-certified security key on the market, Swissbit is at the forefront of authentication development in all industries, including federal agencies and organizations implementing Zero Trust architectures.

Does that sound interesting to you? Convince yourself of our expertise and just contact us!