Most popular Articles of the Category
Explore how 2N treats cybersecurity as a continuous discipline, protecting access control systems through secure authentication, encryption, and EU data protection.
For users, the expectation is simple. Devices that protect homes, offices, and shared spaces should never become a risk themselves. They should be secure by default, transparent in how they handle data, and designed with privacy in mind, not as an afterthought, but as a foundation.
In professional access control, where systems manage identities, credentials, video streams, and building infrastructure, the responsibility is even greater. Cybersecurity is no longer a technical checkbox. It is a business requirement, a compliance requirement, and ultimately, a trust requirement.
At 2N, we see cybersecurity as a continuous discipline – one that starts at design and extends through production, deployment, operation, long-term maintenance and ends with safe product decommissioning. In this blog, we outline how we approach cybersecurity in access control and what “secure by design” means in practice.
Connectivity brings power — and responsibility
Modern access control systems are deeply connected. This connectivity enables efficiency, flexibility, and a better user experience. Access control devices, including intercoms, link to cloud platforms. Credentials move from plastic cards to smartphones. Devices exchange data with other building systems in real time.But it also expands the attack surface. For installers, system integrators, real estate developers, and property managers, cybersecurity is no longer optional. Protecting access points also means protecting personal data, system integrity, and operational continuity – all while meeting evolving regulatory expectations such as NIS2, the EU Data Act, and the new Cyber Resilience Act.
Our response is clear: security must be built in, not added on.
Identity is the first line of defense
Every reliable system starts with knowing who can access it — and how.
Access to the My2N Management Platform is protected through strong identity and access management mechanisms designed for professional environments. These include:
- Strong password policies
- Optional multi-factor authentication (MFA)
- Protection against brute-force attacks
- Session timeout controls
- Checking new set passwords against leaked password databases
- SAML-based Single Sign-On (SSO) for organizations with centralized identity management.
User permissions follow the principle of least privilege. Roles can be adjusted at any time, ensuring that individuals only access what they need to perform their tasks.
For organizations managing multiple sites or large deployments, this level of control reduces operational risk and improves accountability.
Encryption as a baseline, not a feature
Protecting data means securing it at every step, in transit and at rest.
All communication between users, devices, and cloud services is encrypted using modern TLS protocols (TLS 1.2 and TLS 1.3). This ensures confidentiality and integrity during data exchange.
Data stored within the platform is encrypted using AWS-managed encryption keys, governed through centralized services with strict access controls and regular rotation.
In practice, this means sensitive information is protected at every stage, whether being transmitted between devices or stored in the cloud.
Transparent and Responsible Data Handling
Under EU law, professional access control systems like those from 2N, must clearly define how data is classified, processed, stored, and retained.
The My2N Management Platform distinguishes between personal and non-personal data:
- Personal data — such as credentials and identifiers — is processed in accordance with GDPR and applicable privacy regulations.
- Non-personal operational data — including telemetry and performance metrics — is aggregated and anonymized to support system monitoring and product improvement.
Importantly, data within the My2N platform is stored on servers located within the European Union, ensuring it is protected under EU privacy and security legislation. For many commercial and residential projects, this provides an additional layer of regulatory assurance and clarity.
For developers and property managers navigating regulatory requirements, this structured and transparent approach simplifies compliance and reduces uncertainty.
Advanced video without biometric risk
Innovation in access control does not have to come at the cost of privacy
2N video intercoms include adaptive Face Zooming — a feature that automatically detects a face within the camera frame and adjusts the zoom level to improve visibility for the user.
Importantly, this is not facial recognition. The device does not identify individuals, store biometric data, create face templates or send video data to any third party. It simply detects the presence of a face in real time to optimize the video feed.
This approach enhances user experience while avoiding the collection or retention of sensitive biometric information — supporting GDPR-aligned design principles.
Secure Software Development as Standard Practice
Cybersecurity is not just about platform infrastructure. It is about how people design and build their software.
All My2N software is developed in line with the ASDM - Axis Security Development Model, adopted across 2N’s Research and Development.
Security is embedded at every stage — from architecture design to deployment and long-term maintenance.
Each new feature undergoes:
- Security reviews
- Code analysis
- Automated testing
- Continuous vulnerability scanning
- Dependency monitoring
When any improvement or new feature is being added to My2N, the microservice architecture enables service-by-service updates, allowing controlled rollouts that reduce downtime and maintain stability.
In addition, 2N operates a fully implemented Information Security Management System (ISMS) and is certified to ISO 27001:2023. This certification demonstrates that our security processes are independently audited and aligned with internationally recognized best practices. This enables us to deliver features at a fast pace while maintaining long-term resilience.
Verified Devices, Controlled Communication
Devices communicating with the My2N Management Platform must prove their identity before participating. To achieve that, they use a purpose-built protocol designed for secure, reliable, low-latency operations.
During onboarding, devices are authenticated and establish encrypted TLS sessions using exchanged certificates before any data transfer occurs.
Only verified devices can operate within an organization’s environment.
This controlled communication model reduces the risk of unauthorized device access and protects system integrity across distributed installations.
Designed for Real-World Deployment
Security must be robust — but also practical.
My2N services are designed to operate without requiring complex network configuration changes.
Clear technical documentation defines required domains, ports, and protocols, including secure HTTPS, SIP TLS, and encrypted RTP traffic.
For technical teams, this balance between protection and usability simplifies installation and ongoing management.
A Shared Responsibility
Cybersecurity in modern buildings is a shared responsibility.
Manufacturers must design secure products. Installers must deploy them correctly and keep them updated. Property managers must maintain controlled access and governance.
At 2N, we believe strong cybersecurity builds more than secure systems — it builds trust.
By embedding secure authentication, encrypted communication, structured development practices, and transparent data handling into our platforms, we support professionals who demand reliability, compliance, and long-term stability.
Because in access control, protecting the door is only part of the story.
Protecting the data behind it matters just as much.
Would you like to know more about our cybersecurity framework?
Download the My2N Cybersecurity Overview to explore our standards, architecture, and security controls in detail.Download here
Want a deeper look at secure-by-design access control, compliance, and best practices?
Category
