“Joining the SPAC® Alliance is the logical choice for meeting tomorrow’s challenges in a consistent way…”
Maxime CHAMLEY,
Director, LEOSAC.
LEOSAC is a software publisher for the physical access control industry, offering a comprehensive solution for personalizing access cards and the secrets associated with them.
Can you introduce your Activity?
How a business or administration manages access cards, and more generally authentication methods, is one of the first links in the access security chain, as well as a guiding principle for an organization’s security processes and technical requirements. That’s why it’s important to carry out an in-depth study beforehand, and then adopt technology- and hardware-agnostic tools. In a way, we are the end customer’s guarantor of independence when it comes to card security.
What challenges do you face in terms of security?
As authentication methods evolve and access control ecosystems become increasingly complex, we sometimes have to reconcile certain principles with current user expectations. We have to meet one need without sacrificing the other. In reality, in a digital world, it is rarely possible to reconcile the two ad-hoc, or at least in a secure way, so we have to constantly work on our software architecture, and be ready to challenge it at every opportunity.
Why did you join the SPAC® Alliance and its ecosystem?
In today’s global security environment, it’s no longer feasible for solution providers to operate in isolated silos. Joining the SPAC® Alliance is the logical choice for meeting tomorrow’s challenges in a consistent way. It’s a prerequisite for rational, and ideally interoperable security.
What benefits can the SSCP® protocol bring to the security market?
The SSCP® communication protocol is part of this standardization and certification process, thanks to the SPAC® Alliance.
SSCP® guarantees security players the interoperability of increasingly real solutions.
The actions of the SPAC® Alliance are in line with our vision of a sovereign and strong Europe when it comes to cybersecurity
The importance of certifications (and/or standardization) in the security market?
A piece of hardware, a piece of software, or a protocol, is only considered secure when testing has confirmed it. And I should add that time is also a factor. There’s no guarantee that it will remain secure in the future. This is what I think justifies the perpetual nature of certification renewal and the need to keep up with evolving standards. In a market with many solution providers, I can think of just two solutions: blind trust, or using benchmark values through standardization and certification. For me, these points are intrinsic to the very definition of digital security.
