KuppingerCole Webinar recording
KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security.
Get instant access to our complete research library.
Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation.
Get instant access to our complete research library.
Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections.
Get instant access to our complete research library.
Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities.
Get instant access to our complete research library.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
KuppingerCole Webinar recording
KuppingerCole Webinar recording
Good afternoon, ladies and gentlemen, welcome to our webinar. One identity for all successfully converging digital and physical access, seamless integration of access to buildings and system indications stronger, stronger, cheaper, faster. The speakers today are Martin Kuppinger, EE I'm the founder and principal Analyst of KuppingerCole and you community chief marketing officer of nexus technology, nexus technology, supporting this webinar.
Before we start some general information and some housekeeping regarding the webinar before we then directly dive into the topic could be a cold Analyst company providing enterprise it research advice for services, decision, support networking. One of the things we are doing aside of our research is that we do some once upcoming events include our risk and security summit, which will be held in end of January and China and our European identity and cloud conference, which will be held next time again, in may in Munich, we do also a number of seminars on various topics.
Some in German language, some English language will do some more in next year. So have a look at this offering as well regarding the webinar itself, you are muted center, you don't have to mute or unmute yourself. We are controlling these features. We will record the webinar and the podcast recording will be available tomorrow. And the Q and a session will be at the end. So you can end questions at any time. And I strongly re answer.
Once you have a question that you, this question on this questions tool, and you go to webinar control panel at the right side of your screen, so that we have well, a good list of questions at the end of the presentations for the Q and a session. But I also would like ask again for questions. When we have ended our presentations, the webinar arts itself is structured in two parts or three parts, including Q and a as usual.
So the first part I will talk about the business benefits or some of the business benefits of physical and logical convergence in the context of as where authentication authorization is moving. And the second part, then Mr. Kuney will talk about innovative solutions for both organizational technical challenges of physical and logical convergence. After that, we then will do a Q a special, so when we talk about this physical logical convergence or, or just the creation stuff, then what is it about? So one part is physical access. I think this is some thing we all knew when we are.
So for the ones who are working a larger organization, you have this building access systems or side access systems. Some, some might have special access systems for the data center and another rooms which need more protection. Then we have to logical access on the other hand, which is to sign on to it systems. Or I think this is a very important point when we look at this entire topic also to operational technology to the manufacturing systems.
So we shouldn't only look at the sort of the office, it, the, the part we traditionally look at, but particularly in this integration or with, with focus on this integration, I think it makes a lot of sense and might deliver a lot of value to also look at the operations technology to manufacturing systems. I will talk about this later in detail conversions, in fact means looking for integrated approaches where one type of token is used for boost types of access. And I think which is even more important. That will be one of the topics I will touch on. Mr.
Ville will talk more in detail about is also not only having one type of talking, but having one type of management. So one type of a policies, one type of in fact, reporting analytics, cetera.
So, so really better understanding what's happening here. So this will be the topic for today. Where is this physiological conversion setting? And if you look at, at some of the business benefits of having such conversions, we all know not an entirely new topic. So some companies have something like that for quite a long time. Others are sinking about us for, for a long time. So it's not that no one did it before. I think it's sounds just saying, we find a number of organizations. It's something we like in a number of organizations. What are the business benefits?
One of the business benefits is having one process, which allows us issuing these tokens, managing access and in consequence, reducing costs, reducing complexity of processes. So if we have one process where the token, which grants access to decide to the building to specific rooms or to systems or OT systems, if this is one consistent process, clearly it's better than having two or more processes in parallel. The other thing is if done, right, it can also provide faster access to other sites.
So in larger organization, sometimes it's a, it's a quite lengthy and cumbersome process to get gaining access to another side. And so queuing for day passes, whatever that can be done in a different way, if done, right, depending on the physical access systems there compatibility, but also depending on, on how efficient the process is. So if you can request just before and just sort of print out, then you, you, you in new card for the day was limited.
Well, did the, that can speed up things a lot, improve security. So in fact, side access is sort of an additional layer of defense was integrated control.
So saying, okay, I, I know this person, first of all, can do specific thing because he or she can access a specific side. This can add to an overall security. I haven't put too much emphasis on that, but I think if you turn it around, look at it from the other perspective, understanding all, all the access, physical and logical access as an entity, and an understanding it as something which is related allows us to do better Analyst in some areas, better forensics and other things. So for better perspective, I think improved security us is a very important thing.
One of the things I particularly find particularly interesting is that we can use this potentially for simplified sign on for operational technology. So if feel, look at many of the manufacturing environments, what you find there is you find computers which might be just sort of standard desks of systems, which might be more specific systems in the operation technology area.
And, and many of them are not well protected. So there's no individual sign on the common argument for data. It takes too long during the, the, the standard work processes to sign on, sign off. If you use a physical access system with NFC building with a good management of access controls, you can use it for, for single sign on and for access control in these environments, which is then quite seamless, pretty easy to use, but far more secure than trust, not signing in or signing off individually. And at least it provides indication.
It's a clearly you can always say there's better security than that, but it's far better than what we see in many of the manufacturing environments today and integrating it with the batch, the person's any have any way for site access is I would say just logical approach and integrating them the access controls and central management also is very logical.
Another business benefit is if you have such top token, then you can use it for single cell on put on not only the, sort of the physical access, but information for your logic access to systems and using this for, for things and capabilities, adding convenience for you, business users, and then there's strongest indication. So if you have to token, then it's a standard means for access for all Ts that have a batch. It means they have a second factor anyway. So you automatically end up with sort two factor a syndication, an opportunity to do that.
And if you can integrate this process, and we all know the process for, for issue issuing the badges for side access on the process for issuing tokens for as a second factor for strong, a both are relatively complex processes as particular. When we look at the details. So someone has lost the batch cetera, etcetera, and having one process, one management, and also one analytics makes things for simpler. So there, there are good reasons for physical logical conversions.
However, they also some challenges in that. And I think from my experience, what I really see as the biggest challenge is the fact that different departments in the organizations are in charge of physical and logical access. So on one hand, there's the classical security department, which looks at the security side access and all that stuff. And the other one is more the identity management department or something like that, which looks at the logical access, not to talk about the OT part, the operational technology at all, which commonly again is another department. So this is a challenge.
This is a challenge which has to be solved first. Otherwise projects have a, my experience, a tendency to fail technical integration between carting systems. And that provisioning is another one. So if we really want to do that seamless, and we, we should have one process for requesting access. So side access is just one part of it and might include saying, I need side access to this side for 14 working days. And then this is added on then a car, a batch can be issued automatically, etcetera.
So there should be integration between the systems, that's something which should be done and such technical integration or something, which is not the easy. This is a topic I will leave to Mr. Clinic later, where he will dive more into detail.
Again, it might not work. So just integration might not work for all sides, particularly small sites, which, which don't have the type of systems or where integration's a little bit more challenging or in very large globally first organizations, clearly there might be limitations, but on the other hand, there might be a lot of chances to solve problems. Particular smaller sites are facing today. One of the interesting points clearly is how to define a process.
So how to define a secure process for issuing cards and S whatever, which means it requires skills and also clearance level for people who are, for instance, issuing cards at a gate. So you need a secure process there, how to do, how to do that, cetera, cetera, and the other thing, which you also have to keep in mind. The topic I will talk a little bit more right now about is, is while you might achieve a strong occasion, it might not be good enough or might not work for all use cases you have.
This is where I want to, to, to a little bit into where we see the entire a syndication topic heading and authorization topic, because I think this is important as a background when thinking about where to, to move is theological convergence. And so the, the one thing we we see is that a syndication and authorization are becoming increasingly dynamic. So it happens for at run time based on a number of information. So the credentials or someone indicated, but also the context information.
So where is this person, which devices that you using, cetera, et cetera, and based on policy system decided about what is allowed someone allowed to or not. And this dynamic part is quite important because it, it, and also this context, because it's also about which credentials does someone use. So are these sufficient, and there might be different types of credentials. There might be different contexts, which means how do we deal with this entire stuff? When someone is using a mobile device, how do we make it work them, which is sort of turning the thing around again.
So this is one of the things I think, which is, which are important. The other thing is that we increasingly see more, more created type of a syndication adaptive or syn reverse authentication, where we have a number of, of different authenticators.
So, so commonly, we had passwords. Now we have the tokens, particularly when we integrated stuff, there might be biometrics, which also might work for side access even while it's more uncommon and probably not, not as standard way to do it, is that right?
We, we need to be able to, to combine different things depending also on the device, which is used, which might not support everything, but also depending on what we want to access. So it's not that we don't say we have one type which works for everything. Particularly the physical batch might not work for all types of systems. That's something we, we, we need to think about how do we deal with the mobile uses etcetera. So while physical logical convergence usually provides a token, there's still some things which are challenging.
So one, one positive thing is we, if we, if we do the physical logic conversions, right, and do the processes right, then we have at least at the gate of site or somewhere else, we have a, at the opportunity to implement a flexible and rapid replacement process. If someone has lost a specific one for side, etcetera, all managed centrally integrated with your identity provisioning or your overall identity access management. But if you look at mobile users, that remains of challenge, how do you use card stem?
What one option might be to have NFC so need for communication there, which just supported increasing by increasingly more of the mobile devices so that the factor works anyway with these devices. But on the other hand, there also might remain a need for additional, even stronger types on certification. So we might say, okay, this is fine for, for standard access, but it doesn't work for everything. And so again, how can we do it?
And again, there might be done the situation that we say, okay, we have our batch, we have our password. And we use our out of band, an occasion. We have smartphone and a combination for the, the situations where we need even more security, even stronger, our syndication. So conversions clearly helps, particularly because it allows as a way to issue tokens and manage tokens in a more seamless way, integrated with the physical side access. It doesn't cover all types of users. So we need other approaches as well.
But I think it helps in, in various areas, what do we need for, for successful conversions? The most important thing is that we need well defined accountabilities responsibilities, organization processes for both physical and logical access. So first of all, we need to understand who's responsible for what, how do we set up the organization? How do we process look, look like we need well, sought out security approaches for issuing cards. So these are tokens.
The more information they hold, the more access they allow, the better the process needs to be the, the better the security needs to be, which also means we need a strong and consistent management across all types of access, physical, logical dot stuff, whatever we need to look for alternatives or strong application for mobile users.
And also for people who only access externally, which not necessarily are only mobile users might be also our other types of external users, technically integration between identity provisioning card issues in systems still is one of the points we have to look at, particularly because many of the part, the card issuing systems are quite legacy and we need efficient revenue, secure replacement process. So we, we need to avoid queuing in all these process, make it efficient, make it seamless. So these are some of the thoughts I have around physical and logical conversions.
And this is where I want to hand over to who will dive more into detail now. So I will make him the presenter and Hello everybody.
Thank you, Martin Cooper. So my name is KK. I'm CMO at nexus, and I'll like to talk a little bit about this conference. Martin told you about, and just my background, as I said, I'm CMO at nexus. I have about 30 year experience in security industry coming originally from the fiscal axis and then years moving more, more and more towards digital security. And as founder of former VPs ID systems, I was very much involved into development development of identity and credential management systems, especially in large enterprise environments.
So as Martin described, there's a, there's a confidence process between physical and digital access. And actually that's, that's not new. It's quite a time we talk about that, but our experience is that it's, it's getting more attention these days and it's getting more concrete for organizations because of different reasons. And that's what I I'm covering in the first part.
When I talk about marketing market requirements and drivers, and one reaction of this is at our company Inus that we develop kind of an excess technology platform, which can be kind of single point of, of, of, for this convergence of physical and, and launch go to chill is how we called it. Big part of the presentation will be a customer case. That's actually a model or HR model.
We, you looking at this place to, to start different reorganizations in for, for managing different identities for people, for devices. So this will be a big part of my presentation. So looking a little bit back and, and at history, maybe this is a picture which is quite old and maybe some of you may not remember that I do still. So there on the physical side, it was quite easy. And in this, in this early days of, it was quite easy to control access. So on the physical side, you had some doors and just open, close it, fences and walls around companies.
And on the, on the it side, you see all this boxes. So single PC, single user management. So everything was quite simple. So in the 19th, this changed and then centralized management of identities and entitlements was increasingly recognized as important and this, especially by by companies and large organizations. So this was a time when identity access management systems or central directories were developed in, in the it side, on the, on the physical side. It it's little bit still like today.
I think mainly Ary access and time attendance systems took over the control of the physical security and they introduced the company patches for and credentials for employees and visitors. So, and I think still from this time on, and, and to big part still today, I think we have the separation of physical and digital access. And then very often you see it from, from the technique and you see it also from the organizational start, you are looking to different companies or organizations.
So on one side you have physical X control systems and they are in charge of administrating ID cards, or they do the definition of security areas and the configuration of cart readers and so on. And then you have the digital access on the other side. And this is very much about managing users for it, access for accessing data networks, computers, and so on. And they mostly are using so-called identity access management systems, IM systems. So well that's that picture looks like the normal corporation has a security physical security department.
They are very much using HR systems as a source for their, for the identities of people, visitors, or partners, and they defining different access areas and controlling this area. So they have kind of role-based access definitions for the different employees. And mostly it's, it's, it's limited to one location where they control these areas. On the other side, you have the it department, which is very much, very often linked to a corporate directory as the source for identities. And they use this IM systems for managing access to this, to this sources.
So things are changing and very, very much these days. So we are, I think we are kind of at the beginning of a new area, and this will also need changes, I think in it infrastructures and, and how we, we do things, you know, and then this area it's called from some people they call it digital business. So I think in this time, complexity reaches a really new level. So one driver is increased mobility and globalization. So this will cause really access to data from almost everywhere.
You know, it's not just limited that people have access within the company, or you have control over all the identities cause they're in inside your company, you're building, this is changing. Then the internet of things is really getting more and more, more dominant. So that's caused us to think about not just managing the identities of people. So it's also about object and things. And this is, I think we are really at the beginning of this development increase of cybercrime, it's also big, big topic that's changing.
And at the end, it's really what we see is this con of physical, initial security, because all the physical security is more, it readers are it based ITP based? You know, there are cloud based access control systems connecting to reader.
So it's, it's more, more about it. So if we look at, at the landscape today, how does a corporate environment looks like?
So it's, there are not any longer that you don't have this Walt and fences around the company. It's quite open landscape like Kei come. Lot of companies, not only the big companies, also medium small size companies may have different locations. And especially when we talk about fiscal access, they have different maybe different ex control systems running from different vendors, different technologies, you know, the us, they have, you have different vendors maybe in Switzerland or Germany or Nordic. So this is different.
And the people are accessing data and, and critical infrastructure is not just inside company. It's from everywhere by, by mobile phones, from home offices and on, and more and more systems of data is moving toward cloud. So you have to change or administer access to cloud applications and data. So it's really, the landscape is changing.
So, and the questions today are really the central questions is how do I manage this identities of people and device devices and, and more and more things, machines and so on. So, and how do I manage this different credentials for this identities and, and especially entitlements, and maybe I don't want to differentiate between entitlements for logical access or for physical access. And at the end, the big question is to have a central point of view and, and a feeling or knowledge who has access to the company in its resources.
And especially today in the physical access, this is the point I will come to the end of the presentation, especially in the physical access. It's really, you have to see lot of different control systems with own configuration. And there's an in the most cases, I think there is no central view on who has access to, to what building. So in this change landscape, now it's the question is who is in charge of managing this? Is it the physical access? Is it the IM system classical one?
And I think there's more and more, it's, it's really the management of identity and credentials is getting own, own big topic, you know, and, and there customers are asking for systems who really offering services to manage identities and, and, and all different credentials, the course technologies and, and are changing very much and structures are changing very much. I think this is also a question for, in terms of, of technologies where we, where we might need different systems or new architectures to manage that.
So, and, and because of these fast changing technologies, I think this systems or these architectures have to be quite, quite open and flexible for future, because that's what I very often hear when talking to customers. So, you know, the, I don't know what in the future is coming, so, but I still have to decide for some platform and then have to be opened. So that's part of the challenge is Mr. Kumer mentioned, and the beginning words already. So just a quick look, what nexus is offering a technology. And it's more, I think, a generic picture.
So what some, some information about when we talk about identities and what is needed to, to manage identities and credentials, what are the basic fundamentals of, of this, of this task? So, so when we talk about identities today, I think in the past, it was very much about people was employees. It was about visitors and on, but today it's also about devices. So you have to really to decide, is this corporate device, or is it the unknown device?
How to, how to deal with that still, you have to talk, you have to decide, you need identities for people like citizens, employees, guest, partners, and so on machine to machine is coming more popular. So you have to identify machines talking to each other software. So can I trust this software? Can I start this software? So software needs, identity transactions, very important, very critical. So transactions may need identities.
And also when we look at big data, which is really a big hype, so there is also a need for, for secure this, for identity, for of data, which is really coming so for well, actually. So I think in one word, everything, what communicates needs an identity. So this is, and as I said, it's getting more. It's not just people.
So, and to be trusted that the identity is trusted. I think you need a management for this identity and this platform, what we see there are different components you need for this identity management.
First, there is the, the access authentication management. Then there is a certificate and key management. So certificates are very often when we talk about security are the means to enable security through signatures, for transactions, for example, or for certificates for devices and, and so on. And there is a need for identity management platform. And as I mentioned, this platform has to be very flexible and generic. So in term of nexus, so it is at the bottom, you see different data points, storages. So this can be HR system. This can be directory.
This can be access control systems, different sources for identities. And, and then within the system, you need to define different objects based on, on, on this identities. Maybe you have different functions, standard functions you can use, for example, for shoe shooting certificates for managing keys, doing R ID in coding. So these are basic functionalities of our identity management platform. And then Mr also mentioned secure processes. So that's what our experience today, when we talk about implementing this systems. So the process is really most important.
So, and I think challenge is really what our experience also, the process is getting more, more difficult. We have bigger processes here, for example, issuing certificates to smart card on a mobile environment, you need maybe a secure channel channel from the server to, to the smart car, which is quite challenging.
So, so in this type of process, on the one side process are getting more complex. On the other side, there is a need for user experience. This has to be very simple, you know, using mobile phones and tablets you are today, you are used that everything has to be simple and quick. So this is challenge on the one side implementing complex pro processes on another side, have a quite simple user interface.
So for this platform, there's a BPMN workflow engine, which is really capable of, of implementing this processes and which is quite neat, course, everything is documented and understandable by different stakeholders. When you talk about processes and different, you have to talk to different yeah. Departments and so on. So that's platform and this platform, one goal of the platform is really then control access to the different environments. And this is the important point when we talk about congregants of this physical and digital or logical world.
So then you use one platform for both, you know, access digital for the digital access to applications, to networks on premise or cloud access, API access, you know, want to control APIs, talking to each other or data access. And on the other side, you use it to control access to physical access control systems. And maybe this is today still because there are a lot of proprietary control systems it's managing really entitlements for different systems. So we come back to this at the end of the presentation. So that's a management platform.
And so now let's, let's have a look on a, on a one identity customer case. So this is actually a large international enterprise with a quite complex organizational structure. And this company really, really in the early stage, decided to go for a common access card. So access cards, employee badges for physical and digital access. They also introduced in a very early stage trust center, but they really started with, with this splitted organization. So fiscal access and logical access different in the fiscal security department and it department. So which makes the organization quite complex.
And also of course it was a, a lot of different units within the company. It's was very difficult. So this organization was really facing now growing number of access card for fiscal and digital access worldwide. And it was growing also a large number growing number of electronic certificates talking about 700 a couple years ago. And now it's over 20,000 certificates for internal devices for service, for example, for web service and web services and so on.
So, and as I mentioned, there were different processes for all different units and they were managed by different systems from different vendors. So there was really a high potential to, to be more efficient and more secure. And there was a, a big need for change.
So, and this is a little chart which shows how the processes looks looked today when we started. So you see on the left side, you see different art units and there's a trust center involved. So the trust center has a process called pre personalization. So this is generating some keys on smart card and so on, but still you have blank cards. And these blank cards then has to be sent by a normal post to the different local card service centers in different countries, maybe also, and depending on the organizational unit, you have, they have different processes in this local card service center.
For example, the first organizational unit that did the call, personalization printing photos, branding, name of, of cardholders on, on had some activities around digital access and also some activities for configuration of the physical access, maybe giving standard access profiles. And so on some of the task written in the it department for the first organization, you, there was nothing to, to do in the physical security.
Second, our unit was different much more on the physical security side, not so much on the it side and so different. And at the end, it was not only three, our units, as we talking about 30 organization units. So the goal of, of this customer side was really to streamline all this processing at the end, come up with one process and if possible, also make minimize processes, make it much easier. For example, in, in terms of skipping the pre personalization because central management system is capable of do the pre personalization within the normal personalization process.
So this was the goal and the, the, the platform one big benefit of the platform is, you know, normally if you talk to customers and you have a lot of big challenges, so it's getting more and more towards this HR project implementations, you don't want to do to plan everything from at all from the beginning. So you want to start with small steps and then go on. So this platform enables our customers or enables us to implement kind of applications for some problems, for some tasks, and then have multiple applications running on this platform.
And then still it's, you have one it infrastructure, and then you can, as, as the company grows or your, the organization grows or the needs grow, you can just go on. So in, in this case, we defined four to five different projects. First was a common access card. This was the replacement of existing card management, or let's say co personalization system, which was a lot of different card personalization system was not just one. It was different places, different systems.
This was one project or other project was to have more sophisticated service certificate management, then a user certificate management and, and combining then this management of, of certificates and RFID cards, then problem parcel management popped up. This was also an application we implemented on, on this technology platform. And currently discussion is entitlement for fiscal access. That's about having one view on, on different access control systems from different vendors.
So in total, the, the situations like you see there's one platform, workflow is a very important part of spec of this platform. And then there was a plan for different applications, card management, parcel management, certificate management, and user certificate management. The system has connections to different external systems like the fiscal access wisdom management directory partner system, and Microsoft exchange. And based on this platform, the common access card, just a small idea, you see, there is some workflow which is special for this company.
Maybe there's some standards, but there has to be some, some received printing pin letter printings and so on what see the user interface for more power user. So there's a request the, for a new car, there's a person connected to this request you see here. And then finally call is produced or VD card, which can be used for X control. And the whole life cycle is managed to the system. Another application was password management problem, a lot people using Comax card with the pin to log in, but still a lot of application use passwords.
So after holidays, normally after holiday people come back, they forgot their password. So, but still remember the pin. So a small application was done to, to log in with pin and then the user in user server, Porwal see the different logins. And can we set his password by himself?
As I mentioned, complex, you see down on the right side, complex workflows, but easy to use, use interface for good user experience, service certificate, the same thing, you know, a lot of certificates are issued to service, but not really, if, if not mentioned in a properly way, this certificates expire and at the end, some service is not functioning and there's problem quite complex workflow, but it's also integrated into this technology platform. So the last thing is about the control.
As I said, normally, very often you see different control systems with different from different vendors and they are on the leading system and terms of defining access areas and so on. And what is currently done in, in, in this, in this field is that the central system is really collecting the definitions of this excess areas. And it's really providing this, this definitions to users to define different access profile, which is then kind of profiles for different systems.
So for, for example, having location Berlin, having in Stockholm and, and then just make a profile of covering all access areas and just a few slides, how to see also from the side, Mr. Kumer mentioned, normally this can be quite complex. Maybe for course, you're traveling a lot small offices, how do you manage X two different systems? So for example, this can be done through user self service. So the applicant, for example, in mobile phone, he has can select access request. Then you select, okay, I wanna go to Berlin first floor.
He selects the profile and this are data, which is define an exit control system and then sent to the central management system. Some ation time in this workflow, there is a local manager who has to approve this. If this is done, you, you just get a message approval for, for the person. You see the details and then is proving that. And normally, and then fiscal world, you have local managers responsible for the, for the building. So they have to have also the possibility to, to, to see us request improve in this the same dialogue, like the first approval go through.
And at the end send information is sent from the central system to the local control system. And the mentors and employees are informed about, about that. The access is provided, and if the person comes to Berlin, he can enter the door and very important. So offer the access rights are just allowed for this certain time. And then it's removed.
You know, this is what, what a lot of systems stay like, it's they just collected different access, right? It's never removed. So that's just what I want to show.
And, and I think to give you impression, I think secure process are very important in for different environment. We are going to, to face different identities, a lot of different credentials. This has to be managed. And I think this type of platform can be used as a central point for this, for this cowork. In this case for this customer, as with mentioned cost and time saving was very much course simplified administrations. You have documented process to BPMN processes, higher scalability, efficiency, and standardized optimized processes. And it's quite open for future expansion.
Well, thank you very much now, open for questions. Okay. Thank you you for giving the insight. So this was quite interesting given that there's, we were facing a pretty complex world, was a lot of challenging areas. And right now it's time for the attendees to enter their questions so that we can't pick the questions.
As I said, there's the area questions. And we go to webinar control panel, where can answer the questions. The question I want to, to start was when we look at this access cards, there, there various types on one hand of form factors on the other hand, various types of, of technologies. So smart card chips, you feel communication, et cetera.
So which, which technologies do you currently see most in use and weight? Do you see the trends going? So what are sort of the, the, the technologies you, you see more and more so, more multi, so multiple technologies integrated on one in one current, or what is the trend you have observe here? Hmm.
Yeah, I think we, we coming from a quite complex world and, and going there was, there is quite big standardization in terms, I think still we have the RF I D side, which if you have, we talk about fiscal control from the technology, we talk about RF, I D because you want to have a quick access, you know, and, and without readers, you want one don't want to put the card in your reader.
So, so coming from a lot of different technologies today, I think very much, what I see is, is my far is getting more and more standard because there have been some hacks about Myfare and electric was heck, you know, some technology. So, and there have been some changes.
So ES far is really quite a lot of technologies ES far, and maybe wan Germany and, and, and Switzerland then on, on the, for the digital access still, I think it's PKIs or smart cards or, or a mean, but I think there are changes in, in terms of devices that it's getting harder, that you define laptops with smart card readers and so on. So for that, I think it's, there's a change coming and NFC, you also mentioned NFC, I think this is coming and, and this is comparable for also for desk fire or applications.
So, but smart cards and, and, and, and RFID both together on, on, on, on one card, still most companies, I know large companies, most use credentials are, are smart cards, multifunctional cards with R ID and then smart card combination. And I think for mobile devices is still, you know, different device types and so on. It's still not in, in the mess, but this, I think this change will come Okay. There there's one question from the hand, what is your stance on Fido Alliance?
UTF, will this be the ultimate authentication means in, in the future? Not sure as we had have looked deeper into that, Sorry, I didn't get the, The fiber Alliance, UTF sort new things where, where it's about sort of, of decoupling the, the, the particular biometrics, but not only biometrics effect, different types of authentication technologies and the, the backend application.
So do you, do you see this in your market segment already? Currently? Not really. No. No. Okay. I think it, it's an interesting question. I think it'll be interesting to have serve as just this really has, has the big impact a where it has the big impact.
We, we currently see very, very mixed perceptions of that. So there's, there's clearly, there's a, there's a potential for that. And I think it's very important to have a, to, to observe what happens there.
But I, I wouldn't put, let's say I wouldn't go all in, on Friday UTF at that point of time. If you ask me, then there was another question, which is, where do you see federated? I think this was Martin me during my part of the presentation where you see federated at NMS in the future, simply that I think there are two levels. One is how do we authenticate? And then how do we integrate with other systems? And that's where Federation clearly plays a very important role based on various types of standards, more from the authentication, from the authorization side.
So clearly Sam stuff do, or two stuff. Cetera, I think this is a standard element, but it's a little bit beyond that topics or the topics we had today, from my perspective. So that's what I would would like to say on the Federation part.
So, so we, we are, we see it as a very standard element probably, but the authentication part, physical logic and conversions is sort of before the Federation part, then finally happens. Yeah. Right. I think we, we took quite a lot of Federation and, and I see growing request from, from, from, from, from our customers about that.
So, but from, from nexus, I think it's, I, I experience more, more in this terms, in the Nordic, it's quite common, you know, talk about Federation and then here, especially if you look in the, the enterprise environment, it's not oil. If you look at physical and digital convergence, it's not that hot topic still. Yeah. I think in, we see a number of very big use case involving a lot of companies, citizens, etcetera, probably going beyond what we, we, we see more in central European area. Okay. Are there any other questions from the attendees?
If not, then it's time to say thank you for listening to description, call webinar, listening to the presentations. I hope you again, some, some interesting insight. I personally think that we definitely should keep an eye on the physical logical conversions because it makes a lot of sense as part of our identity and access management strategies.
Thank you, you and KU for presenting and have a nice event. Bye.