Controlling access in the cloud
November 2018, Access Control & Identity Management, Integrated Solutions
Cloud-based services have become an integral part of our digital lives, allowing us to access our important information from any smart device, anywhere in the world. The convenience afforded extends to organisations too, and they further stand to gain from operational and cost benefits. In the access control arena, hosted or managed services have been around for a few years, and the adoption of cloud-based access control only continues to grow as companies become more and more open to the idea of relying on it to perform such a vital function within their business. We spoke to representatives at Excellerate Services and SALTO Systems to find out more about the benefits cloud-based access control can offer.
Depending on the end user’s requirements, Internet connectivity can be an obstacle since the overall solution relies heavily on connection outside of the local network, says Glenn Allen, director of Excellerate Services’ technical division. “The current climate for information communications systems in South Africa are often unreliable/temperamental (unless cost for deployment is not a factor). Multiple connection channels, such as wireless, GSM, fibre or satellite would need to be made available to each of the end points for redundancy. Obviously, this depends on the end user’s requirements as some end users would accept a period of potential downtime,” he says.
Owing to this potential issue, some clients will choose to implement a solution that can continue to run locally if the external connection is lost. “Depending on the solution the client wants to implement, technicians will ensure that the system can function to a certain degree on the local server should communication be lost to cloud-based servers, and once the communication is back up and running, will push database updates to update the cloud-based backup,” Allen continues.
“Cloud-based solutions provide the benefit of economies of scale, where hosting is in the form of a rental from a third-party supplier’s server, meaning that local infrastructure costs are diminished. An example can be drawn from remote areas where there is no wireless connectivity and no fibre infrastructure, where this situation would require a locally hosted solution,” he explains.
Wouter du Toit.
According to SALTO Systems’ Wouter du Toit, in terms of uptime the company’s cloud-based access control solution, SALTO KS (Keys as a Service) has close to 100% reliability. “Even if your Internet connection and therefore your link to the cloud services platform fails, the system is still self-contained locally, so there’s no risk – the cloud is just there to ensure you’ve got live communication to those doors, and that you can manage them online,” he says.
The SALTO KS solution was a world-first when it was launched some four and a half years ago, and was initially regarded with some trepidation in the marketplace. In the time since its introduction, other companies have got in on the act and are offering similar solutions, and du Toit says the technology has matured to the point where it is now very well accepted.
“Not just internationally, but in South Africa, we have a lot of cloud-based sites deployed, ranging from the more ‘standard’ access control requirements to the more demanding hospitality environment,” says du Toit. “So there is no concern for us as a manufacturer to push this to even large companies, and we have already done that.
“For organisations that have to control access across multiple sites, the fact that SALTO KS is cloud-based makes it easy to manage people’s credentials regardless of their location, through their mobile phone, one-time PIN or other mechanism. This is highly cost-effective since the only hardware that needs to be installed at the site is one of our IQ units.”
Wireless technology has been a key enabler for the proliferation of cloud-based systems, and SALTO’s solution takes advantage of wireless for local networking as well as communication with the cloud. The local networking is enabled by a device called the IQ as referred to by du Toit above, which can be plugged into a physical network point via an Ethernet cable, or communicate wirelessly, or a combination of both.
The IQ also uses proprietary radio frequency (RF) or Bluetooth signals to speak to the locks, and to a controller that can drive an output, if one is required. The IQ essentially acts like an access point, establishing a communication path for up to 16 devices in a radius of 10 to 15 metres. The overall solution therefore eliminates the need to run cables to every door, and is expandable to any number of doors at a site.
On the cloud side, the IQ can have a physical network connection to the outside world, or it can additionally be fitted with a SALTO SIM card for 4G cellular connectivity as a failover or as the primary communication medium. The combined flexibility provided by these wireless capabilities allows end users to better control their IT infrastructure costs.
To address the ever-present issue of cybersecurity, du Toit explains that SALTO takes great care to ensure its clients’ data is secure. “The data we transmit to the cloud is encrypted, and we comply with ISO standards to ensure our clients’ information is not vulnerable or shared with third parties. The only people that can access that information are those who the client explicitly allows to access it – even our technical resources department cannot access privileged information without the client’s permission,” he says.
Allen further recommends that the implementation of VLAN and firewall technology ensures that all traffic is monitored, securing the entire network. “Using a VLAN as well as firewalls would ensure that the data gets to where it is intended, however you’d also have to deploy some sort of encryption of the traffic between the client and the server to make sure that even if the data is eavesdropped it is unusable, which we cater for using SSL and the ability to deploy signed certificates to the web server.”
For more information contact:
Excellerate Services, +27 31 573 7600, firstname.lastname@example.org, www.excellerate.co.za
SALTO Systems Africa, +27 87 701 5858, email@example.com, www.saltosystems.co.za