printer friendly version

Physical and logical access control convergence that goes beyond finding a happy medium

There is a growing interest in the convergence of physical and logical access control as more companies and organisations realise the importance of securing not only physical access to computers, but also the data-sensitive information contained within. The convergence market is expected to grow at a phenomenal rate over the next five years as enterprise risk management points more companies to greater security efficiencies and effectiveness.

As logical and physical access control systems begin to converge, the ability to identify individuals within an organisation has become critically important. The requirements for a holistic security solution and the adoption of new access control technologies are driving dramatic and necessary changes to integrate both security measures.

The most secure means of ensuring successful convergence of physical and logical access control is through integrated biometric applications. Through fingerprint-based biometric technology, the problems of both unauthorised physical and logical access can be negated through a single technology. As southern Africa's sole distributor of fingerprint technology company Sagem, Ideco provides Sagem Xelios' logical access control solutions to secure access to companies' PCs and networks. These logical access control solutions lend themselves to a wide range of applications including single-sign-on (SSO) for corporate networks, authentication for Internet banking, encryption and decryption of files and folders and other password replacement applications.

Of key importance to companies is the interchange of data between logical and physical access systems. For example, by using fingerprints to control access to the physical workplace as well as for PC login, all requests for access are monitored across the physical and logical platforms by one central system. The central system can therefore detect if a computer is still logged in after a person has exited the workplace and the system can then automatically log the computer off to prevent unauthorised use.

And it is not only system integrity that is secured through integrated fingerprint solutions, companies are expecting bottom line savings in return for a fully integrated biometric access control system. According to Gary Jones, manager of Ideco Biometric Security Solutions, "Companies can expect major cost savings by converging IT and physical security into one biometric solution. By integrating all company-related security solutions onto one fingerprint system, companies will improve efficiency, save money and improve all-round security at the same time."

By consolidating all company processes, ease of use is also guaranteed. For example, physical access control is secured through Sagem's MorphoAccess range of readers, which operate in identification mode to grant the right people entrance onto the premises. No keys, cards, remotes or PINs are required, only a person's fingerprint is presented and identification occurs in 1,8 seconds or less. The systems are also linked to time and attendance packages, which are further linked to payroll systems, making wage payment easier and more reliable. "Issues of buddy-clocking are completely negated. Since cards are no longer used, colleagues can no longer clock in for one another. The person has to be present in order to register time of arrival," says Jones.

The integration of physical and logical access control systems not only strengthens overall security, fingerprint solutions also provide password reset savings, provision of full audit trails of entries and changes to company networks, as well as provide the basis for an overall risk management system.

However, despite the growing popularity of this 'convergence', modern enterprises continue to underestimate the risks involved in haphazardly integrating physical and logical security. The problem with reaching true convergence remains the acknowledgement of firms that integration is required, and then making a real effort to implement it. The lack of overlapping knowledge of physical and logical control in the IT profession remains limited. Historically, due to their different responsibilities in the organisation, logical and physical access control functions have been separate domains managed by different departments.

"What many companies fail to realise is that if unauthorised physical access to a facility is achieved, and the PC itself is not secured through logical access control, then the entire system is compromised as the person now has easy access to the data. Physical and logical access control needs to be seen in its entirety, and not as two opposing solutions that one needs to choose between," Jones concludes.

Share this article:

Further reading: