Time to upgrade your access?

March 2017 Editor's Choice, Access Control & Identity Management

When is it ever a good time to upgrade your access control solution? Many organisations follow the policy of ‘if it isn’t broken, don’t fix it’, but this can be a risky situation in a world where technology and threats are changing so rapidly. The use of older, legacy access control systems exposes an organisation, a building, a server room, a computer to the possibility of unauthorised access and the consequences of this. But why should users upgrade?

Data privacy

One of the biggest drivers for updating legacy access control systems is the need for enhanced levels of data privacy. This could come about through the on-boarding of a client that requires high levels of security, new legislation being brought in for specific industries, or even new building tenants. The driver remains the same: data or the building itself is in some way exposed to or at risk and needs added protection. Yesterday’s technology is no longer sufficient for today’s access control and identity management challenges.

In The Access Control Report 2016: Legacy Infrastructure and Motivations for Upgrading, 44% of respondents stated they were planning on upgrading their access control ­solution. This is a strong indicator that end-users are acknowledging that the risk to organisations is evolving, and the need to protect their physical assets and consequently data assets is important. It would take a security breach that exposed a flaw in the current system for 92% of respondents to consider changing their current access control system, but not beforehand.

On any site at any one time, in addition to regular employees, there are also individuals and groups that have access to various parts of a site for short periods of time. These could be visitors, maintenance teams or contractors. In the report, 75% of respondents have third-party members on site on a regular basis. Integrated visitor management solutions in modern access control systems significantly improve the distribution and use of temporary credentials but also safeguard various parts of the site to unwarranted access. Access control solutions, such as mobile access, make it easier for facilities and securities managers to track who is accessing what parts of the site to ensure nobody is in an area they shouldn’t be.

User convenience

The continual development in consumer technology has spilled over into the business world with devices now being used for work and in our personal lives. Bring Your Own Device, mobiles and wearables are all common features of today’s office environment. Organisations can utilise this growing level of secure technologies that employees are carrying around with them on a daily basis. Instead of having several key cards or fobs that have a high chance of being left behind, users can now utilise smartphones or smart devices, their closest pieces of technology for secure access control as well. Mobile access control is increasingly coming into the market and the benefits this brings are numerous.

Understanding the requirements from building occupants is an important step before undertaking an access control update. The report noted that 48% of respondents would like an easy-to-use access control system, with 32% requesting multiple levels of access depending on authority required. This added security element is clearly an important function, and one that can be easily designated with more modern technologies.

Having mobile credentials that allows for multiple access levels, for instance, saves the users from having multiple access control devices that could lead to confusion or ­possibly misplacement. The survey also noted that 29% of respondents would like future-proof technology. This can easily be provided through mobile access solutions which grant users modern techniques for access control, but also a single credential for multiple access devices. Utilising smartphones are a very straightforward solution that solves three of the top concerns of employees looking for updated access control.

One of the largest stumbling blocks to updating an enterprise’s access control system is the perceived disruption that the upgrade will cause. 69% of respondents in the report believe that upgrading to a new access control system would be disruptive to their daily business, while 55% cite cost as the biggest misgiving about upgrading.

Despite the perceived disruption, many sites can be retrofitted using existing access control hardware behind the scenes, with minimal replacements needed to upgrade technologies. Not having to start from scratch also helps to significantly lower the costs, making it a more cost-efficient venture with minimal disruption.

Flexibility

A new access control solution must be flexible so users don’t just see it as an ‘expensive way of opening doors’. Open Supervised Device Protocol (OSDP) for secure communication between field devices in a physical access control system, has gained increased importance allowing for standardisation, more flexibility and freedom of choice for security managers.

Flexibility also supports multiple applications for managing not only physical access but also logical access applications, like computers and software logins. Additional access control systems, such as secure print management, require an associated card issued to users. This represents a prime opportunity for organisations to consolidate to a single access control device, such as a contactless wearable or smartphone that combines access control with other functions.

By exploiting modern technology, such as mobile devices and wearables, users are afforded the opportunity to simplify their access control devices: one device, with one credential providing access to multiple areas and requirements. It was found that nearly a quarter of respondents wanted to manage multiple credentials across a single device. With mobile access solutions, multiple credentials are rolled into one and stored on one device. The facilities or security manager is capable of controlling access and distributing credentials to those with the right security clearance. Technology such as the latest high frequency access control systems ensure security is independent of hardware and media. This makes it easier for an organisation to support functionality and higher levels of data privacy.

Conclusion

Although, there are clearly several barriers to the adoption of more sophisticated access control systems, organisations are placing increasing importance to safeguard their physical assets as it supports in providing protection to their IT infrastructure as well. This is mainly due to the belief that current systems in place are adequate enough until they are proven to have failed and the fact that a replacement system is perceived to be an unnecessary expense.

Despite the technological advancements, users are still content with cards and fobs, regardless of the lack of sophisticated security and encryption contained in these when compared with mobile access control solutions. The change to a more sophisticated system is likely to come from employees themselves, rather than decision makers.

Existing access control solutions are also easy to upgrade which provide minimal disruption and cost-efficient site retrofits. Facilities and security managers need to question whether it is more expensive to replace an outdated system, or recover from a site or data breach.

For more information contact HID Global, +27 (0)83 321 2922, clangley@hidglobal.com, www.hidglobal.com



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

The future of access control is mobile
HID Global Mining (Industry)
The growing popularity of trusted ecosystems of cloud-connected access control devices, applications and trusted mobile identities has made mobile access easier to adopt than ever.

Read more...
Enhance control rooms with surveillance and intelligence
Leaderware Editor's Choice Surveillance Mining (Industry)
Dr Craig Donald advocates the use of intelligence and smart surveillance to assist control rooms in dealing with the challenges of the size and dispersed nature common in all mining environments.

Read more...
A long career in mining security
Technews Publishing Editor's Choice Mining (Industry) Risk Management & Resilience
Nash Lutchman recently retired from a security and law enforcement career, initially as a police officer, and for the past 16 years as a leader of risk and security operations in the mining industry.

Read more...
A constant armed struggle
Technews Publishing XtraVision Editor's Choice Integrated Solutions Mining (Industry) IoT & Automation
SMART Security Solutions asked a few people involved in servicing mines to join us for a virtual round table and give us their insights into mine security today. A podcast of the discussion will be released shortly-stay tuned.

Read more...
Risk management: There's an app for that
Editor's Choice News & Events Risk Management & Resilience
Zulu Consulting has streamlined the corporate risk management process with the launch of Risk-IO, a web-based app designed to consolidate and guide risk managers through the process, monitoring progress as one proceeds.

Read more...
Integrated information platform for risk management
Editor's Choice News & Events Risk Management & Resilience
Online Intelligence recently launched version 7 of its CiiMS risk and security platform. Speaking to SMART Security Solutions after the launch event, the company’s Arnold van den Bout described the enhancements in version 7.

Read more...
Unlocking Africa's AI potential
Editor's Choice News & Events AI & Data Analytics
Africa's AI market is set to grow exponentially; by investing in AI education, training, and ethical practices, African nations can harness the power of AI to transform the continent and create a brighter future for its people.

Read more...
The CIPC hack has potentially serious consequences
Editor's Choice Information Security
A cyber breach at the South African Companies and Intellectual Property Commission (CIPC) has put millions of companies at risk. The organisation holds a vast database of registration details, including sensitive data like ID numbers, addresses, and contact information.

Read more...
Global Identity Fraud Report revealing eight-month ‘mega-attack’
Editor's Choice Risk Management & Resilience
AU10TIX recently released its Q4 Global Identity Fraud Report, with the research identifying two never-before-seen attack patterns, with the worst case involving 22 000+ AI-generated variations of a single U.S. passport.

Read more...
Entries to southern Africa OSPA Awards now open
Technews Publishing Securex South Africa Editor's Choice News & Events
The southern Africa OSPAs are part of a global awards scheme that recognises and rewards teams, individuals and organisations for their commitment and outstanding performance within the security sector.

Read more...