The role of time and attendance in access control

Find access control & identity management products (SSBD)

Access & Identity Management Handbook 2004 Access Control & Identity Management

Vivian Taback

Time and attendance is an expensive afterthought to an access control system and vice versa. By pre-planning, one can use their synergies, save money and avoid ending up with incompatible systems that duplicate functionality.

Time and attendance (T&A) was once a clocking machine plus a pay clerk. Workers would stamp their cards on arrival and departure, under the watchful eye of a supervisor. The cards were laboriously checked and tallied and the totals were multiplied by pay rates and so the worker received his wages. The modern version is an electronic data capture device to which the worker identifies himself, combined with a computer program.

An access control system (ACS) is an ideal data capture device for T&A, provided that it is specified with that purpose in mind. It can also be a tool to ensure that genuine data is recorded, if the correct technology and design is chosen. These objectives are achieved by understanding the unique requirements of T&A.

Critical requirements for time and attendance

1. Genuine data:

Cheating the T&A system is a widespread problem. The best-known ruse is 'buddy clocking' where a worker logs for himself and for other workers. This can be to cover-up for late arrivals or even to obtain pay for someone who is not working at all. Solutions to consider are biometric identification or even just having proper supervision.

2. Data reliability:

Access control is primarily aimed at 'pro-active' control of movement, and data logs are occasionally needed for incident investigations. T&A on the other hand is a recording of essential data to be used for the payment of wages. This means that a different attitude is needed to the data captured. The following factors must be considered:

a. Accuracy

Data errors cannot be tolerated. The primary concern will be the setting of the time on the system, where a few minutes slow/fast will impact the wages paid. Data cannot be discarded and so systems cannot be 'rebooted' to quickly solve a problem.

b. Recovery

Ideally a system should be able to read data from its readers or controllers a second time, should a failure occur on the computer.

c. Backup

It is a critical requirement to ensure that regular backups are made in a systematic way, so that at least a partial recovery can be made after a computer or system failure.

d. Fallback planning

It can (and inevitably will) happen that a fault or failure will occur, and most likely on payday! A method of processing a standard payroll run should be in place, so that at least a partially correct payout can be made. There will then be time to recover data and thereafter adjustments can be made. A procedure for collecting manual records from supervisors should be planned in advance.

e. 24/7

In T&A reliability becomes paramount compared to access control, where it is usually possible to bypass a non-functional system using security guards etc. For T&A there is a need for stable equipment, backup power supplies and possibly redundant clocking points so that one can take over if another fails.

3. Flexibility:

T&A systems function through applying a set of rules to the data received, to produce a calculated amount of time worked. These rules need to be parameterised and to cater for all likely variations to be found in that work environment.

4. Ease of use:

T&A is a heavily used process in a HR office. Systems with deep menu structures and complex procedures will be inefficient and need additional staff skills. A user friendly system will do the job in much less time.

5. Payroll links:

In any but the smallest installations, wages/salaries are processed on a payroll program. Each organisation finds such a program that suits their needs, and would not like to change to suit the 'clocking system'. It is therefore necessary to ensure that the payroll program in use can import from the T&A system chosen. It is also wise to select one that supports most payrolls on the market, in case a change is needed one day.

6. Speed:

Although this is also a factor in access control, it often has a bigger impact with a T&A system. Long queues delay work startup and especially at knock-off time they cause anger and labour unrest.

Closing loopholes

Supervision is a strong deterrent to cheating, but it is relatively expensive, it can be bribed or threatened and it may just be ineffective.

As mentioned, biometric readers are very effective, with fingerprint and hand geometry being the only types in widespread use. They can cause a bottleneck as they are slower than the token-based systems, especially those which require PIN entry before reading, or take more than one to two seconds to identify.

Dedicated T&A readers at the workplace can be used to ensure workers appear at their work areas before they can log in. These can be biometric units while the less expensive token-based readers can be used at the access points.

Implementing 'anti-passback' is a way of preventing workers from clocking in but not entering the premises. There are also intelligent turnstiles available that ensure that a person who has clocked is forced to pass through.

Integration

T&A is a specialised field, so most access control companies utilise third party T&A software. This means that the two products need to pass data to each other. The standard method is that the ACS generates a text file and the T&A system does an import. This may involve a few manual tasks, but can also be automated and occur in the background. One downside is that employee changes must be made on both systems.

A better approach is where the T&A system makes direct access to the database of the ACS. This process is almost invisible to the user and can also handle employee updates without much user intervention.

At the top end of the market are systems manufactured primarily as T&A systems but have integrated access control. The advantage of the marginal convenience factor does not usually justify the large cost differential.

The second integration area is from the T&A program into the payroll program. Most payroll companies discourage direct access into their database, due to security issues, so the standard method of transferring data is via an intermediate file, which the payroll program imports.

Costs

T&A systems are generally priced according to number of employees using the system. Most systems are sold outright with an ongoing licence/support charge collected annually. The alternative is the subscription based software where the upfront charges are low but an annual fee is charged to use the software and to be given support and upgrades. The time critical nature of all pay related systems makes it a necessity to have an ongoing support arrangement.

Management tools

In a small installation a single operator is likely to do all the administration and the processing. Bigger operations need to give control over to supervisors or managers. A low cost solution is to distribute and collect paper based reports. The better alternative is to use a system which either has multi-user functionality, or still better by Web browser access. This gives each supervisor the ability to check his department's data and to do certain adjustments and/or exception overrides.

Other common requirements are for shift changes to be done by managers, and also leave and absenteeism to be controlled.

New releases

With advances in technology, many new functions are being added to T&A systems, to name a few:

Employee self service.

Employees can check their records and their leave status via a self-service station or using a Web browser via the company WAN or even over the Internet. Leave applications and company communications can also be incorporated.

Cellphone Log-in

Trusted workers can use their cellphones to register start and end of work, which is especially useful for off-site jobs.

Internet-based

Data can be consolidated from branches around the world at the company head office, and be accessible to managers worldwide, again over the Internet.

Conclusion

The processes of access control, time and attendance and payroll work extremely well together. Purchasing any one of them must take into account the other two, so that the advantages of integration result.

Vivian Taback has a BSc (Eng) Elec, and is a manager of Clockwatch Distribution.