A smarter way to manage access

Access & Identity Management Handbook 2020 Access Control & Identity Management

ClearID is Genetec’s unified physical identity and access management solution designed for better control of organisational access control policies.

The seamless movement of people through an organisation is integral to its success. How you assign and manage access rights helps to protect that flow. But over time, compliance needs, new processes, and external regulations can slow things down – introducing gaps in security and interrupting that all-important momentum.

Often, it’s little things like lost cards and access requests that take up an operator’s valuable time. And because typical access control systems are static and unlinked to company policies, the operator has no clear administrative path to follow.

Genetec ClearID offers a more intelligent solution. It’s a self-service physical identity and access management system that enforces your security policies, helping to make your organisation more efficient, compliant, and secure. It can be deployed faster and with greater ease than other integrated systems because it’s unified with Genetec’s access control security software, Security Center Synergis. And because ClearID is a cloud-based service, it works natively with Synergis – which means no endless customisations and clunky component integrations.

From corporate offices and university campuses to highly regulated multinationals in the oil, gas, mining, and petrochemical industries, ClearID delivers a smooth transition away from the day-to-day complexities of managing individual access rights.

Guided by your policies, ClearID’s automated and self-service capabilities enable a more fluid, efficient working environment for everyone.

Identities explained

ClearID centrally manages the access rights of all the individuals who interact with your organisation.

Identity: An identity is an employee’s, contractor’s, or visitor’s unique digital profile. It can be permanent for employees, semi-permanent for contractors, or temporary for visitors.

Identities interact across many security and business systems and might comprise:

An employee in the payroll and human resources management system.

A Windows user in Microsoft Active Directory.

A sales manager in the customer relationship management and quoting tool.

A cardholder in the physical access control system.

Identity lifecycle: From admitting visitors to on-boarding and off-boarding employees and contractors, a modern physical identity and access management solution (PIAM) centrally manages an organisation’s policies, processes, and identities. Once policies are defined, ClearID will oversee the lifecycle of an identity across four typical stages:

1. Identity creation.

2. Access provisioning.

3. Identity evolution.

4. Access termination.

Attributes: An identity is composed of a set of characteristics called attributes. These attributes are used to define an identity’s access rights. As someone’s attributes evolve, so do their access rights. Examples are:

Department.

Location.

Role.

Name of supervisor.

Title of employee.

Seniority.

Training.

How ClearID works

ClearID empowers organisations to standardise and enforce their security and compliance policies. By automating and simplifying access rights management, the security and operational risks are mitigated. It’s a streamlined workflow that covers three steps:

Step 1: Initial request

An employee connects to ClearID and requests access to a secure area for a specific duration.

Step 2: Verification and supervisor approval

When an access request is made, ClearID verifies the policies for the location and auto-approves or seeks approval from authorised supervisors.

Step 3: Access rights modification

If approved, the access control system is updated, granting the right access for the time period requested. If declined, access is denied, and the applicant receives an email explaining why.

Smoothing out cardholder experience

Every day, your employees, contractors, and visitors rely on the physical access control system to navigate across your facility, from common areas to more secure locations. So why limit the ability to modify access rights to security operators or IT staff? In most cases, when someone needs to request a change, they have to visit the badge office or receptionist, further delaying the process.

As a self-service physical identity and access management solution, ClearID gives everyone a new, workflow-based approach to request new access privileges or change existing ones. Requests can be made directly with area owners without involving access control system operators.

By giving employees and contractors control over their access requests, ClearID improves the cardholder’s experience, reduces frustrating delays, and keeps your organisation moving.

Heightening security, lowering risk

Off-boarding is a crucial moment in the employee exit process. After all, when an employee is off-boarded, they should no longer have access to your facilities and especially secure areas. But sometimes an operator might not know the right policies to follow to terminate access or might not be aware of all the workarounds and exceptions programmed into an access control system.


Small improvisations are generally made by individual operators and are not always centrally controlled. Over time, these policy workarounds accumulate, creating security gaps.

With ClearID, you define your standard security and compliance policies and it takes care of the rest. Its workflow engine relies on organisational policies to continuously update individual access rights based on current identity attributes. The slightest change to an attribute modifies existing access rights, eliminating the need for manual exceptions or ad hoc modifications.

So, when your HR team deactivates an employee’s identity, their access is revoked in all systems, ensuring proper off-boarding.

Enhancing methodical oversight

In their day-to-day job, operators sometimes make exceptions to their organisation’s corporate policies. For example, an operator might receive a call from an employee’s supervisor and grant access on an exceptional basis. In a traditional system, the change is implemented but, more often than not, the approval and the reason for it are never captured.

ClearID tracks and reports every operation or action tied to an identity throughout their lifecycle. From temporary or permanent access requests and approvals, it paints the full picture by providing the context behind exceptions and one-time requests. This helps organisations perform routine access reviews and audits to validate that all employees and contractors only have access to authorised areas.

Making your organisational security fully traceable allows you to safeguard compliance with regulations and corporate governance.

Improving operational efficiency

Traditional access control systems rely on operators to issue credentials and authorise access. But how can a small number of personnel be expected to know the access rights of every employee or contractor?

When proof of training is required for specific areas, operators will typically need to contact an area owner or supervisor for confirmation or sift through their emails to find the approval. This manual approach is invariably delayed when supervisors are in a meeting or on vacation. As an organisation grows, this method necessitates more operators to deal with greater numbers of cardholders and areas.

Organisations often address the problem of an overloaded or overworked team by hiring more personnel, but this only masks the underlying inefficiency of a manual system. By automating access rights management and reducing bottlenecks, ClearID ensures that employees and contractors have met all corporate requirements before providing access to an area. That means the management of day-to-day access requests, compliance, and policy updates is significantly improved. Operators become more efficient and direct their focus to high-risk, mission-critical work.

Improve your visitors’ experience

In a busy corporate office, admitting visitors can be a labour-intensive task for front-desk staff. Activities range from reading incoming email requests and adding visitors to the daily visitor list to manually checking-in visitors and calling their hosts. Time-consuming and inefficient, this approach leads to longer visitor wait times that may leave your guests with less-than-stellar first impressions.

With ClearID, visitor management becomes a smoother experience for everyone. As soon as a meeting is arranged, the process begins. First, the local employee (or host) logs into ClearID over a Web portal and creates a profile for their visitor, providing their name and contact details, as well as the purpose, date, time, and duration of the visit. The meeting request needs to be approved by the host’s manager or ClearID can automatically approve the meeting providing the right criteria are met. The visitor then receives an email invitation from ClearID on behalf of the host’s organisation.

Meanwhile, approval for the visit is automatically granted by ClearID as the host has been permitted by a system administrator to invite a guest without supervisor approval. The visitor and host both receive confirmation emails for the upcoming appointment. On the day of the meeting, the visitor arrives at the front lobby and scans their email QR code or ID at a kiosk.

After sign-in, a visitor sticky badge is printed at the kiosk or an active credential is given by the receptionist – and the host is notified of their arrival. The host now greets their visitor and escorts them to the conference room, where they get to work on time and without complications.

Simplify contractor verification to increase work time

In an oil and gas company, or a manufacturing plant, the presence of specialised machinery and equipment means that safety is paramount, and compliance is top of mind – in particular, ensuring only trained or certified contractors have access to restricted areas. As well as undergoing a background check, it is essential that all contractors are subject to drug and alcohol testing and rigorous health and safety training.

When done manually, this screening can take an inordinate amount of time. And if there are any mistakes or omissions, these can generally only be remedied the day the contractor starts – cutting into valuable work time and hindering project progress.

ClearID will automatically create the contractor’s identity and provision their access in Synergis when the appropriate criteria (drug test, safety training) are met. So, all security has to do is search for the contractor’s profile and assign a credential. Time is not wasted, contractors are not left waiting on the day they come into work, and the project maintains momentum.


Preparing for an audit

In an industry where organisations need to comply with strict access requirements, regular audits are essential. For example, a supervisor is informed of an upcoming audit and reaches out to the security director so they can get a report on who has access to restricted areas. But the security director is on vacation, which means running the report becomes convoluted and time-consuming. Once it’s finally handed over, the supervisor notices how many unauthorised people have had access to these restricted areas. They include former contractors and employees who have left the organisation.

If the regulating body were to find out, the organisation would be handed a hefty fine for breaching regulations. Now, the supervisor will have to review every person on the report and identify who should continue to have access. Once finalised, they’ll need to send a report of people who need to be removed so that the security director can update the access control system. This manual process is painfully slow, resource dependent, and open to human error because someone on the list could easily be missed.

With ClearID, the supervisor can log into the portal to quickly see who has access to rooms and areas and revoke the people who shouldn’t be there. They can simply pick the location they want to verify and then instantly revoke a person’s access to that room –with the option to provide a reason. What used to be a costly manual process can now be done in minutes – putting control back in the hands of the supervisor and potentially saving the organisation thousands in fines.

Security that keeps you moving

ClearID allows you to standardise and automate your security policies, reducing inconsistencies and eliminating security gaps. In the process, it helps you achieve and maintain compliance with organisational or industry regulations across all your sites.

Operationally, you achieve new levels of efficiency by centrally managing identities and by empowering employees through a self-service model for access control. ClearID keeps your organisation moving steadily along with confidence.

For more information contact Brent Cary, Genetec, bcary@genetec.com, www.genetec.com

Article supplied by Genetec. The original article can be found at https://resources.genetec.com/en-home-page/clearid


Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Suprema ranks first in survey
Issue 2 2021, Suprema, neaMetrics , News, Access Control & Identity Management
In a recent survey conducted in Korea, Suprema was chosen as the top brand for access control management software and mobile access solutions.

Read more...
Suprema integrated with Nedap
Issue 2 2021, Suprema , Access Control & Identity Management, News
Suprema recently announced that it has integrated its latest facial recognition devices into Nedap's access control system, AEOS, to enable organisations to manage their access control by making use of Suprema’s latest facial recognition technology.

Read more...
Single bollard stops and destroys simulated bomb truck
Issue 2 2021 , Access Control & Identity Management
Delta Scientific announced the successful testing of its Model DSC635, a single shallow foundation bollard design that stops and destroys a 6804 kg test truck with less than 0.6 m of static penetration and 1.87 m of dynamic penetration.

Read more...
Size of OSDP-verified list is underappreciated
Issue 2 2021 , Access Control & Identity Management
Farpointe Data announced that, at first glance, it appears that there are just 25 devices from seven different vendors listed as OSDP Verified. Although that doesn't seem like a lot, it really is.

Read more...
Mail.Ru selects HID Global
Issue 2 2021, HID Global , Access Control & Identity Management
HID Global announced that Mail.Ru has chosen its HID Mobile Access solution for secure and convenient access control using smartphones and other mobile devices.

Read more...
Choosing the right integrated security solution
Issue 2 2021, ZKTeco , Access Control & Identity Management
A need for comprehensive and well-constructed security strategies for financial institutions is more profound now than it has ever been in the past.

Read more...
Harnessing smart expandability
Issue 2 2021, Centurion Systems , Access Control & Identity Management
Centurion Systems designed the D5 SMART gate motor to be a product that is as powerful as a standalone solution as it is as part of a larger security ecosystem.

Read more...
Paxton hires top talent in South Africa
Issue 1 2021, Paxton , News, Access Control & Identity Management
The international access control and video surveillance manufacturer, Paxton, announced it will continue to invest in new talent to accelerate expansion into the South African market.

Read more...
Gallagher achieves UK cybersecurity standard
Issue 1 2021, Gallagher , Access Control & Identity Management, Cyber Security, Government and Parastatal (Industry)
The Gallagher UK CPNI CAPSS High Security System features compliances to the Cyber Assurance for Physical Security Systems (CAPSS) standard, and the Centre for the Protection of National Infrastructure (CPNI) Readers and Tokens standards.

Read more...
OSDP verified readers/credentials preferred
Issue 1 2021 , Access Control & Identity Management, News
Farpointe is among the first three manufacturers to have earned the SIA’s new OSDP Verified mark on its mobile, contactless smartcard and proximity solutions, while simultaneously finding that OSDP is specified more than ever before.

Read more...