Process driven access control

June 2010 Access Control & Identity Management

Integrated access control solutions deliver impressive functionality, yet there is a significant requirement for seamless integration and the application of intelligent framework solutions that empower educational institutions to unlock considerable value by integrating disparate systems. Detailed blueprint design, including business process mapping and detail technical and functional requirements definition is key for successful delivery to the various stakeholders.

In addition to schools, educational institutions such as universities and colleges present a unique challenge with regards to application of security technologies.

Campus architecture and design has historically been towards open facilities for learning. The increasing need to provide a secure environment for students has placed significant pressure onus on academic institutions as has the global trend towards smart campuses where technology ­innovation allows for a secure environment without creating an impression of locked down facilities.

Challenges in educational institutions

Implementing a seamlessly integrated access and security solution in a corporate or manufacturing environment is often a significant challenge. In a dynamic and ever changing environment such as universities/colleges where change is not only limited to student turnover the challenge is significantly increased.

Typically, installed security systems are secure at the time of installation, but over time the database accuracy is degraded as access rights that should be managed by group policy are allocated to individuals based on urgent needs or physical location and actual changes are not configured on the system. Processes such as terminations, course changes, location changes for lectures and classes are not automatically applied and the recording of attendance to these classes by students (sometimes a statutory requirement) is reduced to a manual paper trail with no consolidated reporting benefit.

With a global focus on corporate governance and specifically governance, risk, and compliance (GRC), all aspects of an organisation are directly or indirectly impacted by heightened security policies and procedures. These new business requirements demand that non-security functions (HR/IT/finance/facility/wellness and even logistics, etc,) become directly accountable for identity management and policy enforcement.

In educational environments, the various inputs required to allow access or record attendance can become extremely complex.

Ownership of source data input, for example, has effectively transferred accountability from the security function to whoever is accountable for the relevant business process and mandated for the correct capture of the source data.

If one applies basic real-life processes and scenarios to this data, it could mean that a student’s access to site or a specific area is dependent on multiple people in an organisation providing an holistic framework for a process driven solution:

* His/her master data being valid (Student Admin) – data might even reside in disparate systems,

* Payment of accounts being valid (Finance),

* Course content allowing usage of computer labs (IT) and

* If driving a university vehicle that their driver’s licence is valid (Safety).

Legacy options

Common practice is to isolate an organisation’s people data into numerous applications such as payroll, time and attendance (T&A), HR, access control, enterprise resource planning (ERP), user access (IT) and many other systems. This gives great flexibility to the organisation in allowing the use of best-of-breed solutions, each addressing specific needs.

The problems created with this approach when applying physical and logical security policies and systems is:

* No single system has a true (single version of the truth) view of all the people data and relationships within the organisation (students/employees/contractors/service providers/visitors etc).

* Due to the disparate nature of these applications, sharing of data is often dependent on specialist interfacing skills or manual processes such as e-mails containing report extracts to spreadsheets and labour intensive importing of files and/or interfaces. The systems can be subject to a high level of erroneous data – for example, names are spelt incorrectly, identification data is mistyped for the same person across the different applications.

* Data is often out of date. Administration or HR terminates a person in its system, but they remain active on the other systems.

* Each system has segmented data specific to a functional need. For example, HR is only interested in employees and contractors, IT is only interested in users and security wants to know about everybody including visitors.

* Security risks are increased when systems are not seamlessly integrated and linked according to process.

When these issues are combined, the problem becomes exponentially more complex. Systems integration can solve some of these issues, but often lacks the flexibility to change in line with the organisation or is vendor specific.

Annual churn of student data and allocation of access rights to students based on course selection etc. would possibly be manageable by interfacing an authoritative system (such as a student management or accounting system) to a new access control solution. However, when an holistic view of the requirements is taken it is clear that no single system will cater for all the stakeholder needs. Figure 1 is an example of an application architecture landscape of an integration framework that applies process driven access control solutions at an academic institution.

Figure 1
Figure 1

For more information contact innoVIZION Business Solutions, +27 (0)11 463 0123, [email protected], www.innovizion.co.za





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Gallagher Security releases OneLink
Gallagher Animal Management Products & Solutions Access Control & Identity Management
Gallagher Security has announced OneLink, a cloud-based solution that makes it faster, easier and more cost-effective to deploy security anywhere in the world, transforming how security can be delivered to remote sites and distributed infrastructure.

Read more...
Suprema unveils BioStar Air
Suprema neaMetrics News & Events Access Control & Identity Management Infrastructure
Suprema launches BioStar Air, the first cloud-based access control platform designed to natively support biometric authentication and feature true zero-on-premise architecture. BioStar Air simplifies deployment and scales effortlessly to secure SMBs, multi-branch companies, and mixed-use buildings.

Read more...
Continuous AML risk monitoring
Access Control & Identity Management Security Services & Risk Management Financial (Industry)
AU10TIX, launched continuous risk monitoring as part of its advanced anti-money laundering (AML) solution, empowering businesses to detect behavioural anomalies and emerging threats as they arise.

Read more...
The future of security: intelligent automation
Access Control & Identity Management AI & Data Analytics IoT & Automation
As the security landscape evolves, businesses are no longer looking for stand-alone solutions, they want connected, intelligent systems that automate, streamline, and protect.

Read more...
Smart automation is changing security
SA Technologies IntelliGuard Access Control & Identity Management
Security has come a long way from manual check-ins, logbooks, and standalone surveillance cameras. With the rise of intelligent automation, security is now faster, smarter, and more connected than ever.

Read more...
The future of security in South Africa
ATG Digital Access Control & Identity Management
Security technology is evolving rapidly, but is local innovation keeping pace? Some global players recognise the potential of South African products for international markets, but can our manufacturers and service providers thrive without external support?

Read more...
Integration enhances estate access control
Access Control & Identity Management
With one-third of residential burglaries starting at the front door, the continued seamless integration of Glovent’s estate management platform with Impro access control software is welcome news for estates.

Read more...
T&A in South Africa’s retail sector
ERS Biometrics Access Control & Identity Management
Using existing systems, ERSBio provides a practical and more cost-effective way for businesses to manage operations, reduce payroll mistakes, and enhance overall efficiency through innovative T&A processes.

Read more...
Navigating the complexities of privileged access management
Editor's Choice Access Control & Identity Management
Privileged Access Management and Identity Access Management are critical pillars of modern cybersecurity, designed to secure access to sensitive resources, enforce principles like least privilege, and implement just-in-time access controls.

Read more...
Paxton opens second experience centre
Paxton News & Events Access Control & Identity Management
Security technology manufacturer, Paxton, has opened a new experience centre in Cape Town on 12 February in partnership with its exclusive distributors, Reditron and Regal Security.

Read more...