Combating the cyber criminals

June 2004 Cyber Security

When access control systems were first introduced, they consisted of control panels, readers, electrically controlled door strikes, cards, and a personal computer. That part has not changed much. In the late '70s and early '80s semiconductor technology was in its infancy and still relatively expensive. As a result, the realm of access control was limited to governments and large businesses. It was not a practical or affordable security solution for mid-size to small companies. And it was still a relatively unknown commodity. Unlike today, controllers were slow with limited memory. The interval between a card swipe at a reader and the response to unlock the door could take as long as 30 seconds depending on how much activity was going on in the building. Compare that to response times of less than 1 second nowadays. Readers were pretty much limited to magnetic stripe and Wiegand swipe technology.

Integration, integration and more integration

Much has changed in the ensuing years. Although they still primarily consist of control panels, readers, electrically controlled door strikes, cards and personal computers, the dynamics of access control has undergone a radical transformation.

Access control systems have grown more sophisticated expanding well beyond their original intention of merely managing doors. Advancements in semiconductor technology have given rise to faster and more intelligent controllers and readers. And the evolution of personal computers with more powerful microprocessors and the advent of networks have spawned greater integration with other building systems and business systems. With a marked reduction in the costs of components, access control has become a much more affordable security application. And it is the end-user who has driven these changes and will continue to drive the changes as manufacturers are compelled to react to market demands. Access control systems, besides doors, now regulate elevators and parking garages, too, interface with building maintenance and alarm systems, connect with closed circuit television systems, integrate with photobadge ID card systems, have the ability to e-mail alarm messages to Internet connected wireless devices, and the access control software applications offer a full range of site management tools and report capabilities. Perhaps the greatest significant development in access control is the capability of interfacing with LAN/WAN technology allowing the interconnection of multiple buildings, regardless of their proximity to one another, and integrating those buildings into one system with multiple points of monitoring and control. The benefits of harnessing all these features into one integrated system has obvious benefits for the end-user, but manufacturers must constantly modify their products and it places greater and greater demands on dealers and installers. Dealers must be versatile and have an understanding of electrical and electronic concepts, understand access control systems, building maintenance systems, alarm systems, CCTV systems, as well as having computer skills and some knowledge of network technology. And if that is not enough, they must also know various manufacturers' products and those that are best suited to their clients' needs.

CCTV integration

Closed circuit television systems have been around for a long time. But CCTV systems were generally self-contained. With the development of video capture boards for PCs a decade ago and as PC processor speeds have increased exponentially over the past few years, it is now practical for access control systems to integrate with CCTV systems. The access control software can monitor live video feeds, initiate camera actions in response to an alarm condition while still controlling, monitoring and recording site activity. The integration of CCTV with access control provides end-users with a big economical advantage. Amalgamating the two platforms eliminates the cost of redundant equipment and gives security personnel efficient control of both systems from a single PC. And just to demonstrate that we are not resting on our laurels, access control systems are currently re-tooling to interface with digital video recorders and Web-based cameras as CCTV technology strides forward.

E-mailing alarms

In the past, to be apprised of an alarm condition, someone had to be at a fixed position at a PC or monitor. As the Internet has become a revolutionary communication tool, you can virtually go anywhere on the planet in seconds, access control has been given a new dynamic in security management. The access control software can be programmed to e-mail alarm conditions or critical building maintenance messages to any Internet e-mail address including wireless devices such as cellphones and PDAs. For the small business owner who does not have the luxury of security personnel, equipped with a cellphone or PDA, the access control system automatically e-mails a message so the recipient is quickly alerted and can respond accordingly to an emergency.


The advent of local area networks/wide area networks and modems have given access control systems the ability to regulate multiple buildings whether they are in proximity to one another or on the opposite sides of a continent. Property management companies, governments, major corporations or other organisations with multiple buildings can maintain total control of all buildings from one central office or give staff within each building full or partial control over their own building or the entire system, or, as may be the case with security guards, restrict usage to just monitoring the system for alarms. And with all buildings under one system, individuals can access any or all buildings with one access card. Imagine the benefits of an access control system integrated with a CCTV system that controls and monitors a building in Seoul from another building in Hong Kong or vice versa.

Access control software as a management tool

As access control systems have grown more sophisticated, the software, too, has grown not only in sophistication, but in functionality as a management tool, offering a wealth of report formats. With a self-contained database that records every system transaction, an access granted or access denied at a door, an alarm event, or a system administrator entry, management can tap into this vast pool of data collected by the database. Reports can range from cardholder information, site activity, time and attendance, site evacuation, alarms, and site structure with wide latitude in filtering the contents. Some access control software can import and export database contents in CSV file format. This saves on duplication of information common to other departments such as personnel records that can be converted to access control cardholder records. Many access control systems offer ancillary applications such as photobadge and guard monitoring software.

These software applications are designed to integrate with the access control software and share the database. Photobadging allows end-users to design templates and incorporate specific database fields in the template. When the ID card is printed it is personalised for the individual cardholder based on the parameters specified in the template. This could include the company logo, a photo, first and last name, and department of the cardholder. Cards can also be colour-coded to distinguish authorised access clearance for various areas in a building or imprinted with a bar code for other third-party applications.

For companies that employ security personnel or contract out to third-party security services, dedicated guard monitoring software is available. The advantage of a guard monitoring application is it provides management with a tool to direct and report on security personnel activity and excludes them from having direct contact with the access control software. The range of functionality with the guard monitoring application can be regulated at the discretion of management.

Guard monitoring software gives management the ability to format guard tours based on system controlled points and report the results of each tour, set alarm messages to specific readers or inputs. The monitoring application will also allow security personnel to monitor multiple site activity and with the ability to lock and unlock doors at any site under the jurisdiction of the software.

Price vs security

A common misperception is that all readers are the same, all access controllers are the same, and all cards are the same. To many end-users, and in some cases even dealers, the only perceptible difference, other than the names of manufacturers, is the price. The price is not necessarily indicative of the quality, reliability, and the level of security offered by the system. Not all access control components embrace proven technologies that provide adequate security and offer longevity of service. Does the access control system have an open architecture? If the system requires expansion, open architecture allows integration of other manufacturers' systems. Proprietary architecture does not. Can the cards be easily duplicated or compromised? Different card technologies do not all offer a high level of security.

Do the readers use proven technology and will they operate reliably in their environment. Are they susceptible to damage? Does the access control system use fully-intelligent distributed processing or is it host-dependent? With fully-distributed intelligent processing, each access control panel continues to operate without any degradation to performance or security. Is after-sales technical support available? With the complexity of today's systems, end-users are gratified to know they can make a phone call and receive help for any technical difficulties.

These are just some of the factors that buyers should be aware of when considering the selection of an access control system. Obviously different clients require different needs and do not necessarily require a premium system with all the incumbent ancillary devices, software applications, or the integration other systems. But if the access control system fails in offering a reliable and efficient security platform, then the end-user's investment is at risk.

Where is it all leading?

No one has a crystal ball to predict the future, but based on history, access control systems will continue to integrate with other business systems and with wireless communication technology. We are almost there now, and one can envision not only being informed of alarm or other critical messages but having complete control of the system with the use of a cellphone or PDA. With the digital transmission of images, someone with a cellphone that is connected to the access control system could from a remote location see who is at the door via a camera feed, converse with that individual, and use the keypad to unlock the door. Like we said, no one has a crystal ball but it is certainly foreseeable in the not too distant future.

Where do we go from here? As is the case for all businesses, access control manufacturers will continue to be confronted with assessing the market potential of new technologies and constantly adding product enhancements to their systems. But on the flip side of the coin, they must be sure that their products remain cost competitive in the market place. It is a fine balancing act to be sure.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

NIST’s impact on cybersecurity
Cyber Security
Through its NIST Cybersecurity Framework, the non-regulatory agency empowers organisations to take a proactive approach towards managing and mitigating cyber risks, enabling them to stay resilient against the ever-evolving threat landscape.

Best practice tips for strengthening data privacy system
Security Services & Risk Management Cyber Security
International cybercriminals are increasingly targeting South African organizations, making data privacy more difficult to maintain. A standardization expert offers insight to help combat this threat.

AI-powered cyber protection for consumers
IT infrastructure Cyber Security
Acronis Cyber Protect Home Office is designed for the evolving landscape of cyber threats by integrating Acronis' cyber protection and secure backup solutions, combining AI-powered defence mechanisms, robust data backup, remote management tools, and mobile device protection.

A surge of cybersecurity for the energy sector
Government and Parastatal (Industry) Cyber Security
With a rapid transition towards renewable energy, the energy sector has an increased reliance on technology. This makes it particularly vulnerable with regards to cybersecurity, as it depends on interconnected systems and digital technologies.

Secure backup strategies imperative for business continuity
IT infrastructure Cyber Security
Cybercrime is on the rise, and businesses need to adjust how they manage their data to fend off attackers, or risk irreparable damage, writes Lisa Strydom, Senior Manager Channel and Alliance for Africa at Veeam Software.

CHI selects NEC XON as trusted cybersecurity partner
News Cyber Security Industrial (Industry)
CHI Limited, Nigeria's leading market player in fruit juices and dairy products, has engaged in a strategic cybersecurity partnership with NEC XON, a pan-African ICT systems integrator.

Mitigating escalating DDoS cyberattacks
Cyber Security
As cyberattacks, particularly those of the Distributed Denial of Services (DDoS) variety, continue to rise at an unprecedented rate across Africa, it is no longer a question of ‘if’ your organisation will be targeted, but rather ‘when’.

Six effective antidotes to modern cyber adversaries
Cyber Security
As the head of cybersecurity at NEC XON, Armand Kruger has witnessed the transformation from hooded hackers to a sophisticated dark economy that poses unprecedented threats and is run like a business.

Key strategies for businesses in the face of cyber threats
Cyber Security Security Services & Risk Management
Businesses face severe financial and reputational consequences due to data breaches and daily website hacks, and not all organisations are adequately prepared to combat these escalating threats.

Cyberattacks are inevitable for small businesses
Cyber Security
The recent cyberattack on Microsoft is a stark reminder that no organisation, regardless of its size or industry, is immune to cyber threats. Even small businesses, often assuming they are less attractive targets, are vulnerable.