Combined systems ease the burden on physical security, IT compliance

Access & Identity Management Handbook 2007 Access Control & Identity Management

Security policy has typically meant different things to different people within an organisation.

The facilities management department covers all physical access points, teaching staff to lock all doors and windows before leaving for the night. IT managers keep up to date with the latest patches and ensure users only access the applications and data they are allowed to access.

Despite the common purpose, physical and logical access technologies have existed in separate, parallel worlds for years. Physical access technologies, such as building security systems and employee access cards, are controlled by the corporate security department. Application passwords and firewalls are the domain of the IT department. Each group’s respective networks, technology paths and user interfaces are completely separate, and there is no coordination between the two departments.

Today, however, enterprise security is changing dramatically. Technological advances have finally caught up with security theories, and now many organisations are looking to bridge network (logical) and building (physical) security operations together for unified, enterprise security management.

At the heart of this intersection is security policy.

Enterprise security management

Enterprise security is governed by established policies employees are required to follow. Both physical and logical sides of security are tasked with ensuring respective policies are being enforced and actually adhered to by staff on a consistent basis. However, making security policies stick can be tough, especially if it changes the way employees have been working.

For a facilities management department, physical security policies can take many forms. For organisations with door access security, badging into the building is a mandatory requirement for all staff. This creates a problem – the ability to prove everyone who has entered the building has actually badged in. Employees oftentimes walk in at the same time as another employee who has already used their badge. This process, known as tailgating, results in no record of an individual coming into the building. This not only breaks the organisation’s security policy regarding physical access to the enterprise, but it also means it is more difficult to build up a complete list of who is in the building in the event of a fire or other security threat. The result of the behaviour is a gaping hole in the physical security side of the enterprise.

Securing access

By linking the physical access system to the IT infrastructure, employee behaviour can be enforced more strictly. For example, if an employee does not badge into the building, their access to IT assets can be denied. When logging in, the network can automatically query the building access system to check if the person has signed into the premises. If they have not, access will be denied until they present their card.

A building access card also can be used as a factor for gaining access to the IT system. By linking a user’s password to the building access card, an organisation can roll out strong authentication for staff without having to invest in additional tokens, biometric readers or another form of two-factor authentication. As most building access cards are short-range RFID devices, a USB reader connected to the PC also can act as a method for secure network access.

Using a building smartcard as an authentication method to gain access is not new. However, previous approaches to using the cards have not integrated the typically disparate systems. Instead of linking the two systems together and allowing the IT access system to query the building access server, a user within an organisation will sign into two separate, siloed systems that happen to use one smartcard. The combined approach integrates building and IT security at a system level and allows security policies to be managed and enforced across the physical and network layers.

Uniting facilities management

Convergence of physical and IT security brings with it the need for businesses to change approaches to managing these areas. Traditionally, there have been distinct areas of the organisation responsible for managing IT and physical security. The facilities management department would cover the physical side of enterprise security, while IT issues would be handled solely by the IT manager and team. As these two divisions have completely separate budgets and targets to meet, there is no reason to cooperate on projects.

This situation is changing. As more physical security systems rely on services provided by the network, IT will ultimately be called to participate in the design and support of physical security systems. A converged management approach allows both departments to get the information required at a lower cost than what would be possible through separate systems.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Biometrics: the game changer in access control
November 2019, IDEMIA , Access Control & Identity Management
For security managers, the question is no longer, should I use biometrics, but rather, which biometrics should I use.

ViRDI UBio Tab 5
November 2019 , Access Control & Identity Management
ViRDI Distribution SA (ViRDI Africa) has announced the release of its long-awaited UBio Tablet to the South African market.

Cloud-based access control
November 2019, Elvey Security Technologies , Access Control & Identity Management
Hattrix is a flexible and scalable security platform that marks a shift toward outsourcing security, similar to other services such as IT, HR, and legal services.

Transforming secure access for SMEs
November 2019, dormakaba South Africa , Access Control & Identity Management
The dormakaba Matrix One access solution is an off-the-shelf access offering that is easy to use, completely secure and browser-based, making it accessible from anywhere in the world.

Manage remote transmitters via GSM
November 2019, ET Nice , Access Control & Identity Management
ET Nice has released a new solution to set up and manage remote transmitters online and monitor access equipment via GSM.

Secure hands-free access
November 2019, Suprema , Access Control & Identity Management
Suprema’s facial biometric terminals bring no-touch access into secure residential estates, high-rise apartments and luxury homes providing fast, easy and intuitive user authentication with the added benefit of hygiene.

There’s an app for gate configuration
November 2019, CAME BPT South Africa , Access Control & Identity Management
CAME KEY is a new generation of working tool for gate automation, allowing setup and configuration from a mobile app.

Enhanced biometric technology for mines
September 2019, ZKTeco , Mining (Industry), Access Control & Identity Management
Biometric identification and authentication are currently used at various mines in South Africa and in the SADC region.

Improving access in mines
October 2019, Astra Fasteners , Mining (Industry), Access Control & Identity Management, Products
The VP1 controller provides full access control and remote monitoring of intelligent locks without having to wire into a network or install, manage and maintain software.

Invixium and Pyro-Tech partner in South Africa
October 2019 , News, Access Control & Identity Management
Invixium, a manufacturer of IP-based biometric solutions and Pyro-Tech Security Suppliers have announced a new distribution partnership.