The Changing Face of Access Control

Robust security systems include maintenance and monitoring

• By Daiva Wood
• Nov 16, 2009

In the midst of an ever-changing industry, a small high-tech company is continuing to develop new products that will have a major impact on the access control market.

Companies that aren’t in the security business still want stronger and more robust access control system to help protect trade secrets but they don’t want the responsibility of installing, monitoring and maintaining a system.

Another growing transportation company doesn’t want to own or maintain the access servers, but still wants to be able to control data entry, such as updating, adding and deleting employee information and ID badges.

Meanwhile, a financial services firm with a strong IT department and a wireless network wants to control all aspects of its access system.

These are examples of the three types of access control systems available to end users -- managed services, hosted and traditional. Each has a place that is determined by the end user’s specific needs and capabilities. Here’s a look at the advantages of each type of system.

Managed Access Control
This option makes sense for any size organization that needs access control -- from a single-door to an enterprise system. The end user benefits from a system that requires no time commitment from its employees. A vendor provides the installation of all card readers, control panels and system servers, which reside offsite at the vendor’s location. All data entry, such as the addition and deletion of employee identification badges is managed by the vendor.

Vendors also provide monitoring and maintenance of the system and provides customized reports on a daily, weekly or monthly basis.

At a time when many organizations are choosing to outsource legal, payroll and other professional services, the outsourcing of access control makes sense. It lets an end user’s organization focus on what it does best. Providers of managed services can generally supply an end user with a more robust access control system -- most often at a lower cost.

Hosted Access Control
Much like the managed option, hosted access control involves a vendor providing an offsite server, along with the installation and maintenance of the control panel and card readers. But with hosted access control, the end user is responsible for data entry and access control application monitoring.

This access control option appeals to end users who don’t want the responsibilities that come with system ownership but have the staff available of maintaining databases and monitoring the system for access control events and alarms.

Traditional Access Control
A traditional access control system, end users purchase the control panel, readers, servers and software to operate and monitor the system and maintain the database. They may choose to service the system on their own or, more likely, sign a maintenance agreement with a systems integrator.

None of these types of systems is the right choice in every situation. There are other factors that come into play -- for example, the organization’s IT department. The IT folks often carry significant weight with C-level executives and are known to be fiercely protective of their networks. Another major consideration is an organization’s current, or legacy, system. A company may have already spent hundreds of thousands of dollars on access control equipment and would not want to scrap it all for a new system.

New Additions to the Arsenal
Over the past few years, an organization’s IT department has become increasingly involved in decisions regarding physical security. The main reason for this shift is because most security functions now require a computer network to transmit data, either from a video surveillance or access control system. Video consumes a lot of network bandwidth, while the network space required to transmit data from an access system is relatively minor.

Still, the IT staff will want to know what is being sent across its network and be assured that it is safe from outside hackers. This is where the convergence of logical and physical security comes into play. This process has been going on for several years, but is really gaining steam now. Often, IT requires multiple authentications before gaining access to an office or the network. Previously, a username and password were acceptable. Now, IT may require another security layer, such as biometrics.

Fingerprint scanners are the most frequently used biometric devices. Although they have been around for years, recent improvements in the reliability of biometric devices, combined with lower costs, have driven heightened interest in, and increased spending on, biometric technologies.

Other relatively new additions to the access control arsenal also are beginning to become fairly commonplace. Edge readers are devices that sit on the network at the location of an entry. These are not only readers but also controllers, which are great for use at smaller or remote locations. Faster computer processors and less expensive memory chips are the driving forces behind these devices.

Wireless readers are becoming very popular as they are perfect for use at remote sites or where cabling or drilling is difficult or impossible, such as in historic buildings.

A subset of the wireless movement is wireless, card-reading locksets. This allows for the installation of cylinder locks into file cabinets and desk drawers that may contain sensitive documents. The locksets are accessed by smart cards that can restrict who may open the drawers and when. These locksets eliminate the need for keys, which are easily lost, and the subsequent need for re-keying which is expensive and time consuming.

As for making the switch from legacy systems, access control equipment manufacturers are making transition readers that can read multiple card technologies. These readers allow organizations to integrate new, modern equipment without having to completely replace an existing access system. This eases the burden on organizations, allowing them to make the change as their budget and staffing permit.

The way we provide access control is changing rapidly. That change will only accelerate as technology evolves and the need for access control grows.