The Changing Face of Access Control
Robust security systems include maintenance and monitoring
- By Daiva Wood
- Mar 04, 2010
A small high-tech company wants stronger and
more robust access control system to help
protect trade secrets, but they don't want the
responsibility of installing, monitoring and maintaining
a system.
Another growing transportation company doesn't
want to own or maintain the access servers but still
wants to be able to control data entry, such as updating,
adding and deleting employee information and
ID badges.
Meanwhile, a financial services firm with a strong
IT department and a wireless network wants to control
all aspects of its access system.
These are examples of the three types of access
control systems available to end users—managed services,
hosted and traditional. Each has a place that is
determined by the end user's specific needs and capabilities.
Here's a look at the advantages of each type
of system.
Managed Access Control
This option makes sense for any size organization that
needs access control—from a single-door to an enterprise
system. The end user benefits from a system that
requires no time commitment from its employees. A
vendor provides the installation of all card readers,
control panels and system servers, which reside offsite
at the vendor's location. All data entry, such as the
addition and deletion of employee identification
badges, is managed by the vendor.
Vendors also provide monitoring and maintenance
of the system and customized reports on a daily,
weekly or monthly basis.
At a time when many organizations are choosing
to outsource legal, payroll and other professional services,
the outsourcing of access control makes sense.
It lets an end user's organization focus on what it does
best. Providers of managed services can generally
supply an end user with a more robust access control
system—most often at a lower cost.
Hosted Access Control
Much like the managed option, hosted access control
involves a vendor providing an offsite server, along
with the installation and maintenance of the control
panel and card readers. But with hosted access co
ntrol, the end user is responsible for data entry and
access control application monitoring.
This access control option appeals to end users who
don't want the responsibilities that come with system
ownership but have the staff available for maintaining
databases and monitoring the system for access control
events and alarms.
Traditional Access Control
With a traditional access control system, end users
purchase the control panel, readers, servers and software
to operate and monitor the system and maintain
the database. They may choose to service the system
on their own or, more likely, sign a maintenance agreement
with a system integrator.
None of these types of systems is the right choice
in every situation. There are other factors that come
into play—for example, the organization's IT department.
The IT folks often carry significant weight with
C-level executives and are known to be fiercely protective
of their networks. Another major consideration is
an organization's current, or legacy, system. A company
may have already spent hundreds of thousands
of dollars on access control equipment and would not
want to scrap it all for a new system.
New Additions to the Arsenal
Over the past few years, an organization's IT department
has become increasingly involved in decisions
regarding physical security. The main reason for this
shift is most security functions now require a computer
network to transmit data, either from a video surveillance
or access control system. Video consumes a
lot of network bandwidth, while the network space
required to transmit data from an access system is
relatively minor.
Still, the IT staff will want to know what is being
sent across its network and be assured that it is safe
from outside hackers. This is where the convergence
of logical and physical security comes into play. Often,
IT requires multiple authentications before gaining
access to an office or the network. Previously, a
username and password were acceptable. Now, IT may
require another security layer, such as biometrics.
Fingerprint scanners are the most frequently used
biometric devices. Although they have been around
for years, recent improvements in the reliability of
biometric devices, combined with lower costs, have
driven heightened interest in, and increased spending
on, biometric technologies.
Edge readers are devices that sit on the network at
the location of an entry. These are not only readers
but also controllers, which are great for use at smaller
or remote locations. Faster computer processors and
less expensive memory chips are the driving forces behind
these devices.
Wireless readers are becoming very popular as
they are perfect for use at remote sites or where cabling
or drilling is difficult or impossible, such as in
historic buildings.
Wireless, card-reading locksets allow for the installation
of cylinder locks into file cabinets and desk
drawers that may contain sensitive documents. The
locksets are accessed by smart cards that can restrict
who may open the drawers and when.
As for making the switch from legacy systems, access
control equipment manufacturers are making
transition readers that can read multiple card technologies.
These readers allow organizations to integrate
new, modern equipment without having to completely
replace an existing access system.
The way we provide access control is changing rapidly.
That change will only accelerate
as technology evolves and the need
for access control grows.