Best Practices for Key Control
Technology comes from inside the box
- By Fernando Pires
- Jun 27, 2014
Key control and asset management technology are reliable and
cost-effective methods to improve security by ensuring that facility
keys are properly managed with regard to access, storage and
tracking. Key management systems can reinforce access control
policies that are already in place and can help reduce the costs associated
with lost keys or unmanaged access.
From Inside the Box
Tamper-proof systems are designed so that only authorized users—using pre-programmed PIN codes, access cards or biometrics—can access keys, while on-board
advanced technology automatically records all access activity.
A basic system typically consists of a computerized key storage cabinet, a key
locking mechanism and a tracking system. From this basic package, several options
and design variations can be added to customize the solution and help protect
the investment as needs grow and change. For networked installations, management
software can also be included in the system. Permission levels can be
established for each user and data can be monitored from any network-connected
desktop. Additionally, the software can run activity reports, sort based on different
criteria, and view and print reports, among other uses.
Today’s key control and management systems have become a higher level management
tool for effectively addressing the safety and security of building occupants
and the security of the building assets.
Knowing the identity of authorized key holders, which keys they have in their
possession or have access to, and when they were used are all essential pieces of
information needed to help ensure a safe and secure environment. Further, technological developments and open protocols have made it possible to integrate key
control with access control and other security systems as part of a facility’s networked
security system. Now, a user who has taken a specific key can be denied
egress from the facility until the key is returned, and selected management can be
alerted via email if a key has not been returned on time.
Implementing a key control and management system is a straightforward process
that involves a few basic steps:
- Take inventory of the facility to identify all access points and installed locks;
- ascertain the operational needs of employees as well as of others who may need
access to the facility such as service, repair or cleaning crews; and
- establish a policy with easy-to-follow procedures for effective key control and
Having the ability to add on the exact components you need, or change modules
where and when you need, helps protect your investment. This way, you will
avoid having to rip and replace an entire key control and asset management system
because the current system cannot accommodate lockers for securing cell phones
or other valuable items, or does not integrate with a new access control system that
has just been installed.
If a networked key control system is planned, a review of the network topology
will reveal any configuration and performance alterations that may need to be applied.
Compatibility with other security systems should be reviewed to maximize
interoperability for more comprehensive, integrated operations.
A simple but strong set of guidelines for administering and using the key control
system will help define areas of responsibility and enable better control of the keys.
Setting Up Your System
Configuring a key control solution is as easy as identifying needs and then building
the system with modular components that meet those needs. Choices for modules
may include key storage, lockers, credit card or simply blank, to be filled at a later
time. The combination of modules is entirely up to the user, providing the ability
to customize and change the system to meet growth or other specific needs.
Key control and asset management systems can be configured with additional
security features to help enhance the integrity of the system. For example, where
protection of asset lockers is mission-critical, installation of a remote access device
provides an additional layer of protection by enabling the locker system to be placed
in a secure room. A second individual’s PIN input and verification are then required
in order for an authorized employee to access the contents of a locker.
Access to the key and asset cabinets can be customized, with options including
a built-in keypad, biometrics, such as a fingerprint reader, and a magnetic or proximity
card reader. Systems that integrate card readers for access can often use the
access control cards that are already in use throughout the organization, making
the system implementation easier and more convenient. Changes to an individual’s
access authorization can be made instantly by program administrators.
Optional user interfaces can be integrated directly into the cabinet for easy accessibility,
or they may be separate. In either design, users can access only the
stored items that they have been authorized to remove or return.
A key control and asset management solution can usually be integrated with the
existing physical security system without costly upgrades or overhauls. For example,
asset control systems, featuring alarm and relay inputs/outputs, can be integrated
with existing video surveillance systems for additional security measures. Ethernet
and USB capability help ensure system compatibility and integration. Key management
systems can also integrate with a facility’s existing identification cards.
Compatibility with other security systems and network access offers an added
richness, usability and integration with existing data bases, saving time and money.
Ethernet or TCP/IP communications ports allow ease-of-use for direct connectivity
to printers or other devices, or networked connectivity via Ethernet.
Management Software Tracks and Analyzes
One of the enabling factors for successful key control implementation is the ability
to manage all programming, remote functions and reports for the system with a
software-driven solution. Similar in concept to popular access control systems, the
PC-based package of key management software helps make day-to-day operations
and activities easier and more fluid. Users can be added from a global list, and all
specific settings—added or modified—will be automatically synchronized across
the system. Profiles can be assigned for improved user control, and administrative
access levels have various options to be tailored to specific needs, such as reports
only or alarms only.
Built-in schedulers can be programmed to automatically download all data to a
secure PC as required by the user. With this capability, management can better sort
and analyze information to maintain maximum control of access and security issues.
Scheduled email reports that detail what keys are in or out and who has/had
them, keeps security management informed and up-to-date. If an incident occurs,
management can query the system for specific details. Together with the audit data
from an access control system, a key control system’s reporting ability provides a
strong evidence trail.
Advanced communication capabilities enable key control systems to be monitored
and administered remotely from PDAs or smartphones as well as from a desktop. Authorized
personnel can check key status, cancel an alarm and even
remotely disable user access. These features, along with multiple
others, provide the mobile user with another level of convenience
and control when it comes to key control management.
This article originally appeared in the July 2014 issue of Security Today.