6 Trends Impacting Access Control and the Overall Security Market

Increased emphasis placed on interoperability and total cost of ownership in security purchasing decisions

• By Jeremy Krinitt
• Dec 01, 2014

From 4K Ultra HD resolution surveillance cameras to near field communication (NFC) or Bluetooth-enabled access control readers and applications, technology innovation in the security industry runs the gamut. However, while these newer technologies and the advanced functionality they offer generate a lot of buzz, the fact remains that today’s end users and systems integrators are looking for much more in the security devices they purchase than just the latest and greatest features. Despite a slowly recovering economy, security budgets have yet to climb back to their pre-recession levels. As a result, end users and integrators must be able to show a tangible return on investment (ROI) on the security solutions they purchase.

For many years, security operated within a silo, but that is quickly changing. Companies are now looking for security solutions that can be leveraged across different departments—human resources, facilities and more—and also provide long-term value to the organization. Additionally, it is no longer acceptable for security manufacturers to use a “checkbox” approach to the features they offer. More thought needs to be put into how the features of a product can be best utilized by customers. For example, a video surveillance company could develop a revolutionary type of analytic, but if the setup of that analytic is temperamental for integrators, then what difference does it make to customers looking to use that technology?

Much of the industry’s recent focus on innovation is around additional products that can be added into the security environment, not on the fundamental value provided to integrators and end users. The question for the industry is this: What market factors and technology innovations are going to be the key to driving real growth moving forward?

Here are few things that could play a big role in the industry in the not-toodistant future.

Openness and Interoperability

The word “open” is thrown around frequently in the security industry, but it is typically used to describe a security system, such as access control, video surveillance or other solutions, that are interoperable with products from other vendors. Whole spectrums of possibilities exist when someone uses the term open. Where the technology sits on this spectrum can have a significant impact on the experience of the integrator and end user, both in the initial implementation of the solution and in the technology options in the future.

In the best scenario, the connections between solutions use a published standard. This often provides the manufacturers the best visibility into the connection between solutions, and ultimately provides greater flexibility to the end user. One way this can be achieved in the access control realm is by implementing solutions that comply with the Open Supervised Device Protocol (OSDP), a communications specification developed by the Security Industry Association (SIA) to enable devices, such as card readers and control panels, to work together.

Using a control panel that also supports OSDP, for example, can provide users with the flexibility they need for their future access control decisions. Customers should ensure the solutions they select support open standards, but it is also important to consider what they are doing to ensure long-term value for the security solution. Just like our laptops and cellphones, technology in the security space is constantly in motion. Manufacturers should be designing solutions to support the latest standards, and to provide a runway for the technologies around the corner.

Greater Usability and Reliability

Although there is often a shift of trends within the industry where manufacturers will find themselves pushed by customers to deliver a certain set of features, two things have remained constant through the years: usability and reliability.

There are numerous examples that can be found across all product sectors of systems that have either been disregarded, or in some cases, simply turned off because they triggered repeated false alarms or because an organization’s security staff found them onerous to manage. Ultimately, vendors that want to deliver an effective solution for their customers must ensure that their product not only provides the features that they need, but is also dependable and user-intuitive.

Changing Vertical Market Dynamics and Regulatory Compliance

While nearly all vertical markets will have an impact, to some degree, on shaping the access control and overall security industry in the years to come, there are some whose impact will be felt sooner rather than later. For instance, the government and healthcare markets stand poised to have a substantial effect on product manufacturers due to the necessary requirements these markets have put together around access control.

The government sector is a prime example of how changing requirements within a specific market can have a broader impact on the security industry as a whole. Unlike other industries where minimum security requirements are largely established by the organization itself, security standards in government agencies are regulated by different federal guidelines and mandates that change and evolve with the threat landscape.

In effort to establish a common identification standard for government employees and contractors, Homeland Security Presidential Directive-12, more commonly known as HSPD-12, was issued shortly after the 9/11 terror attack by the Bush administration. HSPD-12 subsequently resulted in the creation of Federal Information Processing Standard-201 (FIPS-201), requiring federal employees and contractors to have personal identification verification (PIV) credentials. Additionally, some corporate entities have also opted to adopt standards similar to PIV due to the enhanced level of security it outlines, which points to how the government market has impacted the access control industry.

However, because many agencies found that the different components they purchased to become compliant with the PIV standard didn’t work well together, the government recently introduced a new program called Federal Identity, Credential and Access Management (FICAM), which outlines the implementation of an endto- end access control solution where all devices are interoperable with one another.

In the healthcare market, there has been a push over the last two decades to improve patient privacy with the implementation of the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act. While these regulations are primarily designed to safeguard patient data in the age of digital information and cybercrime, the majority of data breaches are not the work of sophisticated hacking networks, but rather negligence on the part of healthcare employees. This means that physical access control measures within hospitals and other healthcare facilities has become critically important as it only takes one door being propped open to reveal a treasure trove of information to identity thieves.

As a result of the continually shifting threat landscape in these markets, security manufacturers and the products they develop must continue to evolve to meet changing requirements. Oftentimes, it takes collaboration between all parties involved—manufacturers, integrators and end users— to develop comprehensive and effective solutions that not only meet the requirements set forth, but can maintain and manage the system as technology advances.

Increased Convergence between Physical and Logical Access

The advent of IP technology has dramatically changed the way security systems are installed, managed and monitored. It has also brought the worlds of IT and security together in ways that some people could have never dreamed. One of these ways is combining technologies to enable access to the physical locations of an organization as well as their computer networks.

That’s not to say there haven’t been some challenges in getting the technologies lined up to provide an effective solution for end users; it’s been a tough sell in many ways. However, the value is certainly there as it simply makes sense for many organizations to have the capability of implementing a converged physical and logical access solution. Like other integrations, the value of the information that is present in a traditional access control system has applicability to the larger organization, and IT is one of those departments.

Despite the benefits that can be realized by bringing these two areas together, many companies have yet to understand how to take full advantage of this convergence. Meanwhile, solutions do not always deliver as advertised; therefore, untapped potential still exists. This will likely change, though, as organizations become more tech savvy and hold vendors accountable for what they need to be successful.

Mobility Comes of Age

The development of NFC technology has been touted by many vendors in the industry as the next great technological leap in access control. On the surface, this excitement is certainly understandable, given the proliferation of smartphones and other mobile devices as well as the increased desire by customers who want the same level of convenience and usability as commercial security solutions in home consumer devices. However, despite the high hopes for NFC access control, actual implementations have been slow to materialize for several reasons.

First, manufacturers have to be able to access the Secure Element (SE) of a mobile handset in order to embed a credential. To do so, companies have to enter into partnerships with wireless carriers. Secondly, a large portion of the smartphone market is dominated by the Apple iPhone, which until recently did not come equipped with NFC technology. Although the iPhone 6 and iPhone 6 Plus, which made its debut in stores last month, features an NFC antenna, it still remains to be seen if the company will grant security manufacturers access to an API for access control purposes. With that being said, there is now one less potential hurdle to wider adoption of NFC in the market.

“The announcement by Apple addresses one of the barriers the access control industry has faced with regards to NFC, i.e., loading an identifier onto the secure element,” IHS analyst Blake Kozak wrote in a research note published by the market research firm last month. “With the API mentioned by Apple, it is possible that access control manufacturers—among others in the supply chain—could load and command an identifier directly onto the secure element.”

In the meantime, developers have turned their attention to Bluetooth Low Energy (BLE) technology which has several advantages over NFC, including the fact that it is available on almost every mobile phone available today and because the SE doesn’t have to be accessed in order to have the secure credential placed onto it.

Regardless of which technology wins out, the trend toward increased convenience and mobile access is one that will continue in the market for years to come.

Advanced Capabilities Move to the Edge

While edge capabilities are not new to the industry, there are signs pointing to increased interest by end users in using these capabilities more so than they have in the past. As such, manufacturers need to be able to deliver platforms that have the power and flexibility necessary to provide advanced capabilities at the edge.

When it comes to access control, there are many functions that can be performed at the edge that can enhance value for the end user. For example, being able to display messages to users when they swipe their card at a door, and the addition of personalization and communication options are functionalities that vendors will look to improve upon as time goes by.

This article originally appeared in the December 2014 issue of Security Today.