Leveraging Data

Leveraging Data

Data from access control system may drive future security decisions

Campus security, both in a corporate and higher education setting, can be improved by leveraging data from access control systems to drive future security decisions. currently, these access control systems are used primarily for controlling and limiting entrance to buildings or areas within a facility. however, the data they generate is often overlooked to the detriment of physical security operations. access control data, if properly leveraged, can allow operators to detect, mitigate and prevent a variety of risks that extend beyond ingress and egress. if data attributes are parsed out for situations including employee, building, location and incident, when combined with third-party data sets, unique business and operational insights can be uncovered.


One application of using access control data is to profile risk on the campus based on empirical data rather than intuition or institutionally accepted best practices. Many interesting opportunities are possible for risk assessment using access control data. One example is to create an overall Building Risk Score by factoring in weighted variables such as the number of unauthorized access control alarms per building, volume and type of alarms, and the presence of sensitive locations or high-value assets such as a data center or research laboratory within a building.

More advanced algorithms will incorporate third-party datasets such as neighborhood crime, which can add context to the access control data. By combining the various variables, an algorithm can be developed to rank and score each building’s security risk, providing the security personnel with a proactive view of risk in the campus. The high-risk buildings can then be reviewed to ensure that they have the adequate staff levels, the appropriate security systems are in place or to understand if offices should be moved to a separate location. It is worth noting that over time, each building’s rank in the risk profile will change based on external environmental factors such as new construction and socio-economic dynamics on the periphery of the campus.


Another important risk consideration is the insider threat. Seventy-four percent of chief information security officers are concerned about employees stealing sensitive information according to SpectorSoft. Much of this happens when employees and students enter premises after hours or prior to separation from the company or educational institution. Data from access control systems can be parsed to pull out card holder information, providing valuable insight into employee and student behavior. For example, unauthorized alarms associated with employees and students can be visualized separately, which, when analyzed, show any number of patterns associated with their activity.

Sometimes, employees will have multiple access denials within a short time period indicating a potential problem with the employee’s access card or system set up. Other times, access attempts at odd hours of the day or night, when an employee is not scheduled to work, could be anomalous behavior and a sign of an insider threat. In fact, insider threat detection is enhanced when data feeds from human resources are available with termination dates for employees. When employees with a documented near term termination date display anomalous behavior, the probability of an insider threat event increases.


Cyber threats are increasingly becoming an issue. According to PricewaterhouseCoopers, there were about 30 to 40 percent more cybersecurity incidents in 2015 than in 2014. While cybersecurity today falls within the domain of IT, physical security professionals will soon have to worry about threats from cyberspace as physical security equipment increasingly becomes Internet-Protocol enabled and, thereby, accessible to hacks on the network and the internet at large. There is also the consideration of monitoring an employee’s physical and network presence.

Consider for example, the scenario where the access control system data has an employee gaining physical access to an office in Boston, but the network has that individual as being logged in with an IP address in Houston. Clearly, this is an anomaly and something to be investigated. Very few organizations currently test for anomalies in physical and network presence. In the future, this will become a requirement and access control data will play an important role.


Buildings in large and sprawling corporate campuses can generate up to two and a half million access control events per month, often leaving system administrators overwhelmed by the volume of alarms triggered and the amount of information coming in. Because of this information overload, operators often overlook important signals. One solution is to use risk profile indicators to designate areas of the campus as special “sensitive areas” that need to be watched carefully. The concept of zones can be introduced, which are a designated set of panels and readers corresponding to an area of the campus, a set of buildings or areas within a building that require special attention.

In these situations, analytics software can be configured to flag unauthorized access attempts in such vicinities. Special sensitive areas can be monitored to understand which employees and students used these facilities and when.


In addition, filters on alarm events can be set in these areas to enable a more proactive approach to systems events. For example, consider a scenario where a panel or reader has not been installed correctly. It will generate intermittent line communication errors but this error signal is just one of many generated each month.

If operators add an event filter to look for line communication errors, readers that may be malfunctioning will be detected and an operator can be dispatched to fix the problem, thereby, proactively securing access to a campus building in a designated sensitive area that might otherwise have been compromised because of equipment failure.


Combining video with incident data can significantly improve situational awareness. Consider this scenario: a recent review of an organization’s data log showed that attempted access to a door was denied. Within several minutes of this first attempt, doors nearby were forced open.

The assumption was made that an employee’s access card did not work, so a key was used instead to get into the area. There is a high probability that those were legitimate alarms, which should always be investigated and—if there was video—that footage would be used to verify the alarms.


Lastly, the data from an organization’s access control systems cannot only be used to improve security, but to improve workplace operations with an eye towards reducing cost. For example, an area of interest for many organizations is their office footprint. This is particularly true of organizations with flexible work plans or a large mobile workforce. Should the organization grow or reduce their physical space and, if so, in what ways?

Access control systems are one source of data which can help inform such a decision. They can be used to generate statistics such as the number of employees or visitors per building. Office spaces with a low employee-per-building ratio are candidates for consolidation, for example. These statistics can also help to determine the right level of workplace resource staffing per building. By harvesting access control data, and generating these statistics which can help reduce the cost of operations, physical security personnel create an opportunity to impact the business in ways larger than securing it.

This article originally appeared in the January 2017 issue of Security Today.


  • Cloud Adoption Gives Way to Hybrid Deployments

    Cloud adoption is growing at an astonishing rate, with Gartner forecasting that worldwide public cloud end-user spending will approach $600 billion by the end of this year—an increase of more than 21% over 2022. McKinsey believes that number could eclipse $1 trillion by the end of the decade, further underscoring the industry’s exponential growth. Read Now

  • AI on the Edge

    Discussions about the merits (or misgivings) around AI (artificial intelligence) are everywhere. In fact, you’d be hard-pressed to find an article or product literature without mention of it in our industry. If you’re not using AI by now in some capacity, congratulations may be in order since most people are using it in some form daily even without realizing it. Read Now

  • Securing the Future

    In an increasingly turbulent world, chief security officers (CSOs) are facing a multitude of challenges that threaten the stability of businesses worldwide. Read Now

    • Guard Services
  • Security Entrances Move to Center Stage

    Most organizations want to show a friendly face to the public. In today’s world, however, the need to keep people safe and secure has become a prime directive when designing and building facilities of all kinds. Fortunately, there is no need to construct a fortress-like entry that provides that high level of security. Today’s secured entry solutions make it possible to create a welcoming, attractive look and feel at the entry without compromising security. It is for this reason that security entrances have moved to the mainstream. Read Now

Featured Cybersecurity

New Products

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3