Going Mobile

Industry Vertical

Going Mobile

Security threats are growing at the same time that users are demanding the ability to confidently connect to and use more applications, on the go, than ever before, with a single, trusted ID that can be carried on a smart device. They want a seamless and consistent experience across a growing range of access control, authentication and Internet of Trusted Things (IoT) applications.

Meanwhile, the IoT is transforming consumer applications like personal fitness, home automation and the connected car, and spurring significant changes throughout the modern facility as offices, hospitals, manufacturing plants and college campuses all get smarter, and the workforce inside these facilities is becoming more mobile and connected than ever before, and embracing this mobile revolution and the IoT will deliver valuable benefits, while simultaneously posing challenges as organizations face potential threats to their security, facility processes, and operational integrity.

A Shift in the Use of Trusted Identities

With growing adoption of mobility and the IoT, there is a shift underway in the use of identity technology. This shift will lead to increased adoption of mobile devices and the latest smart card technology, a greater emphasis and reliance on the cloud, and a radical new way of thinking of trust in smart environments and the IoT. This shift will precipitate the move from legacy systems to NFC, Bluetooth Low Energy (BLE) and advanced smart card technologies to meet the evolving needs of organizations worldwide. Ultimately, there will be a transformation in the way trusted identities are used, particularly in industries focused on regulatory compliance such as government, finance and healthcare markets.

A number of trends are emerging. As organizations seek to use the broadest range of smart devices possible, it directly impacts how customers view and use trusted identities, across more activities in more connected environments. Users will want to open doors, login to cloud resources, access print jobs and conduct other daily activities using trusted IDs on their phone, wearable or smart card.

The industry will look toward complete identity relationship management that considers the need to grant access based on context and circumstances across the trusted identities assigned to people, devices and things in smart offices, buildings and other environments that are becoming more connected. There will be a greater emphasis on the cloud to create common management platforms for digital IDs, and organizations will recognize the interdependencies of technologies and platforms required to provide a better user experience.

As multi-factor authentication for physical and IT access control merges into integrated systems that provide a more convenient and secure user experience, this model will also make it easier for administrators to deploy and maintain an integrated system throughout the complete identity lifecycle. Credential issuance for physical ID cards will also experience a digital transformation, as the use of cloud technologies will enable managed service models for badge printing and encoding.

Finally, emerging IoT uses cases will increase the need to ensure the security of an Internet of Trusted Things (IoTT). Trusted identities will help secure, customize and enhance the user experience across a growing range of industry segments that are embracing the power of the IoT. Organizations are looking to streamline processes and operations using real-time location systems, presence- and proximity- based location functionality, condition monitoring solutions, beacons and cloudbased models leveraging emerging solutions that secure IoT use cases. Emerging solutions will also advance existing secure proof of presence capabilities to include the predictive analytics and functionality based on location-based technologies.

In parallel with these activities, there will be a growing awareness that new identity challenges have arisen in applications where mobile access control meets the IoTT.

New Identity Challenges at Intersection Between Access Control and the IoT

A major concern among facility managers is that the links between systems and assets will be compromised in the IoT. The industry has already alleviated these fears in access control applications with the advent of trusted identities that are communicated over protected channels using the latest cryptographic algorithms. Readers and credentials are now essentially trusted devices that are connected to the facility’s access control system. More recently, smartphones have similarly become trusted credentials that can be connected to these systems through the cloud.

Early Successes

An early example of how access control and the IoT are merging is the use of mobile access technology to help facility managers efficiently control HVAC systems based on a person entering or exiting a suite or common area using a mobile ID. The HVAC and energy management systems will automatically adjust the settings, for example, turning off lights when the last person leaves the area. This is what integrator Datawatch Systems is doing for its customers with a combination of its Datawatch Direct Access System and HID Mobile Access. In the future, Datawatch is exploring further mobile access control integration with more building utility systems.

The same trusted identities used for access control can be extended to other IoT applications for numerous additional smart building activities. A prime example is automating maintenance management systems that are physically linked to fire and safety equipment, heating and cooling systems and other critical, high-value assets. For decades, RFID transponders have connected these physical assets to business applications, enabling organizations to manage and track inventory levels and improve operational process efficiency. Now, mobile devices can be combined with trusted tags and cloud authentication to secure cloud maintenance management software (CMMS) applications.

Users tag equipment to connect it to the Internet, enabling technicians to then use their mobile devices to simply tap the tag in order to access these cloud-based CMMS applications. This model also makes it possible to track the service start time, duration and status of completion to improve billing accuracy. From the initial tap to initiate service to the final tap that closes the ticket, the previously manual process is now fully automated, improving workflow while minimizing any disruption of equipment productivity.

Marrying access control with IoT applications using trusted identities promises to make systems and applications much easier to use. The ability to secure CMMS and other IoT applications will make entire processes much more seamless and easier to manage from initiation to followup, resulting in a more responsive and productive mobile workforce.

A key requirement moving forward will be the ability to implement identity-proofing with an unbroken chain of trust for all access control transactions in both the physical and digital worlds, and to base this chain of trust on an ability to verify claims of true identity, rather than simply verifying ownership of a digital identity that someone might be using fraudulently. With this foundation in place, trusted ID solutions will be poised to make daily life easier and more productive in the physical and digital worlds and the IoTT, for today’s increasingly mobile users who continue to be the most important elements in any security strategy.

This article originally appeared in the April 2017 issue of Security Today.


  • Report: 15 Percent of All Emails Sent in 2023 Were Malicious

    VIPRE Security Group recently released its report titled “Email Security in 2024: An Expert Look at Email-Based Threats”. The 2024 predictions for email security in this report are based on an analysis of over 7 billion emails processed by VIPRE worldwide during 2023. This equates to almost one email for everyone on the planet. Of those, roughly 1 billion (or 15%) were malicious. Read Now

  • ASIS Announces ANSI-Approved Cannabis Security Standard

    ASIS International, a leading authority in security standards and guidelines, proudly announces the release of a pioneering American National Standards Institute (ANSI)-approved standard dedicated to cannabis security. This best-in-class standard, meticulously developed by industry experts, sets a new benchmark by providing comprehensive requirements and guidance for the design, implementation, monitoring, evaluation, and maintenance of a cannabis security program. Read Now

  • ISC West Announces Keynote Lineup

    ISC West, in collaboration with premier sponsor the Security Industry Association (SIA), announced this year’s dynamic trio of speakers that will headline the Keynote Series at ISC West 2024. Read Now

    • Industry Events
  • Government is Top Targeted Industry for DDoS Attacks in Q4 2023

    The government sector experienced a surge of DDoS attacks in Q4 according to Lumen Technologies (NYSE: LUMN), a global leader in integrated network and cybersecurity solutions. The Lumen Quarterly DDoS & Application Threat Report for Q4 2023 analyzes data from its DDoS mitigation platform and application protection partner, ThreatX, to provide an overview of the DDoS and application-layer attacks that targeted organizations in the last quarter of 2023. Read Now

Featured Cybersecurity


New Products

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles. 3

  • Hanwha QNO-7012R

    Hanwha QNO-7012R

    The Q Series cameras are equipped with an Open Platform chipset for easy and seamless integration with third-party systems and solutions, and analog video output (CVBS) support for easy camera positioning during installation. A suite of on-board intelligent video analytics covers tampering, directional/virtual line detection, defocus detection, enter/exit, and motion detection. 3

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3