The Access Control Dilemma – Balancing Security, Convenience and Budget

The Access Control Dilemma – Balancing Security, Convenience and Budget

There are many different features with access control, and the technologies behind the platforms are ever-changing

 Physical access control has long been a key element of many facilities’ security strategies.  Noticeably the technology behind access control has continuously evolved, creating solutions that offer more security and convenience than ever before. From magstripe to contactless technologies and mobile credentials, the variety of solutions on the market can make selecting the right platform overwhelming. Choosing an access control system depends on the end user’s differing needs and requirements. While there’s no one-size-fits-all solution, the goal is to balance security and convenience for each facility, while complying with prevailing building and life safety codes and meeting budget considerations.

When comparing different brands and solutions, it is imperative to find out from the end user’s perspective how people will flow through the facility and to which areas these people should have access – and at what time of day.  In order to bridge any potential gaps in the access strategy, architects, distributors and general contractors will all need to be involved to ensure a smooth implementation process.

There are many different features with access control, and the technologies behind the platforms are ever-changing. When selecting the right access control solution for a facility, it is important to look at the evolution of these platforms – from mechanical keys to contactless technologies to the latest and greatest “intelligent” systems available on the market today. 

Mechanical Keys

Traditional keys have been used for access control dating back 6,000 years. While this low tech solution might seem obsolete, there are still many advantages to using the traditional mechanical key as part of one’s access control strategy. Locks and keys have worked well through the ages; they are easy to install, readily available and offer a simple and relatively secure access control solution.

However, anytime a key is lost, particularly a master or grand master key, the integrity of the system is immediately compromised. Carrying around more than one key is another adverse facet of using the traditional key as an access control solution. Keys can become a workable solution when there is a small number of people and/or doors or when they are used as part of a more comprehensive access control solution.

Magstripe Technology

Magstripe cards were first developed in the 1960s by International Business Machines (IBM) for U.S. government security purposes after IBM developed a way of adhering the magnetic tape with digital computer data to a plastic card via a hot stamping method.  It took a few more years of research and development but IBM’s engineering team created a machine that could quickly use the magstripe technology to create ID cards that were then utilized by banks, hospitals and other businesses.

Contactless Access Control

The 1990s saw the emergence of contactless technologies.  Proximity (prox) cards addressed some of the limitations of magstripe technologies. Prior to prox cards, physical contact between the readers and the credentials was required making it cumbersome and inefficient for end users, while demagnetized cards and physical wear on readers became time-consuming and costly for administrators.

The low frequency, 125 kHZ technology of the card allows for the card’s data to be detected when presented a few inches from the reader. These contactless cards offer remarkable reliability and longevity. Prox technology relies on radio frequency (RF) signals sent out from the reader. The cards themselves simply consist of an antenna, a capacitor, and a chip that stores the card’s unique ID number. When the card is presented to a lock, the reader translates the information from the card into a digital format read by either the lock circuitry itself (in a stand-alone environment) or a host panel/computer that makes the decision to authorize or deny a person’s entry. Prox technology can also be incorporated into diverse credential types such as key fobs, bracelets and wristbands, meaning users no longer require a physical card shaped credential.

While prox systems changed the access control industry by ushering in the proliferation of electronic access control due to lower maintenance costs, increased user convenience and new options for credentials, the technology still had its limitations. One of the largest of these is the technology’s widely-known security vulnerabilities. While prox systems will keep incidental visitors out, anyone with intent to breach the system can do so relatively easily. The credential is unencrypted, static and can be read in the clear, making it easy to clone or forge a card without the card holder ever knowing. The cloned card can then be used to open any door available to the original holder. There is also no direct means of determining if a system has been compromised, essentially worsening matters by providing a false sense of security. Another limitation is that prox cards cannot be encoded with anything other than the standard unique ID. While this might not seem like a major setback, newer technologies, such as smart cards, are able to store more information than just an ID number, such as a cashless vending debit value or a biometric template.

Smart Cards & Network Locking Solutions

Smart cards answer all the looming security questions posed by prox cards because they are encrypted. What does encrypted mean? The United States Department of Defense (DoD) approved Advanced Encryption Standards (AES) for smartcard technologies. AES is an encryption algorithm that has become the de facto encryption standard for commercial transactions in the private sector. This means that the cards and the readers talk the same encrypted language that cannot readily be hacked.

Some smart card systems have the capacity to both read and write information to the card at the lock or reader. This provides much better data security while creating greater flexibility for use in various applications. Multiple sectors on the card allow for storage beyond access control, including biometrics and cashless vending.

Smart cards used in some networked system provide flexibility by using smart credentials to transmit data between offline devices and head-end systems. This can be termed “virtual” networks. All user related information is stored on the smart credentials which act as carriers for the network. This eliminates the need to have wired or wireless locks at every secured opening and drastically reduces the overall cost of the access control system. Deciding between a virtual networked or wireless solution (or a combination of the two) will determine how the system is connected and updated. Smart technology can also be incorporated into diverse credential types such as key fobs, bracelets and wristbands, meaning users no long require a physical cred card shaped credential.

In cases where the possibility of immediate lockdown of an entire campus or facility is needed, either hardwired or wireless locks will need to be used. They also allow the user to lockdown an entire building very quickly by cutting access to all cards on the system while still granting emergency responders access.

Conclusion

Depending on the size and type of the structure being secured, along with knowing whether immediate lockdown is a prerequisite, will guide in correctly choose the product mix needed to secure a facility, whether it be purely mechanical, mechanical and standalone electronic, virtual networked or wireless/hardwired. Some manufacturers design their products and systems with scalability built in – meaning that as a facility’s security needs evolve they can upgrade their locking hardware with minimal aggravation and expense. Leveraging these new technologies provides a unique opportunity for contract hardware distributors, security dealers and installers to assist end users in customizing their access control system.

Featured

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

  • Access Control Technology

    As we move swiftly toward the end of 2024, the security industry is looking at the trends in play, what might be on the horizon, and how they will impact business opportunities and projections. Read Now

Featured Cybersecurity

Webinars

New Products

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3