In the Clouds -- Security Today

In the Clouds

How big is too big; the sky is the limit

By Jeffery Perri
Sep 01, 2017

Cloud solutions are changing the way businesses operate at almost every level. Their ease of implementation, access from anywhere and cost-effective pricing are making them the preferred solution for everything from marketing platforms to payroll administration to project management. Now, security solutions are joining this popular trend, including access control “in the cloud.”

Cost-conscious small- to medium-sized companies have been quick to embrace the many benefits of hosted access control. Larger, enterprise organizations, however, have been more guarded. With hundreds, or even thousands, of doors and access points, cloud solutions have the potential to deliver enormous savings, but concerns over whether the technology is truly “ready-for-prime-time” may have kept larger entities from taking the leap.

Until now.

A new generation of cloud-based access control solutions that offer centralized management, combined with redundant and decentralized system topology, highly secure communications, an open API for easy integrations, and complete “manage from anywhere” flexibility, matches the wish list of any large corporate IT or IS management team. System integrators have equal reason to take note; cloud-based access is highly cost-effective, significantly easier to install and configure, and allows integrators to play a more proactive role in providing on-going support.

Security That’s Actually Secure

A majority of CIOs and CTOs will tell you that concerns over cybersecurity threats are what keep them up at night. Combine that with the fact that between 80 to 90 percent of all cyber-attacks on small to medium-sized businesses are happening through their security infrastructure, and it’s no wonder enterprise businesses are leery of trying new solutions. In reality, it’s the tried-and-true standalone, network-based physical security software and devices that have proved to be most vulnerable. Attacks through video surveillance software, IP cameras and access control software have been well documented.

New cloud-based access control solutions that have been designed, from the ground up, with a security-first mindset can deliver in ways that IP-based solutions, that were designed 10 years ago and are now being retroactively adapted for cloud applications, cannot. For example, a 100 percent cloud solution should eliminate the need for public IP addresses to connect to, and opening ports across the network. This is a huge contrast to leading stand-alone IP access control solutions on the market, for which phishing websites can easily lead hackers right to the log-in screen for their systems.

New hosted solutions can also require hardware-specific authentication before connection with the cloud. A smart manufacturer will make sure that each customer’s system connects to the cloud using a unique key embedded in its hardware, so that even if one server is compromised, the rest of its customers are not vulnerable.

Cloud solutions, as well as any access control solution, can (and should) require two factor authentication for all users with administrative privileges. A system that requires a combination of biometric data, texting codes or even physical hardware keys is going to go a long way toward ensuring that the wrong people don’t gain access to the system.

Reliability, Redundancy and Responsiveness

Access control solutions must be absolutely fail-safe, which begs the question, “With a cloud solution, what happens when the internet goes down?” What might initially seem catastrophic is actually no big deal when using a well-designed, smart cloud solution with local redundancy. If system-wide data is always backed up and stored, on site, by a local node, then loss of internet connectivity only degrades the ability to log into the system remotely and make changes to settings. On-site operability remains fully functional. Once internet connectivity is restored, all controls are restored and the local node will re-sync with the cloud platform.

What about operating a system, or portions of a system, from a location that has unreliable internet access? Or none at all? Some cloud access control manufacturers now offer GSM modules that connect to the cloud via a cellular connectivity.

As for system reliability and responsiveness, be sure to ask any cloud solution provider about its hosting platform. What sort of infrastructure is in place to deliver consistently fast usability time, to accommodate for spikes in network traffic and possible server attacks? If proper attention has been paid to these concerns, then cloud solutions can deliver reliability and responsiveness on par with any stand-alone system, with the added benefit of universal accessibility, and true security.

Enterprise Features and Functions

After passing muster for security and reliability, cloud-based access control must deliver the functionality demanded by sophisticated IT management teams looking for operational flexibility, integration options and ease-of-use. This is where hosted solutions really excel. But in discussing these capabilities, it is important to differentiate between 100 percent true cloud-based systems versus more traditional IP systems that offer a mobile module. In the case of the latter, phone apps or thin-client, browser-based platforms that allow users to manage stand-alone systems “from anywhere” typically do not provide full control. There is still the need for an on-site server to deliver the solution’s highest level features.

In a pure cloud solution that has been engineered, first and foremost, for the mobile user, the user experience is going to be 100 percent the same whether logging in from phone, tablet, laptop or desktop. Many of the features and functions discussed here pertain exclusively to these types of systems.

Let’s begin with flexibility. By definition, cloud systems offer unparalleled flexibility in how and where they can be accessed. And this benefit isn’t just limited to system administrators. Accessibility means that cloud systems can be more easily supported and serviced by system integrators and manufacturers. For example, cloud systems designed with health monitoring capabilities can alert the system integrator, as well as the in-house IT team, when any problems arise. These might relate to lost connectivity to a controller, power supply status, or even low battery life. Automated communications like these allow dealers to provide support that is proactive, rather than reactive. Plus, if unusual challenges arise that are beyond the normal capabilities of the dealer, with consent the manufacturer can also provide remote consulting and support.

System configuration and integrations are also simplified. When an integrator goes on site to install a system, he can use configuration tools built into the app to facilitate set up. All the tools are right there in his phone or any web-enabled device. For example, he can discover all available wireless devices, do a test to make sure a door is within range, and even click “relay” to see physical action at the door and monitor dB gain.

Once hardware is in place, a 100 percent cloud solution should require zero onsite configuration. Again, the app provides all the tools necessary. The integrator sets up initial users and their administrative permissions, and once they accept the invitation, they can add, change and delete access rights, even from a mobile device. It’s truly plug-and-play. It’s equally easy to upload large employee databases, create groups, time zones, create partitions, and use the rules engine to make the system do whatever is desired.

Now, to the topic of integration flexibility. The delineation between physical security solutions, network security, cybersecurity, and solutions like building management and life safety systems, continues to blur as the IoT (Internet of Things) encompasses more and more devices. Integration is easier, and can deliver more capabilities, when systems are designed to communicate with each other, and cloud-based solutions are predisposed for this type of functionality. Hosted access control solutions can more easily integrate with a wide range of platforms, and can even seamlessly integrate with standalone solutions.

For an IT manager looking to streamline operations and consolidate solutions, cloud-based platforms make that task infinitely easier. Look for cloud-based access control to integrate with lock systems, video surveillance, HR and payroll systems, visitor management, billing systems and much more.

Paths to Migration

For large companies looking to upgrade their physical security infrastructure, the sunk costs of hardware already installed might make the proposition of “going cloud” seem prohibitive. Cloud solutions often offer compatibility with all your existing hardware, and do not require an all-or-nothing investment. Initially, only controllers need to be swapped out, and these can be connected via existing cabling. These then get connected to a “cloud node” facilitating the physical connection to the hosted platform.

Once this has occurred, the customer can run the new controllers indefinitely. As all software is automatically updated, the hardware never becomes obsolete and the system never goes out of date. If, at some point in the future, there is a desire to further upgrade the system’s hardware, or to add additional doors using wireless connectivity, both legacy and new components can operate through centralized management, with seamless interoperability.

The Bottom Line

As mentioned at the beginning of this article, the financial benefits of cloud solutions are well known; it’s one of the primary reasons that the industry-leading business solutions are now hosted.

Access control is no different. Compared to stand-alone solutions, it is significantly less expensive to install, operate and maintain. However, for the enterprise customer, price is not enough. When it comes to access control, decision makers must feel fully confident that any quest to save dollars on a cloud solution doesn’t compromise their corporate security, diminish their functionality or limit their future options for expansion and integrations.

The new generation of cloud-based access control should go far beyond putting these concerns to rest. In fact, look to cloud-based access control to redefine the category, establishing a higher level of expected features and performance, as required by even the most demanding, enterprise customers.

This article originally appeared in the September 2017 issue of Security Today.

IDIS Americas Continues Expansion With Technology Innovation and Growing Team Ahead of ISC West
01/31/2025
Paxton Announces New US Headquarters in Greenville, SC
01/31/2025
Napco Introduces New StarLink Signal Strength/Site Survey Tool
01/30/2025
Arrow Security Adds Two Security Industry Leaders
01/28/2025
Security Industry Association Releases New and Enhanced Privacy Resources on Data Privacy Day 2025
01/28/2025
Security LeadHER Opens Call for Speakers and Registration for 2025 Event
01/24/2025
Stronger Together: Stone Security, BearCom Team Up
01/23/2025
Genetec Named One of Canadas 2025 Top Employers for Young People
01/22/2025

Featured

5 Tips to Improve Your Password Security

Change Your Password Day is right around the corner. Observed every year on February 1, the day aims to raise awareness about cybersecurity and underscores the importance of keeping passwords strong and up to date. Read Now
- Cybersecurity
Enhancing Port Security

DP World Yarimca, one of the largest container terminals of the Gulf of İzmit and Turkey, is a strong proponent of using industry-leading technology to deliver unrivaled value to its customers and partners. As the port is growing, DP World Yarimca needs to continue to provide uninterrupted operations and a high level of security.To address these challenges, DP World Yarimca has embraced innovative technological products, including FLIR's comprehensive portfolio of security monitoring solutions. Read Now
- Infrastructure
Hot AI Chatbot DeepSeek Comes Loaded With Privacy, Data Security Concerns

In the artificial intelligence race powered by American companies like OpenAI and Google, a new Chinese rival is upending the market—even with the possible privacy and data security issues. Read Now
- Artificial Intelligence
- Cybersecurity
Survey: CISOs Increasing Budgets for Crisis Simulations in 2025

Today, Cyber Performance Center, Hack The Box, released new data showcasing the perspectives of Chief Information Security Officers (CISOs) towards cyber preparedness in 2025. In the aftermath of 2024’s high-profile cybersecurity incidents, including NHS, CrowdStrike, TfL, 23andMe, and Cencora, CISOs are reassessing their organization’s readiness to manage a potential “chaos” of a full-scale cyber crisis. Read Now
- Cybersecurity

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

ComNet CNGE6FX2TX4PoE

The ComNet cost-efficient CNGE6FX2TX4PoE is a six-port switch that offers four Gbps TX ports that support the IEEE802.3at standard and provide up to 30 watts of PoE to PDs. It also has a dedicated FX/TX combination port as well as a single FX SFP to act as an additional port or an uplink port, giving the user additional options in managing network traffic. The CNGE6FX2TX4PoE is designed for use in unconditioned environments and typically used in perimeter surveillance.
Camden CM-221 Series Switches

Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.
Mobile Safe Shield

SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.