The Next Big Step

The Next Big Step

Of all the megatrends being discussed within the security industry right now—from IoT to the Cloud to edge analytics— there is one technology among them that is most likely to have an immediate impact on the way businesses and facilities of all sizes operate: mobile credentials.

Individuals have found that their phones and other smart devices can be used in their own homes to operate locks, and—along with the push for more IoT-enabled devices at work in general—they have come to expect the same level of sophistication and convenience at work.

But traditionally in the business realm, mobile credentials for access control were used only by the largest of enterprises. This was due to the ability of large corporations to issue company-controlled devices to employees while also allowing a credentialing systems administrator to manage both the software and hardware. Or, in some cases, corporations planned and managed an effective BYOD (bring your own device) policy. Still, the cost of the system and the training required to use it served as barriers to entry to all but the most sophisticated systems administrators.

But the landscape has changed. As this demand increases through home use of these technologies, the learning curve to train individuals on mobile applications has become far less demanding.

Further, the cost of implementation has fallen sharply in recent years. With mobile credentials becoming more dynamic and consumable, we’re starting to see the technology trickle down from those large enterprises into the rest of the market. The instances of mobile- supported product and device solutions have also increased substantially, making the deployment and use of the credentials more attractive and impactful to businesses. Because of this trickle-down use in large enterprise and the expectation of use in the home, the pressure to adapt to the technology is now being felt on both sides to adopt to the new normal. The expectation for mobile applications for credentials among employees, residents, students, contractors, and visitors will drive security in the coming years from what has traditionally been hardware-based access control, to a new way of doing business.

New Ways of Doing Business with Mobile Apps

Mobile credentialing has the potential to improve overall business operations by allowing businesses and facilities to manage their workforce more efficiently with the process they use to distribute credentials. Physical key systems are extremely cumbersome to manage properly. Physical keys are difficult to distribute and track, and if lost, can result in an unsecured building or the added cost and difficulty of rekeying doors. In addition, there is no audit trail or way to know who accessed what.

By moving to a digital credentialing system, enterprise customers can utilize visitor management systems, offer expiring keys to contracted employees, and manager their own workforce through personal and company devices.

For universities, these benefits are largely the same. Credentials are offered to individuals via a mobile application and can be set to expire at the end of a semester. This also provides a much more secure solution, since college students are far less likely to part with their smart phones than they are to pass off their campus ID or key card to let someone else into their residence hall. They are also far less likely to misplace or forget their smart phones, reducing lockouts and the need to issue new cards.

There is a further increase in efficiency gained by sending a credential over an encrypted connection to a secure element in the user’s phone or mobile device. This is an improvement to having individuals report to an office that may potentially be offsite. For businesses or campuses that have multiple locations across a city, state or the country, the ability to leverage credentialing in this way is an incredible timesaver for both the facility management staff and the credentialed user.

Plan Ahead for These New Expectations

So, while there are both business benefits and customer demand driving the use of mobile applications for facility security, there is also a practical plan that enterprises can employ to ramp up to providing the technology: install door and opening hardware that works with current credentials and mobile applications.

By implementing and installing mobile-ready hardware for access control that works with multiple credential types, the owner of a facility can serve their existing access and identity management methodology while also planning for the future.

ASSA ABLOY addresses this need by offering a wide range of access control locks that support a wide range of credential types and HID Mobile Access. HID Mobile Access leverages Seos as the underlying credential technology to offer the freedom of using your device of choice—from smart cards to smart phones—for secure access to more applications. It also provides the confidence of best-inclass security and privacy protection.

By installing door and opening hardware that uses Seos, security professionals can blend traditional systems with new mobile applications and mobile credentialing.

With hardware ready for this potential change, the ability to move toward mobile credentials is as simple as introducing the application to users.

Practical Next Steps

For any new building, or any upgrade or retrofit, security decisions need to start with the credential. In the past, that meant deciding between the use of legacy hardware, such as mechanical locks and keys, or using new electronic access control components.

Today, that means implementing a solution that can be futureproofed to prepare for the demand of mobile credentialing through a mobile application. Even if you aren’t prepared to move to the system now, the planning to provide that in the future can begin today.

For integrators and engineers, that decision needs to be made with the owners, facility managers and network administrators all in one room. Many mobile-ready locks are IP-enabled and use existing network infrastructure to connect to the access control system. IP-enabled locks have a minimal impact on the network, making the ability to integrate a solution much less daunting than many imagine. This can be explained at the start of the project when a credentialing decision is being made, offering the opportunity to future-proof the system.

The bottom line is that the expectation of end-users to use mobile security applications as mobile credentials is here. And the ability to meet those expectations is available. But if you aren’t prepared to make the leap immediately then good planning, and future-proofing your hardware, means you won’t be left behind when the expectation for mobile applications becomes the new normal.

This article originally appeared in the October 2017 issue of Security Today.

Featured

  • Survey: 54% of Organizations Cite Technical Debt as Top Hurdle to Identity System Modernization

    Modernizing identity systems is proving difficult for organizations due to two key challenges: decades of accumulated Identity and Access Management (IAM) technical debt and the complexity of managing access across multiple identity providers (IDPs). These findings come from the new Strata Identity-commissioned report, State of Multi-Cloud Identity: Insights and Trends for 2025. The report, based on survey data from the Cloud Security Alliance (CSA), highlights trends and challenges in securing cloud environments. The CSA is the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment. Read Now

  • Study: Nearly Half of Companies Exclude Cybersecurity Teams When Developing, Onboarding and Implementing AI Solutions

    Only 35 percent of cybersecurity professionals or teams are involved in the development of policy governing the use of AI technology in their enterprise, and nearly half (45 percent) report no involvement in the development, onboarding, or implementation of AI solutions, according to the recently released 2024 State of Cybersecurity survey report from ISACA, a global professional association advancing trust in technology. Read Now

  • New Report Series Highlights E-Commerce Threats, Fraud Against Retailers

    Trustwave, a cybersecurity and managed security services provider, recently released a series of reports detailing the threats facing the retail sector, marking the second year of its ongoing research into these critical security issues. Read Now

  • Stay Secure in 2024: Updated Cybersecurity Tips for the Office and at Home

    Cyber criminals get more inventive every year. Cybersecurity threats continue to evolve and are a moving target for business owners in 2024. Companies large and small need to employ cybersecurity best practices throughout their organization. That includes security integrators, manufacturers, and end users. Read Now

Featured Cybersecurity

Webinars

New Products

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area. 3

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities 3

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation. 3