Growing Adoption
Cloud and trusted identity technologies drive more intelligent customer experiences
- By Ian Lowe, Mark Robinton
- Sep 01, 2018
Cloud platforms and trusted
identities are emerging as the
fundamental building blocks
for creating secure environments
that more effectively
connect an organization’s people, places and
things. Organizations who embrace the power
of the cloud, combined with mobile and
IoT technologies, will redefine the user experience.
At the same time, these technologies
enable more unified credential solutions, and
they pave the way for significantly improving
workplace services and business processes.
One of the drivers for cloud adoption is
that cloud security has expanded significantly.
As confidence in these platforms grows, demand
is rising to use trusted identity solutions
in the cloud and benefit from its many
advantages. Adoption will escalate with increased
awareness of the cloud’s ease of deployment,
flexibility, connectivity options and
productivity benefits. Cloud-based platforms
will provide the backbone for adding new and
emerging technologies while improving how
identity solutions are delivered. They also will
give organizations greater flexibility to upgrade
their security infrastructure, scale it as
they grow, improve efficiency and adopt new
lower-cost managed service models.
Cloud-based platforms will fuel new solutions
that expand choices for organizations to
get the most out of their investments. Among
the most attractive options are solutions that
provide location services so that organizations
have more information about how their
buildings are used for workplace optimization.
Organizations are adopting technology
that expands how building occupants and
tenants engage, interact and work in new
intelligent workspaces. In addition, such innovations
enable facility managers to proactively
provide a safer working environment,
achieve a smarter building equipment maintenance
experience, and comply with myriad
of local and federal inspection mandates.
Another benefit of the cloud is that it
creates the opportunity for new managed
service models. As an example, cloud-based
ID card issuance platforms that give users the
option for hardware, software and other resources
to be leased and their costs bundled
into a service offering billed on an annual or
monthly-installment basis are now available.
The service model not only cuts multiple layers
of program costs but also makes it easier
for administrators to scale the card office to
accommodate future technology capabilities
or changing volume demands. Administrators
can opt to have commercial printing bureaus
produce large card batches during peak
demand periods. In general, cloud-based
services deliver all the benefits of centralized
issuance control and visibility along with the
option of performing distributed or batch
printing, while improving user convenience.
This model is particularly attractive to
large healthcare and university campuses. At
the university level, campus cards have long
enabled users to buy meals, check out library
books, open dorm room doors, and more.
These institutions are seeing the benefits of embracing the cloud to evolve the way in which campus cards are
being issued. Instead of issuing cards using one or more PC workstations,
each connected to a nearby printer, universities are making
a shift to cloud-based solutions for a new, remote card issuance experience.
This move is also transforming ID card printers into edge
devices within the Internet of Trusted Things (IoTT).
An even broader range of capabilities are possible when cloudbased
platforms are combined with mobile technologies and the IoT.
A Mobile Tipping Point
Mobile access control is gaining popularity as solutions mature,
and are integrated into other systems. Until recently, the notion of
a credential on a mobile device was a niche for a small segment of
the market. However, their ability to provide greater operational efficiency,
enhance the user experience, deliver increased security and
integrate with other systems has now positioned mobile access as a
strong option for many organizations in the mass market. Demand
will be greatest in the following use cases: opening doors with a
smartphone; using a mobile device as an authenticator for applications
such as identity verification to protect online banking applications
or while accessing a digital network; or carrying an ID such as
a driver’s license on a phone.
The more mobile form factor options there are for carrying trusted
identities, the better, so that organizations can support the broadest
range of use cases. Smart watches and personal biometric devices
are the most common wearables for use in the enterprise environment
today, and the extended use of wearables for enterprise access solutions
continues to be part of the conversation. These devices are getting
smarter and more common with support for a growing number
of applications.
Other mobile access benefits will become evident, especially as
solutions are integrated across whole buildings and campuses. The
technology will prove its ability to enhance user convenience on a
large scale, and the shift to verifying identities via mobile phones will
also reveal a trend toward digital cohesion, in which everything is
interconnected and available on an app—from verifying login to a
bank account or VPN, to using a phone as a mobile driver license, to
verifying the authenticity of a physical credential.
Embracing advanced technology has not been limited to mobile
credentials alone; the move away from de facto Wiegand to the Open
Supervised Device Protocol (OSDP) standard is also poised to be a
major disrupter for access control. High profile exposure of legacy
Weigand vulnerabilities, coupled with the desire for a more connected
experience when managing readers, has driven demand for the
OSDP standard.
Although NFC offers an attractive alternative to consider for the
future in access control, Bluetooth remains the only ubiquitous communication
standard that enables cross-platform support for mobile
access today. Still, organizations investing in infrastructure today are
considering readers that support both communication standards to
be ready to embrace new experiences as the mobile device industry
changes rapidly. Access control reader technology will also adapt to
leverage the power of mobile technology and cloud platforms. Organizations
will use a mobile device to provision readers, inspect installed
readers and detect their current configuration, upgrade them
to new capabilities and/or revoke access to them.
More Connected Experiences in the IoT
More than ever, smartphones carrying trusted IDs are enabling a
growing range of other secure, on-the-go smart building management
capabilities that connect the world of people with the world
of things. For instance, a new class of security solutions adds trust
to NFC tags that can then be affixed to mechanical keys and also
positioned at locations throughout a facility so that, as an example,
key checkout can be automated and guards on patrol can log their
presence at a security checkpoint using cloud-based authentication.
Organizations can combine this same technology with Commercial
Maintenance Management Software (CMMS) solutions to enable
secure transactions between fire and safety equipment and online
maintenance systems to help simplify fire and safety processes
and facilitate compliance to city mandates.
Today, using BLE beacons, cloud services and current mobile networks
has also significantly reduced the infrastructure costs to deploy
smart building IoT applications. BLE–to-Wi-Fi location services provide
facility managers with real-time visibility into when a specific
area is being used throughout the workday to assist in space planning
and overall building use—from individual offices and shared workspaces
to heavily used conference rooms.
For example, building occupants and visitors can easily navigate
throughout a facility using location services for directional assistance,
making it easier to collaborate, locate team members, and instantly
find meeting spaces. IoT-based innovations can also add another level
of security by enabling facility managers to assign access to specific
secure zones in a room, manufacturing floor, or any area that requires
an additional layer of zone-based security.
There are many opportunities for organizations to these capabilities
across a number of vertical markets and requirements. For example,
healthcare organizations can use real-time location services
to optimize workflows in emergency departments and clinical operations
and provide wayfinding for patients and visitors navigating
the hospital. Access control systems are also being extended to create
more activity-aware environments in industries such as oil & gas,
where it is crucial for security teams to receive the precise location of
employees during emergency or “man down” situations.
Combining mobile technologies, trusted identities and the cloud
will have a dramatic impact on the workplace. It will fuel more intelligent
environments and even more comprehensive secure identity
experiences that are easier to deliver and manage.
This article originally appeared in the September 2018 issue of Security Today.