Creating Cloud Platforms
Access control and trusted workplace share responsibility of innovation
- By Hilding Arrehed
- Oct 01, 2018
Cloud technologies are giving people access through
their mobile phones and other devices to a variety
of new experiences, while making their workplaces
smarter and more data-driven. With the advent of
identity- and location-aware building systems, virtual
assistants, and “personal IoT” solutions that recognize people and
customize their office environment based on deep learning analytics,
the workplace is undergoing a period of unprecedented change.
Until now, though, these capabilities could generally only be developed
and delivered on an office-by-office, facility-by-facility or, at
most, company-by-company basis. This all changes as mobile identities
move towards greater adoption plus when an installed base of
millions of physical access control system (PACS) readers, controllers,
panels and locks, worldwide, are connected to the cloud and IoT
and married with location services capabilities. This trifecta provides
the opportunity to create a common cloud platform upon which developers
can build, deliver and manage innovative and data-driven
trusted workplace solutions.
Physical Access Control Transformation
It has been estimated that by 2020, 20 percent of physical access control
solutions will be shaped by mobile technology and cloud architectures.
Early adopters such as universities and co-working spaces
are now even moving to “mobile-only” access-control system models
due to the benefits around integrating numerous applications into a
unified mobile experience.
First, cloud-based platforms will ensure identity-aware, seamless
and more consistent service delivery and user experiences while improving
how identity solutions are delivered. For example, bridging
biometrics and access control has been challenging in the past, because
it requires a trusted platform designed to meet the concerns of
accessibility and data protection in a connected environment. These
barriers can be addressed through a secured and connected cloud architecture
that can remotely manage all readers and users (including
onboarding, template loading and enrollment activities for supported
authentication modes).
Second, cloud platforms will provide the backbone for quickly
adding complimentary applications like secure print, virtual photo
ID, and vending as well as other access control use cases and emerging
permission-based transaction capabilities yet to be developed.
These platforms also give organizations greater flexibility to upgrade
their security infrastructure, scale it as they grow, improve maintenance
and efficiency, and get the most out of their investments. Key
among these is a location services platform that delivers high-value
data for a host of new applications and capabilities.
A third benefit of multi-tenant cloud platforms is the opportunity
to adopt new, more flexible subscription models that could enable
users to more easily replenish mobile IDs if their smartphones are
lost or must be replaced. These models have the potential to streamline
forecasting, budgeting and reporting while pushing mobile credentials
from a product-based model to more of a service-based approach
(which also helps organizations move cost from a CAPEX
budget to a “pay-as-you-need-it” OPEX line item). Mobile ID subscriptions
have the potential to be transferrable across an organization’s
employees, and they can be more convenient for administrators
to register multiple mobile IDs across multiple devices—whenever
they need to and without having to place replenishment orders.
Another example can be seen in cloud-based ID card issuance
platforms that give users the option for hardware, software and other
resources to be leased and their costs bundled into a service offering
billed on an annual or monthly-installment basis. The service model
not only cuts multiple layers of program costs but also makes it easier
for administrators to scale the card office to accommodate future
technology capabilities or changing volume demands.
Finally, cloud-based access control will be accompanied by simplified
development environments that are designed for easy integration
into vertical solutions. This will fuel innovation and a new way
to look at workplace design as the convenience of mobile apps is
married to the power of insights derived from data analytics (from
both location services and access control devices that are connected
throughout the workplace). The result: a more intuitive and seamless
service delivery, better workflow planning, regulatory compliance, remote
hardware configuration, predictive access control system maintenance
capabilities. This is in addition to other exciting new operational
advances that will benefit the entire access control chain—from
application developers to end customers.
Enabling a New Chapter in
Physical Access Control
Millions of installed physical access control devices are poised to become
a global cloud platform for trusted workplace innovation. They
first must be connected to the cloud and supported by software developer
kits (SDKs) and open application programming interfaces (APIs).
To enable these connections to cloud-based services, IoT functionality
will be embedded in access control panels as app extensions.
With these IoT connections, access control systems will deliver realtime
data to the cloud, which will facilitate remote diagnostics and
a more predictive approach to system maintenance and help protect
against emerging vulnerabilities.
The complexity of reader configuration will be dramatically simplified:
no longer will it be necessary to guess at the current reader
configurations or make manual and time-consuming changes to
them. Cloud-connected readers will enable remote inspection or
changes to the reader configuration and updates to reader firmware.
These cloud connections will also enable access control systems
to join advanced smart building solution set through cloud-based
monitoring applications that deliver robust analytics capabilities used
to proactively pinpoint and troubleshoot potential system failures.
The applications will also monitor secure connections between access
control peripherals and trigger firmware updates to address potential
cyber threats.
With a cloud connected hardware foundation in place, there will
also be a faster, more simplified path from design to deployment,
transforming how products and solutions are developed, marketed
and scaled across the enterprise, as well as how they are adopted and
used. Developers will shift from having to create an entire vertically
integrated solution to simply layering an app experience on top of
an existing access control infrastructure already connected in the
cloud and made easily available through APIs and SDKs. This will
fuel market-making opportunities as new players are attracted to the
space beyond traditional physical and IT security integrators, resulting
in a richer and more vibrant development community focused on
bringing to market new and innovative solutions. This community
will be supported by new kinds of tools and services for integration
enablement and support as compared to the traditional physical access
control marketplace.
With this model, the industry will move beyond siloed security
and workplace optimization solutions to simplicity, scalability and
universality of mobile apps that can be downloaded anywhere across
a global footprint of millions of compatible physical access control
system endpoints that are all connected in the cloud and IoT.
The relationship between PACS technology suppliers and their
integration partners will also evolve. A growing developer community
will be able to access a comprehensive offering of integration enablement
services, access control cloud services, engineering and IT/
operations resources, sales and pre-sales support, and other customer
care support (see Fig. 2).
An Early Adoption Path
Among the most attractive early adoption paths for leveraging cloud platforms in access control are co-working solutions that enable building occupants
to use their smartphones to access facilities,
book desks, private offices and meeting
rooms, and unlock them at the time of their
specific appointment.
One example of this type of co-working
environment is the Deskopolitan office building
in Paris, which serves entrepreneurs who
need professional, reliable working spaces to
build their businesses. Deskopolitan uses HID
Mobile Access to enable building occupants
to access their co-working campus in the heart
of Paris, conveniently and securely, expanding
how occupants and tenants engage, interact
and work in their more intelligent workspaces.
Deskopolitan can easily provision or revoke
mobile IDs, streamlining management with
zero compromise on security.
In a similar example, the international
property management group Skanska is
using HID technology for secure access
throughout its new office complex. The company
selected HID Mobile Access due to the
ease of integrating all of its building applications
into a unified mobile experience, including
secure access to its parking garage,
virtual reception capabilities, access to offices,
and other IoT functionality. Today,
employees and their guests can now move
throughout the building with nothing more
than a smartphone and enter restricted areas
to which they have been given access rights.
The Honeywell Vector Occupant App is
another great example of how mobile IDs
and a cloud platform are making it possible
for building occupants to use their mobile
devices for card-free secure access to a single
area of a building, an entire facility or
multiple locations around the globe. HID
Global partner Datawatch Systems continues
to transform the tenant experience across
numerous high-rise buildings in the United
States, where they have deployed Mobile IDs
at major commercial properties to address
the increasing demand for property management
companies and tenants seeking better
ways to interact with buildings where people
live and work. The Datawatch system can
also be used to analyze HVAC load requirements
based on when someone enters or exits
a suite or common area and adjust temperature
settings accordingly—as well as turn off
lights when the last person leaves the area.
Access Control
of the Future
Cloud platforms are giving facility managers
more information about how their
buildings are used for workplace optimization,
wayfinding within large campuses and
other applications. They are also fueling
new opportunities to dramatically expand
choices for organizations to get the most
out of their physical access control investments
by providing the backbone for adding
new and emerging technologies, while
improving how identity solutions are delivered.
A trusted, cloud-connected workplace
that utilizes an ecosystem of millions of
readers and other devices, applications and
trusted mobile identities (Mobile IDs) also
give organizations greater flexibility to scale
their security infrastructure as they grow,
improve workplace efficiency, and enhance
their security.
This new world will also provide a rich
environment in which developers can continually
build innovative applications for
the trusted workplace. At the same time,
it will usher new ways to innovate, develop
and deploy solutions that deliver seamless,
even more secure and consistent user
experiences, flexible service subscription
models, a new way to look at workplace design,
and more simplified path from design
to deployment in the access
control developer
community.
This article originally appeared in the October 2018 issue of Security Today.