Selecting the Right Access Control System -- Security Today

Selecting the Right Access Control System

You have the necessary experience, but think about the specifications for the job

By J. Matthew Ladd
Mar 01, 2019

With a password on each computer and a cardbased access control system on the door, many businesses feel they have their bases covered when it comes to both logical and physical security.

The password for the logical access control system, which provides authorization into a computer system, they will argue, prevents just anyone from logging onto a computer—unless the computer’s owner has a sticky note with their password attached to the screen or they have shared their password with a friend. Then the laptop or desktop is easily accessible by others.

No Trespassing

The card will keep strangers out of the building. This works unless the credential is lost or stolen or passed along by a well-meaning employee to a co-worker who forgot his card. Access works on the premise that the user presents one of two items: something they have, like a card; or something they know, such as a password.

Whether you are running a small business office, doctor’s office, coffee shop or retail store, it is important to ensure that you protect staff and assets. While for some this may mean simply locking the front door at night with a key, the introduction of new technology at lower price points now means that every business can afford the cost of access control today.

However, accompanying these lower priced options also means there are a lot of access control systems on the market to choose, such as standalone systems for one to four doors, mid-size systems that use single-factor authentication such as a keypad or proximity card, or large-scale systems that enable corporations to provide access to employees at multiple facilities in different states while using a single credential. How do you choose what is best for you?

If cost is your concern, consider a card based or keypad system. With a card-based system, the small business can use a proximity card and reader system that allows them to issue an access control card to employees. This can be an ideal approach for a business with multiple locations where they want someone to have access to more than one location. Using a proximity card to access the building also cuts down on re-key costs when an employee leaves.

Another cost-effective option is to install a keypad system on the exterior of an office door. When an office manager enters his pin number, it can unlock the door for the day and also provide a report on the open and close times of that location. This information can be accessed remotely by the retail manager to lock and unlock the door.

A Unique Pin

In addition, the administrator of the system can issue multiple pin numbers to employees, so that each person has a unique pin. That pin number can be easily deactivated if the employee no longer works at that location. Still, while these options are most cost effective and may work perfectly for some businesses, others required some added security measures.

An option to combat this is multiple-factor authentication, which requires credentials that address both the logical and physical dynamics of a security system, in turn taking your system to the next level. Up until recently, this higher level of security was limited to certain upper echelon users such as corporate executives, IT administrators or others whose information and access was considered more important. For example, a CEO may have to both present a card and punch in an access code or use his or her fingerprint to open the door to the executive suite. The desktop used by the head of IT is protected by both a password and a swipe of his or her access card on an auxiliary reader attached to the computer.

Cost and complexity of instituting this technology have been cited in the past as reasons to restrict the use of additional safeguards to a small percentage of the corporate population, but increasingly those arguments are going by the wayside.

Security systems integrators are already installing card-based access control systems at a steady pace, so why not work with that existing credential and add a layer of logical access on top of it?

The mobility of the standard user, who takes his laptop home on the weekends or travels for business, makes having at least two-factor authentication for added logical security more significant. The same is true with protecting certain physical assets or areas such as a hospital’s drug supply closet or the records room at a financial institution. Installing systems requiring multi-factor authentication can prevent costly or even regulatory mistakes in these key areas.

With the different types of access control systems in mind, there are still a few questions to ask before deciding on a perfect fit.

The first thing you should ask is whether the system is easy to use and to manage. Next to price, ease of use is typically the most important factor to take into consideration when looking to implement an access control system. Who is going to manage the system on the back end and add a new cardholder or revoke privileges when someone leaves the company? Do you need a system that offers a web-based interface so that you can remotely manage this task on your own, or do you plan to hire your systems integrator to oversee that service?

Answering the Question

Before you implement any access control system, it’s important to answer this question, otherwise the system can become compromised quickly if access rights are not updated on a regular basis. Next, users should take a look at the kind of functionalities their facility needs. It’s important to select an access control system that aligns with your business needs. Do you have a lot of employees that require access to an office or facility during the weekend or evening hours? Or do you need to keep a few key rooms, such as an IT server room or supply closet, under lock and key and only accessible to a few select employees?

Also, will you need to monitor who comes and goes into the facility and need to create a detailed report on access times and who entered the facility? In some instances, a keypad can provide adequate security for a small business or to limit access to a specific area within a secure building. However, a keypad is not an ideal solution for high security areas because pins can be easily shared with other people. Instead, it is better to use a keypad and card reader combination to ensure multi-factor authentication.

Users should keep in mind that many entry-level access control systems do not offer third party integration. This means that if you plan to integrate video, elevator controls or an HR system in the future, it’s important to look beyond an entry-level system to future proof your system.

While you might not need these exact integrations today, be sure to look out five years or longer as to what your access control needs may look like. If you expect to add more employees, then an access control system with future capabilities may be the best option. An access control system that can integrate with Active Directory or PeopleSoft, for example, will enable you to integrate security functionality with human resources, so that when you onboard a new employee it becomes a single process to get them access to the building when they are entered into the HR system as a new employee. The same is true if that employee leaves the company—HR can deactivate their access privileges while changing the employee’s employment status.

Lastly, set a budget and stick to it. Price is always a challenging component because projects often are driven by a set budget, but many businesses also require a quality system that is reliable. Because the access control market offers numerous solutions, from standalone systems to IP-based systems, customers have numerous options from which to choose at a variety of price points.

A keypad-based system may be more economical for businesses with only a few access points to secure. These types of systems eliminate the added expense associated with purchasing and replacing proximity cards, for example. However, a business that has multiple access points to secure, requires detailed after-hours building access reporting or has a large number of employees may need to deploy a software-based system, which is generally more expensive.

Working in partnership, integrators, physical security personnel and the IT department can leverage the investment in the physical access control system into one that brings a higher level of security by tapping into the logical side as well. No matter the size of your business or your budget, the security market offers many different access control systems from which end users can choose. The challenge is, of course, deciding which one.

This article originally appeared in the March 2019 issue of Security Today.

Featured

Perimeter Security Standards for Multi-Site Businesses

When you run or own a business that has multiple locations, it is important to set clear perimeter security standards. By doing this, it allows you to assess and mitigate any potential threats or risks at each site or location efficiently and effectively. Read Now
Getting in Someone’s Face

There was a time, not so long ago, when the tradeshow industry must have thought COVID-19 might wipe out face-to-face meetings. It sure seemed that way about three years ago. Read Now
- Industry Events
- ISC West
Live From ISC West 2024: Post-Show Recap

ISC West 2024 is complete. And from start to finish, the entire conference was a huge success with almost 30,000 people in attendance. Read Now
- Industry Events
- ISC West
ISC West 2024 is a Rousing Success

The 2024 ISC West security tradeshow marked a pivotal moment in the industry, showcasing cutting-edge technology and innovative solutions to address evolving security challenges. Exhibitors left the event with a profound sense of satisfaction, as they witnessed a high level of engagement from attendees and forged valuable connections with potential clients and partners. Read Now
- Industry Events
- ISC West

Webinars

Hanwha Vision (formerly Hanwha Techwin), Salient Systems, Eagle Eye Networks Inc, Evolv Technology, Arcules, ZeroEyes

Shooter Detection: The First Line of Defense
Hanwha Vision (formerly Hanwha Techwin), Salient Systems, Arcules

Embracing AI-driven Access Control
HID Global

Unlock the Potential: Why Make the Shift to Mobile Credentials

Whitepapers

Genetec

How to Modernize Your Existing Security Systems Using Hybrid-Cloud
Eagle Eye Networks Inc

Are you ready for an on-site emergency? A practical checklist
Winsted Corporation

Top Considerations Designing an Ergonomic Control Room

New Products

Compact IP Video Intercom

Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3
EasyGate SPT SPD

Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles. 3
FEP GameChanger

Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3

Selecting the Right Access Control System

ISC West 2024 Welcomed More Than 29,000 Attendees

Resideo to Acquire Snap One to Expand Presence in Smart Living Products and Distribution

Allegion US Features Interoperability, Mobile Credentials and More at ISC West

Altronix Showcases Products to Protect Critical Infrastructure at ISC West

Axis Communications Launches Axis Cloud Connect at ISC West 2024

Genetec Security Center SaaS Supports Direct-to-Cloud Workflows With Axis, Bosch, Hanwha, and i-PRO Devices

ASSA ABLOY Introduces Centrios, a New Access Control Brand for Small Businesses