Preventing Intrusion

Collaborative security integration strategies for secured entrances

• By Kurt Measom
• Mar 02, 2021

While technologies have advanced and integration processes have become much more sophisticated, the basic tenets of electronic access control systems haven’t changed much over the last quarter century. Most organizations and businesses have valuable assets on-site, including both tangible assets and less tangible intellectual property, business information, and data assets. A well-designed and implemented access control system keeps track of who is coming and going to help mitigate the risk of bad actors entering the facility, requiring multi-factor authentication identification methods such as an ID card along with a biometric confirmation; a password or PIN to gain entry.

HOW TO SOLVE THE INTEGRATION PUZZLE

Many high-profile government, institutional and enterprise organizations still integrate swing doors with their ACS. This approach presents a security challenge because of the susceptibility of swing doors to allow tailgating – and most access control systems can only alert staff that a door has been left open. How can electronic access control and biometrics technologies be configured to help mitigate unauthorized entry through swing doors and turnstiles?

Timothy Sutton is a senior security consultant at Guidepost Solutions. He quips that the best form of access control to mitigate unauthorized entry is a security guard – and also admits a security guard is also the weakest form of access control simply due to the human element. He says that swing doors and turnstiles can be secured against unauthorized entry when they are supported by an electronic access control system (ACS).

“The ACS basically performs the same functions as a physical security guard in that a person seeking access would present a credential for inspection by ACS. This compares the credential information to a user database to ensure the person is confirmed as a user, and that the user has been granted entry authority to that particular door or turnstile at the time the credential was presented,” Sutton said. “Credentials can be physical cards or fobs with electronic encoding, a keypad PIN, or a biometric signature such as a finger or palm print, vascular mapping of a hand or a retina to be scanned.

“These credentials can be used alone or in any combination of two or all three types to achieve the desired level of security. Video surveillance systems can be used for access control in this environment by providing an image of a person for comparison to a database of authorized persons. This comparison can be made by a physical security officer, or through the use of facial recognition and video analytics.”

SOLVING THE SWINGING DOOR ISSUE

The primary controls that can be used at swing doors and turnstiles to detect attempted piggybacking are LiDAR solutions or other optical sensors. The goal is to first confirm the credential holder, then create a detection strategy that prevents entry or tracks a piggybacking situation tied to a camera that can detect the secondary person.

According to security consultant and CTO of ESI Convergent, Pierre Bourgeix, these scenarios tend to be more of a deterrent or investigative tool rather than a prevention strategy.

“The only true prevention strategy is the use of a security revolving door or mantrap portal solution. The critical point is that access and identity to entry must be cohesive, occurring simultaneously during the entry event. This is your prevention strategy because these types of high security doors have a working principle that prevents piggybacking,” Bourgeix said. “The issue is when a swing door is held open for a second or third person and they could easily enter undetected. The anomaly is an organization with technology that handles such tailgating events: the person that has no read is detected by sensors via LIDAR or optic technology then secondarily by camera which validates that this person does not have a registered credential.”

Swinging doors with a credential reader are locked until a valid credential is presented. However, once that door is unlocked it can be held open for several other unauthorized users to come through, which creates the access liability. Coordinating various solutions using access, video and sensory devices can integrate in an almost seamless fashion with swinging doors. For security consultant Sean Ahrens, the assertion is that the user weighs the options and chooses the solution that best fits the specific facility and security culture.

He said that the most inconvenient approach is to use hard anti-pass back, which requires a person to use a credential to enter and exit. Failure to present a credential on exit will disable the credential from being used to re-enter the facility.

“This can be very inconvenient and goes against the current “frictionless” access control mantra that many are spreading. An alternative approach is not to disable a credential but automate a response to the person’s supervisor via a rule/flow process and require the completion of security classes for the supervisor and the offender within a specific timeframe,” Ahrens said. “In this way it becomes a compliance issue, and people will be compelled to use their credential properly rather than be reprimanded by their superior or re-take training that is mundane. Facial recognition can be used to automate access, however, COVID and mask requirements may limit the effectiveness of these systems and could permit false acceptance.”

This article originally appeared in the March 2021 issue of Security Today.