Preventing Intrusion
Collaborative security integration strategies for secured entrances
- By Kurt Measom
- Mar 02, 2021
While technologies have advanced and integration
processes have become much more
sophisticated, the basic tenets of electronic
access control systems haven’t changed much
over the last quarter century. Most organizations
and businesses have valuable assets on-site, including both
tangible assets and less tangible intellectual property, business information,
and data assets. A well-designed and implemented access
control system keeps track of who is coming and going to help mitigate
the risk of bad actors entering the facility, requiring multi-factor
authentication identification methods such as an ID card along
with a biometric confirmation; a password or PIN to gain entry.
HOW TO SOLVE THE INTEGRATION PUZZLE
Many high-profile government, institutional and enterprise organizations
still integrate swing doors with their ACS. This approach
presents a security challenge because of the susceptibility of swing
doors to allow tailgating – and most access control systems can
only alert staff that a door has been left open. How can electronic
access control and biometrics technologies be configured to help
mitigate unauthorized entry through swing doors and turnstiles?
Timothy Sutton is a senior security consultant at Guidepost
Solutions. He quips that the best form of access control to mitigate
unauthorized entry is a security guard – and also admits a
security guard is also the weakest form of access control simply
due to the human element. He says that swing doors and turnstiles
can be secured against unauthorized entry when they are
supported by an electronic access control system (ACS).
“The ACS basically performs the same functions as a physical
security guard in that a person seeking access would present a credential
for inspection by ACS. This compares the credential information
to a user database to ensure the person is confirmed as a user,
and that the user has been granted entry authority to that particular
door or turnstile at the time the credential was presented,” Sutton
said. “Credentials can be physical cards or fobs with electronic encoding,
a keypad PIN, or a biometric signature such as a finger or
palm print, vascular mapping of a hand or a retina to be scanned.
“These credentials can be used alone or in any combination
of two or all three types to achieve the desired level of security.
Video surveillance systems can be used for access control in this
environment by providing an image of a person for comparison
to a database of authorized persons. This comparison can be
made by a physical security officer, or through the use of facial
recognition and video analytics.”
SOLVING THE SWINGING DOOR ISSUE
The primary controls that can be used at swing doors and turnstiles
to detect attempted piggybacking are LiDAR solutions or
other optical sensors. The goal is to first confirm the credential
holder, then create a detection strategy that prevents entry or
tracks a piggybacking situation tied to a camera that can detect
the secondary person.
According to security consultant and CTO of ESI Convergent,
Pierre Bourgeix, these scenarios tend to be more of a deterrent
or investigative tool rather than a prevention strategy.
“The only true prevention strategy is the use of a security revolving
door or mantrap portal solution. The critical point is that
access and identity to entry must be cohesive, occurring simultaneously
during the entry event. This is your prevention strategy
because these types of high security doors have a working principle
that prevents piggybacking,” Bourgeix said. “The issue is
when a swing door is held open for a second or third person and
they could easily enter undetected. The anomaly is an organization
with technology that handles such tailgating events: the person
that has no read is detected by sensors via LIDAR or optic
technology then secondarily by camera which validates that this
person does not have a registered credential.”
Swinging doors with a credential reader are locked until a valid
credential is presented. However, once that door is unlocked
it can be held open for several other unauthorized users to come
through, which creates the access liability. Coordinating various
solutions using access, video and sensory devices can integrate
in an almost seamless fashion with swinging doors. For security
consultant Sean Ahrens, the assertion is that the user weighs the
options and chooses the solution that best fits the specific facility
and security culture.
He said that the most inconvenient approach is to use hard
anti-pass back, which requires a person to use a credential to enter
and exit. Failure to present a credential on exit will disable the
credential from being used to re-enter the facility.
“This can be very inconvenient and goes against the current
“frictionless” access control mantra that many are spreading. An
alternative approach is not to disable a credential but automate a
response to the person’s supervisor via a rule/flow process and require
the completion of security classes for the supervisor and the
offender within a specific timeframe,” Ahrens said. “In this way
it becomes a compliance issue, and people will be compelled to
use their credential properly rather than be reprimanded by their
superior or re-take training that is mundane.
Facial recognition can be used to automate access,
however, COVID and mask requirements
may limit the effectiveness of these systems and
could permit false acceptance.”
This article originally appeared in the March 2021 issue of Security Today.