Ask the Expert

  • By Larry O'Brien
  • Apr 21, 2008

Web-based access control is a great example of the growing convergence of IT with the security industry. The technology works by enabling users to view and manage a system remotely, from any location in the world, as long as they have Internet access.

ISSUE: What kinds of Web-based access control are available?

SOLUTION: There are two types of access control systems that allow remote management: private server-based and Web-hosted. In the first scenario, a company hosts a server with software that enables applications to control access within the security system. Using this Web-based system, security managers can control and manage access cards, engage alarm systems or change the time door locks are engaged, all online, from anywhere in the world. Another possibility is using a specialized company, usually called an application service provider (ASP), to host the server and provide the necessary software.

Classic access control is an application program running on a server attached to the corporate network. As an alternative, ASPs can host this service and provide the necessary software. In either case, security directors can manage access, control doors, engage alarm systems or change door-locking schedules from anywhere in the world through an Internet connection. With the in-house server application, the IT department must provide a secure connection from the Internet to the corporate network, which is normally called a virtual private network (VPN), to allow the security director access to the application. With the online provider, the security director only needs Internet access to manage the system.

ISSUE: Are there any drawbacks to consider when selecting a Web-based access control system?

SOLUTION: The benefit of hosting your own server is that it can be relatively simple to install and use. However, products that initially seem easy to use often become more complex when implementing the software’s advanced features. Also, company-hosted servers require maintenance, upgrades and virus protection— an added cost. Potential system failure and downtime could be disastrous for a company using a security manager inexperienced in access control.

ASPs can take the burden and headache off the security manager. Also, system maintenance, server upgrades and data backup would be provided as part of the service. The downside to this solution, however, is the ongoing monthly cost associated with each ASP.

Web-based access control is a relatively new technology and, as such, has its share of problems. Scalability is a factor that may stop larger companies from adopting a security system that could “dead-end” in the future. There are some Web-based systems that can handle larger amounts of data, but all of these solutions have some sort of size limitation, meaning that in the future, the system may not be able to cope.

Other problems include the security of a Web-based system, as anything connected to the Internet leaves itself vulnerable to hackers attempting to gain access to valued security information. Using an ASP with a robust firewall may mitigate this problem. It also should be understood that by contracting with a Web-based access control provider, you are granting this ASP full access to your facility as well as possible sensitive information on your employees. Like all Internet companies, ASPs can be bought or sold overnight and sometimes go out of business without warning. Due diligence requires a through and complete investigation into the ownership of the ASP and what level of screening and background checks are required for ASP employees.

ISSUE: What types of organizations are best suited for such a system?

SOLUTION: Successful deployments of Web-based access control systems often have included buildings with multiple tenants. Each tenant can access the system with its own coded cards. Meanwhile, the building security director can monitor the activities that are going on in public areas, such as lobbies, elevators and parking garages.

Evaluate if a Web-based access control system is the right fit for your security system, and talk to an experienced security integrator about the best option.

READER QUESTION: I operate a successful restaurant/nightclub in an urban area. Each night we bring the proceeds into a counting room to tally and prepare the bank deposit. Additionally, we have dozens of credit card numbers at any given time. We have a deadbolt lock on the room, and only an assistant and I have a key. But we have had several restaurant robberies in our area recently. Can you recommend some ways to better protect ourselves?

SOLUTION:An intrusion system that is connected to a central station can offer panic buttons in the form of key fobs that each person can carry and use to initiate a panic call to the central station. Some central stations have the ability to monitor surveillance cameras, and this would allow the central station to assess the current situation during a panic event and provide valuable information to the responding authority. The central station also could be alerted when the employees are ready to leave the counting room with deposits and monitor the surveillance cameras in the parking lot to verify everyone safely got to their cars. Again, panic alarms should have the range to reach from the parking lot.

Featured

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

  • Overwhelming Majority of CISOs Anticipate Surge in Cyber Attacks Over the Next Three Years

    An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC1, the leading provider of enterprise-class domain and domain name system (DNS) security. Read Now

  • ASIS International Introduces New ANSI-Approved Investigations Standard

    • Guard Services

  • Cloud Security Alliance Brings AI-Assisted Auditing to Cloud Computing

    The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today introduced an innovative addition to its suite of Security, Trust, Assurance and Risk (STAR) Registry assessments with the launch of Valid-AI-ted, an AI-powered, automated validation system. The new tool provides an automated quality check of assurance information of STAR Level 1 self-assessments using state-of-the-art LLM technology. Read Now

  • Report: Nearly 1 in 5 Healthcare Leaders Say Cyberattacks Have Impacted Patient Care

    Omega Systems, a provider of managed IT and security services, today released new research that reveals the growing impact of cybersecurity challenges on leading healthcare organizations and patient safety. According to the 2025 Healthcare IT Landscape Report, 19% of healthcare leaders say a cyberattack has already disrupted patient care, and more than half (52%) believe a fatal cyber-related incident is inevitable within the next five years. Read Now

Most   Popular

New Products

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.