Who Has the Keys?

Key management and control is a critical aspect of security

There is a mistaken belief among some that the use of traditional mechanical keys is becoming less important with the proliferation and evolution of sophisticated access control technology. The fact is, traditional mechanical keys are more common than ever, and today’s security awareness dictates these keys be tracked, monitored and managed effectively. Casinos, convention centers, healthcare facilities, residential and commercial property management, educational institutions, government, transportation and delivery, auto dealerships and prisons are among the common users of good key management systems.

Key Control Networks
The concept of key management relates to keys secured in a locked or unlocked enclosure and each key is assigned a physical and logical location—or a hook in more primitive systems. Each key or key bundle may be assigned to someone whose security credentials permit the use of that key during that time period. Authority systems range from a guard identifying and issuing keys in basic systems to automated locking, release, tracking and timing in advanced systems. Returned keys are logged in—electronically or in writing— providing management with a report of when and to whom the keys were issued and whether keys are available or remain out.

The first of three basic key control system methods is considered manual, or primitive. This means key possession is tracked and/or controlled by a sign-out sheet and the supervision of administrative and/or security personnel. This method is labor-intensive and susceptible to human error; there is no way of generating an automatic report when a key is not returned, for example.

In the second method, mechanical or electronic key controls involve a metalto- metal contact identification. These technologies have been available for more than 20 years. Contact chips and similar systems rely upon electrical point-to-point contact points of the device attached to the key.

Keys are fundamentally mechanical devices subject to abuse and frequent exposure to dirt and moisture. These same mechanical devices are, for secure operations, dependent upon electrical contact points, which are subject to failure and high maintenance due to the normal wear and dirt acquisition of the contacts.

The final method is the newest form of key management. It is based on contactless RFID technology—similar to but more rugged than traditional proximity cards. An RFID tag is embedded into an indestructible key fob, docked into a round port in the key board. RFID technology is maintenance-free, and the contactless identification capability of the fob can be used for additional tasks related to access and control efficiency. RFID key fobs are not affected by dirt, moisture or wear. The first system of this type—proxSafe®— was introduced by Deister Electronics.

Item vs. Access Control
Key management may be seen as part of the broader category of item control, which is the cousin to access control. Item control is a natural step as people become more sophisticated in managing and controlling access to places, information and things. Today’s technology provides means of identifying who is getting into a building, who is accessing its information technology and who is in possession of its items or keys. Contactless RFID-based systems also are equally effective at managing safekeeping of small assets and laptops.

Smart key management, in fact, is essentially access control for assets. Such systems can be configured as standalone— in fact, about five years ago nearly all such systems were configured as stand-alone. These systems embed an access database and log locally, and run without centralized supervision. Data and changes are periodically updated and uploaded by system management.

Networking systems, often at multiple locations—from a short distance to halfway around the world—comprise a single overall key management and access system. Management is from a browser-accessible server, and the system resides on the local IT network with full Web access capability. A single database governs and records events and authority for all locations. Networked systems also must have a fallback—for all systems to operate effectively in stand-alone mode—in the event of a temporary failure of the network.

From a logical and administrative standpoint, a key or key bundle is really a kind of door object. The most advanced systems have open protocols that may be integrated into classic access control to take advantage of single databases, single management and the now far-reaching security needs of an organization.

Cost Benefits
Misplaced keys cost organizations in North America approximately $35 billion annually in terms of inefficiency, shrinkage, liability and lock replacement costs. Consider the cost of replacing lost keys and cylinders, time spent while locating keys, and extra personnel to manage manual key systems, and you get an idea of just some of the costs that can be resolved by an effective system. Lack of effective key management also can result in lost sales revenues for properties such as assisted living and residential or commercial properties where an ineffective system would be seen as a detriment to security and value of the property. Automated electronic key management systems typically have a payback of less than 12 months when all risks and costs are analyzed.

Electronic access control has become a staple of the tools available to security directors within commercial and government areas to increase and manage security requirements within their arc of responsibility. Yet, relatively few of these same sophisticated executives have incorporated physical keys into a threat analysis. Great care is taken with access through doors to sensitive areas while some of the organization’s highest-risk areas are accessible by physical keys loosely managed with a sign-out list.

Effective key management is an increasingly critical part of any comprehensive facility security plan. Electronic contactless RFID key management systems offer efficiency and security and are most cost-effective over time. As the most popular choice among users at many levels—facility management, security and IT—the RFID technology method of key management is destined to be the most obvious solution for a universal realm of future applications.

Increasing numbers of security directors and facility executives are assessing the risk posed by uncontrolled physical keys. This trend is changing toward much greater use of key management, in some cases in response to government mandates such as FIPS 201-1. As sophisticated access control systems integrate key control into the broader access control capability set, electronic key management is destined to achieve an equivalent ubiquitous presence.

If you like what you see, get more delivered to your inbox weekly.
Click here to subscribe to our free premium content.

comments powered by Disqus

Digital Edition

  • Security Today Magazine - March 2019

    March 2019


    • Continued Integrity
    • A Secure Healthcare Prescription
    • Looking Beyond the Hype
    • Double Down on Casino Security
    • Are You Throwing Money Away

    View This Issue

  • Environmental Protection
  • Occupational Health & Safety
  • Infrastructure Solutions Group
  • School Planning & Managmenet
  • College Planning & Management
  • Campus Security & Life Safety