Best Practices for Key Control

Best Practices for Key Control

Technology comes from inside the box

Best Practices for Key ControlKey control and asset management technology are reliable and cost-effective methods to improve security by ensuring that facility keys are properly managed with regard to access, storage and tracking. Key management systems can reinforce access control policies that are already in place and can help reduce the costs associated with lost keys or unmanaged access.

From Inside the Box

Tamper-proof systems are designed so that only authorized users—using pre-programmed PIN codes, access cards or biometrics—can access keys, while on-board advanced technology automatically records all access activity.

A basic system typically consists of a computerized key storage cabinet, a key locking mechanism and a tracking system. From this basic package, several options and design variations can be added to customize the solution and help protect the investment as needs grow and change. For networked installations, management software can also be included in the system. Permission levels can be established for each user and data can be monitored from any network-connected desktop. Additionally, the software can run activity reports, sort based on different criteria, and view and print reports, among other uses.

Today’s key control and management systems have become a higher level management tool for effectively addressing the safety and security of building occupants and the security of the building assets.

Knowing the identity of authorized key holders, which keys they have in their possession or have access to, and when they were used are all essential pieces of information needed to help ensure a safe and secure environment. Further, technological developments and open protocols have made it possible to integrate key control with access control and other security systems as part of a facility’s networked security system. Now, a user who has taken a specific key can be denied egress from the facility until the key is returned, and selected management can be alerted via email if a key has not been returned on time.

Easy Implementation

Implementing a key control and management system is a straightforward process that involves a few basic steps:

  • Take inventory of the facility to identify all access points and installed locks;
  • ascertain the operational needs of employees as well as of others who may need access to the facility such as service, repair or cleaning crews; and
  • establish a policy with easy-to-follow procedures for effective key control and management.

Having the ability to add on the exact components you need, or change modules where and when you need, helps protect your investment. This way, you will avoid having to rip and replace an entire key control and asset management system because the current system cannot accommodate lockers for securing cell phones or other valuable items, or does not integrate with a new access control system that has just been installed.

If a networked key control system is planned, a review of the network topology will reveal any configuration and performance alterations that may need to be applied. Compatibility with other security systems should be reviewed to maximize interoperability for more comprehensive, integrated operations.

A simple but strong set of guidelines for administering and using the key control system will help define areas of responsibility and enable better control of the keys.

Setting Up Your System

Configuring a key control solution is as easy as identifying needs and then building the system with modular components that meet those needs. Choices for modules may include key storage, lockers, credit card or simply blank, to be filled at a later time. The combination of modules is entirely up to the user, providing the ability to customize and change the system to meet growth or other specific needs.

Key control and asset management systems can be configured with additional security features to help enhance the integrity of the system. For example, where protection of asset lockers is mission-critical, installation of a remote access device provides an additional layer of protection by enabling the locker system to be placed in a secure room. A second individual’s PIN input and verification are then required in order for an authorized employee to access the contents of a locker.

Access to the key and asset cabinets can be customized, with options including a built-in keypad, biometrics, such as a fingerprint reader, and a magnetic or proximity card reader. Systems that integrate card readers for access can often use the access control cards that are already in use throughout the organization, making the system implementation easier and more convenient. Changes to an individual’s access authorization can be made instantly by program administrators.

Optional user interfaces can be integrated directly into the cabinet for easy accessibility, or they may be separate. In either design, users can access only the stored items that they have been authorized to remove or return.

Integration Potential

A key control and asset management solution can usually be integrated with the existing physical security system without costly upgrades or overhauls. For example, asset control systems, featuring alarm and relay inputs/outputs, can be integrated with existing video surveillance systems for additional security measures. Ethernet and USB capability help ensure system compatibility and integration. Key management systems can also integrate with a facility’s existing identification cards.

Compatibility with other security systems and network access offers an added richness, usability and integration with existing data bases, saving time and money. Ethernet or TCP/IP communications ports allow ease-of-use for direct connectivity to printers or other devices, or networked connectivity via Ethernet.

Management Software Tracks and Analyzes

One of the enabling factors for successful key control implementation is the ability to manage all programming, remote functions and reports for the system with a software-driven solution. Similar in concept to popular access control systems, the PC-based package of key management software helps make day-to-day operations and activities easier and more fluid. Users can be added from a global list, and all specific settings—added or modified—will be automatically synchronized across the system. Profiles can be assigned for improved user control, and administrative access levels have various options to be tailored to specific needs, such as reports only or alarms only.

Built-in schedulers can be programmed to automatically download all data to a secure PC as required by the user. With this capability, management can better sort and analyze information to maintain maximum control of access and security issues.

Scheduled email reports that detail what keys are in or out and who has/had them, keeps security management informed and up-to-date. If an incident occurs, management can query the system for specific details. Together with the audit data from an access control system, a key control system’s reporting ability provides a strong evidence trail.

Advanced communication capabilities enable key control systems to be monitored and administered remotely from PDAs or smartphones as well as from a desktop. Authorized personnel can check key status, cancel an alarm and even remotely disable user access. These features, along with multiple others, provide the mobile user with another level of convenience and control when it comes to key control management.

This article originally appeared in the July 2014 issue of Security Today.

Featured

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

  • Overwhelming Majority of CISOs Anticipate Surge in Cyber Attacks Over the Next Three Years

    An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC1, the leading provider of enterprise-class domain and domain name system (DNS) security. Read Now

  • ASIS International Introduces New ANSI-Approved Investigations Standard

    • Guard Services
  • Cloud Security Alliance Brings AI-Assisted Auditing to Cloud Computing

    The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today introduced an innovative addition to its suite of Security, Trust, Assurance and Risk (STAR) Registry assessments with the launch of Valid-AI-ted, an AI-powered, automated validation system. The new tool provides an automated quality check of assurance information of STAR Level 1 self-assessments using state-of-the-art LLM technology. Read Now

  • Report: Nearly 1 in 5 Healthcare Leaders Say Cyberattacks Have Impacted Patient Care

    Omega Systems, a provider of managed IT and security services, today released new research that reveals the growing impact of cybersecurity challenges on leading healthcare organizations and patient safety. According to the 2025 Healthcare IT Landscape Report, 19% of healthcare leaders say a cyberattack has already disrupted patient care, and more than half (52%) believe a fatal cyber-related incident is inevitable within the next five years. Read Now

New Products

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.