Selecting the Right Access Control System

Selecting the Right Access Control System

You have the necessary experience, but think about the specifications for the job

  • By J. Matthew Ladd
  • Mar 01, 2019

With a password on each computer and a cardbased access control system on the door, many businesses feel they have their bases covered when it comes to both logical and physical security.

The password for the logical access control system, which provides authorization into a computer system, they will argue, prevents just anyone from logging onto a computer—unless the computer’s owner has a sticky note with their password attached to the screen or they have shared their password with a friend. Then the laptop or desktop is easily accessible by others.

No Trespassing

The card will keep strangers out of the building. This works unless the credential is lost or stolen or passed along by a well-meaning employee to a co-worker who forgot his card. Access works on the premise that the user presents one of two items: something they have, like a card; or something they know, such as a password.

Whether you are running a small business office, doctor’s office, coffee shop or retail store, it is important to ensure that you protect staff and assets. While for some this may mean simply locking the front door at night with a key, the introduction of new technology at lower price points now means that every business can afford the cost of access control today.

However, accompanying these lower priced options also means there are a lot of access control systems on the market to choose, such as standalone systems for one to four doors, mid-size systems that use single-factor authentication such as a keypad or proximity card, or large-scale systems that enable corporations to provide access to employees at multiple facilities in different states while using a single credential. How do you choose what is best for you?

If cost is your concern, consider a card based or keypad system. With a card-based system, the small business can use a proximity card and reader system that allows them to issue an access control card to employees. This can be an ideal approach for a business with multiple locations where they want someone to have access to more than one location. Using a proximity card to access the building also cuts down on re-key costs when an employee leaves.

Another cost-effective option is to install a keypad system on the exterior of an office door. When an office manager enters his pin number, it can unlock the door for the day and also provide a report on the open and close times of that location. This information can be accessed remotely by the retail manager to lock and unlock the door.

A Unique Pin

In addition, the administrator of the system can issue multiple pin numbers to employees, so that each person has a unique pin. That pin number can be easily deactivated if the employee no longer works at that location. Still, while these options are most cost effective and may work perfectly for some businesses, others required some added security measures.

An option to combat this is multiple-factor authentication, which requires credentials that address both the logical and physical dynamics of a security system, in turn taking your system to the next level. Up until recently, this higher level of security was limited to certain upper echelon users such as corporate executives, IT administrators or others whose information and access was considered more important. For example, a CEO may have to both present a card and punch in an access code or use his or her fingerprint to open the door to the executive suite. The desktop used by the head of IT is protected by both a password and a swipe of his or her access card on an auxiliary reader attached to the computer.

Cost and complexity of instituting this technology have been cited in the past as reasons to restrict the use of additional safeguards to a small percentage of the corporate population, but increasingly those arguments are going by the wayside.

Security systems integrators are already installing card-based access control systems at a steady pace, so why not work with that existing credential and add a layer of logical access on top of it?

The mobility of the standard user, who takes his laptop home on the weekends or travels for business, makes having at least two-factor authentication for added logical security more significant. The same is true with protecting certain physical assets or areas such as a hospital’s drug supply closet or the records room at a financial institution. Installing systems requiring multi-factor authentication can prevent costly or even regulatory mistakes in these key areas.

With the different types of access control systems in mind, there are still a few questions to ask before deciding on a perfect fit.

The first thing you should ask is whether the system is easy to use and to manage. Next to price, ease of use is typically the most important factor to take into consideration when looking to implement an access control system. Who is going to manage the system on the back end and add a new cardholder or revoke privileges when someone leaves the company? Do you need a system that offers a web-based interface so that you can remotely manage this task on your own, or do you plan to hire your systems integrator to oversee that service?

Answering the Question

Before you implement any access control system, it’s important to answer this question, otherwise the system can become compromised quickly if access rights are not updated on a regular basis. Next, users should take a look at the kind of functionalities their facility needs. It’s important to select an access control system that aligns with your business needs. Do you have a lot of employees that require access to an office or facility during the weekend or evening hours? Or do you need to keep a few key rooms, such as an IT server room or supply closet, under lock and key and only accessible to a few select employees?

Also, will you need to monitor who comes and goes into the facility and need to create a detailed report on access times and who entered the facility? In some instances, a keypad can provide adequate security for a small business or to limit access to a specific area within a secure building. However, a keypad is not an ideal solution for high security areas because pins can be easily shared with other people. Instead, it is better to use a keypad and card reader combination to ensure multi-factor authentication.

Users should keep in mind that many entry-level access control systems do not offer third party integration. This means that if you plan to integrate video, elevator controls or an HR system in the future, it’s important to look beyond an entry-level system to future proof your system.

While you might not need these exact integrations today, be sure to look out five years or longer as to what your access control needs may look like. If you expect to add more employees, then an access control system with future capabilities may be the best option. An access control system that can integrate with Active Directory or PeopleSoft, for example, will enable you to integrate security functionality with human resources, so that when you onboard a new employee it becomes a single process to get them access to the building when they are entered into the HR system as a new employee. The same is true if that employee leaves the company—HR can deactivate their access privileges while changing the employee’s employment status.

Lastly, set a budget and stick to it. Price is always a challenging component because projects often are driven by a set budget, but many businesses also require a quality system that is reliable. Because the access control market offers numerous solutions, from standalone systems to IP-based systems, customers have numerous options from which to choose at a variety of price points.

A keypad-based system may be more economical for businesses with only a few access points to secure. These types of systems eliminate the added expense associated with purchasing and replacing proximity cards, for example. However, a business that has multiple access points to secure, requires detailed after-hours building access reporting or has a large number of employees may need to deploy a software-based system, which is generally more expensive.

Working in partnership, integrators, physical security personnel and the IT department can leverage the investment in the physical access control system into one that brings a higher level of security by tapping into the logical side as well. No matter the size of your business or your budget, the security market offers many different access control systems from which end users can choose. The challenge is, of course, deciding which one.

This article originally appeared in the March 2019 issue of Security Today.

Featured

  • Access Control Technology

    As we move swiftly toward the end of 2024, the security industry is looking at the trends in play, what might be on the horizon, and how they will impact business opportunities and projections. Read Now

  • Cutting Retail Losses

    Retail is still a more complex and dynamic security vertical in modern society. Inherent challenges with in-store and distribution center operations are primarily due to constantly shifting consumer buying trends. Retailers must show daily flexibility to keep workers, meet sales goals and attract customers while maintaining safe and efficient operations. Retail is an intricate web of interconnected elements. Read Now

  • The Key to Wellbeing in the Office

    A few years ago, all we saw in the news was the ‘great resignation.’ Now we have another ‘great’ to deal with. According to CBRE, 2023 was the start of the ‘great return’ as office workers returned to their normal offices after working from home. The data shows that two-thirds of all U.S office buildings were more than 90% leased as of Q2 2023. Read Now

  • Failed Cybersecurity Controls Costing U.S. Businesses $30 Billion Yearly

    Panaseer recently released ControlWatch and the Continuous Controls Battle: Panaseer 2025 Security Leaders Report examining the cost of cybersecurity control failures and the impact of growing personal liability for security failings on security leaders. The report analyzes the findings of a survey of 400 security decision makers (SDMs) across the US and UK. It shows that security leaders feel under increasing pressure to provide assurances around cybersecurity, exposing them to greater personal risk – yet many lack the data and resources to accurately report and close cybersecurity gaps. Read Now

Most   Popular

Featured Cybersecurity

Webinars

New Products

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities 3