Preventing Intrusion

Collaborative security integration strategies for secured entrances

While technologies have advanced and integration processes have become much more sophisticated, the basic tenets of electronic access control systems haven’t changed much over the last quarter century. Most organizations and businesses have valuable assets on-site, including both tangible assets and less tangible intellectual property, business information, and data assets. A well-designed and implemented access control system keeps track of who is coming and going to help mitigate the risk of bad actors entering the facility, requiring multi-factor authentication identification methods such as an ID card along with a biometric confirmation; a password or PIN to gain entry.

HOW TO SOLVE THE INTEGRATION PUZZLE

Many high-profile government, institutional and enterprise organizations still integrate swing doors with their ACS. This approach presents a security challenge because of the susceptibility of swing doors to allow tailgating – and most access control systems can only alert staff that a door has been left open. How can electronic access control and biometrics technologies be configured to help mitigate unauthorized entry through swing doors and turnstiles?

Timothy Sutton is a senior security consultant at Guidepost Solutions. He quips that the best form of access control to mitigate unauthorized entry is a security guard – and also admits a security guard is also the weakest form of access control simply due to the human element. He says that swing doors and turnstiles can be secured against unauthorized entry when they are supported by an electronic access control system (ACS).

“The ACS basically performs the same functions as a physical security guard in that a person seeking access would present a credential for inspection by ACS. This compares the credential information to a user database to ensure the person is confirmed as a user, and that the user has been granted entry authority to that particular door or turnstile at the time the credential was presented,” Sutton said. “Credentials can be physical cards or fobs with electronic encoding, a keypad PIN, or a biometric signature such as a finger or palm print, vascular mapping of a hand or a retina to be scanned.

“These credentials can be used alone or in any combination of two or all three types to achieve the desired level of security. Video surveillance systems can be used for access control in this environment by providing an image of a person for comparison to a database of authorized persons. This comparison can be made by a physical security officer, or through the use of facial recognition and video analytics.”

SOLVING THE SWINGING DOOR ISSUE

The primary controls that can be used at swing doors and turnstiles to detect attempted piggybacking are LiDAR solutions or other optical sensors. The goal is to first confirm the credential holder, then create a detection strategy that prevents entry or tracks a piggybacking situation tied to a camera that can detect the secondary person.

According to security consultant and CTO of ESI Convergent, Pierre Bourgeix, these scenarios tend to be more of a deterrent or investigative tool rather than a prevention strategy.

“The only true prevention strategy is the use of a security revolving door or mantrap portal solution. The critical point is that access and identity to entry must be cohesive, occurring simultaneously during the entry event. This is your prevention strategy because these types of high security doors have a working principle that prevents piggybacking,” Bourgeix said. “The issue is when a swing door is held open for a second or third person and they could easily enter undetected. The anomaly is an organization with technology that handles such tailgating events: the person that has no read is detected by sensors via LIDAR or optic technology then secondarily by camera which validates that this person does not have a registered credential.”

Swinging doors with a credential reader are locked until a valid credential is presented. However, once that door is unlocked it can be held open for several other unauthorized users to come through, which creates the access liability. Coordinating various solutions using access, video and sensory devices can integrate in an almost seamless fashion with swinging doors. For security consultant Sean Ahrens, the assertion is that the user weighs the options and chooses the solution that best fits the specific facility and security culture.

He said that the most inconvenient approach is to use hard anti-pass back, which requires a person to use a credential to enter and exit. Failure to present a credential on exit will disable the credential from being used to re-enter the facility.

“This can be very inconvenient and goes against the current “frictionless” access control mantra that many are spreading. An alternative approach is not to disable a credential but automate a response to the person’s supervisor via a rule/flow process and require the completion of security classes for the supervisor and the offender within a specific timeframe,” Ahrens said. “In this way it becomes a compliance issue, and people will be compelled to use their credential properly rather than be reprimanded by their superior or re-take training that is mundane. Facial recognition can be used to automate access, however, COVID and mask requirements may limit the effectiveness of these systems and could permit false acceptance.”

This article originally appeared in the March 2021 issue of Security Today.

Featured

  • Evolving Cybersecurity Strategies: Uniting Human Risk Management and Security Awareness Training

    Organizations are increasingly turning their attention to human-focused security approaches, as two out of three (68%) cybersecurity incidents involve people. Threat actors are shifting from targeting networks and systems to hacking humans via social engineering methods, living off human errors as their most prevalent attack vector. Whether manipulated or not, human cyber behavior is leveraged to gain backdoor access into systems. This mainly results from a lack of employee training and awareness about evolving attack techniques employed by malign actors. Read Now

  • Report: 1 in 3 Easily Exploitable Vulnerabilities Found on Cloud Assets

    CyCognito recently released new research highlighting critical security vulnerabilities across cloud-hosted assets, revealing that one in three easily exploitable vulnerabilities or misconfigurations are found on cloud assets. As organizations increasingly shift to multi-cloud strategies, the findings underscore significant security gaps that could provide attackers with potential footholds into networks. Read Now

  • Built for Today, Ready for Tomorrow

    Selecting the right VMS is critical for any organization that depends on video surveillance to ensure safety, security and operational efficiency. While many organizations focus on immediate needs such as budget and deployment size, let us review some of the long-term considerations that can significantly impact a VMS's utility and flexibility. Read Now

  • Paving the Way to Smart Buildings

    In today's rapidly evolving security landscape, the convergence of on-prem, edge and cloud technologies are critical. The physical security landscape is undergoing a profound transformation, driven by the rapid digitalization of buildings and the evolving needs of modern organizations. As the buildings sector pivots towards smart, AI and data-driven operations, the integration of both edge and cloud technology has become crucial. Read Now

  • The Cybersecurity Time Bomb

    If you work in physical security, you have probably seen it: a camera, access control system, or intrusion detection device installed years ago, humming along without a single update. It is a common scenario that security professionals have come to accept as "normal." But here is the reality: this mindset is actively putting organizations at risk. Read Now

New Products

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises.

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.