Preventing Intrusion

Collaborative security integration strategies for secured entrances

While technologies have advanced and integration processes have become much more sophisticated, the basic tenets of electronic access control systems haven’t changed much over the last quarter century. Most organizations and businesses have valuable assets on-site, including both tangible assets and less tangible intellectual property, business information, and data assets. A well-designed and implemented access control system keeps track of who is coming and going to help mitigate the risk of bad actors entering the facility, requiring multi-factor authentication identification methods such as an ID card along with a biometric confirmation; a password or PIN to gain entry.

HOW TO SOLVE THE INTEGRATION PUZZLE

Many high-profile government, institutional and enterprise organizations still integrate swing doors with their ACS. This approach presents a security challenge because of the susceptibility of swing doors to allow tailgating – and most access control systems can only alert staff that a door has been left open. How can electronic access control and biometrics technologies be configured to help mitigate unauthorized entry through swing doors and turnstiles?

Timothy Sutton is a senior security consultant at Guidepost Solutions. He quips that the best form of access control to mitigate unauthorized entry is a security guard – and also admits a security guard is also the weakest form of access control simply due to the human element. He says that swing doors and turnstiles can be secured against unauthorized entry when they are supported by an electronic access control system (ACS).

“The ACS basically performs the same functions as a physical security guard in that a person seeking access would present a credential for inspection by ACS. This compares the credential information to a user database to ensure the person is confirmed as a user, and that the user has been granted entry authority to that particular door or turnstile at the time the credential was presented,” Sutton said. “Credentials can be physical cards or fobs with electronic encoding, a keypad PIN, or a biometric signature such as a finger or palm print, vascular mapping of a hand or a retina to be scanned.

“These credentials can be used alone or in any combination of two or all three types to achieve the desired level of security. Video surveillance systems can be used for access control in this environment by providing an image of a person for comparison to a database of authorized persons. This comparison can be made by a physical security officer, or through the use of facial recognition and video analytics.”

SOLVING THE SWINGING DOOR ISSUE

The primary controls that can be used at swing doors and turnstiles to detect attempted piggybacking are LiDAR solutions or other optical sensors. The goal is to first confirm the credential holder, then create a detection strategy that prevents entry or tracks a piggybacking situation tied to a camera that can detect the secondary person.

According to security consultant and CTO of ESI Convergent, Pierre Bourgeix, these scenarios tend to be more of a deterrent or investigative tool rather than a prevention strategy.

“The only true prevention strategy is the use of a security revolving door or mantrap portal solution. The critical point is that access and identity to entry must be cohesive, occurring simultaneously during the entry event. This is your prevention strategy because these types of high security doors have a working principle that prevents piggybacking,” Bourgeix said. “The issue is when a swing door is held open for a second or third person and they could easily enter undetected. The anomaly is an organization with technology that handles such tailgating events: the person that has no read is detected by sensors via LIDAR or optic technology then secondarily by camera which validates that this person does not have a registered credential.”

Swinging doors with a credential reader are locked until a valid credential is presented. However, once that door is unlocked it can be held open for several other unauthorized users to come through, which creates the access liability. Coordinating various solutions using access, video and sensory devices can integrate in an almost seamless fashion with swinging doors. For security consultant Sean Ahrens, the assertion is that the user weighs the options and chooses the solution that best fits the specific facility and security culture.

He said that the most inconvenient approach is to use hard anti-pass back, which requires a person to use a credential to enter and exit. Failure to present a credential on exit will disable the credential from being used to re-enter the facility.

“This can be very inconvenient and goes against the current “frictionless” access control mantra that many are spreading. An alternative approach is not to disable a credential but automate a response to the person’s supervisor via a rule/flow process and require the completion of security classes for the supervisor and the offender within a specific timeframe,” Ahrens said. “In this way it becomes a compliance issue, and people will be compelled to use their credential properly rather than be reprimanded by their superior or re-take training that is mundane. Facial recognition can be used to automate access, however, COVID and mask requirements may limit the effectiveness of these systems and could permit false acceptance.”

This article originally appeared in the March 2021 issue of Security Today.

Featured

  • 7 Reasons Why Governments Need to Regulate AI

    Recently, Elon Musk unveiled two remarkable AI applications. A humanoid robot named Optimus, with its remarkable human-like speech and movements, and a fully autonomous car, absent steering wheel and pedals, called Cybercab. While these examples represent a broad trend of AI integration across industries, they highlight technology’s transformative potential, prompting a need for regulation to ensure it is used responsibly, securely and ethically. Read Now

  • OR Code Phishing on the Rise According to New Report

    KnowBe4 recently released its Q3 2024 Phishing Report. This quarter's findings reveal the most frequently clicked email subjects in simulated phishing tests, demonstrating the continued efficacy of HR and IT-related phishing attempts. KnowBe4’s Q3 2024 Phishing Report reveals that HR and IT-related phishing emails claim a significant 48.6% share of top-clicked phishing types globally. Despite evolving techniques by bad actors, phishing emails remain among the most prevalent tools for executing cyberattacks. Read Now

  • United HealthCare CEO Killed in Targeted Attack in New York City

    United HealthCare CEO Brian Thompson was killed in a targeted attack early Wednesday in Manhattan Read Now

  • Theft, Crime Driving Retail Workers to Look for New Jobs

    More than four in ten retail workers in the U.S. say they are likely to leave their current job in the next 12 months due to personal safety concerns, according to new research conducted by the Loss Prevention Research Council (LPRC) in partnership with Verkada. Read Now

Featured Cybersecurity

Webinars

New Products

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3