An access control system provides a high level of security to an organization by actively controlling and monitoring who is permitted to enter the building, as well as adjunct areas like elevators, offices and other spaces. The concept is simple: employees with the appropriate credentials are able to freely enter; those without the appropriate credentials are unable to open the door. While the main purpose of an access control system is keeping the facility safe from unwanted visitors, it also affords employees with a more convenient mode of entering the facility than a traditional lock and key, and provides the business itself with useful data to better manage its operations.
So which type of access control system is best for your business? Here is a list of options, from the most basic to the most sophisticated, along with the advantages and disadvantages of each. Keep in mind, in many cases, a combination of systems often yields the best results. HID Global senior director, strategic partnerships Brandon Arcement notes it’s usually a blend of three different modes of authentication that works best: “Something you have (such as a badge, keyfob or credentials carried on a mobile phone), something you know (such as a code to punch into a reader), and something you are (biometric information provided by fingerprint, iris and facial recognition technologies).”
The Something You Are—Facial, Fingerprint and Iris Recognition
Unlike something an employee physically carries with them to enter a building which runs the risk of being stolen or copied, a biometric type of authentication model can’t be duped. For this reason, fingerprint, facial and iris recognition is considered to be the most secure type of access control.
It is also the quickest and most convenient for employees to use. Rather than pulling out a phone or fumbling with keys, a user simply looks at or places a finger on the biometric reader, the door unlocks if their identity is recognized and they move on. This “frictionless” form of access keeps traffic flowing; and gives employees a sense that they’re being well protected by what is deemed the most sophisticated of all access control options.
The downside is cost. Like any technology, the more sophisticated it is, generally, the more it costs to implement. Moreover, the enrollment process of each employee into a biometric-style system can be tedious and time consuming, adds John Nemerofsky, president, CGL Techonologies.
Something You Have: Credentials on a Smartphone, Card, Keyfob, or Wristband
Digital cards and keyfobs are easy to use and are a very secure and highly manageable form of access control– unless they are stolen, lost, hacked or cloned—the latter two issues becoming increasingly common. With the appropriate software, restrictions can be set; for example, allowing only certain people in through certain doors and certain times. Additionally, cards, keyfobs, and wristbands can be temporarily or permanently revoked, giving administrators a high degree of control over the management of the facility.
The biggest downside, of course, is the risk of these forms of identification falling into the wrong hands. They also pose a potential bottleneck in operational efficiency, which can manifest in increased costs. Cards, fobs, and wristbands must be ordered, shipped and dispensed to each employee. This takes time and effort and is an ongoing process; when new employees are hired new cards, fobs, or wristbands must be ordered, shipped, configured, and delivered.
For these reasons, many companies are transitioning to mobile credentials. The identification and authentication data resides on users’ mobile phones instead of a chip on a physical card. A phone is something most people carry with them as a matter of course, so there’s no need to spend money on special devices. The unique access codes given to each employee can be delivered remotely, which simplifies and reduces costs of operations.
Something You Know—Passwords to Entered into a Reader
Perhaps the most outdated of access control options, asking employees to punch in passwords is becoming “less and less common,” says Arcement. “We have so many passwords to remember; our brains are cluttered with them, so they are easily forgotten. Plus, passwords can be shared, so they are often considered security vulnerability.” The upside is that deploying this type of authentication process usually less expensive than other options and is one that most people are very familiar with using.
Trends in Access Control
The Cloud: When the time, date and location of employees who enter and leave a building or parts of a building can be logged and stored in a cloud-based server, your company saves money on equipment you might otherwise need to purchase and keep on premise. This makes cloud-based monitoring and management of access control systems a boon to small and mid-sized companies. “Instead of making a huge capital investment, they can pay a much smaller recurring monthly fee for the cloud service,” says Drew Alexander, director of product management at Stanley Security.
Automation: Increasingly, access control systems are being integrated with other technologies on-premise, such as surveillance cameras, lighting, security system, and more. Nemerofsky offers this example: “Let’s say an employee comes to work on a Saturday—after is card has been identified, he is the door to the parking garage opens, as he puts a card to a reader in the elevator, he is given access to log onto the company network, and the lights to his office turn on.”
Analysis: When the cloud and automation combine, administrators are able to glean a very clear picture of how and when certain areas of a facility are used. This can lead to significant cost reductions and better workflow management. Nemerofsky continues: “You can start to accumulate some very important data; for example, if you see that more people enter though a certain door than another, you can invest more of your security dollar where it matters most.”