Access control for both physical and cyber systems are critical, but many organizations rely on outdated technology and communication protocols. These can leave them exposed to data breaches, potential theft of intellectual property, and compliance violations. The problem goes beyond outdated credentials.
Physical access control systems(PACS) are made up of card readers that communicate with a controller via an access control protocol. Older systems are difficult and costly to maintain, limited in functionality and distance, and cannot be updated remotely.
A glaring weakness of older-technology PACS involve the use of proprietary software that is bound to specific hardware. This type of vendor lock-in limits an organization’s ability to turn to alternative suppliers, which could improve security, reduce costs, and enhance the user experience.
Convergint partnered with HID Global access control systems allow users to eliminate vulnerabilities, add multi-application capabilities, and pave the way for user-friendly mobile credentials.
Don’t Make Physical Access The Weak Link
Physical security and logical security management have often evolved along separate tracks, but over the past decade some physical access security products have been incorporated into IT networks, and IT has become increasingly ingrained in the procurement, evaluation, and maintenance of physical security products.
Likewise, risk mitigation through the convergence of physical and logical access is rising to the forefront, and technology is delivering the necessary security. Second-generation smart cards from HID such as Seos® are architected to enable virtually unlimited applications and allow organizations to manage the credentials independent of the underlying hardware.
These newer credentials can be used to manage secure identities not only for cards, but on mobile devices, wearables, and other form factors, and to connect via NFC, Bluetooth, and other communication protocols. Mobile devices and wearables are less likely to be left at home or to go unreported for days or weeks when missing, as is often the case with physical cards.
Replacing physical credential management with a digital process enables organizations to respond quickly to security issues, such as deactivating devices and deprovisioning a user’s credentials over the air. Similarly, mobile credentials can be issued and updated electronically while eliminating the costs and time lags of reissuing plastic cards.
Take Advantage of Upgrade Opportunities
Implementing new, more dynamic access control technologies provides many benefits over maintaining older, more static ones. The business case for an upgrade can be built around three key benefits: increased usability and support for mobile credentials now or in the future; operational efficiencies in reducing card management issues, such as massive re-carding; and greater security.
With a solid business case, security teams can seize on specific events and circumstances to implement HID recommended upgrades:
IT network or infrastructure upgrades present an opportunity to align physical and logical access systems, practices, and processes by simultaneously implementing a physical access control upgrade that protects investments with increased security and takes advantage of new technology.
A merger or acquisition provides an opportunity to introduce new technology rather than absorb the cost of integrating two separate legacy systems.
Implementing a common system standard provides the means to centralize management of secure identity to ensure consistency, greater security, and a more efficient use of resources.
Facilities consolidation, addition, or relocation often requires massive rebadging, an event that is much simpler to coordinate and manage on a single, centralized standard.
Security teams face a number of challenges when it comes to upgrading PACS without disrupting day-to-day operations. An essential element of any upgrade plan is a complete site survey to determine what is installed where, and what it is meant to protect.
HID recommends the following key steps in the migration process:
Start small with a test lab for a well-defined area, such as one floor or one building, and then expand from there.
Establish a firm plan on where and how to begin, such as determining that new credentials go first to new employees, or to particular buildings or regions.
Create a rebadging strategy and process. For global organizations, rebadging can be a huge, complex operation that requires careful coordination and procurement.
Set firm target dates with management buy-in.
Most organizations have determined that a best practice for upgrades is establishing a standard for a multi-technology credential that supports older and new access systems in order to accelerate transition. However, some organizations may realize reduced costs with a wholescale transition to new single-technology cards and related infrastructure.
The Sooner The Better
While many organizations today are aggressively improving their cyber strategies and defenses, physical access controls are often overlooked. Criminals and malicious insiders will always attempt to find the weak link in an organization’s security defenses.
Organizations need a platform that is flexible enough to support multiple applications for managing not only physical access to buildings and spaces, but for managing logical access such as computer login.
Adding new applications such as time and attendance, secure print management, biometrics, cashless vending, and more, creates opportunities to implement improved credential technology. The freedom to move access control to phones, tablets, wristbands, watches, and other wearables offers choice and convenience to end users.
The sooner an organization begins the transition away from legacy systems and devices, the sooner it can close security gaps. A well-planned transition strategy can reduce organizational resistance and build management support.