The Five Phases of Access Control

The purpose of access control is to grant entrance to a building or office only to those who are authorized to be there. The deadbolt lock, along with its matching brass key, was the gold standard of access control for many years; however, modern businesses want more. Yes, they want to control who passes through their doors, but they also want a way to monitor and manage access. Keys have now passed the baton to computer-based electronic access control systems that provide quick, convenient access to authorized persons while denying access to unauthorized ones.

Access control systems aim to control who has access to a building, facility, or a “for authorized persons only” area. This is typically carried out by assigning employees, executives, freelancers, and vendors to different types of groups or access levels. Everyone may be able to use their access cards to enter the main door but not to areas containing secure or privileged information.

 

Beyond the obvious reason, physical security, there are several reasons a business or medical facility might need an access control system.

 

Compliance:

.Hospitals, doctors’ offices, and health insurance companies need to comply with HIPAA health data regulations.

.Banks, insurance companies, and any business that accepts and processes credit cards is subject to PCI credit card data regulations.

.SaaS providers, data centers, or any company hoping to maintain SOC2 cybersecurity standards.

 

IP Data:

Businesses that deal with privileged data and intellectual property, such as software developers, entrepreneurs, startups, and pharmaceutical companies need to not only control who comes into their facilities, but which areas they are allowed to access.

 

5 Phases

The 5 phases in an access control system allow it to both rapidly and effectively process users through a structure while documenting who was where and when.

1. Authorization is the phase that turns strangers into members. The first step is to define company policy; determine what people can and cannot do. This should include who has access to which door(s), and whether members of the organization can share access.

The next step is role-based access control (RBAC). By assigning roles to users, they get a certain set of assigned privileges. This comes in handy for administrators since they don’t have to individually update every user, should something change.

Most organizations use employee directories in tandem with RBAC, since these lists include all authorized employees as well as their access levels.

2. Authentication goes one level deeper than authorization. In this phase, members present to a door reader whatever badge, token, or credential they were given upon being authorized. The reader will check its validation to determine whether or not it should unlock the electric lock on the door in question.

3. Access: Now that the credentials have been authenticated, the access tools available at this stage make sure everyone gets in the right door, at the right time, faster and easier.

Unlock- Upon validation, the presenter can unlock whatever she wants to access. This can happen by pushing a button, presenting an access card, fob, or badge that requests access.

Trigger- Once the request to enter has been received by the access control system, the access is triggered, typically in the form of a door unlock.

Infrastructure- If the door unlocks, multiple events are tracked at once: The user was correctly authenticated, the user triggered an unlock, the door opened and the door closed.

4. Manage

This phase helps the administrator meet several challenges, including adding new access points, onboarding and offboarding users, maintaining security, and troubleshooting problems. Let’s examine some advantages.

Scale:

Cloud-based access control systems can help startups and small businesses when they expand to new offices or additional offices by providing flexible and modular extensions of the existing setup.

Monitor:

Online access control systems send real-time alerts to administrators or security should any irregularity or attempted breach take place at any access point, allowing them to investigate immediately and record the event.

Troubleshoot:

Modern access control systems allow administrators to remotely configure permissions, or seek support from the vendor, should access points or users have issues—a huge advantage over locally-hosted systems.

 

5. Audit

Auditing physical access control is useful for all types of businesses. In addition, it helps certain sectors meet special requirements.

Scale:

Businesses can perform regularly-scheduled system reviews to make sure everything on the access control system is set up properly. It can also tell them if someone no longer employed by the company has been inadvertently left in the system.

Suspicious Events:

Since many access points are routinely tracked during any access event, auditing can prove useful to security officers when investigating unusual behavior. The data can be used to flag or highlight unusual access behavior or analyze it against historical data.

Compliance Reports:

Companies that process sensitive data like patient healthcare information, banking financial reports, or credit card payments must deal with audit requirements in the access control space when filing compliance reports in accordance with HIPAA, SOC2 or PCI. Some special categories like cyber security or ISO certifications also require managed and auditable access control. The audit phase can pull up the proper data for these periodic reports.

 

Security Technology of South Texas is a local leader in access control, video surveillance, and community management systems in the South Texas area. Get in touch with us today to see what we can do to help secure your location.

STST Inc.
Please contact us through email at admin@gostst.com
Through our website form :

Or by phone at  210-446-4863   24/7

Machine Learning to Improve Access Control: Part 2

The “Covid Factor”
 
Covid-19 has changed the way both people and organization view nearly every aspect of interaction almost overnight. From opening the door and interacting with access control measures to rethinking how much of business even needs to be conducted on-site, this re-imagining has actually come at an opportune time relative to recent advancements in access control. Contactless systems are the preferred method for ingress and egress, and this has already been a trend in the industry for some time.

Whether it be an office, hospital, university campus or industrial plant, compliance requires either eliminating manual door activation, for example a hand pressing a switch or using a handle to open a door, and replacing with an automated “no-touch” solution or, when that isn’t desired or possible, enabling the manual door activation to be done with another part of the body (i.e., arm, elbow, hip, knee or foot), which is referred to as a manual ‘low-touch’ solution.
The use of touchless switches (also referred to as “no-touch” or “hands-free” switches) to activate automatic door operators or de-energize locking devices is increasing at an unprecedented rate. It’s very likely that touchless switches could become more common than push plate switches in the not too distant future.

How AI Will Power The Change
 
The addition of cameras to high risk portals has been an early example of this integration trend, enabling managers to be able to tie what took place at an entrance to a corresponding alarm condition such as a forced or jammed (propped) entrance/ exit. This capability can be further enhanced by analytics – for example, facial recognition could be used to determine which individuals might have set off the alarm condition. Analytics and other sensors could count the number of people that move through a portal during rush periods in “open” mode and also determine that a crowd has gathered and more doors/portals need to be opened to address the burst in demand for ingress or egress.
“From a design perspective there is an increasing demand, due to COVID-19, for touchless access. In this case, the integration of technologies and the use of machine learning can be leveraged to provide efficient, safe and secure access. Machine learning and AI are well adapted to leveraging data sets and, over time, gaining an understanding of conditions and matching them to access control and individual requirements,” said Salvatore D’Agostino, the CEO of IDmachines.

D’Agostino sees the convergence of AI into security spaces, not known for their reliance on analytic data, reshaping the landscape. AI can be used as a proactive step against intrusion at a security entrance like a swing door or turnstile and integrated into the access control and video security systems to provide rich analytics and situational awareness.

Emphasizing “What is Going to Happen”

 

“It has long been known that there are often patterns to humans, and to the same extent, enterprise behavior. Access control, surveillance, and intrusion detection systems collect large amounts of data that is often stored and then deleted without much analysis.
Enterprises are now more attuned to the ability to leverage this ‘big’ data. These are evolving now to common data formats, real-time analytics and predictive tools. There seems like there would be a similar evolution in the capabilities of physical security systems where it is not so much what is happening at a turnstile, swing door or entryway, but what is going to happen,” D’Agostino said. “This would leverage the existing systems, sensors and data collection capabilities and use big data, and analytics to drive management and monitoring. The more that physical security systems adopt standard data types, sets and structures (using syslog for logging is a simple example) and the more intelligent these systems become, the more intelligence can be put into predictive analytics.”
—————————————————————————————————————————————
Security Technology of South Texas is a local leader in access control, video surveillance, and community management systems in the South Texas area. Get in touch with us today to see what we can do to help secure your location.

STST Inc.
Please contact us through email at admin@gostst.com
Through our website form :

Or by phone at  210-446-4863   24/7

Machine Learning to Improve Access Control: Part 1

  
With the evolving dynamics of cloud storage and the ability to harness and proactively employ an ever-increasing pool of big data, AI in the form of machine learning and deep learning has become a disruptive technological force in the physical security industry. Advanced AI and low-cost network resources have significantly impacted video surveillance, which has been among the biggest beneficiaries of faster processing and impactful analytics. Building automation, fire systems, intrusion detection, and physical and network access control are all starting to incorporate AI functionality.

AI is increasingly taking a role in making exterior and interior entrances more secure.This technology is moving towards improving system functionalities, including: distinguishing people from objects at a facility perimeter and interior entrances; deterring piggybacking; identifying and analyzing potentially lethal objects and dangerous people; and helping to define secure areas in and around buildings creating a more defensive risk posture for a location.

Convergence

As technology continues to converge and the edges of different traditionally separate technologies start to merge, we face the challenge of how AI may practically support entry solutions such as security revolving doors, turnstiles, and swing doors. A disconnect between the objectives of the building owner and building code regulations can further complicate the security blueprint. But with 5G communications on the horizon, at least for those in major metro areas, multiple systems will be able to communicate seamlessly and instantly. With billions of connected IP devices generating data, Machine Learning systems will have an enormous amount of data to run through algorithms and improve performance in the budding field of intelligent access control.

Because legacy security entrances do not have AI built into their technology, integrating intelligence into secured entrances requires a collaborative effort with a third party solutions provider. Video analytics are increasingly deployed to address use cases such as people detection, piggybacking, dangerous object detection and facial recognition among other issues relevant to secured entrances. The increased integration of AI providers with traditional security entrance partners has resulted in improvements, such as price, speed, ease of use and usability. It also includes the use of machine learning to improve algorithms over traditional modeling and correlation approaches, and integration with other systems and sensors.

The Plan Moving Forward
Security entrances and mantrap portals often combine a number of systems, sensors and requirements. Portals by their nature are an integrated solution combining access control, video surveillance, mechanical hardware, sensors and design. These systems are a micro-scale example of what we can expect to see rolling out in the next decade. As devices move to wireless and 5G increases the throughput and number of IP devices, trillions of data points will be created for algorithms to process.

The limiting factor at that point will be only processing power and the limitations of human ingenuity in programming. Nonetheless, the access control, video surveillance, alarm, and community management/smart home technologies will begin to bleed into one-another and be able to intelligently share relevant information to improve performance, all with almost zero latency. The implications, should this play out ideally, include hybrid systems capable of operating nearly without human intervention, a reduction in the need for monitoring center services, and better response and accuracy for access control and security systems alike.

BRIVO Multifamily Access Control and Home Automation

 

Previously marketed as Parakeet, Brivo’s foray into the multi-tenant video, access control, and home automation market provides a total solution for property management to wirelessly integrate surveillance with building access and smart home features. Properties can make themselves more attractive to new clients by offering a fully mobile experience for access and automation, encouraging them to pay more and stay longer.

 

Anywhere they go with an internet connection, clients will be able to use the app to:

 

  • Adjust apartment temperature or turn on lights
  • Open the lobby door, front gate or garage
  • Access the right floor on the elevator
  • Grant access to guests and take them to the pool
  • Pay rent and submit work orders
  • Save money with energy efficiency controls

 

This all takes place through the cloud, meaning there are no on-site servers to set up and maintain. So long as the location has reliable commercial-grade internet and clients have phones, the solution is seamless and elegant.

From the perspective of the property management, Brivo’s apartment solution makes easier many conventional tasks. Using a single integrated platform, management can:

  • Manage access to doors throughout the property
  • Quickly assign and revoke mobile credentials
  • Monitor common area access and use
  • Control environmental features in vacant units
  • Prevent property damage with real-time alerts
  • Customize reports with actionable data

Furthermore, as many industries look for ways to reduce in-person interaction, self-guided property tours have become an expectation for those looking at upmarket apartment homes. Brivo makes providing self-guided tours easy for both parties while maintaining the security of the complex. With Brivo, showing available units is easier, safer and more convenient.

Multiple properties across an entire portfolio can be managed in one suite of software, with clear delineation between access control features, video surveillance, and automation. Enrolled individuals can be divided into staff and clients and subdivisions thereof, with mass notifications easily sent out to just the group that needs to know. With the elimination of physical keys and fobs, security is improved by reducing the attack surface of your complex to something much more difficult to clone or hack, the personal phone.

Security Technology of South Texas is one of the area’s most experienced and professional teams in physical security, access control, and surveillance. If you would like an assessment made for your business, please contact us at

 

admin@gostst.com

 

Visit at gostst.com 

 

Or call at 210-446-4863