For many businesses and organisations, access control technology remains a constant part of their day-to-day operations. In many cases, the user won’t even give a second thought to the technology for a simple reason: good quality access control is robust, resilient and highly efficient. In short, it works and works well.
Over the years the technology has become smarter, and modern solutions offer a tangible return on investment, delivering security and safety to staff and visitors alike, along with other benefits such as time and attendance, asset management, muster reporting, occupancy management, etc.. However, where businesses and organisations have tried to cut costs by reusing legacy credentials (such as cards, tags and tokens), they might have inadvertently compromised the overall security of their systems.
If there is one constant in the technological landscape, it is change. Today, technologies are advancing at a faster rate than was ever before possible, and the increased performance delivers additional benefits for businesses and organisations. This is very much the case with access control.
Where once the various systems were very much focused on controlling who entered (and left) a site, building or department, today’s solutions can implement a range of policies based upon the use of secure and trusted identities. Whether the requirement is for controlling access through specific doors, managing log-ins for digital infrastructure, authenticating permissions for the use of assets, or offering personnel benefits such as cashless vending, access control can not only meet but regularly exceed user expectations in terms of business benefits and added value.
Many of the developments in access control have been realised thanks to the significant advances in computational and processing power. The ability of modern controllers to manage ever increasing amounts of data, quickly and efficiently, have allowed the leaders in the access control market to provide secure and stable solutions which go far beyond the mere control of doors.
Part of this evolution has been the development of more secure and robust credentials. This is critical, as access control now manages an ever higher level of data critical to not only site security but also everyday business processes.
It is critical to remember that any secure system is only ever as strong as its weakest link. In the case of access control, if businesses and organisations reuse legacy credentials, or cut costs buying low cost credentials based upon old technologies, the technology being used by the cards will be the weak point of the system. It matters not how advanced the system’s readers or software are, the weak point will be the credentials. If a card can be copied or hacked, as many of the older technologies can, then the entire system could be compromised.
Early access control credentials used contact technology (essentially card swipe). Thankfully rare in today’s market, the technology has been dropped for any secure use due to the ease with which it can be cloned. Replaced by proximity technology in the 1990s, this contactless technology remains in use today. However, proximity cards are typically unencrypted and so can be read by appropriate devices. Also, the technology does not support many of today’s smart technologies, and so can be limited in terms of functionality.
The development of smart cards opened the doors to enhanced flexibility, although some first-generation protocols suffered with authentication vulnerabilities. These were addressed in second-generation smart cards, along with the development of enhanced privacy protection and adherence to international standards, expanding the appeal of the technologies. Still in wide use, the latest smart card offering add benefits while also ensuring security is not compromised.
Despite the many positives associated with the use of the latest smart card technologies, development with regard to access control credentials has not stood still. The emergence of NFC, and more recently BLE, has led to significant growth in the use of smart mobile devices in place of credentials.
The benefits for businesses and personnel include convenience, and because few people go anywhere without their mobile device, lost or forgotten cards are less of an issue. The use of mobile devices allows contactless entry. The management of mobile credentials is simpler, and visitors or contractors can be sent their credential via an email link, prior to arrival at the site.
The credentials can be time limited, and access permissions can be rescinded or amended at any time by the user. Even in the visitor still has the credential on their device, the access control system will reject it as the intelligence is in the reader and/or the controller.
Staying Ahead of Risks
Understanding the evolution of credentials is a key part of staying ahead of the changing threat landscape. It is critical businesses and organisations ensure they are deploying credentials which do not expose their access control and building management investment to unnecessary risks.
To outline the various technologies and the importance of selecting the right credentials, HID Global, a leader in trusted identities, has created an E-Book designed to inform and educate about the importance of selecting the right technologies to ensure a system remains secure, reliable and efficient.