For many businesses and organisations, access control and management of trusted identities is key to their overall security, safety and site management policies. With the rise of regulations to address the current pandemic, access control and the use of trusted identities is a benefit when it comes to ensuring compliance with the evolving requirements. However, it is essential that businesses carry out due diligence when selecting core technologies to ensure the solutions are future-proof and deliver the expected level of security.
Access control systems are often at the core of smart solutions for a simple reason: they capture real-time status information about who is on-site at any given time, and often can pinpoint their exact locations. They can also provide additional information such as identifying whether a qualified first-aider is on site, creating muster reports in the event of an emergency evacuation, or tracking assets around a site. As such, access control is a critical technology, not only for security and safety, but also for efficient site management.
Many businesses and organisations will have some form of legacy access control in place. This can range from the most simplistic options, such as locks and keys, through to technology-based systems such as Wiegand-based access control systems. The issue with legacy systems of any type is that risks, just like technology, evolve. What was secure, convenient and efficient a few years ago is often found wanting as the threat landscape changes.
Wiegand is one of the most common communication protocols between readers and controllers in legacy access control, with estimates indicating it is used in more than 90 per cent of installed systems. This is despite it having well-publicised vulnerabilities and weaknesses. Wiegand is unencrypted, delivers limited range options, and is operationally inefficient. It is also easy to target via its learnable language and a host of hacking devices available via on-line sources.
Because the issues with Wiegand are so well publicised, the access control sector moved to implement a newer, more robust and evolving security standard. The result was OSDP: Open Supervised Device Protocol. OSDP is an access control communications standard designed to improve interoperability among access control and security products.
The growth of networked devices, such as video and access control products, has led to an increased demand for converged solutions. Businesses and organisations recognise the value in implementing an integrated solution to enhance security and add value to a technology investment. OSDP delivers a protocol which is both secure and open. This is why it is being adopted by industry-leading manufacturers for access control and has become an IEC standard.
OSDP is a constantly evolving standard, which ensures it can adapt to new and emerging technologies, and react to new threats. This not only makes it safer and more robust, but also ensures it is future-proof. OSDP with Secure Channel Protocol (SCP) supports AES-128 encryption, and the protocol monitors cabling to protect against tampering. Its encryption and authentication help prevent ‘man in the middle’ attacks, such as the use of a tool to penetrate and alter the communication between the card reader and access controller.
Because OSDP supports bidirectional communications, a number of benefits can be realised in terms of system flexibility. Readers can communicate with the management platform, and the system can send data to the readers. As a result, reader configurations can be set in the system software and sent to the reader via the controller. Another benefit is reader status monitoring, polling and querying. For enhanced security, tampering and malfunction detection can be carried out remotely.
OSDP supports smartcard technology applications, including PKI/FICAM and biometrics, as well as other authentication protocols which offer Federal Information Processing Standards (FIPS) compliance.
With OSDP, the range of benefits outweighs the cost of upgrading. Increased security coupled with business efficiencies add value for those administering the system, and a high level of interoperability ensures users can deploy systems from numerous third-party manufacturers.
When a site’s needs change, OSDP offers significant cost savings as the open functionality makes adding new devices easier and reduces the expense of requiring all readers to be replaced if a new solution is installed. Businesses and organisations transitioning to OSDP will also enhance value in terms of operational costs such as servicing and maintenance.