There are myriad options available to physical security and facility managers when it comes to selecting an access control solution to address an organization’s threat level and its corporate culture needs. Security consultants agree that there is no one-size-fits-all approach to technology. With that being said, Jeffrey Slotnick, CPP, PSP and President at Setracon Enterprise Security Risk Management Services insists that the number one objective when initiating an access control strategy is understanding access control credentialing technologies that include proximity cards, smart cards, multi-tech cards, and QR codes, as well as Bluetooth and biometrics of all types.
In fact, Slotnick is adamant that at this time and in this place, understanding and working your security technology plan could prove to be a lifesaver.
“We’re in a time where security concerns have increased. Our perpetrators, who have cyber backgrounds, have increasingly sophisticated technology and strive to breach our systems. The potential financial loss by breaches continues to rise and is getting more and more significant, which impacts the bottom line of the enterprise,” stressed Slotnick to kick off his session presentation entitled, “Opening Doors in 2020: Access Control Technology Trends” during Tuesday’s second day of ASIS International’s GSX+ virtual security event. Slotnick was joined by Jon Harris, the Director of Enterprise Solutions at Guidepost Solutions and Michael McGovern, the Regional Sales Manager at Automatic Systems. “We also need to consider speed of throughput, as well as security and safety. How many people do we have to process through a system in order to get them through it in a timely manner and not impact their actual time at the job? And of course, we now have the hygiene concerns due to COVID-19, so contactless technologies and things of that nature will all be up for discussion.”
The New Normal Still Calls for Security Basics
The entire panel agreed that the “new normal” may be changing the course of future technology development and has certainly altered business operations protocols, but the basics of strategic planning for risk mitigation and tech implementation remains a constant. For Slotnick, any access control systems project is anchored by a comprehensive risk analysis and security survey, noting that one needs to understand their organization’s fundamental risk picture before moving forward.
“That risk assessment is critical to the design process. Every good design starts with a risk assessment. It’s actually the problem-solving process. We as professionals cannot propose good solutions unless we understand what the problems are. The risk assessment assists us in defining what the actual conditions are going to be when we propose the system and how it is going to be employed. We need to ask how will the system be used, how many people will be using the system and what special features may be required for things like people with disabilities, the operating environment, the speed of throughput, and things that we talked about previously,” Slotnick said.
You Can’t Touch This
The history of access control – especially when it came to cards and readers – has been an evolutionary tale according to McGovern. As technologies shifted from bar code and magstripe to proximity and RFID cards, encryption and authentication capabilities became even more sophisticated forcing manufacturers integrating these readers into their device to make adaptations. The security controls meant to reduce hacking and prevent unauthorized card duplication also made it difficult for some new card readers to function inside stainless steel or portals and turnstile doors and other entry devices constructed of steel said McGovern. But new products now accommodate these more sophisticated encrypted readers and have helped usher in the shift to touchless technology as a result of the COVID-19 crisis.
“These readers need to be long-range, but they also need to be consistent and focused. For that reason, readers have been designed and readers are currently in use, which serves that purpose. The purpose of these readers is actually to be able to give a targeted and sufficiently long-distance read range from a steal environment and to be able to pick up a card or an access control device which someone will hold but doesn’t need to get too overly close to the reader device,” McGovern explained. “The reason for staying targeted rather than just long-range is because lanes (in turnstiles ques) could be set off accidentally. If someone intends to go through lane number two, for example, they could set off lane number three or lane number four.
“The new readers, the new turnstile-type readers, are one of the new technologies that are more secure,” he continued. “They also provide greater throughput and more reliability which can also address the hygiene concerns in today’s COVID-19 environment. And from a cost standpoint, we’re talking about a low to mid-range cost pretty much typical of a standard card reader.”
When it comes to biometrics, McGovern feels they offer solutions to meet the changing security dynamics of current conditions with an eye on high-security options and deference to new touchless policies.
“We’ve seen thumbprint readers and fingerprint readers, there were also some vascular readers which are more current, but all of those readers require touching. Although those readers have some other limitations as well, biometrics are generally more secure than link credentials that we carry, such as a card or a smartphone or some other key fob, because they cannot be borrowed or stolen. It’s not a matter of what you’re carrying as much a matter of who you are. It’s a matter of your hand, your face, your iris or some other part of your body. In the case of the hand wave readers, the geometry of the entire hand is your credential. The reader looks at your fingers, palm shape and size. They are reliable in our observation, and they have a very low false-positive and false-negative rate,” said McGovern.
“And we’ve noticed in recent months, a great increase in the interest in these products,” he added. “Due to the hygiene issues, there’s no touching required. Another major advance we’ve seen in handwave readers recently has been in the device sizes. They become smaller, they become more compact and they can build be built into a doorway or on the front of a doorway or into a turnstile, a portal, or a security revolving door. Your hands can be clean or dirty, they can be sweaty or cold; it doesn’t affect the read range of sensors. And again, they require no touching whatsoever.”
As far as Harris sees it, the future could be almost entirely touchless. Advanced Bluetooth solutions and the ever-increasing universe of mobile access control apps housed in everything from wristwatches to smartphones is shifting the paradigm of what access control figures to be in the next decade.
“We were seeing this type of technology starting to advance for automation and enhancement of the frictionless experience. The less human interaction with both the device and the phone itself, the safer the experience. With access control and the reader or whatever appliances affording you access through an entry point, we’re seeing new apps or new software that can run in the background of your phone that doesn’t have to be switched on and don’t have to be taken out,” Harris explained. “You can have your badge in your pocket or your phone in your pocket rather, and you can activate it and put it in your pocket. That device is going to interact with the badge reader itself or have Bluetooth preconfigurations that are going to initiate your phone to activate the credential and turn it on. So, think about the same technology when you pop in your Bluetooth earbuds. It looks to locate your phone, and then the devices make a handshake and say, yep, you’re there. Now they’re synced. That same technology can be used for a badge reader connecting with your phone to sync up and say, yep, we’re connected. This is a trusted credential. Now you’re also able to adjust that reader distance as well.”
Harris sees mobile becoming more of a highly adopted technology, with the different features of a mobile device that can also enhance leverage for more capabilities within access control. He thinks that as some other enhanced features become more standard in certain sectors or verticals, the technologies will become more popular.
“As we’re managing through this pandemic crisis, and we’re in COVID, and then post COVID, we’re looking at things like guest access. Being able to send mobile credentials to your guests so that they don’t have to enter the lobby. Almost all human interaction at a lobby can be completely eliminated if I send your credential over mobile. Whether it’s an app or RFID, I have it, I can use it, I’m in. The flexibility of mobile credentialing is changing the way the technology that’s emerging will be used – especially in dealing with a COVID-19 issue. Whether we’re using the Wi-Fi signal or that Bluetooth signal through the phone to identify proximity or bang off proximity sensors as you’re going into different areas of a facility, we can determine how many people have gone in and how many people have been in this area to make shared spaces safer,” Harris said.
“So, for example, maybe in a high-rise building they’ve shared spaces, conference rooms, lunchrooms, gyms, things of that nature,” he continued. “Cleaning them all the time is expensive. But if I only clean them when I know they’ve been occupied and I’m using a mobile app to determine whether occupancy has happened, that can be very beneficial for lowering the cost of maintenance and management of different facilities to different areas of the building.”
The experts concur that it is almost a Wild West of technology scenario in the marketplace right now, with a lot of fast-tracked entrants pushing various solutions. They caution perspective technology adopters to take time to access their options.
“When looking to deploy any of these things you need to determine: is it a fad? Is it a trend and is there long-term use and value to be had? A lot of these things are very expensive to put in either augmenting your existing access control system, like adding temperature screening or mask enforcement,” warned Harris, saying it is crucial to assess your organization’s security goals, culture and of course, its budget restraints. “A lot of us may have champagne tastes on a Miller Lite budget. We really need to reconcile those two things and make sure that we’re assessing solutions that are in our cost-point range.”
About the Author:
Steve Lasky is a 34-year veteran of the security publishing industry and multiple-award-winning journalist. He is currently the Editorial Director for the Endeavor Business Security Media Group, the world’s largest security media entity, serving more than 190,000 security professionals in print, interactive and events. It includes Security Technology Executive, Security Business and Locksmith Ledger International magazines, and SecurityInfoWatch.com, the most visited security web portal in the world. He can be reached at firstname.lastname@example.org