Intrusion & Access Control

 

 

https://sm.asisonline.org/Pages/On-Site-and-Cloud-Access-Control-Systems.aspxOn-Site and Cloud Access Control SystemsGP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a43444652017-05-22T04:00:00Z<p>​Back in the 1970s, electronic access control systems were rudimentary by today’s standards. Those early systems consisted primarily of simple keypads for inputting PIN (personal identification number) codes, or ID cards and readers using magnetic stripe or Wiegand technology to grant or deny access while also maintaining a record of user access. There were few choices when it came to options, integration, and vendors.</p><p>Fast forward to today: now access control systems are frequently the main control platform in a physical security system. These evolved systems allow authorized staff to move freely while keeping a facility or an area secure—and they do much more. Network connectivity allows integration with security subsystems, as well as with business and operational systems such as retail and HR functions. Open architecture designs allow for compatibility with multiple technologies. Smartphones are becoming a mainstream tool in access control systems, and they can sometimes be used in place of an access card. </p><p>Even the most basic access control solution provides some level of tracking, auditing, and reporting. The combination of advanced functionality, flexible features, and integration with other systems allows current systems to provide in-depth information that far exceeds the capabilities of earlier systems.</p><p>Considering these many sophisticated features and functions can be a challenge for the end user, who must not only select an access control system but also determine how and where it will be managed and which solution best meets the organization’s financial and operational needs. Because physical security is vital to the protection of people, premises, and assets, it’s a decision that requires understanding of the technology and the applications. Following are a few examples of the options available for managing an access control system and where they are best suited.</p><h4>Credential Type</h4><p>In addition to incorporating biometrics and other advanced access credentials, today’s solutions can support PIN pads, magnetic stripe and/or Wiegand cards, proximity readers, and other technologies that organizations already use. This provides customers with the flexibility to select the credential type that best suits their needs. </p><p>For example, magnetic stripe and Wiegand access cards offer the convenience of embedding user-specific information in addition to access privileges. Because they incorporate embedded wires as opposed to magnetic material and can be used with contactless sensors, Wiegand technologies are less susceptible to extreme temperatures and other hostile environments. Cards used in systems that require contact with readers suffer from wear and tear and therefore must be replaced on a regular basis.</p><p>Proximity readers offer tremendous ease of use and the ability to quickly deactivate lost cards and issue new credentials. Because no contact is required between card and reader, credentials don’t suffer from the wear and tear common with magnetic stripe and Wiegand systems. </p><p>PIN pads are often employed for single-door applications, and their lower cost makes them attractive to organizations with limited budgets. They are extremely easy to use but also less secure, because users can easily share their codes with others.</p><p>In addition to cost, security level, and system size, organizations must also consider each technology’s ability to work with a range of access control software, as well as the ability to deploy and manage the solution using any or all of the below models.</p><h4>User-Managed on Site</h4><p>In this scenario, the customer purchases or leases equipment from an authorized reseller/integrator, who installs the system and provides training. A service contract may be included in the sale or lease. The customer is responsible for all programming activity on the dedicated PC, including data entry and updating for names, scheduling, reports, backup, and software updates. Depending on the system, badging may also be included. Other than the installation and training and any service agreement, the reseller/integrator has no additional responsibility.</p><p>Systems managed by the user on site are ideal for small to medium-sized businesses, local government offices, sporting facilities, and the like, where one or two individuals are tasked with maintaining the database, software upgrades, and infrastructure maintenance.  </p><h4>User-Managed Cloud </h4><p>Like the on-site user-managed scenario, this version starts with equipment that is purchased or leased from an authorized reseller/integrator, who installs the hardware and provides training. The difference is that the software is in the cloud and is managed, along with the supporting infrastructure, by the integrator or service provider. All backup, software upgrades, system monitoring, programming, scheduled door locking and unlocking, and other vital access control actions are performed remotely by professional monitoring providers. The user may manage only the simple functions of entering, deleting, and modifying names, and possibly badging via a Web portal.</p><p>User-managed cloud systems work well for sites with few or no IT staff—such as franchise locations or property management sites. Each location can handle the day-to-day functions of database maintenance and scheduling via a Web portal, but reports, applying patches and updates, backup, and other group functions are handled in the cloud by the integrator. One useful advantage of this scenario is that the browser application can be accessed at any time and from any device by the user. </p><h4>Remotely Managed Cloud   </h4><p>The user has little or no access to the head end software in this scenario, and all activity is performed by the service provider. Sometimes known as ACaaS (Access Control as a Service), this service is popular with enterprise-level organizations. Hardware can be new or legacy, owned or leased. When modifications are required, the service provider makes the changes. Reports can be run and sent to the end user on a scheduled or as-requested basis. Credentialing is also handled by the service provider.</p><p>Access control systems for several organizations may be hosted in the cloud by the service provider, and the security of the data is ensured with AES encryption. Multilayered filtering and partitioning allows end users to access only their own information (cardholders, access groups, hardware, etc.), while the service provider has full access to all customers’ data.</p><p>By working with a knowledgeable technology partner, such as an integrator or vendor, users will find the help they need to identify which of these solutions best meet their needs. Expertise and experience can help the end user make better and more confident decisions about an access control installation.</p><p><em>Robert Laughlin is president at Galaxy Control Systems. </em></p>

Intrusion & Access Control

 

 

https://sm.asisonline.org/Pages/On-Site-and-Cloud-Access-Control-Systems.aspx2017-05-22T04:00:00ZOn-Site and Cloud Access Control Systems
https://sm.asisonline.org/Pages/Message-to-the-Masses.aspx2017-03-01T05:00:00ZMessage to the Masses
https://sm.asisonline.org/Pages/Yale-Opens-Doors.aspx2016-12-01T05:00:00ZYale Opens Doors
https://sm.asisonline.org/Pages/Sounding-the-Alarm-at-Lone-Star.aspx2016-08-01T04:00:00ZSounding the Alarm at Lone Star
https://sm.asisonline.org/Pages/Cannabis-Cash.aspx2016-07-01T04:00:00ZQ&A: Cannabis Cash
https://sm.asisonline.org/Pages/What-the-Pulse-Nightclub-Attack-Means-for-Soft-Target-Security.aspx2016-06-14T04:00:00ZWhat the Pulse Nightclub Attack Means for soft Target Security
https://sm.asisonline.org/Pages/A-Dearth-of-Gun-Data.aspx2016-04-01T04:00:00ZA Dearth of Gun Data
https://sm.asisonline.org/Pages/When-Simulation-Means-Survival.aspx2016-04-01T04:00:00ZWhen Simulation Means Survival
https://sm.asisonline.org/Pages/Book-Review--The-Alarm-Science-Manual.aspx2016-02-01T05:00:00ZBook Review: The Alarm Science Manual
https://sm.asisonline.org/Pages/Campus-ID-Gets-a-Makeover.aspx2015-11-30T05:00:00ZCampus ID Gets a Makeover
https://sm.asisonline.org/Pages/Access-Under-Control.aspx2015-08-10T04:00:00ZAccess Under Control
https://sm.asisonline.org/Pages/Washington-Navy-Yard-On-Lockdown-After-Reports-of-Shooter.aspx2015-07-02T04:00:00ZWashington Navy Yard On Lockdown After Reports of Shooter
https://sm.asisonline.org/Pages/Airports-Scrutinize-Employees.aspx2015-06-23T04:00:00ZAirports Scrutinize Employees
https://sm.asisonline.org/Pages/Driving-Toward-Disaster.aspx2015-06-15T04:00:00ZDriving Toward Disaster
https://sm.asisonline.org/Pages/10-Factors-to-Consider-in-Designing-Vehicle-Checkpoints.aspx2015-05-28T04:00:00Z10 Factors to Consider in Designing Vehicle Checkpoints
https://sm.asisonline.org/Pages/Night-Watch.aspx2015-05-01T04:00:00ZNight Watch
https://sm.asisonline.org/Pages/Book-Review-Integrated-Electronic-Security.aspx2015-02-09T05:00:00ZBook Review: Integrated Electronic Security: A Layered Approach
https://sm.asisonline.org/Pages/Preparing-for-the-Worst-2.aspx2015-01-21T05:00:00ZVIDEO: Preparing for the worst
https://sm.asisonline.org/Pages/School-Security-How-To-Build-and-Strengthen-a-School-Safety-Program.aspx2015-01-01T05:00:00ZSchool Security: How to Build and Strengthen a School Safety Program
https://sm.asisonline.org/Pages/Retail-Theft-Inc.aspx2014-10-01T04:00:00ZRetail Theft, Inc.

 You May Also Like...

 

 

https://sm.asisonline.org/Pages/The-Most-Resilient-Countries-in-the-World.aspxThe Most Resilient Countries in the World<p>​Property loss prevention consultant FM Global released its <a href="http://www.fmglobal.com/research-and-resources/tools-and-resources/resilienceindex/explore-the-data/?&sn=1" target="_blank">fifth annual <em>Resilience Index</em></a><em>,</em> which ranks 130 countries on their enterprise resilience to disruptive events. The ranking is data-driven and assesses categories such as economic factors, risk quality, and supply chain. It allows executives to plan supply chain and expansion strategies based on insight regarding risks and opportunities, according to the FM Global website. </p><p>Giving a nod to new trends that affect supply chain resilience, FM Global introduced three new drivers of resilience to its assessment: supply chain visibility, urbanization rate, and inherent cyber risk. Supply chain visibility addresses the ease of tracking goods across a country’s supply chain. “The more visible and robust the supply chain and the faster it can begin functioning as normal following a major local event, the greater its resilience,” the report notes.</p><p>The urbanization rate is based on the percentage of the country’s population that lives in urban areas. While urbanization is typically associated with a country’s development, it can prove to be risky in an area with high natural hazards. And rapid and unplanned urbanization can create pressure on utilities and infrastructure, which can be a significant threat to the country’s resilience, according to the report.</p><p>2017 is also the first year that the threat of cyberattacks has been acknowledged in the report. The inherent cyber risk driver is defined as “a blend of a country’s vulnerability to cyberattack, combined equally with the country’s ability to recover.” This is calculated by determining the percentage of citizens with access to the Internet, as well as how the government responds to cyberattacks. “Countries that recover well from major events are those with a thriving industry in malware or cybersecurity, and where governments are willing to step in and help citizens in the event of a nationwide hacking,” the report says.</p><p>At the top of the list for the fifth year is Switzerland, an “acknowledged area of stability for generations” with infrastructure and political stability that makes its supply chain reliable and resilient. However, natural disasters and cyberattacks remain a threat to the country. </p><p>Also notable is Luxembourg, which was ranked eighth in 2013 but placed second this year. A growth in the country’s services sector, combined with its reduced economic reliance on oil and its business-friendly regulations, makes Luxembourg a safe place to expand operations to, the report finds. And due to its location, Luxembourg may serve as a new home for companies following the United Kingdom’s departure from the European Union.</p><p>At the other end of the spectrum, Haiti is ranked last due to its lack of supply chain and standards and its high rate of poverty. Similarly, Venezuela fared poorly due to corruption, natural disasters, poor infrastructure, and ill-perceived quality of local suppliers.  ​</p>GP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465
https://sm.asisonline.org/Pages/Five-Lessons-for-Global-Investigators.aspxFive Lessons for Global Investigators<p><strong>​</strong><span style="line-height:1.5em;"><strong>1. Technology.</strong> In developed countries, most background information can be obtained from government agencies electronically. This is not the case in developing nations, which drives up costs. For instance, a basic background investigation can cost around $250 in the United States. The same investigation might cost up to $1,800 in a developing country because many investigations require in-person visits, and a great deal of time, to acquire documents.</span></p><p><strong>2. Reliability. </strong>Criminal records in developing countries are not generally as thorough or accurate as they would be in a developed nation. For example, official names on national databases often lack middle names, initials, and even birth dates. If an international investigator is able to narrow down a list of names and identify a possible conviction, he or she would still need to verify any criminal records by visiting the court in question to review the full case files. In a country like The Philippines, which is made up of more than 7,000 islands, this becomes a daunting task.</p><p><strong>3. Missing records.</strong> In many developing countries, bribery or user error can quickly expunge an electronic criminal record. International investigators must check any electronic records against the hard copy source files, which are far less likely to be manipulated. In my experience in Southeastern Asia, for example, up to 1 percent of the millions of criminal records are illegally expunged.</p><p><strong>4. Corruption.</strong> The culture of corruption is strong in many developing countries. Some local unlicensed providers will be able to conduct background investigations at lower rates than a fully registered and licensed local competitor due to lower overhead and salaries. But sometimes this includes underpaying employees. The resulting general lack of motivation on the part of the investigator may lead to shortcuts or falsification of reports. Clients should ensure that investigative firms are members of an international professional association. </p><p><strong>5. Professionalism.</strong> When tracking down sources in a developing country, an investigator faces a lower level of professionalism and a higher level of bureaucracy and apathy. He or she may have to cultivate someone to help work through cultural nuances before getting down to the matter at hand. Most reputable investigative companies in developing countries are registered and licensed with their respective governments, operate out of a registered office, pay their employees the minimum wage, and offer some degree of recourse if a problem develops.  </p><p><em><strong>--</strong></em><span style="line-height:1.5em;"><em><strong>By Jeffrey A. Williams</strong>, CPP, BAI (BOARD Accredited Investigator), CII (Certified international investigator),is president and managing director of Orion Support Inc., Manila, The Philippines</em></span><span style="line-height:1.5em;">​</span></p>GP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465
https://sm.asisonline.org/Pages/ASIS-News-February-2017.aspxJack Lichtenstein Leaves ASIS, Offers Insights on Trump<p>At this, the end of my 22 years as staff executive for ASIS International’s legislative and public policy work, I have been asked to provide some insights into the political near-future of security.   </p><p>These are unnerving times. Rarely has there been such uncertainty about America’s direction at home and abroad as there is at the end of 2016.  All this is in the face of mounting threats to our security and to that of our friends.</p><p>Eventually, Americans will sort it out; they always have. But there are dangers. The sorting may be long and uncertain.  And uncertainty is not the friend of security. Security requires planning, analysis, and agility, none of which can be done well in an environment filled with unknowns. Security is the antithesis of politics, which tends to be careless and messy in democracies. </p><p>The new American administration will be led by a man without credentials in government, who has pledged to change how Washington works. He was elected not as much to keep America secure but because so many Americans feel alienated from their own political and governmental institutions. They see their standard of living in decline; they sense that they have been overlooked, even disdained. More than anything, that explains the election of Donald Trump.</p><p>Trump seems to espouse two overarching themes, both recurring repeatedly in his pronouncements and appointments. One is to restore the U.S. economy to a position of world leadership. The other is to keep America and Americans secure.</p><p>The president has tools to invigorate the economy. His early aims will include accelerating job creation via infrastructure programs and tax and regulatory relief. Nearly all avenues will be aimed at job creation in the United States, despite many economic factors that are out of his control.</p><p>Security is more manageable by the White House, a result not only of presidential control of the bureaucracy but of strong (some would say excessive) executive actions in the form of Presidential Directives issued by the George W. Bush and Barack Obama administrations.</p><p>It is too early to tell which of Trump’s positions—many of which have been incomplete, infeasible, or conflicting—will find their way into practice. But I offer the following recommendations based on what is possible and likely:</p><p>• Pay attention to what he does, not what he says. Trump is known for impromptu statements, which get attention but are not always useful to understanding.</p><p>• Expect emphasis to be on U.S. domestic issues during the first two years. Trump will enjoy a Republican majority in Congress for that long, which he will need to get his domestic agenda passed. He is most comfortable with economic and infrastructure issues, including job creation. He knows he was elected by Americans who want first to restore their country’s economic vitality.</p><p>• “The Wall” is a metaphor, but border security will be real. U. S. Department of Homeland Security selectee and retired U.S. Marine Corps General John F. Kelly commanded the U.S. Southern Command. He understands border issues and security and will be charged with assessing vulnerabilities and determining the right combinations of physical, technological, and personnel means for dramatically reducing illegal immigration.</p><p>• In other matters of security, America will continue to be a reliable ally if for no other reason than that conflict disrupts growth. Trump will expect U.S. allies to invest heavily in their own security. This means that there will be more spending on prevention and response programs, but also avoidance of political positions, for example immigration policies, that lay bare their vulnerabilities.</p><p>• Finally, in any dealings between the United States and other countries, America must emerge a winner. That does not mean the only winner; there can be many. But the United States will not be a loser. As those familiar with Trump’s pronouncements know so well, he abhors the very thought of being a loser.</p><p>As I move on to new professional challenges, I believe more than ever that government relations is an essential role for security professionals. Its aim must be creation and maintenance of effective public-private partnerships in security. This should be part of the mission not only of ASIS but of every ASIS chapter in every country.</p><p>The people of democracies expect those overseeing government and corporate security to coordinate in the public interest. Failure to do so is unacceptable. It not only weakens security, it leaves private practitioners exposed to needless government oversight and overreaction when politicians respond, as they will, to security failures that are sometimes unforeseeable.</p><p>I thank the membership of ASIS International for the privileges of being their counsel and representing their interests these many years. Few pursuits are more vital, and few professions more important. </p><p>--<br></p><p><em>Jack Lichtenstein, former vice president, ASIS Government Affairs and Public Policy ​</em></p>GP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465