Since its recent resurgence, the access control sector has been constantly evolving to enable better security processes in the next generation of smart buildings.
Moving from the physical key, to the radio frequency identification (RFID) card, to passwords, smartphones, video, fingerprints and other biometric identification. As access control goes digital so does its vulnerabilities.
The smart technology movement can be boiled down to one word, “connectivity.” Greater connectivity enables the sensory capability of the internet of things (IoT), it facilitates the use of big data for real-time analytics, for access control it allows personal devices to speak to security systems and security systems to utilize server data. But with greater connectivity, in a digital sense, comes vulnerability to cyber attack.
Furthermore, with so much personal data being held in databases, privacy fears are rife. As is commonplace in this digital era, uncomfortable amounts of our private information are being held by a variety of private companies.
We question not only if that company is using or passing on that information in a way we would not approve of, but also if that company is securing that information from those who may want to steal it. For the company holding that information, a breach, if made public, may impact the reputation of the firm but how many breaches do we really know about? And does this situation really motivate firms to keep on top of the rapidly evolving cyber-security space?
So where before we only had losing a key to worry about, now we may have our passwords hacked or even our biometric information by-passed without our fingerprints ever leaving our pockets. To add to the conundrum, by adopting these cyber systems we are exposing our personal information to cyber-theft, potentially compromising much more than a locked door in our increasingly digital lives. So why have we swapped the simple world of physical locks for connected access control that might open us up to a world of vulnerabilities?
Well, because it allows us to do more, do it quicker, more flexibly and more easily. In its simplest level an RFID key card or smartphone allows you to walk into a secure building without the time needed to search for a key or confirm your credentials with a security guard. Biometrics offer access even if you left your key, card and phone at home. Remote abilities enable someone to allow access from anywhere in the world. Once in the building, these systems can control which part of the building you can enter and track your movement.
These reasons are enough to convince even the most security conscious organisations. Last year, Terry Halvorsen, CIO of the Defense Department, stated that the standard access card, which federal employees use to gain access to both physical buildings and computer networks, will be replaced within two years. He claimed smart cards would be supplanted by an “agile, multi-factor authentication system.”
The modern office and especially the millennial generation workforce now demand this kind of flexibility in the workplace. Remote working has become more than a luxury, it has even become a necessity for many companies. Hot-desking allows employees to login anywhere in the building, creating a more integrated and dynamic working environment. These are the realities of the modern working world, and the evolution of access control is simply to create security to facilitate this flexibility rather than simply to make things more “secure.”
Beyond physical entry applications, new age access control systems are creating new opportunities and value. Cloud maintenance management software (CMMS), for example, allows technicians to investigate problems, re-order parts and even track service duration for billing accuracy, according to their specific security clearance.
Access control is even bidding to offer the infrastructure of a building’s entire automation system: “I also see the provision of building automation coming from within the security industry. The reason I say that is because, essentially, what you’re doing is the same – you’re communicating with different devices. From an access control perspective we know where all the people are in a building, which is a fantastic foundation upon which to base a lot of other activity. You could argue that there is no better place to provide building automation from than access control,” Adam Stroud, Chief Executive of Paxton Access told Memoori.
This is not a case of making our old system more secure with new technology, it is about developing new technology to try and secure a more progressive system.
“Acclimatising to a rapidly changing business environment, reshaped by fast moving technology and new competitors from outside the traditional business, will require clear vision of the present and future business opportunities and skillful implementation of appropriate strategies,” explains our recent report The Physical Security Business 2016 to 2021.
So if we want to progress our digital society securely, technology must find a way to protect us from all the threats our cyber-physical world creates. Currently the use of trusted identities that are communicated over protected channels using the latest cryptographic algorithms serve this purpose. The sector and the savvy user live in fear however, knowing that the rate of change and the number of players involved make regulation challenging and security breaches likely.
The simple fact is that we need more secure technology to protect smart buildings against cyber-physical attack. However, as access control technology improves so does the hackers ability to infiltrate that technology. This "cyber dance" between hackers and technology companies will continue. The access control sector has stepped up to the challenge, facilitating a connected world and, for now, a secure enough one.
[contact-form-7 id="3204" title="memoori-newsletter"]