A number of factors are increasing demand for improved access control. They include new technology capabilities, escalating security threats and the trend to converged solutions that combine multiple applications either on smart cards or a new generation of Near Field Communications (NFC)-enabled mobile phones. Customers may not need the full range of available capabilities — yet. But they do need to meet today’s security requirements with a platform that will preserve investments in the current infrastructure when it’s time to migrate to future capabilities.
Systems integrators play an increasingly important role ensuring companies can optimize security for today’s installations while charting the most cost-effective course for migrating to future capabilities. This approach pays off in a much higher level of security for people and property, both today and down the road. It also improves operational efficiency and cost-effectiveness. This is especially true for organizations that add other applications to their contactless access control cards and those who eventually want to incorporate NFC-enabled smartphones into their physical access control system (PACS).
At the same time, this forward-looking approach increases integrators’ revenue potential while enhancing their value to customers and creating future opportunities to support their evolving needs.
Building the Foundation: Access Reader and Card Technologies
Although migration to new capabilities involves change, it is less disruptive when executed with multitechnology smart cards and readers that leverage an extensible and adaptable platform. Some organizations that are still using Wiegand or another magnetic stripe access control technology may be tempted to upgrade to a low frequency system to improve security. But this still leaves an organization vulnerable, without delivering significant cost savings or an easy migration path.
The best option is to move to contactless high frequency smart cards. When properly implemented and deployed, this approach provides the highest level of security, convenience and interoperability, along with the adaptability to meet future requirements.
The latest smart card technology uses mutual authentication and cryptographic protection mechanisms with secret keys, and a secure messaging protocol delivered on a trust-based communication platform within a secure ecosystem of interoperable products. Ideally, smart cards also must feature a universal, standards-based card edge that improves adaptability and interoperability. Additionally, they must be portable for use on NFC-enabled smartphones so customers have the option to use smart cards, mobile devices, or both within their PACS.
Taking this approach provides the best possible security now, along with the flexibility to adapt to future requirements. There are a number of reasons why this is important.
First, it may eventually be advantageous for an organization to combine multiple applications onto a single solution. In addition to providing centralized management for the organization, this convergence of multiple access control applications delivers ease of use for employees by eliminating the need to carry separate cards for opening doors, accessing computers, using time and attendance and secure print management systems, paying for meals or transit fares, making cashless vending purchases, and other applications.
Second, there may be other new applications that organizations will want to add in the future. This might include biometric templates such as fingerprints, iris or hand geometry, or vein patterns that are securely stored on the card for additional factors of authentication. Other application examples include access control capabilities for building automation and medical records management.
Third, an organization might want to adopt new technologies like the Commercial Identity Verification (CIV) card. CIV technology takes advantage of the infrastructure created by the federal government’s Personal Identity Verification (PIV) program, bringing strong authentication mechanisms to applications outside federal agencies. PACS can be upgraded to CIV by simply augmenting existing panels and door controller functionality, without ripping and replacing the existing infrastructure.
Fourth, organizations may need to deploy new technology when there is a merger or acquisition, or the move to a new location that involves rebranding and/or combining administrative and other systems. Usually at some point in the process, the organization will need to issue new credentials.
Fifth, it may be necessary for an organization to improve risk management in the future, either because of insurance requirements or to decrease costs by reducing liabilities. This may require moving from an outdated system to one with significantly improved security. Ideally, organizations should migrate to the risk-appropriate solution before there is a problem, especially if the existing system is a low-frequency solution that is easily cloned.
Sixth, new legislation or regulatory requirements may prompt the need to increase security capabilities. For instance, the Health Insurance Portability and Accountability Act (HIPAA) imposes strict requirements for accessing medical records, which may necessitate the use of a smart card to enter secure areas or to access IT networks that store patient information.
And finally, organizations may need the flexibility to migrate at least a portion of their cardholders to digital credentials carried in NFC-enabled mobile devices. Mobile access control enables a more hassle-free security experience for users who can carry all of their credentials on a carefully protected device that they rarely lose or forget. Mobile access control credentials will be provisioned in one of two ways. Either via the same type of Internet portal used to provision traditional plastic credentials (the mobile device will be connected to the network via a USB or WiFi-enabled link) or over-the-air via a mobile network operator (similar to how smartphone users download apps and songs). Multiple physical and logical access applications can reside on NFC-enabled smartphones for improved convenience and security.
Page 1 of 2 pages 1
Access Control ·
HID Global ·
Near Field Communications ·
Physical Access Control ·
PIV Credentials ·
Smart Cards ·