What is Access Control?
Not sure where to start with access control technologies? Here’s the key information you need to find the right solution for your organization.
The Components of Access Control Security
Access control system technology, as the name suggests, is a way for you to manage who has physical access to a specific space, whether that’s a room, a building, or a larger complex.
Access Control Readers are special hardware devices installed at key access points – doors, gates, fences, elevators, etc. – that require each individual trying to enter to identify themselves. There are many choices at different cost points and using different communication methods. Readers can be as simple as push buttons; they can be keypads or card readers; finally, they can be advanced solutions such as biometric reading devices. Your choice should be guided by the level of security you need and the complexity of your organization. The more doors and people involved, the greater the value of a solution that is easy to manage and customize.
“Credentials” are the unique identifier for every individual who is given access to a space. The technology chosen here must be compatible with your access control readers. If you’re using a keypad, for example, then the credential is a pin code. For proximity readers, which use RFID technology, the credential is typically the familiar access card or key fob. A recently introduced option is a mobile credential which resides on your smartphone and is communicated to the reader via Bluetooth Low Energy (BLE). A biometric credential is a trait that authenticates the individual: your hand, your face, retina, or fingerprint. As with access control readers, your choice of credentials will depend on the needs of your organization.
Learn more: 4 Types of Access Control Credentials
Typically, openings connected to the access control system are protected by electric locking hardware to keep the door locked except to allow someone authorized to enter. There are many different lock options, usually designed to match the architectural style of the building, the type of opening, and the requirements of your access control system. In all cases, locks must adhere to life safety and fire codes so it’s very important to consult with an expert on choice of locks, installation, and configuration.
This device is the local controller of the access control system, checking credentials and granting access to individuals. One panel is able to manage several doors, but in large buildings it’s typical to have more than one panel. They are usually installed in an IT or communications closet, so they are not a part of the access control system that is visible to users.
The software is the real heart of your access control solution. Software can be loaded on a local or remote server, or the software can be housed in a cloud environment. The software that stores user permissions, runs audits, displays user information, and updates the access control panels can be thought of as a database. For very small systems a single door controller can function as an “all in one” solution having both the software and hardware functionality. See below for more on the choice between on-site and hosted solutions.
Types of Access Control: On-site vs Cloud-Based
Not that long ago, there was really only one type of access control system: on-site (aka “on premises” or “on prem”). Everything was installed and managed locally, including the server. But with the advent of cloud computing, that’s all changed, and cloud-based access control is becoming more and more common.
So, which one is right for you? Let’s take a quick look.
| Consider on-site if… | Consider cloud-based if… | |
|---|---|---|
|
Flexibility/Scalability |
Your needs are stable and unlikely to change | You need to be ready to add features or expand the system |
| Cost | You prefer to pay up front (CAPEX oriented) | You prefer to pay as you go (OPEX oriented) |
| Resources | You prefer to maintain server(s) yourself | You prefer to outsource server management |
| Security | You can manage security updates and disaster recovery yourself | You need help managing security updates and disaster recovery |
Learn more: The Advantages of Cloud Access Control
Access Management Quick Start Guide
Here are some standard access security configurations for organizations of all sizes. Remember that customization is possible in almost any scenario, so it’s essential to work with an experience partner who will right-size your solution.
Standalone System
-
One to two doors, with keypads or proximity card readers
-
On-site server and connected computer
Web Accessible System
-
One to two doors, with keypads or proximity card readers
-
On-site server accessible from anywhere via a web portal
Networked System
-
Multi-building or multi-site system using proximity or smartphone readers
-
Managed from a central location with a data server and networked computers
Cloud-Based System
-
Multi-building or multi-site system using proximity or smartphone readers
-
Cloud server managed at an off-site data center, with anywhere access via a web portal
Fully Managed Cloud System
-
Biometric readers and IP-based infrastructure for greater cybersecurity
-
Cloud server managed at an off-site data center, with access from anywhere there is an internet connection via a web portal 
-
Monitoring by security professionals for real-time management of the system
How to Implement an Access Control System
As a critical part of your security, access control requires professional design and installation, even for small systems. Here are the main steps that you can expect.
Access Control System Design
The design stage starts with a full understanding of your access control needs and how your access control solution will contribute to the health, safety and security of your employees, your customers, and your business. Key questions that should be answered during the design phase include:
-
What is the value of the assets behind the access control point?
-
How many openings are being covered, and what kinds of doors or entryways are they?
-
How many users will there be, and why kind of credentials will be used? What is the process for managing credentials going forward?
-
What hardware and cabling are needed? Can existing equipment be reused or repurposed? How can disruption and cost be minimized?
-
What integrations could help improve security or ease of use?
-
What are the server requirements, and how will they be met (on site or on the cloud)?
-
Who needs access to configuration and reports?
-
What local and national codes must be addressed in the design?
Access Control Installation
Once your needs are clearly defined, the next stage is to install the equipment. A typical access control system for business or commercial applications requires the installation of a variety of electronic hardware components and cabling infrastructure. Depending upon the scale of the project, installation could take just a few days or extend over months in the case of a large system or new construction.
Access control systems are complex with multiple technologies and hardware needing to work together as a single solution. It’s essential to partner with a security solution provider who can guide you through the process smoothly.
Access Control System Configuration
Every user of the access control system will need to be managed. Access privileges are highly configurable. They can be set differently for different people, at different times of the day, and with special rules at some exits. The industry uses three standard models for thinking about how to assign and control credentials.
-
Discretionary access control (DAC): This is essentially an “open” system for managing credentials. Anyone with administrative privileges in the system can set or change credentials.
-
Role-based access control (RBAC): This model is a bit more restrictive. Access credentials are defined based on role, and administrators can only assign a user to a role – they can’t change the credentials within a role.
-
Mandatory access control (MAC): The strictest model, in which administrators have essentially no control over credentials. Typically, the job of assigning credentials is the exclusive responsibility of a senior security leader, such as a Chief Security Officer.
Talk with your provider about what will work best for your organization, and the right balance between flexibility and security.
Access Control Integrations
There are a range of integrations supported by modern access control systems, and it’s common to integrate with at least one of these other systems:
-
CCTV
-
Intruder Detection
-
Fire Detection
-
HR database
-
Time and Attendance
-
Workspace Management and Visitor Management
Since nearly every access control system installed now requires these integrations, it is important to select a knowledgeable partner.
Need More Help? Talk to One of Our Experts
We’re here to help you find the right access control solution that will deliver the security you need and the experience that your employees and customers expect.
