Access control how does it work
Monday through Friday, and 24 hours per day on Saturday, Sunday and Holidays. If the back door to the Administration Building is propped open during normal working hours, nothing will happen.
However, if the door is propped open during the evening or on weekends, the audible alarm will sound. Automatic Unlock Feature. The access control system allows each card reader controlled door to be "automatically unlocked" during certain time periods if desired. An automatically unlocked door can be opened without requiring the use of an access card.
The automatic unlocking feature can be set at the access control server computer on a door by door basis. For example, the management of the Administration Building has decided that the front door of the building should remain open to the public during regular working hours A. Mary Simpson, the security coordinator, configures the access control system software to automatically unlock the front door at A. Each weekday, the front door of the Administration Building will automatically unlock at A.
At P. Persons desiring entry into the building after P. Door status monitoring DFO and OTL features are automatically disabled at a card reader controlled door that has been automatically unlocked by the system. The access control system automatically records various types of system "transactions" on the access control server computer's hard disk. The collection of these stored transactions is called the "system journal".
The system journal is simply a computer database in which records of access control transactions are stored. There are many different types of access control system transactions. Some of the more common types of transactions include:. Valid Access: A entry through a door using a valid access card.
Invalid Access Attempt: An attempt to use an access card at the wrong door or at the wrong time. Equipment Failure Condition: Failure of a portion of the access control system or it's related wiring. Power Failure Condition: Loss of primary power to the access control system. The access control system allows the creation of reports of various types of system transactions. These reports are created at the access control server computer; and may be displayed on screen, or printed on a computer printer.
Reports can be created based on a set of parameters defined by the person managing the access control system. Some of these parameters can include:. The flexible nature of the reporting feature allows the person managing the access control to custom-tailor a report to meet their specific needs. Day-To-Day Operations. The following are some day-to-day operations that Mary Simpson, as manager of the access control system at the Administration Building, is likely to encounter:.
Card Doesn't Work. Situation: Susan Bright attempts to use her card to get into the computer room this Wednesday. Her card does not allow access into the computer room as it should.
Her card works fine at the building entrance doors. This is the first time that Susan has tried to use her card at the computer room door since the access control system was installed. Susan tells Mary that her card doesn't work. Action: Mary checks the clearance code assigned to the card, and finds that she inadvertently assigned the wrong code.
Mary reassigns the correct clearance code, and the card now works fine. Lost Access Card. Situation: Sally Strong has lost her wallet which contains her access card. Sally tells Mary that her access card is lost. Action: Mary immediately invalidates cancels Sally's lost access card. Mary gives Sally a new access card, and validates it using the appropriate clearance code. Change Of Access Privilege. Situation: Bill Nelson, who previously only worked part-time, will become a full-time regular employee next week.
Bill's supervisor asks Mary to upgrade Bill's card to permit access during regular work hours. Action: Mary changes the clearance code assigned to Bill's card to a clearance code that corresponds to his new job responsibilities.
New Employee. Situation: A new employee, Brian Wilson, is hired to work in the computer room. Brian will not be given building access privileges during his first 90 days, but will require daytime access to the computer room. Brian's supervisor asks Mary to issue Brian an access card. Action: Mary issues Brian a new access card.
Mary discovers that she does not have a clearance code that corresponds to Brian's access privileges, so she creates one, and then assigns it to Brian's card.
Employee Terminated. Situation: A janitorial employee, Steve Woods, has been terminated. The contract janitorial company notifies Mary that Steve has been terminated, but that he has not yet returned his Administration Building access card.
Action: Mary immediately invalidates the access card assigned to Steve Woods. Change of Auto-Unlock Time. Situation: The management of the Administration Building decides that the front door of the building should open to the public at A. Action: Mary redefines the automatic unlock time setting for the front door to A.
Lock-Out Of Doors. Situation: The floors at the Administration Building are being refinished this weekend. It will take 24 hours for the new floor finish to dry. The building management has notified all employees not to enter the building this weekend, but is afraid that some employees may forget and come in anyway. Action: Mary sets the access control system to temporarily disable the access privileges of all employees except custodial workers until Monday morning.
Creation Of Report. Situation: Last weekend, someone accidentally turned off the power to a critical piece of equipment in the computer room. John Smith, the department manager, thinks that the accident occurred on Saturday morning. John wants to know all of the employees who entered the computer room on Saturday. John asks Mary to create an access report. Action: Mary uses the access control report feature to print out a report of all persons who entered the computer room last Saturday.
Optional System Enhancements. In addition to the standard access control system features described above, there are many optional features available. Some of these optional features include:. Automatically-Locked Doors. In some cases, it may be desirable to lock and unlock doors automatically. This is often done on buildings which are open to the public during the day, but are closed at night. In these cases, automatic locking and unlocking eliminates the need for a person to perform this function manually.
As indicated above, all doors which have a card reader already have the capability to be programmed to lock and unlock automatically. In some cases however, the building management may wish to automatically lock and unlock doors that are not equipped with a card reader. Access control is a method of guaranteeing that users are who they say they are and that they have the appropriate access to company data.
At a high level, access control is a selective restriction of access to data. Authentication is a technique used to verify that someone is who they claim to be. Without authentication and authorization, there is no data security, Crowley says. When not properly implemented or maintained, the result can be catastrophic.
Any organization whose employees connect to the internet—in other words, every organization today—needs some level of access control in place. Put another way: If your data could be of any value to someone without proper authorization to access it, then your organization needs strong access control, Crowley says.
The collection and selling of access descriptors on the dark web is a growing problem. For example, a new report from Carbon Black describes how one cryptomining botnet, Smominru, mined not only cryptcurrency, but also sensitive information including internal IP addresses, domain information, usernames and passwords. The Carbon Black researchers believe it is "highly plausible" that this threat actor sold this information on an "access marketplace" to others who could then launch their own attacks by remote access.
These access marketplaces "provide a quick and easy way for cybercriminals to purchase access to systems and organizations These systems can be used as zombies in large-scale attacks or as an entry point to a targeted attack," said the report's authors.
In larger buildings, exterior door access is usually managed by a landlord or management agency, while interior office door access is controlled by the tenant company.
People new to access control may think the system is made up only of the card and the card reader mounted on the wall next to the door. But there are a few more parts behind the scenes, all working together to make the magic that grants access to the right person. Reading it will give you a full and comprehensive understanding of how access control systems work and the language required to communicate with vendors.
This is typically carried out by assigning employees, executives, freelancers, and vendors to different types of groups or access levels. Everyone may be able to use their access cards to enter the main door, but not be able to access areas containing secure or privileged information.
For clarity, we divide the components into three groups: user-facing components, admin-facing components, and infrastructure components. The most familiar parts of access control systems are the cards, ID badges, and, more recently, the smartphone apps that elicit an OK beep when presented at a card reader and unlock the door. These are also known as credentials, since they bear the user's data that tells the reader to grant you permission to be on the premise, or in other words, that you are an authorized entrant.
Access cards are typically proximity cards that, rather than being swiped or inserted like credit cards, are held two to six inches in front of the card reader. The same procedure is followed for phone apps. The benefit of using credentials is that they are personalized, so any unlock event can be traced back to the person associated with it.
The admin-facing side is the management dashboard, or portal, where the office administrator, head of security, or IT manager sets the parameters of persons allowed to access the premises and under which circumstances they can do so.
This involves a management dashboard, often in the cloud, and a way to provision access—such as a card programming device. In more advanced systems, the manual operations aspect can be automated. For example, the provisioning creating and deleting access can be done automatically by connecting the access dashboard to the company directory of employees.
The infrastructure components are the ones that rely on your building infrastructure in order to function. The most obvious parts are locks, but there are other components, such as the controller, server, and cables.
Electronic locks are used to electrically unlock the door on which it's installed. They usually have a wire that powers them. Some locks will lock when they are supplied with power, while others unlock when supplied with power. The first ones are known as fail-safe locks and the second ones are known as fail-secure.
The choice of which to use depends on the area being secured. Entry doors call for fail-safe locks, since they need to comply with building codes and fire regulations that call for people to be able to exit at any time, even in the event of a power outage. IT rooms should be wired fail-secure because they need to remain locked at all times, even in the case of emergencies.
Fail secure doors also need to be equipped with electrified push bars to allow people to exit quickly in case of a fire. Also known as the access control field panel or intelligent controller, the access control panel is not visible to most people in a facility because it's installed in the IT room or the electrical, telephone, or communications closet.
The reason for this precaution is because all the locks are wired to it. When a valid credential is presented at the door reader, the panel receives its request to unlock a specific relay, which is connected to the specific door wire. Every access control system needs a server where the permissions are stored in an access database.
It is really the server that makes the decision whether the door should unlock or not by matching the credential presented to the credentials authorized for that door.
The server can be a dedicated local Windows or Linux computer, a cloud server, or even a decentralized server when the permissions are stored in the door reader. The server also tracks and records activity and events regarding access, and it allows administrators to pull reports of past data events for a given time period.
If a locally-hosted access control server is used, there is typically a dedicated machine that runs the access software on it. Managing it requires the administrator to be on-site. Since having to contend with several local servers can become complicated for multi-facility management, cloud-based servers are gaining a lot of traction in this area.
Cables are a critical part of access control and can prove to be very expensive if installed improperly, so they should never be overlooked in planning an access control system. When building out space, it's important that all the cables are specified so that the general contractor knows what to do. If the cables are not planned for at this point, they will need to be added in later:This means someone will have to drill into, or lay cables on, all the newly-painted walls.
Beyond the obvious reason of needing an additional layer of security in a facility, there are multiple other reasons why access control—in particular, cloud-based access control—should be an essential part of any business. Installing an access control system prevents undesired people from entering your building, but not only that! It also makes sure that other interactions are perfectly regulated, such as visitors coming to your office or couriers delivering packages for your business.
Compliance has been a big driver for companies to switch to access control in recent years. Many security managers, when facing breaches, can encounter trouble if they have not been complying with a series of certifications.
Having a certified access control system like Kisi increases your credibility, makes you safer and better protectes against malware and hackers, and ultimately leads to increased revenue. Some examples of cases where compliance flows into the need for an access control system include:. Banks, insurance companies, and any business that accepts and processes credit cards are subject to PCI credit card data regulations.
SaaS providers, data centers, or any company hoping to maintain SOC2 cybersecurity standards. Some access control systems integrate with your directories, allowing for automated user provisioning and de-provisioning. Here is a quick list of things we commonly see that cause businesses to convert to access control: Keys are commonly lost or stolen. If you do lose track of a key, a new key will need to be made or a new lock will have to be installed.
Multiple doors may require multiple different keys, complicating security management. Access control solves all these problems. With access control, you can say goodbye to keys for good. Get A Free Quote. I need help with My Business My Home. Are you a current customer? Yes Not Yet. Would you like to schedule a virtual consultation? Yes No.
Yes, Please No Thanks. This field is for validation purposes and should be left unchanged. More From The Bay Blog. Bay Alarm November 5, Read More. October 25, A security system will only keep you safe if it functions properly. You should check and test that your security