29 Sep 2016
What to remember when combining physical and logical access control
**This article originally appeared in A&S Magazine. Read the full post here.
Increasing security concerns and advancements in technology have forced access control companies to come up with innovative solutions. One such measure has been the combination of physical and logical access control systems. According to industry experts this offers one of the most efficient entry management systems.
“Integrating physical and logical security provides the benefit of simplifying user management whilst increasing security,” Mike Sussman, Technical Director at TDSi. “Integration ensures that any changes to a user’s profile are updated in all systems without any delays. In these cases, security is often managed by the IT staff with the benefit of reducing a requirement for extra staff to manage the access control system and to concentrate on risk and compliance. Integration also has the benefit of increasing security as functionality such as restricting logical access if no physical access has occurred reduces tailgating and thereby increasing site security.”
But there are several factors to consider when integrating physical and logical access control. According to Daniel McVeagh, Senior Product Manager at Gallagher, logical and physical access systems both share the need for robust methods for authenticating an individual at the keyboard or door.
“Sites are increasingly looking to standardize on the authentication methods used for both logical and physical systems, with both linking back to single point of truth for the individual’s identity,” McVeagh said. “Factors that need to be considered in achieving this are what authentication factors (e.g., smartcards, biometrics, PINs, etc.) can be used by both the logical and physical systems, how issuance and maintenance of the factors are controlled by the organization (e.g., are different departments managing credential issuance for logical and physical access systems?), and what linkages do both systems have back to the database storing single point of truth for the individual’s identity.”
Mitchell Kane, President of Vanderbilt Industries said one of the main factors that organizations must consider with this type of access control is the security of the data being transmitted.
“Logical access controls are used to protect the network – for identification, authentication and authorization on a computer,” Kane said. “Combining the two spheres enhances protection in the event of an attempted breach. As an example, if someone does not access the building, but attempts to log in to a computer on the premises, that would trigger a red flag on the network. Combining the two takes security one-step further to bolster network security and alert officials in the event of a potential threat. As with the shift from analog to IP video in the industry’s surveillance sphere, the network integrity must be taken into account when merging physical and logical access. This shift also brings into play a positive working relationship between security directors and IT leaders, both of whom must collaborate to implement this type of strategy.”
Julian Lovelock, VP of Strategic Innovation at HID Global emphasized the importance of multi-factor authentication when it comes to this sort of integration, while pointing out its advantages.
“A variety of physical and logical access control capabilities are being enabled by new types of on-the-go, trusted digital identity technologies,” Lovelock said. “These technologies facilitate a more convenient experience for users across many applications – i.e., for building occupants as they enter and exit facilities; employees who log time and attendance, make purchases at a facility’s cafeteria, open parking garage gates and access data and cloud-based applications and services; travelers who receive digital hotel room keys over the air before arrival; and bank customers who receive transaction notifications on their phones for approval before execution. Among the factors to consider when evaluating solutions is the ability for users to choose any combination of ID cards, phones or other mobile devices for the best possible security experience – and the coming years will bring even more options.”
Kurt Takahashi, Senior VP at AMAG Technology also spoke on the topic, elaborating on the functional aspect of the combination. “I think the biggest use case I can see in combining physical and logical is more around inside a direct perspective of people gaining access to the facility or gaining access remotely at the same time, or looking at behavior, or when people are accessing, what areas of the building are they in, what types of things are they trying to do within the systems,” he said.