How to Maintain Access Control System Integrity
9 June 2022
Building access control systems are used within organisations to secure access and protect the people and assets within the areas under their control. System integrity is paramount to the safe and successful operation of an access control solution. System integrity can weaken over time due to a wide range of issues. Some of these are hardware related and some due to management of the software database at the heart of the cloud-based access control solution.
Access Control Points
The most common access entry or exit point is a doorway. On one side of the doorway will be some form of credential reader or security keypad and on the other, similar or a request to exit (RTE) button. A reader can be a card reader, card reader keypad, Bluetooth low energy mobile phone or biometric reader.
The reader will collect the new credential presented and verify this with the user/credential record in the software database. If approved, an instruction is sent to the door controller over an IP network to release the door way which is generally restricted using magnetic locks (maglocks). Other barriers to entry which can be under access control include gates, turnstiles and lift entrances, all of which can be controlled via an appropriate access control solution.
Access Control Hardware And System
Access control systems comprise of a number of components. Some will age naturally over time, such as a power supply or battery. Others will suffer wear and tear such as doorway locks and proximity cards. Whether its through aging or usage, component degradation can lead to a weakening of once robust access control solution and is one of the primary reasons for annual maintenance checks.
As with any maintenance program, being proactive can identify easy to correct hardware issues before they require more costly repair or replacement. Minor problems can sometimes be fixed by an onsite engineer to help prevent a potential future breakdown in the systems. Regular preventative maintenance can also extend the working life of the hardwire.
Access Control Software Data Maintenance
The software and database running your access control solution is not immune to operational issues, if there are not strong policies and management systems in place.
The software consists of a database of users, each with one or more credential registered against them. No organisation or company has zero staff turnover and users who left an organisation can be left with active credentials if they are not removed or deactivated either as part of a ‘leavers’ policy. Subcontractors and visitors may also have active credentials in the database long after they are no longer needed.
It is therefore important to regularly inspect the database and make sure that all users need to be active, and that they have the correct access rights in order for the access control solution to operate as originally designed and installed.
Other software related features that should be regularly inspected are the historical event and alarm logs. Every entrance access event is recorded in the log and it is from this data that movement reports (Who, Where and When) are generated.
Alarm logs can also show whether the systems are operating correctly. For example, a temperamental card reader, door closers that do not always close properly or need for additional Input Terminal Units (ITUs) to prevent nuisance anti-tamper alarms. A review could also undercover features within the software that have not be setup correctly or where usage has changed over time, require a reconfiguration. Alarm and usage data can also help to identify issues such as tailgating.
This is a common problem with access control solutions. Companies and organisations should have policies and training in place to prevent the chance of tailgating. This occurs when a person (one or more) follows an individual whose credential has been approved for entry. Simply holding open a door can let an ‘unapproved’ visitor into an access-controlled area.
When individuals do not follow procedure and have their individual credentials checked by a reader for entry (or exit), movement and occupancy logs data can also be inaccurate. Evidence of this can sometimes be picked up on Who, Where and When reports and simply analysing the historical event and alarm logs.
Access Control Management Checklist
Maintenance contracts are typically annual and will include one or more onsite preventative maintenance visits.
A typical visit should start with a discussion with the system owner on how the systems have performed, changes made since the last inspection and any known fault or operational issues.
- Site and system walkaround including a visual inspection of all components
- Hardware inspection and operational testing
- PSU and battery checks, where installed with test results and data logged
- Components cleaning to remove dust and grime build-up that can occur over time
- Full system performance tests
- Individual doorway controller and reader inspections and tests
- Software database and logs inspection
- CCTV Camera system review
- PIDS system review
Responsibility for database and credential management will normally be outside the visiting engineer’s brief and will generally reside with the onsite access control and security manager.
The last two items in the checklist may or may not be integrated into the access control system. An access control system such as EntroWatch, can integrate video camera feeds into the platform using ONVIF, Milestone’s XProtect plug-in or from a compatible HIKVision system. The integration with HIKVision allows for pre and post door events clip analysis. EntroWatch also integrates via BACnet with Remsdaq’s Sabre perimeter intrusion detection system, used to protect perimeter fences and provide alarms in EntroWatch for cut or climb events.
Once the visit is complete, the engineer should provide a report covering findings, noting any damaged or worn components that require replacement and areas for general improvement or just observations.
Regular access control system maintenance is important to maintain the overall integrity of a system. Preventative maintenance helps to identify consumables that require replacement, in addition to components that suffering from ‘wear and tear’ usage. Their timely replacement can not only prevent a system breakdown or malfunction but help to ensure an extended working life for the overall system. Software database maintenance is also important as this can ensure that only authorised users are active and with the correct access rights for their role within the organisation. Couple with a remote support plan, preventative maintenance can help to ensure years of trouble free and reliable service for your access control system.