Blog

3 Reasons to Upgrade Your Access Control System

16 August 2021

Access Security Control System Upgrades

The global pandemic has lead to many changes in society and businesses alike. How, where and even when we work has changed for many people and a large number of organisations are looking to make the changes long term, and in some cases permanent. What this means for many commercial and public sector organisations, is a step-change in how their buildings are managed and secured. For many, reliant on out-of-date systems and procedures, emergence from the grip of the pandemic provides an opportunity to upgrade and take advantage of the latest features. The benefits from such an approach can include enhanced security and protection for buildings, and the people and assets within them, improved energy usage and process efficiency.

1. Legacy Access Control Systems are Less Secure and Expensive to Maintain

Typically, cabling in a building, whether its for electrical or network purposes can have a working life of 20-50 years. Whilst the cable technology itself may not change that significantly, (CAT4 to CAT6 for example), the technologies that attached do. Access control systems are no exception to this general rule. An old legacy based access door control system may operate on a less secure card technology and one that can be easily cracked or cloned.

Today’s systems, such as the 1-2 door EntroStar door controller and EntroPad readers are designed to use the most secure card security available, Namely AES-128 for authenticity and integrity, supporting MIFARE Classic value block operations, a highly secure MIFARE Security Level 3 credential. Each credential is unique and contains a unique 12-digit number, protected by diversified keys to further enhance, secure and protect from credential cloning.

An even more secure version, using a closed-system technology is a CPNI verified system including EntroWatch. CPNI stands for the Centre for the Protection of National Infrastructure.  For more information see: https://www.cpni.gov.uk/cse/entrowatch. Ideal for government and military installations, EntroWatch CS (certified secure) is an even more secure version of the complete Entro system.

Old access control systems may also be out of manufacture and not supported. Components can become obsolete and the knowledge of how to maintain a system and fix operational issues become less available due to employee retirement and general turnover. Software updates can and a lack of support from the original manufacturers can also lead to a need to upgrade a system. Microsoft Windows platforms being a case in point, where older versions are no longer supported.

2. Mobile Phone Credential Management and Badge Optimisation

Access control systems use a central database in which all the users and credentials are stored. It is natural for this data to build up over time and in legacy systems there is a greater chance of it becoming out of date.

Consider card management for example. Without strict procedures in place for out-of-date credentials, given to contractors and visitors to site, or employees who have left the organisation, database records can easily become outdate.

Cards may or may not be handed back when a visitor, contractor or employee no longer needs access to a building or part of it. A potential answer is to move towards a hybrid aproach using cards for regular building users and perhaps mobile credentials.

Mobile credentials are a form of virtual card and rely on the holder having a mobile phone with the relevant App on it downloaded from an internet store (Google’s Android Playstore or Apple App Store). The mobile phone is then presented to a nearby bluetooth reader to gain access to a secure area.

The Remsdaq EntroWatch system can incorporate such a hybrid approach. Company employees can be provided with card-based secure credentials with contractors and visitors being given mobile phone credentials. These mobile credentials can also be issued in advanced, be time as well as are limited, and emailed to a visitor prior to them attending site. Mobile credentials and virtualised card badges are also less costly than a physical card.

3. Biometric Facial Recognition Cameras and Temperature Screening

Biometric credentials readers rely on the use of some physical factor to verify a user’s ID and grant or deny access through a controlled doorway. Fingerprints have been a typical example of this type of biometric with buildings being installed with fingerprint readers. A downside of such an approach during is a pandemic is the lack of willingness of some users and their organisations to use a contact surface to gain entry.

Facial recognition camera terminals provide an alternative, contactless solution.  A suitable camera, connected to an access-controlled doorway, will scan the face of the person who presents themselves to the terminal. The biometric data is then checked to the database to verify authenticity of the credential holder.

A further benefit of biometric facial recognition readers or terminals, is that they can also check the temperature of the person being identified. A high temperature can signal illness which needs to be investigated before that person is allowed into a secure area.

Six Issues to Consider When Upgrading an Access Security and Control System

The top six issues that should be considered when looking to upgrade an existing system.

  1. Security: the new system must present a step change forward in the level of security ad encryption provided. Cybersecurity is an increasing concern for many organisations, as is the need to protect the people and assets within a building. If new credentials can be as easily copied, cloned or cracked, why bother to upgrade to a new system?
  2. Reliability and Speed: whichever type of credential and reader/terminal is installed, the new system must be reliable and grant or deny access within a very short space of time. Having to represent a card, mobile phone or face to a reader or terminal multiple times indicates a problem and will add to the general mistrust and frustration that can build when new systems are installed.
  3. Compliance: any new system must comply with the latest data protection standards and especially where personal information is being stored. UK GDPR must be complied with by UK companies running access control systems and/or storing personal information for their usage. For further information visit: https://ico.org.uk/for-organisations/dp-at-the-end-of-the-transition-period/data-protection-and-the-eu-in-detail/the-uk-gdpr/.
  4. Compatibility: wherever possible the new system must be compatible with existing systems, cabling and integrations. A site survey can very quickly establish whether existing cabling and spaces can be used for an upgraded access control solution. Where this is not possible, upgrade costs will be higher but the improve security should overcome this.
  5. Energy Saving Integrations: access control databases store information on who is where, and when. A door controller such as the EntroStar can provide information to building management systems via the BACnet protocol. Originally created for the Heating, Ventilation and Air Conditioning (HVAC) industry, BACnet provides an easy-to-read protocol library through which building management systems can share information. This data on movements and usage within a building can help to manage occupancy limits in open-plan areas, reduce energy costs through optimisation of lighting and heating controls, and feed into other systems including time & attendance, and meeting room booking systems.
  6. Sustainability and the Circular Economy: climate change is a fact and one that we all have responsibility for helping to mitigate. One way to do this is to take a long-term view towards the complete life cycle management of the systems we install. Upgrading an access control system, must achieve the first five points in this list and should also not added to general waste wherever possible. New products to install should be completely recyclable, with their constituent parts being capable of recycling and repurposing at their end of primary life.

The list is not exhaustive and general in nature. For each organisation there may be additional factors to consider including CPNI.

Summary

As many organisations revisit the reasons for which they have traditionally used a building, they have the opportunity to redesign processes and systems. Upgrading an existing access control system to a more modern system like the Remsdaq Entro Series will lead to improved security for the people and assets inside a building and help to better manage open space, visitors and subcontractors. Integrations via the BACnet protocol can also lead to improvements in energy usage and reductions in operational costs