Selecting an Access Control System

To properly specify the right type of ingress/egress to apply at each door in your access control system, it is best to start by understanding why controlled access is required on this particular opening. Is it a matter of privacy, such as protecting personnel and organization files? Is there a safety issue, such as providing access to and quick egress from the boiler room? Are there theft problems in the supplies area? Are there vandalism problems in the neighborhood?

To answer these very general questions, keep in mind that access control is simply the controlling of who can go where and when. Will there be many people or just a few? What kinds of doors are involved? Do you need audits and time features, such as letting some people through only at certain hours and on specified days? Will many people be coming at once, such as at the start of the work day?
By answering these questions, you can begin to flush out more details for selecting the appropriate access control solution.

Controlling the Who
To control people, they need to be identified. The simple key is a form of identification. When you give a maintenance worker a key, you are saying, in effect, the bearer of this piece of metal is authorized to enter the door with the lock matching this key.
Instead of keys and their management costs, you might consider using something the user knows for access — for example, numerical codes to work with electronic keypad locks. Codes can be easily added and deleted from electronic keypad locks, eliminating the high costs associated with re-keying a mechanical lockset. These locks are typically reasonably priced. Including installation, it typically costs $600-800 to secure an opening with an electronic keypad lock.

However, people can also forget or share codes. Think how many passwords and numerical codes you already have, from ATM codes to PC passwords. So they do not forget, people often write down passwords and codes, keeping them in sight, so they are easy to see and to steal.

For greater security, access may be limited to something the user holds that is difficult to duplicate. User credentials such as magnetic stripe cards and proximity fobs can be selected. A quick swipe or presentation of the credential to the reader, and the cardholder successfully gains access through the opening. However, an authorized credential does not necessarily mean the holder is authorized for access to the opening. Credentials can be lost or stolen. A missing credential could be in the possession of an individual with harmful intentions until that credential is removed from the system. That could be immediate for online access or hours or days for offline access.

For higher security, one may consider a linked access arrangement where an authorized user must hold the appropriate credential and know the appropriate numerical code associated or linked with that credential. This application is common with bank ATM cards. The card and a 4-digit personal identification code are required in order to gain access to the appropriate bank account. It significantly reduces the probability that a lost or stolen ATM card will compromise the security of the bank account.
Keep in mind that whatever the credential type used, there will be cost issues and logistical requirements associated with the administering of the credentials.

Lastly, you might want to consider a biometric, which looks for an unalterable personal attribute. A biometric verifies an individual’s actual identity. Additional benefits are that there are no credentials or codes to administer and biometrics ca not be shared, stolen, lost or left behind.

Once you determine how to identify who, you need to control them. You can provide momentary access to individuals. You might want to keep certain doors unlocked at some times and locked at other times. Perhaps you want a pass-through mode for VIPs, allowing them to come and go as they please. For temporary maintenance workers or volunteers, you may want to set up a one-time use.

Controlling the Where
Think of all the openings you have in your facility — general manager’s office, outside doors, laboratories and more. Bottom line — you have a variety of openings needing different levels of security, some not so obvious at first glance. And do not lose site of the need for exit devices or panic bars. Egress control is equally important as access control.

Then, there is the question of an online system vs. offline or standalone systems. Do you have the budget or, if building a new structure, does the facility’s construction allow for online, hardwired systems? If not, software managed offline locking systems provide most of the benefits of an online system at a fraction of the material and install cost. Depending on the building, you may want to consider wireless access control, which eliminates the needs for drilling, trenching or pulling wire. You might want a mixed facility, one where the perimeters are managed by online systems and internal openings are managed by offline systems to meet budget and performance targets.

If the door has high-frequency use, you automatically will need to review magnetic locking systems which can handle the constant locking and unlocking it will experience.

Controlling the When
Most facilities have schedules. For your employees, perhaps, the front door will automatically unlock at 7:15 a.m. You may want it to automatically lock at 5:30 p.m. For managers, though, you may want to establish time zones, allowing entry weekdays between 6:30 a.m. and 7:00 p.m.; however, maintenance workers can be allowed in two hours earlier and two hours later plus Saturdays. The C-level managers can enter at any time.

Yet, what if you want to perform an inventory on a Saturday, undertaken by staff members? In that case, your system must provide on override period. And, of course, you are always employing temporaries. For them, you will want to establish a time activation and expiration, perhaps this Monday through Friday at employees’ hours only.

Getting Down to Specifics
At this point, you have identified the issues associated with controlling the who, where and when. Here are some other issues to consider:

• Are there other access control systems already installed in your facility? Will complementary systems work with active credentials for your user population such as proximity credentials or magnetic stripe cards?
• If you are considering electronic hardware, does it meet ANSI/BHMA Grade 1 requirements?
• Does the product adhere to FCC regulations where applicable?
• How many users will the system monitor?
• Do you need to audit or monitor events that occur at the controlled openings? If so, such as in the personnel files area, your system must provide information on who was there and when.
• Do not forget about architectural finishes and levers. Upgrading to electronic access control does not mean having to compromise on aesthetics.
• If standalone, battery-powered products are to be used, what are the number of daily cycles you expect at each opening? Can the battery-powered unit handle the duty cycle or will frequent battery changing be required?
• Are you selecting a hardwired access control system and can users still get out in an emergency when there is no power, as in a fire alarm?

Management Software
In today’s environment, it is most likely that your access control system will be governed by management software. The features and benefits of the particular software are equally as important as the hardware that it will manage.

Your software must be secure from access by unauthorized operators. At the very least, it must be password protected. It must also be flexible enough to manage the various user groups within your facility, such as the managers, staff, janitors and others. As such, it must be user-friendly and easy to learn because even you need a back-up. And, in today’s world, it must be Windows-based, simply because everything else is.

Lastly, your software must provide a management hierarchy, perhaps allowing others to manage certain elements, such as adding or eliminating a user. The C-level managers must be at the top — able to approve and/or cancel what others have modified.
If you begin by looking at the overall picture of what you are attempting to accomplish and then apply this macro view to each individual opening, asking the questions raised, it will not take long for you and your security installer to come up with a solution that enhances security and is cost-effective. You will be able to provide the exact balance needed between employee/customer convenience and theft reduction, vandalism impairment, privacy invasion and protecting people and assets.

Jennifer Toscano is marketing manager of electronic locks and open architecture for Ingersoll Rand Security Technologies, which features Schlage, Von Duprin and LCN brands.