As market sectors across the country continue to strategically reopen operations, access control users are reassessing their use cases. Recently Editorial Director Steve Lasky conducted a virtual roundtable with Hilding Arrehed, Vice President of Cloud Services and Product Management/Physical Access Control for HID Global; Jac Whitmire, the National Sales Manager at DoorKing; and Smarter Security’s Executive Vice President and the co-founder of ReconaSense, Clayton Brown.
Steve Lasky: The concept of secured egress and ingress has shifted dramatically over the last 15 months due in great part to pandemic health and safety mandates. How has this paradigm shift affected how door and access control security solutions have met the new challenges and what does the future hold?
Hilding Arrehed: Much of the shift we have seen since the start of the pandemic has been related to an acceleration of trends already in motion. For instance, before the pandemic, we could see trends towards touchless solutions and increased use of mobile access. The pandemic has accelerated the need for this kind of technology and our data shows that mobile door openings have not only recovered to the levels before the pandemic but have increased compared to before. This indicates companies that are allowing employees to return to offices are doing so increasingly with touchless solutions. Another shift we have discovered is in the area of biometrics, where the adoption of facial recognition to aid a seamless and secure access experience is accelerating compared with more traditional fingerprint solutions. In particular, the use of facial recognition in combination with mobile credentials or access cards allowing secure and touchless access is a concept we have seen more of since the start of the pandemic. Also, the basic need for ongoing hygiene of access control touchpoints has seen an accelerated change. Demands that we historically only saw in healthcare environments are now making their way into enterprises and more general office environments. This is driving the need for new innovations in material and cleaning procedures for everything from door handles to fingerprint readers.
Jac Whitmire: We had discussed touch screens for our products and the trend that seemed to be moving in that direction. Once the pandemic hit, many dealers started their customers wanted to avoid touch screens. My personal story relates to the early stages of the pandemic, where I was driving my daughter to a friend’s house in a gated community with a DoorKing 1835 telephone entry. The vehicle in front of me drove up and the driver started to reach out to touch the 1835, but then pulled her arm back in and then reached out with a pencil. She was able to navigate our telephone entry device without touching it. There is a heightened awareness of touching things in public places. The new reality that the pandemic created has shifted the entire mindset of many to be as touch-free as possible.
Clayton Brown: Many security providers were caught flat-footed as it takes time and effort to effectively adjust the hardware for new environments and threats. While a pandemic was a unique experience to our lifetimes, as security providers we must be ready to evolve as the needs and time demand. Access control has forever changed – for the better. Access control has ceased to solely rely on credentials and people counting, to go beyond tailgating and credentials. Instead of focusing on simple metrics like people counting and tailgating, we now continuously evaluate situations. Security must move beyond the credential by using multiple inputs. The need for health screenings such as mask detection, body temperature compliance, social distancing enforcement, and building occupancy counting are new needs that buildings and public spaces now have a strong need for and have countless benefits even in a post-pandemic environment, making it necessary to adapt by including health standards and integrations into building security.
Temporary solutions to Covid-19 and civil unrest are insufficient to protect those who enter your building. To better adapt for the new health and safety standards there must be consistent flexibility of software to supplement legacy limitations of the hardware. For security teams to perform optimally and provide the highest level of protection, we must go beyond thinking of hardware and software as separate options or protections and marry the two together.
Lasky: The importance of properly authenticating those looking to access a perimeter or a facility has never been more critical. Beyond the issues of COVID, organizations are seeing a rise in violent incidents resulting from social unrest and economic stress. Discuss some strategic approaches to vetting, validating and tracking employees and visitors that use integrated solutions.
Arrehed: Apart from the aspects of making sure that the selected credential technology and access control hardware is secure and vandal-proofed and that technologies such as turnstiles and speed gates are installed inappropriate places, there are a number of new concepts and innovations on the horizon. For secure vetting and provisioning of user identities and their entitlements, we see an increase in advanced software and cloud integration taking place to automate procedures and ensuring that access rules are properly propagated throughout the access control systems all the way to door controllers and readers.
For an end-to-end system to be secure, this kind of vetting and provisioning needs to happen in real-time, ideally integrated with other internal and external systems for verification checks and cater for infrequent guests such as visitors. Mobile technologies are popular also in this regard because of the flexibility it provides for provisioning and management of credentials. We also see an increased demand for ensuring a secure and seamless environment for people already inside buildings, something that can be achieved through the concept of identity positioning. This kind of capability, if coupled with an access credential in a secure and privacy-friendly way, can help people experience a more secure and seamless workplace and building managers to optimize energy usage, fire safety and much more.
Whitmire: Perimeter access control can play a big part in keeping someone with bad intentions away from the employees located within the building. A strong layer of defense with perimeter fencing, vehicle gates, bollards, etc. will be a deterrent. Management or security personnel should closely monitor employees' security access and act quickly when someone demonstrates the potential for hostility. Creating sallyports with dual authentication areas is one way that could slow someone down and give others time to escape. Utilizing a proper credentialled access control system designed with some type of “anti-passback” feature is critical. This way a person cannot “badge in” until they have previously “badged out” to keep a credential from being used improperly.
Brown: During times of social unrest, our priority should always be keeping everyone as safe as possible. Tailgating is a prevalent issue with entrance control as there are myriad reasons one would try to pass by without detection: avoiding payment, trying to enter areas where access is restricted, and someone with dangerous or malicious intentions. A great way to authenticate entrants is to use an integration that runs through the BOLO (beyond the look-out) watchlist- raising an alert or denying access if someone on the watchlist attempts to enter your facility when going through authentication.
On par with malignant intent, rogue badge holders or operators should raise flags, especially in sensitive facilities with tiered access. Smart authentication can reveal and sense through data intelligence and rule-based permissions if an employee or visitor is entering the wrong area, on off-hours, or showing suspicious behavior. With recent economic and political stress, it is not only individuals without access or malicious intent that can cause harm. An overcrowded building or social unrest can become dangerous in a split second, putting all lives involved at risk. Having intelligent access control such as situational awareness can allow limited access when a certain level of population or demand occurs.
Lasky: A properly secured entrance may be implemented in myriad ways, from turnstiles and swing gates to hands-free access control, biometrics and intercom enabled. What criteria should end-users employ when looking to create a layered security solution around and within their facility?
Arrehed: First, there are some core elements to consider such as ensuring that the selected credential technology is secure and has not been compromised and that access control equipment is installed and configured according to best practice. From a layered security solution perspective, it comes down to the end-user’s specific needs. We’re seeing a general trend towards seamless access and implementing security in a non-intrusive way. This can be achieved through speed gates and turnstiles coupled with two-factor authentication such as a mobile credential and facial recognition in outer perimeters, and single factor such as a mobile credential in non-restricted internal areas.
The use of identity positioning capabilities can help increase security within buildings without compromising security. Restricted areas within buildings can be complemented with a third authentication factor such as a passcode. For biometric solutions, it’s important to configure them with an appropriate false acceptance rate depending on if the need for security is higher than convenience or vice versa in the particular area and if the biometric solution is complemented with other authentication factors or not. It’s also important to adapt security requirements depending on the time of day, the peak flow of people and other logistical or security factors. Real-time monitoring and regular audits are also critical elements for a secure but seamless access experience.
Whitmire: The proper gated entry solution is critical to creating an effective “first step”. Too often the wrong gate system is employed, and a poorly designed system will become a maintenance nightmare and ineffective. Gate construction is often overlooked, and poor materials, hardware, design will all create headaches. Proper security starts at the perimeter, so it is very important to design a system that accomplishes the goal of keeping individuals away that don’t belong there. For example, slide gates offer better protection than swing gates, which can be pushed open by a vehicle. However, at a rate of one foot per second in most cases, there can be a lot of extra exposure allowing unauthorized vehicles to enter.
By utilizing loop control that can stop and reverse a gate as soon as a vehicle passes over, it will reduce the exposure an open gate presents. Also, DoorKing developed the Perimeter Access Management System or P.A.M.S. which incorporates a barrier arm with a slide or swing gate that will hold traffic until the gate reaches the fully open position, then cycle with the barrier gate. This is a very effective technique of securing the access point and reducing unwanted open gate exposure.
Brown: The concept of layers has been limited, rigid, and static making it difficult to have appropriate security in dynamic environments. The introduction of software-definable infrastructure in IT allows them to adjust their posture based upon real-time activity levels should accelerate this evolution. To prepare for such a future, physical security practitioners should make sure your entry hardware provider designed solutions that have the sufficient flexibility to non-proprietarily interoperate with multiple 3rd party devices, continuously evaluate multiple layers of detection, and automatically enforce multiple policies simultaneously.
While styles change year-to-year, facilities’ month-to-month, threats week-to-week, and risks minute-to-minute, what shouldn’t change? Your peace of mind. Entrance and access control should automatically adjust, so your mind doesn’t have to.
All layers aren’t equivalent, all environments aren't alike- which creates a need for unique security solutions, tailored to each facility. We have a three-tiered criteria structure we encourage security teams and integrators alike to approach to formulate the ideal layered solution. First is a layer of detection, where the public resides and detects unauthorized entrants. We then transition to the layer of sensemaking, where sensitive information is stored and unique proprietary software aids in decision making, and real-time intelligent decisions occur. Finally, is the layer of enforcement, also known to store the most critical aspects of security and exposures that require proactive action to avoid facility risks and breaches.
Lasky: Each of you provides a unique array of solutions for securing an entrance and providing controlled access. Discuss how your particular solutions benefit the end-user and make it easy for systems integrators to work with the technology.
Arrehed: The HID Signo readers are the most versatile access control readers available with support for many credential types and with mobile access support built-in. It’s the ideal reader choice for a completely touchless access experience. The HID Mercury Controllers complement the HID Signo readers and incorporates industry standards to ensure interoperability within buildings for everything from real-time access management to advanced access control policies including security modes for threat level management. Coupled with HID Seos credential technologies and the HID Origo cloud platform for Mobile Identities and device management, our solutions provide the core elements needed for touchless and secure access control.
Through our open and standardized APIs and SDKs, hundreds of partners have integrated with our solutions to automate, further expand and improve end-user’s experiences and deliver new innovative solutions for today and the future. This includes end-to-end solutions for visitor management, cloud-based access control, two-factor biometric authentication, identity positioning and much more. HID products and solutions are sold and integrated by thousands of partners worldwide and we support those partners as well as end-users through designated services teams covering everything from development integration to technical troubleshooting. With the HID products and services portfolio, end-users can choose a point solution for a specific use case or a fully integrated solution for worldwide enterprise deployment, or anything in between.
Whitmire: DoorKing’s access control products are very popular with multi-family developers and managers due to the ease of working with our software and the technical support we offer. We understand that property management organizations typically have a high rate of turnover, so we developed quick tutorials instructing someone how to add or delete a resident or entry code, etc. Our access control systems can be connected via a multitude of ways; cellular, internet and even POTS (Plain Old Telephone Service) lines, although the latter is not recommended. System administrators can program and maintain their systems using our Cloud programming, which allows them access from anywhere, anytime with any internet-connected device, laptop, tablets, or even their cell phone.
As far as system integrators go, we really focused on creating webinars this past year and we offer them free of charge. Attendance to these webinars has been outstanding, and we continue to create more programs consistently. We recognize that one of the greatest challenges today facing most industries, security integrators not excluded, is finding people that are trainable and willing to work. Therefore, we even created webinars that demonstrate basics such as reading a voltmeter, basic troubleshooting, etc. to help our dealers train new hires. Once we can return to in-person training we plan on reinstituting our popular two-day tech seminars around the country. DoorKing understands that security integrators will sell and install what they are comfortable with and the products they know they can rely on.
Brown: SmarterLobby is like super-glue for any facilities entrance. We take whatever existing pieces of technology that are installed surrounding a turnstile, help them all communicate with our turnstiles using open protocols, allowing our devices to automatically adjust whenever a risk is detected around us. It transforms turnstiles from tailgate detecting hardware into multi-purpose automation solutions for your lobby that can adjust to its surroundings, such as line queue, crowd detection, weapon detected, the number of guards, mask compliance, body temperature, etc. Optimize the screening, authentication, and authorization process by automatically assessing multiple factors for multiple policies and instantly adjusting entry permissions to stay safe and compliant. Evaluate communications from 3rd party devices to help operators - machine and human - better understand the surrounding situation and prevent unauthorized access of any type.
SmarterLobby has unique features that integrate with your turnstiles and other security barriers such as doors and locks to provide situationally aware security that enables contextual authorization to automatically enforce multiple policies simultaneously. Additionally, it provides health and safety capabilities such as mask compliance, body temperature scanning, social distancing enforcement, social unrest/building occupancy detection, and weapons detection. Integrators can use our software to drive more value from existing turnstiles while our non-proprietary architecture makes for cost-effective budgets, all while eliminating scripting from integration logic with pick-list functionality.
Choose a turnstile provider who introduced style 20 years ago to our category, who has hardware that can better adjust with your floorplans, who developed partners to better detect new threats, and who has built better solutions that adjust to their surroundings. Choose a solution provider who has been there, done that, and seen it all, with a portfolio of both hardware and software that can secure public, sensitive, and critical types of facilities with flexibility and intelligence.