How to choose a managed access control system

Sept. 29, 2010
End-users can pick from three options

Managed access is not a technology - it is a choice end-users make about how to meet their requirements for facility access control. This model of physical access control has been around for more than 30 years, but the recent widespread adoption of broadband and Internet-based technologies has opened up a world of new possibilities.

As Internet and Web-based capabilities merge with the world of access control, there are now more implementation choices that provide different levels of control for the end-user. With simpler applications and ubiquitous Internet access, end-users are able to quickly and easily take on some - or all - of the management of their access control without a large time commitment or special training. This meshes well with the ability of many security dealers to provide various options for managed access that make financial sense for both parties and fit their capabilities in the time and expertise it takes to manage the system.

Here are the three most common managed access models and their relative benefits:

Outsourced Model: Managed access control can be delivered via an outsourced model, where the end-user has a dedicated instance of access control software that is hosted on their premises or at the managed service vendor's location. The outsourcing vendor may offer a range of services, including system administration, alarm monitoring and maintenance of the hardware and software.

This model delivers modest economies of scale, since the cost for maintaining and administering the system are not significantly reduced. The main benefit for end-users is that it enables them to shift their security workload to a qualified vendor who will provide well-trained staff to operate the system. This model also provides the capability for the end-user to maintain "Master Administrator" privileges to their system and complete segregation of their data and security resources.

Shared Services Model: The shared services model is similar to outsourced except that multiple end-users share an instance of access control software and hardware. By necessity, the vendor will maintain "Master Administrator" control over the entire system and the end-user's direct access to the system software will have some limitations. For example, access to certain kinds of data or programming privileges may be limited or there may be card duplication conflicts with other end-users on the system.
The shared services model delivers better economic benefits than outsourced because the hardware and software are shared over many end-users at the expense of limiting the end-user's control over the system.

Multi-Tenant Software as a Service (SaaS) Model: Web-hosted applications, delivered in a multi-tenant Software as a Service (SaaS) model, are becoming increasingly popular for a wide array of users. The SaaS model is similar to the older shared services model except that SaaS applications are built from the ground up to provide robust multi-tenant capabilities. Multi-tenancy enables end-users to maintain their "Master Administrator" status over all elements of the system and delegate as much authority as they wish to their vendor. For example, the end-user may task the vendor with adding and deleting hardware from the system while maintaining the right to create and generate new activity reports at any time.

Additionally, there is no sharing of features between users in a multi-tenant system. Each end-user has access to exactly the same system resources (for example, selection of holidays and schedules) regardless of what resources are consumed by other users on the system.

The multi-tenant structure of SaaS also enables providers to deliver excellent data security. SaaS providers ensure that data will not be exposed between end-users on the system and that audited controls are in place to protect the data from exposure by those who maintain the hosted software and hardware.

The SaaS provider's secure, centralized data center takes care of the software and hardware upgrades, providing back-ups, archives, redundancy and disaster recovery. The end-user accesses the application by using any Web browser to log into his/her account. Web-based solutions eliminate dedicated security servers and software, thus freeing up the user's IT department to focus on their core business and reducing costs through sharing technology across tens of thousands of users.

Although multi-tenant SaaS provides end-users with ultimate flexibility when managing their access control system, it also allows the end-user to outsource administration, monitoring, and programming functions to their security dealer. Many systems integrators provide a "concierge" service in which they manage their customers' access control system on a continuous or on-demand basis.

Many smart organizations have implemented managed access to help improve efficiency and reduce costs. Just like online banking and Web-based applications such as and Google Apps, Security as a Service is an option that is here to stay. Many more security integrators will begin to offer flexible service menus, enabling their clients to choose exactly the services they need. This is a welcome shift from the old rigid model where integrators install and customers operate dedicated security infrastructure.

In this new paradigm, both end-users and integrators can shift their focus from building and operating technology to the more important task of determining how to best apply security technology to manage risk at the lowest possible cost. This is the ultimate benefit of Managed Access.

John Szczygiel is executive vice president of Brivo Systems LLC.