The beauty of electronic access control (EAC) systems is that they come in all different sizes and configurations to meet different requirements. Their sole purpose is to assure security by allowing the system administrator to manage who has access and where and when a cardholder gains access to certain spaces within a building, and EAC systems do it well.
By implementing the following seven best practices, lock professionals and property managers can take their EAC systems to the next level of security performance.
1. Use Cards AND PINs
The use of dual authentication through a card and PIN is an effective way to enhance the security of any access point, be it a server-room door, a high-value storage area or simply the perimeter of a building.
Adding a reader in combination with a PIN keypad to an access point adds a secondary layer of authentication to the transaction. This will ensure that only a person who knows the associated PIN to their credential can gain access to a given access point. If a card were lost, it can’t be used by anyone who doesn’t know the associated PIN, which can prevent security from being compromised.
2. Use a Smart Card
The use of higher security “smart cards” (13.56-megahertz credentials) has become more prevalent to counteract the potential for credential duplication. These smart-card alternatives are particularly valuable in applications where high-security deployments are necessary to counteract the threat of an attack from “card cloning.” The main purpose of a smart card in an EAC system is to secure the transaction between the card and the reader at the access point.
Today, if someone wanted to duplicate a prox credential (125-kilohertz technology), it would be as easy as ordering a prox card reader and writer device that has a couple of blank credentials. Some key-cutting kiosks in retail stores even have the capability to duplicate prox cards. You can compare this with having the ability to take a traditional key to your local hardware store and have a new key cut.
Think of smart cards as you would patented or restricted keys that restrict key duplication. The implementation of smart cards will give the EAC system an anti-duplication barrier along with various forms of security codes and encryption technology that provide more security.
The upfront costs to implement smart-card technology are much smaller than the potential back-end costs associated with recovery from a security breach.
3. Add Door Contacts
A door contact in an EAC system is used primarily to monitor the door’s position when your access point is secured or locked. Door contacts are crucial to the security of an access point.
When your door is secured by a door contact, you will be informed of a door violation, which is a breach in the security of that access point. There are two main door violations: a door that’s forced open and a door that’s held open.
A door that’s forced open occurs when a door is opened without the use of an authorized credential. This could be anything from someone who opens the door by using a key rather than their EAC credential to the extreme of someone who forcefully opens the door by using a crowbar or kicking it open.
A door that’s held open occurs after a valid entry or exit through an access-controlled door, but the door is left open. In this situation, the system will generate a door-held-open alarm, which lets the person know the door remained open.
In either situation, knowing a door is open allows the building or property manager to take appropriate steps to re-establish security. A door contact is an inexpensive way to improve security by providing information, such as door alarms and door alarm event notifications.
4. Review Reports Weekly
EAC systems allow you to run regular reports. Instead of waiting until an unforeseen event has occurred, set your system up to run reports automatically on a weekly basis. These reports will allow you to learn the day-to-day requirements of your system and train your eyes to catch any “odd” activities. When an unforeseen event occurs in your system, it will seem obvious after you conduct enough reviews.
In addition, in access control, we tend to focus on the activity that happens at our doors. Keep in mind that personnel are administering and managing your system through the EAC system’s management software. Your software might have the capability for you to run reports on events that occur at your door and on events that are triggered from your administrating personnel. Simple things such as doors being unlocked from software, changes to system schedules and changes to credential access are all things to keep an eye on. Reports will simplify and train a system administrator to notice anything out of the ordinary before something much bigger happens.
5. Manage Software Access
One part of an EAC system that some might not consider or regard with as much importance is managing access to the software itself. All EAC systems have software that has a form of username and password management, whether it be a single username and password on simpler systems or individual usernames and passwords for software users in larger solutions.
You should strive for providing any person who has access to the software with a personal username and password. Just as we’re concerned about who has access where and when to access-controlled doors, we have to know who has access to the software side of our system and what they’re doing when they access it.
Avoid using a single username and password that’s shared among various personnel. There’s no sense of liability when multiple people share a username and password. Individual usernames and passwords also will allow you to track and report on all activities of a user in the software, which gives you a clear picture on what might have been the cause on an incident.
6. Activate Notifications
Many EAC system software options include the capability to send email notifications or texts. If your system allows you to send notifications, use them. For critical access points in your facility, event notifications will allow you to stay on top of what’s happening.
This could be anything from system operations changes, such as power losses and software or hardware communications trouble to anyone who attempts to gain access to a restricted area. Notifications are an efficient first line of defense to ensure peak performance of your EAC system.
7. Keep Keys Around
Often, when we implement a card EAC system, the thought is that we no longer have to have keys. This is true and false.
We implement a card EAC system to overcome some of the drawbacks that key systems have that can compromise security and efficiency. However, keys still are an important part of an EAC system if a catastrophic event occurs.
While unlikely, what if we have an extended power loss? Keys will be your means of securing or gaining access to critical points of a facility. High-security keys and cylinders would be ideal to overcome access problems in the short term. Of course, all keys must be managed closely and kept only in the hands of trusted personnel.
Emilio Aguat is a learning leader at dormakaba Americas.
Emilio Aguat
Emilio Aguat is a learning leader at dormakaba Americas.