Running a business or keeping a secure home both require a lot of thought and planning. Security concerns affect everyone but few like to dedicate too much time to think about their level of personal security, let alone property security.
Even people with something to protect often are unaware of just how many options exist in the security world. Learning about the many different types of access control systems empowers you to make decisions about your personal and property needs.
Even a small business or home needs to think about how to monitor personal information these days. Today, the largest risk to a person is in the form of cybersecurity breaches. And access control is key to avoid the costly damages of cybercrime.
Read on to see what’s what in the world of access control and find out what an access control system can do to benefit you and your business.
Types of Access Control Models
These days a wide variety of access control is needed to meet the demands of business and to keep premises and information secure. Each system comes with comparative strengths in execution and has known weaknesses.
It is important to develop a policy that integrates multiple access systems to overlap an. This keeps you more secure. However, each level of secure access also makes getting to vital products, locations, and information takes longer. A balanced security system works best when it allows the right people in and keeps the wrong people out.
The complicated layers of access control make for some interesting debates on technique. They also explain why the physical security market is booming and expected to top $120 Billion by 2023.
The following walks you through several popular models of access control. These overall strategies have been designed to protect different types of businesses and information to varying degrees. Consider the day to day of your security concerns when looking for a model that fits you.
1. On-Premise Access Control (OOAC)
The simplest and ideally most full control access available is OOAC. By keeping everything about the access control in-house, you know exactly what permissions are being given and to whom.
Many companies rely on OOAC because it keeps them in the loop and the decisions made for it come from internal, known sources.
An OOAC system can be composed of many different elements including computers, locks, and physical security staff.
Upgrades to the system and the software controlling the IT components are done internally as well. this requires constant vigilance to anticipate known threats and keep the system up to date. Even a gap fo a few weeks c can leave a system vulnerable to exploits.
Ideally, data should not be stored in only one location for protection. If using an OOAC as the sole form of control, data storage needs to be robust to prevent loss but limited to prevent accidental loss.
2. Mandatory Access Control (MAC)
This model of control works best for diverse and diffused interests across multiple channels that work with confidential information and products.
This system uses a single figure such as a chief security officer to know both when and to whom access is granted. This is important given that access to the information is required to keep things running. By actively keeping access closed unless it is being specifically monitored, the pool of personnel obtaining the information stays low.
This also keeps a consistent quality of control across multiple channels. You maintain best practices in each individual unit/location while keeping security in place.
3. Discretionary Access Control (DAC)
This low-restriction model offers a layer of security while providing ease of access. DAC is seen in businesses from retail to grocery to hospitals. Devices are placed at key locations that allow access to specific rooms or areas.
These devices may be keyed systems, codes, cards, or even blocked by physical guards. Though cameras and other devices may be employed to monitor these areas, the key to a DAC system is ease of access.
Given the nature of these businesses, it is common for a larger cross-section of employees to have access to areas. For every head of a department that needs to get into a specific room for their work, there are a dozen janitors, IT people, and security that also will have access.
This model of access control works best when the additional monitoring measures are stronger than the access systems themselves. When data is sensitive and allowing it out at all risk ruination, this a poor choice.
4. Role-Based Access Control (RBAC)
This type of access combines features of other models to create an easy to understand and segment policy. Access levels are based on roles or titles.
Systems are configured not only to grant discretionary access for the right roles but lower accesses can be dependent on higher personnel. For example, a routine cubicle worker can be given access toa room only if it is already occupied by a manager.
This creates easy gateways for personnel to move around when needed without special dispensation needing to come down.
An RBAC system takes more planning than other systems to deploy, but once the rules and roles have been established, it is both easy and secure.
5. Identity-Based Access Control (IBAC)
The final model listed here, the IBAC method whitelists particular personal for access. Identity can be tied to roles or responsibilities but links access to different identifiers.
In this particular case, direct identification tends to be referred to. This includes the more futuristic-sounding biometrics and camera assisted facial recognition.
This model offers tight control to a system administrator because access is about saying yes to some instead of no to many.
Types of Access Control Systems
With the conceptual elements of access control out of the way, now’s the time to look at specific control systems. Each of these offers innovative ways to manage access.
Like the access control models, a combination of them works best to overlap weaknesses and secure information and locations.
Keep in mind, each system benefits from a different overall plan and serves to meet a specific need. As much fun as it might be to lock up your house with state of the art biometrics, it may not give you the most control for your buck.
6. Door Access Control
An access door control isn’t a lock. Or, it isn’t just a lock. Door access control goes beyond who can open the door but shuts the door firmly after access.
Turnstiles attempt to manage a one at time access but come with numerous vulnerabilities of going over, under, or around. With a door access system an installed electromagnetic lock is gated to allow access and then lock again within a time limit or other restriction.
Key to the use of door access control is the technology knowing that the door has been accessed and from which direction. This allows a system admin to know how many people have gone past a point and how many have come back through. This is important for security access in addition to something like fire safety or emergency evacuations.
With door access, it is also possible to program times of day for different levels or roles of access. This enables a more broad roll-out of a role-based system or discretionary system from the same portals without the need for additional entrances or services passages.
7. Proximity Access
Not all access needs to be individually controlled. In some instances you want areas to be accessible during a portion of the day and locked off during other portions.
Rather than have personnel open and unlock every door to your lobby, stairs, etc a proximity access system blocks access based on criteria such as time or security condition.
These work through a timer that is given a whitelist of time tables for when it unlocks a portal and when it reports the portal has been relocked or unlocked through any kind of override access.
8. Biometric Access
In the modern world, copying a key or learning a code is as easy as being observant or someone else being lax. it does little good to restrict access to locations with locks that are meant to allow in only personnel with certain roles and responsibilities if the access is actually granted to the key or the code.
Biometrics use personal identifiers such as fingerprints or facial recognition to allow in a specific person, not a specific key.
It’s easy with the wide variety of biometric locks to also include a code pad, card reader, or key to further restrict access.
Biometrics create an easier and more fluid system of access control because the employees can’t lose their access credentials. This prevents tardiness and removes interruptions of your security officers to replace keys or allow in personnel on “oops” status.
Since only the specific personnel can enter through a biometric, it can be integrated with time clocks or attendance systems. Your employees start work the moment they enter the building and end when they work. Seamless and effective ways to combine your security and employment monitoring in one package.
9. Security Access Control
The power of your chosen security protocol and access systems rely on human and computer monitoring to function. That is where the security access control comes in.
You can choose from human monitored systems, automatic monitored systems, or systems with no external monitoring. Monitoring may be for security access only or include emergency systems such as fire, air quality, or evacuation alarms.
Security access includes looking after batteries or dedicated circuits that keep your security measures and access controls off the grid and away from the surface where it can get cut or interrupted.
Data from monitored access points get stored within the system or sent out to a cloud or other off-site storage.
The system, as a whole, is only as good as the brain guiding it so consider the features you need and make certain they integrate with or bolster your security access system.
10. Keyless Access Control
Keyless doesn’t mean unsecure, it refers only to the need for manipulating the lock manually.
The most common keyless systems utilize RFID in either key cards or fobs to unlock a door when a person is within proximity to the lock.
These systems allow personnel to move rapidly through areas and do so hands-free. This serves a double purpose in keeping traffic flowing through your building and recording what ID entered and left each area.
As it is easy to re-encode a keyless system, it makes replacing or updating access parameters cost-effective and easy. You also don’t have to worry about employees forgetting access codes and taking up time getting into areas with support.
These control systems work by staying in a locked state and sending out a signal. That signal gets a response from the associated device when it is within a set distance. Distances can be changed but most are within less than a meter.
Get Into It
With so many types of access control systems in the security world, picking the right one isn’t a simple choice. using this guide, you have the information needed to consider both the model of access control you want to use as well as the potential equipment to install.
Even within this basic framework, there are still a lot of variations and innovations on the market. It serves you best to craft a tentative plan of your needs and contact us to go over specifics and for in-depth questions.