Cloud-Based Access Control: Improving Security in More Ways Than One

Access control has always been at the forefront of building security. Traditionally, access control systems have come in the form of conventional lock and key methods, electronic systems or a combination of the two. Today, cloud-based systems are changing the market landscape, providing secondary security benefits to users across the UK. Here, Trevor Ball provides some insight into the physical security and cyber security benefits associated with the cloud.

All risk and security-focused managers need to regulate their building security regimes, whether they be resident in Government-owned educational and healthcare facilities or commercial properties. With this in mind, balancing security features with other factors has always been a challenge.

Managers and decision-makers alike have to account for accessibility and usability alongside safety and security – not to mention budgets and building capabilities. Given that many traditional security systems can sometimes be demanding to manage, it’s clear as to why organisations are now beginning to implement cloud-based systems within their overall security strategies.

For its part, the construction industry has not always been first to implement ‘cutting-edge’ technologies. From an external viewpoint, many forget the extensive standards that decision-makers must abide by, with these considerations sometimes slowing the process for technology adaptation. For those that have combined traditional security methods with electronic systems, new security demands must still be considered.

One of those new demands is cyber security, which in its simplest of terms is the protection of Internet-connected systems, whether this be in the form of software, data or hardware. As with most Internet-connected systems, today’s access control systems are also at risk from cyber attack with potentially detrimental consequences to building security. Questions are now being asked around how best to effectively secure a building from two angles: the physical and the digital.

Take a school entrance, for example. With various access points across the building, schools can be known to use fobs or keycards as a way of granting access and monitoring movement. However, with many of these access control systems being operated from a local internal server, they can become vulnerable to cyber attack.

These access control systems require internal maintenance, updates and data back-ups. If a slight mistake is made with the data that’s being handled on site, it could lead to a less secure digital infrastructure. One cyber attack later and, suddenly, the physical security of the school is compromised. What, then, is the answer to this growing issue?

Rise of the cloud

Today, cloud-based systems can offer a wide range of UK facilities enhanced security with full integration into their access control systems. In fact, worldwide spending on cloud computing is expected to grow by 23.8% this year, with total spend expected to reach the US$210 billion mark in 2019. In an increasingly digital age, the growing need to protect a facility physically and electronically paired with the benefits that cloud-based solutions offer is precisely why these numbers for worldwide expenditure on cloud computing are rising.

Cloud systems essentially store and access data online, taking it away from an on-premise computer or server. When integrated into an access control system, cloud solutions offer facilities a number of operational choices. Users can set how visitors are granted access into the building, with a number of situations possible, such as registration in a reception area paired with visitor passes.

Of course, other factors need to be taken into account, such as the required movement of the visitor; but this is left in the hands of the decision-maker. With the cloud, these decisions are designed to be made quickly and effortlessly – all via the Internet and all while providing extra digital security.

Yet there’s s a common misconception that on-site closed network security solutions are more secure. With plenty of evidence to suggest otherwise, cloud-based systems are progressively being seen as the best equipped systems for repelling cyber attacks (providing the correct procedures, ie two-factor authentication, are put in place). For an internally managed system, facilities may need a large amount of resources, time and even budget to keep it running smoothly. Updates, in particular, can be a timely and precise process, and when conducted manually on-site, there’s always the chance that a lax approach or a common mistake could cause huge security repercussions.

Looking back to the example of a school entrance and those that operate access control from an on-site server, it’s possible for users to implement multiple layers of security to their on-site infrastructures by themselves. Yet, in reality, many lack the expertise and experience to enforce this. With schools, in particular, stretched IT teams and budget issues can sometimes result in a more lenient or less meticulous operation. This increases the possibility that their access control systems become vulnerable to cyber attacks, highlighting the weaknesses of these systems compared to those that are handled by third party organisations.

With cloud-based systems, the maintenance is taken away from internal teams, saving time and resources and affording peace of mind that updates are being handled by expert teams. This extra layer of security is why schools across the UK (as well as other facilities) are beginning to make the switch.

Traditional benefits

Aside from affording the best protection for cyber attacks, cloud-based systems are offering decision-makers a number of other benefits.

Doors and physical locations are not the only areas where these cloud-based systems can improve security. The nature of these cloud-based systems allow for additional use in some unusual, but highly beneficial scenarios. Forklift operators, parking gate users and those that require access to drug cabinets (whether based in hospitals or on-duty ambulances) can all do so with integrated cloud solutions.

Accessibility isn’t the only benefit to facilities, either. Cloud-based systems offer decision-makers full flexibility in terms of how they can adapt to a building. This flexibility allows for huge scalability options, enabling a building to grow with its access control system without presenting any additional security issues.

The importance of building security has always been paramount to those involved with access control. Now, with physical security and cyber security both needing to be considered, it’s imperative for managers to keep up with the Internet of Things movement by using access control systems that can protect their facilities from today’s multiple security threats.

The effortless nature of cloud-based systems is simplifying (but progressing) access control processes for facilities across the UK. For many, the cloud is much more than an industry trend. Rather, it’s viewed as something of a revolutionary stance on access control.

Trevor Ball is Business Development Manager for the UK and Ireland at Allegion UK

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts