The digital transformation sweeping across the UK has had an immense impact on how businesses and individuals approach security. But was does it all mean for our entry systems?
In today's interconnected world, both physical and data security have become paramount. From cyber-attacks threatening our financial institutions to break-ins at business premises, the need for robust security measures has never been greater. So how do our door hardware and security measures keep up with this developing panorama?
In recent years, access control has emerged as a pivotal tool in this security landscape. It serves as a gatekeeper, determining who can and cannot gain entry to specific resources. But what is it exactly?
From safeguarding sensitive data to regulating entrance to and movement throughout facilities, access control offers both businesses and individuals peace of mind, knowing that their assets are secure.
In this blog, we explain the broader scope, with an immediate focus on physical entry systems and door hardware, helping you in understanding access control.
We cover:
● What is Access Control?
● The Core Principles of Access Control Explained
● Types of Access Control Systems
● Components of a Door Entry System
● Integration with Physical Security
● Benefits of Access Control
So, read on to discover the details of this increasingly relevant topic of controlled access and security.
Access control physically limits and restricts access to buildings, areas, and rooms, plus who or what can view or use certain resources. Its primary goal is to minimise risk, ensuring that only authorised personnel gain entry.
At its heart, an access control system comprises various components, from physical tokens like smart cards and keyfobs to identification methods and protocols. It requires authentication and authorization from individual users in order to gain admittance to the resource or area that it is restricting.
Here we cover the key components of an access control system as well as differentiating between physical and logical access control. While physical access control pertains to actual locations, like buildings and rooms, logical access control works in digital realms such as computer networks, data files, and software applications.
As with any trade or industry, it is all too easy to fall prey to unnecessary jargon or unfamiliar terms.
To crack the code of controlled entry systems, here is a breakdown of some common terminology:
Authentication: Verifying user identity. Check that credentials are valid and the request to enter is genuine. This is through three main methods:
● Something you know - PIN or password
● Something you have - Keyfob, proximity card, mobile device
● Something you are - biometric identification (voice, fingerprints, iris scan)
Username and Password: The foundation authentication method, often employed by online systems from emails, and e-commerce sites, to operating systems, and mobile devices. Allows or denies access based on a preset piece of information.
Biometric Authentication: Popularised in the UK by smartphones, which often use fingerprint or facial recognition. Biometric data is something physical about a person and can include multiple factors that can be combined to identify an individual. As well as personal devices, it is often employed in higher-security premises or areas of a facility.
Two-factor Authentication (2FA): Commonly used in secure online environments, combining a known, self-generated password with a unique time-bound code. It provides a greater degree of security, particularly when using a new or unknown device for the first time. You’ll see major institutions like banks employing this method, and multi-nationals such as PayPal.
Authorization: Determining user permissions, who can access the resource being secured. Approval is either given or denied based on the credential presented or data entered.
Types of Certification Policy: How entry is determined and what level of access an individual is permitted. We go into detail in the next section, including discretionary, mandatory, and role-based admission.
Audit: Monitoring and recording entry and exit events. Data can be analysed and examined in real time or post-event.
Audit Trails: Essential for UK businesses to demonstrate compliance, especially under regulations like GDPR. Audit trails are a near bullet-proof reference point for the verification of door or device operation, providing evidence and accountability.
Compliance and Regulatory Considerations: Ensuring alignment with information security management standards such as ISO/IEC 27001. Companies may also have internal audit requirements that need to have documented compliance.
The systems we refer to here are not the physical items of ironmongery fitted to an entrance door in a school or hospital, that when combined together cover the power, locking, and access through a door. We get to that shortly.
Here, these are the non-physical systems that differ based on policy: who gets admission, how it's determined, and what resources they can view or enter into. These types of permissions can apply to in-person and data-only access.
So, let’s break down the most common security approval systems:
● Discretionary Access Control (DAC) - Permissions are granted based on the discretion of the owner or creator. It is personal discretion, with some set criteria to adhere to.
● Mandatory Access Control (MAC) - Admission is denied or granted by system-defined policies, based on security labels and user clearances.
● Role-Based Access Control (RBAC) - Widely adopted in UK enterprises; permissions are based on an individual's role within an organisation.
● Rule-Based Access Control (RBAC) - Entry is determined by a set of predefined rules established by the system administrator.
● Attribute-Based Access Control (ABAC) - An advanced model where permissions are granted based on multiple attributes, from the user's location to the time of passage.
● Biometric Access Control Systems - Includes fingerprint recognition, eye, iris, and retinal scans, and facial recognition. These can all be compared to a database of biometric templates to ensure a match.
So, now you know a little of the terminology, and the common types of non-physical admission criteria, what about the physical aspects of controlling the movement of people through a facility?
The following elements form the key components of any physical access control solution, which is then supplemented with traditional door hardware and door controls such as hinges, door handles, and door closers.
Control Units: The brain of the system, making decisions based on provided credentials. They are sometimes combined with power supply units (PSUs).
Credentials: Items like smart proximity cards or keyfobs that identify users.
Credential Readers: Devices reading credentials, ranging from card proximity readers to biometric scanners.
Locking Mechanisms: They are the physical barrier that limits access. These include common electric locking devices such as maglocks, shearlocks, solenoid bolts, and electric strikes. They also cover barriers such as turnstiles.
Request to Exit Devices: Equipment ensuring safe and secure exits, commonly found in UK businesses. These can be press to exit buttons or touch free release mechanisms.
Emergency Break Glass Units: In case of emergencies, allows for immediate manual override of the system. These break glass exit devices can be touch free, illuminated, or combined with a keyswitch or press to exit button.
Power Supply Units: Ensuring the system remains operational, especially during outages. PSU’s are available in 12V and 24V DC, with different amperages and can also include backup batteries
A comprehensive approach to security in the UK often involves integrating access control with other physical systems. This provides an additional layer of security in your facility, giving you peace of mind but also ensuring user and occupant safety.
Access Control Software: Programs managing entrance policies, typically based on cloud platforms. This includes audit trails as previously mentioned, as well as the programming of locks and credentials.
Video Surveillance: With the UK's increasing reliance on CCTV systems, combining these with access control can corroborate authentication logs with visual records, ensuring that those entering and exiting are authorised to enter.
Alarm Systems: Integrated alarms can provide instant alerts to security breaches. Should an unauthorised attempt be made, both the access control system and the alarms can work in tandem to notify security personnel.
Intercom Systems: Especially prevalent in multi-residential buildings and secure workplaces, combining intercoms and access control allows personnel to validate a visitor's identity audibly and visually before it will grant access.
Enhanced Security: At its core, access control is about limiting entry. Whether it's data files or physical spaces, the primary goal is to keep unauthorised users out, thus mitigating potential security threats.
Improved Safety and Emergency Response: Modern systems can be integrated with fire alarms and other emergency systems to allow for area lockdowns or controlled evacuations, proving invaluable in emergency situations.
Increased Operational Efficiency: Controlled entry and exit systems mean fewer manual checks and verification. Employees and contractors can move freely within authorised areas, reducing waiting times and ensuring an easy yet controlled flow of foot traffic.
Visitor Management and Tracking: Modern businesses often receive visitors, from couriers and contractors to clients. Access control systems ensure they access only intended areas while providing a log of their movements.
Audit Trail for Compliance: With regulations like the GDPR, businesses must prove due diligence in protecting data. Admittance logs provide a traceable record of all system interactions.
Health and Safety: Beyond security, access control can also ensure that entry to areas posing health risks (like chemical storage) is only granted to trained individuals.
Duty of Care: In the UK, businesses have a legal and ethical obligation to ensure the safety of their employees. Proper control of admittance is a key component of fulfilling this duty.
Access control stands as a crucial pillar in modern security strategies across the UK, offering protection for both tangible and intangible assets. As risks and threats evolve, so must our access control solutions, tailored to individual needs.
If you need more information on the specifics of the door hardware products you need, then these blogs can help you make the right decision for your facility:
● Keypad Door Locks - Product Spotlight
● A Guide to Power Supply Units
Above all, access control brings together convenience with security, ensuring seamless operations while safeguarding valuable assets. Watch this space for future blogs on this topic, as it’s ever-evolving.
Already know you need door controls for a standalone door in your building? Then our curated access control kits are for you. We’ve pulled together products for single and double doors, with keypad or proximity card access, and for internal or external use.
We’re always here for product and technical advice so contact our sales team with your questions and queries.
T: 01305 263300
Comments