Securing Keys, Assets & People - Blog

Electronic Access Control: A Computerized Gatekeeper

Written by Jay Palter | Aug 14, 2017

Plenty of folks have had the experience of being "buzzed" through a door. It happens like this: After checking your ID or recognizing your face, a receptionist presses a button. You hear a buzzing sound indicating that the door is now open. (And by the way, if you’ve never seen the old “door buzzer” skit with Carol Burnett and Tim Conway, open a new tab and Google it. Now. It will add a whole new layer to your understanding of access control). The “door buzzer” experience illustrates the inner workings of an Electronic Access Control (EAC) system. In its simplest form, an EAC system consists of an electronic door lock, a reader (such as a card reader or keypad), and some form of controller. In our example, the receptionist's eyes are the reader that allows her to recognize you. Her brain is the controller. If her brain is convinced that you belong inside, it will send a signal to her finger, ordering it to press a button and release the lock.

Networked and Standalone Systems

EAC Systems fall into two categories: networked and standalone. Using a networked system, you control everything from a computer or web browser. This includes buildings in different buildings or different countries. Need to lock all of your doors in an emergency? One or two mouse clicks and you’re done. Give an employee access to the Toronto branch from your office in Chicago? No need to leave your chair.

On the other hand, standalone systems must be programmed at each door. So if you need to remove a lost or stolen card from your system, you’ll usually have to do some walking. Because no network structure is required, standalone systems are the most inexpensive option. While a full-blown networked system costs upwards of $3,000 per door, a standalone can often be installed for under $1,000. Standalone systems, however, become more difficult to manage as the number of doors increase.

Readers

Readers are the eyes of an EAC system. Their purpose is to recognize a code, object, or person. Readers are mounted on the outside (the secure side) of doors and are the only part of the EAC system most users see. In a modern EAC system, readers are designed to read a credential. An access control credential can be something you know (such as a PIN code), something you hold (such as a key fob), or something you are (such as a fingerprint). 

Keypads

Keypads are simple to use, and inexpensive to install. the simplest and least expensive form of access control readers. However, they have a major drawback in that codes can be easily shared. This eliminates any hope of controlling the distribution of credentials. For this reason, keypads should not be used in high-security applications unless they are used in as part of a two-factor authentication when combined with a credential or biometric.

One security benefit of using a keypad is ability to program a duress code. Let’s say someone forces you to unlock a door. Entering a duress code instead of your normal code will release the door. But it will also initiate a silent alarm to security or central station personnel, letting them know that you are in trouble.

Card Readers

Access control credentials often come in the form of cards or fobs that can hang on your keychain. The most common credentials are still Radio Frequency Identification (RFID) cards. RFID cards can be read from a distance and, in some cases, do not have to be removed from your pocket to be used. While RFID credentials are very popular and inexpensive, many of them can be easily duplicated. Duplication equipment is easy to come by, and mail-in services will clone a card or fob with few questions asked.

In an effort to stay ahead of unwanted duplication, access card technology changes rapidly. Smart cards such as HID iClass provide sophisticated protection against duplication. A full discussion of credential technology is well beyond the scope of this article. Suffice it to say that you should have an in-depth discussion about this topic with an experienced security integrator before you decide on the most effective credential for your application.

Biometric Readers

All biometric readers are designed to scan a unique part of your body and create a digital template. The template is then stored within the access control system. When you approach a biometric reader it scans your fingerprint, eye, face, etc. and compares the scan to the stored template.

Biometrics have these advantages: they are nearly impossible to lose, duplicate, steal, or share. But of all reader technologies, they are the most expensive and most demanding to manage.

Do I Need Electronic Access Control?

Now that you have a basic understanding of EAC operation, it’s time to ask if this type of system can help secure your business. You can evaluate your need for EAC by asking these three questions:

  • Do I need an audit trail, i.e. a time and date stamped record of every opening or attempted opening of a door?
  • Should different employees have different access privileges based on time and day?
  • Does a lost or stolen key put my property or people at risk?

If you answer yes to one or more of those questions, you should investigate an electronic access control system.

Audit Trail

An audit trail is a time and date stamped record of every opening, or attempted opening, of an access point. Depending on your industry, a record of access to sensitive areas (such as narcotics cabinets or server rooms) may be required. An audit trail can help you identify who was present when supplies went missing or damage occurred. An audit trail can also complement your time and attendance system. Years ago, I was involved in a case where an employee was having a co-worker clock in for him hours before he showed. The audit trail from provided the necessary evidence to begin disciplinary action.

Time Zones

Not everyone needs unrestricted access to your facility. Cleaning crews are one example. If they are scheduled to service your office one night per week, there is no reason to provide a key that will work 24/7. You may also choose to program credentials that automatically expire on a certain date for contractors and temporary employees.

Lost or Stolen Keys

A lost or stolen key is more than an inconvenience. It means that an unknown person can now freely enter your facility. Yet – due to cost of re-keying mechanical locks and cutting new keys – businesses sometimes choose to live with the risk. However a lost EAC credential can be deleted or deactivated in minutes at minimal cost. Even if a re-key is still justified, blocking the lost EAC credential from perimeter doors and sensitive areas may buy you valuable time.

EAC - Going Beyond the Door

While EAC systems are most often used to control access to doors, they have other equally important applications. EAC control panels can restrict access to fuel pumps and other machinery. Key Tracer key cabinets and lockers can secure keys, radios, firearms, and other valuables. The secure enclosure can only be accessed with a keypad, credential, or biometric reader. With these systems in place, your valuable assets are protected through restricted access and audit trails.  

Conclusion

An Electronic Access Control system can become an important layer in your overall physical security program. You should consider Electronic Access Control if:

  • You need an audit trail of access to doors, equipment, and valuables;
  • You need to control access to doors, equipment, and valuables based on date and time;
  • You need to quickly add and remove access to your facility.

With three or more doors, a networked EAC system is usually the most useful solution. Depending on location, access to one or two doors can be effectively managed with a standalone system. And of course, you should decide on a reader technology after a careful discussion with your security integrator. Applying EAC to your business is like having a personal, computerized gatekeeper watching over your building and valuables 24 hours each day.