301.519.9237 exdirector@nesaus.org

9.28.23 – SSI – Bob Eckel

Safety concerns are leading many organizations to reconsider their physical access control systems and add more advanced solutions.

According to a new survey, 40 percent of workers say they are more concerned about personal safety at work than they were just a year ago.

Safety concerns are leading many organizations to reconsider their physical access control systems – specifically, understanding if they are still sufficient or effective as they are currently implemented.

As most of us know, a physical access control system allows organizations to manage who enters a physical space. Doors and locks are the most basic form of physical access control.

Traditionally, these have relied on fobs and keycards incorporated into electronic systems which then allow designated people to enter protected areas at specific access control points.

Related: SSI 2023 Access Control Deep Dive Report

However, fobs and keycards aren’t perfect, dupe-proof systems, due to the fact that they’re not bound to an individual. It is all too easy for someone to give or loan their fob or keycard to someone else, or for a fob or keycard to be stolen, allowing access to unauthorized individuals

Fobs and keycards can also present problems for time and attendance systems, when people use them for timecard fraud. For example, employees may ask a friend to run their keycard for them, so their employer is falsely under the impression they were at work (when in fact they weren’t). This is a practice known as “buddy punching.”

Biometrics – or, unique individual traits such as fingerprints, facial scans or speaker recognition that can be used to verify an individual’s identity – can be the key to overcoming these challenges and providing assurances for your enterprise customers.

Biometric authentication can ensure organizational security is effective or get these organizations to the next level of physical access control and workforce management by answering the question – is this really the authorized person?

Image courtesy of Aware; reprinted with permission.

Here are four questions you should ask if you’re wondering if fobs and keycards are still sufficient to protect your enterprise customers, or if you need to be offering more:

Do your enterprise customers have a resource constraint associated with using fobs and keycards, that is making them lose operational efficiency?

Think of high security buildings that need a security guard 24×7 to ensure that only authorized people are able to access the building. Implementing biometrics can enable the enterprise customer to save a lot of money in this instance.

Are fobs and keycards sufficient for the security measures an enterprise customer’s users demand and expect?

As employers and prospective employers, it’s vital for your enterprise customers to demonstrate their commitment and assurance to workplace safety. At the same time, your enterprise customers need to make sure any additional security measures implemented do not add unnecessary friction as users (employees) come and go.

Does your enterprise customer have any necessary compliance requirements that may necessitate something more?

The Department of Defense has been handing down increased security requirements in response to threats from China, Russia and others.

In fact, many small- and mid-sized contractors may no longer be eligible to receive a government contract if they don’t have a fully modernized and in some cases an auditable security system in place.

Has the enterprise customer had any fraud events or do they see potential for future fraud events?

As noted with the “buddy punching” example, unworked time recorded by employees can quickly add up for your enterprise customers. Unfortunately, new statistics demonstrate the prevalence of such practices, with 19 percent of workers admitting they participate in timecard/timesheet fraud by helping coworkers clock in and out of work.

Maybe the answer to one or more of these questions is no, and you determine that fobs and keycards are still sufficient for your enterprise customers. But if you find yourself needing to offer additional assurances or more advanced security, alternatives like biometrics can provide a modern solution in any of these situations.

Image courtesy of Aware; reprinted with permission

It used to be that only large companies could offer biometrics because they required an overhaul of existing infrastructures, and were expensive and time-consuming to implement.

The first bit of good news is that most enterprise customers won’t have to add new infrastructure (like cameras or readers) or replace existing infrastructure; they can leverage the equipment they already have along with the bring-your-own-device (BYOD) trend.

The Benefits of Biometrics

Biometrics combined with BYOD automatically offers the superior security levels associated with multi-factor authentication (MFA), which is when an authentication process requires multiple factors – something a person has, something he or she knows (like a password) and/or something he or she is.

In this case, something a person has (their device) is being combined with something he or she is (face, voice or fingerprint). Leveraging existing equipment and investments, enterprise customers can create an ultra-modern physical access control system that perfectly balances security and experience.

Consider that in the air travel industry, airports using biometric boarding have been shown to load flights in less than half the time it takes with standard documents.

The second piece of good news is that biometric capabilities or workflows are now available in a cloud-based SaaS model. This means any size enterprise customer can now use biometrics as part of their physical access control offering – whether it’s a small organization securing a single door, office or closet, or a global enterprise with multiple buildings with various security levels needed.

Any organization can quickly get up and running with minimal upfront investment of time and resources.

In recent years, many security integrators have put the majority of their enterprise customer focus on cyber elements like routers and firewalls. This is of course beneficial, but you shouldn’t pursue this limited approach without placing equal emphasis on the physical perimeter.

Given the critical need for security and safety, the time is right for security integrators to evaluate if fobs and keycards are still a sufficient offering for their enterprise customers. And perhaps they are.

But if not, new market advances offer enterprise customers the ability to leverage existing infrastructure investments and fortify physical access control practices more quickly and effectively than ever before.

Bob Eckel is the CEO of Aware.