In the field of physical security and security of information, Access Control (or Access-Control) is the selective restriction of access to a protected area, a system or physical or virtual resources.
- Ensure a clearly defined perimeter of controlled space;
- Ensure clear and controlled access routes;
- Secure relocation of collection and storage areas;
- Assign safe activities to unsafe areas;
- Assigning insecure activities to secure areas;
- Redesigning space so as to ensure a high
- percentage of natural barriers;
- Improving space structure;
- Redesigning space to increase the perception of natural surveillance;
- Minimizing distances and isolated areas.
The Access Control System is a basic, defining and original element in ensuring these strategies. He actively participates in achieving the major objective of any security department – protecting the assets of an organization: people, information and property (material and financial). People, including management, employees, suppliers, customers and visitors, are the most valuable assets of an industrial organization.
The penetration of people and vehicles into protected space must be achieved only by accessing this system, which is the main barrier to preventing and deterring offenders. In general, the access-control classification is based on the implementation methods: natural (physical capacity of the environment to provide security opportunities), organizational (rules and procedures, policies and strategies) and technological (mechanical, mechanical and electrical) .
To access the access control system, users must submit the authorization before they can be granted access. In physical systems, these authorizations can come in several forms: a permit, an identity document, a card or a card that can give the bearer access to a protected area. Because these authorizations can be transferred or even stolen, it is not a safe way to handle access control.
A more secure method of access control involves two-factor authentication. The person requesting access must present the authorization and evidence to confirm his / her identity. The second factor may be a legal identity card (duplicate a card, card, or permit), an access code, a PIN, or even a biometric item (a measurable biometric element that only belongs to the user, such as a fingerprint digital or retinal).
There are many card technologies such as magnetic stripe, bar code, Wiegand, card-swiper, contact cards and smart cards. Key Fob keyboards are also available, which are more compact than cards and can be attached to a key ring.
Biometric technologies include fingerprints, facial recognition, iris recognition, retinal scan, voice, and hand geometry. Biometric technologies embedded on newer smartphones can be used as authorizations in conjunction with access software running on mobile devices. In addition to older and traditional Access Card technologies, newer technologies, such as low-power NFC or Bluetooth communication, have the potential to communicate user authorizations to card readers for the control access system.
Physical access control can be implemented by access gate staff (receptionist or security agent, or both) and by mechanical means, such as locks and keys, or by technological means (electronic) such as a turnstile or a barrier. Turnstiles and barriers must have technical characteristics in accordance with the purposes and access requirements. These can be for intense or reduced traffic, indoor or outdoor, for one or more access ways, VIP, disabled, swing gates or rotating doors, high and semi-metallic gates with metal grille, and so on The choice of turnstiles adapted to patrimonial purposes and traffic conditions is essential and can make a difference between efficient and non-functional security with disproportionate costs.
All access control measures must be corroborated with patrimonial, organizational and video surveillance methods. To avoid circumvention of the access control system, physical access forbidding (eg fences) must be established on the perimeter. The implementation of the access control system also involves a procedural component. Applying access rules may not be possible without clear, well defined, comprehensible and accepted procedures; all of this, of course, in compliance with national legal rules and those relating to the protection of private data. Information to employees, visitors, suppliers and third parties must be visible at the entrance but also through the submission of procedures and rules of access to signing contracts with suppliers, customers and other collaborators.
Not only pedestrian access is the subject of the access-control system but also the car, which involves higher risks. In addition to human, mechanical, mechanical, electrical and IT control procedures, vehicle intervention and testing, which involves more complex control methods, including patrimonial, sometimes anti-terrorist control. Vehicle and vehicle pre-qualification, visual inspection, vehicle specific control, system-based access, incoming and outgoing weight control, automatic access methods (eg check-in system) and technology, knowledge and training from security agents, but also a longer lead time for control.
Do not forget the interior or exterior car parks, which involve both property and image risks for the objectives. Although access is more permissive many times, and the boundary between the public and private domains is sometimes diluted and unclear, access rules must exist and be enforced.
The level of security established by the implementation of the access control system will be determined by the criticism and vulnerability of the people, information and property of the organization. The role of technology is to support the organization’s security strategy. The interdependence of the 3 precious assets of any industrial enterprise, together with the planning and the design phase, precedes the drafting of the Security Management Plan; supported by security technologies.
Already traditional access control technology is no longer in the “what happens if?” But more a “standard”, providing security practitioners with a new series of innovations that increase the efficiency of Access Control System in their organizations . These revolutionary developments can add value to the business by reducing costs and increasing revenue for those who know how to improve the security operations of their companies; the direct financial benefits being even lower than the indirect ones.