Tag Archive access control


Cloud and on-prem access control: navigating privacy, compliance, and training

With the increasing acceptance of cloud-based solutions, the access control market has seen a considerable transformation in recent years.

Cloud and on-prem access control:

Scalability, cost-efficiency, remote management, and real-time monitoring are all appealing features for security integrators. As more businesses migrate to cloud-based systems, integrators must stay aware on the privacy, legal,

and regulatory issues that come with implementing these solutions.

In addition to comprehending the privacy and regulatory context, integrators must be aware of the training and support required when dealing with cloud-based access control systems. Providing integrators with the necessary knowledge and resources can have a significant impact on the success of installing these advanced security solutions for clients.

This article seeks to provide essential information that will assist access control systems integrators stay ahead in this ever-changing business by addressing the problems and issues around privacy, legal and regulatory compliance, and the training and support required for integrators. Integrators who are well-informed and prepared will be in a better position to successfully deploy cutting-edge security solutions for their clients, ensuring both security and customer satisfaction.

Considerations regarding privacy and the law

Several legal and regulatory factors must be taken into account when installing a cloud-based access control solution. Personal data must be secured and processed in accordance with data privacy legislation such as the GDPR. HIPAA for healthcare and PCI for finance are two examples of industry-specific rules and standards that must be followed.

“It does depend on the region,” explained Andrew Scothern, Security Chief Architect at Gallagher. “GDPR is the most well-known legislation, but many countries have their own standards, especially at the High Security end of the market, for how systems should be architected and operated when in the Cloud. System and Organization Controls (SOC2) compliance is a major consideration for many when considering Cloud hosted services.”

John Szczygiel, EVP and COO of Brivo, pointed out that customers demand solutions that meet internationally recognized security standards and audit practices such as SOC 2 and ISO 27001 to ensure that the solution and any sensitive data are protected.

“A cloud-based security provider must have a solution where security is baked into its products and applied in data centers, field hardware, people and processes,” Szczygiel said. “Everything from how products are built to how applications are deployed must be designed with cybersecurity and data protection in mind.”

Integrators’ training and support
Experts agree that training and support for integrators working with cloud-based access control systems should be similar to that offered for on-premise systems. The majority of the installation work (doors, readers, panels, inputs, outputs, etc.) is done on-premise. The quantity of training necessary to configure a system is determined more by the quality of the client software than by the location of deployment.

“For a well-designed system the training shouldn’t be too different between Cloud based and on- premise systems,” Scothern said. “In both cases most of the work installing the system is on-premise, and it is only the client server software that is deployed differently. The amount of training required to configure a system is then dependent on how good the Client software is rather than where it is deployed.”

The same is true for integration points. A well-designed set of APIs is far more impactful than where the software is deployed. In saying that, a system that makes it easy and secure to connect from other cloud systems can be a big help to cloud based integrations.
Szczygiel suggested that beyond the typical technical training and certification, integrators may need assistance with connecting the customers enterprise applications such as HR and Identity Management systems with the access control solution via application programming interfaces (APIs).

“Solution providers should be prepared to support the integrator and end-customer with a professional services team that can smooth the way to achieving value from these API integrations,” Szczygiel added.

Seongbin Choi, Head of R&D Center at Suprema, added that both cloud-based, and on-premise solutions require integration and data transmission with third parties. Training about REST API and JSON (JavaScript Object Notation) will be essentially needed for the integrators.

To ensure success, integrators should acquire high-impact training and technical certifications. In-person and hands-on training, as well as virtual choices, should be available, allowing integrators to work at their own pace or attend live sessions. Furthermore, API support should be provided for linking customers’ corporate applications, such as HR and Identity Management systems, to the access control solution.

As cloud-based access control systems continue to acquire traction in the security industry, it is imperative that integrators keep abreast of the most recent advancements and best practices. Integrators can ensure that their clients’ systems are both secure and compliant with applicable laws and regulations by addressing privacy, legal, and regulatory considerations. This not only helps maintain a positive reputation within the industry, but also fosters trust between integrators and clients.

In addition to compliance, integrators must prioritize the training and support necessary to operate cloud-based access control systems effectively. By investing in exhaustive training and certification programs, system integrators can acquire the skills and knowledge required to navigate the unique challenges presented by cloud-based solutions. This, in turn, will enable integrators to provide superior service and support to their clients, further solidifying their position as industry leaders.

In conclusion, the successful deployment and management of cloud-based access control systems depend on the ability of integrators to navigate the complex landscape of privacy, legal, and regulatory considerations, as well as their dedication to continuous learning and improvement. By remaining informed and proactive in addressing these challenges, access control systems integrators can not only enhance their own expertise, but also contribute to the success and security of their clients’ organizations. This commitment to excellence will unquestionably pave the way for continued growth and innovation in the world of access control in a rapidly evolving industry.

Source: Prasanth Aby Thomas, Consultant Editor Date: 2023/05/09 Related tags: access control


New CodeGUARD 5 from UNION meets latest BS 8607 grade 5 standards

UNION has launched CodeGUARD 5, the first access control device available to meet the new BS 8607 grade 5 standards.

The recently introduced grade 5 standards provide the most stringent level of security and access control for mechanical push button locks to date. Providing an extremely strong level of attack resistance, grade 5 was introduced because of the need for a high-security push button lock, and UNION is the first manufacturer to answer this need.

Grade 4 – previously the highest level – could only meet the required standard with the help of an additional integral locking unit. In contrast, a grade 5 device such as CodeGUARD 5 delivers a ‘one-stop’ security and access control solution, where the latch and lock are integrated and tested together. As a result, CodeGUARD 5 offers users an automatic deadlocking unit, whereas a grade 4 product is reliant on key holders to lock a door.

Featuring BSI Kitemark certification, CodeGUARD 5 provides access control and security in a single package, delivering assured protection for securing people, assets and data, while offering the convenience of access control without the need for wiring.

One of CodeGUARD 5’s key features is its 20mm deadlocking latch. This means it will not succumb to the kind of physical attacks that mechanical push button locks typically undergo, such as a crowbar being placed between a frame and lock to force a door open.

Furthermore, the mechanical push button lock system is secured through more than 2,000 code combinations. Unlike its competitors, the unit is also always supplied to customers with a passcode different to the standard factory settings, for optimal security.

Providing extremely high corrosion resistance, the new CodeGUARD 5 solution is also ideal for perimeter security applications. The system has undergone a salt spray test for 240 hours to demonstrate its capabilities in highly corrosive environments, with its aesthetics and performance unaffected over time.

Suitable for 30- and 60-minute timber fire doors, and 240-minute metal fire doors, CodeGUARD 5 is offered with universal handing and fixings, so the system is easy to order and specify too. This is all backed by a three-year guarantee, offering the kind of high-quality product assurance that customers have come to expect from UNION.

Karen Hubbard, Product Manager at UNION, said: “Whatever the application, CodeGUARD 5 delivers unmatched strength and durability. Building on our reputation and heritage, which dates back to 1840, CodeGUARD 5 is the toughest push button lock available, meeting the latest grade 5 standards for BS 8607.

“The solution brings together security and access control as has never been seen before – protecting people and assets even under determined and prolonged attack. CodeGUARD 5 comes with more than 2,000 code combinations, offering a huge advantage over many competitor products where pre-set factory codes have been a real weakness in the past.

“This is all complemented with a smart and stylish finish, with CodeGUARD 5 featuring an ergonomically-designed handle that would suit any modern environment.

“There is no other mechanical push button lock available that comes close in terms of strength and robustness. As such, CodeGUARD 5 is ready to set a new benchmark for mechanical access control.”