The purpose of access control is to grant entrance to a building or office only to those who are authorized to be there. The deadbolt lock, along with its matching brass key, was the gold standard of access control for many years; however, modern businesses want more. Yes, they want to control who passes through their doors, but they also want a way to monitor and manage access. Keys have now passed the baton to computer-based electronic access control systems that provide quick, convenient access to authorized persons while denying access to unauthorized ones.
Download our free PDF guide and get started with your access control project.
Today, instead of keys, we carry access cards or ID badges to gain entry to secured areas. Access control systems can also be used to restrict access to workstations, file rooms housing sensitive data, printers, as well as entry doors. In larger buildings, exterior door access is usually managed by a landlord, or management agency, while interior office door access is controlled by the tenant company.
People new to access control may think the system is made up only of the card and the card reader mounted on the wall next to the door. There are a few more parts behind the scenes, all working together to make the magic of granting access to the right person. That’s what this guide is about. Reading it will give you a full and comprehensive understanding of how access control systems work and the language required to communicate with vendors.
Is it absolutely necessary that you learn about access control yourself? No, definitely not. But it will save you time if, in the middle of your project, a problem arises or an important choice must be made. You can seek advice from the installers but they'll likely answer in access control language; however, you don’t have to take a crash course or call a security-control consultant just yet. But when you do, it helps to have a basic grasp on the subject and your education is free when an online search turns up a resource like this.
Access cards, card reader and access control keypad.
The most familiar part of access control systems are the cards, ID badges and, more recently, the smartphone apps that elicit an OK beep when presented at a card reader and unlock the door. These are also known as credentials since they bear the user's data that tells the reader to grant you permission to be on the premise, or in other words, that you are an authorized entrant.
Access cards are typically proximity cards that, rather than being swiped or inserted like credit cards, are held two to six inches in front of the card reader. The same procedure is followed for phone apps. The benefit of using credentials is that they are personalized, so any unlock event can be traced back to the person associated with it.
For more information about Kisi access control integration, click here.
The card reader is mounted on the wall next to the door. It reads the data on the credential and sends a request to the server to unlock the door. Some access control systems use keypads requiring PIN or biometrics in place of the card and reader.
Access management dashboard, integrations or API.
The admin-facing side is the management dashboard, or portal, where the office administrator, head of security, or IT manager sets the parameters of persons allowed to access the premises, and under which circumstances. This involves a management dashboard, often in the cloud, and a way to provision access—such as a card programming device.
In more advanced systems, the manual operations aspect can be automated. For example, the provisioning (creating and deleting access) can be done automatically by connecting the access dashboard to the company directory of employees. When a new hire shows up in the system, a new access is automatically positioned via an API or integrating-database service like Google Apps, Microsoft Azure, SAML, or Okta.
The card reader is mounted on the wall next to the door. It reads the data on the credential and sends the request to the server to unlock the door. Some access control systems use keypads, requiring PIN or biometrics, in place of the card and reader.
Electric door lock hardware, access control panels, and access control servers.
Electronic locks are used to electrically unlock the door on which it's installed. They usually have a wire that powers them. Some locks lock when they are supplied with power while others unlock when supplied with power. The former are known as fail safe locks and the latter are known as fail secure.
The choice of which to use depends on the area being secured. Entry doors call for fail safe locks, since they need to comply with building codes and fire regulations, that call for people to be able to exit at any time, even in the event of a power outage. IT rooms should be wired fail secure because they need to remain locked at all times, even in the case of emergencies. Fail secure doors also need to be equipped with electrified push bars to allow people to exit quickly in case of a fire.
Also known as the access control field panel, or intelligent controller, the access control panel is not visible to most people in a facility because it's installed in the IT room or the electrical, telephone, or communications closet. The reason for this precaution is because all the locks are wired to it. When a valid credential is presented at the door reader, the panel receives its request to unlock a specific relay, which is connected to the specific door wire.
Every access control system needs a server where the permissions are stored in an access database. As such it acts as the center or “brain” of the access control system. It is really the server that makes the decision whether the door should unlock or not by matching the credential presented to the credentials authorized for that door. The server can be a dedicated local Windows or Linux computer, a cloud server, or even a decentralized server when the permissions are stored in the door reader. The server also tracks and records activity and events regarding access, and allows administrators to pull reports of past data events for a given time period.
If a locally-hosted access control server is used, there is typically a dedicated machine that runs the access software on it. Managing it requires the administrator to be there on-site. Since having to contend with several local servers can become complicated for multi-facility management, cloud-based servers are gaining a lot of traction in this area.
Cables are a critical part of access control and can prove to be very expensive if installed improperly, so they should never be overlooked in planning an access control system. When building out the space, it's important that all the cables are specified so that the general contractor knows what to do. If the cables are not planned for, at this point, they will need to be added in later— this means someone will have to drill into, or lay cables on, all the newly-painted walls.
In addition to locally-hosted access control systems, where the server is onsite (as explained in the previous section), you have three other options:
The easiest way to explain these modern types of access control is to compare them to Google Mail, where your email is stored on the cloud rather than on your computer. The cloud, of course, is another way to say a remote server hosted by a service provider. This gives you the convenience of accessing your emails from any browser, as long as you have the correct login credentials.
In the world of access control the access permissions are not stored on a local server, but in the cloud. This means that the administrator can manage the permissions from home, or while on vacation anywhere, simply by using a browser. This appeals to security managers charged with overseeing multi-location facilities.Continue Reading
In our world of on-demand availability, access is extremely important and often assumed. While it’s easy to say, “I’d like to restrict and control access, that’s why I’m looking at access control,” the question should actually be, “How should we set up access control to least interfere with user behavior, yet provide the secure controls our business needs?” The answer is Kisi’s on-demand access. It gets everyone through the door while maintaining control.
It's also important to make sure the quote includes a Certificate of Insurance (COI). Many landlords and building management companies require this because it ensures that any possible damages incurred in installation will be covered.
And lastly, for those who want to go one step further with their access control education, we've provided a cheat sheet.