Discussion

Enterprise Access Control

Over at Alarmcorp, technical director, Jeff Rushton, explains that components of a global access control solution can vary. But he says that for a solution like Vanderbilt SiPass, a basic system requires a server to run the management software, and the client gains access to the system through remote workstations via a thick client or web browser.
“The network consists of a number of advanced central controllers (ACC’s), which store all of the site’s information and event history,” Rushton says. “Each ACC can control anywhere from 1 to 96 doors and the card readers can be any technology, in fact multiple card technologies can be assigned to the same cardholder. The client’s other connected systems, including payroll, lifts, CCTV, intercoms, etc, can be connected to SiPass via Ethernet or serial.

According to Rushton, in its most basic form, the obvious advantage of enterprise access control is global management of sites and cardholders.

“Many global organisations now standardise on an enterprise platform that has worldwide acceptance, they can then have the system installed and supported locally, but the overall control and reporting is done via the company’s headquarters,” he explains.
Rushton’s key selection considerations when it comes to enterprise access control include multiple reference sites, similar in size and complexity to the proposed project; as well as the flexibility and openness to integrate to other platforms to either control or take control of your system.

“Level of security is important, too,” he says. “It’s imperative that the correct card/reader technology is chosen to facilitate a smooth migration from current to future technologies. And the selection of integration partners is paramount – they need to be chosen wisely to ensure the highest level of technical competence is held within the organisation.”

When it comes to upgrading an existing local solution to an enterprise solution, Rushton says anything can be upgraded and he points out that time and cost are the deciding points.

“For most existing local solutions, the only component that would remain would typically be the cards and readers, pretty much all other hardware would be replaced,” he says. “In saying that, if the reader technology is old, then an upgrade should include replacing this hardware as well. In our case, the migration from an old Vanderbilt Sipass system to the latest Vanderbilt SiPass MP2.75 system can be done with minimal hardware changes.”

When it comes to features important to installers and integrators, Rushton argues the simplest tools can be the best.

“One key example with the Vanderbilt SiPass solution is that PCB’s have multi-coloured LED’s on board to show the status of key processes, ie from communication right through to the state of every relay and input,” he explains. “This allows the integrator to easily identify the state of the entire system, greatly reducing installation and service times. The SiPass system also has a number of reports and live status feeds that can be utilised to diagnose any fault.

“Frankly, the installation process is typically the easiest part of the work. The most challenging component is the interpretation of the end users’ requirements, understanding their work processes and ensuring the system is programmed with the flexibility to encompass those processes. The introduction of an enterprise access system should not hinder the current operation of a business. For medium to high end complex systems, it’s important to create a flow chart with the customer, develop the forms and paper trail that is required and ensure that these are completed and submitted, well before the hardware installation.

“For end users meanwhile, key features include complete offline access with all data being held outside the main server and the ability to store and manage multiple card technologies for a single user is important. Ongoing security is critical, so the ability to restrict login access down to a floor or department ensures only approved staff have access to sensitive information. More broadly, the system needs to be open and flexible to connect to a variety of third-party systems.”

Rushton is not convinced by mobile management of enterprise solutions.

“Let’s assume in an enterprise application, we have manpower constantly operating the system, monitoring access and alarm conditions (which should be the case in 100% of installations),” he explains. “In such a case, I don’t believe mobile management is required, as all instructions are relayed via control room staff. The SMS is required to be able to suppress an alarm, only when a series of programmed checks occur to satisfy the alarm status.

“The programming of alarm points needs to ensure only actionable events are displayed to an operator with clear instructions and a list of actions required for this event. The resolution process should include the operator logging the procedure and response as well as attaching any supporting information to the entry.”

Integrating sub-systems is one of the big challenges of enterprise solutions and Rushton says multiple levels of integration should be available with a well-designed enterprise access control solution.  “Most integrations require a third party to write the interface between the two systems and test the operation,” he explains. “For example, a large organisation might use a human resources platform to start and terminate staff. Without an HLI, the HR staff might be required to send employee details to the security department to have them manually enter or change employee access details.

“However, with a full integration between the portals the HR staff could simply select the department and the start/stop dates of employment and they could then issue a card to the employee as part of their induction process, this would save a significant amount of time a greatly reduce any errors.”

Rushton explains that here are 2 main pitfalls to third-party interfaces:

1)The level of demarcation, if there is a fault whose problem is it? The security integrator, the HR system, or the interface between them?
2)The second issue relates to software revisions. Once an interface is written and tested, any changes to the software to the HR or security system may cause the interface to cease working, and this would require the interface to be rewritten.

Another consideration of any enterprise solution is selection of proprietary or open systems and which offers best integration and SDK support.

“Both types of systems have a place, and manufacturers of both will tell you why their system architecture is better,” Rushton explains. “Open systems include a variety of SDKs or other open protocols, and the process to connect third party products is a relatively simply one.

“The ability to integrate is paramount. If the SDKs are supplied with full documentation from the manufacturer then the need for them to offer whole-hearted support will be greatly reduced. For proprietary systems SDKs are not generally available and the entire integration process is controlled by the manufacturer, with the end user having limited input over competitive pricing and delivery timelines.”

This is an extract from the article posted in Security Electronics & Networks.  to read the entire article please click on the link: https://securityelectronicsandnetworks.com/articles/2018/10/05/considerations-and-challenges-of-enterprise-access-control-solutions/

Previous Post Next Post

You Might Also Like