Access control systems are hugely advantageous. But they do need regular maintenance to ensure they’re as secure as possible. After all, there’s no point in having one in place if it has vulnerabilities that you’re not aware of.
The following details the essential points any company needs to know about their access control system and applies for those already in place, new implementations, or when a significant event takes place. This could include a security incident, office move, merger, or a heightened level of alert in national security.
Regular evaluation is key
With many different systems available it can be challenging to understand which works best for a particular business situation. Features to be considered include:
- The volume of people using the system and the amount of different access levels
- What areas need to be controlled
- The times of day when access will be needed
- Any other security systems already in place and their integration with access control
These are all subject to change over time. In such situations, the system needs to be re-evaluated and relevant access will need to be re-enabled.
What to maintain
- Ensure the most updated technology: Older systems may still be running on 125 KHz, something that’s now outdated system and presents many vulnerabilities. Today, encrypted technology is crucial to guard against breaches, and many older systems fail to have. Because tech continues to evolve (along with cyberthreats), it’s necessary to check for software updates on a regular basis – at a minimum of once a year. In addition, access control isn’t a ‘fit it and forget it’ asset, and business owners should factor in the need to upgrade every decade.
- Test regularly: Monthly checks should be carried out to confirm the system is working correctly. This includes exterior door alarms, as well as the access control itself.
- Carry out regular audits: Large companies have multiple personnel arriving and leaving. Unless cards (or other entry means, such as fingerprints) are deactivated, they remain active and present a security risk. For buildings with a high foot-fall, or that have multiple contractors, this presents a significant challenge. However, there are means by which to overcome this, including:
- Cards that self-expire after a pre-determined period of inactivity.
- Managers/HR to manually deactivate cards or users. Alternatively, attach the person/card to a database that deactivates when the person no longer requires access.
- Include the need to swipe out of the building each day. If this isn’t done or the wrong exit is used, further access can be denied until it’s re-enabled.
- Access levels: How many do you have, and who has access to them? Companies evolve, as does a business premises, meaning that re-assessing who can go where, and when, is crucial. It’s also important to have a record of who’s authorised each individual’s access, such as a manager, HR, or security sector of the business. This creates an audit trail (either on paper or digitally) that provides accountability should there ever be a breach.
- Staff training: Humans are hard-wired to be polite, and one aspect of good manners is to hold doors open for others. However, this single act is the biggest weakness of any access control system, making it essential to hammer the message home to staff on a regular basis. This can be done in many ways, either as a component of every staff update, via company email, memos, or with distinct signage at every access and egress point.
Because access control is only a single part of a complete business security system, it should be considered along with all other aspects and part of the security plan.
Our expert consultants here at Crown Security have been looking after the security needs of Perth and WA businesses for over 25 years. We offer advice and implementation of bespoke access control systems that are tailored to ensure that the right people have access to the relevant areas of a building and/or site, as well as all the other complementary aspects that are necessary to keep premises, employees and visitors protected.
- Posted by admin
- On 25/01/2020