Johnson Controls Limited Access Controllers

The access control industry tends to be more conservative when it comes to the adoption of new technology and services for end users, but that doesn't mean that 2019 won't provide a significant amount of progress through emerging trends taking shape in the industry. In addition to the increased adoption and acceptance of the cloud, mobile credentials and biometrics are becoming more mainstream, and integrations between manufacturers will take centre stage. Here, we take a look at these and other trends helping to shape the coming year. Cloud-Based Products We're continuing to see a demand by end-user customers for customized responses to certain actions within an access control system For many access control manufacturers, the core of the business is in more traditional products, with a high percentage of installs continuing to be these kinds of projects. However, over the last couple of years, cloud-based products have emerged as a viable option for customers. We've seen more of a willingness for end-user customers to inquire whether this is an option for them, citing ease of use, remote management, cybersecurity and more as part of their foray into this branch of access control. The cloud has established its reputation as being quicker to install, more flexible for customers to access and manage both their access points as well as the video associated with these doors, and placing less pressure on internal (or in some cases, non-existent) IT teams to help set up and manage an access control system. Mobile Credentials Applications We're continuing to see a demand by end-user customers for customized responses to certain actions within an access control system. For example, if there's an alarm set off during the day along a perimeter, the ability to automatically execute a lockdown and simultaneous email or message to everyone within the building alerting them to the issue is critical. The desire for this kind of flexibility within a system is prompting manufacturers to build new simple to use graphical tools into their systems that allow customized action responses that are proportional to the level of alarm. There's a strong desire by many of today's companies to be able to use mobile phones for access control and as such, manufacturers are either developing their own mobile credentials applications or integrating their systems with these kinds of products. Over the last couple of years, cloud-based products have emerged as a viable option for customers Future Of Biometrics As companies start to ask about whether their facilities are safe enough, they're often more willing to consider access control that takes security to a new level, such as the implementation of biometric readers. Biometrics is getting more usage in professional security applications and many customers want to move away from using physical cards for access control. Manufacturers that don't currently have biometric hardware in place are starting to integrate with readers designed to offer this functionality in an effort to meet the demands of customers. The dramatic rise in facial recognition biometrics is something that will likely shape the future of biometrics as costs start to decrease. While the access control industry is highly fragmented, we're seeing a trend toward increased partnerships and open-platform technology that helps end users achieve the kind of comprehensive security that they desire. Video Management Platforms We're seeing a trend toward increased partnerships and open-platform technology that helps end users achieve the kind of comprehensive security that they desire For example, there are a number of access control providers that are providing paths toward full integration with lock manufacturers and vice versa in an effort to meet the needs of clients who may have purchased locks but a high powered access control system to properly manage them. There's also a large shift toward full integration with video management platforms and access control systems to fully integrate the two into a single, user-friendly experience and give end users more control over both. Additionally, manufacturers are looking to provide customers with a single system that meets the needs they have with regards to video, intrusion and access control. Right now, I don't think there's a system that can fully deliver on the promise of being exceptional at all three, so integrations and partnerships remain important to achieve that end goal. Access Control World An increasing number of end users are realising the holes in the current Wiegand protocols that have been in place since the 1980s, along with the large number of ‘off the shelf’ equipment that's now available to allow outsiders access through readers that operate under these protocols. As a result, in the last decade or so, OSDP has come onto the scene and is growing in popularity. One of the most important steps for access control manufacturers in 2019 will be to listen to customers who are concerned with this vulnerability and work toward fully supporting OSDP in an effort to protect these access control systems. It's an exciting time to be a part of the access control world, as we finally see results from all of the hype centred around the cloud, biometrics, mobile credentials, hacking protection and strong partnerships come to fruition. As 2019 begins, look for these trends to grow in popularity and for manufacturers to really listen to the end-user customer they serve and respond in kind.

The extensive analysis and discussion preceding any decision to implement a new physical security solution – whether it’s hardware, software or a combination of both – often focuses on technology, ROI and effectiveness. When it comes to deciding what type of security entrances to install at your facility, you will almost certainly also consider the aesthetics of the product, along with throughput and, if you’re smart, you’ll also look into service concerns. Each of these factors has its important place within the evaluation process, and none should be overlooked as they all have a significant effect on how well your entrances will perform once they are installed. Culture Influences Door Solution Decisions How significant will the change from current entrances to security entrances be for employees? Still, one additional factor actually trumps everything: if you have not considered your organization’s culture in choosing a security entrance, you may be missing the most important piece of the puzzle. Culture is a part of every other decision factor when selecting an entry solution. Before you make a decision about what type of entrance to deploy, you need to consider and understand the values, environment and personality of your organization and personnel. For example, how significant will the change from current entrances to security entrances be for employees? If people are accustomed to simply walking through a standard swinging door with no access control, this will be a culture change. Beyond this, whether you are considering a type of turnstile, a security revolving door or possibly a mantrap portal, simply walking through it will be a significant change as well. Training Employees On Door Security You’ll want to know whether employees have ever used security entrances before. If these types of entrances are in place in another part of the facility, or in a facility they’ve worked in at an earlier time, the adjustment will not be as great as if they’ve never used them at all. Consider, too, how your personnel typically react to changes like this in the organization or at your facility. They may be quite adaptable, in which case there will be less work to do in advance to prepare them. However, the opposite may also be true, which will require you to take meaningful steps in order to achieve buy-in and train employees to properly use the new entrances.  With the increased importance of workplace security, discussing new entrances with  workforces will help maintain a safer environment Communicate Through The Decision-Making Process All of this will need to be communicated to your staff, of course. There are a number of ways to disseminate information without it appearing to come down as a dictate. Your personnel are a community, so news about changes should be shared rather than simply decreed. As part of this process, you’ll need to give some thought to the level of involvement you want for your staff in the decision-making process. Finally, do not overlook the special needs among your personnel population. You undoubtedly have older individuals on staff, as well as disabled persons and others who bring service animals to the office. Entrances need to be accessible to all, and you never want to be in the position of having a gap in accessibility pointed out to you by the individual who has been adversely affected. New Security Entrance Installation By communicating early and often with your personnel, you can alleviate a great deal of the anxiety Once you have made the decision about which security entrances to install, training your personnel on how to use the new security entrances – both before and after the installation – will help to smooth the transition. Because workplace security is such a big issue right now, it makes sense to discuss the new entrances in the context of helping to maintain a safer environment. They will prevent violent individuals from entering, decrease theft, and most of all, promote greater peace of mind during the workday. If you can help them take control of their own safety in a responsible way, you have achieved much more than just a compliant workforce. By communicating early and often with your personnel, you can alleviate a great deal of the anxiety and concern that surrounds a significant change in the work environment. Schedule Group Meetings Consider your employees; what type of communications do they respond best to? A few suggestions to educate staff on the benefits of the new entrances include: Typically, you would communicate a general message 2-3 months in advance and then provide more specific information (for example, impacts to fire egress, using certain entrances during construction) in a follow up message closer to the installation date. Schedule group meetings to: announce the rationale for increased security, share statistics on crime, review the new security changes that are coming, show drawings/photos of the new doors/turnstiles, and show the orientation videos available from the manufacturer. These meetings are an excellent way to work through user questions and directly address any concerns. Once the installation of a new security system is complete, it is a good idea to have an "ambassador" on board to help employees use these new systems Ensure You Monitor Public Areas If you are implementing a lot of new changes, such as a new access control system, new guard service and security entrances, you might consider hosting a ‘security fair’ on a given day and have the selected vendors come for a day with tabletop displays to meet employees and answer questions during their lunch. This could be a great way to break the ice in a large organization. Make user orientation videos (provided by the manufacturer) available in several ways, for example: Intranet Site Monitors in public areas—lounges, cafeteria, hallways, etc. Send to all staff as email attachments Immediately after installation, once the doors or turnstiles are operational but before they are put into service, train ‘ambassadors’ on how to use the door/turnstile. Have these people monitor and assist employees during peak traffic times. What Is The Ultimate Success Of The Installation? By communicating clearly and openly with your population you can greatly facilitate adoption and satisfaction If you have thousands of employees, consider dividing them into groups and introduce the new entrance to one group at a time (Group A on Monday, Group B on Tuesday, etc.) to allow a little extra orientation time. Place user education ‘quick steps’ posters next to the door/turnstiles for a few weeks to help employees remember the basic steps and guidelines, e.g., ‘stand in front of the turnstile, swipe badge, wait for green light, proceed.’ Ask your manufacturer to provide these or artwork. While there are always going to be people who are resistant to change, by communicating clearly and openly with your population you can greatly facilitate adoption and satisfaction. Your responsiveness to any issues and complaints that arise during and after the implementation is equally fundamental to the ultimate success of the installation.

It’s not surprising that people are nervous about the security of newer technologies, many of which are part of the Internet of Things (IoT). While they offer greater efficiency and connectivity, some people still hesitate. After all, there seems to be a constant stream of news stories about multinational corporations being breached or hackers taking control of smart home devices. Both of these scenarios can feel personal. No one likes the idea of their data falling into criminal hands. And we especially don’t like the thought that someone can, even virtually, come into our private spaces. The reality, though, is that, when you choose the right technology and undertake the proper procedures, IoT devices are incredibly secure. That said, one of the spaces where we see continued confusion is around access control systems (ACS) that are deployed over networks, particularly in relation to mobile access, smartcards, and electronic locks. These technologies are often perceived as being less secure and therefore more vulnerable to attacks than older ACS systems or devices. In the interest of clearing up any confusion, it is important to provide good, reliable information. With this in mind, there are some myths out there about the security of ACS that need to be debunked. The fact that these devices communicate with an ACS via Bluetooth or Near Field Communication (NFC) leads to one of the main myths we encounter Myth #1: Mobile Credentials Are Not Secure The first myth we have to look at exists around mobile credentials. Mobile credentials allow cardholders to access secured doors and areas with their mobile devices. The fact that these devices communicate with an ACS via Bluetooth or Near Field Communication (NFC) leads to one of the main myths we encounter about the security of credentialed information. There is a persistent belief that Bluetooth is not secure. In particular, people seem to be concerned that using mobile credentials makes your organization more vulnerable to skimming attacks. While focusing on the medium of communication is an important consideration when an organization deploys a mobile credentialing system, the concerns about Bluetooth miss the mark. Bluetooth and NFC are simply channels over which information is transmitted. Believing that Bluetooth is not secure would be the same as suggesting that the internet is not secure. In both cases, the security of your communication depends on the technology, protocols, and safeguards we all have in place. So, instead of wondering about Bluetooth or NFC, users should be focused on the security of the devices themselves. Before deploying mobile credentials, ask your vendor (1) how the credential is generated, stored, and secured on the device, (2) how the device communicates with the reader, and (3) how the reader securely accesses the credential information. When you deploy smartcard technology as part of your ACS, you should choose the latest generation, such as MiFARE DesFIRE EV1 or EV2 and HID iCLASS SEOS Myth #2: All Smartcards Are Equally Secure The question “how secure are my smartcards?” is a serious one. And the answer can depend on the generation of the cards themselves. For example, while older smartcards like MiFARE CLASSIC and HID iCLASS Classic offer better encryption than proxy cards and magstripe credentials, they have been compromised. Using these older technologies can make your organization vulnerable. As a result, when you deploy smartcard technology as part of your ACS, you should choose the latest generation, such as MiFARE DesFIRE EV1 or EV2 and HID iCLASS SEOS. In this way, you will be protecting your system as well as your buildings or facilities. Some traditional readers and controllers can also pose a serious risk to your organization if they use the Wiegand protocol, which offers no security. While you can upgrade to a more secure protocol like OSDP version 2, electronic locks are a very secure alternative worth considering. It is also important to understand that not all smartcard readers are compatible with all smartcard types. When they are not compatible, the built-in security designed to keep your system safe will not match up and you will essentially forego security as your smartcard-reader will not read the credentials at all. Instead, it will simply read the non-secure portion—the Card Serial Number (CSN) —of the smartcard that is accessible to everyone. While some manufacturers suggest that this is an advantage because their readers can work with any smartcard, the truth is that they are not reading from the secure part of the card, which can put your system and premises at risk. Using electronic locks can help protect facilities and networks through various security protocols, including encryption and authentication Myth #3: Electronic Locks Are More Vulnerable These days, there are still many who believe that electronic locks, especially wireless locks, are more vulnerable to cybercriminal activity as compared to traditional readers and controllers. The concern here is that electronic locks can allow cybercriminals to both access your network to get data and intercept commands from the gateway or nodes over the air that would allow them access to your buildings or facilities. The reality is that using electronic locks can help protect facilities and networks through various security protocols, including encryption and authentication. Additionally, because many of these locks remain operational regardless of network status, they provide real-time door monitoring. This means that many electronic locks not only prevent unauthorized access but also keep operators informed about their status at all times, even if a network goes down. Outdated technology and old analogue systems are more vulnerable to attacks When it comes to deploying electronic locks, it is important to remember that, like any device on your network, they must have built-in security features that will allow you to keep your information, people, and facilities safe. Be Prepared To Unlock Future Benefits Ultimately, the information in your IP-based ACS is at no greater risk than any other information being transmitted over the network. We just have to be smart about how we connect, transmit, and store our data. In the end, maintaining the status quo and refusing to move away from old technology is not a viable option. Outdated technology and old analogue systems are more vulnerable to attacks. The reason it is so important to debunk myths around ACS and, at the same time, get people thinking about network security in the right way is that network-based systems can offer an ever-increasing number of benefits. When we deploy new technology using industry best practices and purchase devices from trusted vendors, we put ourselves and our networks in the best possible position to take full advantage of all that our increasingly connected world has to offer.