|Good installed a SARGENT® SE LP10 lock on the door to an executive’s office that was being used as a conference room|
Good Technology provides mobile data security solutions that enable enterprises and government to keep corporate and personal data safe, secure and accessible. Its focus on secure enterprise mobility makes Good an ideal candidate to help pioneer the use of mobile smartphones for physical access control. The company believes that digital keys stored in smartphones for physical access control represent a natural extension of mobility in the enterprise.
Good partnered with HID Global on a pilot deployment of digital keys that were provisioned over-the-air to its employees’ smartphones and used to open doors in the company’s two-story headquarters in a high-tech facility in Sunnyvale, California. The purpose of the pilot was to explore the benefits of mobile access control technology and its potential for enhancing security as compared to Good’s current low-frequency proximity-based photo ID badges, while improving user convenience.
Good’s Mobile Access Pilot
Good first had RFI Communications & Security Systems (RFI) in San Jose, California upgrade three existing HID Global ThinLine® II proximity readers on the second floor of its headquarters offices with readers from HID Global’s new iCLASS SE® platform. The iCLASS SE platform is HID Global’s new standard for highly adaptable and secure access control solutions. All iCLASS SE platform solutions are based on open standards and improve interoperability while enhancing security and privacy. The iCLASS SE platform includes multiCLASS SE™ readers that make it easier to migrate to mobile technologies since they can read both the HID proximity cards that Good was already using, and a new type of HID Global credential called iCLASS® Seos™ that is portable for use on NFC-enabled smartphones.
Good also installed a SARGENT® SE LP10 lock on the door to an executive’s office that colleagues use as a temporary conference room when he is away. An integrated Wiegand feature allowed the lock to be connected to the Software House C•CURE 9000 system installed by RFI. This ensured full access control functionality.
Finally, Good provided each pilot participant with a Samsung Galaxy S III handset1 equipped with a microSD card
|Good updated its California office with readers from HID Global's new iCLASS SE platfor|
and a range extender from Device Fidelity. The microSD cards support NFC in card emulation mode, adding the capability to securely store and emulate user credentials. Handset manufacturers sometimes refer to this as ‘Secure NFC’ as opposed to ‘Open N. The secure element of the microSD card was provisioned with the Seos applet. Then, the HID Mobile Keys app, which provides the user interface and user access to the digital keys, was installed on the smartphone. HID Corporate 1000 credentials were then provisioned over-the air as digital keys to each of the individual smartphones used in the pilot. The use of Seos with HID Global’s Corporate 1000 iCLASS Elite Program digital keys insured a high level of security.
Michael Mahan, SVP Special Markets for Good, made the most extensive use of the HID Global mobile access technology. It was his office that was equipped with a SARGENT SE LP10 lock to better control access when he was on the road. Mahan valued the new ability to grant access only to certain users, or to allow access only at certain times. In addition, he could run a report at any time to determine who had used his office, and when.
“Since I am so often on the road, I want my team to be able to use my office to host partners, or just have regular meetings,” Mahan said. “With the new lock and mobile access model, I didn’t have to worry that keys to my office might be lost or distributed to unauthorized people, and I could more easily keep track of who was coming and going.”
Pilot participants rated the use of NFC technology for physical access control as high to very high. A survey after the pilot’s completion revealed that:
More than 80 percent of respondents said the smartphone was more convenient to use than their current access card. “I have been known to forget my badge from time to time, but I never forget my phone at home or at my desk,” said Chris Webber, Mobile Security Platforms for Good Technology. “Even if I did, I’d know right away and turn around and get it. Being able to use my phone, rather than a badge, to open doors really simplifies my daily routine.”
More than 80 percent of respondents said the smartphone was more convenient to use than their current access card
All participants said they liked the look of the “door unlock” application on their phones, and said that it was intuitive and easy to use.
- More than 83 percent said that Good Technology’s physical security was improved by using a smartphone rather than a card to open locked doors. Respondents elaborated on the fact that the smartphone provides two-factor authentication in that they use a PIN to unlock the smartphone and then use the HID Mobile Keys app to gain entry. Others indicated that it is less common to lose their smartphone as compared to losing their card. And if they did lose the smartphone, it is noticed and reported more quickly.
- 67 percent said that other people who saw them using their smartphone to access the building asked questions about it or expressed interest in learning more. Comments included “Wow, this is great! How do I get it to work with my smartphone?” Some asked, “Will we all have the option for a mobile key? How many keys can the device store?”
- All respondents saw value in additional uses of digital keys on their smartphones. Within the enterprise environment, users said they would like to be able to log on to their PC and use their smartphones for secure print authentication. When asked about applications for digital keys outside of the enterprise environment, respondents expressed a high degree of interest in using their smartphones to access their residence and use it as a mobile wallet for payment.
- 100 percent of the respondents said they would like to be able to use their NFC-enabled smartphones to receive digital keys over-the-air that could be used to access a hotel room. Good’s Webber said “Every fourth or fifth trip, I somehow de-magnetise my traditional hotel keycard and have to go back to the lobby to request a new one. Using my phone would eliminate this hassle.”
Good was also impressed with comprehensive credential provisioning and management services that HID Global is offering for tokens, digital keys and credentials. HID Secure Identity Services™ will give customers all the tools they need for creating, using and managing identities on cards and NFC-enabled smartphones, within a secure access network, both today and in the future. In a mobile environment such as the one Good piloted, users will be able to create secure identities and digital keys for NFC-enabled handsets using the service’s cloud-based portal in a managed-service context. These secure identities can be used to open residential locks, access on-line physical access control readers or NFC-enabled electromechanical locks and log on to PCs. All management can be performed over-the-air. In the future, users will also be able to make security changes, dynamically, over-the-air, share digital cards and keys with authorized users via NFC ‘tap-n-give’ provisioning, and generate one-time password (OTP) soft tokens for network access.
Good was pleased with the pilot, and felt that it reinforced the company’s overall commitment to extending the value of mobility by providing solutions that secure corporate data over email, applications, and more. Good Technology also cited the security benefits of mobile access control as compared to photo ID badges, along with improved user convenience for today’s highly mobile workforce. “Our customers are always looking at new ways to enable mobile worker productivity and efficiency without having to take security risks,” said Mahan. “This pilot proved that using both a layered security approach and smartphones to provide secure physical access to buildings is a great way to meet their goals of adding security without complexity.”