Key Criteria to Take Into Consideration When Migrating to a New Access Control Solution?
Since the 1990s, where the RFID technology allowed the creation of contactless IP door access control systems, the installed base of access control equipment has grown hugely. There are now a lot of legacy systems in place that need an upgrade to more secure, reliable technology and to take advantage of additional functionality.
By Thomas Napora, Vice President & General Manager EMEA, ICT
The need to deploy newer technology has to be balanced out by budgetary constraints: many companies and public organisations can’t afford to change the whole system in one go and need to proceed with a phased migration.
So, what are the main considerations an end-user should have when embarking on an upgrade to their access control?
Like every journey, there is a starting point and a destination. The starting point is the current equipment and dependencies – such as existing card readers, cards and tags used by employees / contractors, integration with existing operational systems and databases like time and attendance management etc.
The destination is what the system should ultimately provide: should it combine access control and other security or operational systems such as intrusion detection? And are integrations with video surveillance, lift, number plate recognition, or building automation required?
A major consideration is to use open protocol access control systems. This means an access control solution which can work with third party readers using either Wiegand or OSDP protocol. Or vice versa – card readers which can work with third party controllers.
Additionally, the ability for an end-user to keep their existing credentials and gradually upgrade to a more secure communication protocol is not to be underestimated. It’s a considerable operational challenge to issue new credentials to hundreds or thousands of people at once. Card readers which “out of the box” can read many different communication protocols are an advantage here, as well as the capability to issue mobile credentials.
A first phase of the migration path, could be to keep the legacy controller and legacy readers, add a new access control server and controller such as the Protege GX platform and use a Data Sync license to synchronise the database between the two systems. New, more secure readers can be added in areas needing more stringent security. Then, gradually, the system can be updated in phases without interruption to service.
A second consideration when migrating to a new access control platform is the need of interoperability. With more and more systems converging, and being managed centrally, it is crucial for security and building management solutions to work together and improve the user experience. This can be achieved through open application programming interfaces (APIs), a fundamental tool that allow systems to connect with third-party technologies.
This can also go even deeper through the technology partnerships between manufacturers to achieve a higher level of integration. Depending on operational requirements, end-users should look at the list of integrations provided by the access control manufacturer, whether that’s biometric readers, video management systems, lift management, or building automation etc.
Finally, a must when considering any system sitting on an IT network is cybersecurity. Cyber threats are omnipresent and constantly evolving. The cyber risk is present at every level: from each stage of the product development to the system deployment and maintenance.
From a manufacturer perspective, we at ICT, perform thorough testing on our Protege platforms, regular updates to address emerging vulnerabilities, and we adhere to stringent security standards like ISO/IEC 27001, which ensures a robust information security management system.
It is essential that cybersecurity doesn’t stop with the manufacturer but carries on with the way the system is deployed and used daily by the end-user. Education is key here and end-users should work with installation companies adhering to these high cybersecurity standards and should apply them internally as well.
ICT has helped thousands of companies to migrate in a phased approach to a secure unified access control and intrusion detection, respecting budget constraints and operational requirements to achieve a successful solution.
