One of the key benefits of combining physical and logical access control becomes evident in simplified infrastructure management and better access to resources. By combining the two forms of access control, facility executives can recognize significant productivity savings while at the same time providing higher level of convenience and potentially more personalized experience to end users.
Things such as no tour capabilities allow facility executives to manage their assets with fewer staff, and better real time visibility.
Indeed, simplification appears to be the keyword here. This means by integrating a single source of data the management of both systems is simplified with the manual data entry reduced.
This also has the added effect of increasing security by ensuring any access at both levels is updated at the same time. The linking also means that a single source for access is defined and managed, whether that be access to servers and files or buildings and rooms. This can now be managed from a single point of entry, thereby reducing the risk of the two systems being out of sync.
By creating a single point of truth for employee identities on a site, an organization can reduce duplication of entering new employee data, and of the ongoing management of their access rights.
The SPOT, or Single Point of Truth, principle says that you should specify key pieces of information in one and only one place in your code. Any related information should be derived from that single source and not stored separately from it. The key information could be a data item, a procedure, or an interface definition. The benefit is that if you need to change something, you can change it at that one place and be sure that all derived information is updated as well. The principle is popular enough that it has several names. For instance, you can find references to Single Source of Truth (SSOT), Single Version of Truth (SVOT), Don’t Repeat Yourself (DRY), and the more ferocious Duplication Is Evil (DIE).
Standardizing on a single access token across both logical and physical access systems can reduce the cost of credential issuance and the ongoing management of lost and replacement credentials.
Then there is also the role of security administrators as the solutions come into effect. With mobile solutions becoming available for both facility and information security, the roles of security administrators evolve to a more holistic perspective across the entire organization. Facility and information security teams are already working together more closely, and will increasingly collaborate even more tightly on all aspects of designing, implementing and maintaining robust security capabilities.
A single sign on is a good example. What IT and infrastructure department want is to manage fewer logins, fewer passwords, fewer systems and if they have a single login, then they can determine people’s activity, it’s easier to manage and maintain. So there are a lot of requests for single sign on, for role based access, depending upon one’s role, in the system from the IT department, one’s logical access could also help determine based on role based access, what different things they are capable of doing based on their role within my system.
In the combination of physical access and logical access, most users are utilizing logical access. Logical access is tied commonly to Microsoft Active Directory. That active directory allows people to have that logical access based out of which user group they are part of and by putting that into the physical access control, truly allows them to gain greater visibility and to know who is in which spaces, how long are they in those spaces, what time are they arriving in the respective spaces. So it really is a significant ease of management of the respective resources.
Adapted from a&s Magazine
