ACS: problems, solutions and security risk management


Source

Contrary to popular belief, the access control and management system alone rarely solves security problems. In reality, ACS provides an opportunity to solve such problems.

When you approach the choice of ACS from the point of view of a ready-made security kit that completely covers the company’s risks, difficulties are inevitable. Moreover, complex issues will manifest themselves only after the deployment of the system.

In the first place – difficulties with the connection and interface. But there are many other risks that will jeopardize the company. In this article, we will examine in detail unresolved issues of interaction with physical security systems, as well as present the Ivideon solution for controlling the entrance and personnel.

Problems and Risks


Source

1. Availability and uptime

Classically, the enterprises of the “continuous cycle” include metal producers, power plants, chemical industries. In fact, most of today’s business has already moved into a “continuous cycle” and is very sensitive to planned and unplanned downtime.

ACS covers more users than it seems. And in traditional security systems you need to constantly keep in touch with all users in order to prevent business downtime – through messengers, pushies, messages “colleagues, the turnstile does not work” in instant messengers. This helps, at a minimum, reduce misinformation in case of problems with ACS.

2. The speed of work

Traditional card-based systems consume an amazing amount of work time. And this happens: our client’s employees often forgot or simply lost access cards. Up to 30 minutes of working time was spent reissuing a pass.

With an average salary for a company of 100,000 rubles, 30 minutes of working time costs 284 rubles. 100 such incidents are damage of 28,400 rubles excluding taxes.

3. Constant updates

The problem is that the system is not perceived as something that requires constant updates. But besides security itself, there is also the issue of the convenience of monitoring and reporting.

4. Unauthorized access

ACS is vulnerable to external and internal unauthorized access. The most obvious problem in this direction is corrections in the time sheet. Every day, an employee “is late” for 30 minutes, then gently corrects the logs and leaves the management in the cold.

Moreover, this is not a hypothetical scenario, but a real case from our practice of working with clients. “Delays”, in terms of per person, brought the owner almost 15,000 rubles of damage per month. A large company runs a decent amount.

5. Vulnerable zones

Some employees may arbitrarily change their access rights and go anywhere at any time. Is it necessary to clarify that such a vulnerability carries significant risks for the company?

In general, ACS is not just a closed door or turnstile with a sleepy guard. At the enterprise, in the office, in the warehouse, there can be many places with different levels of access. Somewhere only management should appear, somewhere the premises for contractors are open, but all the others are closed, or the conference room is open for visitors with temporary admission and the passage to other floors is closed. In all cases, an extensive system of distribution of access rights can be used.

What is wrong with classic ACS

To begin with, we will define what a “classic walk-through security system” is. We will consider: a turnstile or a door with an electric latch, an access card, a reader, a controller, a PC (or Raspberry or something based on Arduino), a database.

Although in the simplest case, you just have a person sitting with the inscription “Security” and enter the data of all visitors with a pen in a paper diary.

A few years ago, Ivideon operated a card-based access system. Like almost everywhere in Russia. We know the disadvantages of the RFID card / keychain:

  • The card is easy to lose – minus speed, minus working time.
  • The card is easy to fake – encryption of the access card for chickens laughs.
  • We need an employee who will constantly issue and change cards, and deal with errors.
  • The vulnerability is easy to hide – a duplicate employee card can be identical to the original.

Separately, it is worth mentioning access to the database – if you do not use cards, but a system based on an application for smartphones, your company probably has a local server with a centralized access database. Having access to it, it is easy to block some employees and give unauthorized access to others, lock or open doors, arrange a DOS attack.


Source

This is not to say that problems simply turn a blind eye. The popularity of such solutions is easy to explain – it’s simple and cheap. But simple and cheap is not always “good.” They tried to partially solve the problems with the help of biometrics – the fingerprint scanner replaced smart cards. It definitely costs more, and minuses – no less.

The scanner does not always work perfectly, and people, alas, are not careful enough. It is easy to slap mud and grease. As a result, the employee reporting system comes twice or comes and does not leave. Or a finger will be applied to the scanner twice in a row, and the system will “eat” the error.

With cards, by the way, it’s no better – it’s not uncommon when a manager has to manually adjust the staff time due to a failed reader.


Source

Another option is based on the application for a smartphone. The advantage of mobile access is that smartphones are less likely to lose, break, and forget at home. The application helps to set up real-time monitoring of office traffic at any work schedule. But it is not protected from problems of hacking, fake and falsification.

The smartphone does not solve the problem when one user marks the arrival and departure of another. And this is a serious problem and inflicts hundreds of millions of dollars worth of damage to companies.

Data collection

When choosing an ACS, companies often pay attention only to the basic functions, but over time, it comes to the understanding that much more data is required from systems. It is extremely convenient to aggregate data from the checkpoint – how many people came to the company, who is present in the office right now, on which floor is the particular employee?

If you go beyond the scope of classical turnstiles, the scenarios for using ACS will surprise you with variety. For example, a security system can control anticafe customers, where they pay only for the time, to participate in the process of issuing guest passes.

In coworking or anticafe, a modern ACS can automatically keep track of man-hours and control access to the kitchen, meeting rooms and VIP rooms. (Instead, one often observes passes from cardboard with barcodes.)

Another function that is vainly remembered in the last turn is the delimitation of access rights. If we have accepted or fired an employee, you need to change his rights in the system. The problem is many times more complicated when you have several regional branches.

I would like to manage the rights remotely, and not through the operator at the checkpoint. And if you have a lot of rooms with different access levels? You can not put a guard at each door (at least because he also sometimes needs to leave the workplace).

To help with all of the above ACS, which controls only the input / output, can not.

When we gathered these problems and the requirements of the ACS market at Ivideon, an exciting discovery awaited us: such systems, of course, exist. But their value is measured in tens and hundreds of thousands of rubles.

ACS as a cloud service

Imagine that you no longer need to think about choosing hardware. The questions of where it will stand and who will serve it, when choosing a cloud, disappear by themselves. And imagine that the price of ACS has become available to any business.

Clients came to us with a clear task – we need cameras for monitoring. But we have expanded the scope of conventional cloud video surveillance and created cloud ACS to monitor the time of arrival and departure with push notifications to the head.

In addition, we connected the cameras to the door controllers and completely eliminated the manual from problems with omissions. There was a solution that can:

  • Face down – no cards or security guards needed at the entrance
  • Take into account working hours – with the collection of employee entry and exit data
  • Send notifications when all or specific employees appear
  • Upload data on hours worked by all employees

Ivideon ACS allows you to organize contactless access to the room using technology face recognition. All that is required is nobelic camera (a full list of supported cameras is available on request), connected to the Ivideon service with the Faces tariff.

The camera has an alarm output for connecting to the door lock or turnstile controllers – after recognizing an employee, the door will open automatically.

You can monitor the work of checkpoints, issue access rights, and receive security updates online. There is no vulnerable local database. There is no application through which admin rights are obtained.

Ivideon ACS automatically sends information to managers. There is a visual report “Working hours” and a clear list of detections of employees at the workplace.

One of our clients provided employees with access to reports (example in the screenshot above) – this allowed us to objectively monitor data on time spent inside the office and simplified our own calculation of hours worked.

The system is easy to scale from a small company to a large enterprise – it doesn’t matter how many cameras you connect. All this works with minimal involvement of the employees themselves.

There is an additional video confirmation – it is clear who exactly used the “pass”. The vulnerabilities “gave / forgot / lost the card” and “urgently need to spend 10 guests in the office, give a card with multi-access” in the case of face recognition disappear completely.

Duplicating a face is not possible. (Or write in the comments how you see it.) The face is a non-contact way to open access to the room, which is important in difficult epidemiological conditions.

Reports are constantly updated – more valuable information appears.

We summarize the main technical capabilities of our face recognition system, which works both within the framework of ACS and for other purposes:

  • The total base of persons holds up to 100,000 people
  • At the same time, 10 persons in the frame are analyzed
  • Event database storage time (detection archive) 3 months
  • Recognition Time: 2 seconds
  • Number of cameras: unlimited

At the same time, glasses, beard, headgear do not greatly affect the performance of the system. And in the latest update, we even added a mask detector.

To connect the non-contact opening of doors and turnstiles using face recognition technology, leave a request on our website. Through the form on the application page you can leave your contacts and get a full consultation on the product.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *