Access control technology is changing, older systems are being switched out for newer, more accessible systems. More and more, people are asking for all-in-one solutions that incorporate video, audio and analytics. These new, unified solutions are increasingly possible thanks to advancements in system architecture, mobile technology, artificial intelligence and cybersecurity. Here, we discuss four of the biggest trends in access control that security leaders should pay attention to and the opportunities they present.

System architecture

How are cloud and hybrid technologies being applied to access control? What are their advantages and are there any disadvantages?

Before diving into any advantages or disadvantages, it’s important to note that within the security industry, cloud technology is being adopted the fastest in access control. This is because people are more comfortable testing cloud capabilities in access control since it strictly deals with transactional data, versus video which requires greater storage capabilities and carries greater privacy concerns.

As for the pros and cons, cloud solutions offer the advantage of always having access to the latest software features without the need for onsite physical servers. This eliminates the burden on system administrators to frequently update or maintain hardware. However, cloud technologies have yet to be widely adopted for enterprise systems, which often prefer the greater control provided by on-premises servers. Additionally, cloud solutions can be less effective in remote locations or areas with bandwidth constraints.

Hybrid solutions present a cost-effective approach for expanding legacy systems into the cloud while protecting the initial investment in existing hardware. They are also beneficial for adding new sites without the expense of additional hardware. Despite their advantages, integrating hybrid systems can be complex, and ensuring they meet all requirements is crucial. Sometimes hybrid solutions may result in user interfaces not as robust as traditional on-premises systems, potentially limiting some features.

Mobile-first technology

Are access control solutions moving toward mobile technology? If so, why, and what opportunities and challenges does this present?

Access control is experiencing a shift toward mobile technology for two reasons: It is cost-effective for organizations and easier for their users. Additionally, this shift makes temporary credentialling more efficient, since QR codes and Bluetooth credentials can be sent directly to the visitor or contract worker via their phones or emails. These credentials can be set for an allotted time thereby offering more control and improved security. Finally, mobile credentialing can be used across different types of systems, whether on-prem, hybrid or cloud. This movement toward mobile, known as Mobile-First, is an approach toward design that leverages mobile devices as a user’s credentials versus key cards or key fobs.

Cybersecurity risks in access control are not unique and many of the best practices that security leaders apply to other areas can, and should, be applied.”

With this move towards mobile credentialing, there’s still the potential risk that people could share credentials. However, this isn’t unique to this type of solution and is something that good systems can manage. Another potential challenge is that some cardholders may not want to have work related application or credentials on their personal devices. However, this can be easily addressed by issuing them card credentials and having readers that can handle multiple types of credentialing.

Mobile technology presents major opportunities for system management, and it’s growing in popularity. It allows authorized users to more easily add and remove users, assign visitor access, receive alerts and notifications, and even remotely control doors all from their mobile device.

AI and analytics

How are AI and analytics being applied in access control? What are their potential use cases and how can they improve safety?

While the access control is one of the leading areas of security that’s adopting cloud technology, video leads the way with AI and analytics. That’s not to say that AI and analytics aren’t being used in access control, rather it’s being adopted more slowly and in conjunction with video or audio to help create a more secure environment.

For example, by combining video with access control, users are able to determine instances of tailgating, or piggybacking (whereby unauthorized people follow an authorized individual into a secure premise) which is always a vulnerability. Or it can be used to monitor access to sites requiring PPE (personal protective equipment) and restrict entry to anyone not wearing appropriate equipment. Access control analytics can also help monitor and manage instances of occupancy restriction. There are endless possibilities but as with any AI or analytic, the greatest challenge is properly trained models.


Are there cyber risks uniquely associated with access control? If so, how can they be mitigated?

Cybersecurity risks in access control are not unique and many of the best practices that security leaders apply to other areas can, and should, be applied. For example, making sure that they are aware of who has access to what spaces and using multi-factor authentication (MFA) are both important steps in protecting credentials and access to an organization’s spaces. Likewise, it’s important that devices on the network and communications are both encrypted, security leaders should be looking at security keys, and standards like OSDP and TPM modules, among other things to make sure every aspect — from door reader to server — is secure.

Legacy access control systems are making way for new, all-in-one systems that are designed to automate and unify the entire system experience for end users. From changing architectures to mobile design, increased use of AI and analytics to greater cybersecurity demands, access control is going to continue evolving with the rest of the security industry. It’s important to be mindful of the latest developments, while always focusing on what is needed out of an organization’s system.