At the 2016 AAAE (American Association of Airport Executives) Airport Credentialing and Access Control Conference in Atlanta, Georgia, discussions centered around the rapidly evolving aviation security landscape, specifically with regard to renewed federal priorities on employee vetting and employee access control at airports.
Germaine to this and other aviation industry conversations is the ongoing development of technologies that are playing an expanded role in access control solutions including identity management and integration. These technologies enable airport security to better monitor facilities and staff and share data across multiple systems for heightened situational awareness and greater overall security. Having been a pilot for over 50 years, I have witnessed firsthand the repeated reports that many airports are still using access control and credentialing systems that are less than adequate for confronting insider threats, despite numerous TSA directives and guidelines. In some instances, the systems can be upgraded while in others a total overhaul is required.
Today’s advanced access control and credentialing systems can help address these and other security issues confronting airport management. Further, because access control systems – and the integrated operational systems – now collect operational data, that data is available for not only review and audit purposes, but also for planning and to support operational improvements throughout the airport complex.
As airport management looks to upgrade their access control and credentialing systems with newer technology, there are a number of factors that should be considered. In fact, security managers should be asking some very pointed questions of vendors about their systems and how they are addressing security and operational issues. Here are a few basic questions.
Is the system designed with open architecture, and is it backward-compatible?
The network has transformed access control systems from standalone solutions into a vital part of a more robust, highly integrated system. The open architecture of advanced access control systems will further enable these systems to integrate with other kinds of devices beyond the physical security industry, for example time and attendance or billable hours.
Many of today’s access control solutions are designed to be backward compatible with legacy systems and also to offer the ability to rapidly grow and expand as needs evolve, ensuring that organizations’ past and present investments will continue to offer innovation and advanced functionality in the future. With new access control software solutions, even systems that span separate buildings in different locations can be efficiently upgraded.
Software-based controllers and other technologies excel at providing backward compatibility and enabling best-of-breed systems, allowing for uniformity in new or existing deployments. By making it possible for legacy and new solutions to coexist within the same system, these technologies enable custom systems that standardize an array of diverse solutions into a single system that provides multiple upgrade options to ensure airports can meet their security needs while remaining within budgetary constraints.
What about access cards and badging?
All individuals employed by or at airports require some sort of badge to enter secure areas, and different types of badges authorize different levels of access. For example, an airport restaurant employee has no business entering baggage handling areas, so his or her badge may be a different color and the access level restricted only to concourses and terminals.
When creating access control credentials, new technology allows security management personnel to integrate human resources and access control systems that allow the personnel data to automatically populate and program identity card data fields. Integration with active directory support enables real-time identity management, individualized identity-based door access and the ability to generate specific reports for each screen view or credential holder. These kinds of automated processes allow staff to focus on their primary responsibilities and can virtually eliminate errors often found in a manual entry process.
Along with advances in software and hardware access control systems, badging and card technology has also advanced. Today’s systems support standard cards (i.e. prox, bar code, mag stripe), smart cards (i.e. HID®, MIFARE®, etc.) and a variety of U.S. government compliant personal identity cards.
Will I be able to tailor the system for reports, alerts and rules?
Having the information that you need, when you need it and in the format that best suits your needs is critical in maintaining a safe and secure airport environment. Reports can provide tracked and analyzed personnel and operator activity as well as alarm, door and card activity and who’s in/roll call. For more convenience, reports can be viewed online in addition to printed versions.
Automated email notifications can send selected events or alarms to appropriate personnel. Simple or complex access rules can be accommodated and applied to doors or personnel in a group or individual manner.
In answering the need for upgraded access control systems in an airport environment, the industry has stepped up with new technology. The ongoing developments of advanced access control and credential solutions provide management with the capability for increased effectiveness and efficiency in deterring insider threats and other risks to airport security.
Where can I find more information?
Management can reference government documents such as Standards for Airport Security Access Control Systems (DO-230E), TSA’s Recommended Guidance for Airport Planning, Design and Construction and Biometrics Use for Access and Credentialing at U.S. Commercial Airports, and any requirements issued by the Aviation Security Advisory Committee (ASAC).
Information is also available online at http://www.galaxysysresources.com/state-of-access-control/ where you can download a white paper titled, The Current State of Access Control.