Security professionals are all too familiar with the concept of physical access control. But for many, the term “access control” implies an access control system consisting of controllers, credentials, and accompanying software. This assumption leaves much to be desired, as it overlooks some critical elements of access control for risk mitigation.
Not only are traditional access control systems unable to prevent tailgating and piggybacking, but they are also unable to confirm if a user ever entered the building after badging in. Under these circumstances, it is impossible to determine with confidence who is inside a building without deploying a number of redundant security systems.
Access control is more than just a system. It is rather a multi-layered strategy involving a combination of smart security entrances, data analytics, predictive metrics, and, yes, even systems. Together these elements deliver information and value beyond what traditional access control systems provide.
Where Traditional Access Control Solutions Fall Short
Deploying an access control system (an access controller and its accessories) as a facility’s sole source of physical access control is limiting in both function and value, largely because access system controllers are primarily designed for traditional swinging doors. Swinging doors and access controllers each come with their own inherent weaknesses that even technological advancements cannot overcome. These weaknesses diminish security and create a deficit of operational data and meaningful analytics.
With only two “modes,” open or closed, the functions of swinging doors are limited. When open, any number of people can pass through in an uncontrolled fashion regardless of the presence of an access controller. Tailgaters are free to follow unsuspecting users, and employees are inclined to hold the door for others. Swinging doors also offer no restrictions regarding the removal of materials or goods of any size that pass through the doorway.
As a result, there is no way for security management to accurately identify who or what has entered or exited a building. When integrated with an access control system, results are not much better. Access control software can alert to tailgating violations but cannot prevent them before damage can be done. And while access control systems confirm a person has valid credentials for access, there is no confirmation that the person granted access is the person passing through the doorway.
Because swinging doors are unable to provide useful security or operational data back to the controllers, access controllers generally haven’t been designed to capture such data. This creates an information gap, wherein data could otherwise be used to understand and improve the facility’s security posture, as well as to gain insight and make improvements to operations. Swinging doors create risk without generating actionable outputs, often making them the weakest link in physical security systems, even when equipped with an access controller.
The Improved Security and Information of Security Entrances
Security entrances are completely different from traditional swinging doors and range widely in form and function to meet various needs. The most common types of security entrances include tripod turnstiles, full height turnstiles, optical turnstiles, security revolving doors, and security mantrap portals. At the lowest security level, they regulate the movements of a large crowd for safety and swift throughput. At the highest levels, they eliminate unauthorized intrusions, tailgating, and piggybacking without requiring any supervision by guard staff. Most important, all security entrances are designed to ensure only authorized people enter or exit a controlled area.
Take the operation of a traditional swinging door with an integrated legacy access control system and compare it with that of a security revolving door with a built-in entrance controller. In the case of the swinging door, the access controller would only know if and when credentials were presented, accepted, and door access was triggered. In sharp contrast, the security revolving door and its entrance controller know as much and more. Here, the system confirms how many times entry was authorized and if the person successfully entered or did not enter. Furthermore, the system reports if the person entered and a second person tried to enter with them in the same compartment (piggybacking), if a second person tried to enter in the following compartment (tailgating), or if a second person tried to exit in the opposite compartment (unauthorized exit/entry).
This more complete information is of high interest to security and facility management teams because it affects both security and operational issues. Using this data, management teams can capture analytics about user behaviors and tie that information directly to threat and risk assessments. Such information would be otherwise impossible to gather using a traditional swinging door and integrated access control system.
Predictive Metrics for Enhanced Insight
When it comes to certain security entrance models or designs, it may be possible to go even further. New innovations in presence detection have made it possible to both detect and reject piggybacking and tailgating attempts using intelligent interior sensors to confirm that only one person is attempting passage. With this technology, security managers can adjust several parameters that will affect the sensitivity of the assessment to meet the needs of a facility. This exercise results in access to predictive analysis of the risk of a potential breach.
For example, an advanced presence detection solution detects and rejects every piggybacking attempt, but at the expense of an increased likelihood of a “false positive” — that is, a single authorized individual wrongly rejected for wearing a backpack. By lowering the system sensitivity, security management can reduce the number of these false rejections, but by doing so they increase the risk of a potential piggybacking breach. Managers can select the desired balance between security risk and user convenience by using the predictive probability metric. Such settings can then be scaled across all security entrances, giving management a clear understanding of the risk at these entrances and certainty that any infraction is not an accident.
Security entrances can be superior to their swinging door predecessors, helping bridge the gap between access control systems and holistic access control. Through the integration of new security entrance technologies, security management teams can accurately measure who is inside a facility while also providing significant return on investment that goes beyond improvements in security.
This article originally ran in Security, a twice-monthly security-focused eNewsletter for security end users, brought to you by Security Magazine. Subscribe here.
