Security Trends: Elevating Safeguards
By HID Global
From the August 2013 issue of Today’s Facility Manager
Technology advances, escalating security threats, and the desire to put more applications on access control solutions, while also moving these capabilities to mobile devices enabled with near field communications (NFC) functions, are prompting many organizations to upgrade their infrastructure. Migration to new solutions pays off in a much higher level of security for people and property, plus operational efficiencies and cost-effectiveness, and an improved user experience.
The NFC Forum describes NFC technology as a short-range wireless connectivity technology (also known as ISO 18092) that provides intuitive, simple, and safe communication between electronic devices. As the NFC Forum describes, communication occurs when two NFC compatible devices are brought within four centimeters of one another. Payment is the most prominent initial NFC application, but by no means the only one. NFC is fully compliant with the ISO standards governing contactless smartcards, making access control an ideal next application for the technology.
Meanwhile, high frequency contactless technology provides greater card and reader protection, plus encrypted data storage for additional card data security. This can be used for a variety of applications, from opening doors, accessing computers, and using time and attendance and secure print management systems, to paying for meals or transit fares and making cashless vending purchases.
Current high frequency contactless systems improve security through mutual authentication and cryptographic protection mechanisms with secret keys and secure messaging protocol delivered on a trust-based platform of interoperable products. These solutions feature multi-layered security and privacy support that prevent cloning and tampering and are also portable to NFC enabled mobile devices.
This mobile capability will enable a more streamlined and hassle free security experience for users who can carry all of their credentials on their phones. Mobile access control will be implemented within a secure mobile identity environment, including a communications channel for transferring identity information between validated phones, their secure elements, and other secure media and devices. Users will be able to receive digital keys on smartphones that operate with the infrastructure’s readers and locks and support numerous security levels and associated access rules. NFC enabled locks could give time limited access to sensitive areas.
And when higher security is necessary, two factor authentication could be dynamically invoked. An application could be pushed to the phone that, for instance, requires the user to enter a four digit PIN or to perform a gesture swipe before the door will open.
Whether on a card or mobile device, there are advantages to giving users a single solution for securing everything from the cloud to data to doors. It enables strong, multi-factor authentication throughout the IT infrastructure on key systems and applications, rather than just at the perimeter. It also enables an organization to leverage its existing credential investment to add logical access control for network log-on and create an interoperable, multi-layered security solution across company networks, systems, and facilities. And it simplifies the addition of future applications that further improve security, such as fingerprint, iris, hand geometry or other biometric templates that can be stored on the card for additional factors of authentication.
Making the Move
An investment is required when migrating to higher security, but there is the return on investment (ROI). The ROI may be tangible, such as through improved insurance premiums due to better risk management. Benefits can also be intangible, such as the cost savings associated with security breaches—something that could impact an organization’s workforce or customers, and present legal and reputation issues.
The benefits of a single card for multiple applications also yields long-term cost savings from greater convenience and improved management efficiencies, along with the ability to preserve access control infrastructure investments as organizations move to new features, regulatory compliance, and/or other capabilities without a “rip and replace” infrastructure overhaul.
There are several prerequisites for moving to a high frequency contactless smart card platform. The first is to choose a platform with an open architecture, including open application programming interfaces (APIs). This helps to ensure easier system integration, more procurement flexibility, simplified expansion, and scalability.
The second requirement is a multi-technology solution that limits disruption to day-to-day workflow. Multi-technology cards bridge the gap between legacy systems and secure contactless technology, while multi-technology readers deliver flexibility to support various types of credentials. Facility managers (fms) should also make sure their standards based smart card system is interoperable for portable to NFC mobile phones.
It is also critical to consider secure issuance. Fms should plan ahead for multi-layered validation and system security capabilities. Printers, card materials, and software can incorporate critical visual and logical technologies for more trustworthy authentication and to help deter tampering and forgery. Besides card security, it is also important to protect the integrity of the overall issuance system by taking into consideration the physical components, the system’s electronic security, and the data on the print ribbon panels.
In addition, it is important to select the right migration partner and to conduct a thorough site survey. The site survey should cover a number of issues, from the security needs of specific facility areas, to whether there will be applications beyond opening doors, to future requirements for interoperability, upgrades, and/or compliance driven risk management.
Also important to evaluate are mobile plans, including how the organization envisions deployment and whether it will be using the Bring Your Own Device (BYOD) mobility model. [To read about considerations for BYOD policies for facility staff, see the Professional Development article from the August 2013 issue of Today’s Facility Manager. It will be available September 10, 2013.]
High frequency next generation smart card technology not only increases security, but also provides cost and efficiency benefits, while paving the way for mobile solutions that provide even better protection for people and property, along with a hassle free security experience for users.
HID Global, an ASSA ABLOY brand, provides secure identity solutions for a variety of facility types and applications.