Back in the 1960s a lead engineer working in conjunction with the United States Navy for Lockheed’s Skunk Works team coined the acronym KISS, which translated to the design principle ‘keep it simple stupid’. 

The KISS principle embraces the concept of simplicity, stating that most systems work best if they are kept simple rather than geared up to be more complicated. When it comes to physical security systems, this concept can also play a key element in its overall success.

Secure work environments

For years the tug of war in the security industry has pitted the need for a secure environment against the desire for technology that is convenient for users. However, finding a happy medium between the two has often seemed elusive.

I believe you can design and have operational convenience at the same time as achieving high security"

Jeff Spivey, a security consultant and the CEO of Security Risk Management, has this to say about it, “If there is an understanding of the security-related risks and their separate and/or collective impact on the organisation’s bottom line business goals, a resolution can be reached.” Jeff also does not think that convenience and high security have to be opposing each other. He says, “I believe you can design and have operational convenience at the same time as achieving high security.

Importance of secure access control

The premise is that for organisations and spaces to be truly secure, they must be difficult to access. So, by its very nature, access control is designed to be restrictive, allowing only authorised staff and visitors to access a facility or other secured areas inside. This immediately puts convenience at odds with security.

Most people will tolerate the restrictive nature of a controlled entrance using badge, card or biometric because they understand the need for security. When that technology gets in the way of staff traversing freely throughout the facility during the course of a business day, or hindering potential visitors or vendors from a positive experience entering the building, they become less tolerant, which often leads to negative feedback to the security staff.

Enhancing corporate security

Security consultants like Spivey and security directors all stress that understanding the threats and risk levels of an organisation will most likely dictate its physical security infrastructure and approach. All the technology in the world is useless if it is not embraced by those who are expected to use it and it doesn’t fit the culture of the organisation.

Once employees and customers are educated about what security really is, they understand that they're not losing convenience, they're gaining freedom to move safely from point A to point B.

Converged data and information shape new access options

Migration of physical access control systems to a more network-centric platform is a game-changer for security technologies

The migration of physical access control systems to a more network-centric platform has been a game-changer for emerging security technology options. The expansion of the Internet of Things (IoT), Near-Field Communication devices powered by Bluetooth technology, and the explosion of converged information systems and identity management tools that are now driving access control are making it easier than ever before for employees and visitors to apply for clearance, permissions and credentials.

Wireless and proximity readers

Advancements in high-performance wireless and proximity readers have enhanced the user’s access experience when presenting credentials at an entry and expediting movement throughout a facility.

A user is now able to access a secured office from street-level without ever touching a key or card. Using a Bluetooth-enabled smartphone or triggering a facial recognition technology, they enter the building through a security revolving door or turnstile. A total building automation approach adds extra convenience, as well as seamless security, when access technology is integrated into other systems like elevator controls.

Advancements in high-performance wireless and proximity readers have enhanced the user’s access experience.
A total building automation approach adds extra convenience and seamless security

How to Meet Security Concerns at the Entry

While security managers are charged with providing their facilities the maximum level of security possible, there is always the human element to consider. But does the effort to make people comfortable with their security system ecosystem come at a cost?

Does all this convenience and the drive to deliver a positive security experience reduce an organisation’s overall levels of security? And if so, how can we continue to deliver the same positive experience including speed of entry – while improving risk mitigation and threat prevention?

Door entrances, barriers

Users can slip through the door or turnstile barriers while they are still open after a credentialed individual has gone through

Let’s examine some of the various types of entrances being used at most facilities and the security properties of each. With some entrance types, there is the possibility for security to fall short of its intended goals in a way that can’t be addressed by access control technology alone. In particular, with many types of doors and barriers, tailgating is possible: users can slip through the door or turnstile barriers while they are still open after a credentialed individual has gone through.

To address this, many organisations hire security officers to supervise the entry. While this can help to reduce tailgating, it has been demonstrated that officers are not immune to social engineering and can often be “talked into” letting an unauthorised person into a facility.

Deploying video cameras, sensors

Some organisations have deployed video surveillance cameras or sensors to help identify tailgaters after the fact or a door left open for longer than rules allow. This approach is not uncommon where facilities have attempted to optimise throughput and maintain a positive experience for staff and visitors.

Security staff monitoring the video feeds can alert management so that action can be taken – but this is at best a reactive solution. It does not keep the unauthorised persons from entering, and so is not a totally secure solution.

Optical turnstiles, speedgates

Security staff should carefully evaluate its facility’s needs and consider the technology that is built into the door itself

Security staff should carefully evaluate its facility’s needs and consider the technology that is built into the door itself. Not all security entrances work the same way. And, there will always be a balance between security and convenience – the more secure the entry, the less convenient it is for your personnel and visitors to enter your facility.

For example, it takes more time to provide 2-factor authentication and enter through a mantrap portal than to provide only one credential and enter through an optical turnstile or speedgate.

Perimeter protection

So, it is an important first step to determine what is right at every entrance point within and around the perimeter. Remember that convenience does not equate to throughput. Convenience is the ease and speed of entry experienced by each individual crossing that threshold, while throughput relates to the speed at which many individuals can gain access to the facility.

A more convenient entry makes a better first impression on visitors and is good for overall employee morale. Throughput is more functional; employees need to get logged in to begin their workday (and often to clock in to get paid), and they quickly become frustrated and dissatisfied when waiting in a long line to enter or exit the premises. Considering form and function when designing a security entrance can ensure that those requiring both high-security and convenience are appeased.

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version

Author profile

Greg Schreiber Vice President of Sales, Boon Edam

Greg Schreiber has been the Vice President of Sales of Boon Edam Inc. since 2013 and has been with the company a total of 15 years.

In case you missed it

How a leap year may effect your access control system
How a leap year may effect your access control system

Leap years occur every four years as a way to help synchronise the calendar year with the solar year, or how long it takes the Earth to orbit the sun. While this is necessary, leap years require our security systems to account for an extra day, apart from its normal schedule. As a result, leap years create problems with computing and can cause major issues to access control system functionality if a provider is not leap year compatible. There are a few things to keep in mind as we near February 29 to ensure you and your system are prepared for this uncommon occurrence. Why doesn't my access control system work on a leap year day? A leap year doesn’t occur that often, but if your system is newer than four years old, then this may be the first time you are being hit with this issue. It may be something as simple as the fact that the manufacturer of the system failed to account for leap day in their QA/testing procedures when designing the product. Regardless of the reasoning, it is important to recognise the issues that could arise so you can be prepared. An access control system malfunctioning never leads to a good outcome. What are some of the issues I could run into if my system isn’t leap year compatible? If you have your doors on a schedule, it could lead to doors being open on a Saturday or Sunday — which is the case this leap year — when they should not be open. This could naturally lead to unauthorised individuals gaining access to sensitive areas, putting company assets at risk. This could also lead to problems with credentials that were set to start or expire on a certain date, which could cause problems for new employees needing access, or could extend access privileges to contract workers whose employment terms have ended. In addition to credentialing, other scheduled events will also be off in the system. For example, some access control systems automatically lock or unlock doors on a set schedule based on business hours. With no defined schedules in place for a day that only occurs once every four years, this could lead to issues with scheduling for both authorised and unauthorised individuals. What can I do to ensure my system is ready for Feb. 29? Anything? If your manufacturer hasn’t alerted you that your system is leap-year compatible, it is best to set up your system in a test lab and simulate the leap-year date. This allows you to verify that all of your scheduling type events work correctly. If it works in a simulation, it will work on the actual day. However, beware waiting until the last moment to test your system, in case you do run into challenges that need to be addressed. Are there solutions available that account for this already? This is an important question to ask if you are evaluating a new system. While there are some systems that do not account for a leap day, many systems, like Hirsch Velocity, already do. In fact, Hirsch products have been leap-year compatible for many years now, allowing end-users to ignore the inconvenient day altogether. What if my system doesn’t? If you know for a fact that your system is not leap-year compatible, ask your provider before that date to test and ensure that your system will work properly. If you do this and encounter scheduling issues, you can opt to push off all of your scheduled events until March 1 and validate scheduled doors being opened on February 29 to plan accordingly. While leap day is inconvenient, it is addressable. It is just important to do so early to catch any issues before they arise. Failure to acknowledge the challenges associated with leap years will inevitably lead to difficulties when the day comes.

Embracing digital transformation in the security industry
Embracing digital transformation in the security industry

Many industries are, to a greater or lesser extent, in the throes of digital transformation. As with any change programme, digital transformation efforts often under-perform against expectations. Yet, the number of digital transformation programmes continue to increase, as commercial pressures intensify. As security professionals we need to embrace our role in digital transformation, as security is everybody’s business. For all those people weary of hearing about digital transformation and believe it’s a business fad, consider your own behaviours. If you use a smartphone to search, find, order, buy, message, watch, learn, play, bank, pay, enter, exit, navigate, communicate and more then you are part of the reason that digital transformation is a commercial necessity. The way we live our lives has changed significantly over the past twenty years and this needs to be reflected into how we rethink the way we do business. Digital transformation is about more than technology, it allows people to solve their traditional problems in new and better ways than before. Better can mean faster, at lower cost, using fewer resources, easier to maintain, more compliant and/or easier to report insights. IoT, criminal activity and security  The number of internet connected devices worldwide is increasing at an exponential rate; by the end of 2025 there are expected to be 75.44 billion. Internet of Things (IoT) means digital transformation converges physical and digital for security professionals. Criminals use smarter digital tools such as malware, drones, key cloners, signal readers and more, which impact both physical and cybersecurity. To counter this, digital transformation provides security professionals with access As security professionals we need to embrace our role in digital transformation, as security is everybody’s businessto valuable actionable insights to identify and deter threats to people and assets. All transformation starts with an idea generated by people and ends with people experiencing the output. Therefore, digital transformation starts and ends with people. To ensure a solid foundation to any digital transformation agenda, people need to have a clear purpose to engage. This is where security leaders can inspire their colleagues with a laudable purpose of embracing disruption at the same time as focusing on safeguarding people and assets. Non-security colleagues should understand that security risks are advancing at a faster pace than enterprises can adapt. As a security leader, you are advocating a movement where your colleagues adopt relevant enterprise security risk management practices in their daily thinking and working. The message is clear that digital transformation presents abundant opportunities and these need to be evaluated alongside the proliferating security threats that can become a business continuity failure. Security professionals and digital influence  The number of internet connected devices worldwide is increasing at an exponential rate; by the end of 2025 there are expected to be 75.44 billionSecurity professionals can influence digital transformation success by translating an enterprise’s strategy into secure operational reality. The security narrative should emphasise the people side of digital transformation and how technology can act as an enabler of a safe and secure experience, both for employees and customers. Operationally, digital transformation is about agility, adaptability and navigating uncertainty. Old ways of thinking and working will be blockers to transformation, so security leaders ought to identify the rapid enablers of a ‘secure’ digital transformation. Better people, processes and overall technology People generally don’t want more in their lives, they want better. Better people. Better data. Better technology. Better processes. Digital transformation creates significant ‘better’ benefits for security: For example, connected (IoT) sensors, video analytics at the edge and machine learning identify threats faster; workflow technologies and automation detect, investigate and remediate routine responses; cloud provides many benefits such as agility, scale and mobility; and, smartphones/digital devices provide real-time communication and collaboration. Tackling all the ‘better’ needs within a security approach is necessary – focusing on the prioritised commercial needs first. Think about how to drive radical simplification into digital transformation agendas to ensure complexity doesn’t create too many unmanageable risks. Designing enterprise security risk management into the business operating model will facilitate colleagues to be empowered for safe and secure change. Communicating security successes and breaches with commercial impact insights in a timely and concise manner across the enterprise will prove the value of active security engagement throughout digital transformation programmes. Transforming the world Digital technology is transforming the world around us, in a way that impacts every area of security. Security professionals are now businesspeople and technologists, in addition to their traditional security remits. Embracing this impacts security recruitment, training and employee engagement, within the security team and with non-security colleagues. Without a doubt, security professionals are integral to digital transformation programmes.

ISC West modifying Venetian ballroom layout in absence of Chinese companies
ISC West modifying Venetian ballroom layout in absence of Chinese companies

ISC West is being affected only minimally by the COVID-19 coronavirus, which is having an impact on international business travel, specifically to and from China. One consequence of coronavirus travel restrictions is a decision by Reed Exhibitions International not to proceed with a dedicated pavilion for Chinese companies at ISC West, March 17-20. In the main hall, however, some Chinese companies will remain in the show and staff their exhibit booths with U.S. office personnel and resources. Importantly, the ISC West event is moving forward as planned. Several trade show organisers globally have cancelled events because of fears of spreading the disease. For example, the Mobile World Congress in Barcelona was cancelled at the end of February. “Our clear focus is on the health and safety for our entire ISC community, and empathy and compassion for our Chinese customers relative to personal health and safety, and the very challenging business predicament for these companies,” says Will Wise, Group Vice President, Security & Gaming Portfolio, Reed Exhibitions. Minimal Impact Our clear focus is on the health and safety for our entire ISC community, and empathy and compassion for our Chinese customersThe ISC West team and Reed Exhibitions International colleagues in China have been working diligently to assess the status of all ISC West exhibitors from China, given the travel restriction, says Wise. Among show attendees, Chinese travel restrictions will have a negligible impact. In past years, only a tiny fraction of attendees traveled to Las Vegas from China for the show. Immediate action by the U.S. government as soon as the world became aware of the COVID-19 coronavirus has enabled a controlled business and health and safety dynamic that will allow the show to proceed as planned. The U.S. took quick action to put major travel restrictions in place, including no incoming flights/travel from China. “The status is ever-evolving and we’ll be keeping the expo floor plan updated,” says Wise. The China pavilion In previous years, the China pavilion had hosted 50 or more companies as part of what was formerly known as “Global Expo,” located in the Venetian Ballroom adjacent to the Sands Convention Center.  In 2019, the slate of companies in the Venetian Ballroom expanded to include some domestic exhibitors as well as the international companies. Importantly, the ISC West event is moving forward as plannedThis year, Venetian Ballroom exhibits will continue without the participation of Chinese companies. There will be international exhibitors from countries outside China as well as some domestic companies, including the Emerging Technology Zone, where new startups will highlight their latest innovations. The Security Industry Association (SIA) New Product Showcase will also be featured in the Venetian Ballroom, as well as a VIP international lounge. Additionally, a new pavilion highlighting Loss Prevention and Supply Chain companies will be featured, and there will be an educational theatre offering free sessions on topics such as drones and robotics.  Reed Exhibitions strongly urges exhibitors and visitors to refer to the guidelines and protocols as suggested by the World Health Organization and local/national public health authorities to contain and mitigate against any further spread of the virus. Suggested precautions include frequent hand washing (including alcohol-based hand rubs) and maintaining a three-foot distance between oneself and other people, particularly those who are coughing, sneezing and have a fever.