Download PDF version Contact company
Challenges with traditional password-based access control  
Using card-based access control solutions alongside IT password management provides an additional layer of security

A mandatory part of any organisation's relationship with its employees is the requirement to set up a secure password, which allows access to important documents needed to ensure fluid day-to-day processes of the business. Ken Scotland, Sales Director at ADT Fire & Security, discusses the best ways to build a more secure modern day enterprise by combining password-based access with smart card technology and multiple authentications.

Primarily, enterprises outline their password requirements to employees by creating certain boundaries to follow, with a view to protecting intellectual property - a valuable business asset. These boundaries tend to follow similar patterns across all work environments. In creating a secure password, the initial construction needs to be a combination of alphabetical and numerical

Intruders can easily guess passwords that are based on commonly used memorable words, such as the mother's maiden name of a person

characters with upper and lower case lettering and limited repetition. With this in mind, the parameters set by an IT department should include expiry dates on each password so they are renewed at least every 90 days. This ensures the new combination is completely different to the previous selection of characters.

In addition to the precautions taken around passwords, username construction should also be considered. Organisations should address this in order to make login credentials more secure. It is common for businesses to retain the same construction for all employees, allowing details to be easily predicted by intruders for any personnel on site. Therefore, if slight formatting differences were in place, login credentials become more secure.

Logical access' provides an additional layer of security, which takes the straightforward user / password sign-in one step further  
 Using smartcard technology can enable a card to be used to enter a building and allow secure PC sign-on

It is important to also note that it can be difficult to create passwords that are as memorable as they are compliant with internal regulations. Intruders can easily guess passwords that are based on commonly used memorable words, such as the mother's maiden name of a person. Therefore to combat this, ADT would advise a multi-factor combination: coupling a password with smart-card authentication to create a successful password management strategy.

Benefits of using card-based access control solutions with IT password management

ADT recommends that organisations use a smart card-based access control solution alongside straightforward IT password management. Enterprises already deploying a physical access control system around a building are equally able to introduce ‘logical access' to extend security to laptops or desktop machines. The use of smartcard technology means that the same card used to gain access to the premises has its use extended to the IT infrastructure in order to allow secure PC sign-on. It runs on the dual principle ‘something you know' (the username/password - authentication factor) and ‘something you have' (the smartcard - authentication factor) resulting in successful sign-in. Logical access provides all establishments with various security options that can be tailored to the suitable security level for the organisation, with permissions set at a server/network administrator level rather than simply at a user level.

Logical access provides an additional layer of security, which takes the straightforward user / password sign-in one step further

Knowledge based authentication - KBA

Furthermore, in the event a user has forgotten their card, there are also options to override the service using emergency access (Knowledge based authentication - KBA). KBA works with a series of personal questions and responses customised to each user, which continues to maintain the appropriate level of security.

Advantages of logical access

"Logical access" provides an additional layer of security, which takes the straightforward user/password sign-in one step further. In large organisations, it can be difficult to control a username/password system thoroughly, as it is very user-dictated. Therefore, this initiative regains control behind password-based access through smart card technology and combinations of authentication. These systems reduce the dependency on IT support workers for remote password reset or other access queries.

With advancing technologies in play, it is now more important than ever that organisations introduce an additional security layer to employees' access codes in order to protect critical documents integral to daily business flow. Dual functioning systems allow end-users to customise procedures on-site and prevent fraudulent access to the network.

 Jayne Diffin, Access Control Product Marketing Manager Ken Scotland
Sales Director
ADT Fire & Security
Download PDF version Download PDF version

Related videos

Upgraded feature for Xesar - Now with smartphone as well!

Upgraded feature for Xesar - Now with smartphone as well!
Enhancing government security with proactive threat detection from Wavestore

Enhancing government security with proactive threat detection from Wavestore
Join the biggest hour for Earth

Join the biggest hour for Earth

In case you missed it

Honeywell - how disruptive technologies make security systems better
Honeywell - how disruptive technologies make security systems better

The shift from standalone systems to fully integrated solutions is one of the biggest shifts the security industry has experienced in recent years.  There is a higher demand...

Has price inflation ended (or slowed down) in the security market?
Has price inflation ended (or slowed down) in the security market?

Inflation, the rise in prices of goods and services over time, can result from a multitude of factors. It happens when there is more money chasing a limited supply of goods. It hap...

Proactive security: the future of perimeter defence
Proactive security: the future of perimeter defence

The days of being reactive are over. That’s right, we as an industry, can no longer afford to be reactive. As threats evolve, the need for proactive security is critical. W...

Security beat

Honeywell - how disruptive technologies make security systems better

Honeywell - how disruptive technologies make security systems better
View all

Round table discussions

Has price inflation ended (or slowed down) in the security market?

Has price inflation ended (or slowed down) in the security market?
View all

Security bytes

Getting to know Chris Bone, CTO at ASSA ABLOY Group

Getting to know Chris Bone, CTO at ASSA ABLOY Group
View all
Featured white papers
Honeywell GARD USB threat report 2024

Honeywell GARD USB threat report 2024

Download
The role of artificial intelligence to transform video imaging

The role of artificial intelligence to transform video imaging

Download
Access control system planning phase 1

Access control system planning phase 1

Download
Key Findings from the 2024 Thales Cloud Security Study

Key Findings from the 2024 Thales Cloud Security Study

Download
Facial recognition

Facial recognition

Download
Quick poll
Which feature is most important in a video surveillance system?
More expert commentary
IP security: a case for switching over

IP security: a case for switching over
Benefits of video security systems in the mining industry

Benefits of video security systems in the mining industry
Benefits of migrating to an all-IP video surveillance solution

Benefits of migrating to an all-IP video surveillance solution
Featured products
Dahua Starlight Network Panoramic Camera

Dahua Starlight Network Panoramic Camera
All new exacqVision Advantage with Illustra cameras

All new exacqVision Advantage with Illustra cameras
Anviz AI Outdoor Bullet Network Camera

Anviz AI Outdoor Bullet Network Camera