Download PDF version Contact company
Challenges with traditional password-based access control  
Using card-based access control solutions alongside IT password management provides an additional layer of security

A mandatory part of any organisation's relationship with its employees is the requirement to set up a secure password, which allows access to important documents needed to ensure fluid day-to-day processes of the business. Ken Scotland, Sales Director at ADT Fire & Security, discusses the best ways to build a more secure modern day enterprise by combining password-based access with smart card technology and multiple authentications.

Primarily, enterprises outline their password requirements to employees by creating certain boundaries to follow, with a view to protecting intellectual property - a valuable business asset. These boundaries tend to follow similar patterns across all work environments. In creating a secure password, the initial construction needs to be a combination of alphabetical and numerical

Intruders can easily guess passwords that are based on commonly used memorable words, such as the mother's maiden name of a person

characters with upper and lower case lettering and limited repetition. With this in mind, the parameters set by an IT department should include expiry dates on each password so they are renewed at least every 90 days. This ensures the new combination is completely different to the previous selection of characters.

In addition to the precautions taken around passwords, username construction should also be considered. Organisations should address this in order to make login credentials more secure. It is common for businesses to retain the same construction for all employees, allowing details to be easily predicted by intruders for any personnel on site. Therefore, if slight formatting differences were in place, login credentials become more secure.

Logical access' provides an additional layer of security, which takes the straightforward user / password sign-in one step further  
 Using smartcard technology can enable a card to be used to enter a building and allow secure PC sign-on

It is important to also note that it can be difficult to create passwords that are as memorable as they are compliant with internal regulations. Intruders can easily guess passwords that are based on commonly used memorable words, such as the mother's maiden name of a person. Therefore to combat this, ADT would advise a multi-factor combination: coupling a password with smart-card authentication to create a successful password management strategy.

Benefits of using card-based access control solutions with IT password management

ADT recommends that organisations use a smart card-based access control solution alongside straightforward IT password management. Enterprises already deploying a physical access control system around a building are equally able to introduce ‘logical access' to extend security to laptops or desktop machines. The use of smartcard technology means that the same card used to gain access to the premises has its use extended to the IT infrastructure in order to allow secure PC sign-on. It runs on the dual principle ‘something you know' (the username/password - authentication factor) and ‘something you have' (the smartcard - authentication factor) resulting in successful sign-in. Logical access provides all establishments with various security options that can be tailored to the suitable security level for the organisation, with permissions set at a server/network administrator level rather than simply at a user level.

Logical access provides an additional layer of security, which takes the straightforward user / password sign-in one step further

Knowledge based authentication - KBA

Furthermore, in the event a user has forgotten their card, there are also options to override the service using emergency access (Knowledge based authentication - KBA). KBA works with a series of personal questions and responses customised to each user, which continues to maintain the appropriate level of security.

Advantages of logical access

"Logical access" provides an additional layer of security, which takes the straightforward user/password sign-in one step further. In large organisations, it can be difficult to control a username/password system thoroughly, as it is very user-dictated. Therefore, this initiative regains control behind password-based access through smart card technology and combinations of authentication. These systems reduce the dependency on IT support workers for remote password reset or other access queries.

With advancing technologies in play, it is now more important than ever that organisations introduce an additional security layer to employees' access codes in order to protect critical documents integral to daily business flow. Dual functioning systems allow end-users to customise procedures on-site and prevent fraudulent access to the network.

 Jayne Diffin, Access Control Product Marketing Manager Ken Scotland
Sales Director
ADT Fire & Security
Download PDF version Download PDF version

In case you missed it

Global regulations of AI: the role and impact on the physical security industry
Global regulations of AI: the role and impact on the physical security industry

The artificial intelligence revolution in physical security has arrived, transforming how we protect people, assets, and infrastructure. From smart buildings that automatically ad...

How does security innovation impact the skillsets operators need?
How does security innovation impact the skillsets operators need?

Technology automates tasks, streamlines processes, and improves efficiency in various fields, including physical security. But the success of today’s latest technologies depe...

How can manufacturers and integrators mitigate the risks of port forwarding?
How can manufacturers and integrators mitigate the risks of port forwarding?

Port forwarding is a networking technique that allows incoming traffic on a specific port number to be redirected to a particular device or application on a local network. Open por...