Alan Davies
Alan Davies
NFC-enabled physical access control makes it easier to track who is entering and exiting monitored access points throughout the workplace
Comprehensive and robust security programmes and policies are required for adequate data security
Over the last decade, we have entered a new era of physical and logical access control. We are now living in an increasingly mobile world where our phones do more than just make a simple call – employees can now open doors and enter secure areas, as well as access computers, corporate data networks and associated information assets with just a single mobile device.  Furthermore, the cloud, and access to cloud-based services is becoming almost a fundamental requirement for businesses. This, combined with advanced personal mobiles such as Near Field Communication (NFC)-enabled ones increasingly being used beyond conventional uses, is naturally driving a change in how organisations view, deliver and manage security, explains Alan Davies VP Sales – EMEA, Identity Assurance, HID Global

A big change pertaining to security management is that identity no longer needs to be restricted to a single plastic card or security token. We often think about identity solely in terms of the card or token that carries it; however with more and more companies placing accessible data in the cloud and allowing employees to use NFC-enabled smartphones for physical access purposes in the workplace, ‘identity’ is now taking many different shapes. For example, a smartphone being used as a ‘digital key’ to open doors and tag-in to work locations eliminates the need for employees to carry any other credentials. Of course, this raises questions about how to ensure that any assigned identities can be trusted. Fortunately, the issue of managing virtualised credentials in the business environment is achievable.

Take mobile for example. This can be done by implementing a trusted identity framework that creates a secure boundary within communications between the devices, such as when a smartphone interacts with an NFC reader or NFC enabled end-point device. It acts as a secure vault, which delivers the agreed corporate security policy to the devices in use. If this is accepted, then it is deemed to be trusted and the user is allowed access. Another benefit is that NFC-enabled physical access control makes it easier to track who is entering and exiting monitored access points throughout the workplace. Employers can then be assured that all endpoints and all of the systems in between are valid before allowing entry into the building.

Data protection and management in the cloud

For organisations investing in the cloud, in order for them to unlock its true value, they need to address exactly where

Comprehensive and robust security programmes and policies are required for adequate data security Security strategies should be customised to fit an organisations unique data protection needs
Security strategies should be customised to fit an organisations unique data protection needs

sensitive data is stored and consider the user risk factor, including the way in which they wish to access the information. Though the rise of the cloud for enterprise data storage and application-hosting has changed the way IT professionals interact with their users, their networks and their data, the fundamentals of data protection remain the same.

 What many organisations fail to realise is that a one-size-fits-all approach to data protection is insufficient. Traditionally, enterprises have focused on securing the network perimeter, and relied on static passwords to authenticate users internally, within the firewall or externally via a virtual private network (VPN).  However, taking into account the diverse nature of modern threats – from Advanced Persistent Threats (APTs) to ad hoc hacking and the internal risks that come with the mass adoption of BYOD– organisations are increasingly re-evaluating and re-assessing their IT security strategy to adapt to these changing needs.  

Two-factor authentication measures have typically been confined to physical devices like one-time password (OTP) tokens and display cards, but thanks to a variety of technological advancements these are being replaced by ‘soft tokens’ that can be held directly on the user device such as a mobile phone or tablet, or alternatively as browser-based tokens. Additionally, these mobile tokens can be combined with cloud app single-sign-on capabilities, not only fulfilling the same function of more classic two-factor authentication models but also providing convenient streamlined access to multiple cloud apps – all from one device.

Merging management of logical and physical security infrastructure

Ultimately, the security landscape is constantly evolving and mobile access control, as well as remote data access to cloud based applications, is growing in significance, making the right security investment a more important decision than ever before.  It is critical for enterprises to have an extremely secure mobile and cloud identity environment so that transactions between the employee-owned phones or corporate-issued devices and the door they intend to unlock, or network they access, are conducted in a secure manner.

Merging the management of both logical and physical security infrastructures, so that their operations are conducted via one platform, is integral to keeping pace with the paradigm shift that technological advancements such as  NFC have made possible in the workplace. Furthermore, by deploying just one security device for both logical and physical access control , enterprises will not only realise cost savings, but will gain greater security control, as there will be a single point of revocation for all access rights.  Building security systems that take into account the many routes to confidential data – whether it is at the physical door, on the network or in the cloud – is essential. Only by implementing comprehensive and robust and layered security programmes and policies that cover all three areas, while allowing for new technologies and applications, will organisations be confident that their data is adequately secure.

Download PDF version Download PDF version

Author profile

Alan Davies
Alan Davies VP Sales – EMEA, HID

  • Related companies
  • HID
  • View all news from
  • HID

Related videos

Upgraded feature for Xesar - Now with smartphone as well!

Upgraded feature for Xesar - Now with smartphone as well!
Enhancing government security with proactive threat detection from Wavestore

Enhancing government security with proactive threat detection from Wavestore
Join the biggest hour for Earth

Join the biggest hour for Earth

In case you missed it

Honeywell - how disruptive technologies make security systems better
Honeywell - how disruptive technologies make security systems better

The shift from standalone systems to fully integrated solutions is one of the biggest shifts the security industry has experienced in recent years.  There is a higher demand...

Has price inflation ended (or slowed down) in the security market?
Has price inflation ended (or slowed down) in the security market?

Inflation, the rise in prices of goods and services over time, can result from a multitude of factors. It happens when there is more money chasing a limited supply of goods. It hap...

Proactive security: the future of perimeter defence
Proactive security: the future of perimeter defence

The days of being reactive are over. That’s right, we as an industry, can no longer afford to be reactive. As threats evolve, the need for proactive security is critical. W...

Security beat

Honeywell - how disruptive technologies make security systems better

Honeywell - how disruptive technologies make security systems better
View all

Round table discussions

What is the expanding role of audio in today's physical security systems?

What is the expanding role of audio in today's physical security systems?
View all

Security bytes

Getting to know Chris Bone, CTO at ASSA ABLOY Group

Getting to know Chris Bone, CTO at ASSA ABLOY Group
View all
Featured white papers
Honeywell GARD USB threat report 2024

Honeywell GARD USB threat report 2024

Download
The role of artificial intelligence to transform video imaging

The role of artificial intelligence to transform video imaging

Download
Access control system planning phase 1

Access control system planning phase 1

Download
Key Findings from the 2024 Thales Cloud Security Study

Key Findings from the 2024 Thales Cloud Security Study

Download
Facial recognition

Facial recognition

Download
Quick poll
Which feature is most important in a video surveillance system?
More expert commentary
Security by design or designed for security?

Security by design or designed for security?
The role of experienced system integrators in casino surveillance

The role of experienced system integrators in casino surveillance
Panoramic megapixel cameras boost wide area surveillance

Panoramic megapixel cameras boost wide area surveillance
Featured products
Dahua Starlight Network Panoramic Camera

Dahua Starlight Network Panoramic Camera
All new exacqVision Advantage with Illustra cameras

All new exacqVision Advantage with Illustra cameras
Anviz AI Outdoor Bullet Network Camera

Anviz AI Outdoor Bullet Network Camera