Access control systems have become a highly profitable business due to the increase in demand. These solutions are no longer seen only in large corporations; due to the growth in business mobility, companies of all sizes (small, medium and large) are requesting them in order to ensure their security and that of their employees.
For installers seeking to grow their business, without having to invest heavily or deliver training on how to use equipment, providing access control systems is undoubtedly the ideal solution when it comes to increasing their profitability.
This guide outlines all the benefits of access control systems, both for installers and for the end user, as well as the factors you need to take into account when choosing the most suitable device.
Let's start at the beginning.
What is an access control system?
The main function of access control systems, as their name suggests, is to make spaces more secure, controlling both the internal and external entry and exit points of facilities of all kinds and identifying whether users are authorised to access different areas or not.
Today, there are a wide variety of access control systems that use different technologies: cards, fingerprints, smartphones, etc. Furthermore, these will have certain characteristics depending on the number of entrances and users to be controlled, and not all of them will serve the same purpose.
These systems can be installed in companies, organisations and industries as well as in homes. In this guide, we will focus mainly on access control systems for companies.
What benefits does an access control system offer a company?
In the previous section, we saw how access control systems are used to restrict entry to certain areas of the business; not all employees need access to all areas of the business. The same applies to visitors and temporary staff.
Until the advent of modern access control systems, the only way to control access was via keys and locks. This is a highly inefficient solution since keys are easy to copy and to pass on to somebody else. We have all lent our keys to a friend at some point. Modern access control solutions, on the other hand, such as those that use biometric technology, for example, allow you to control access to a space through fingerprints. This is a totally secure method, since it is impossible to lose, pass on or copy a fingerprint. Each employee in effect becomes his or her own key, helping employers to manage security in their business.
Here are some more benefits that you, as an installer, need to be well versed in when it comes to selling access control systems to your clients:
Access to the office at any time
With modern access control systems such as NÜO's, each user can be identified by means of a high-security card, mobile ID or biometric data, and different security profiles can be set up for each person which set out how, when, and where they can access. Furthermore, access can be restricted according to schedules, shifts, dates, areas, departments, etc.
In other words, you can decide whether a person can access the company 24 hours a day at any time, or can only do so at certain times. It is a way to restrict access and prevent information theft, and a way to ensure that staff will not try to access the business at times when there is no surveillance.
Easy and intuitive operation for users
Something that is very important to take into account when it comes to installing an access control system is the method of administration. That is to say, companies must be able to carry out simple, flexible administration on a daily basis. There is a lot of highly complex and convoluted access management software on the market which requires in depth training courses and sometimes even prior technical knowledge. Administration of NÜO systems is extremely intuitive and simple; everything is done from a single application that is accessible from any device (computer, iPad or smartphone). No technical terminology is used, the menus are designed with the user in mind, and overall navigability is excellent. In fact, the systems are so intuitive that there is no need to learn anything.
User registrations and cancellations can be managed by simply clicking within the application; for example, creating user groups organised according to department or hierarchy. Whenever a new user needs to be registered, they can simply be added to a pre-existing group. Permissions can be overridden in real time, preventing access to employees who are leaving the company. No more uncontrolled access to sensitive areas of your business or products disappearing from warehouses. You can even be notified if someone tries to enter without authorisation or tries to gain access outside their assigned hours.
Simple visitor administration
Visitor access can be easily controlled, granting temporary or hourly access. In this way, access can be restricted to those areas of the office that the person needs to visit and immediately revoked once they have left.
Avoid duplicates and copying of access keys
Occasionally, employees or former employees can compromise the security of a business. With a traditional locking system (key locks, for example), it is difficult to prevent people from copying a key before returning it and giving the copy to an unauthorised third-party.
With an access control system, everything is much easier, since you do not need to change the locks each time a key is lost or there is a security breach; the user can simply be removed from the access system.
The different types of access control and how to choose the best option for your client
Keypad identification using a numeric code or PIN
There are several methods for user identification.
This consists of a numerical code programmed beforehand into the system and being memorised by the user.
This type of identification is one of the most widely used, although it is far from the most secure. The main problem lies in how little control can be exercised over access points; this type of code is easily shared, and both its method of operation and the simplicity of the system involve many vulnerabilities that can be exploited by anyone seeking to gain unauthorised access to the system. By observing users from a distance, the code can be discovered and used to gain access.
Furthermore, codes of this type are easily forgotten, and users often opt for simple codes such as "0000" that are easy to memorise, which is another risk.
Proximity identification or using card readers
This involves the user carrying a device that permits identification, such as a card or key fob.
Cards are the most widely used means of identification in business environments. It is important to clarify that the term "card" encompasses a wide range of technologies, from very low security solutions such as magnetic stripe technology to high security solutions based on radiofrequency with encrypted protocols such as the highly secure MIFARE Plus® contactless cards.
As such, it is recommended that you look closely at the limitations of each technology in different usage scenarios in order to avoid implementing control systems which have vulnerabilities that put the integrity of the system at risk. Like the PIN, cards are vulnerable to fraudulent use in the event of theft or loss, or the authorised user giving theirs to another person. MIFARE Plus® cards have no known vulnerabilities and their use is recommended.
This is, without a doubt, the most innovative and secure technology currently available. Biometric identification involves measuring a person's individual and intrinsic characteristics, such as their fingerprint (the most commonly used), iris, facial features or the vascular structure of the palm of their hand.
The fingerprint is the most secure, convenient and robust method of user identification in an access control system. Its main advantage is that it recognises the user unequivocally, since each fingerprint is unique, and it does not require external physical media that can be passed on, borrowed or stolen. This makes the system very difficult to attack by way of identity theft.
In the past, a disadvantage of these systems was that they were unable to detect a fingerprint if the user's hands were dirty or they were wearing gloves. However, we have solved this issue at NÜO, and the readers we provide can read fingerprints even in the least favourable conditions: when the user is wearing gloves, their fingers are covered in dust, grease or dirt, or their hands are wet, dry or scarred, etc. Furthermore, we have added an antibacterial solution which is ideal for preventing the transmission of viruses, especially in hospitals.
Identification using digital badges
A smartphone can also be used as a means of identification in an access control system. For example, the NÜO CARD digital badge is a highly secure option which is compatible with ANDROID and iOS devices and which uses complex AES communications encryption generated by the access control system's own readers.
This provides great protection against any attempt to access data fraudulently, since the data transmitted between the two devices (the reader and the phone) is encrypted, creating a secure communication channel.
Multi-technology readers and multi-factor identification
Multi-technology readers combine different identification data in the same reader, so that companies can choose their preferred option depending on their specific needs. In addition, if higher levels of security are required, two means of identification can be required from users looking to gain access: for example, showing the reader both their fingerprint and their card.
Different types of connection for access control
Access control systems can also be differentiated according to the type of connection required for installation, which is directly linked to the security of the system.
Stand-alone or offline systems
These are normally installed in environments where wiring is not possible or where security is not a priority. The systems are not connected to the network or to any central system, so they do not have the capacity to store data or provide information in order to manage users. They are low security systems with very limited capabilities.
Stand-alone systems usually rely on access list models that are updated periodically. This means that adding or deleting users will not take effect in real time at the entrances until the lists are updated in person via master cards or using Bluetooth connections.
Due to the laborious updating process and the lack of measures for detection and warning in case of attacks, these systems are more vulnerable to both physical attacks and identity theft; stolen IDs cannot be rejected remotely, as can be done in a wired online system.
Wired or online systems
In wired systems, the readers are connected to each other via one or more central units which store all the information related to access control. This allows the different elements of the system to share information with each other, resulting in a high level of security and "intelligence". This is because all the information is housed in the system, which makes the decisions when an ID is presented to the reader at the entrance.
Because the system is connected to the network, wired systems allow real-time control of facilities as well as constant monitoring of the status of accesses, and early detection of suspicious events (e.g., an entrance that has been opened unduly).
They are the top of the line when it comes to security, and even more so if they are based on proprietary communication protocols protected by complex encryption algorithms, as is the case with NÜO systems. This is because an open protocol will always be more vulnerable than a proprietary one.
The initial investment is higher than with offline systems due to cabling costs. However, they are more cost-effective in the long run because of their high reliability and very low maintenance requirements.
Factors to consider when choosing the best access control system for your clients
Como hemos podido comprobar, no existe un sistema de control de accesos universal que cubra las necesidades de cada cliente, por eso, se deberá elegir el sistema dependiendo de las necesidades específicas de cada instalación. Para ello, te recomendamos que te hagas las siguientes preguntas:
As we have seen, there is no universal access control system that will meet the needs of every client, so a system needs to be selected based on the specific needs of each installation. To do so, we recommend that you ask yourself the following questions:
How many entrances need to be controlled and/or managed? Look for a system that adapts to the client's needs and not the other way around.
What level of user control is required?
Do I need a system that matches the building aesthetically? A historical building is not the same as a modern one, and NÜO offers multiple options for reader customisation so that the client is always happy. Instead of a clunky unit on the outside of their business premises, they get something that adds harmony and beauty.
Do you need the access control to work outdoors as well? Has the client requested vehicle management, turnstiles, elevators, visitors, etc.?
What are the technical requirements for installation?
Are environmental concerns a priority? Sustainability is of growing concern to clients, and it adds considerable durability to security systems.
Added or hidden costs? Do not be fooled by licenses for the administration software.
Should you have any questions or require further information, feel free to contact us without any further obligation.