Contrary to popular belief, an access control system by itself rarely solves security problems. In reality, ACS provides an opportunity to solve such problems.
When you approach the choice of ACS from the point of view of a ready-made security kit that will completely cover the risks of the company, difficulties are inevitable. Moreover, complex issues will manifest themselves only after the deployment of the system.
In the first place - difficulties with connection and interface. But there are many other risks that will put the company at risk. In this article, we will consider in detail the unresolved issues of interaction with physical security systems, and also present the Ivideon solution for controlling the gate and personnel.
Problems and Risks
1. Availability and uptime
Classically, “continuous cycle” enterprises include metal producers, power plants, and chemical industries. In fact, most of today's business has already moved into a "continuous cycle" and is quite sensitive to planned and unplanned downtime.
ACS covers more users than it seems. And in traditional security systems, you need to constantly keep in touch with all users in order to prevent business downtime - through mailing lists, push notifications, “colleagues, the turnstile is not working” messages in messengers. This helps, at least, to reduce misinformation in case of problems with access control.
2. Speed of work
Traditional card-based systems eat up a surprising amount of work time. And this happens: our client's employees often forgot or simply lost their access cards. Up to 30 minutes of working time was spent on reissuing a pass.
With an average salary for a company of 100 rubles, 000 minutes of working time costs 30 rubles. 284 such incidents is a loss of 100 rubles, excluding taxes.
3. Constant updates
The problem is that the system is not perceived as something that requires constant updates. But besides security itself, there is also the question of the convenience of monitoring and reporting.
4. Unauthorized access
The ACS is vulnerable to external and internal unauthorized access. The most obvious problem in this direction is corrections in the time sheet. An employee every day is “late” for 30 minutes, then carefully corrects the logs and leaves the management in the cold.
And this is not a hypothetical scenario, but a real case from our practice of working with clients. “Lateness”, in terms of a person, brought the owner almost 15 rubles of damage per month. On the scale of a large company, a decent amount accumulates.
5. Vulnerable areas
Some employees can arbitrarily change their access rights and go everywhere at any time. Do I need to clarify that such a vulnerability carries significant risks for the company?
In general, ACS is not just a closed door or a turnstile with a sleepy guard. At the enterprise, in the office, in the warehouse, there can be many places with different levels of access. Somewhere only management should appear, somewhere a room for contractors is open, but all the others are closed, or there is a conference room for visitors with temporary access and access to other floors is closed. In all cases, an extensive system of distribution of access rights can be used.
What is wrong with classic access control systems
To begin with, let's define what a "classic checkpoint security system" is. We will consider: a turnstile or a door with an electric latch, an access card, a reader, a controller, a PC (or Raspberry or something based on Arduino), a database.
Although in the simplest case, you just have a person with the inscription "Security" sitting and entering the data of all visitors with a pen into a paper diary.
A few years ago, Ivideon had a card-based access system. Like almost everywhere in Russia. We know well the disadvantages of RFID cards / key fob:
- It is easy to lose a card - minus speed, minus working time.
- It is easy to fake a card - encryption of an access card is a laughing matter for chickens.
- We need an employee who will constantly issue and change cards, and deal with errors.
- The vulnerability is easy to hide - a duplicate employee card can be identical to the original.
Separately, it is worth mentioning access to the database - if you are not using cards, but a system based on an application for smartphones, you probably have a local server installed in your enterprise with a centralized database of accesses. Having gained access to it, it is easy to block some employees and give unauthorized access to others, lock or open doors, arrange a DOS attack.
This is not to say that problems are simply turned a blind eye. The popularity of such solutions is easy to explain - it's simple and cheap. But simple and cheap are not always “good”. They tried to partially solve the problems with the help of biometrics - a fingerprint scanner replaced smart cards. Definitely worth more, but no less cons.
The scanner does not always work perfectly, and people, alas, are not attentive enough. It is easy to splatter with dirt and grease. As a result, the system reporting officer comes twice or comes and does not leave. Or the finger will be applied to the scanner twice in a row, and the system will “eat” the error.
With cards, by the way, it’s not better - it’s not such a rarity when a manager has to manually adjust the staff’s working hours due to a failed reader.
Another option is based on a smartphone application. The advantage of mobile access is that smartphones are less likely to be lost, broken and forgotten at home. The application helps to set up real-time office attendance monitoring for any work schedule. But it is not protected from the problems of hacking, forgery and falsification.
The smartphone does not solve the problem when one user marks the arrival and departure of another. This is a serious problem and hundreds of millions of dollars worth of damage to companies.
Сбор данных
When choosing an access control system, companies often pay attention only to basic functions, but over time, it becomes clear that much more data is required from the systems. It is extremely convenient to aggregate data from the checkpoint - how many people came to the company, who is present in the office right now, on which floor is a particular employee located?
If you go beyond the classic turnstiles, the scenarios for using ACS will surprise you with a variety. For example, a security system can control the customers of an anti-cafe where they pay only for time, participate in the process of issuing guest passes.
In a coworking space or anti-cafe, a modern ACS can automatically keep track of man-hours and manage access to the kitchen, meeting rooms and VIP rooms. (And instead, you often see passes made of cardboard with bar codes.)
Another function that is in vain remembered last is the differentiation of access rights. If we hired or fired an employee, we need to change his rights in the system. The problem becomes much more complicated when you have several regional branches.
I would like to manage the rights remotely, and not through the operator at the checkpoint. And if you have many rooms with different levels of clearance? You can’t put a guard at every door (at least because he also sometimes needs to leave his workplace).
Help with all of the above ACS, which controls only the entrance / exit, cannot.
When we, at Ivideon, collected these problems and requirements of the ACS market, an exciting discovery awaited us: such systems, of course, exist. But their cost is measured in tens and hundreds of thousands of rubles.
ACS as a cloud service
Imagine that you no longer need to think about the choice of hardware. The questions of where it will stand, and who will serve it, when choosing a cloud, disappear by themselves. And imagine that the price of ACS has become affordable for any business.
Clients approached us with a clear task - we need cameras for control. But we pushed the boundaries of conventional cloud video surveillance and created to monitor the time of arrival and departure with push notifications to the manager.
In addition, we connected cameras to the door controllers and completely eliminated the problems with passes for the management. There is a solution that can:
- Hit in the face - do not need cards and guards at the entrance
- Take into account working hours - with the collection of data on the entry and exit of the employee
- Send notifications when all or specific employees show up
- Upload data on hours worked for all employees
Ivideon ACS allows you to organize contactless access to the premises using technology. All that is required is (a full list of supported cameras is available upon request) connected to the Ivideon service with the Faces tariff.
The camera has an alarm output for connecting to door lock or turnstile controllers - after recognition of an employee, the door will open automatically.
You can control the work of checkpoints, issue access rights, and receive security updates online. There is no vulnerable local database. There is no application through which they get admin rights.
Ivideon ACS automatically sends information to managers. There is a visual report "Working hours" and a clear list of employee detections at the workplace.
One of our clients provided employees with access to reports (example in the screenshot above) - this allowed us to objectively control data on the time spent inside the office and simplified our own calculation of hours worked.
The system is easy to scale from a small company to a large enterprise - it doesn't matter how many cameras you connect. All this works with minimal participation of the employees themselves.
There is additional video confirmation - you can see who exactly used the "pass". Vulnerabilities "given/forgotten/lost card" and "urgently need to bring 10 guests to the office, give me a card with multi-access" in the case of face recognition disappear completely.
Duplicate faces are not possible. (Or write in the comments how you see it.) The face is a contactless way to open access to the premises, which is important in difficult epidemiological conditions.
Reports are constantly updated - there is more valuable information.
We summarize the main technical capabilities of our face recognition system, which works both within the ACS and for :
- The total database of faces can accommodate up to 100 people
- 10 faces in the frame are analyzed simultaneously
- Event database storage time (detection archive) 3 months
- Recognition time: 2 seconds
- Number of cameras: unlimited
At the same time, glasses, a beard, and hats do not greatly affect the performance of the system. And in the latest update, we even added a mask detector.
To connect contactless opening of doors and turnstiles using face recognition technology, on our website. Through the form on the application page, you can leave your contacts and get a full consultation on the product.
Source: habr.com