Challenging Temporary Access
Solutions that withstand uninvited guests
- By Despina Stamatelos
- June 17, 2020
When it comes to safeguarding any
educational facility, restricting
access—particularly to secured
areas—is vital. Regardless of size,
every campus must be able to keep
unauthorized entities out. But managing
access is more complex than that. Increasingly,
campuses are having to provide permanent
employees with limited access to
secure facilities as well as temporary or sustained
access rights to visitors.
In the past, providing temporary access to
any part of a campus required a series of manual
steps that lacked clear oversight and traceability.
Security operators were frequently
tasked with tracking down the appropriate
department heads to get permission and then
manually changing access rights in the system.
When it came time to revoke this permission—
at the end of a contract, for example—
the process relied on memory or post-it
notes. Additionally, there was no way to
accurately track who had access to which
secure facilities and when.
The reality is that many of today’s access
control systems were not designed with this
functionality in mind. fiey are incredibly
effective at controlling access to a particular
facility. But, because they are static in nature,
they are not as efficient at managing access
rights or enforcing security policies. fiis can
present significant challenges, particularly
when dealing with an increasingly temporary
workforce.
Meeting these challenges can be made
much easier when campuses implement a
solution that focuses on Physical Identity
and Access Management (PIAM). The question is to figure out what you really need and which solution can work
best for your institution.
What Do You Really Need?
When thinking about your procedures surrounding access management,
there are some basic things to consider. First, you need to know
what, if any, additional resources are required to run your current
system. This includes the time security operators and front desk staff spend tracking down the approval and manually inputting access
rights.
Next, you need to know if your system is secure. Are you sure, for
example, that only currently authorized individuals have access to secured
areas? After all, if you’re not confident that access has been revoked in the
appropriate timeframe or if you’re not entirely aware at all times of who
has access to secured areas, can your system be working for you?
If, after taking these issues into consideration, you discover that
your access management procedures are not meeting the needs of
your campus, then it might be time to consider other options. For
many, a PIAM solution offers a better approach to managing access
for employees and visitors.
Going Beyond Simply Managing Visitor Access
From IT and equipment rooms to research labs and conference areas,
today’s campuses have a wide variety of facilities that require controlled
access. At the operational, administrative and compliance levels,
you need to know who is accessing secured areas at all times.
While visitor management options may be sufficient for some, for
an increasing number of campuses they fall short as they capture only
part of a much larger picture. In these cases, a broader, more effective
approach is a PIAM solution that manages access for anyone—including
employees and visitors—who needs to interact with secured areas
for a particular amount of time.
With a PIAM, a campus can manage physical individual access for
everyone by validating identity attributes in relation to its policies. A
PIAM ensures that only those individuals who have the right to
access a secured area can do so by managing and, in many cases,
automating the process.
What is a PIAM?
A PIAM helps manage access requests based on an individual’s identity
and an organization’s security policies. An identity-based system
recognizes that each individual is more than simply a card holder.
An identity includes all the ways an individual interacts with an
organization as well as their own particular attributes, which can
change over time. For example, an employee can have an HR profile,
computer passwords, years of experience, a department, and a workgroup.
And all of these are subject to change.
Consider a new employee. When they’re hired, HR sets up a file
and informs the IT department that they should be given access to
certain systems and facilities. As the employee advances, they may
change positions, and, as a result, their access rights may also change.
Rather than going through the process of having various departments
notify one another in order to have access privileges changed manually,
a PIAM solution can automatically update access rights as the
individual assumes new roles.
A PIAM solution uses a person’s identity as well as an organization’s
security policy in order to grant access to a particular secured
location. In this way, the solution simplifies the process of granting
and revoking temporary access to ensure that an organization’s system
and facilities are secure.
An Affordable Solution
While PIAM systems are not new, what is new is the wide variety of
organizations, including educational campuses, that can benefit from
them. The reality used to be that PIAM systems were complicated, customizable,
on-premises tools that were extremely costly and took years
to develop. This meant that only those organizations that could afford to
invest significant time and capital on in-house development had them.
But, as the market has evolved, vendors are now providing more
affordable tools, which means that PIAM solutions are becoming a
viable option for organizations of all sizes. They are no longer just for
giant, multinational conglomerates struggling with requests or managing
the flow of thousands of people through their facilities. Any organization
or campus where managing access rights for individuals is
required can benefit from the functionality offered by a PIAM solution.
This growing shift-toward PIAM solutions makes sense as the pain
points associated with managing access rights to secured facilities are
not limited to giant corporations. A wide variety of organizations
have this issue, but they just lacked the capital to develop their own
tools. Fortunately, the market is opening up to these organizations.
We’re now seeing the arrival of affordable, out-of-the-box, cloud-based
solutions that are meant for everyone.
Leave the Old Processes Behind
One of the main challenges for any organization managing access
rights using an ACS was that it frequently required direct and continued
human interaction. In addition to getting approval and updating
the system, security operators also had to manually revoke access
once the specified timeframe was up.
Further, security operators were required to keep track of any and
all updates to security policies or regulations. These policies and regulations
were often kept in folders without oversight or any guarantee
that personnel were up-to-speed. Under these conditions, it was difficult to know if an organization was complying with regulations.
By unifying a PIAM solution with their ACS, a campus can effectively
address these challenges and improve operations around access
management. Because a unified solution eliminates the need to move
between systems, it streamlines the process and reduces the amount of
time security personnel need to spend training or keeping up to date
with different ways of working.
With a PIAM, the entire system is updated directly. This helps
ensure that every access request is approved through the same process
and that any policy changes are applied across the entire campus.
If a campus deploys a self-service, cloud-based PIAM solution, then
employees and visitors can all play an active role in gaining access to facilities.
Rather than have people track down and email the person responsible for
approval rights—and hoping that they read their email within the necessary
timeframe—they simply submit a request for approval through their portal.
Then, based on existing policies, the system can grant access or can notify the
appropriate person who can update access through their own portal.
By using a PIAM solution, a campus can help facilitate the movement
of employees and visitors through its facilities. It automates both
the approval and revoking processes while staying current with security
policies. In addition, the solution provides clear traceability for
every organization wanting to track access to secured areas.
Ultimately, it allows security personnel and administrators to focus on the
core functions of their positions because they know that their system is
ensuring that only the right people have the right access at the right time.
This article originally appeared in the May June 2020 issue of Campus Security Today.