Enhance Entry and Access Management Across Security Zones

According to recent research by ASIS International, 92% of organizations state they’ve experienced access control failures in the past six months, with 61% noting prevalent problems with tailgating or piggybacking. To tighten such gaps and create a secure and efficient physical environment, organizations should implement a fully integrated, scalable approach to entry management and access control across their sites.

It starts with a thoughtful segmentation of an organization’s property into zones, based on the function of different physical spaces and the sensitivity of information and assets contained within them. While the nature of these zones will vary industry to industry and property to property, a basic segmentation approach could resemble the following:

• Public Zones: These zones are often entryways at the perimeter of a property, including but not limited to front doors, side or delivery doors, parking garage gates, vehicle gates at loading docks and more. 

• Semi-Public Zones: These zones are often internal spaces shared by a broad swath of teams or individuals, including meeting rooms, stairwells, lounges, or lobbies. 

• Restricted Zones: These zones are often internal spaces restricted to a specific set of teams or personnel, including spaces like private offices or storage rooms. 

• Highly Restricted Zones: These zones typically contain an organization’s most valuable assets or intellectual property, including safes, labs, and in many cases, server rooms.

As organizations consider the best strategies to secure their perimeters and interior areas, they should keep the following tips and considerations in mind. 

Public Zones

Public zones or entryways are trafficked by diverse populations, ranging from staff and employees to guests and vendors. Organizations need to effectively manage this traffic and balance convenient access for authorized parties, like employees, with secure and informed entry for visitors. 

To reduce bottlenecks and promote quick access, organizations should empower authorized parties to enter their property using a variety of credentials. If an employee, for example, forgets their badge, they should have the option to enter using a mobile app. Conversely, if an employee’s phone is dead or malfunctioning, they should be able to enter using a badge or fob. And in the context of parking garages, employees should also be able to gain automatic access via license plate recognition for the easiest entry experience. 

On the visitor entry side, visual context is essential for receptionists and other staff to make quick and informed entry decisions. Organizations who can easily unite multiple vantage points of their entryway, from eye-level intercom cameras to neighboring context cameras, will be best-poised to know exactly who they are letting in. Additionally, in scenarios where organizations have a specific set of individuals, like disgruntled former employees, that they need to bar from entering their property, surfacing in-call person of interest notifications can help receptionists importantly identify and deny these unwanted visitors. 

Once visitors enter the property, receptionists should be able to screen visitors against additional sources if needed, relying on automated checks to balance security with a quick and easy guest experience. For example, to protect minors from harm, organizations should be able to take a visitor’s ID card and automatically check the ID details against sex offender registries and criminal databases. First-time visitors need only go through such a screen once: for a faster re-entry experience on repeat visits, organizations should tap into facial recognition capabilities that can compare a live facial scan of a visitor to a photo from their last visit. Lastly, when receptionists need to restrict entry to pre-approved parties only, organizations should use a visitor management system that enables them to automatically compare visitor details against an authorized list to determine if they can enter. 

Semi-Public Zones

Semi-public zones are accessed by a more limited set of groups than the overall property. In these contexts, organizations should have the ability to assign individuals to user groups with specific access permissions based on factors like role or time of day. For instance, certain meeting rooms may be restricted to specific divisions, while on-site gyms might be available to employees during work and early evening hours and to maintenance staff at other times. Organizations should be able to flexibly define these groups and easily make adjustments as needed. Ideally, the use of SCIM integrations will further boost assurance that the underlying set of users in these groups (e.g. employees) is up-to-date and accurate. 

Additionally, for visitors, color-coding badges by visitor type will make it easier for staff and employees to quickly recognize if visitors are entering into unauthorized areas of their property. 

Restricted Zones

Restricted zones, like private offices or storage rooms, are typically only accessed by specific individuals or groups. To boost assurance that only authorized individuals access these zones, organizations can implement multi-factor authentication, such as pairing physical credentials with a required PIN code.Pairing access-controlled doors with cameras will also allow security teams to more closely monitor these important areas. 

Highly Restricted Zones

Highly restricted zones contain an organization’s most valuable physical assets or intellectual property, requiring the tightest access control as a result. In addition to measures like multi-factor authentication and video security, organizations should track and be alerted to specific types of unwanted activity. Examples include instances where a door is being held or forced open, individuals are tailgating or piggybacking into zones, deactivated or lost credentials are used, or valid credentials are being passed back and used more than once to enter a space. To ensure swift action can be taken in such events, organizations need to granularly configure notification processes, defining which people receive alerts, and how and when they receive alerts. As with intercom call receiving, organizations should be able to regularly adjust these processes based on the business needs or conditions of the day. 

How to Choose the Best Entryway Systems

Once organizations have defined their zones and considered key capabilities for effectively managing them, they should carefully select the right systems that will help them execute their strategies at scale. Key considerations include the abilities to:

• Easily unify video security, access control, intercom, and visitor management systems for secure and cohesive entry and access management 

• Centrally manage deployments across sites while having flexibility to locally tailor and granularly define roles and permissions

• Access a comprehensive log of all access and entry events across sites for auditing and compliance purposes

To learn more about how organizations across sectors are up-leveling their entry and access experiences, check out this blog.