Issue link: https://securitytechnologyexecutive.epubxp.com/i/229956
ACCESS CONTROL By John Fenske Embracing and leading change in the access control infrastructure The rapid pace of technology advancement forces organizations to become forward thinkers O rganizations often avoid or delay change due to concerns about budget and the impact on productivity and workflow. This can be especially dangerous, however, in the access-control infrastructure, where a combination of technology obsolescence and escalating security threats can quickly cripple an organization's ability to protect its people, facilities and data assets. It is far more effective to be proactive, rather than reactive, about change. This requires building an infrastructure that presumes and prepares for ongoing change to support evolving accesscontrol needs, and enables the organization to preserve investments in its current infrastructure as it moves to new technologies and capabilities. There are many reasons to embark on this path, including upgrading inadequate security and enhancing investment value and user convenience with a platform that supports multiple applications on smartcards or, in the future, Near Field Communications (NFC)-enabled mobile phones. The ability to embrace the positive aspects of change requires an access-control platform that can meet today's requirements with the highest levels of security, convenience and interoperability while enabling organizations to adopt future capabilities without disrupting ongoing business operations. Legacy security solutions can't deliver this future, because they often use proprietary technology that is static. This makes them easy targets for attack and precludes their evolution beyond current abilities and security levels. Interoperability and leveraging standards Building an architecture that supports change requires careful attention to the "connections" 34 SECURITY TECHNOLOGY EXECUTIVE • November/December 2013 between the architecture's components. As components evolve — i.e. adding new equipment and systems, revisions and upgrades to existing systems — it can be a challenge to ensure that the components continue to function and deliver the expected security functionality that was originally intended. The evolution of standards within the security industry is a direct result of this challenge, and organizations such as the SIA, The Smart Card Alliance, PSIA and ONVIF are leveraging the industry's expertise to address these challenges. A prime example of these efforts is the Open Supervised Device Protocol (OSDP) and associated Secure Channel Protocol (SCP) for reader communications that have been standardized by the Security Industry Association (SIA). These protocols provide bidirectional, multidropped communication over an RS485 link, extending security from the card reader to the access controller. OSDP enables users to re-configure, poll and query readers from a central system, reducing costs and improving reader servicing. Benefits of High-Frequency Contactless Smart Cards In contrast with legacy solutions, the latest high-frequency contactless smart-card solutions are built for interoperability, as part of a larger identity ecosystem that is significantly more dynamic. These solutions also ensure that security is independent of hardware and media, making it much easier for organizations to evolve their infrastructure to support tomorrow's needs. Today's solutions also enable smart cards to be portable to smartphones so that organizations will have the option to use smart cards, mobile www.SecurityInfoWatch.com