How can biometrics secure a return on investment?

How can biometrics secure a return on investment?

Introduction

 

Businesses are often looking to replace outdated management or access control systems and biometric systems are evaluated as possible options. Unfortunately the cost of biometrics often used as an excuse to rather avoid them and focus on cheaper solutions. We would like to use this blog to assist in giving an alternative viewpoint and to show that spending the money on proved and reliable solutions can actually lead to major financial savings and an incredible Return on Investment (ROI). These are just a few ways that we believe that biometrics are going to save a business money.

 

1.Eliminating manual systems

 

According to the people who work in the industry, one of the most effective return on investments comes when using biometrics for time management purposes. In many instances recording of time for compliance purposes is a manual system with a punched card or a signature in a book with the time manually recorded. Manual systems are bound to come with faults, human errors or even intentional fraud.

 

These manual clockings then lead to another person capturing the data in another system which can compound the errors which can lead to payroll issues. Issues with payroll can cause all sorts of problems, from simple arguments to productivity decreases to even labour strikes, so should be avoided if at all possible as they can cost a company dearly.

 

2.Ensuring identity

 

When looking at time management even the use of proximity cards or using PIN codes is not much better than the manual systems. So-called ‘Buddy punching’ is a big problem where a person can be recorded as being present by a friend where they are actually not there by simply carrying their card as a favour for them.

 

This can also be a serious problem with safety compliance systems where an untrained person can get access to a site that requires training or induction in order for all people on site to understand safety procedures. Beyond the possible damage of expensive equipment this could also lead to legislative processes or fines from injured employees when operating in unauthorized, dangerous mechanical equipment. A single fine or court case that can be avoided by spending a little extra on biometrics is an immediate cost saving –this is one of those financial gains that can be easily missed.

 

Warehousing and logistics operations require serious security in this day and age as a person who can get access to a high-value storage locker can steal millions in equipment by simply stealing another person’s access card. This is not always a simple greedy person scenario anymore and rather syndicates are popping up to exploit people, processes and companies in this way. The blame then rests on the incorrect person and it can be difficult to even impossible to ever track the culprit.

 

Installation of a biometrics system can cut down on these losses and also might provide discounts on insurance policies that a company must take out against loss.

 

3.Can’t be lost or stolen

 

Keys are still widely used as an access control strategy, however there is no way of tracing a lost key or checking who is using the key. The primary strategy for a lost key is to make a duplicate from a stored master key – however the lost or stolen key cannot be ‘deactivated’! Every time the key is duplicated the security is further decreased. A different strategy would be to replace the lock – this would lead to large costs over the short term and is highly ineffective. With a little training and the correct equipment most locks can be picked or damaged so they no longer work – A person would be able to make a so-called ‘bump’ key like locksmiths have at home using a metal file or even a 3D printer!

 

Access cards or PIN codes are a significant upgrade on keys and are therefore often used on inner security areas or ‘safer’ areas. They are an upgrade however they require active support to maintain the security level – a lost card must be immediately reported and cancelled on the system. A PIN code should be regularly changed in case they are observed by unauthorized people.

 

A simple thing like the time spent looking for or making copies of lost keys, changing PIN codes, enabling, disabling or assigning temporary access cards can be measured in terms of lost productivity and therefore money. There are other loss scenarios that are far more damaging to companies like loss of valuable goods or Intellectual property or sabotage can occur using stolen keys.

 

With biometrics the problem of losing or having keys or cards stolen fall away – a properly chosen biometric is something that a person will always have with them and will positively identify the person each time.

Summary

 

When looking at biometrics as an investment it is very tempting to look purely at the cost of the units and decide that they are too expensive to be used which might cause a decision maker to look into cheaper or less secure options. Hopefully we have provided a few ways that decision makers could evaluate the net Return on Investment rather than the initial cost of biometrics and see different ways that the company can be saving money by putting in biometric devices over other mechanisms regardless of the initial cash outlay!

The Importance of access control

The Importance of access control

In a society dominated by crime, at home or at business, it has never been more important to implement measures to secure the safety of valuable belongings and loved ones. It can be argued that the simple lock and key is no longer equipped to provide this vital security. Access control is an updated and effective method of ensuring that access to a business system, certain areas of a premises or physical and virtual resources are restricted, either by an authority or a business.

There are two different types of access control: physical control, which restricts access to physical things such as buildings, campuses and rooms, and logistical access, which limits access to connections such as computer connections, data and system files. There are also different types of control practices, the most secure of which entails a two-factor authentication. Firstly, credentials must be presented by the person requiring access. Thereafter, his/her identity must be corroborated. It can be done by way of an access code, a PIN or biometric reading through a biometric reader.

 

Understanding the importance of access control can be extended to the following reasons:

 

1. Intrusion Detection and Prevention

 

In big companies and buildings, intruders sometimes go unnoticed rather easily, especially because they can appear in all sorts of forms: staff or visitors. It is for this reason that access control systems can come to be such an advantage to companies – it doesn’t only detect intrusion, it has the ability to prevent it and track movement in a building by monitoring who has access to that building.

 

2. Control who has access to your building

 

Access control systems can be customised to each individual’s specific needs. After optimised as such, it is possible to control who uses what doors within a business, what time of the day or which day of the week the doors are used. Customising external and internal doors as such ensures that employees or visitors are only accessing doors, rooms and areas which they require and gives a business considerable regulation over the foot flow within the building. It also works well to monitor whether employees are actually present at work at all.

 

3. Industrial and equipment safety

 

Whether at home or at a business, everyone has valuable equipment and belongings that need to be kept safely. Having access control in place can ensure exactly that, as it limits who has access to those belongings, and restricts access to certain areas of a business or residence where valuables are stored.
To companies that work with hazardous equipment, access control is crucial, since industrial accidents should be avoided at all cost. A system is required which effectively ensures that unwanted and unauthorised personnel do not have access to the premises.

 

4. Deterrence of Criminal Activity and Protection from theft

 

As a company or building owner, one is faced with the continuous struggle concerning crime. This includes vandalism, theft, burglary, and even arson – all which can be averted using the proper precautionary methods. With an access control system, it is possible to monitor who has access to a business and which areas they have access to.. Such a system can also effectively detect and prevent criminal activity. CCTV cameras can be installed, any high risk or stock areas can be restricted to authorised personnel only using the two-factor authentication control system.

 

5. Protection of staff

 

With the knowledge and control of who has access to a building, when and exactly where, employers are able to increase the safety of their employees. Providing a safe working environment is vital to the continued success of any company.

 

6. Electronic Visitor, History Logging And Muster Reports

 

With access control systems in place, it is possible to log and record every time access is granted to a property. These reports can accurately detail time and place of access for reviewing purposes if necessary or required at a later stage. For security purposes, it provides the owner of the premises with peace of mind, and the company owner has an audit trail that can be accessed electronically at any time.

 

7. The elimination of key problems

 

Securing a premises with the straight forward lock and key is well, simple and sometimes even very effective. But what happens when keys are lost or the company is running on a large scale operation? The prospective cost of replacing locks or having to cut new keys can come to be rather costly. Keys can also be risky as they have the potential to be copied. None of these issues or inconveniences come to light with an access control system. It is not only modern and state of the art, but it is also considered to be the most successful, efficient and practicable security methods.

 

8. Reduce Energy Bills And Protect The Environment

 

Access control systems don’t only allow you to protect your building, your valuables and your staff, but also your environment through the reduction of energy used in companies. As it is always aware of the areas being occupied, it is able to automatically turn off unused and therefore unnecessary lightning, thereby decreasing heat and electricity bills, saving companies a lot of money.

 

For securing a premises, giving staff access to certain areas thereof or merely giving employees access to the building between nine and five, access control systems can do it all. It is an updated, effective and easy way of providing the best security for loved ones and precious assets. Why risk it when it can be prevented?

The advantages of OSDP

The advantages of OSDP

The Open Supervised Device Protocol (OSDP) is a communication standard and device-to-controller protocol.

Apart from the quality interoperability that OSDP provides, OSPD has superseded the Wiegand technology and standard. Although Wiegand has served companies well in the past, it is no longer able to provide as effectively for those companies that require highly operable, secure access control systems.Moreover, OSDP has proved to have quality, highly regarded advantages that put OSDP above Wiegand.

 

1.OSDP prevents vendor lock-in

Previously, manufacturers would determine the identification device suitable for their system, confining the company to single vendor. Interoperability amid different security devices offers the advantage of not being confined to a single vendor effectively breaking this restraint. Companies are now able to choose any OSDP-compatible device along with an access control system that supports OSDP and can be assured that the system will work properly.

 

2.OSDP is easier to install

The primary function of this protocol standard is to allow security equipment like biometric, proximity or barcode readers designed by one manufacturer to be connected with the control panels and equipment from another manufacturer with relative ease.

OSDP also provides easier installation as the identification device typically transmits information to the access control system using RS-485 through a single cable pair. This provides the option for a single controller to connect to multiple devices from various manufacturers on a single pair cable!

When compared to Wiegand, which would require anything from 4 cores to as much as 6 cores on a one-to-one basis and only over short distances, this is a lot more effective for installation!

 

3.There is greater functionality in OSDP

Before OSDP, red and green LED lights were commonly used by the access control readers to indicate access allowed or denied. The problem, however, came about in that the cardholder was not aware why they were denied entry. OSDP provides functions where audible and visual feedback can be displayed. If capable, the device can therefore display text, flash different coloured lights, or provide different audible beep sequences as feedback to the cardholder to portray a better picture of what is happening. Functionality can now be enhanced by using OSDP to prompt the cardholder to enter a PIN or fingerprint for biometric verification.

 

4.OSDP has proactive monitoring and management

OSDP allows the system to proactively monitor and manage the status of devices and reports errors, like circuit tampering or devices that are disconnected. This allows the system to take control before a problem has the opportunity to become a serious situation. This feedback system helps security teams to diagnose errors quicker which translates into lower costs for the security company.

 

5.OSDP has increased security

In contrast to the Wiegand security systems, OSDP offers an immensely vigorous communication security that meticulously transmits data using a cyclic redundancy check which ensures that the data sent or received is accurate. When paired with the AES 128 Bit (FIPS 197 Standard) encryption algorithm the data is known to be accurate, secure and untampered with, thereby ensuring a secure channel between itself and the device to protect its data and prevent other data from being transmitted. OSDP therefore serves security systems better as it heightens security and interoperability and enhances functionality.

 

Wiegand was the foundation and the prototype of traditional secure access systems in the 1980s and it was good. So was the typewriter!

The fact of the matter is that security needs are ever advancing and so is the technology that complements it. OSDP is an excellent choice for companies that require highly operable, secure access control systems. Moreover, it has an abundance of advantages that help security, access control systems and companies move forward.

Saflec Systems is ensuring that all of our latest hardware, software and 3rd party integration supports OSDP and encryption technologies all the way from the database to the identification device. They have also just released a convertor board that allows even old technology Wiegand devices to be converted into OSDP.

Saflec Systems and their flagship SACS product is well positioned to be one of the most secure access control system providers on the market!

Time to finally break away from the Wiegand format?

Time to finally break away from the Wiegand format?

Time to finally break away from the Wiegand format?

By Barend Keyser

The Wiegand interface, which rose to popularity in the 1980s, has long been accepted by the access control industry as the de facto wiring standard for interfacing between access controllers and various card or biometric readers.

As usual, the longer a technology is around, the more methods of exploiting its flaws will be found. Wiegand devices by their very nature tend to be unsupervised devices which can mean that they are the perfect attack targets for entry into secure areas – be it parliamentary buildings, airports, schools or other highly sensitive points.

The devices that are used for identifying the person attempting to attain access vary from extremely advanced (and expensive) retina, fingerprint or facial scanners through to proximity cards wielding the latest in secure storage and encrypted communication protocols. This information is then sent across insecure wires to a controller that also communicates using the latest in security.

Micro sensors that are put in place to ensure that the devices are not tampered with are ironically often disabled to make for easier servicing, do not have any method of feeding the alarm state back to a security centre, or only disable the device itself when active.

A Google search for the term ‘Hacking Wiegand Protocol’ will reveal many attacks that can be used against access control systems that employ this wiring system, including man-in-the-middle attacks whereby the CEO’s access control identification can be captured and replayed at a later point – this using a bottom-of-the-line and cheapest microcontroller with some fairly simple firmware.

There are various other issues that present themselves; including wiring length, number of wiring cores required to service the full interface, lack of encryption, overlap of card numbers and mostly unidirectional capabilities.

The access controllers or devices that use this wiring standard are not to blame for the on-going use and proliferation of this protocol as it has been used in the industry for so long that it has become ‘part of the furniture’ and accepted as the most common method for interconnectivity.

Tackling all of these challenges and allowing different devices and systems to communicate with each other seamlessly is a fairly complex task which has been taken on by the Security Industry Association (SIA). The protocol that has emerged is called OSDP (Open Supervised Device Protocol).

OSDP has been developed to communicate over two data lines and one earth line which makes it the perfect fit for RS-485 multi-drop communications, however it can also be extended to communicate over TCP/IP. Encryption has been built into the protocol, along with checksums for ensuring data integrity and monitoring capabilities to be able to tell when a device is damaged, offline or being tampered with.

As the access control industry starts to implement this protocol and the standard becomes more accepted there will be more and more devices that support OSDP and less that will implement Wiegand.

As a company, Saflec Systems has decided to start the migration process and has partnered with a number of companies, including Virdi (a popular biometrics provider) and HID to ensure that its solution is on the forefront of this OSDP revolution.

The new SDC-6xx controller range will support the OSDP protocol, and the new display reader soon to be released will also incorporate the protocol.

As the popular idiom goes – “a chain is only as strong as its weakest link”. It’s time to stop relying on this particular link.

Saflec Systems at the HID Partner Solutions Seminar

Saflec Systems at the HID Partner Solutions Seminar

Allen Coetzee and Barend Keyser from Saflec Systems attended the recent HID Partner Solutions Seminar that took place at the Hyatt Hotel and Conference Centre in Rosebank on 4 July 2017.

Go Mobile with Confidence – HID Mobile Access

Convenient, smart and secure.

Imagine a world where access fits in the palm of your hand.

HID Mobile Access can be found in a variety of products offering mobile connectivity. The same device you use to open gates and doors, can allow you to log onto the network, open electronic locks and securely release documents from your printer. You can also use this same device for time and attendance, to get a snack from the vending machine or access the electronic vehicle charging station. HID Mobile Access is connecting the environment like never before.

IT security and facility management can now move toward consolidated access programs. The efficiency and potential cost savings gained through centralised access management is becoming more attractive to organisations as they are asked to do more with less. HID Mobile Access is leading the way with mobile solutions that support the needs of today’s organization in a mobile first world.

Saflec Systems at the HID Partner Solutions Seminar
From left to right: Robbie Truter, Regional Sales Manager HID Global, PACS, Jaroslav Barton, Security Solutions HID Global, Allen Coetzee, Saflec Systems Sales Executive, Barend Keyser, Senior Sales Manager.