The Quest for Electronic Access Control Best Practices

Just a reminder on the best practices philosophy. Providing best practices in sales, service and installation means just that. In sales, do you provide all the options for your prospect or just the minimal? It is your obligation as a security professional to provide both average and high security options. We know that the majority of crimes are not very sophisticated. Let the customer decide and you can document accordingly.

In service, give the customer options such as annual maintenance. In installations, make sure that your techs have the skills and knowledge to do the job professionally. Provide training, and again, document accordingly.

Electronic access control (EAC) vulnerability is always a hot topic and knowledge of such can set you apart from all the amateurs. Have you heard of Gecko? If you’re an avid reader of Tech Talk you might remember back in March 2008 that I mentioned this little electronic creature. It was a very small device that could be easily put inline with a Wiegand EAC reader. It was undetectable and came with an RFID command card set, putting the person in control anytime of that reader.

Moving forward, now Gecko has some similar dangerous modern tech cousins. The first is BLEKey, which is a sniffer key that can again read Wiegand data and playback for unauthorized access. Another is ESP RFID Tool, a sniffer that can be installed and working in less than five minutes.

Wiegand EAC reader communications have been around for a long time and have always had its security vulnerabilities. Some manufacturers have come up with encryption routines but the majority have not.

One possible EAC communications security option might be the use of a technology called Open Supervised Device Protocol (OSDP), a Security Industry Association (SIA)-approved standard. Recently a small poll of 60 EAC professionals revealed that only 10% were using OSDP technology. Up until recently, this technology was not as economical as Wiegand but that is changing. A good opportunity for providing an EAC best practices sales option.

So what is this OSDP they speak of? First, you might want to check out my August 2002 Tech Talk article, “RS-485: Old Soldiers Never Die.” OSDP basically is encrypted EAC communication using the popular RS-485 footprint. In comparison, OSDP provides reader-to-controller encryption and two-way communications while Wiegand has no encryption or two-way communications.

OSDP has multidrop wiring topology and up to a 4,000-foot distance while Wiegand has point-to-point and a maximum of 500 feet. OSDP cabling has four conductors and a variable data rate while Wiegand has five or more conductors and a fixed data rate. OSDP is obviously the winner for today’s secure EAC communications. Look for OSDP V2.2, the latest version from the SIA OSDP Working Group.

Planning an EAC system does not need to be complicated. Besides making sure you have all the prospective stakeholders and lead tech people involved, make sure to have door hardware experts since this is a physical specialty that many electronic systems techs may lack. I have seen many of dollars lost by overlooking this element.

One needs to ask a few basic questions when planning an EAC system:

WHO are the people, or groups of people, you want to provide electronic access to?

WHAT are the assigned levels of access? This is important to clearly define early on.

WHERE can the people go? Define the areas that the personnel can access.

WHEN are they allowed to access this area? This is defined per system schedules.

WHY should they have access to this area? Further operational clarification and explanation helps and confirms previous security decisions.

HOW do they have access to certain areas? This can be certain technologies that match customers’ security level needs. Different levels of security may require certain combined technology such as a card swipe, PIN, mantrap and/or biometrics.

As you can see there are many variables in planning an EAC system. Many EAC equipment manufacturers can supply worksheets to make these tasks easier and less error prone. Take advantage of this free offering.

Biometrics, such as fingerprint, retinal and hand geometry, have been popular.  Lately, companies like Innovatrics are producing what is referred to as “seamless EAC.” The company’s facial recognition is said to work even with facemasks. Just walk up and their EAC system will recognize you. Pretty cool.

Tool of the Month

I have always enjoyed reviewing products by Cypress Integration Solutions (CIS). This month, I have selected CIS’  OSDP-Wiegand Converter, OSM-1000. It is a simple solution to upgrading Wiegand systems to OSDP.

It has two operating modes, The PD (Peripheral Device) mode connects a traditional Wiegand reader to an OSDP ACU (Access Control Unit). The ACU mode allows an OSDP reader to connect to a traditional Wiegand ACU.

The post The Quest for Electronic Access Control Best Practices appeared first on Security Sales & Integration.



from News – Security Sales & Integration https://www.securitysales.com/columns/electronic-access-control-best-practices/
via IFTTT

Comments

Post a Comment

Popular posts from this blog

Total Tech Summit Puts Call Out for Top Integrators to Apply Now

Image
FRAMINGHAM, Mass. — Total Tech Summit announces that applications are now being accepted to attend this year’s event. Comprised of the  SSI Summit, CE Pro Summit and Commercial Integrator Summit, this year’s event will take place in Las Vegas at the MGM Grand Hotel and Casino, Nov. 13-15. At this all-expense-paid, exclusive event, VIP guests will have the chance to sit in on industry-defining sessions, key boardroom presentations, and be able to meet one-on-one with potential vendors. Total Tech Summit brings together the best in class to share ideas, learn from others, and most importantly, accelerating the next stage of their businesses. It is the only event of its kind that bridges channels and connections by bringing together professional security, commercial AV and residential AV integrators. Another perk of the Total Tech Summit is the VIP Peer-to-Peer groups. These group conversations take place throughout the months leading up to the event and are guided by the editors of t
Read more

Top 10 Security Stories From October 2021: China Ban Gains Steam, Vivint Countersues ADT

October saw its fair share of legal issues and acquisitions. This month, lawsuits involved home security companies, a gunshot detection provider and even a media company. Vivint Smart Home is seeking retribution for the lawsuit ADT filed against it last year that alleged Vivint salespeople go to ADT customers’ homes, get them to sign Vivint contracts and install the company’s alarm systems in their homes under false pretenses. Vivint had requested a motion to have that lawsuit dismissed, but when the judge denied the motion, Vivint launched a countersuit claiming it is in fact ADT that is deceiving and stealing its customers. Gunshot detection provider ShotSpotter filed a lawsuit against media company Vice, alleging it is profiting off of fabricated claims. Vice has been critical about ShotSpotter’s technology in a multitude of articles. Though not a lawsuit, Dahua and Hikvision continue to feel pressure from the U.S. government as it considers a new measure that would make it imp
Read more

Minnesota AG Calls for Cancellation of Home Security Contracts for Alleged Fraud

STEARNS COUNTY, Minn. — Bring Me the News reports that Minnesota’s Attorney General, Keith Ellison, says he’s gotten consumers in Stearns County out of home security contracts after they were misled by a door-to-door salesman. According to the report, Ellison’s office announced that home security companies Skyline Security Management and Safe Home Security have agreed to their cancel contracts with customers in and around Stearns County who purchased their systems from door-to-door salesman Gary Harvey. “Door-to-door salesmen and their employers are in the business of trust-building,” Ellison said in a statement. “They know they need to have your trust to sell you their products, particularly expensive products like security systems that are supposed to keep your home safe. When that trust is betrayed, it’s emotionally and financially painful. I appreciate Skyline and Safe Home taking the right step in canceling these contracts while my office does what we can under the law to hold M
Read more