A robust ACS provides credentials based on a level of authorisation and a time period that the authorisation is valid for. With current ACS’ it is possible to set multiple cascading levels of authorisations, meaning that a Manager or Supervisor might have access to more areas than a low-level employee or a contractor/visitor. These levels are set by the Administrator of the Software configuration usually in a centralised location and then the various networked Door Controller units will communicate this information and interact accordingly with the locking device.

ACS’ should also be capable of detecting, alerting and recording unauthorised access attempts, whether that involves someone trying to gain access without the appropriate level of authorisation or a forced entry. This information will be recorded to produce a fully audited trail for future investigations and reviews. Indeed all activities will be recorded and a detailed log kept, including open doors, authorised entry and unauthorised attempts.

Modern systems also use this information to prevent passback, Anti-passback is a security system feature that is primarily used to prevent users from passing their credentials (such as access card or token) back to a second person to enter a security controlled area.

Tokens

“Tokens” refer to the identifying factor used by the system, this can be a traditional fob, an access ID card, electronic token using near field technology (NFT, such as Bluetooth), or Biometrics (such as finger print reading, retinal scanning or facial recognition). These are split into three categories, something the individual carries, has, or knows. The more robust setups require dual authentication. 

High Security Access Control Systems

High Security Access Control Systems have more functionality and can notify the operator of who is in the building and their location. They can also provide valuable data to help an organisation meet compliance requirements, and when integrated with video, identity management or visitor management, deliver a unified scalable platform that is easy to operate, mitigates risk and automates processes. Instant lock-down capabilities make it possible to change the level of security in the event of an emergency.

Each secure door will be connected to a door controller which is networked to the System to provide “live” information on access levels, this in turn will be connected to a reader. It is the reader’s job to identify the person (or vehicle) and the controller’s job to decide if access is granted. Therefore an electronic lock will also be required, this can be a solenoid or mag lock and will be controlled by the controller.

Depending on the Security Policy these doors or access points may require a read in read out setup which provides a fully audited trail of who has entered and exited that point, or they could be read in push button out, providing a one way secure access route.

Enterprise Solutions

Some Enterprise level solutions offer database partitioning. For example AMAG Symmetry produced by G4S which is one of the Centre for the Protection of National Infrastructures approved systems: 

“Building owners will find Database Partitioning allows them to save money while offering an important security amenity to tenants. A building owner can install Symmetry Access Control, and Database Partitioning allows each tenant to manage their own security. Users can add card holders, respond to alarms and run their own reports. Databases can be segregated via tenant, department or building, depending on the organization's structure. Building owners can use Database Partitioning as a profit centre and charge tenants a fee to use Symmetry.”

Summary

In summary, an Access Control System seeks to control access to an asset at an individual and time-frame level, by authorising those with the correct credentials and preventing and deterring those posing a potential threat.

To find out more about how Access Control can support your security objectives, download the full G4S Guide to selecting and deploying Access Control here.