Page 68 - Security Today, May/June 2020
P. 68

tion is to figure out what you really need and which solution can work best for your institution.
What Do You Really Need?
When thinking about your procedures surrounding access manage- ment, there are some basic things to consider. First, you need to know what, if any, additional resources are required to run your current system. This includes the time security operators and front desk staff spend tracking down the approval and manually inputting access rights.
Next, you need to know if your system is secure. Are you sure, for example, that only currently authorized individuals have access to secured areas? After all, if you’re not confident that access has been revoked in the appropriate timeframe or if you’re not entirely aware at all times of who has access to secured areas, can your system be working for you?
If, after taking these issues into consideration, you discover that your access management procedures are not meeting the needs of your campus, then it might be time to consider other options. For many, a PIAM solution offers a better approach to managing access for employees and visitors.
Going Beyond Simply Managing Visitor Access
From IT and equipment rooms to research labs and conference areas, today’s campuses have a wide variety of facilities that require con- trolled access. At the operational, administrative and compliance lev- els, you need to know who is accessing secured areas at all times.
While visitor management options may be sufficient for some, for an increasing number of campuses they fall short as they capture only part of a much larger picture. In these cases, a broader, more effective approach is a PIAM solution that manages access for anyone—includ- ing employees and visitors—who needs to interact with secured areas for a particular amount of time.
With a PIAM, a campus can manage physical individual access for everyone by validating identity attributes in relation to its policies. A PIAM ensures that only those individuals who have the right to access a secured area can do so by managing and, in many cases, automating the process.
What is a PIAM?
A PIAM helps manage access requests based on an individual’s iden- tity and an organization’s security policies. An identity-based system recognizes that each individual is more than simply a card holder.
An identity includes all the ways an individual interacts with an organization as well as their own particular attributes, which can change over time. For example, an employee can have an HR profile, computer passwords, years of experience, a department, and a work- group. And all of these are subject to change.
Consider a new employee. When they’re hired, HR sets up a file and informs the IT department that they should be given access to certain systems and facilities. As the employee advances, they may change positions, and, as a result, their access rights may also change. Rather than going through the process of having various departments notify one another in order to have access privileges changed manu- ally, a PIAM solution can automatically update access rights as the individual assumes new roles.
A PIAM solution uses a person’s identity as well as an organiza- tion’s security policy in order to grant access to a particular secured location. In this way, the solution simplifies the process of granting and revoking temporary access to ensure that an organization’s sys- tem and facilities are secure.
An Affordable Solution
While PIAM systems are not new, what is new is the wide variety of organizations, including educational campuses, that can benefit from them. The reality used to be that PIAM systems were complicated, cus- tomizable, on-premises tools that were extremely costly and took years to develop. This meant that only those organizations that could afford to invest significant time and capital on in-house development had them.
But, as the market has evolved, vendors are now providing more affordable tools, which means that PIAM solutions are becoming a viable option for organizations of all sizes. They are no longer just for giant, multinational conglomerates struggling with requests or manag- ing the flow of thousands of people through their facilities. Any orga- nization or campus where managing access rights for individuals is required can benefit from the functionality offered by a PIAM solution.
This growing shift toward PIAM solutions makes sense as the pain points associated with managing access rights to secured facilities are not limited to giant corporations. A wide variety of organizations have this issue, but they just lacked the capital to develop their own tools. Fortunately, the market is opening up to these organizations. We’re now seeing the arrival of affordable, out-of-the-box, cloud- based solutions that are meant for everyone.
Leave the Old Processes Behind
One of the main challenges for any organization managing access rights using an ACS was that it frequently required direct and contin- ued human interaction. In addition to getting approval and updating the system, security operators also had to manually revoke access once the specified timeframe was up.
Further, security operators were required to keep track of any and all updates to security policies or regulations. These policies and reg- ulations were often kept in folders without oversight or any guarantee that personnel were up-to-speed. Under these conditions, it was dif- ficult to know if an organization was complying with regulations.
By unifying a PIAM solution with their ACS, a campus can effec- tively address these challenges and improve operations around access management. Because a unified solution eliminates the need to move between systems, it streamlines the process and reduces the amount of time security personnel need to spend training or keeping up to date with different ways of working.
With a PIAM, the entire system is updated directly. This helps ensure that every access request is approved through the same pro- cess and that any policy changes are applied across the entire campus.
If a campus deploys a self-service, cloud-based PIAM solution, then employees and visitors can all play an active role in gaining access to facilities. Rather than have people track down and email the person responsible for approval rights—and hoping that they read their email within the necessary timeframe—they simply submit a request for approval through their portal. Then, based on existing policies, the system can grant access or can notify the appropriate person who can update access through their own portal.
By using a PIAM solution, a campus can help facilitate the move- ment of employees and visitors through its facilities. It automates both the approval and revoking processes while staying current with secu- rity policies. In addition, the solution provides clear traceability for every organization wanting to track access to secured areas.
Ultimately, it allows security personnel and administrators to focus on the core functions of their positions because they know that their system is ensuring that only the right people have the right access at the right time.
Despina Stamatelos is a product marketing manager at Genetec Security Center Synergis.
Trusted Identity
24 campuslifesecurity.com | MAY/JUNE 2020


































































































   66   67   68   69   70