Page 64 - Security Today, January/February 2021
P. 64

"Not every employee needs unfettered access to every environment in an organization at all times."
The global economy is changing. Organizations are acquiring new spaces as they expand to cover new territory. Where once the average- sized company might be housed in a single building, today they can operate campuses all over the world. Whether it’s a corporate campus with multiple facilities in a single location or a global operation with offices on every continent, organizations are facing new challenges on a much larger scale.
One growing challenge is access manage- ment, particularly concerning visitors. Many organizations have an access control system (ACS) that helps protect environ- ments by securing access through doors. But access control is static in nature and can’t always provide operators with clear policies to follow. Even if the ACS could, there is no guarantee that the policies would be up to date. This is because compliance needs and external regulations change and new processes get added over time. All of which can slow things down or, worse, introduce security gaps.
What can a growing or distributed orga- nization do? First, they can unify their access control system to allow for central- ized monitoring. This will enable employees to move easily and securely between envi- ronments and locations. Next, they can add a Physical Identity and Access Management (PIAM) system to simplify and improve the process of granting access.
A PIAM solution grants access to build- ings and facilities based on attributes assigned to a person by an organization. These attributes, which can include depart- ment, location, seniority, and training, are used in relation to an organization’s own security policies to define someone’s access rights. As an individual’s attributes change, like when they receive more training or are assigned to a new department, their access rights also change automatically according to these policies.
By Despina Stamatelos
Improving Security
How PIAM systems help turn the security tide for distributed buildings and facilities
Visitor Management
Managing Access Rights for Employees
Not every employee needs unfettered access to every environment in an organization at all times. Whether it is an equipment room with expensive machinery or a server room with sensitive data, access to some spaces must be restricted. However, these restric- tions do not have to be set in stone. Things can change. An employee might need tem- porary access for maintenance purposes or might need to access new areas as a result of a promotion.
In the past, the process for granting an employee temporary access to restricted areas was time consuming and led to gaps in security. First, the employee or their supervisor had to determine who to ask. Next, they had to send an email and hope for a timely response. The person responsi- ble then had to grant the access and remem- ber to revoke it once the requested period was over. All too often, this involved an Excel spreadsheet or Post-it Notes.
With a PIAM, the process is streamlined and simplified. The employee requests access to a specific area, and then, based on their attributes, the system either grants, denies, or forwards the request to the area owner. Once approved, the individual will have access for a specific amount of time. The employee’s credentials will be automat- ically updated to both allow and revoke access for the approved period.
The Challenges around Visitor Management
But what about visitors, contractors, and temporary employees? How can an organi- zation distributed across multiple buildings or around the world manage access rights for these individuals? Here again, a PIAM solution can help by centrally managing rights for everyone who interacts with an organization.
For many, working with a manual system to handle visitor access can cause inefficien- cies, errors, and security gaps. Generally speaking, when using a manual system, the
appearance of a visitor requires front desk staff to suddenly stop what they’re doing and manage the arrival. The process is com- pounded if an entire group shows up at once or if more than one person arrives at the same time.
Regardless of how many people arrive, the front desk staff needs to input information and issue credentials. Then they have to quickly notify the host within the organiza- tion to ensure that visitors are not kept wait- ing, as this can have a negative impact. Also, security problems can arise around verifying visitor identities and tracking how long visi- tors are in buildings and where they went.
How a PIAM Can Help
With a PIAM, hosts can create a visitor request through a portal. The system then grants access and sends the visitor a confir- mation email with a QR code for checking in. The visitor can use this email to access designated areas and meet with their host within the organization.
The email can also contain a variety of other information, including parking instructions or an NDA (if required). Today, organizations are also using email confir- mation to help manage the spread of COVID-19 by sending a health question- naire that must be submitted before the visitor’s arrival.
When an organization has added on-site kiosks that print badges once a visitor has scanned their QR code, visitors can check themselves in. In this case, the system takes the visitor’s picture and issues a printed badge. It can also text the host to notify them that their visitor has checked in. And, if an organization wants to add a layer of security, the system can be configured to scan passports or ID cards to validate each visitor’s identity.
Increasingly, organizations are also inte- grating automatic license plate recognition (ALPR) into their identity management sys- tems. This allows the PIAM to use a visitor’s

   62   63   64   65   66