"It may seem like no big deal to some people if they prop a door open or lend someone a key card. While their intentions may be innocent, even small security breaches like these can open your organization to devastating consequences."
Why PIAM is the key to keeping your campuses secure
When you extend your access control system with a PIAM, you will reduce staff workload; ensure access control processes fully imple- ment corporate policies; improve the protection of your sensitive spaces; and gain additional benefits, like ensuring your access rights are always up to date.
No matter how big or small your organization may be, a PIAM solution can standardize and improve access control security policies. Instead of manually managing individual cardholders or changing access to specific doors, a PIAM system allows you to control deci- sion-making to assign rights based on roles, attributes, departments or other conditions—as well as change which groups can access which areas quickly and easily.
A workflow-based approach
Leveraging a workflow-based approach can reduce frustration and delay when approving access requests by allowing employees to make access requests or invite visitors. Doing this reduces both security team workloads and the likelihood of delays due to bottlenecked requests.
With a PIAM system, you can choose to empower managers or other important decision-makers to approve or deny access requests from certain groups of people, rather than centralizing access control requests within the security department.
Rather than going through several layers of approvals to remove a cardholder’s access should they leave the company, move desks to another campus, or change positions, the relevant decision-maker can use the PIAM system to switch off access rights immediately.
You can also define different workflows within the software to define under what conditions access can be temporarily or perma- nently changed, partially or fully automating the access-request pro- cess. By automating access rights management, you can help improve operator and front desk staff efficiency, leading to a greater return on your investment.
Continuously update access rights
When new hires are onboarded or employees change jobs, there are provisioning policies that can be configured to ensure an automatic provisioning of access rights based on their department, location, job title, seniority and more.
For example, let’s say that Valeria in marketing works in the New York office, but she accepts a new position in the communications department in Boston. Based on the provisioning policy, her employ- ee lifecycle changes will automatically put her into a new role, where she will inherit a new set of access rights. When Valeria walks into the Boston office for the first time, she’ll be able to badge in without having to hassle someone at the security office.
A PIAM system helps you automate some of these processes so that these kinds of transitions happen more smoothly. It can enhance secu-
rity by making sure there is a clear record of access control changes. Automation rules within the PIAM are defined based on your cor- porate security policies. Because the system makes it much easier and more efficient to align with security policies, it reduces the risk of workarounds. When policies change, you can easily adjust the access rights within the software, too. The changes won’t apply only to new cardholders, but also to all existing cardholders whose roles are
affected by the new policy.
Simplify audit processes
When audit time rolls around, an admin usually needs to log into the access control software to pull reports and review which employees have access to which areas and flag any profiles that need to be adjust- ed. When access control systems are paired with a PIAM system, this process can be made much faster and more accurate.
Within some PIAM systems, there are access review features that can help your team prepare when an audit is required. During an access review, area approvers or role managers can be prompted to view all the roles or areas that they are responsible for. With a couple of clicks, they can easily confirm, edit or deny access to ensure that all permissions are up to date in the access control system.
When approvers are responsible for reviewing access lists, it reduc- es errors and omissions due to miscommunication or transcription mistakes. The right people to decide who should have access to cer- tain areas are the people who know their teams best.
Improve operational efficiency
Facilities managers have enough on their plates these days. With a PIAM system, security managers can ensure that proper, auditable processes are followed and tracked—as well as when requests were made and who granted or removed access—while allowing the people responsible for requesting and approving to take ownership.
Make better decisions about access control
A PIAM system is simply a smarter way to manage identities and cardholders. Whether you manage one local campus, several regional sites or operate in hundreds of locations around the globe, PIAM can help you connect the dots to standardize while also improving access control security policies.
A cloud-based PIAM solution is quickly deployed and can also be unified with some access control systems, so the user interface is familiar and there are fewer integrations to maintain. A unified solu- tion can also leverage the information gathered across different sys- tems to improve the management of identities and enforce your secu- rity. A PIAM system like Genetec ClearID, for example, can be connected to your internal HR system or Microsoft Active Directory to manage the entire lifecycle of an employee’s identity in one place.
PIAM system data is encrypted and stored securely in the cloud, so you can invest your team’s resources in doing your most important work, not maintaining servers. Look for a service provider that offers multiple levels of monitoring, logging and reporting; tight access con- trols that include mandatory two-factor identification; automatic security patches; and a proactive approach to security that can iden- tify and mitigate potential threats.
Sharon Jung joined Genetec in February 2017 and is the Commercial Lead for Genetec ClearIDTM. She’s responsible for product evolution, pricing, positioning and strategic decisions for ClearID. She had her start at Genetec as a Deployment Project Manager on the Professional Services team. Prior to Genetec, Sharon gained experience working in the identity and access management space and worked in software development.
JANUARY/FEBRUARY 2022 | campuslifesecurity.com 11