of ownership in their access-control infrastructure. It also gives
them the ability to choose from among a broad selection of best-
of-breed controller manufacturers. Controllers that also leverage
a future-ready third-party app development environment within
them further streamline and expand integrations. Equally impor-
tant, this puts integration control in the hands of the organization
that is implementing the technology.
T H E Q U E S T I O N O F S E C U R I T Y
There are misperceptions about the security of open APIs com-
pared to proprietary solutions, but there is no inherent difference
between open and proprietary solutions from the perspective of
data and information security.
Each type of solution must not only deliver the desired pro-
cessing method and functionality, but also be designed, built and
integrated with cybersecurity in mind. This means the develop-
ment process must be governed by the policy of a secure design
lifecycle encompassing processors, firmware, APIs and Software
Development Kits (SDKs).
At each point from the initial design phase onward, the entire
solution must be created with cybersecurity in mind and support
the latest encryption and other standards and capabilities that IT
departments expect to see across every element in the network.
R E M O V I N G T H E “ R I P A N D R E P L A C E ” R O A D B L O C K
Among the biggest advantages of open-architecture controllers is
how they simplify the path from legacy to current access control sys-
tem capabilities while improving/updating cybersecurity protections.
This is crucially important because controllers installed dec-
ades ago simply cannot protect organizations from modern cyber-
security threats. Even ten-year-old controllers – the typical age on
the wall—are exposing educational institutions to unacceptable
risks, including unexpected failures.
These aging controllers may serve their original purpose
but fall well short of the enterprise-level security capabilities re-
quired by most large university campuses. Even if they are willing
to accept the cybersecurity risks posed by these older controllers,
administrators must still prioritize an upgrade to the latest gen-
eration or face a forced upgrade in the event that their controller
reaches End of Life (EoL) status and will no longer be supported.
This upgrade doesn’t have to be disruptive, because each
new generation of today’s latest controllers can emulate the prior
generation product. This ability to operate in “legacy mode” is
delivered through firmware and includes backwards compatibility
with earlier product generations plus an easy migration path to
each new product generation.
Together, these two capabilities remove the “rip-and-replace”
obstacle to controller upgrades so that universities can move at their
own migration pace and more effectively navigate both end-of-sale
U N I V E R S I T Y A C C E S S C O N T R O L
and end-of-life situations. They can take advantage of the new con-
trollers’ features and capabilities without having to deploy them all
at once, since they also behave like the prior generations of con-
trollers throughout the transition. Most university administrators
would rather plan an upgrade on their own timetable rather than
an artificial one imposed by the controller manufacturer.
Another tip for simplifying future upgrades is to ensure that
the new controllers maintain the same physical design with each new
product generation. When there is a common form factor across all
products, future upgrades are transformed into seamless board swaps.
M A X I M I Z I N G B E N E F I T S
A number of issues should be considered when evaluating next-
generation intelligent controllers, from the reputation of the manu-
facturer to its commitment to ongoing security improvements such
as secure boot capabilities and cryptography for their products.
Upcoming industry innovations should factor into deployment
decisions, as well. Controller technology continues to evolve, with the
hardware expanding to incorporate additional power and storage
to enable versatile processing close to the security decision point.
These and other advancements increase solution developer
options and make controllers more intelligent. These smarter con-
trollers will run diverse and sophisticated apps locally with high
performance while connecting to a growing variety of sensors, de-
vices and systems without being dependent on upstream network
communications. Instead, they will execute complex procedures
in real time using advanced analytics at the edge.
The latest controllers are significantly more secure and ca-
pable than their predecessors, the majority of which are still in
use despite their inability to defend against modern cybersecurity
threats. As these modern controllers continue to evolve, they will
support advanced software execution capabilities locally so that
security can be strengthened at the point of execution.
They will also enable a future-proof infrastructure that evolves
at the speed of software to support such capabilities as flexible and
extensible PACS edge computing that supports dynamic operations.
Campus administrators who adopt today’s intelligent con-
trollers will no longer be required to immediately transition their
entire infrastructure. Instead, they can execute the migration on
their own timetable thanks to the new controllers’ legacy operat-
ing mode.
The most pressing question adminis-
trators may now need to ask themselves is
what they will forfeit by delaying the tran-
sition, including easy access to a growing
ecosystem of synergistic products, systems
and third-party applications that will eas-
ily and synergistically integrate within their
upgraded access-control infrastructure.
19