The Biggest Mistakes Made When Upgrading Your Facility’s Door Access Control System
Electronic Door Access Control Systems are not created equal and the success of your new install or upgrade can dramatically improve the security of your facility and shore up any vulnerabilities. However, not all door access control systems are created equal, and there are several key mistakes you will want to avoid when creating your new system.
Below, we’ll look at the biggest and most common mistakes associated with upgrading a facility’s keyless entry technology. Avoid these mistakes to help ensure that your new system is as secure as possible.
Using Proprietary Hardware and Software
At one point in time, the electronic door access control systems market was filled almost entirely with proprietary solutions. Even today, the supply of open-source hardware and software continues to lag behind the demand. If you want to build the best access control system possible, though, it is important to make use of open source solutions whenever you can. If you use IP-based, open-source hardware for your panels and proximity card readers, you’ll be able to merge the most secure hardware with the most cutting-edge software rather than being forced to use solutions from a single provider.
No Fire Alarm Integration
Almost 30 percent of facilities that employ an access control system do not have their fire alarms integrated into the system. All fire codes are written by code-making bodies, such as International Code Council (ICC) and the National Fire Protection Association (NFPA), that require integration between door and fire alarm. Failing to integrate your fire alarms into your electronic door access control system can create serious hazards. For example, in the event of a fire, the access control system may keep people from being able to escape by failing to unlock the right doors. To ensure that the people inside your facility are able to safely exit the building in the event of a fire, it is essential to integrate your fire alarms into your access control system, so all doors are unlocked when the fire alarm goes off.
No Door Access Control Elevator Floor Management Features
Elevators are a key point of entry that can provide access to many locations within a facility. As such, they must be properly secured in order for multi-floor facilities to create an effective door access control systems. This typically involves making use of a system where employees must use a keycard to access specific floors in the building via the elevator.
No Fail-Safe or Fail-Secure Keyless Entry Capabilities
Fail-safe locks and fail-secure locks accomplish different purposes, but both are a vital part of a door access control system. Fail-safe locks are designed to automatically unlock in the event of a power outage. These locks are necessary for enabling people to safely exit certain areas if the power goes out. Fail-secure locks, meanwhile, are designed to remain locked even if the power goes out. These locks are necessary for keeping certain areas secured at all times even in the event of a power outage.
While it is important to create backups and fail-safes for your access control system’s power supply, it is equally important to still prepare for any power outages that you might experience by making use of locks with fail-safe and fail-secure capabilities.
4 of the Biggest Access Control Mistakes Made
#1 - Single-Access Level / Schedule
Proper access control requires more than just electrified locks and card readers. Good security is reliant on the system configuration so that it excludes unauthorized users from entering locations they should not and does not allow them entry during non-duty hours.
By default, access control systems are installed with one ‘flat’ default configuration that allows any card holder access through any opening, at any time. Many end-users incorrectly assess the ‘extra’ configuration add marginal value and drives inconvenience when restricting cardholder access at the wrong time or wrong door. However, this is a huge misstep, and all it takes is a lost or stolen access credential to undermine the entire system.
#2 - Locking Hardware in Poor Condition
The ‘tip of the spear’ for any door access control system is the locking hardware and the door. Like every mechanical item, these items need periodic adjustment and maintenance for proper operation. Countless controlled doors fall victim to leaves that do not completely close, latch properly, or have maladjusted gaps that weaken locks or cause binding.
No door security hardware is ‘maintenance free’, and allowing the considerable investment of electronic access control to be wasted due to lack of care is frustrating. Best practices for operating access control means periodically inspecting, adjusting, and light lubrication and cleaning of items like electric strikes, hinges, closers, exit devices, and mechanical locks.
#3 - No User Database Maintenance
Another item frequently neglected is prompt administration of the user database. Keeping an accurate inventory of who carries which card not only promotes good data collection, it also helps prevent lost credentials from being improperly used to gain access. Not only does this compound Mistake #1, failing to perform updates on the database makes recovery from it impossible.
If the user database is only updated ‘when it slows down a little’ or handed out as busy-work, that habit runs the real risk of leaving the cardholder list an unchecked mess. ‘Best practices’ for access control systems call for responsive management of the user database, ensuring timely responses are possible to control credentials.
#5 - Door Propping
The final mistake is a common, everyday item: a door stop. When people must repeatedly pass through a closed door, it is viewed as an inconvenience that can be effortlessly solved by propping the door open with a kicked rug, a random stone, or a rubber wedge.
While keeping the door open may increase the convenience of passing through, it prevents the door and lock from accomplishing its main purpose: keeping people out that do not belong.
Many access-controlled facilities have adopted a ‘No Doorstops Allowed’ policy, but even so, enforcement requires vigilance. Since doors can be propped open in very subtle ways – sometimes just enough to keep doors from latching – manned security operations consider ‘door checks’ a critical part of a safety guard’s patrol. In order to maintain access control at all times, an extreme prejudice towards doorstops needs to be taken.
Basing the System on Outdated Protocol
For the last 40 years, the standard protocol used to enable the hardware within an access control system to communicate back and forth has been Wiegand. Even today, Weigand can be found running the access control systems of facilities ranging from the Federal Reserve’s Eccles Building to Netflix’s corporate headquarters. However, the unfortunate reality is that Wiegand is an outdated protocol language with many weak points. A simple Google search for a term such as “breaking into Wiegand” will produce countless strategies and guides for getting past the protocol’s dated security features.
If you want to build an access control system that is truly modern and secure, it is essential to make use of the latest and most secure protocol language. At one time, Wiegand fits this description. Today, though, there are other protocols that offer far more robust security. If it’s too expensive for you to rip out the Wiegand wiring out your walls and replace it with ethernet cabling- don’t fret.
Some Access Control Manufacturers…
(the good ones) create an encoder like a device Weigand in / ethernet out, essentially converting your legacy cable to a more secure protocol.
Expensive and Common Mistakes
- Thinking Your Business Doesn’t Need Access Control
- Not Previously Developing a Security Plan
- Not Going with an Experienced Company Such as Umbrella
- Not Prepping for the Future
- Failing System Integration
A Lack of Third-Party Integrations
Effective door access control systems must be able to integrate with a wide range of technologies. For example, you will need your access control system to work with other security systems such as gates, video surveillance and detention systems. Before you implement any electronic keyless entry system, be sure to check its third-party integrations and ensure that the system will be able to effectively integrate with other systems and devices. Failing to do so could limit the capability of your system, force you to spend large amounts of time and money to patch up those limitations, or both.
No Active Directory Integration
Directory domain services enable you to better control who goes where within a facility. For example, when a person tries to enter a room inside of a facility that has integrated its access control system with a directory domain service, their credentials are pulled from the directory, allowing the access control system to either grant or deny them access based on their clearance. Without directory domain services, an access control system is not nearly as secure or as efficient.
Failing to Prepare Employees
An access control system is only as effective as the people who are using it. If you are moving to a new keyless entry (aka) door access control systems, it is essential to properly train your employees in how to use the new system. This goes for the employees who are responsible for maintaining the system as well as all other employees within the facility.
Upgrading to a new access control system can create a lot of confusion and inefficiencies, which, in turn, can create gaps in security as well. By taking the time to develop a thorough access control plan and explain the new plan and system to all of your employees, you can ensure a smoother transition and fewer issues.
The access control technologies and procedures in the industry today are better than ever before. Nevertheless, it’s still vital to avoid certain mistakes when upgrading your facility’s access control system. If you are careful to avoid the eight mistakes listed above, you will be well on your way to designing an access control system that will be completely secure and efficient.