PARTNER CONTENT: Balancing security, convenience and efficiency in remote access management
Operators of remotely located, unmanned cell towers or utility substations have long struggled with how to best secure their sites. They have typically used mechanical locks with keys or combination-codes to secure gates and service doors. These types of locks are affordable, but they also bring operational and security challenges.
On the operations side, there is a need to provide physical keys and/or combination sequences to all employees who may service the towers. Outside service vendors require the same or they must be escorted to and from the site – a time-consuming and costly prospect.
From a security point of view, mechanical locks have several serious flaws. Keys can be easily lost, copied or stolen, and combinations can be shared. When that happens, there is little choice but to rekey or replace one or more locks. That gets expensive – fast. These traditional solutions provide no accountability or audit trail capabilities, and there is no sure way of knowing who has visited a site or if it has been accessed at all.
Today’s access control systems can remove many of these limitations. Card credentials can be inexpensively issued and deleted as employees are hired or leave the business. Lost or stolen cards can be removed from the system in seconds. However, hardware and installation costs may be prohibitively expensive. Not only may remote sites lack a power source that is needed by access systems, the annual volume of use may not justify the expense of an online system.
Still, enterprise companies need a way to efficiently maintain online control of offline sites. If mechanical locks and online access control systems are not the solution, what is? How does a company deal with geographically dispersed employees, vendors and sites? What about remote sites that lack power? How can administrators know who has accessed their locations?
The network is in the key
Mobile access solutions can answer these questions, enhancing security while enabling operational intelligence and greater efficiencies. Mobile credential downloads are estimated to increase by more than 100 per cent annually between the base year of 2017 and 2022.1 People expect to use their mobile devices to communicate and interact with the world for online banking, to unlock a hotel room door and to serve as an access credential at work. Why not at the gate to a remote network site?
Mobile keys, combined with cloud-based software and wireless hardware devices, are transforming the way remote sites are accessed and maintained. These ecosystems are capable of streamlining entire remote site operations. A network of assets can be serviced without the cost or headaches associated with a mechanical key system.
Bluetooth technology connects mobile keys to a variety of keyless devices anywhere and at any time. Managers see immediate operational benefits, including an audit trail showing operators exactly who was at a site and when. This holds employees and contractors accountable.
Mobile key systems balance convenience and security, facilitating entry without the compromises of shared codes, unauthorised keys or – even worse – no entry barrier at all. Smart devices eliminate the need to carry mechanical keys or remember combinations or codes. Phones add an extra layer of security when they are set to require a user’s personal code. Most phones also add a biometric element such as a fingerprint reader and/or built-in facial or iris recognition software. People are unlikely to share phones loaded with personal data, and missing phones are likely to be noticed quickly and the loss reported.
Mobile credentials enable each employee to access sites with a single device. Employers can use a phone’s GPS technology (with appropriate privacy considerations) to know where an employee is located. Since employees may use their own phones, companies can save money by not having to issue additional equipment. Mobile credentials can also enable after-hours deliveries or service for a network of assets such as ATMs.
Wireless locks, mobile keys and cloud control
So how does it all come together at the remote site? System administrators use a cloud-based portal from a web-enabled device to send encrypted mobile credentials to employee smartphones or devices. The mobile credentials are specific to the user’s device, can easily be reused while permissions remain active and can be remotely deactivated. Mobile keyholders (employees or contractors) use the credentials to open any number of assigned locks, eliminating the need for duplication, distributing and auditing mechanical keys or rekeying or reprogramming locks. Mobile keys work with both Apple and Android smart devices.
Sites are secured with access devices or locks compatible with the mobile credentials. These padlocks, door locks, key boxes and controllers each manage one or more access points. Certain locks are rugged and able to withstand extreme outdoor conditions with temperatures ranging from below zero to more than 100 degrees Fahrenheit. The devices may be powered with field-replaceable batteries and boast a five- to ten-year battery life. Battery-level data and low-battery alerts are transmitted to the backend server. Bluetooth technology ensures that mobile keys operate even when no cellular coverage is available. Keys transmit activity data back to the system once the smart device is within cellular range to ensure operators have real to near-real-time audit logs. There is no doubt about when a site was accessed and by whom.
A robust commercial system enables managers to authorise access for individuals or groups of mobile keys through the internet portal. Key management may be delegated to trusted vendors, enabling owners and users to share administration and cost of the system. System managers may log into the secure portal 24/7 from any location. Every aspect of the system’s operation can be monitored online or through email alerts and routine reports. The system streamlines administration of inventory and keyholders with powerful search, sort and reporting capabilities. The best cloud-based software and data providers frequently evaluate and update their cybersecurity measures including built-in disaster recovery.
Today’s network operators can use a web-based, mobile solution to bring remote site access to new places, often where previously no complete solution was possible. Finally, it is feasible to increase security and convenience plus save time and money — all while gaining knowledge for better workforce deployment, vendor management and data-informed strategic plans.
Kristen Nafziger is TRACcess Product Manager for Salem, Ore.-based Supra, a leading global provider of mobile credentialing and key management systems for numerous segments including real estate, hospitality, commercial and more. For more information, visit suprasystems.com
- IHS Markit, ACaaS and mobile access propelling each other to mainstream adoption, 15 August, 2018