6 Trends Impacting Access Control and the Overall Security Market
Increased emphasis placed on interoperability and total cost of ownership in security purchasing decisions
- By Jeremy Krinitt
- Dec 01, 2014
From 4K Ultra HD resolution surveillance cameras to near field communication
(NFC) or Bluetooth-enabled access control readers and
applications, technology innovation in the security industry runs the
gamut. However, while these newer technologies and the advanced
functionality they offer generate a lot of buzz, the fact remains that
today’s end users and systems integrators are looking for much more in the security
devices they purchase than just the latest and greatest features. Despite a slowly
recovering economy, security budgets have yet to climb back to their pre-recession
levels. As a result, end users and integrators must be able to show a tangible return
on investment (ROI) on the security solutions they purchase.
For many years, security operated within a silo, but that is quickly changing.
Companies are now looking for security solutions that can be leveraged across
different departments—human resources, facilities and more—and also provide
long-term value to the organization. Additionally, it is no longer acceptable for
security manufacturers to use a “checkbox” approach to the features they offer.
More thought needs to be put into how the features of a product can be best utilized
by customers. For example, a video surveillance company could develop a
revolutionary type of analytic, but if the setup of that analytic is temperamental
for integrators, then what difference does it make to customers looking to use
that technology?
Much of the industry’s recent focus on innovation is around additional products
that can be added into the security environment, not on the fundamental
value provided to integrators and end users. The question for the industry is this:
What market factors and technology innovations are going to be the key to driving
real growth moving forward?
Here are few things that could play a big role in the industry in the not-toodistant
future.
Openness and Interoperability
The word “open” is thrown around frequently in the security industry, but it is
typically used to describe a security system, such as access control, video surveillance
or other solutions, that are interoperable with products from other vendors.
Whole spectrums of possibilities exist when someone uses the term open. Where
the technology sits on this spectrum can have a significant impact on the experience
of the integrator and end user, both in the initial implementation of the solution
and in the technology options in the future.
In the best scenario, the connections between solutions use a published standard.
This often provides the manufacturers the best visibility into the connection
between solutions, and ultimately provides greater flexibility to the end user. One
way this can be achieved in the access control realm is by implementing solutions
that comply with the Open Supervised Device Protocol (OSDP), a communications
specification developed by the Security Industry Association (SIA) to enable
devices, such as card readers and control panels, to work together.
Using a control panel that also supports OSDP, for example, can provide users
with the flexibility they need for their future access control decisions. Customers
should ensure the solutions they select support open standards, but it is also important
to consider what they are doing to ensure long-term value for the security
solution. Just like our laptops and cellphones, technology in the security space is
constantly in motion. Manufacturers should be designing solutions to support the
latest standards, and to provide a runway for the technologies around the corner.
Greater Usability and Reliability
Although there is often a shift of trends within the industry where manufacturers
will find themselves pushed by customers to deliver a certain set of features, two
things have remained constant through the years: usability and reliability.
There are numerous examples that can be found across all product sectors of
systems that have either been disregarded, or in some cases, simply turned off
because they triggered repeated false alarms or because an organization’s security
staff found them onerous to manage. Ultimately, vendors that want to deliver an
effective solution for their customers must ensure that their product not only provides
the features that they need, but is also dependable and user-intuitive.
Changing Vertical Market Dynamics and Regulatory Compliance
While nearly all vertical markets will have an impact, to some degree, on shaping
the access control and overall security industry in the years to come, there are
some whose impact will be felt sooner rather than later. For instance, the government
and healthcare markets stand poised to have a substantial effect on product
manufacturers due to the necessary requirements these markets have put together
around access control.
The government sector is a prime example of how changing requirements within a specific market can have a broader impact on the security industry as a
whole. Unlike other industries where minimum security requirements are largely
established by the organization itself, security standards in government agencies
are regulated by different federal guidelines and mandates that change and evolve
with the threat landscape.
In effort to establish a common identification standard for government employees
and contractors, Homeland Security Presidential Directive-12, more commonly
known as HSPD-12, was issued shortly after the 9/11 terror attack by the
Bush administration. HSPD-12 subsequently resulted in the creation of Federal
Information Processing Standard-201 (FIPS-201), requiring federal employees
and contractors to have personal identification verification (PIV) credentials. Additionally,
some corporate entities have also opted to adopt standards similar to
PIV due to the enhanced level of security it outlines, which points to how the government
market has impacted the access control industry.
However, because many agencies found that the different components they purchased
to become compliant with the PIV standard didn’t work well together, the
government recently introduced a new program called Federal Identity, Credential
and Access Management (FICAM), which outlines the implementation of an endto-
end access control solution where all devices are interoperable with one another.
In the healthcare market, there has been a push over the last two decades to
improve patient privacy with the implementation of the Health Insurance Portability
and Accountability Act (HIPAA) and the Health Information Technology
for Economic and Clinical Health (HITECH) Act. While these regulations
are primarily designed to safeguard patient data in the age of digital information
and cybercrime, the majority of data breaches are not the work of sophisticated
hacking networks, but rather negligence on the part of healthcare employees. This
means that physical access control measures within hospitals and other healthcare
facilities has become critically important as it only takes one door being propped
open to reveal a treasure trove of information to identity thieves.
As a result of the continually shifting threat landscape in these markets, security
manufacturers and the products they develop must continue to evolve to
meet changing requirements. Oftentimes, it takes collaboration between all parties
involved—manufacturers, integrators and end users— to develop comprehensive
and effective solutions that not only meet the requirements set forth, but can maintain
and manage the system as technology advances.
Increased Convergence between Physical and Logical Access
The advent of IP technology has dramatically changed the way security systems
are installed, managed and monitored. It has also brought the worlds of IT and
security together in ways that some people could have never dreamed. One of these
ways is combining technologies to enable access to the physical locations of an
organization as well as their computer networks.
That’s not to say there haven’t been some challenges in getting the technologies
lined up to provide an effective solution for end users; it’s been a tough sell
in many ways. However, the value is certainly there as it simply makes sense for
many organizations to have the capability of implementing a converged physical
and logical access solution. Like other integrations, the value of the information
that is present in a traditional access control system has applicability to the larger
organization, and IT is one of those departments.
Despite the benefits that can be realized by bringing these two areas together,
many companies have yet to understand how to take full advantage of this convergence.
Meanwhile, solutions do not always deliver as advertised; therefore,
untapped potential still exists. This will likely change, though, as organizations
become more tech savvy and hold vendors accountable for what they need to
be successful.
Mobility Comes of Age
The development of NFC technology has been touted by many vendors in the industry
as the next great technological leap in access control. On the surface, this
excitement is certainly understandable, given the proliferation of smartphones and
other mobile devices as well as the increased desire by customers who want the same level of convenience and usability as
commercial security solutions in home
consumer devices. However, despite the
high hopes for NFC access control, actual
implementations have been slow to
materialize for several reasons.
First, manufacturers have to be able
to access the Secure Element (SE) of
a mobile handset in order to embed a
credential. To do so, companies have
to enter into partnerships with wireless
carriers. Secondly, a large portion
of the smartphone market is dominated
by the Apple iPhone, which until
recently did not come equipped with
NFC technology. Although the iPhone
6 and iPhone 6 Plus, which made its
debut in stores last month, features an
NFC antenna, it still remains to be seen
if the company will grant security manufacturers
access to an API for access
control purposes. With that being said,
there is now one less potential hurdle to
wider adoption of NFC in the market.
“The announcement by Apple addresses
one of the barriers the access
control industry has faced with regards
to NFC, i.e., loading an identifier onto
the secure element,” IHS analyst Blake
Kozak wrote in a research note published
by the market research firm last
month. “With the API mentioned by
Apple, it is possible that access control
manufacturers—among others in the
supply chain—could load and command
an identifier directly onto the
secure element.”
In the meantime, developers have
turned their attention to Bluetooth
Low Energy (BLE) technology which
has several advantages over NFC, including
the fact that it is available on
almost every mobile phone available today
and because the SE doesn’t have to
be accessed in order to have the secure
credential placed onto it.
Regardless of which technology
wins out, the trend toward increased
convenience and mobile access is one
that will continue in the market for
years to come.
Advanced Capabilities
Move to the Edge
While edge capabilities are not new to
the industry, there are signs pointing
to increased interest by end users in using
these capabilities more so than they
have in the past. As such, manufacturers
need to be able to deliver platforms
that have the power and flexibility necessary
to provide advanced capabilities
at the edge.
When it comes to access control,
there are many functions that can be
performed at the edge that can enhance
value for the end user. For example, being
able to display messages to users
when they swipe their card at a door,
and the addition of personalization
and communication options are functionalities
that vendors will look to
improve upon as time
goes by.
This article originally appeared in the December 2014 issue of Security Today.