The Internet of Things (IoT) is a growing phenomenon, with billions of devices already connected to the Internet and more to come. Amidst this trend, access control, which has more and more migrated to IP, will be an integral part of IoT, connecting with other security and non-security devices.
That said, access control systems must be designed to suit the overall IoT trend, helping users achieve better security and more streamlined operations. In particular, access control systems in IoT are designed with the following things in mind: interoperability, physical and logical access integration, and user experience.
IP-based access control systems can now be connected with other networked devices that are both security- and non-security-related. Said Gareth Ellams, MD for Access Control at ASSA ABLOY:
“Access control has almost become the backbone of building security and management systems, so a building now and in the future utilizes access control not just to open or close doors; it also drives other systems such as HVAC, lights, and various different things.”
The key to integrating with other devices and achieving seamless interoperability lies in software and APIs, which have become more open than ever in the era of IoT. “Web services APIs, like REST, are the most straightforward way to integrate IoT in access control. That’s where cloud-based systems have a huge advantage over traditional designs,” said Steve Van Till, President and CEO of Brivo.
Physical, logical access integration
A main component of access control in IoT is physical and logical access integration, whereby the end user entity’s physical security system is connected with its logical assets. “End users are looking for specific features, such as features that deny access to their network unless the access control system indicates that the user is indeed in the building from which they are requesting network access,” said Mitchell Kane, President of Vanderbilt.
Besides enhanced data protection that such convergence brings, more streamlined operations and better management efficiency are also some of the advantages. “Say you’ve hired a contractor. When they show up at work on Monday, they have to have a domain access, an e-mail address, and an access control card,” said Kurt Takahashi, SVP of Sales at AMAG Technology. “Creating efficiencies between these two systems allows you to onboard contractors and manage them more effectively.”
Access control in IoT is also designed around user experience, which has become more important than ever. One example is mobility, allowing users to control access as well as other networked devices through the mobile device. “One thing we are starting to see is a lot of mobility. Functions that you normally do behind a thin client or workstation, now you can do behind the phone or a tablet – whether it's day-to-day function, opening or closing doors, seeing video over your phone, requesting permissions over your phone, or using your phone as the credential to open the door,” Takahashi said.
Ease of installation and deployment is also part of the user experience enhancement. “From the purchase, installation, all the way through maintenance of the device(s), the more intuitive, the better the experience for all involved,” said Rob Martens, Futurist and Director of Connectivity Platforms at Allegion.
Benefits for all
The convergence between access control and IoT has gained prominence in the residential sector, where smart locks trigger home automation devices such as lights and thermostats. “Residential will see many of these benefits because there is currently more IoT in the home than in commercial security installations,” said Van Till.
But eventually – and one can certainly argue that this is already taking place – interest in access control-IoT convergence will spill into the commercial sector, where users can also enjoy the benefits such convergence brings.
“If you look at enterprise, healthcare, high security … all are making use of the Internet of Things, and most, if not all, have access to networks,” said Ellams. “It's not sector-specific anymore. It’s about making sure that the solution you want to put in place is the simplest and most effective.”