Join or Sign in

Register for your free asmag.com membership or if you are already a member,
sign in using your preferred method below.

To check your latest product inquiries, manage newsletter preference, update personal / company profile, or download member-exclusive reports, log in to your account now!
Login asmag.comMember Registration
https://www.asmag.com/member/new_membership_2.aspx
INSIGHTS

Cloud and on-prem access control: navigating privacy, compliance, and training

Cloud and on-prem access control: navigating privacy, compliance, and training
As more businesses migrate to cloud-based systems, integrators must stay aware on the privacy, legal, and regulatory issues that come with implementing these solutions.
With the increasing acceptance of cloud-based solutions, the access control market has seen a considerable transformation in recent years. Scalability, cost-efficiency, remote management, and real-time monitoring are all appealing features for security integrators. As more businesses migrate to cloud-based systems, integrators must stay aware on the privacy, legal, and regulatory issues that come with implementing these solutions.
 
In addition to comprehending the privacy and regulatory context, integrators must be aware of the training and support required when dealing with cloud-based access control systems. Providing integrators with the necessary knowledge and resources can have a significant impact on the success of installing these advanced security solutions for clients.
 
This article seeks to provide essential information that will assist access control systems integrators stay ahead in this ever-changing business by addressing the problems and issues around privacy, legal and regulatory compliance, and the training and support required for integrators. Integrators who are well-informed and prepared will be in a better position to successfully deploy cutting-edge security solutions for their clients, ensuring both security and customer satisfaction.

Considerations regarding privacy and the law

Several legal and regulatory factors must be taken into account when installing a cloud-based access control solution. Personal data must be secured and processed in accordance with data privacy legislation such as the GDPR. HIPAA for healthcare and PCI for finance are two examples of industry-specific rules and standards that must be followed.
 
“It does depend on the region,” explained Andrew Scothern, Security Chief Architect at Gallagher. “GDPR is the most well-known legislation, but many countries have their own standards, especially at the High Security end of the market, for how systems should be architected and operated when in the Cloud. System and Organization Controls (SOC2) compliance is a major consideration for many when considering Cloud hosted services.”
 
John Szczygiel, EVP and COO of Brivo, pointed out that customers demand solutions that meet internationally recognized security standards and audit practices such as SOC 2 and ISO 27001 to ensure that the solution and any sensitive data are protected.
 
“A cloud-based security provider must have a solution where security is baked into its products and applied in data centers, field hardware, people and processes,” Szczygiel said. “Everything from how products are built to how applications are deployed must be designed with cybersecurity and data protection in mind.”

Integrators' training and support

Experts agree that training and support for integrators working with cloud-based access control systems should be similar to that offered for on-premise systems. The majority of the installation work (doors, readers, panels, inputs, outputs, etc.) is done on-premise. The quantity of training necessary to configure a system is determined more by the quality of the client software than by the location of deployment.
 
“For a well-designed system the training shouldn’t be too different between Cloud based and on- premise systems,” Scothern said. “In both cases most of the work installing the system is on-premise, and it is only the client server software that is deployed differently. The amount of training required to configure a system is then dependent on how good the Client software is rather than where it is deployed.”
 
The same is true for integration points. A well-designed set of APIs is far more impactful than where the software is deployed. In saying that, a system that makes it easy and secure to connect from other cloud systems can be a big help to cloud based integrations.
Szczygiel suggested that beyond the typical technical training and certification, integrators may need assistance with connecting the customers enterprise applications such as HR and Identity Management systems with the access control solution via application programming interfaces (APIs).
 
“Solution providers should be prepared to support the integrator and end-customer with a professional services team that can smooth the way to achieving value from these API integrations,” Szczygiel added.
 
Seongbin Choi, Head of R&D Center at Suprema, added that both cloud-based, and on-premise solutions require integration and data transmission with third parties. Training about REST API and JSON (JavaScript Object Notation) will be essentially needed for the integrators.
 
To ensure success, integrators should acquire high-impact training and technical certifications. In-person and hands-on training, as well as virtual choices, should be available, allowing integrators to work at their own pace or attend live sessions. Furthermore, API support should be provided for linking customers' corporate applications, such as HR and Identity Management systems, to the access control solution.

Conclusion

As cloud-based access control systems continue to acquire traction in the security industry, it is imperative that integrators keep abreast of the most recent advancements and best practices. Integrators can ensure that their clients' systems are both secure and compliant with applicable laws and regulations by addressing privacy, legal, and regulatory considerations. This not only helps maintain a positive reputation within the industry, but also fosters trust between integrators and clients.
 
In addition to compliance, integrators must prioritize the training and support necessary to operate cloud-based access control systems effectively. By investing in exhaustive training and certification programs, system integrators can acquire the skills and knowledge required to navigate the unique challenges presented by cloud-based solutions. This, in turn, will enable integrators to provide superior service and support to their clients, further solidifying their position as industry leaders.
 
In conclusion, the successful deployment and management of cloud-based access control systems depend on the ability of integrators to navigate the complex landscape of privacy, legal, and regulatory considerations, as well as their dedication to continuous learning and improvement. By remaining informed and proactive in addressing these challenges, access control systems integrators can not only enhance their own expertise, but also contribute to the success and security of their clients' organizations. This commitment to excellence will unquestionably pave the way for continued growth and innovation in the world of access control in a rapidly evolving industry.
Subscribe to Newsletter
Stay updated with the latest trends and technologies in physical security

Share to: