Thousands of organizations struggle with a common door access security issue known as Credential Overflow.
Credential Overflow occurs when the number of active credentials in the system outnumber, sometimes drastically, the number of active cardholders. If a company's door access system is not equipped to handle the causes of this issue, they may face some serious security risks as a result.
What causes Credential Overflow? There are two primary causes:
1. Lack of Database Communication
Often times, a company's active user database, such as their employee or HR database does not communicate with their access control system seamlessly. If those two databases do not share information, then the process for activating and deactivating users and credentials usually involves two steps.
Step One: Enroll/Remove them from HR
Step Two: Enroll/Remove them from Access Control System
This is not very effective, as any time the second step is missed, cards remain active in the system long after the user has left.
2. Badge Re-Issuance
Many times cardholders lose badges and ask for reprints, forgetting to have their old cards deactivated at that time. If the system doesn't support automatic deactivation of old credentials as soon as a new one is printed, the old badge can stay active in the system forever, creating an imbalance in the number of active cards and cardholders.
How do we fix it?
1. If the access control database can "sync" up with the customer's existing cardholder database, like Active Directory or HR, then this allows for more of a single-step activation and deactivation process. Once a person has been enrolled or removed from the HR database, they will no longer have active access priviliges in the access control system either. This is far easier for all parties involved - and much more secure.
2. Look for door access systems that automatically deactivate old badges as soon as a new badge is printed. This will help to eliminate the issue with users having numerous credentials associated with their record in the system.
Lindsay
Cornell is the Director of Sales for BadgePass, Inc. BadgePass manufactures cutting edge Door Access, Photo ID, and Visitor Tracking software. Visit www.badgepass.com for more
information.
Showing posts with label Credential Overflow. Show all posts
Showing posts with label Credential Overflow. Show all posts
Monday, October 22, 2012
Tuesday, May 29, 2012
Is Your Current Two-Step Enrollment Process a Security Risk?
In recent news, it was announced that a 19 year old used his old ID badge from a program he took part in at AOL to gain access to the facility for two months after the program had ended! He lived in the building day and night, using his old access credential to gain access to different areas on the campus. It was nearly two months before a security guard caught him and kicked him out.
Stories like this beg the question, "How could something like this have happened?"
The reality is, this happens every single day! We just don't always hear about it because these stories don't always take place at high profile locations like AOL Headquarters and don't usually involve two-month-long squatters. But not deactivating security privileges in Card Access Control systems is a serious threat to an organization's security, and it gets overlooked all the time!
Think about your own access control system. How do you add and remove people from the system? If you are like most customers that I talk to on a regular basis, you probably print your ID badges in one location and then employees are asked to take those new credentials to a seperate location, like Security, to have their access control privileges activated in that system. It is typically a two-step process.
The same thing happens when a person leaves the company. The first database they are removed from is HR or Payroll. (You and I both know that person isn't getting a paycheck anymore!) Then, someone in HR sends an email to a person in security, notifying them to deactivate that person's access rights in the system. Again, we are back to that two-step process.
This works fine if your security personnel are always at work and constantly checking their emails. But what happens when they go on vacation for a week and miss all of those emails? Or when they are at lunch and overlook the email about the terminated employee when they return from their break? Circumstances like those are the ones we often forget to account for when implementing security systems like Access Control, yet they play a critical role in our organizations' security!
When choosing to implement a Door Access system, be sure to think about the way that credentials will be activated and deactivated in the system. Ask yourself a few simple questions:
- Is there an easy way to maintain the current database of active cardholders?
- Can you import new employees into the system easily?
- If you deactivate someone in HR, is there a way for their credential to be automatically deactivated?
No matter what the size of your organization, security is always a concern. The more automated the credentialing process is at your facility, the less likely you are to have issues like the recent security breach at AOL.
Read the full story about the AOL security breach here.
Lindsay Cornell is the Director of Sales for BadgePass, Inc. BadgePass manufactures cutting edge ID Badging, Visitor Management and Access Control software. Visit www.badgepass.com for more information.
Stories like this beg the question, "How could something like this have happened?"
The reality is, this happens every single day! We just don't always hear about it because these stories don't always take place at high profile locations like AOL Headquarters and don't usually involve two-month-long squatters. But not deactivating security privileges in Card Access Control systems is a serious threat to an organization's security, and it gets overlooked all the time!
Think about your own access control system. How do you add and remove people from the system? If you are like most customers that I talk to on a regular basis, you probably print your ID badges in one location and then employees are asked to take those new credentials to a seperate location, like Security, to have their access control privileges activated in that system. It is typically a two-step process.
The same thing happens when a person leaves the company. The first database they are removed from is HR or Payroll. (You and I both know that person isn't getting a paycheck anymore!) Then, someone in HR sends an email to a person in security, notifying them to deactivate that person's access rights in the system. Again, we are back to that two-step process.
This works fine if your security personnel are always at work and constantly checking their emails. But what happens when they go on vacation for a week and miss all of those emails? Or when they are at lunch and overlook the email about the terminated employee when they return from their break? Circumstances like those are the ones we often forget to account for when implementing security systems like Access Control, yet they play a critical role in our organizations' security!
When choosing to implement a Door Access system, be sure to think about the way that credentials will be activated and deactivated in the system. Ask yourself a few simple questions:
- Is there an easy way to maintain the current database of active cardholders?
- Can you import new employees into the system easily?
- If you deactivate someone in HR, is there a way for their credential to be automatically deactivated?
No matter what the size of your organization, security is always a concern. The more automated the credentialing process is at your facility, the less likely you are to have issues like the recent security breach at AOL.
Read the full story about the AOL security breach here.
Lindsay Cornell is the Director of Sales for BadgePass, Inc. BadgePass manufactures cutting edge ID Badging, Visitor Management and Access Control software. Visit www.badgepass.com for more information.
Subscribe to:
Posts (Atom)