likes
Types of Access Control in Security
SCW Systems, Software & Methods
Access control systems fall under one of these three types of access control models, which determine how access permissions are assigned and controlled within the organization:
There are many different types of access control systems for commercial buildings and businesses, but not all systems will be the right fit, depending on the size of the deployment, the number of users and entries, and the level of security required. For example, a single office inside a commercial building will need very different security controls than a hospital or large warehouse facility.
With options ranging from rule based access control and mandatory access control, to a physical access control system, how do you know which access control system is best for your space?
Discretionary access control (DAC)
Discretionary access control is the least restrictive, and therefore the least recommended type of access control for commercial and business security. The DAC model gives business owners, rather than security experts, control over access rights and permissions for all users. Unless the business owner is well-versed in security policies and best practices, DAC is not the best type of access control model for modern IT environments.
Mandatory access control (MAC)
This type of access control is best-suited for organizations that require high security and confidentiality. Within a MAC paradigm, one person is given authority to establish access guidelines and assign permissions for the entire organization, such as a Chief Security Officer. Mandatory access control gives the system administrator the sole discretion over access permissions and security clearance.
This type of access control is best-suited for organizations that require high security and confidentiality. Within a MAC paradigm, one person is given authority to establish access guidelines and assign permissions for the entire organization, such as a Chief Security Officer. Mandatory access control gives the administrator sole discretion over access permissions and security clearance.
Role based access control (RBAC)
A role based access control paradigm defines permissions by roles assigned to individual users elsewhere in the system. Within a business setting, access privileges are often based on employment status and job title, such as allowing management full building access, while contractors or employees from a specific department will only have access to the spaces they need to do their work. RBAC is a user-friendly model, and allows administrators to group users and adjust permissions from a central database. RBAC systems usually employ the principles of least privilege and separation of privilege, where users are compartmentalized and given the minimum level of access required to perform their job.
Types of Access Control Software
Modern security systems are more technologically advanced than a lock and metal key. They also involve software to control access privileges and authenticate users. The most common types of access control software include:
Server-based access control
Traditionally used in large organizations and commercial buildings, on-premise access control systems rely on local servers to host and run software. Server-based access control usually requires organization to purchase and renew software licenses, and a dedicated IT staff to maintain the servers. If the organization needs access control at multiple locations, they will need servers installed at each site.
Web-based access control
Also known as embedded access control, this type of access control software uses a web browser application to operate, and connects to the LAN so that it can be accessed from any device within the network.
Cloud-based access control
Unlike the other two types of access control software, cloud-based software is hosted on a decentralized server, usually managed by a third party, and regularly syncs with local ACUs. Because the system syncs in the cloud, an internet connection is required to support cloud-based access control. In the event of an outage, the ACU will simple sync once the system is back online.
Types of Access Control Door Readers
Another component of access control systems for businesses is the reader technology. In order to authenticate credentials, organizations should install door readers that offer the security and controls necessary to secure the building. These are the most common types of access control:
Keypad readers
A keypad door reader requires a user to type in a PIN or passcode to unlock the door. Keypad readers offer good security as there is no physical credential that can be passed around or stolen. However, users could still share their PIN with others, a security risk and compromising building security.
Swipe card readers
This type of door card reader works with key cards or badges that have a magnetic strip which contains authentication data. Users swipe their card through the reader in order to unlock the door. One consideration with this type of access control system is the daily wear and tear on the hardware and cards means they need to be serviced and replaced more frequently.
RFID door readers
Radio frequency identification technology has many uses, including for access control. With an RFID access control system, the credentials contain information tags that send signals to nearby readers. Most RFID access control systems use passive RFID, also referred to as proximity or prox card technology. Proximity-based access control systems most often use key cards or key fobs for access.
Biometric door readers
Often the most expensive type of door security reader, biometric readers use scanners to identify users by a unique physical feature, such as a fingerprint, iris, or facial recognition. Mobile access control systems with smartphone-based credentials can use the biometrics built into the phone as a form of two-factor authentication.
Smart lock door readers
The most advanced and versatile door security readers on this list, smart readers often combine multiple types of reader technology into one system. Smart readers offer greater flexibility and security with support for mobile credentials, key cards, key fobs, and even touchless unlocking capabilities.
Types of Access Control Methods
One of the biggest differentiators between access control systems is how authorized users unlock the door. The type of credentials supported by an access control system also affects the capabilities and security of the system, as well as factors into the cost of the system. Not all access control systems can support every type of credential.
Credential types
Physical Keys
The most basic form of access control requires authorized individuals to carry a metal key for gaining access to each door they need to unlock.
Pin codes
With keypad reader access control systems, users have to enter a unique PIN code to unlock the door.
Key cards
One of the most common types of commercial access control, key card door lock systems use signals or code embedded in a key card to authenticate users. Depending on the system, key cards can include a magnetic strip for swipe access control systems, or use an RFID activated chip for a proximity door lock system.
Key fobs
A more modern credential for proximity and RFID systems, key fobs are small and convenient to use. Depending on the type of security and functionality of the credentials, key fob access control prices can range greatly.
Mobile credentials
With this type of access control, a user’s smartphone is their key. Usually app-based, mobile credentials allow users to unlock the door by tapping a button inside an app, and often support additional access methods such as Apple Watch and tablet apps. Mobile access control systems that use Wi-Fi, Bluetooth and cellular data also have the ability to support touchless and proximity-based unlocking.
Biometrics
Biometric credentials are often used in access control systems in high-security spaces. Technology including fingerprint readers, facial recognition, and iris scanning are common examples of biometric access control. Biometrics can also be used as a form of two-factor authentication, requiring users to present a key card, fob, or mobile credential, as well as complete a biometric scan in order to unlock the door.
About the author
Matthew Nederlanden
Matthew Nederlanden is a distinguished and renowned figure in the security industry, serving as the CEO of SCW, a leading security system provider, and Survail, an innovative video surveillance-as-a-solution platform. Under his leadership since 2009, SCW has achieved prominent success, including recognition on the esteemed INC 5000 list. You may have seen his articles on Forbes or Huffington Post, where he shares his insights on security and business leadership. In addition to his written contributions, his expertise has also been featured on television. He has made appearances on Discovery Channel's Garage Rehab and on the TV show Junkyard Empire on the Velocity Channel, further demonstrating his versatility and industry recognition.
Nederlanden's commitment extends beyond his professional achievements. He co-founded COVID Mobilize during the pandemic, showcasing his solution-oriented mindset and dedication to community engagement. As a foster parent and advocate of social responsibility, he shares considerable profits with his staff and community compared to many others in the industry.
With frequent conference appearances, media coverage, and a wealth of experience, his comprehensive expertise in the security sector solidifies his reputation as a trusted voice in the security industry. His track record in business leadership and community-focused initiatives positions him as a frontrunner in his field.