Continuing our thread on the different security elements that need to be considered as part of a Security Risk Assessment (SRA), we will now consider Access Control and the importance of screening both vehicles and people as they enter your facility.
All security systems can be both proactive and reactive in dealing with threats. It can be argued that CCTV is more reactive and primarily used to investigate and analyse an event that has already taken place, but there is also a deterrent factor that should be considered. With Access Control, this leans towards the proactive side and is intended to prevent threats from accessing the facility, or denying entry to vehicles and people that have not been authorised.
Identifying the most appropriate type of access control system will be critical in making sure you have the right level of controls to counter the identified risks, threats and access concerns. You also need to ensure the system does not unnecessarily impede progress through the facility or hamper day-to-day business activities needlessly.
Apart from open/public areas that have been identified as not needing additional controls, the main types of security doors and access points are through mechanical (lock and key) and electronic systems. Even in our tech focused world there is still a place for the lock and key system. In most cases, these would be for low-risk locations such as storage rooms and areas used by outside contractors or third parties. They can also be used to back-up electronic security systems to ensure an additional level of security if needed.
When it comes to electronic systems, we can get a little more creative in how we employ them, as well as the layers you use to protect against the different types of threats. A guide I have often used once the different areas have been assessed for their risk and threat levels are:
Level 1 – something you have
Level 2 – something you know
Level 3 – something you are
Level 1 is the first level after general access or a mechanical system and would incorporate something ‘you have’, i.e. a proximity or smart card that has your access permissions programmed in and would either have a touch or swipe action. This would probably be the most common type of system employed and is considered a quick and effective means of moving through a facility.
Level 2 is used when a greater level of security is required where the ‘you know’ part is possibly a PIN number that is also used in conjunction with the card. Remember, the more levels of security you incorporate, the slower the progress will be through each point!
Level 3 is used when the maximum level of security is required and the ‘you are’ part would probably entail a biometric system that registers areas such as your face, fingerprints, irises (eyes), or palms. These are just some examples of the readers that could be used in conjunction with the first two levels or as a standalone system where applicable.
Any of the above examples can be used independently and/or in conjunction with each other. The end result of the preferred systems will ultimately depend upon the threat, the proposed security strategy and, of course, cost.
Also remember that access control should work in synergy with the physical security personnel, and the other security systems that are designed to support each other.
I will discuss another security system that should be considered in the next article…
Le Beck CEO Anthony Tesar can be reached on CEO@lebeckinternational.com