Protecting a New Perimeter
Even before the COVID-19 pandemic changed so much of daily life, there was a transformation happening in workplaces. Physical boundaries were no longer the only perimeter defining secure workplace access. Identity became a new—and often the only—perimeter.
Both perimeters must now be protected to ensure a secure, safe, and productive workforce, requiring a new approach to physical identity and access management that unifies physical access and cyber/IT access. This approach encompasses credential management, multi-factor authentication, and secure visitor management, as well as the management of guard tours. It also embraces the same touchless access experiences that have been pivotal to re-opening the workplace during the pandemic.
Secure Visitor Management
A more hybrid workforce that is not permanently based in an office complex requires a visitor management solution that can handle multiple types of visitors to a site: contractors, employees, customers, suppliers, and partners.
The latest solutions have enabled organizations to go touchless during the COVID-19 pandemic with self-service visitor badging kiosks, while automating wellness and other screening questionnaires. The solutions can also be used to monitor and analyze activity if there is a COVID-19 outbreak. They can simplify retrieval of historical visit reports, while making it easier to generate a workplace occupancy map and timeline, thereby automating and enforcing evolving compliance with visitor access and policy-based registration.
Remote work and its virtual perimeters must also be flexibly supported. An enterprise-grade, cloud-based authentication solution accomplishes this by making it easier to support employees who need to as simply and safely access enterprise resources from not just inside but also outside the office. In practice , this means employees may securely login to their workstation, company network, and access any application from home, while traveling, at an alternate office location, or simply at their usual workplace.
Authentication for Remote Workers
Adding multi-factor authentication to a unified physical identity and access management solution significantly improves remote work security. One of its biggest benefits is eliminating the vulnerabilities associated with passwords that are typically hard for users to track, remember, and manage. As a result, they resort to weak passwords or reusing passwords that enable cybercriminals to easily breach company systems and data. Passwords also often make their way to the Dark Web following a data breach, which hackers can use to gain access and plan future intrusions or attacks.
Multi-factor authentication solutions solve this problem, protecting an organization’s networks, applications and data by requiring a second validation via, for example, a mobile app before granting access.
Even in today’s hybrid work environments, there are still requirements to patrol a physical perimeter.
Multiple authentication form factors and methods should be supported so that there are sufficient options to meet security needs. For instance, mobile push authentication enables users to log in securely with a simple swipe of their phone to quickly authenticate to prove their identity before accessing protected applications. It is just as easy to swipe and deny a fraudulent login attempt.
Organizations can also choose from biometrics, cards, or security keys enabled with industry-recognized security technologies such as FIDO, PKI, and one time passwords, to provide a seamless, passwordless experience. The inclusion of a bundled Certificate Authority (CA) gives organizations a choice of a publicly trusted or private dedicated CA for strengthened security.
In addition to incorporating high assurance smart cards and security keys that provide a single sign-on authentication experience, organizations should also include technology compatible with physical access control infrastructure to ensure a drop-in replacement for any access control card. Additionally, providing employees with a single, secure authenticator for both logical and physical access streamlines and simplifies the overall workplace experience.
Today’s cloud-based credential management services automate and simplify the issuance of physical access badges, as well as digital credentials, while eliminating inefficient, manual processes. Organizations have access to detailed insights about issued credentials including who has them, what they are for, why they have been credentialed, and for how long. Credential revocation is also automated, which mitigates insider security risks.
These services also provide details of active credentials, wherever they are being used. Today’s ISO27001-certified platforms simplify employee access to the physical and digital workplace while solving administrative issues, regulatory compliance, and other business challenges. Including unified authentication back-end functionality allows organizations to choose the optimal security protocol for each use case while maintaining consistent rules and audit management capabilities.
Guard Patrol Checkpoints Also Move to the Cloud
Even in today’s hybrid work environments, there are still requirements to patrol a physical perimeter. This can be automated and enhanced by combining Near Field Communications (NFC) technology and cloud-based authentication into Internet of Things (IoT) applications for accurately tracking security checkpoints.
Using this approach, trusted NFC tags can be deployed to identify assets, checkpoints, and people throughout the facility. Security guards on patrol can then simply tap their NFC-enabled smartphone to these tags at each checkpoint on his/her designated tour, without any manual sign-in process. The checkpoint is identified by name, and timestamp information is automatically uploaded. Databases are updated in real time, enabling security guards to digitally prove their patrol stop took place at the proper location, and instantly respond and report fraudulent activities throughout the building.
Touch-Free Perimeter Protection
Touch-free trusted-identity technologies are proliferating across a wide variety of use cases that benefit from the safety, security, convenience, and efficiency of contact-free interactions with both the physical and digital worlds. They enhance perimeter protection by simplifying how users enter secured areas and access print resources and other building services.
As an example, mobile IDs carried on smartphones and other devices eliminate person-to-person ID card issuance or revocation, as well the need to physically touch cards, readers, or keypads when accessing secured areas. Users simply present their device to a reader to open doors, gates, and elevators. Visitor management is similarly a more hands-off experience now as cloud-based solutions limit face-to-face interaction through self-service check-in. Even the badging process no longer requires visiting a crowded issuance center—today’s cloud-based solutions enable cards to be designed and printed from any office or satellite campus, on any device via a web interface.
Hybrid work environments are redefining the perimeter. Organizations must protect both the physical perimeter and a new perimeter defined by the identities of people and things. Cloud-based solutions are increasingly being used to protect these perimeters by simultaneously addressing both cyber and physical security, compliance, and business challenges, as well as the traditional guard patrol in today’s dynamic work environment.
Julian Lovelock is vice president strategic innovation at HID Global, where he is responsible for sparking innovation leading to the development of new products and services. Lovelock moved to the United States from London in 2006 following the acquisition of ASPACE Solutions where he was CTO and co-founder. He holds a BENG in Electrical and Electronic Engineering from the University of Aston, United Kingdom.