Choosing the Right Access Credentials

The security industry, like so many others, is sometimes guilty of offering customers too much choice of product. On the face of it, that is a nice problem to have, but in reality, it can be a real headache for end users searching for the right solution in terms of performance and costs.

Expert specifiers and installers provide major benefits to security end-users, taking the guesswork out of these important purchases. However, it’s vital that these professionals fully understand the needs of the end-users, just as much as the products on offer, to find the perfect match between the two.

Back to Basics

Understanding the needs of the customer is vital to any sales process, but it is especially important when it comes to an often complex security installation. The right security installer will always take time to examine the practical, as well as the technology needs of their customers and look to match these with the available budget.

The first question should never be: what type of security credential do you want? This is vital further down the process, but initially, the focus should be on the needs of the project – be that the requirements of the operator, the users, the locational restrictions, and ultimately the resources available to purchase and operate the systems once they have been installed.

One approach, which many of our partners find works well, is to ask the end-user to envisage how they would react if the credentials used by their employees and visitors were cloned. What would this mean for the business? Would people and property be at risk? What would be the personal, financial, and business implications of this?

Some end users may not consider it to be an especially big risk. They may only segregate areas for commercial reasons – for example in an open-air viewing area at a festival or racetrack, where there are few safety concerns over intruders, but rather commercial needs. However, I would argue that if access control is deemed worthy of being included then it should be employed to the highest standard achievable – if a job is worth doing, it’s worth doing right!

Technology Choices

As is the case with many manufacturing sectors, increased demand and scales of production lead to reduced prices, even for higher-end products. This has very much been the case with security technology too.

Even a few years ago there was a considerable price difference between the more traditional proximity cards and MIFARE Classic, compared to newer and more secure alternatives such as MIFARE Plus and DESFire.

However, things have moved on and even those on a leaner budget can afford to invest in very respectable levels of security. Most end users have a business or organisation that needs to protect people and property. Cloned cards/credentials are always a risk, so it pays to purchase more stringent security wherever possible.

MIFARE Plus, for example, enables encoding of the access control credential into a sector with password protection (using either 128-bit or 256-bit encryption). This makes it virtually impossible to hack in any reasonable time frame, offering impressive performance which is also highly affordable.

Greater Use, Greater Risk

It is also worth looking at the intended or potential additional uses for the security card/credential. Will it just be used for access control or also for additional tasks, such as employees downloading a print job from a photocopier or network printer? Perhaps employees will use the card in a staff canteen where their credit needs to be protected.

Equally, the security operator may want to include biometric details on the user, so it has a one-to-one match with a biometric reader. There are big legal and ethical implications to securely storing this kind of personal data, so the security of the systems will need to be watertight.

All these additional functions need to be carefully examined and the solution matched to the needs of the organisation. Installers must ask these sorts of questions and use the feedback as a guide to assess the sort of technology required.

Every security project and end-user is different. Choosing the right access control credentials for the job is vital and requires a high degree of dialogue as well as professional expertise. The objectives of the project, along with the budget, the business culture, and the practical realities need to be considered before you even start to specify the technology. End-users need to experience choice as a benefit, not a burden.