Staff passes are now a familiar part of 21st century working life, but a large number of those in circulation remain far too easy to clone, often with equipment freely bought online.
For this reason, the use of cards with embedded microchips and advanced security, such as AES encryption, is growing, and these are far more difficult to clone. In fact AES encryption has yet to be broken by computers.
Of course, security passes can still be stolen, borrowed or lost, and organisations may want to invoke secondary credentials such as pin codes or a fingerprint. This multifactor authentication provides a very robust security system, and the technology is constantly advancing, including scanners that can read the veins in your iris or your hand.
But such high levels of security come at a price, and it remains with the organisation concerned to question the potential consequences and impact of a breach, and invest in security proportionate to that value.
Another technology to have advanced dramatically is CCTV, now frequently referred to as network video, where development has rendered the quality almost equal to broadcast television levels.
The cameras are IoT devices with computer processors able to run analytical programs such as human and facial recognition, detect fire or license plates and even listen out for audible signs of aggression.
Integrating these different technologies both strengthens the security posture of an organisation and can reduce the time taken to act on an event.
Yet the biggest security concern for many organisations is likely to be around cyber attack, especially the ‘insider threat’ from a disgruntled employee, or an outside agent leveraging what they’ve learned through social media.
This risk may never be totally overcome, but it is possible to mitigate it through techniques that combine physical access control systems with the logical network security of the IT network.
For example, the simple expedient of preventing anyone from logging on to the ICT infrastructure unless they have first swiped into the building with some biometric credential can be an effective barrier.