CHAPTER 7

ACCESS CONTROL

• Reported by :
Roy Nahil
Mark Jonas Nazareta
Jhon Jade Nasa-an
 INTRODUCTION
Access control to an establish or installation is the most essential
component of a good security system. It determine who enters the area,
how the access is controlled, and what technology or equipment is to be
used to the task of controlling .
 WHAT IS ACCESS CONTROL?
Physical security and information security, access control (ac) is the selective
restriction of access to a place or other resource. the act accessing may mean
consuming, entering, or using permission to access a resource is called
“authorization”. It is most efficient when introduced as a part of a multi-layered
security. this can be integrated with other core aspects to create a seamless solution
to protect employees, building, and assets while helping the employer save time, and
reduce operations overheads.
 BACKGROUND TO ACCESS CONTROL
All civilization over time have used varying forms of access control, be it a log
across a chasm, or a drawbridge in a castle. Even down to the basic door, which if
properly secured by a suitable locking mechanism, acts as a quite reliable form of
access control.
Today’s modern access control systems are able to offer unforeseen advances in
technology that even 30-years ago would not have been imagined by the professional
security manager of the time, and let alone by the general public. Today, not many
people outside the security industry realize what technologies are available.
 ACCESS CONTROL IS SECURITY
When one thinks of security, one often thinks of it only in terms of implementation.
in it security, one thinks of passwords and firewalls. In personal security, one thinks of
avoiding rape and robbers by staying away from dark alleys and suspicious-looking
characters.
In the simplest terms, it boils down to, that is, security is controlling access; thus,
implementing security; therefore is the process of controlling access, such passwords
and firewalls control access to network and data resource, avoiding dark alleys and
suspicious characters; and control access to bodies and possessions. Security in the
home generally refers to locks on the doors and windows. with locks, one is controlling
the access of person into the protected area.
Everyone is denied entry unless he or she can produce the proper key. by issuing keys
to only those authorized persons, an establishment or installation is controlling access.
because security system does not want anyone entering through the windows after-
hours, there is typically no key lock on windows and level of control is total dial for
many small to medium companies a good quality photo id card is adequate in
providing a suitable security level.
 ISSUES ON ACCESS CONTROL
HERE ARE SOME OF THE ISSUE TO BE CONSIDERED IN ACCESS CONTROL:
1. EXTERNAL ENTRANCE. It is a good idea to limit the number of outside access points to as few as possible. This limits the areas
to be controlled, thereby reducing costs.
2. RECEPTION AREA. Always ensure that the reception area is staffed either by a receptionist or security guard.
3. VISITORS OR SUPPLIERS. For security and fire safety reasons, it is a good idea to get visitors and suppliers to sign and out of the
building logging the time and the person they are visiting. also consider issuing a visitor’s badge, and escorting them
throughout the building.
4. INTERNAL ACCESS. Employees and visitors should be excluded from certain areas within the premises, such as: (a) computer or
server rooms; (b) data storage areas; (c) stock rooms; (d) finance department and (e) stationery cupboard. these areas are
more likely to be the target of sabotage and theft from both inside and outside intruders.
5. STAFF VIGILANCE. The access control measures need to backed-up by staff awareness and vigilance for maximum effect. train
the staff to be alert, monitor the actions of visitors, and keep valuables in both business and personal, in safe places.
6. ALL HOURS ACCESS. If business operates round the clock or 7/24, then ensure that the premises have in place adequate
security, health, and safety measures during the unholy periods. weekend and night access can greatly increase the security
overheads.
7. CONTROL DEVICES. There are a number of access control solutions, including: (a) key-controlled lock, suitable for a small
number of users requiring infrequent access; (b) coded lock, mechanical or electrical; thus, requires a predetermined code to
be entered on a keypad to unlock the door; (c) card swipes, becoming more affordable, and use a personal identity card to
control access electronically; and (d) advanced systems, available if high level access control is needed, such as systems that
read eye patters, fingerprints, and id or badges.
QUESTIONS IN ACCESS CONTROL
• Here are some of the basic questions in access control:
1. Who has access to the premises? Anyone from visitors to employees, it is important to control who
accesses a secured space. It provides multiple ways to intruder to prove identity before he or she is
granted access.
2. What time periods do they have access? Many businesses have employees such as managers and
service technicians who need access to building during non-standard hours. Scheduling system can
be incorporated, and make it easy to make schedule when an individual persons or group of
persons is allowed entry.
3. What is point of the entry? Access control systems are able to determine which individuals are
allowed to open specific points of entry into the business. This is especial critical in hazardous, high
security, engineering, IT, private, or other restricted areas. Some businesses also control employees
or tenants’ entry to parking lots.
4. What is the authentication method? This can be chosen from different types of access credentials
to increase security and reasonableness. There are options which include cards with a photo ID, or
company logo, key fobs, and various biometric credentials, fingerprints, hand vein geometry, retinal
scans, etc
ACCESS CONTROL OF EMPLOYEES
• Ideally, badges should be issued in different colors to identify different employment status, such as
permanent versus temporary employees, different positions, such as seniors staffs versus workers,
and different workstations, such as packing versus sewing. This color coded system allows for easily
identification of an employees in a restricted zone.
• Employees should be reminded to take a good care of their badge and never lend their badge to
anyone. They must report lost or stolen badge to security immediately. Many companies choose to
combines identification badges with timekeeping purposes, making employees swipe their machine-
readable badges to record their time-in and time]-out. Laminated plastic badges, bearing the
company logo with the employee’s name, photo, and department are recommended.
• Different options for verification: (1) security guard or a management representative is the access
point to premises and check each employee’s badge; (2) employees use swipe cards to access the
premises; (3) employees have a key, keycard or code to open an access point; and (4) access is
remotely controlled via CCTV and Intercom.
PURPOSE OF ACCESS CONTROL
• An access control system allows the management to monitor the movement of personnel in and out
of premises by allocating individual access right, and which are used to determine who is allowed to
go where and when, depending on their needs.
• Verifying and authorizing entry based on one, or a combination: (1) someone possessed an access
card; (2) someone knows a PIN code; and (3) something that is physically unique, such as a
fingerprint.
• An access control system will: (1) restrict access and to only allow authorized personnel, and deny
access to unwanted visitors; (2) control and monitor movements of people throughout the premises;
(3) detect unauthorized access and activity throughout the premises; (4) protect employees, visitors,
properties, assets, and information; (5) secure a designated area, or sector requiring access; and (6)
observe and report based on access data collected by the system.
• Access control systems serve to enhance the premises protection, and control the employees’ access
to restricted and technical areas, as well as control of evacuation doors in case of emergencies.
Permanent or personnel access control cards are issued to employees for personnel use.
SECURING ACCESS CONTROL

• Methods of controlling access, such as ID cards, work passes, and access control cards have mostly
been locked in the past as an unwelcome necessity. If working in a large company, it may have a
reception desk at the entrance where staff and especially visitors may be required to sign a log book
with their basic details.
• Company cards which allows individuals access to workplace. The system have zone protected rights
where different individuals are only allowed access to certain areas of buildings or facilities.
• New technologies are now gaining ground in replacing the magnetic stripe and giving the company
additional controls on who is accessing their different times.
GEOGRAPHICAL ACCESS CONTROL
• Geographical Access Control may be enforced by personnel, namely, security guard, house
detective, ticket checker, or with a device such as turnstile, a system of checking
authorized presence; an example is ticket controller for motor vehicles.
• Access control refers to practices of restricting entrance to property, a building, or a room
authorized persons. Physical access control can be achieve by a human guard, through
mechanical means such as locks and keys, or through technological means such as access
control systems like mantrap.
• When mechanical key is lost or the key holder is no longer authorized to use protected
area, The locks must be re-keyed. Electronic access control uses computers solve the
limitations of mechanical locks and keys.
ACCESS CONTROL OPERATIONS

• The control panel also ignores a door open signal to prevent an alarm. Often the reader provides
feedback, such as a flashing red light-emitting diode for an access denied and a flashing green
light-emitting diode for access granted.
• There are three types of factors in authenticating information of persons who want to have
access in security controlled premises, as follows: (1) something the users knows, such as a
password, passphrase or PIN; (2) something the user has, such as smart card or a key fob; and (3)
something the user owns, such as, fingerprint verified by biometric measurement.
• Passwords are a common means of verifying a user’s identity before access is given to
information systems. In addition, a fourth factor of authentication is now recognized, that is,
someone that is known, whereby another person who knows him or her can provide a human
element of authentication in situations where systems have been set up to allow.
CONTROL PANEL
CLASSIFICATION OF RECORDS
Business records are classified into four classes, as follows
1. Class I or Vital Records Record wherein reproduction of which does not have the same value as the
original; such as records needed to recover cash, to replace buildings equipment, raw equipment,
raw materials, finished products, and records needed to avoid delay in restoration of production,
sales and services.
2. Class II or Useful Records. These include records which loss might cause inconvenience but could
be readily replaced, and which would not in the meantime present an insurmountable obstacle to
the prompt restoration of the business operations.
3. Class III or Important Records. Operations and statistical records belong to this class as well as
those to maintain check on efficiency, operating costs, etc. Also included are negotiable
instruments, any kinds of contracts, customer credit files, sales records that are of little or no value
to the office.
4. Class IV or Non-Essential Records. They are the daily files, and routine in nature, so that even if lost
or destroyed, will not effect the operations and administration of the plants of firms. These are
records or documents which, if irretrievably lost or damaged, will not materially impair the
organization’s ability to conduct business.
CATEGORIES OF SECURITY SAFES

1. Class I or Records Safes. They are designed and built to protect important papers, cash, valuable,
and records from fire; hence, fire and records safes serve a specific purpose.
2. Class II or Money Safe. Commercial money safes designed for robbery, theft, and pilferage
protection. They are secured lockable boxes used for securing valuable objects against theft or
damage from fire.
3. Class III or Security Cabinets. The security cabinets are designed to meet specifications for
safeguarding classified materials. These cabinets are manufactured with welded steel box
construction for added strength and durability.
4. Class IV or Security Vaults. It is a heavily constructed fire and burglar-resistant container usually a
part of the building structure used to keep and protect cash. It is an architectural term for an arche
from used to provide a space with a ceiling or roof.
Class I Class II Class III Class IV
ADVANCEMENT OF ACCESS CONTROL

• As a new and evolving access control technologies continue to deliver improvements in the
performance, efficiency and cost effectiveness, the potential applications of these systems are
expanding far beyond their traditional deployment. In particular, networked and software-base
solutions have had significant impact on the growing role of access control systems in security , as
well as other areas.
• In the coming years, access control systems will no longer remain discrete and separate from other
data sources, including security and non-security systems. They will provide information in the form
of data that can contribute to the emerging model of predictive analysis.
• New adoptions take time and as access control technologies become more robust, and playing a
larger role in security operations, there will be long periods of time when existing and new solutions
must co-exist.
END