The typical K-12 school system has the same basic security requirements as any modern university campus: centralized management and control of security systems and procedures, and strategies to avoid threats while protecting previous investments. In both cases, the latest Open-Architecture Physical Access Control System (PACS) solutions offer an infrastructure that is flexible, scalable and easily upgraded to enhance security and add capabilities without changing hardware.
Creating a future-safe foundation
A future-secure PACS infrastructure works with any access control software and add-on solutions ranging from parking gates to additional IT security. It requires a highly flexible and non-proprietary open-architecture framework with modern security protocols, technology interoperability, and open application programming interfaces (APIs) that enable hardware to integrate into any access control system software or security application.
Such an infrastructure ensures scalable, flexible and unified PACS and security management with a more streamlined operation workflow. Instead of monitoring various access controls, video surveillance, intrusion alarms and other programs, security personnel have centralized commands and controls. They can streamline daily activities and reporting and easily add or remove cardholders, adjust access fields and create access schedules and audit logs to investigate incidents. Non-refundable cards can be closed. Lockdown and emergency exit areas can be defined and activated instantly. It is also easier and less time consuming to train new security personnel in this integrated environment, which, from a cyber security standpoint, also makes firmware updates less intrusive.
The path to this infrastructure often begins with the need for a single upgrade, such as adding a 4K security camera or replacing a physical badge with a mobile certificate used with a smartphone. Wherever the journey begins, the course offered at the K12 level is as remarkable as the most technologically advanced university.
The previous one
Before campus administrators can consider improved security and other capabilities, they must first tighten their existing infrastructure. This requires the ability to assess vulnerabilities and prioritize needs and plan a smooth transition to a more secure and adaptable PACS.
There was a time when campus security began and ended with doors, locks and keys. But even after they replace the key with a PACS and ID card, not every campus is ahead for security threats. Many still use the low-frequency 125 kHz-based communication card technology invented decades ago. This proximity – also known as proxies – transmits an encrypted RFID signal to the card only to a reader. All it takes is $ 30 cloning devices or as many copies of a stolen card for people to go to a key-making kiosk in a grocery store. The technology should have been replaced much earlier when more secure high-frequency card technology was introduced.
Although the process of tightening security at a university with many different systems may be more complicated than a closed K12 environment, each campus benefits from this future-secure PACS foundation. Budgets often come in phases, and this infrastructure supports incremental additions that can be implemented across an extended timeline without the need for hardware changes.
Three basic building blocks
The three PACS building blocks are the certificate (card and mobile), the reader and the panel. Each future must be secure so that administrators can deal with growing threats and add power if necessary.
Certificate offers should support multiple form factors and communication protocols. All high-frequency certificate choices should be based on peer-reviewed global standards and offer the necessary security features, such as secure messaging, and provide a smooth transition from weak legacy technology to modern and secure alternatives. The most secure options apply AES128 encryption, a secure channel to protect card data from man-in-the-middle attacks, and a random unique identifier (UID) to protect user privacy. Some alternatives go further to protect the identity data of a certificate through key variations, authentication signatures and encryption, and enable mobile and wearable form factors.