In the first part of this blog series, we have covered the important role of power reliability and final distribution in safety on university campus. In part two, I will discuss discuss another crucial element of safety at universities – access control and cybersecurity.
Access control is the means by which people are granted or denied access to restricted areas, such as residence halls, laboratories, parking or laundry. Colleges and universities are unique with respect to access control because the needs of the community vary widely depending on who needs to go where. There are day students, night students, athletes, faculty staff, and other personnel with dissimilar requirements for security and building access. Some people on campus require varying degrees of temporary access privileges, and others need permanent access.
With so many different needs, how does management begin to evaluate the many types of access control systems that are available? Furthermore, in a growing and changing campus environment, what is the best kind of access control to meet future needs?
A flexible form of access control uses smart cards with embedded microprocessors or mobile credentials on smart phones. Card access control at colleges and universities is commonplace today, and there are a variety of systems with different levels of sophistication.
There are many advantages to card access control. Students can be coded with access to specific areas depending on their academic major, seniority, class enrolment, team participation, or any number of factors. Individual privileges can expire on a given date if desired. Access can be granted or denied at any time based on the student’s status. Cards can also be used as debit cards for meal-plans and other university fee-based services. In areas where tighter security is required, management can install keypads, keypad/card combinations, or biometric devices that can scan fingerprints or handprints.
Video surveillance has evolved significantly in the last decade.
Old video systems needed banks of video tape for continuous recording and required manual administration to swap tapes periodically during the day. Record keeping was prone to errors and finding specific incidents on tape was time-consuming. Digital Video Recorders (DVRs) made significant advances in features and functions, taking advantage of fast computer processors and high-density storage media to digitize, compress and record video from analogy cameras. Newer cameras today have embedded processors that enable video to be compressed within the device and transmitted real-time over IP networks to Network Video Recorders (NVRs) that centrally manage video feeds from many IP cameras.
DVRs and NVRs have many advantages over older analogy recording technology. Streaming video can be continuously recorded and discarded in cycles of days, weeks, or months if no security incidents occur. If an incident does occur, disk indexing and timestamping make it simple to find video from a given date and time. In addition, because the video is digitized, it can be exported and distributed via email or backed up on DVD, or other digital media.
Encrypting the video is recommended for legal purposes. This will require a user to input the password when they try to view the file. A prompt will appear indicating it has not been tampered with. If the password is lost, the video cannot be played nor can it be recovered.
Integrated with access control, video verification, allows a user to see live video as well as the cardholder’s picture when a given access card is presented at a reader. The security staff can verify that the person presenting the badge is the actual cardholder. Another example of video verification effectiveness occurs in identifying individuals who are “tailgating,” or when one person swipes their badge and gains access to the facility and another person follows them in without presenting their badge. The integrated system allows organizations to visually identify, verify and capture security breaches at access points.
In both culture and technology, universities are one of the most open and outward facing sectors. This enables and eases collaboration between academics across borders and is likely a key component of their success. Unfortunately, this also eases the task of a cyber attacker. Phishing and Malware are the most common cyber threats to universities.
Many cybersecurity risks can be vastly reduced through awareness, and securing power monitoring and control systems, like digital video surveillance and access-cards mentioned before. However, the growth of cyber-attacks put security in universities in the first place of interest and keeping information safe is a growing concern.
Universities store and process vast amounts of data including personal information of students and staff, coursework and sensitive data from research studies, therefore IT solutions must protect critical data.
There are various cybersecurity features available nowadays to help universities avoid cyberattacks. Institutions tend to use Digitally signed and encrypted firmware. Such vendor firmware indicates genuineness of downloads, providing assurances that the content is as originally intended, from the identified source/vendor, for use in prescribed devices. In addition, students usually have Per-user security permissions and passwords. It limits system access to only authenticated users, in authorized role categories; supports user accountability allowing enough scope of access to support specific job functions. Finally, universities usually have Security logging in place. This enables them to track all login attempts (including successful or failed attempts), user actions within the system.
However, systems in place are not complete without a well-devised action plan. The same security management system previously discussed need to be used to act and utilize mass notifications to instantaneously alert students to stay away from at-risk areas or actions.
In conclusion, with the need to protect more people and data it is easy to understand why physical access control plays a vital role in the overall security of a building. Both physical and cybersecurity solutions must be in place to help deter workplace violence and prevent crime while safeguarding the occupants, assets and valuable business information. When access control is deployed in unison with cybersecurity solutions, it reinforces complete security for any business enterprise.
If you want to know more about how you can protect university buildings users and assets, visit our EcoStruxure Security Expert page, an integrated role-based physical access control and intrusion detection solution that unifies your building’s security infrastructure and management systems into an easy to manage, single platform that enables faster, more efficient, and potentially life-saving decision making.