In focus: web-based access control

In our previous article on 5 security technology trends to watch, we mentioned web-based access control as a major trend to pay attention to. Many security professionals have heard about this new trend in access control technology, as it is increasingly popular in organizations throughout the world.


However, web-based security systems were not all created equal and there is significant variation among different types of web-based access control, a fact which security professionals may not be fully aware of.


Equally unclear is which organizations will benefit most from this technology, and what kinds of organizations are NOT suited to web-based access control systems currently available?


In this post we will examine the characteristics of web-based access control, the various types, the benefits, current concerns about the technology and whether it is right for your organization.


Read on to find out more!


An overview

First of all, what is web-based access control? Put simply, web-based access control systems connect all security devices via an internet connection and allow users to manage the system using a web-based interface. This eliminates the complex software installations on an onsite server necessary for a traditional, “client-based” access control system.


What is more, because there is no need to install complex server equipment on site, implementing web-based access control solutions is significantly more straightforward.


This means that all web-based access control solutions share several immediate benefits compared with traditional client-based systems:

  • Significant initial costs for servers and related infrastructure spending are eliminated
  • Installing web-based systems takes less time and is easier to scale to include further sites
  • Browser-based software is upgraded automatically by the vendor so end users don’t need to worry about updates
  • Systems are less complex to maintain on the front end, so end users require less intensive systems training to manage web-based systems effectively

Type 1: For single or temporary sites

This is the simplest variation of web-based access control solution and is most suited for single sites with a low number of access control doors.


This type of solution makes electronic access control accessible to small sites without incurring significant capital investment and typical solutions on the market today offer support for up to 30 doors and 5000 user credentials.


One-off sporting and music event venues may also make effective temporary use of this kind of system.

Type 2: For larger high security sites

Even though this solution also uses the internet to connect the system, all system data is kept on one of the client's sites on a dedicated onsite server.


This solution is ideal for larger organizations with strict security standards for data storage, as it allows data from multiple sites to connect to a single server while allowing users to manage all data onsite.


Typical solutions on the market allow users to manage 1000 doors through their web browser and can add up to 500 000 users per control panel.

Type 3: Data hosted on the "Cloud"

In the last type of web-based access control system, all data is hosted externally on dispersed data centers provided by the solution vendor. This eliminates major geographical constraints on expanding companies' security systems and provides users with comprehensive data redundancy measures.


What is more, this type of solution allows multiple users to share the same data management infrastructures in the same way as an electric power utility, which allows end users to share costs and simply pay according to how much they use the vendor's facilities, which brings considerable cost saving opportunities.

Potential disadvantages

While web-based access control systems often represent a superior value-proposition to traditional systems, there are several potential disadvantages to bear in mind. First, all web-based solutions are too dependent on network stability. This means that systems in certain geographic locations may share the same vulnerabilities as the regional network infrastructure that they are required to use. Data security is also a major issue for web-based access control, even for users that manage security system data onsite. It is therefore essential that users take precautions such as implementing firewalls, VPNs and other measures to protect their web-based systems.


What is more, many internet-based access control solutions on the market today still need to expand their integration capabilities with other systems such as building management, fire security and mapping systems before they can become a viable addition to a company's facility management systems.


Lastly, while not strictly a disadvantage, many companies may find that strict global corporate security standards will limit their scope for deploying relatively new technologies like internet-based access control systems, though this will no doubt change as the technology becomes more established and widely adopted.

So is internet-based access control the same as "cloud-based" security?

Many security professionals will no doubt be aware of another security technology buzzword: "cloud-based security", or "security as a service (SaaS)". While it is true that cloud-based security solutions are all IP-based, it is important not to assume that internet-based access control solutions are all cloud-based, as some solutions simply sell internet-based hardware, including dedicated server devices that specifically towards the individual client. On the other hand, true cloud-based security solutions make their data management infrastructures available as a continuous service and host their data on an indeterminate number of servers shared by multiple users. We will explore the range of cloud-based security services currently available in a future article.

Bottom line

Organizations with seeking security for individual sites or for multiple small scale sites should give serious consideration to internet-based access control systems if they are not limited by global corporate security equipment standards. Typical users that might benefit include companies with small retail sites or logistics dropping centers, small sites with service desks, organizations using premises under a short lease agreement or organizations using temporary performance venues.


The type of internet-based access-control system chosen by any company will depend largely on their geographic footprint, daily system traffic and the sensitivity of their security information but even among the systems currently available, the are options that cater to a variety of requirement levels. To make the best use of these sytems, security users will have to work carefully with their systems integrator to craft the solutions that matches their business requirements correctly.


To learn more about which of the solutions mentioned in this article is right for your security needs, please feel free to get in touch with our security experts at any of our local offices

For more tips on security, follow ICD on our LinkedIn Company Page.