HID Global has conducted multiple surveys in the past few years exploring users’ perceptions about day-to-day experiences with their physical access control system (PACS). While HID’s 2020 State of Physical Access Control Report revealed the belief among more than half of respondents that their current system either met or exceeded their requirements, this figure is now only 41 percent.
During the two years between surveys, a global pandemic has significantly altered fundamental organizational practices beyond what we likely would have expected three years ago, and dealers and integrators have found themselves helping their clients through the resulting challenges.
On with the old, in with the new
One thing that has not changed is the staying power of traditional credentials and physical badges, even though they are unencrypted and much easier to duplicate than modern options such as Seos and MIFARE DESFire EV3 credentials. Almost a third of respondents said they are using 125 kHz low-frequency prox, and 35 percent use magnetic stripe technology. Not everyone is averse to newer technologies, though, as the survey showed. Thirty two percent of respondents said they were actively using mobile IDs, and 30 percent reported active use of fingerprint, facial or iris recognition technology. When asked if they plan to upgrade, or are in the process of upgrading, to biometric access control, 17 percent said yes, and 19 percent of respondents answered in the affirmative about mobile technology upgrades.
The ability of mobile technology to reduce or eliminate physical touchpoints during the pandemic was likely part of its appeal. But as the world reoriented its digital transformation to a touchless experience during the pandemic, this spawned new use cases that benefit from the safety, security, convenience, and efficiency of contact-free interactions with both the physical and digital worlds. This is not going away post-pandemic.
Plus, mobile access has become much easier to adopt with the move to trusted ecosystems of cloud-connected access control devices, applications and trusted mobile identities that are all in one place. This has enabled myriad new building services to be securely accessed through people’s mobile phones and other devices. Key mobile access trends include continued and growing need for touchless experiences, along with the ability to future-proof solutions and optimize flexibility through greater choice of credential technologies.
Another newer technology that may have grown in popularity during the pandemic is logical access. More than half (55 percent) of organizations are now using this secure computer/network login technology for access to cloud and web resources, likely because security and IT teams needed to ensure employees working from home could securely access the necessary systems remotely.
Biggest challenges
Improving user convenience was the most-cited challenge, with 43 percent of respondents saying they would like to make PACS administration easier.
There is also a clear demand for more integrated systems, with 27 percent of survey respondents citing “integrating with other enterprise systems” among their top three challenges. The transition away from proprietary technology to OSDP and other open platforms has enabled organizations to take advantage of connected devices that relay information to each other to determine automated actions.
Upgrades are also a major issue. According to the survey, today’s installers, integrators, consultants and vendors will have to balance multiple demands and departmental influences when working with end users to implement upgrades. C-suite leadership was cited most often as having final authority over these upgrades, and a majority of respondents also considered physical security, IT and information security, and facilities teams to have either final authority or make final recommendations on them.
The survey also surfaced how physical security and cyber/IT security departments are being called upon to work more closely when it comes to upgrades. Many of today’s IP-based physical security systems and devices are now directly attached to the organizational network, which has advantages but also leads to vulnerability concerns and challenges. Vendors can certainly ensure their systems have a certain degree of “built-in” protection, such as ISO 27001 compliance, but IT professionals still must ensure that no vulnerability in an access control reader or other PACS element attached to their network is a threat vector.
Respondents noted several other obstacles to upgrading access control, including cost. Among the respondents, 38 percent said this was their biggest obstacle to upgrading. Others cited a lack of compelling ROI or budget prioritization (15 percent). Regardless of obstacle, 38 percent said they are looking to update or upgrade some form of their access control system in 2022.
One big upgrade driver is the long-term convenience of replacing proprietary models with open, long-term standards and solutions. For example, 49 percent of respondents said they wanted the “ability to add or support new tech in the future.” Thirty three percent said they would require “integration with existing security platforms.” And 28 percent stated their desire for “open-standards’ based tech.”
Respondents were also interested in upgrading to new technology. Forty three percent singled out “touchless/contactless capabilities,” which may not be surprising given their benefits for implementing pandemic-related health and safety measures in the workplace and multi-occupant residential buildings. Forty one percent said they want the ability to utilize mobile in a new access control system, and this was echoed in a separate question about the single most impactful technology for improving PACS: one in five selected touchless (20 percent) or mobile access (18 percent).
Biggest pandemic impacts
Among the many changes wrought by the pandemic, the survey revealed how shifts in work patterns have impacted access control.
Organizations that have transitioned to a hybrid (remote and in-person) workplace model saw building occupancy monitoring become more important for maintaining efficiency and enabling C-suite leadership to make informed building-usage decisions.
Organizations are no longer satisfied with data that only tells them how many people are in a building or on-site; i.e., for safety and emergency-evacuation purposes. Occupancy data feedback increasingly must include real-time location systems (RTLS). Thirty nine percent of survey respondents said their organizations can measure both the number and location of employees and visitors on site. A much lower 21 percent said they are unable — or choose not — to monitor either. Thirty four percent of respondents said they only know the number of employees and visitors on site, but not their location.
Occupancy data is likely to grow in importance. Many businesses sought to streamline their operations and save money over the past two years, and those who had occupancy data could evaluate whether it was possible to reduce office space. Much of their office footprint was not — or only rarely — being used. Other organizations were making the transition to a hybrid work model and occupancy data enabled them to improve planning and make sure desk space was available when needed.
Survey respondents revealed that access control systems were the most popular method for monitoring this occupancy data. Forty two percent of respondents said they used these systems to understand employee occupancy, and 34 percent said they used them for visitor occupancy. The systems were also used for time and attendance — 24 percent of respondents said they used them for employees and 15 percent used them for visitors.
There were many unexpected pandemic outcomes, and the growing adoption of physical access control systems to monitor occupancy data is just one of them. The pandemic changed plans and expectations for access control systems dramatically, whether because of a new focus on hygiene and safety practices or the impact of millions of people switching to remote and hybrid work models.
Installers, integrators, consultants and vendors have had to help security, facilities and IT teams navigate a period of unprecedented change. Now, pandemic-related practices intended for pandemic risk-mitigation show signs of enduring — even amid signs of a return to “normality” — because they have also enhanced both security and convenience, improving building efficiency while creating a better workplace experience.