As expected from authorities anticipating an increase in threats to the education sector, cyberattacks are continuing to wreak havoc on colleges and universities across the United States. As of the beginning of May, there had already been 27 confirmed ransomware attacks against U.S. institutions. These ransomware numbers only tell part of the story as data breaches, malware attacks, and more account for an even greater number of threats, not all of which are reported to the public as they occur.

The second quarter of 2023 has seen a flurry of cyberattacks strike higher education institutions, including West Virginia’s Bluefield University, Tennessee’s Chattanooga State Community College, and Georgia’s Mercer University, among others. Beyond the obvious consequences of ransom payments and leaked personal data, some of the most severe attacks in recent memory have culminated in the delay and cancelation of classes, as well as the closure of one college in Illinois entirely.

With attacks against higher education on the rise year-over-year, campuses have become one of the top targets for attempted data breaches, ransomware attacks, malware, and more. Feeling the effects of various financial and/or technological hurdles, most schools are not currently equipped with the security controls to adequately defend themselves from increasingly sophisticated cyber threats that continue to hamper the community.

This increase in cyberactivity should serve as a wake-up call for higher education institutions to reevaluate and enhance their cybersecurity postures. Here are some of the top considerations for higher education leaders seeking to plug the gaps in their cybersecurity strategy.

Securing Data

One of the recurring themes in attacks against higher education is the vulnerability of sensitive data. From student, staff, and faculty information to sensitive school records, there are countless data assets that, if breached, can be weaponized against institutions.

Data exfiltration, or unauthorized data transfer, is a leading threat to data security in higher education. To help prevent data loss, colleges and universities need to be able to monitor user and entity behavioral analytics (UEBA) and they need to be able to watch their network using a network detection and response (NDR) tool. This allows schools to detect, qualify, and remediate any anomalous activity at the individual level, as well as malicious or unauthorized attempts at exfiltration.

Managing Access

For colleges and universities, student information, research data, and assessment criteria are all critical to daily operations. However, it can be common for institutions to encounter unauthorized access to these types of crucial information due to a lack of IT resources and necessary safeguards. This can result in the loss of confidentiality, integrity, and availability of technological assets, among other things.

To better facilitate and manage user access to sensitive data, schools should implement an effective IT security strategy intentionally designed to protect critical assets. This strategy should include the compartmentalization of data and provide a least privileged approach to accessing that data. Utilizing a least privileged approach, users are only granted access to the data required for their specific roles. This helps to prioritize the protection of intellectual property that is so valuable to higher education institutions. In doing so, schools can better protect the privacy of their students and employees and their reputations.

Detecting Threats

Even with cybersecurity mechanisms in place, no security threat can be resolved if it falls undetected. Colleges and universities must be able to detect, alert and automate security response capabilities when threats arise. Institutions should consider adopting security orchestration, automation, and response (SOAR) tools to help standardize and scale their incident response.

By relying on SOAR, schools can automate workflows to accelerate various stages of the threat investigation and response processes. Given the severity of a particular threat, it can be escalated to key decision-makers for a manual response or remediated automatically (or semi-automatically) from a playbook of preselected actions. Ultimately, SOAR is intended to help security teams cut through the noise and allow them to prioritize and direct their attention toward the most pressing threats.

Protecting and Prospering

Given the attack patterns of the last two years, cyberattacks in higher education are not going away overnight. Colleges and universities continue to be targeted by malicious actors for a reason. As long as institutions remain underequipped to monitor and respond to cybersecurity threats, they will find themselves with a target on their back.

Regardless of an institution’s budgetary constraints, there are tried and true precautions that can be taken to better protect their campus. Implementing threat detection, stricter access controls, and stronger data security measures are all foundational components of an effective cybersecurity strategy. By solidifying that foundation, colleges and universities can do their part to avoid being next in the line of higher education victims.

Another version of this article originally appeared on our sister-site Campus Safety on August 14, 2023. It has since been updated for My TechDecisions’ audience.

Kevin Kirkwood is Deputy CISO for LogRhythm.

The post Spike in Cyberattacks Exposes Vulnerabilities in University Security Measures appeared first on My TechDecisions.

According to Microsoft, Temporary Access Pass (TAP) can also be used to set up Windows devices whether users are directly setting up their own devices or via Windows Autopilot, joining devices to Azure AD or setting up Windows Hello for Business.

Admins can configure TAP for organizations with the authentications methods policy, and the feature provides controls that can limit TAP assignments to specific users and groups, limit the user for a short period or set it for one-time use.

Once the authentication method is enabled by policy, a privileged authentication administrator or an authentication administrator can create a TAP for the user either by visiting the user’s authentication methods blade or accessing via an API, the company says in a blog.

Admins can also override existing TAPs in the event that a user forgets or loses their previously created TAP.

With a valid TAP, end users can use it to sign in and register security information, including passworldess phone sign in directly from Microsoft’s Authenticator App, to add a FIDO2 key from the My Security Info page, the company says

Users can also use it to set up Windows Hello for Business on Azure AD Joined and Hybrid Azure AD Joined machines.

“In scenarios where MFA is required, TAP can also be used as an additional factor,” Microsoft says in a Tech Community blog.

The general availability of TAP comes more than a year after the company announced its public preview.

The post Microsoft Releases Temporary Access Pass For Time-Limited Passcodes appeared first on My TechDecisions.

Rockwood Hands-Free Arm and Foot Pulls are easy-to-install, cost-effective options for hands-free door operation in new or pre-existing openings in places like entrances, corridors and restrooms, according to the company. They are made of stainless steel and can be installed on wood, metal or aluminum doors. The pulls also comply with ADA standards and regulations.

“Retrofitting existing spaces to help maximize employee and customer safety is on everyone’s mind as businesses and organizations start to develop their return to work plans,” says Cris Post, general manager of Rockwood Products, ASSA ABLOY Architectural Door Accessories.

“We’ve seen incredible demand to bring a high-quality, durable, cost-efficient solution to the market and we are rapidly deploying to customers across North America.”

Qualtrics, an experience management company, surveyed more than 2,000 Americans during the coronavirus pandemic regarding their comfortability with returning to work and the reopening of public spaces.

The study found the majority of Americans still don’t feel comfortable going to a restaurant (68%), going shopping (51%), or attending a sporting event (79%).

Additionally, 66% of Americans reported they would feel uncomfortable returning to work right now and 74% said they want their work facility regularly cleaned and disinfected when they do return.

Listen: My TechDecisions Podcast Episode 83: COVID-19’s Effect on the Cybersecurity Workforce

“ASSA ABLOY has always been committed to providing life safety and security solutions, and that’s become even more important in today’s environment,” says Doug Thompson, President, ASSA ABLOY Architectural Door Accessories and Glass Solutions.

“The Rockwood team dramatically accelerated our product development pipeline to deliver this solution quickly to customers, helping them prepare to re-open schools, offices, restaurants, stores, and other public areas safely.”

For more information on the products, visit assaabloydooraccessories/us.

This story premiered on our sister site, Campus Safety. 

The post Hands-Free Door Opening Solution from ASSA ABLOY appeared first on My TechDecisions.

In an era of growing security concerns, governments, corporations and property managers must elevate the importance of a trusted identity while balancing the demand for convenient and efficient access.

According to the International Card Manufacturers Association (ICMA)’s 2019 Global Market Statistics Report, access control card use has increased globally with the demand for increased security driving growth.

“Recently, there have been a number of large-scale data breaches,” said Kevin Freiburger, director of identity programs at Valid, who is an ICMA member. “That means data security is now a foremost concern for businesses across the globe and that is one of the driving forces behind the expansion of access control technology.”

The two primary types of access control are physical and logical. While physical access control limits access to buildings, rooms and spaces within a building, logical access control allows authorized and authenticated personnel access to resources, systems, directories, networks and files.

Combining physical and logical access control technology delivers a higher level of security, granting companies the ability to limit and monitor access to sensitive data and physical locations.

Access control is an essential part of commercial security systems—keeping buildings, designated areas and sensitive information secure and safe by controlling entry or restricting access.

With the wave or swipe of a card, authorized individuals can gain access to an entire facility, secured zone, networks or workstations, which may contain resources storing sensitive information about thousands or millions of people.

Technological advancements like the deployment of wireless technology are enhancing access control.

“Security is a top concern for both private and public entities; many industries are transitioning to smart cards,” said Martin Hoff, Entrust Datacard’s product marketing manager of hardware, who is an ICMA member.

“Smart cards are the most secure type of access card and are used most often in government, health care and financial sectors, while proximity cards are commonly used in higher education and enterprise.”

Access cards are tied to a person’s identity through a physical access control (PAC) system, which involves a two-step process that links a card to a person after the card has been printed. Some card personalization software systems can also connect to and update the PAC system after the card has been personalized.

“Access control technology begins with a trusted identity, which validates the person who is entitled to the benefits associated with a credential,” said Sebastian Tormos, Entrust Datacard’s director of vertical marketing, who is an ICMA member. First, a system identifies an individual.

Then, their credentials are authenticated via a badge, smart card, password, mobile device or biometric (i.e. fingerprints, facial recognition or iris pattern). Following authentication, access is granted.

Many access control systems rely on one form of authentication, but more recently companies are moving toward multifactor identification, a security enhancement that requires the user to present two pieces of evidence for access. For example, entering a PIN and swiping a card for access. Combining multiple features is important to the security of both physical and digital credentials.

Digital Identity is Key to Security

Although technology continues to evolve and advance, when it comes to a trusted identity, physical cards will continue to play a valued role in securely granting or restricting access—especially in the health care and government sectors.

The combination of a physical card with a digital identity is powerful and provides multi-layered security.

“Access cards are encoded with a unique decimal number, which is linked to a user’s record,” said Howard Albrow, HID Global’s NPI product line manager of PACS credentials, who is also an ICMA member.

“Typically, an access control card does not contain any personal identifiable information, but through the system, it can link to a data record that may hold personal identifiable information.”

The amount of personalization that occurs with access cards depends on what type of information and security is put on the card, such as encoding a smart card with unique data, certificates and/or credentials.

“If a card is lost, stolen or permissions need to be amended, an integrated card management system allows the administrator to easily turn off a card and then notify the other integrated systems to turn off physical access control as well as logical access,” Freiburger said.

“Today, most companies are using an integrated access control system, but if an older legacy system is in place it may lack the technology for integration with a newer system.”

3 Types of Access Control Cards

There are two categories of access control cards—nonsecure and secure—and both provide ways to monitor who is accessing resources or entering or exiting a building.

A proximity card is the most common type of access card for commercial and residential buildings; however it offers little security. Typically the size of a credit card, an access card usually lasts five to 10 years before it has to be replaced.

However, many factors affect the durability and lifespan of the card, such as the type of card substrate and personalization techniques used, how the card is stored and if the card is resistant to chemicals, abrasion, moisture and ultraviolet light. Although the three types of access control cards—proximity, magnetic stripe and smart—may look the same, the technologies driving them vary significantly.

Proximity (prox) cards, which use an older technology resulting in a low-security card, can be made of several different materials, as well as forms—cards, tags or fobs—but they all work in the same way: by being held in close proximity to a card reader.

The low-frequency 125kHz credential has an embedded antenna, which when in close proximity, such as a few inches to two feet—sends a signal from the card to the controller that grants or denies access.

Magnetic stripe cards work by swiping a magnetic stripe through a card reader like a credit card.

They are one of the oldest forms of access cards and offer minimal security because they can be copied very easily. Magnetic stripe cards typically work as a single application card and are primarily used in low-security settings like for guest entry to a hotel room or for casino player cards.

Many companies are moving away from magnetic stripe cards and replacing them with prox cards.

The most recent advancement in the access control card market segment—smart cards—were developed with the goal of being hard to duplicate. Smart cards are more reliable than magnetic stripe and prox cards, and with an increasing demand for security solutions, growth is significant.

Read Next: The Complete List of Access Control Options

The three types of smart cards—SEOS, MIFARE DESFire EV2, iCLASS SE—offer the most security, operating at 13.56Mhz (compared to a prox card that operates at 125kHz).

Smart cards contain an embedded integrated circuit and are capable of writing data, as well as reading it, which allows the cards to store more information than traditional prox cards.

Smart cards can also provide personal identification, authentication, data storage, application processing and can be combined with other card technologies for increased security.

Previously, smart cards were used primarily by the U.S. Department of Defense for logical access management and in higher education settings for student identification cards, but now there is widespread adoption in the electronic benefits transfer, health care and financial markets.

“Smart cards are the best fit for commercial and residential building access because they provide greater security with an encrypted credential that must be decrypted by a reader,” said Hoff. “It’s much easier to spoof proximity and magnetic stripe cards.”

Although prox cards aren’t as flexible as smart cards and don’t offer multifunctionality like the ability to load payment purses and applications onto the card—a prox card does allow the user to be contactless.

“There’s definitely an uptick in prox card use,” Freiburger said. “We are seeing more interoperability, which does make a prox card more viable. For example, they can be used in multiple systems for logical and physical access control systems.”

Access Control: Future Trends

Though access cards still play a powerful role in the access control technology market, some companies are turning toward smartphone Bluetooth-enabled and Near-field Communication (NFC) technology.

Both are wireless technologies that give individuals frictionless access through secured doors, elevators and turnstiles. The introduction of mobile credentials has the potential to revolutionize the access control industry, eliminating the need to carry and swipe a card. Instead, a phone’s technology can be used to authenticate identity and grant entry.

“There has been a tremendous uptick in the popularity of mobile credentials,” said Albrow.

“A mobile credential can be used via a smartphone to interact with an access control reader in the place of a physical card, which is more convenient, allows greater flexibility, improves privacy and can also lower the maintenance costs of credential management for end users.”

Although most Android devices have had full NFC support for close to a decade, Apple was more cautious about employing the technology, waiting to introduce NFC until it found a solid consumer use-case.

“It was difficult for widespread adoption to gain traction of NFC as a wireless communication method because a major player, Apple, didn’t support it, which automatically eliminated half of the market in the U.S.,” Freiburger said.

But in the last couple of years, Apple is starting to open that up. In 2014, with the release of Apple Pay to the iPhone 6 and 6+ models, NFC was adopted for the first time with functionality locked to Apple Pay.

“Access is not as open as it is with Android, but Apple is starting to partner with curated partners who are building software and solutions around NFC,” Freiburger said.

“As Apple continues to open up NFC, we’ll start seeing more movement of mobile credentials to phones using NFC as a ubiquitous, known standard.” NFC is already being used in higher education and some airlines are starting to use Apple Wallet for NFC applications in club lounges and for airport security.

In higher education settings, Transact Mobile Credential is being used for student ID cards in Apple Wallet. Students can add their ID to Wallet on iPhone and Apple Watch, which allows for a seamless experience across campus by providing access to campus buildings, as well as payment for dining and retail.

“There’s definite growth in mobile,” Freiburger added.

“When it is used properly with an application for access control technology, the security is incredible. Issuers want to meet their customers where they are and that is typically on a phone or on a cloud service.”

Biometric Security Advancements

One of the major advancements in access control is the propagation of biometrics, a category of authentication that relies on unique biological characteristics to verify a user’s identity.

“The systems used to be incredibly expensive, hard to deploy and difficult to maintain and update,” Freiburger said. “Now, the cost has come down considerably and there is widespread adoption of biometric access control systems across many new verticals. Adoption is highest in sensitive markets like national security, information technology and banking.”

Biometric identification is the only mode of authentication that can unequivocally validate a person’s identity.

It is on the rise with retinal eye scanners, fingerprint readers and facial recognition scanners becoming more common. In some cases, multiple methods of biometric identification are combined with the use of a card (or used in place of a card) for even greater security. Unlike prox cards, smart cards or keys, biometric security cannot be transferred. A person must be physically present to gain physical or logical access.

“The adoption of biometrics will be a continuum,” Freiburger said.

“Looking ahead to the next five or 10 years, growth will likely accelerate as the prices come down and biometric systems can be inexpensively deployed and upgraded.”

The post Biometrics: The Future of Access Control appeared first on My TechDecisions.

The Tech Decision

After the building’s owner and operating administrator experienced the benefits of ELAN control in a nearby shopping center, they called on local technology integration firm Domotic Design to conceptualize and install a comprehensive automation system of their own.

The original scope of the project was to use an automation system to reduce electricity consumption generated by lighting and HVAC, and lower the costs of building operation. Once Domotic Design began building out the design, they recommended the customer take advantage of the other sub-systems ELAN can automate and control, like audio, video, security, access control, intercom, motorized shades, and more.

The end-result satisfied the customer’s initial request, and provides tenants with one more reason to rent space at the EWoffices Business Center opposed to other Panama City shared workspaces.

The Solution

Domotic Design installed an ELAN gSC2 controller and ELAN g1 controller to anchor the entire building’s system, along with two ELAN gTP7 and gTP4 touch panels for one-touch audio and video control in central shared boardrooms. Remote access is enabled by the ELAN App, installed on the building owner and manager’s smartphone devices.

The building’s owner wanted to facilitate control of the lighting depending on the day and time, and based on the occupation of the offices. Domotic Design integrated 16 loads of Lutron RadioRA2 lighting in the common areas into the ELAN system to effectively manage when they powered on and off.

Since the occupying businesses and the building’s managers use the ELAN system for completely different reasons, Domotic Design configured the ELAN touch panels with custom pages that only allow tenants to control the audio and videoOther involved systems throughout the entire building, like lighting, HVAC, and security, are only accessible to the owners locally and remotely.

Domotic Design installed a Niles Auriel multi-room audio system, enabling occupying businesses to stream audio and video instantly whenever desired. As Auriel is based on the ELAN Control Platform, it was particularly easy to integrate. The system is divided into four independent zones, including the building’s reception area, the coffee lounge, and two board rooms — both of which have an integrated AppleTV and ELAN video matrix for presentations. Different businesses can play their own music in designated areas thanks to the multiple Auriel zones.

The Impact

ELAN automation significantly streamlines management of the building for the owner and the operating administrator. Since the EWoffice Business Center’s HVAC is entirely dependent on an adjacent cooling tower’s pumping system, the corresponding cold water pumps do not function 24 hours a day and thus need to be closely managed so as to not rev-up energy costs.

With ELAN, Domotic Design configured an automated HVAC system that turns on and off on a strict schedule without any action needed on the manager’s part. Every day at 7:00 AM, the system enters ‘Home Mode,’ which manages the complex HVAC system, as well as lighting and security. ‘Away Mode’ goes into full effect at 8:00 PM, which safely powers down all systems.

The ELAN system also has enormous benefits for tenants occupying the space.

The post Panama City EWOffice Business Center Automation Project appeared first on My TechDecisions.

Some forms of credentials are commonly part of an access control system. These can be cards, fobs, or even biometrics – handprint or fingerprint readers. These days a credential can even be your mobile device, where you present your phone and use a barcode to gain entry. Then there are the readers that receive the credentials and pass that information on.

There is technology around what you’re trying to gain access to. Locks, gates, turnstiles and so on. But also, in the case of a more advanced system, we could be trying to gain access to a piece of machinery or a logical system.

Then there are things that we don’t typically think of when discussing access control. Other kinds of inputs to tell the system how to behave. Request to exit buttons or bars to get out of a door. The connection between a fire alarm system and the access system to enable special door release during a fire event. These behind-the-scenes triggers are very much a part of access control.

Finally, all of this technology needs to be tied back to controllers, and those controllers need to be managed either through a piece of software or a cloud application or hosted cloud service. This ties the system together to control the system so it works the way you want.

The Many Layers of Access Control Systems

If we start at the basics, the way most people get introduced to access control systems is to be issued a card (or some other credential). Being able to present the card and go through a door at any time provides value and convenience. It also reduces the need for a locksmith to come and rekey a door when someone leaves.

As you move deeper into the building, access control can be used to restrict the movement of authorized users as well. It’s not just about keeping unknown people out. You might want the engineering department to only be accessible to engineers. You may wish for an IT closet to be off-limits to all but members of the IT team.

Then you can start to look at ways to further regulate access. Schedules for example – with an access system you can define which employees work which days, what time they’re allowed in, and you can restrict their movement. You can restrict the access of lower-level employees during emergencies. Say there is a snow emergency – an access control system can restrict employees from entering the building whether they’ve been informed it’s unsafe or not.

Related: MyTechDecisions Podcast with Steve White of Vector Security

Since you don’t need to worry about keys being shared and you have individual credentials for each employee, you can use the access control system for audit trails. You can run reports and see who accessed your facility over the weekend, or who was there at an unusual time of day. This can be extremely helpful after an incident when doing an investigation. It can also be helpful just to make sure people are coming and going as you expect, they aren’t sharing cards, etc. That’s impossible to do with a traditional keying system.

What if you have multiple facilities? Access control systems allow you to grant someone credentials that give them access to facilities across the country or across the world. This reduces the headache of individually granting access on a facility-by-facility basis. Similarly, if you have a temporary employee such as a contractor, consultant, auditor, or delivery driver, you can make them a temporary user. You can allow them access facilities at certain times on certain days and then schedule the credential to expire at a given time.

You can also integrate with other building systems. Tying access control to an HR system makes new employee acquisitions seamless. It also makes deactivation of terminated employees automatic as well. Instead of the manual data entry process you’re automating it and streamlining the process. You can also tie the same access control card into computer systems so that an employee gains access to his or her desktop using the same credential that gave them access to the building. The limit is really your imagination with how integrated access control systems can become.

Convincing Your Organization to Invest in Access Control

The key to justifying the purchase of access control technology is determining your scope. It sounds much simpler than it actually is. Every business is different. The systems that are available are very different. They range from one-time cost and maintenance systems to systems with annual licensing fees, maintenance agreements, and cloud components.

Most access control systems are designed with specific business needs in mind. They need to be able to be justified so key stakeholders can write a check. When each feature is tied to a specific need you can map readily to the department getting the benefit and build your business case around that.

The danger for many organizations comes with under-specification. Often organizations will decide they only need simple standalone system. Then, down the line as the organization grows, they decide they want more features. Card access that can tie into other systems, or more advanced entry control. However, the simplistic system they first installed doesn’t integrate, and so the company is left starting over from scratch. You need to keep your future growth potential in mind.

The perception of the security needs for a facility can vary. Just because you haven’t had an incident doesn’t mean you won’t. Access control is a way to improve overall security. While it’s difficult to build ROI around physical security, as it’s a subjective subject, you need to use your own risk assessments to convince stakeholders to invest. If your company manufactures narcotics you’ll need more security and the risk of an incident is far greater.

There is still hard-dollar ROI value in access control, however. Eliminating the need to change locks or create new keys ever again. Automation coming from the integration with building systems. Reduction in the time to check people in and out of a building. If you can eliminate or reduce the need for paid employees to carry out these processes then access control has a clear ROI.

You can also integrate access control systems with things like utilities. Take HVAC for example. An advanced system can understand to shut down systems in parts of the building that aren’t occupied. Meeting rooms can have the lights shut off until someone accesses the space. In these ways you’re cutting out costs as a direct result of your access control system.

Writing an Access Control RFP

Before you write an access control RFP, you need to figure out the complexity of your needs. Are your needs general enough that you need to lean on potential partners to choose the technology and build the system that will meet them? Are your needs so complex that you need to make those decisions beforehand and spell them out in the RFP?

You can build a functional specification and take it to RFP for what you want to accomplish, but you don’t want to have four or five option on the table that fit your needs if you’re trying to make sure your system is compatible with existing facilities or you’ve got a specific sense of what you want to accomplish. If you’ve built the specification you should have an idea of one or two platforms that you will accept. Restrict your RFP to those platforms. When you get to the more advanced systems you want to be sure who you’re dealing with.

However, if you just need to limit access on a set of gates to a single facility, you can be more general. It won’t be tying into other systems, it will be used on a single site, and by the time it breaks down you’ll want to start over anyway. This is when you can lean on the installer for advice and recommendations.

In any case, you want expert help from the beginning. Unless the person writing the RFP is an expert, you want to make sure you’ve engaged an expert to talk through your risk profile, understand best practices, and learn how you can apply technology in your space. There can be nuance and creativity in your access control system.

In any case, especially for new construction, you want to engage way in advance of an RFP. You’ll want consult your architects to ensure that you’re choosing the correct lock mechanism for the type of glass, wood, or metal doorways you’ll have. Keep in mind as well that you need to include needs for emergency situations. You can never impede a person’s ability to get out of the building. There are disabilities and regulations to consider. While anyone providing these services will be cognizant of that, it’s always a plus to include it in the RFP.

What you should expect is for potential partners to come back with their own needs. They may need to consult with the electrical contractor and fire systems contractor to ensure proper release. If everyone gets the project started without submitting to the fire department to show what they’re doing there will be problems. Make sure you dictate in the RFP exactly who will have master responsibility for tasks such as this.

Make sure to include the blueprints and schematics for your building. They’ll expect a complete set. They’ll need to know exactly what type of doors have been specified. Include which products you’ve decided you want, and where the provider has flexibility to recommend products. Include the types of products you want, and how much flexibility the provider has to recommend. If you want magnetic locks, say so. If you want a specific control software, say so. Let them know how many users you have, how many entrances you have, etc.

The conversations should occur with a consultant early in the planning process for large projects. In this case, include all of the information that you can about the doors, the way wires will be laid out, the way you want the system integrated into existing systems, etc. If the installer doesn’t have all the details they may bid based on worst case scenario and you’ll be paying too much. If they understand the scope, then they can ask for minor adjustments that will make their jobs easier and your budget smaller. For smaller projects, include as much information as you can.

Information provided by Steve White of Vector Security. Learn more about access control technology from Steve White’s interview on My TechDecisions Podcast.

The post The Ins and Outs of Purchasing and Installing Access Control Technology appeared first on My TechDecisions.