Electronic Physical Security Toolbox, Missoula Technology and Development Center MTDC Home

Contact
skip to main page contenttransparent spacer image Physical
Security Basics		 Threat &
Vulnerability
Assessment		 Facility
Planning		 Deterrents Alarm
Systems &
Sensors		 Video & Access
Control Systems
transparent spacer image decorative graphic
Physical Security Home
Video & Access Control Systems
Video for Alarm Assessment and Site Surveillance
Electronic and Mechanical Access Control
Electronically Coded Devices
Credential Devices (Key Cards)
Biometric Devices
System
Administration right arrow graphic right arrow graphic
Identification Badges

System Administration

Access control systems, including employee badges in all their forms, require diligent system administration. System administration requires being aware of all the features available in the system, even features you have no intention of using. Access control system features that are unused and unblocked often can be exploited by an attacker. Here are some system features to be aware of:

  • Enrollment. All entry-control systems must provide a means of entering, updating, and deleting information about authorized individuals. Usually this is accomplished with a dedicated enrollment station that is connected directly to the central-processing unit. When credential devices are used, all authorized users must be provided with an appropriate credential. A means should also be provided to unenroll a person quickly without having to retrieve the credential. Biometric devices require additional equipment for enrollment.

  • Entry control techniques. Some entry-control techniques require additional hardware. Others just require software, typically including a database. The database must be available to every portal that is affected. Techniques include:

    • Area zones
    • Time zones
    • Team zones
    • Anti-pass back
    • Anti-tailgate
    • Guard tour
    • Elevator control

  • Alarms. Several types of alarms can be used with an entry-control system. These alarms must produce alarms that can be seen and heard in the security center.

  • Entry denial. Most entry-control devices are configured to permit the user three attempts to enter. If more than three unsuccessful attempts are made within a specified period, the device generates an alarm. An alarm also is generated if an invalid (unenrolled or counterfeited) credential is used or if attempted entries violate specified area, time, or team zoning requirements.

  • Communication failure. This alarm is generated when the system detects a loss of communication between the central processor and local equipment.

  • Portal open. If a portal door remains open longer than a predefined time, an alarm is generated.

  • Duress. This alarm is generated when a special duress code is entered at a keypad.

  • Guard overdue. This alarm is generated when a security guard is overdue at a checkpoint during a predefined guard tour.

  • Software tampering. This type of alarm is generated when unauthorized persons attempt to invoke certain system commands or modify database files.

Top

Back | Next

Physical Security Toolbox Home

T&D Home