Running a business involves keeping its physical and digital property safe while ensuring easy access. Both offline and online, thieves are becoming smarter. Protecting your business with secure access control helps to protect your business’ premises and data.
Here at OLS, we know that not everyone is an access control expert. Trying to understand digital jargon can be an unwanted burden for business owners. So, we’ve made a solution.
Our jargon-free guide to access control explains what these complex terms mean and how they are important to your business’s security.
Access Control
Access control refers to the process of allowing or denying admission to something. These could be physical or digital barriers that require a key, code, or other identifier to grant access to somewhere.
Example: A locked door to an office is a form of access control, which denies access to the files and computers within the room to those who don’t have the right key. Thankfully, our access control solutions are much more advanced than a basic lock and key!
Learn more about access control in our knowledge base article:
What is cloud-based access control?
Cloud-based
Instead of keeping sensitive information on your device or on paper, you can store it in the cloud. The cloud lets you access this data from any location, at any time, and on any device.
When something is cloud-based, a remote server stores it instead of one device or system. Using the cloud to store your data helps protect it. If a device is lost or damaged, your information remains safe and accessible.
Example: You can access your email on both your computer and phone. If you log in on another device, you can still view your emails from wherever you are.
Serverless
Serverless means that the cloud stores the system managing your access control, as explained above. Instead of a server in your building that needs looking after, serverless access control keeps your data safe somewhere else.
A serverless system is beneficial as there’s no maintenance required, it is a secure platform that is consistently updated, and it is accessible from anywhere at any time.
Example: A fingerprint scanner reads your fingerprint to identify you. It then sends a request to the cloud server via an API (more on these later!) to verify if you are allowed entry. If you are authorised, it grants you access.
Credentials
Credentials are the unique bits of data that tell a system who you are. Your name, job title, picture, and more can be used to build a personal digital profile. Your credentials are unique to you, and various elements can be used to determine what areas of your business’s premises and digital assets you can access.
Your fingerprint, passcode, key fob, and other credentials can be linked to your profile. When an access control system meets a set of credentials at a doorway or login page, it matches them to a profile to identify the person requesting access. Then, based on the access level assigned to that profile, the system will either grant or deny access.
Example: When you enter an office building for a meeting, you might be asked by receptionist to provide a visitor pass or ID. Here, the receptionist acts as access control, verifying the credentials against their system to make sure you are who you say you are.
Integration / APIs
Integration is how something works alongside or within something else. For access control, you can add facial recognition to a turnstile to provide an extra level of security and ease of use. Integration often works by ‘adding in’ to a preexisting system to improve it.
To make upgrading your access control system as simple as possible, OLS offer our own bespoke integration platform, OLS Connect. This integration platform has been created in collaboration with trusted partners to connect areas of a business’s access control into single, easy-to-use platform.
Imagine you have one computer program that tracks who is at work, and another that controls who can open the building doors. OLS Connect can join these together, so both programs work like one team. Now, you don’t have to buy new programs, your old ones just work better together.
API stands for application programming interface, which works as a communicator between two systems. Integrations often use APIs to help two systems exchange information. APIs take a request from one system, take it to the other, then retrieves the answer and return it to the first system so the action can be completed.
Example: When ordering at a restaurant, you tell your waiter, who then tells the kitchen, and brings back your meal. In this instance, the waiter is the API communicating and retrieving the request between the two systems.
Multi-factor authentication (MFA)
You may have heard of the term ‘two-factor authentication’, which simply means two levels of authentication. When you try to log into an account, and the page requests your mother’s maiden name to verify your identity, this is two-factor authentication. Multi-factor authentication works the same way. Needing more than one way to prove who you are before you get access.
Multi-factor authentication helps to add another layer of protection to your business’s data. In the event your password is leaked, an MFA stops an authorised user from gaining access.
Example: Many banking apps offer multi-factor authentication by using your phone’s fingerprint scanner alongside your personal password to ensure only you can access your finances.
End-to-end encryption
Encryption is the process of scrambling information or data so it can only be read by the intended recipient. It’s like creating coded messages; only the person with the correct key can read the message.
In the context of access control, encryption plays a crucial role in protecting personal data. End-to-end encryption ensures that the data remains secure and cannot be tampered with. If someone who isn’t the recipient attempts to access it, the encryption makes the data scrambled and unreadable.
Example: When you lock a box and send it to someone who has the key, no one else can open it while it is being shipped. Only the person with the key can access what’s inside when they receive it. In this example, the box represents the encryption, and the key is the recipient’s device.
Role-based access control (RBAC)
Access control refers to the rules placed on who can view or interact with certain information and resources within a system. In this context, it means that the level of access you have is based on the specific role that has been assigned to you. This role is defined by your profile and your credentials.
By controlling access based on roles, companies can better manage security. RBACs ensure only authorised personnel have access to certain areas of data and premises.
Example: Only the surgeon is allowed to enter the operating theatre; the receptionist has no responsibilities in this area of the hospital and isn’t allowed to go in.
Mobile credentials
Your phone functions as a digital key, working like a fob or access card, allowing you to unlock various access points, such as doors or secure areas. This versatility means you can use your smartphone to gain entry without needing multiple physical keys.
Additionally, the system enables remote management of access, meaning you can easily grant or revoke permissions for others. This enhances convenience and security, making it easier to monitor and control who has access to specific areas.
Example: Your phone might let you into your office building and your gym. If you cancel your gym membership, your gym can revoke access instantly, without you needing to return a fob or key.
Remote management
Remote management is the ability to control and monitor systems, devices, or operations from anywhere. It allows users to manage access control, oversee real-time data, and respond to issues without being physically present. This makes remote management especially useful in IT, security, and facility management. Remote management also improves convenience and security by simplifying everything into a single system.
Example: If a staff member needs to access a building after hours, the manager can grant access remotely without having to travel to the site.
Multi-site management
For businesses with multiple premises, being able to know who is where and when is vital to operations. Multi-site management in access control is the control of different physical sites’ permissions from one system. Instead of using a different system for each location, multi-site management combines these controls in one place. This way, you can easily and efficiently apply a user’s permissions across all sites in one click.
Example: You have a membership to a gym with multiple sites. When you enter one of these gyms, the multi-site management system identifies your profile, recognises your membership as applicable to all gym locations, and grants you access.
Want to learn more about access control? Speak to a member of our team.
