- Proprietary vs. Interoperable Alternatives
- Benefits of an Open Option
- Degrees of Device Compatibility
- Solutions Stay Secure
- Evaluate Campus Credentials
- Conduct Hardware Assessment
- Looking Ahead
Jul 31, 2022Ed. Note: This article was previously posted at Security Sales & Integration.
With the rise of mobile credentials, new campus technology and the ever-present supply chain challenges, selecting an open, interoperable access control solution is becoming increasingly important for campuses across the nation. Today, integrators have the unique opportunity to play a critical role in assisting higher education and security directors in their selection and design of a campus' access ecosystem. This ultimately helps the campus play a more active role in their technology choices, resulting in a better experience for students, staff and the administration. Here is an easy guide to follow when working with campus clients to ensure a smooth process.
Proprietary vs. Interoperable Alternatives
Jeff Koziol
Before diving head-first into solutions, it's worth pausing to understand the difference between a proprietary and interoperable solution. A proprietary solution limits a customer's freedom of choice as it locks them into leveraging technologies from a single manufacturer. In this scenario, the proprietary solution creates leverage and control for the manufacturer. While proprietary solutions have long existed in the industry, the landscape is evolving to favor open, interoperable solutions.
On the contrary, an interoperable solution enables various technology systems to communicate and exchange and interpret information. A fully interoperable solution works across multiple manufacturers' product lines as the technology is built on an industry standard, which enables more platforms to work with it seamlessly. For example, with campus cards, interoperability permits the credential to work with existing or different software, hardware and applications across campus.
Benefits of an Open Option
There are numerous benefits to designing an access control solution that is open and interoperable. Among those, freedom of choice, seamless experience, cost and availability top the list. As mentioned above, if a campus chooses to implement a proprietary system, they are locked into the downstream devices and technology that the single manufacturer supports. However, the interoperable solution puts the power into the hands of the campus, as they are not tied to working with a single manufacturer or the companies affiliated with it.
Building an access-control system using open technologies increases the possibilities for creating a modern seamless access experience for the residents, staff and faculty. (Image courtesy of Allegion)
Each campus has a unique set of needs and circum-stances. Having the freedom to build an ecosystem that aligns best to those creates a better overall experience. Building the system using open technologies increases the possibilities for creating a modern seamless access experience for the residents, staff and faculty. The more touchpoints in a student's routine that can be accessed with the same credential, the better. Creating such an experience requires integrations of various devices. And the ability to construct the ideal solution becomes easier if the campus has limitless options offered by a variety of manufacturers.
Long-term financial dependence should be a consideration when selecting an access control solution. As the system grows and evolves, so does the number of integrations. Open, interoperable systems reduce the leverage a manufacturer has to dictate costs. Lastly, in times when the supply chain is strained, implementing an open system frees the campus up for incorporating technologies and devices across multiple manufacturers and distributors. Because of this freedom, they will be able to better buffer and withstand availability and delivery setbacks.
Degrees of Device Compatibility
A lot of technologies out there today are said to be interoperable. With that said, there are varying degrees of propriety. Consider whether or not cards and credentials can be sourced from one manufacturer or multiple manufacturers. Even if these credentials can be sourced by multiple distributors, that doesn't necessarily mean they can be sourced by multiple manufacturers. A single manufacturer controls pricing, capacity and deliverability. Sourcing technology that works with multiple manufacturers gives the campus freedom and leverage.
Another thing to consider when assessing interoperability is the number of technology partners using the specified or desired technology. Does it integrate with just a few partners, hundreds or thousands? These are the downstream devices that an integrator will have at their disposal when building the broader ecosystem.
Read the fine print. Integrators should carefully evaluate statements indicating interoperability so they fully understand the campus card options. A credential is not interoperable if it only works within one manufacturer's reader and locks portfolio. A fully interoperable solution works across multiple manufacturers' product lines.
Solutions Stay Secure
At the core of any access control system lies security. Regardless of convenience, or number of potential integrations, keeping people and places safe and secure is the foundation. An open system does not mean it lacks security or that it is less safe than a proprietary solution. Rather quite the contrary. While the data structure and key diversification methodologies are widely known, the data and secure information remain protected using he same encryption methods as a closed solution.
Upgrading to a smart or mobile solution that's encrypted is the best defense against stolen information. Mobile is the credential of choice because students are far less likely to loan someone their phone versus their campus ID card. (Image courtesy of Allegion)
For example, when using DESFire technologies with an open solution, manufacturers can develop a custom encrypted key that is utilized in a campus' credentials, readers and intelligent locks. These campus-owned credentials are secure and the information is proprietary to that specific institution. The campus has complete control over its custom key. When transactions occur between the credential and reader they are protected by a high level of encryption, just like a closed solution.
Of course, when the university wants to integrate with another manufacturer, it can leverage the open solution by utilizing other applications and files on the credential. This keeps their custom key secure, while still gaining interoperability.
Evaluate Campus Credentials
Many campuses are still using the legacy campus card technology they invested in years ago. As technology and user behavior evolve, so too should the campus credentials. First things first—ensure the credential is secure. Smart card technology offers advanced security. Upgrading to smart credentials can improve the control a university has over its campus card platform. Types of credentials include. mag stripe (coded magnetic stripe, no encryption), proximity (frequency: 125 kHz, no encryption), smart (frequency: 13.56 MHz, encrypted), mobile Bluetooth Low Energy (BLE, 2.4 GHz, encrypted) and mobile Near Field Communication (NFC, 13.56 MHz, encrypted).
Upgrading to a smart or mobile solution that's encrypted is the best defense against stolen information. Mobile is the credential of choice because students are far less likely to loan someone their phone versus their campus ID card. Secondly, consider the flexibility of the credential. What's the proprietary nature of the credential technology? Is it open and able to support new technological advancements in access control?
Open, interoperable solutions are built on an industry standard, like NXP, and the technology is widely known and supported, enabling credential platforms to seamlessly work with more applications across campus. Whereas with the closed and proprietary solutions, the technology isn't widely shared and therefore not supported by as many applications. These options limit the choice of vendors and technologies a campus has.
If the current campus cards can easily be duplicated and lack the flexibility to evolve with the campus' needs, the campus must reevaluate its credential technology. When reevaluating new credential technologies, encourage the campus to consider how mobile credentials would impact the overall experience for its students, faculty and staff.
Conduct Hardware Assessment
All sizes of colleges and universities can benefit from a routine security assessment. It can be helpful when preparing to explore an open and interoperable access control system as it will help the team make better, more informed decisions.
Step one is to bring together all the stakeholders. This group might include facilities teams, card office personnel, security directors and IT departments. Bringing everyone together from the beginning will save time and money in the long run and result in a more comprehensive plan. Stakeholders will vary from school to school.
Step two is to audit the current state of the campus. What type of campus IDs and readers are in use today? Start by listing everything that interacts with the campus ID and physical access control system during your audit. This will help paint a clear picture of your current state. While conducting this audit, be sure to note whether or not the technology is open or closed. This will be particularly helpful information as you look to augment and future proof your ecosystem.
Step three is a discovery discussion about the campus' future state and how to get there. Once the group understands what exists today, they can identify hardware and technology that needs to be implemented to get to your future state. Take note of which things need to be adopted all at once or can be transitioned over time.
Looking Ahead
The technology a campus chooses today can directly impact what it's able to do in the future. The flexibility of an interoperable access control solution helps colleges future-proof their ecosystem so that updates are simpler and less costly to adopt down the road. It's advantageous to select an open solution today that's more likely to work with new technological advancements in access control—especially with the rate at which technology is advancing and the promising future of mobile credentials deployed at campuses.
To help a college or university future-proof their choices, encourage them to answer the following questions: Does this solution work with mobile credentials today, or is there a clear path to mobile down the road? Does it work across multiple manufacturers and vendors? Will my campus have control over future credential decisions, like adopting new technology or working with vendors of our choice?
As integrators continue to assist campuses with upgrading to an open and interoperable system, it's important to keep the big picture in sight. Designing an ecosystem of hardware, credentials and software that will deliver the most value to the university—today and in the future—is the way to go.
Jeff Koziol is the business development manager of PACS Partners at Allegion.
