Printer Friendly

Members only.

MEMBERS ONLY

MANAGEMENT INFORMATION systems need proper protection from social deviants. The importance of controlling access to computer rooms cannot be overstated--infiltration from the outside can cause destruction and financial loss. Security managers can protect computer rooms by gaining a thorough understanding of the security components and systems today's technology offers.

Computer rooms and related spaces can be secured in many ways. A simple key-operated lock can keep out undesirables; however, such a device lacks the control available from state-of-the-art electronic access control systems. These systems offer the ability to invalidate a terminated employee's access card immediately and allow or disallow access during certain times of the day (thus creating time zones). Further, these systems increase security and flexibility by offering audit trails of who entered when and by which opening.

The first step a security manager should take in securing a computer facility is to define his or her needs carefully. The manager will need to define levels of security; define hours of operation; design time zone requirements; evaluate the need for an audit trail regarding access, egress, and alarms; decide on the need for remote reporting; evaluate the quantity of openings; and define access for personnel.

A complete equipment package cannot be chosen until the project is completely defined. Deciding on which manufacturers and products to specify can be a tedious task. Terminology between manufacturers can be very different for the same function. Security managers should use language that makes sense to them and explain all their needs in detail.

Security managers can choose from three basic categories of electronic access control systems: card-based, key-pad-based, and biometric. This article will concentrate on the card-based systems and those that use both cards and keypads.

In a card-based system that also uses a keypad, a user cannot grant another person access simply by sharing an access code. Further, if a lost card is found by an undesirable person, he or she cannot gain access without the use of the code number.

Several different card technologies are available. Each has its own unique properties, advantages, and disadvantages. Magnetic stripe cards use a strip of magnetized material containing embedded data. Magnetic core cards use a series of polarized magnetic dots in a barium ferrite core. Weigand cards rely on embedded, magnetized wire segments. Proximity cards send a signal to a specially designed receiver. Bar code cards use the familiar series of lines for identification. Infrared cards make use of invisible holes placed into the cards in a specific matrix that can be read by infrared readers.

ACCESS CONTROL READERS AND keypads, along with whatever part of the system compiles data, offer many different features. A good knowledge of the different capabilities can help a security manager choose the right equipment. The following are some of those features:

* ability to invalidate the card of a terminated user immediately

* time zones--limited access to the system on a card-by-card basis

* automatic relocking when door closes

* variable strike time (amount of time lock is open) and door-open time (amount of time the door is allowed open)

* two-wire communication in a multiple-door application

* availability of personal computer software

* alarm processing (ability to annunciate alarms)

* audit trail capability (printout of all activity)

* resistance to tampering and the weather

* clock and calendar backed up by an internal battery (so system does not lose the date and time if power goes down)

* card-assignable antipassback (prevents successive use of one card to pass through an access point)

* special-purpose user cards (such as for a one-time use or to diagnose the system)

In addition to knowing something about the equipment, the security manager should know something about the distributor that represents the product. For example, if 24-hour service is desired, the security manager should ask whether the distributor can provide such support. Furthermore, have the distributor's employees been trained by the manufacturer? Do they inventory spare parts? Are the employees professional and dependable? If not, the security manager should find another supplier. It is also good to ask for references and check them out.

The manufacturer is the one that ultimately has to come through in the event of a bug. Has the manufacturer made a full commitment to support the product? Does it provide a training program for distributors and, if necessary, end users? If the distributor cannot support a system, can the manufacturer take over? Are any other distributors located in the immediate area? Does the manufacturer offer a continued support program?

CONSIDERATION MUST ALSO BE given to the actual mechanical door hardware. What good is a high-end, supersophisticated, electronic, computer-based access control system if the door can be compromised simply by sliding a credit card between the door and the frame to pry back the latchbolt?

In selecting an electric locking device, the primary options are electric locksets, electric strikes, electromagnetic locks, and electrified exit devices. Electric locksets are basically standard locks with the addition of a solenoid to engage or disengage the locking dog within the lock. Several types of locks can be modified for electrical operation: cylindrical locks, which require a round hole in the face and edge of the door; unit locks, which require a notch in the door; and mortise locks, which require a pocket to be cut in the edge of the door. Generally these locks have a storeroom function, in which the outside knob is always locked and fixed in place. Access can be gained by applying the correct voltage to the solenoid or by using the key in the outside knob. For a computer room this keyhole can be blank or blanked off if a key override feature is not desired.

Electric strikes installed in the door frame act as the receiving strike for a latchbolt. Some electric strikes are available for deadlocks. An electric strike is activated by applying voltage to a solenoid. The solenoid is connected to a locking dog. Electric strikes come in several different grades and are priced accordingly. Different strikes are designed for wood, aluminum, steel, or hollow metal doors. Strikes are available with integral monitoring switches and can be fail-safe (unlocking on power failure) or fail-secure (remaining locked during power failure).

Electromagnetic locks feature the latest in modern design. An electromagnetic lock is bolted to the door frame usually at the top of the opening. A special plate called an armature is bolted to the door. When voltage is applied to the device's inputs, the magnet is magnetically bonded to the armature. This bonding can resist 1,200 pounds of force or more and is sufficient to secure most openings. The units are relatively easy to install and simple to operate. As long as the armature is properly lined up, not much can go wrong. The disadvantage is that magnetic locks are always fail-safe; in the event of a power failure, they leave the opening unsecured. This problem can be overcome with a battery power supply or UPS (uninterruptible power supply).

Electrified exit devices are another option. These devices look like normal exit devices since their electrical works are concealed inside. They offer electric latch retraction and electric unlocking of their thumb pieces.

With all the locking devices described, the opening cannot be made secure unless the door automatically closes behind the people who pass through it. A door closer must always be used.

Getting the electrical power to the lock can be a problem with door-mounted electric locks, electric exit devices, and electric strikes when used in the inactive leaf of a pair of doors. Several products are available to solve that difficulty: electric power transfers (mounted in the door edge), electric hinges, door loops, and edge contacts. Electric power transfers and electric hinges are invisible to the eye when the door is closed, and they offer the highest security. However, these devices, being more difficult to install, are usually used only when the system is being installed as new construction or a renovation.

Several other auxiliary products are necessary to complete the installation. A request-to-exit (REX) switch is used to tell the access control unit that a valid egress is about to be made. The locking device is then unlocked and valid egress is made possible. A door position switch is used to tell the access control unit that the door is open. Under normal operation, because of this switch, closing of the door after valid access or egress should relock the locking device. This switch also triggers alarms that indicate "door forced open" or "door open too long."

Many confusing products and unusual features are available in current access control systems. The chart on the next page contains a security survey that assists a buyer in selecting an access control system for a computer facility.

It is important to remember that, as with any system, cheaper is not always better. So security managers must carefully evaluate each portion of a project, comparing apples to apples, and purchase only what they require. If in doubt, they should hire a consultant to survey the site, evaluate available products, and recommend a plan of action.

About the Author . . . Richard Pritzker, AHC (Architectural Hardware Consultant), is vice president in charge of marketing for Smart Access Incorporated in Maitland, FL. He has more than 14 years' experience in the door hardware and electronic hardware industry.
COPYRIGHT 1989 American Society for Industrial Security
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 1989 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:special section - Computer-Information Security: Getting the Protection You Need; controlling access to computer rooms
Author:Pritzker, Richard
Publication:Security Management
Date:Mar 1, 1989
Words:1547
Previous Article:Hardening the hardware.
Next Article:Cloak and data.
Topics:


Related Articles
The perils of personal computers.
The intelligent threat.
Keeping computers safe.
Using smart cards - a smart move.
Security, heal thyself.
Computer Security in the Age of the Internet.
Cybercrime: finding security in Cyberspace; steps for pour business to take to avoid being a target for high-tech criminals.
How can process plants improve safety? Plants that handle hazardous materials need to implement better security despite the lack of guidance from...
Protecting records--what the standards tell us: key standards have been developed that aid in determining the best methods, rationale, environment,...

Terms of use | Copyright © 2016 Farlex, Inc. | Feedback | For webmasters