asmag.com: COVID-19 Triggers New Access Control and Identity Management Needs

August 18, 2020

On August 17, 2020, asmag.com’s William Pao discussed how Covid-19 has triggered new needs in the space of access control and identity management. Here's the article: The covid-19 pandemic has forced end users to rethink how access control should be implemented. Technologies from facial recognition to mobile credentials are increasingly considered to prevent the spread of the disease. However, ensuring security and identity management when using these technologies cannot be ignored, either. Post-pandemic access control trends One of the major access control trends in the post-pandemic era is contactless solutions, which prevent the act of touching which has been cited as an avenue for covid-19 transmission. Among the technologies being considered are facial recognition and mobile credentials. In particular, mobile credentials, whereby the user’s credentials are stored on their mobile devices, have received more inquiries as the technology offers both frictionless entry as well as convenience. “Multiple different solutions are using mobile credentials via Bluetooth or NFC. The delivery of these technologies can be based on methods such as a QR code and unique PIN or through a device management utility,” said David Helbock, Senior Sales Engineer at Identiv. “The phones, apps and device management tools use a variety of containers on the devices that can store token information that’s used as a mobile authenticator when the phone is near a device and requesting access.” Further, with covid-19’s devastating impact on the economy, businesses looking to deploy access control may be less willing to commit themselves to a huge initial capital expenditure. In this regard, cloud-based access control as a service becomes a more ideal alternative. “If the end user is managing a system for multiple convenience stores and needs an operational overview of the access, intrusion, and video status, then you would consider a centrally managed cloud offering, basically building a ‘one stop shop,’” Helbock said. “Benefits for the end user is a severe discount with upfront costs when you decide to opt for a cloud service. The headend is operational and there’s no need to procure servers, workstations, additional licenses, and other costs associated with building a new system.” Security and identity management Yet making sure that security devices and solutions are secure and trusted is also critical to prevent breaches, which can be costly to recover from. Credentials existing on mobile devices, for example, are subject to various risks in the absence of proper protection. “Mobile devices are easy targets for phishing attacks, mobile apps with sophisticated and sometimes undetected malware, or data scraping apps exploiting the device’s clipboard without the user's knowledge,” Helbock said. In this regard, endpoint protection platforms from a variety of cybersecurity solutions providers may be considered to secure smartphones and other end point devices. For AcaaS users, identity management is also critical to make sure who can access what information at what time. In this regard, finding a solution provider is important to establish trust between the provider and the user. “In the case of a newer offering where the end user may not have heard of the service provider before, they can always ask for a test system and request an outside vendor to evaluate the product and then determine if the service is secure enough to meet their needs,” Helbock said. “Identiv has been providing secure solutions to our customers for over three decades. Our positive reputation as an industry leader with multiple system offerings to satisfy our end users requirements creates that bond and trust.” See the article on asmag.com.