Solutions to 5 Common Access Control Problems

By: Brian Rhodes, Published on Nov 21, 2016

Effective security is more than just good equipment. In fact, thousands of dollars in electronic access control can be wasted if they are not used properly. In many cases, proper operational controls fail to be implemented and enforced.

In IPVM's Access Control courses, students share real world situations where access control does not work.  Over the span of multiple courses, key trends emerged.

5 common problems include:

  • Using Only One Credential or One Access Schedule
  • Door Props Are Rampant
  • Tailgating Is Not Addressed
  • Uncontrolled Doors Are Used
  • Lousy Visitor Management

Inside, we examine each one and explain how to solve them.

IPVM ****** ********

** *** ***-**** ****** ******** *****************, ** *** *** following ******** ********** ******** in **** *****:

"**** ******** ** ****** Controlled ********** ****** *****. ** you **** *** **********/***** like ****? **** ** you ***** **** *** doing *****/ *** ****** it ** *****?"

**** ***** ******** *** their *** ********** ** evaluate **** ****** *** remedy. ****** ****** ******** ** access **** ****** *** make *********** *** ***** quicker. **** *** ******** hundreds ** ********* ****** classes.

Only *** ********** ** *** ****** ********

*** **** ****** ******* are *** ***** ****** one ******* ****** ***** and ******** *** *** users, ** **** *****: sharing *** ******* ********** among ******** *****. **** means ****** **** *** credential *** *** ******* controlled ***** ** ***** times, **** **** '********** areas' ***** ******** ** important. ******** ******** ********:

  • "*************, *** ** *** sister ******** *** **** cards **** ********** **** and ****** **** ** contract ********* ******* ******* it, **** ****'* ****** till ** ********* **** a **** ***** (******* reason *** ****** ******** are *****)."
  • "* **** ** *** facility **** **** ****** cards ****** ** **** user, *** **** *** apply ****** (** ********, technicians, ******, ***.) ** create ****** ********* ** control ***** ***** **** can ******. ********* **** card **** *** ** the ********* *** ******** ***** at *** **** *** gives *** ** *** elevators ** *** *****."
  • "*** **** ******* * have ** ***** **** simply ****** *** *** doors ** *** ******* and **** **** *** last ****** ******, **** a ****** *** **** for ********. **** ** a ******** ****** ** what *** ****** *** designed ***."
  • "** * ****** ** mine, * ****** ****** the ********** ******* *** recently ******* ** **** he ****** ** ***** his ****** *********** ******* faculty **** ********* *** facility ****** *** ****** months *** ************ **** contractors/custodial *****, ***... *** really ********, **** ********, but ***** ** *** people ***** ****** ***** he ****'* **** **** there."
  • "*'** **** ***** ***** have ***** ****** **** schedules *** **** ***** to * ****** ******* forget ** ********* * holiday ******** ***** ******* those **** **** *** unlock ******** ** **** the ******* ***** ****** the ***** *** ******** but ** *** ** there ******** ******** ****** to *** ******** ** the ******** *** *** other ******* **** *** unlocked ** ****."
  • "* **** * ******** with * ******* **** company **** ******* ****** of "*** ****" ********* that **** ******* * high ******** ****. ***** year ** ******* * system ***** *** ** never ******* *** ******** or ***** *********! ** spend ** **** ******** users *** ***** *********** from *** ********. ** feels ** ** **** enough ** **** *** the ***** ***** **** and ***** **** *** to *** **** *** hired."
  • "* *** ******* ** find * **** **** over ** ***** **** all ******** *** **** card ******.  ** *** system, *** ****** **** looked **** *** ********!"

*** ********: ******* ** ******** configure *** ****** ****** ******* ****** *** Schedules ** ************* ******* *** biggest ********* ** ********** access **** ****** ********** locks *** ****. ***** should ** ************ ******* to ****** *** ******* credentials *** ***** ****** patron *** ******** ****** levels ***** ** *** their ******** ****. *********** or ******* ****** **** the ********** ** ***** ***** features *** ****** *** importance.

** *****, ***** ********* or ****** ** ****** this ****** ** *** system *** ****** *** saving ***** *** ********** electronic ******.

Door ***** *** *******

******* ****** ******* *** the *** ** **** props- ********* ******** **** hardware ****-*****, ********* **** scraps ** **** ** trash - **** **** the ****** ** ******* doors **** *** ********, thereby ********** **** **** controlling ** ********** ****** at ***:

  •  "*** ** *** ******* -- * ****** **** 5 ********* ** ** acres -- *** ****** control ** *** ***** doors, *** **** ********* flip-down **** ***** ** all ** *** ********* exits ** **** ********* going ******* ** ***** can *** **** **. And **** ***** *** doors **** ***** ********* to ****. * ******** them ** ****** *** door *****."
  • "*** ******** ****** **** is ***** ******* **** with *** **** ******** at *** ***** **** register. *** *** * reader ** *** **** if ******** ** **** going ** **** *** door? * *** *** all *** ****** ***** on * ******* *** the **** ** *** wall ** ****** **** are *** ** ***** out *** *** **** the ******. *** **** should ****** ** ******."
  • "**** ****** ***** * have *** **** **** the ***** ** *** habit ** ******** ***** - ********* ******* ********* need ** ** *** for * *****, *** can't ** ******** ***** their ***********."
  • "***** *** ****** ******* to ***** ***** ****** and ******** **** **** in *** **** ***."
  • "* ******** ******* * University ** ** *** on ** ***** ****** for *** *** *** the **** ***** **** propped **** **** ********. When * **** * comment ** *** ******** director, ** ****** **** if *** ***** **** left ****/******, **** *** odor ***** ** ************. They ****** ** **** a ******** **** **** having ** ***** '***** sweat *****'."

*** ********: ** ** ****** in *** ********* *** **** **** Problem ****, *** ****** ******** is ** ******* ** any **** **** ****** or ******** ****. ** some *****, **** *** require ******** ******** ***** with * *********** *** uninstalling ****-*****, *** ***** it ***** ********* ******* up *****, ***** ****, rocks, *** ****** **** have ****** *** ********** ** wedge ***** * ****.

****** **** **** ** maintenance * ******* ********** can **** ******** * potential ******** **** *********** the ****** ******. 

Tailgating ** *** *********

*** ******* *** ** easy ** *** ** the *********** * ****** user **** * **** open *** ******** ****** entering ** ******* ** area, ******* ********** *** access ****** **** '***********' access ** ***.  ** note *** **** ***** of *** ***** ** our ********** - ****** ******* Tutorial **** *** ******* *** otherwise ****** ******** *** actually ** * ******* security ******:

  • "** *** * ******* that ****** **** ******* at * ****** ****** network ******** ****** *** the ********* **** ******** to *** *** ********** to **** ** ************. Instead, **** ***** *** just *** ******** ** the ********* **** ** tailgating ** ******* *** door ****."
  • "********** **** ******* *** have **** ****; ****** back **** *****, ********* 50 ****** ***** ***** the ******** **** * reads, **** ** *** door '************' ****..."
  • "***** *** ** **** facilities ***** *** **** keeps *** **** **** for *** ** ****** people ** * *** that ***'* **** **** each *****.  *****."
  • "* ****** ** * US *** ***** **** that *** ********* ** armed *** **** *******-**** on *** *******, *** it *** **** ****** for ******* ** **** the **** *** ***** tailgating ** ******** *********** into **** ******** ***** inside **** ** ************* of *** *****."
  • "*** ********* ******* *** temporary ******* *** *** same ********, *** *** supervisor ***** ******* ** the ********* ******* ****** for *** ********* ******* to **** **** *** building *** ********, *** never *** *** ********."

*** ********: ******** *********** ******** are ********* ** ********** or ******* **********, **** ********** ** **** ******* ** ****** ******* ** **** ***** *********. However, ** **** ******** the **** ********* ****** involve ******** *********, **** training, *** **** ******* notifying *** ******* *** risks ** *** *****.

Uncontrolled ***** *** ****

*********, *** ***** **** is ******** ** ** access ******* ******, *** due ** ************ ** proximity ***** ************ ******** in * ******** ******* traffic.  *** **** ** using ***** ***** ***** the ****** ****** ***** be ******* ********* *** not ********** *** ******** goal ** ******* * facility ******:

  • "* **** **** ** many ******/ ********* ********* where *** ***** ****** is ******* *******. *******, you ***** **** **** around *** **** *** the **** ** ***** were **** *** ** one *** ****** ** stop *** **** **** walking ** ** *** front ******."
  • "*** ***** * **** to ****, *** ******* card ****** ***** ****** the ******** *** **** of *** ***** ****'* have * ****** ** use **** **** *** access. *** ** ***** doors *** ***** **** to ** *** **********. It ****'* **** * card ****** ****** ** it, *** ** *** so ***** ** *** desks ***** **** ** tempting ** *** ** we **** ******* ****. A *** ** ** would **** ***** ** the **** ** *** access. ****** ** *** department ***** **** *** door *** *** **** for *** *******, ******** access **** *** ******** without ****** ** **** any ***********."
  • "******* ********** **** * main ******** **** ******* and ********, *** *****'* multiple **** ***** **** nothing *** ****** ***** doors **** ****** *** enter ** ***** ****.  Stuff **** ****** *** the ****."
  • "* ****** * ****** in *** ********** ****** with *** ****** ** direct ******* ******* *** office ** ***** ** verify *** ******* ******** and ******. **** ***** have ****** *** ** not **** *** **** handicap ***** ******* *** hardware ** ***** *** door ****. **** ****** the ********** ******** ***** it *** ********."
  • "*** **** ********** ***** in *** ***** ******** was *********** ******* ***** storage **** *** **** inside * **** **** that *** ***** ****** and *** ** *** shortcut *** *******."

*** ********: **** *********** *** ******** should **** ** ********* which ********* ******** *** authorized *** ***, *** then **** ****** ** either ******, ****, ** add ************ ******** **** the ****** ******. ***** openings ** **** ********** and ****** ******** *********** ****** ******* **** ****** if **** *** ********* egress *****, **** *** and ****** ** ****** against ************ *****.

Lousy ******* **********

*******, ******** ** *** implementing ************** ********* ** ********* visitors **** **** ****** control ********** *** ** the ******* ***** ** the ******. ***** **** visitors *** *** *****, a ***** ********** ***** be **** *******, *** without ******* ********** ** place **** *** ******* to *** ****** **********:

  • "*** ** ** ******'* **** areas ** ******* *** generic ****** *** ******* and ***********. **** ***'* keep ***** ** *** and ***** ***** ****** go."
  • "*'** **** **** ********* with ************ *******. *******, they *** *** *** an ******** ** *** outside ** *** ********, but ***'* ******* **** the ***** **** *** larger ********. **** ***** when *** ********* ****** buzzes ******* **, **** have ****** ** *** rest ** *** ****."
  • "*********** ***** ****** ** areas **** ** *** gym ******** *** *** not ******* ** *** it **** ****** ** isn't * **** ******** area."
  • "*** ** *** ******* problems ** ********* ** Portugal ** ******* **********. There ** ****** ******* that ******** ****** **** visit ***** **** ****, to ****** ****** ** the ******** *****."
  • "* ****** ** * large ************ ***** ******** were ******** ** ****-** and **** ******** ***** badges. ***** *** ****** control ** *****, ******* it *** ***** **** unsecured **** **** ***** etc. **** *** ******** had ****** ********, **** had * **** **** free **** ** **** than **** ******** ****** have."

*** ********: ** ** ****** in ********** ********** ******* ******** ****, **** ****** ********* have ** ***-** ****** to ************ ******* ****** directly **** *** ******, eliminating *** **** ** a ****** ********** ******* 'check **' ******. ***** trouble ** *** ********* solely *** ******* ************** ********, the **** ** *********** visitors ******* ******** ** risking **** *** ** significantly ********* ******* ********** ******* management ********.

Comments (1)

The most vulnerable place in the whole building was radioactive medical waste storage that was just inside a side door that was never locked and was an hot shortcut for workers.

How heinous was the existing EAC that people would take 'hot' shortcuts thru radioactive waste storage?

Read this IPVM report for free.

This article is part of IPVM's 6,535 reports, 880 tests and is only available to members. To get a one-time preview of our work, enter your work email to access the full article.

Already a member? Login here | Join now

Related Reports

Door Fundamentals For Access Control Guide on Aug 24, 2020
Doors vary greatly in how difficult and costly it is to add electronic access...
Use Access Control Logs To Constrain Coronavirus on Apr 09, 2020
Access control users have included capabilities that are not commonly used...
Exit Devices For Access Control Tutorial on Aug 25, 2020
Exit Devices, also called 'Panic Bars' or 'Crash Bars' are required by safety...
Remote Network Access for Video Surveillance Guide on Jul 27, 2020
Remotely accessing surveillance systems is key in 2020, with more and more...
Free Online NFPA, IBC, and ADA Codes and Standards 2020 on Sep 03, 2020
Finding applicable codes for security work can be a costly task, with printed...
Drain Wire For Access Control Reader Tutorial on Sep 23, 2020
An easy-to-miss cabling specification plays a key role in access control, yet...
Access Control Course Fall 2020 - Register Now - Last Chance on Sep 09, 2020
Starts next week! IPVM offers the most comprehensive access control course in...
FLIR Markets Windows Temperature Screening, Violates IEC And Causes Performance Problems on Jul 17, 2020
FLIR, one of the largest thermal screening manufacturers, is marketing...
AHJ / Authority Having Jurisdiction Tutorial on Aug 06, 2020
One of the most powerful yet often underappreciated characters in all...
Directory of 206 "Fever" Camera Suppliers on Aug 04, 2020
This directory provides a list of "Fever" scanning thermal camera providers...
Milestone Presents XProtect On AWS on May 04, 2020
Milestone presented its XProtect on AWS offering at the April 2020 IPVM New...
Add Door Operators To Fight Coronavirus on Mar 31, 2020
IPVM recommends that integrators advocate and end-users consider adding door...
The Kiosk Market Pivots To Temperature Screening (Interviewed) on Jul 28, 2020
Video surveillance is not the only market that has pivoted to medical device...
Verkada Access Control Tested on Sep 09, 2020
Verkada raised $80 million earlier in 2020, expanding from video into access...
Keypads For Access Control Tutorial on Jul 28, 2020
Keypad readers present huge risks to even the best access systems. If...

Recent Reports

Hikvision Sues Over Brazilian Airport Loss on Sep 24, 2020
Hikvision was excluded from a Brazilian airport project because it is owned...
China General Chamber of Commerce Calls Out US Politics on Sep 24, 2020
While US-China relations at an all-time low, optimism about relations...
Verkada Disruptive Embedded Live Help on Sep 24, 2020
Call up your integrator? Have someone come by the next day? Verkada is...
IP Networking Course Fall 2020 - Last Chance - Register Now on Sep 23, 2020
Today is the last chance to register for the only IP networking course...
Drain Wire For Access Control Reader Tutorial on Sep 23, 2020
An easy-to-miss cabling specification plays a key role in access control, yet...
IPVM Camera Calculator User Manual / Guide on Sep 23, 2020
Learn how to use the IPVM Camera Calculator (updated for Version 3.1). The...
Installation Course Fall 2020 - Save $50 - Last Chance on Sep 22, 2020
Today is your last chance to save $50 on registration for the Fall 2020 Video...
SimpliSafe Business Security Launched Examined on Sep 22, 2020
SimpliSafe has launched "SimpliSafe Business Security" that the company...
FLIR CEO: Many New Fever Entrants "Making Claims That The Science Just Won't Support" on Sep 22, 2020
FLIR's CEO joins a growing number calling out risks with fever / screening...
China Bems Temperature Measurement Terminal Tested on Sep 22, 2020
Guangzhou Bems (brand Benshi) is the manufacturer behind temperature...
Axis Exports To China Police Criticized By Amnesty International on Sep 21, 2020
Axis Communications and other EU surveillance providers are under fire from...
Milestone XProtect on AWS Tested on Sep 21, 2020
Milestone finally launched multiple cloud solutions in 2020, taking a...
Mobile Access Control Usage Statistics 2020 on Sep 21, 2020
Most smartphones can be used as access control credentials, but how...
Axis Compares Fever Camera Sellers to 9/11 on Sep 18, 2020
Axis Communications, the West's largest surveillance camera manufacturer, has...