A closer look at how Internet-of-Trusted-Things and mobile is changing access control
IoT is transforming consumer applications like never before. Personal fitness, home automation and connected cars are a few examples of how far technology has penetrated our lives.
Similarly, IoT is spurring significant changes throughout the modern facility whereby offices, hospitals, manufacturing plants and college campuses all get smarter. The workforce within these facilities is embracing the mobile revolution and has become more connected. While IoT delivers valuable benefits, it is simultaneously posing challenges as organisations face potential security threats, facility processes, and operational integrity.
Changing the playing field
With growing adoption of mobility and the IoT, there is an ongoing shift in the use of identity technology. This shift is leading to increased adoption of mobile devices, the latest smart card technology, a greater emphasis and reliance on the cloud, and a radical new way of thinking about trust in smart environments and the IoT. This shift is also triggering the move from legacy systems to NFC, Bluetooth Low Energy (BLE) and advanced smart card technologies to meet the evolving needs of organisations worldwide. Ultimately, there will be a transformation in the way trusted identities are used, particularly in industries focused on regulatory compliance such as government, finance and healthcare markets.
A number of trends are emerging. As organisations seek to use a number of smart devices, it directly impacts how customers view and use trusted identities across more activities in more connected environments. Users will want to open doors, login to cloud resources, access print jobs and conduct other daily activities using trusted IDs on their phone, wearables or smart cards.
The industry will also look towards complete identity relationship management that grants access based on context and circumstances across the trusted identities assigned to people, devices and things in a connected environment. There will be a greater emphasis on the cloud to create common management platforms for digital IDs, and organisations will recognise the interdependencies of technologies and platforms required to provide a better user experience.
As multi-factor authentication for physical and IT access control merges to provide more convenient and secure user experience, this model will make it easier for administrators to deploy and maintain an integrated system throughout the complete identity lifecycle. Credential issuance for physical ID cards will also experience a digital transformation, as the use of cloud technologies will enable managed service models for badge printing and encoding.
Finally, emerging IoT use cases will increase the need to ensure the security of an Internet of Trusted Things (IoTT). Trusted identities will help secure, customise and enhance the user experience across a growing range of industry segments that are embracing the power of the IoT. Organisations are looking to streamline processes and operations using real-time location systems, presence- and proximity-based location functionality, condition monitoring solutions, beacons and cloud-based models leveraging emerging solutions that secure IoT use cases. Emerging solutions will also advance existing secure proof of presence capabilities to include the predictive analytics and functionality based on location-based technologies.
In parallel with these activities, there will be a growing awareness that new identity challenges have arisen in applications where mobile access control meets the IoTT.
New identity challenges
A major concern among facility managers today is that the links between systems and assets will be compromised in the IoT. The industry has already alleviated these fears in access control applications with the advent of trusted identities that are communicated over protected channels using the latest cryptographic algorithms. Readers and credentials are now essentially trusted devices that are connected to the facility’s access control system. Today, smartphones have similarly become trusted credentials that can be connected to these systems through the cloud.
An early example of how access control and the IoT are merging is in the use of mobile access technology to help facility managers efficiently control HVAC systems based on a person entering or exiting a suite or common area using a mobile ID. The HVAC and energy management systems will automatically adjust the settings, for example, turning off lights when the last person leaves the area. This is what integrator Datawatch Systems is doing for its customers with a combination of its Datawatch Direct Access System and HID Mobile Access. In the future, Datawatch is exploring further mobile access control integration with more building utility systems.
The same trusted identities used for access control can be extended to other IoT applications for numerous additional smart building activities. A prime example is automating maintenance management systems that are physically linked to fire and safety equipment, heating and cooling systems and other critical, high-value assets. For decades, RFID transponders have connected these physical assets to business applications, enabling organisations to manage and track inventory levels and improve operational process efficiency.
Now, mobile devices can be combined with trusted tags and cloud authentication to secure cloud maintenance management software (CMMS) applications. Users tag equipment to connect it to the Internet, enabling technicians to then use their mobile devices to simply tap the tag in order to access these cloud-based CMMS applications. This model also makes it possible to track the service start time, duration and status of completion to improve billing accuracy. From the initial tap to initiate service to the final tap that closes the ticket, the previously manual process is now fully automated, improving workflow while minimising any disruption of equipment productivity.
Marrying access control with IoT applications using trusted identities promises to make systems and applications much easier for teams to use. The ability to secure CMMS and other IoT applications will make entire processes much more seamless and easier to manage from initiation to follow-up, resulting in a more responsive and productive mobile workforce. A key requirement moving forward will be the ability to implement identity-proofing with an unbroken chain of trust for all access control transactions in both the physical and digital worlds. This chain of trust is based on the ability to verify claims of true identity, rather than simply verifying ownership of a digital identity that someone might be using fraudulently. With this foundation in place, trusted ID solutions is poised to make daily life easier and more productive in the physical and digital worlds and the IoTT, for today’s increasingly mobile users who continue to be the most important elements in any security strategy.Discover More