ID Badges' New Technologies are a Challenge for CIOs
Mandated compliance requirements demand increased control and advanced reporting to have secured IT facilities and applications. ID Badges now not only need to be visible but also communicate electronically
CIOs and IT Managers are now are working with operational managers to achieve the right balance between security and convenience in selecting and implementing ID Badges. With the advent of smart and mobile credentials, the choice made now may not only affect access control applications, but many other aspects of the functions of a business' operation.
With the addition of Near Field Communication (NFC) technology on a growing number of mobile devices ID Badge implementation has become more complex. NFC more easily enables access control and application connectivity and more organizations are considering joining the bring your own device (BYOD) trend and having staff members use their own smart phones as their access control credentials.
Smart ID Badges and Credentials Are Becoming the Industry Standard Best Practice
Smart credentials provide organizations with a better world class solution over other traditional solutions at approximately the same price as a plastic photo ID card. Smart cards increase the security of data, provide added convenience to the user, and allow for greater functionality by allowing users to use them for access control, logical access, payments and many other functions.
By considering open architecture capabilities, CIOs can easily provide secure access to companies' facilities and applications. A smart ID Badge that is implemented with an open architecture provides the ability to have customized keys for multiple applications. For example keys can be stored for not only user IDs and passwords for application but also for physical access to specific locations. That added with a biometric check can be the ultimate security tool that we have all been looking for.
Users prefer the convenience of using their phones instead of digging for their cards. Using smart phones as badges saves time. Assigning the credential to a phone takes less work than printing and delivering a badge.
NFC, Smart ID Badges and Mobile Device Converge
To turn NFC-enabled smartphones into an access control credential, users simply download an app to their smartphone. Then, their access control administrator uses the cloud service to send a secure mobile credential directly to the user's phone. Once the mobile credential is downloaded, users open the app and tap their smart phone to the reader in the same way they use a card or fob.
For many employees using their personal smart phone would be much easier than searching for a card. While a employee could use a personal smart phone to get into the various facilities served, the IT staff would have the confidence that the data is being exchanged is encrypted and secure. CIOs may want to start off using smart phones with their key users only and later expand their use with the rest of the staff, providing a choice of credentials that could be used.
BYOD is Everywhere
Employees are finding it easier to bring and use their personal devices to work. Employees get to work on devices that they like and that are probably more advanced than what is issued to them through their IT department. In addition, instead of carrying around a variety of equipment, they get to choose the one device that works best for them.
Although employees may wish to use their own device, IT teams need to ensure the security/encryption, which is needed for customer and organizational information, is strong, implementation is seamless, and management of software/applications for all of these personal devices doesn't add vulnerability to the enterprise. IT professionals want strong authentication credentials, the level of security provided by smart credentials.
Unlike proximity and magnetic stripe cards and their readers, smart credentials initiate a challenge and response sequence to initiate conversations with the network. These communications are encrypted using industry standard encryption techniques. By welcoming their involvement and showing the ability to speak their language and answer their questions, you will gain additional layers of approval within the IT organization.
While the BYOD migration moves forward, there will be a mixed environment of cards and phones. With more and more NFC-enabled phones coming on the market, the shift to phones being used by the majority of people in the organization will ultimately follow.
What CIOs Can Do Now
For those CIOs who are supporting multi-technology readers, there is no need to replace readers in order to migrate to smart cards, smart phones or a combination of the two. These readers currently work with magnetic stripe, proximity and smart cards as well as NFC-enabled mobile phone credentials all in one reader, providing an easy migration path to upgrade credentials.
If non-smart access technology is being used today, multi-technology readers should still be installed to help ease future transitions by reading the different types of cards and smart phones at the same time.
CIO wanting to implement NFC enabled smartphones as their access control credentials can begin the transition
now. The recently introduced secure peer-to-peer (P2P) NFC mode lets organizations provide the convenience
of using a mobile device today. This secure peer-to-peer lets organizations implement mobile credentials ahead of the market by using Android NFC-enabled phones and Apple iPhones.
It is key that CIO prepare their organizations for smart card ID Badges and NFC mobile credentials. If new readers are needed, they should select multi-technology readers that combine the ability to read all of these credential technologies in a single unit. That way, when the organization switches over to smart credentials, there will be no reason to tear out the old readers to install smart card readers.
Mobile User Policies and Procedures just updated
- Mobility Policy Bundle - Complies with all mandated, ISO and EU requirements. Provided as individual MS Word and PDF files. The procedures come with electronic forms which are easily modifiable