Harling Security are specialists in access control and security for educational premises, such as schools, colleges and academies.
Access Control Systems
Access control systems can be installed to all your new or existing gates and doors, with a wide range of systems being available to suit the specific security requirements of your property.
Our range of access control and door entry systems can work with MIS systems, CCTV, vending machines, printer control, BMS systems, signing in systems etc, plus many other types of applications.
Benefits and Features
- 5 year parts warranty*
- High performance units
- Networked Systems to provide control from a central point
- Integration with SIMS and MIS systems
- Integration with CCTV systems
- Video intercom integration
- Printer integration for ID cards
- Paxton net 2 access control specialist
- Paxton Gold approved installer
- Card and Fob entry systems
- Timer controls
- Traffic light systems
- Intercom systems
- ANPR systems
- Video entry
- ID card systems
- Biometric Options
- Lockdown systems
- Automatic alerts for alarms and problems reporting.
- Fire alarm integration, with reporting options
- Touch screen and signing in systems
- SIMS and mainstream MIS system integration
- CCTV integration
- Car parks
- Entrances and exits
- Gates and barriers
Access Control Systems for Schools
Educational institutions work for the public good and are, therefore, of public interest. As such, it’s crucial that a schools security system is taken seriously as failure to can have very grave repercussions. This is because schools educate children and youth who are very vulnerable. This means that schools, unlike other institutions are open to a lot of public scrutiny and must, therefore, incorporate access control as an additional security measure besides the usual fencing and security guards.
But what exactly is access control? Access control is a security system that helps in controlling or supervising anyone that can use or view certain resources in an establishment. Access control techniques are very common in business establishments, but their popularity has grown beyond organizations to incorporate schools and colleges as well given that they help minimize risk to schools.
For schools, access control techniques are used to identify, authenticate and authorize users and units by assessing the required login credentials such as personal identification numbers (PINs), security tokens, passwords, biometric scans or other authentication determinants. For a more layered defence when using access control systems, schools can consider incorporating a multifactor authentication.
Besides a written school security plan that needs to be followed to the latter by every party that has access to the school, schools can include access control systems besides the usual security guard’s identification badges and video surveillance to protect both school going kids, teachers, staff and school visitors from external – and in some cases, internal – harmful influences.
School Access Control Systems
Generally, there are two categories of access control, namely logical and physical that a school can use to boost their security. Logical access control is used to restrict connections to data, system files, and computer networks. On the other hand, physical access control is used to limit access to buildings, campuses, physical IT assets, and rooms.
Electronic access control methods – a technique that can be used by schools – relies on a user’s credentials, access card readers, audits and records to track staff access to controlled proprietary areas and locations within the school to protect an institution. Such areas can vary from one school to the other but may include the registrar’s office, records office, and exams office among others.
Some electronic methods are known to have access control panels that can restrict entry to buildings and rooms, alarms that can go off as well as lockdown capabilities in the event unauthorized personnel try to access the area. Such security measures are designed to work by recognizing an individual or entity, verifying that the application or person is what or who they claim to be and validating their access level as well as established set of actions linked with the IP address or username.
Directory protocols and services such as the Local Directory Access Protocol (LDAP) and the Security Assertion Markup Language (SAML) can be used by schools to give access controls for authorizing and authenticating users and bodies and allowing them to connect to different computer resources like web servers and distributed applications.
Use of Access Control Systems
Given that there are different models of access control systems available in the market today, schools can choose to use a model that works for them depending on their needs, the information they are trying to protect and the laid-out compliance requirements. As mentioned, access control techniques are used to minimize any risk from unauthorized access to logical and physical systems.
Access control systems are an important aspect of security compliance solutions that are designed to protect access control policies and security technology while ensuring that confidential information such as student data remains safe. Today, more and more schools have developed the required procedures and infrastructure that enables the limit access to computer systems, applications, files, networks and sensitive data like intellectual property and personally identifiable information.
Implementing any access control system can be both challenging to manage and complex depending on the dynamics especially if a school is using both cloud services and on-premises systems. Given the rapid developments in the technology sector, there have been security breaches even with access control systems. As such, schools using access control systems have been forced to move away from the single sign-on systems that were common to a much more unified access management system that provides access controls for cloud and on-premises environments.
Type of Access Control Systems
Thee are different types of access control systems that a school can opt to implement in order to boost its security system. These include:
- Attribute-based Access Control (ABAC)
This is an approach used to manage an access right by analyzing a given set of policies, rules, and relationships using the credits of users, environmental and systems conditions.
- Discretionary Access Control (DAC)
The discretionary access control methodology is an approach whereby appointed administrators or owners of the secured systems, data or available resources come up with policies that will define who or what is allowed to gain access to a resource. Discretionary access control systems make it possible for administrators to control the distribution of access rights. While this system is widely used, one concern that has been raised by most tech professionals is the fact that it lacks a centralized control.
- Mandatory Access Control (MAC)
The mandatory access control is a security method where access rights are controlled by a central authority established on multiple levels of security. This type of access control is largely used in military and government institutions. The classifications for a mandatory access control are allocated to system resources and the security kernel, or operating system is able to give or deny access to any resource based on the device or user’s information security clearance. A good example of the mandatory access control is the Security Enhanced Linux that is applied on the Linux operating system.
- Role-based Access Control (RBAC)
The role-based access control is commonly used in most organizations given that it doesn’t rely on the identities of each individual user. Instead, this access control technique works by limiting access to computer resources depending on groups or individuals with similar business functions such as engineer level 1 or executive level. However, this system depends on a complex structure which means that roles have to be assigned, authorized and then granted permissions using role engineering so as to control employee and staff access to systems. The role-based access control techniques are largely used to enforce discretionary and mandatory access control frameworks.
- Rule-based Access Control
The rule-based access control system is a model whereby the rules that control access to resource objects are defined by the system administrator. In this security model, the rules are based on certain conditions such as location or time of day. Depending on the needs of a school, the rule-based access control model can be used alongside the role-based access control so as to reinforce access procedures and policies.
Implementing Access Control
Access control is a procedure that is fused into a school’s IT environment. The process can, depending on the type of access control, include access and identity management systems. Such systems provide a user database, access control software and management tools that are used for auditing, access control policies and enforcement.
For access control systems, users have to be added to an access management system. For instance, in a school setting, the system administrator will add a user and then use an automated provisioning system to configure permissions depending on the job responsibilities, access control frameworks, and workflows.
However, what is crucial to remember especially when implementing an access control system is that using the “least privilege” practice is always the best. What this means is that access should only be granted to the resources that an employee or staff will need to perform their stated job function. When an employee leaves your institution for whatever reason, having their credentials revoked and access to data and systems revoked is very important given that this is usually one of the major security failures that allow for a security breach.
Besides employees or staff who leave, an access control system can also be undermined by staff who don’t do their part. How so? For instance, implementing an access control system isn’t enough. All staff who are given access need to be trained on the dos and don’ts. This is a sure way to prevent any security breach because even the most well-thought-out designs can still be compromised without proper training. The school leadership needs to take this into account as well.
How to Prevent Access Control Attacks
As mentioned, access control systems while safe can still get attacked. The process of access control procedure usually begins with identification, authentication and then authorization. So for an access control attack to be successful, it means that a hacker or attacker begins by stealing the credentials of a user and trying to impersonate them in order to carry out malicious activities.
In order to prevent an attack on a school’s security access control system, below are some measures that can be put into place.
- Multifactor Authentication
Today, a single authentication form isn’t enough as it can easily be breached. Some schools still rely on a password and username as an authentication mechanism. This is however not enough as it easily leads to attacks. Instead, schools can use a multifactor authentication before a user or entity is given access to whatever resource. These can include a smart card, biometrics, and passwords. Combining the use of these can aid in strengthening the identification, authentication and authorization check.
- Strong Password Policy
Schools need to have a password policy that requires the use of strong passwords as this is one way to reduce password attacks from happening. The policy should also enforce the need to have passwords changed frequently. Such a policy is a must-have and schools shouldn’t just assume that it is common knowledge to users and should, therefore, create awareness around it and enforce it.
- Encrypt Password Files
Files that have passwords need to be encrypted using a very strong encryption method. In case one needs to share a password, they should do so over a wire when in transit and not by using a URL or clear text. Schools must apply the use of HTTPS and not HTTP in order to protect sensitive data such as passwords across the wire.
- Limit Access to Systems
Regardless of whether you are giving a user an electronic or physical access to a sensitive file or system, it must be restricted. Why? Because if an attacker, for instance, has physical access to a system that hosts the school’s authentication records, they can easily dump the records and then proceed to crack them offline. And for electronic access, access given to users needs to be limited to password files. All these activities need to be recorded and investigated as soon as possible. In addition, users need to have their access controlled. This means having them granted access to the files and systems that they only need for their immediate job specifications.
Additional Security Measures
Besides access control, there are other security measures that schools can put in place in order to prevent any form of attack on the school institution. Remember, attackers can still gain access to a school and physically steal sensitive records. As such, schools need to be fenced and have gates installed in strategic positions in order to safeguard the school from any unwanted intruders.
The set-out security policy should see to it that every student, staff or visitor has an ID card that is always visible when they are within the school premises. It is also important that a school carries out background checks on their staff before they are employed and given access to certain resources within the school.
The school’s car parking area also needs to be constantly monitored by the hired security guards for any suspicious activities. Students and staff should also be encouraged to report any suspicious activities that they may witness within the school compound. Most importantly, the school board needs to come up with a well-written school security policy that every student and staff must be made aware of and the necessary training provided.