Information security is not just an IT issue, it covers people and processes as well as technology.
Because cyber-attacks continue to evolve, and data breaches are as likely to result from insider action (unintended or and malicious), new data protection regulations, such as GDPR, avoid prescribing specific technical security solutions, calling instead for ‘data protection by design’ – requiring organisations to consider people, processes and technology collectively.
Unifying logical (IT) and physical (door) access controls supports a holistic approach to protecting data, by enabling critical processes to be streamlined and enforcing the proper use of identity credential by an organisation’s people.
Unifying access control infrastructure enables location-aware IT access validation; preventing a wider range of access exceptions in real-time, not just reporting after the event.
With the addition of EdgeConnector, any IT resource that Active Directory controls can now be restricted to specific users AND their location, for example:
- Deny any remote log-in requests for on-site users.
- Deny sensitive data/app access to users outside secure areas.
Unifying physical access control with Active Directory’s network-wide coverage makes it easy to manage and monitor physical access rights for all personnel, across all sites, from anywhere; without the usual complexities involved with conventional site-centric systems.
Unifying the administration of logical and physical access rights rationalises critical processes, avoiding the all too common issue of former employees and contractors retaining access permissions after leaving an organisation. Combining logical and physical access rights within common role-based profiles simplifies procedures for HR or Security teams, for example:
- All logical and physical access permissions can be revoked, with immediate effect, in one step.
Unifying identity credentials for IT and building access, document print release, cashless canteen vending, etc. into a single multi-function smart card consolidates identity management processes and reduces costs overall.
Unifying identity credentials for physical and logical access into a single smart card naturally compels people to carry these ID cards at all times. Smart card based strong two-factor authentication for IT access addresses the insecurity of passwords alone, but if cards are left in unattended workstations the risk of unwanted access remains. By making it necessary to use the same card for IT access, opening doors, releasing documents from printers, and more, users have to remove their ID cards when leaving their desks, thereby locking unattended workstations.