7 Low-Tech Mistakes that Can Undermine the Best High-Tech Access Control Systems

Avoid these mistakes to ensure your Access Control as a Service (ACaaS) solutions are effective and profitable.

access control systems

State-of-the-art access control solutions offer your clients greater control, security, and automated efficiency than ever before. Relying solely on technology, however, can lead to a subpar level of access control.

As a managed service provider (MSP) offering Access Control as a Service, consider all the angles and use your expertise – and some common sense – to avoid these seven mistakes.

1Too much access

Access control systems enable administrators to grant access based on individuals’ roles. Don’t make the mistake of dividing users into just a few categories (e.g., “user,” “support,” and “administrator”) or, worse yet, giving everyone access to everything. People should have access to what they need to do their jobs – and no more. The rationale isn’t to deny access. It adds another layer of protection to your client’s access control strategy. If everyone has access to everything, a lost card, fob, or credentials can give criminals access to the business’ entire operation.

2Shared accounts

Having an entire team or department sign in with one set of credentials may seem like a shortcut, but it can backfire. Unless individuals use their passcodes or IDs, your client can’t hold them accountable or conduct a thorough audit. Ensure each person has unique credentials and understands what they access and when they will be traceable.

3Hanging onto orphan accounts

When an employee leaves your client’s company, transfers, or assumes a new role, their access control credentials should be deactivated or changed. There should never be extra cards or fobs in a drawer that someone could still use. Coordinate with your client’s HR department to make deactivating credentials part of the offboarding process.

4Device placement

It may seem like a small detail, but where you install card readers, biometric fingerprint scanners, or other devices can make a significant impact on traffic flow and user adoption. If you install a device on the wrong side of a hallway or too far away from a door, frustrated employees may find ways around the system, like door propping or allowing others to piggyback through the door when they use their credentials. The design needs to be intuitive and easy to use.

5Glossing over training

Don’t assume that your client’s employees will immediately be comfortable with new technology, procedures and policies. Offer training that instructs users on the proper use of the system, their responsibilities, why their compliance is essential, and how it will be enforced.

6Overlooking hardware maintenance

The access control system you implement for your client may be able to control doors, gates, turnstiles and other egresses, but all the hardware, devices and moving parts need to be in good repair, or it won’t work. For example, automating locks has little value if the lock malfunctions or the door hinges are broken. So, include regular inspections and maintenance as a part of your solution.

7Letting alarm fatigue win

Managing Access Control as a Service can mean receiving multiple alerts every day. After checking on the first 40 or 50, you may become convinced they’re all false alarms. The following alarm, however, could be set off by an intruder. Respond promptly every time.

Add Value with Your Expertise

Offering Access Control as a Service can position you to elevate your business from the role of solution provider to a business advisor. Your experience and objectivity can allow you to advise your clients on developing a solid access control policy, avoiding mistakes, and following best practices to secure their facilities, assets, IP, and employees. Don’t just sell technology. Sell the value you provide.

Mike Monocello

The former owner of a software development company and having more than a decade of experience writing for B2B IT solution providers, Mike is co-founder of Managed Services Journal (formerly XaaS Journal) and DevPro Journal.