Digital Identities for Physical Security

Integrating Visitor Management and (Physical) Access Control in the Enterprise

For the enterprise, 2020 might just be the year to integrate Physical Security with IT Security. Enterprise- level risk can only be uncovered by assessing cross-domain threats are still largely ignored by corporations and labeled as too hard to do.

The truth is that in this day and age it actually is not that hard to do. All you need are the right tools. CSO Magazine not that long ago loudly proclaimed, “The Corporate Perimeter is Dead”. With employees and contractors carrying the equivalent of super-computers in their respective pockets, company data is equally mobile with all kinds of data flying around all over the place. The corollary to the CSO Magazine proclamation related to the demise of the corporate perimeter is the statement that Identity, now become the new perimeter. It also becomes the new attack vector for intrusions and has already become the most stolen entity.

In this age of digital transformation why do we need to have separate identities for each of the domains we operate in? One to access physical spaces and systems like buildings and control rooms, one for logical or IT systems like networks, Windows or your laptop. Wouldn’t it be better to incorporate the various identities into one common digital identity?

By starting the process with one common digital identity it now becomes possible to reduce the overlap in identity management by eliminating multiple identities for the same person. It also makes it easier when you start with the digital identity and then, during the onboarding process, provision access to IT systems as well as to physical spaces like buildings, rooms and doors. Bringing these worlds together finally delivers a real-world view of risk to the enterprise. Facilities managers, IT Security Ops teams and business functions can all see a complete picture of risk for an individual or a group of employees. They can finally answer the question, “If I give certain physical access to this particular employee in with this job function, and they have access to business systems and operational systems, how much risk are we taking as a company?”.

Deploying Visitor Management can be the first step towards this type of digital transformation. Visitor management automation can be a quick path to utilizing digital identities and it can be done with the least disruption to other functions. Visitors have the potential of posing the most insidious risks to the organization. Visitor Management software addresses those risks while enhancing the visitor experience in the lobby and at the same time delivering a positive effect on the brand image as well.

Table – Comparison of organization before and after deploying visitor management software

Experience Prior to Visitor Management Benefits of Deploying of Visitor Management
Slow manual check-in Pre-Registered Visitors can use automated check-in
Frustrating wait as lobby staff tries to locate host Auto-notifies the hosts
Meeting rooms occupied – take them to cafeteria (may not be secure) Integrated email and calendar systems to include meeting room booking
Safety and Compliance: No easy way to assemble reports No more crowding in the lobbies, pleasant experience. Self-Service Kiosks help reduce staffing costs
Security – cannot track where visitors go – do not admit lists not effective and employees feel like their own time is wasted having to continuously escort visitors through high risk areas. Background checks and do not admit lists enforced

Separately, Physical Identity and Access Management (PIAM) software is emerging as a category that combines the processes of assessing Identities normally stored in IT systems. These systems typically include the HR systems and network directories, such as Microsoft Active Directory, and uses them to create, validate or remove identities from the Physical Access Control Systems (PACS), also known as Badging Systems, or simply Access Control and other identity stores. Combining these systems now makes it possible to enforce policies where terminated employees or contractors will not gain access to the physical facilities without express permission and actions on the part of the security teams to do so. This makes the workplace more secure and stress free.

Not all enterprises are going to adopt PIAM. This is because the integration is tedious and let’s face it, there’s no one size that fits all. Every company has their existing set of rules and processes that make up their workflow. PIAM systems must be customized to reflect the desired processes which make their installation and deployment expensive to say the least. For the right company there is much value to be had, but it is not for everyone.

However, there is more immediate path to instant gratification. A sure-fire easy win that can demonstrate immediate return on investment. Most medium to large organizations have adopted (Physical) Access Control. This type of system is used as a mechanism to manage secure access to the facilities and critical areas by employees and sometimes contractors as well.

Connecting the usually isolated front lobby to the rest of the enterprise can be accomplished by linking the visitor management system with access control. Finally, the movement of all types of people with various roles (viz, employees, contractors, vendors and visitors) going in and out of the organization can be tracked, visualized and reported on.

The benefits of integrating visitor management systems with access control are several and these appeal to security and facility managers while delivering cost savings as well. These include the ability to:

  • Eliminate Security Gaps - extend Visitor Management to create one common system in the enterprise that manages physical access and movement for employees, contractors, vendors and visitors
  • Enforce additional security controls without requiring escorts at all time. Visitors automatically excluded from high risk areas
  • Meet company safety policy and compliance requirements related to occupant counts, mustering and risk management
  • Easily Integrate Dashboards and Reports for Operational Teams and for Management Reporting

Not all visitor management systems are created equal. Many are just a pretty front-end device for printing visitor badges and do little to improve security.

The Splan Visitor Management System has been designed by engineers with physical security experience and has built-in capabilities to integrate with a myriad of Access Control Systems. Some of those and other capabilities include:

  • Easy to setup connectors for widely used Access Control Systems
  • Ability to link to company network directories
  • Provides additional functions like Event Management, Multi-Tenant Support, Vendor Support
  • Support for multiple printers, scanners, kiosks, badge types and badge dispensers
  • Support for multiple printers, scanners, kiosks, badge types and badge dispensers

Popularly deployed access control systems include those made by AMAG, Avigilon, Brivo, Feenics, Genetech, Honeywell ProWatch, Lenel OnGuard/S2, RS2, and Tyco CCURE just to name a few. Connectors to additional systems can be easily created upon request.

For more information on installing visitor management software and integrating with your current access control system, please contact Splan at We can also refer you to one of our industry leading security integrator or dealer partners.