This is one of the 52 terms in The Language of Cybersecurity published by XML Press in 2018 and the contributor for this term is Chris Wynn.

What is it?

The ability to control entry to physical locations based on factors such as date, time, and access level. Access control systems can also create audit trails, raise alarms, and adjust authorizations based on the threat level.

Why is it important?

Access control helps ensure that only authorized people have access to your facilities.

Why does a business professional need to know this?

Business professionals need to understand the capabilities of current access control systems, which go well beyond traditional lock-and-key controls. Electronic access control systems allow facility managers to control who has access to each point of entry in a facility and when they have access. Such systems can generate reports that show when and by whom an entry point was accessed and whether access was granted.

In the event of a threat, such as an active shooter or unauthorized intruder, an access control system can make it possible to immediately secure a facility, regardless of whether security staff is on site or not.

Electronic access control systems rely on credentials that identify a particular person. Credentials can include physical objects such as a key card, personal knowledge such as access codes, or biometric measures such as a retina scan, facial recognition, or a fingerprint.

In a key-based system, lost keys are a constant security concern because when a key goes missing, the only way to ensure site security and safety is to re-key all affected locks. This can be very expensive if the missing key is a master that has access to multiple locks on site. With an access control system, you simply revoke access for the lost credential and issue a new credential with the same access rights, potentially saving thousands of dollars in labor and materials.