Property security managers and IT experts have a lot in common! They both serve users who need access to some spaces within an environment but not others. How can you keep the permissions of each user or tenant straight?
You can actually use the same concept to manage access. By embracing access control models, you can streamline security and make sure everybody has the proper credentials.
In this post, we’ll explain how cybersecurity affects physical security. Then, we’ll show you how physical security and cybersecurity can both be simplified by access control models.
How Cybersecurity Affects Physical Security
Innovations in access control are pushing physical security and cybersecurity closer together. These days, the most cutting-edge access hardware like keypads, intercoms, and card and fob readers are all electronic and exchange information with each other over the internet.
This allows properties to access more features. For example, allowing residents to open doors with their smartphones or using an access system’s cloud-based capabilities to edit resident permissions, even when staff members are off-site. But that increased exposure to the internet increases a property’s vulnerability to cyberattacks.
And even if a property has invested in top-of-the-line cybersecurity, it still might be vulnerable to physical intrusion. When you store sensitive data on servers, you also need to ensure that your server room is highly secured and guarded — and that means investing in physical measures like server cages or a camera system.
What are Access Control Models?
Whether a property is residential or commercial, security managers have to adapt to the changing circumstances of property tenants. And IT workers also have to update permissions and grant employees access to different databases or areas of the building.
For example, a resident in a residential building might have just started paying for access to the gym — so their electronic key needs to be updated to reflect that. Or, an employee at a commercial property who’s just received a promotion might need access to additional building floors.
How should you deal with the ever-changing access needs of residents or workers? Access control experts have developed several access control models to give you different ways to answer that question.
Whether you’re dealing with physical or cybersecurity, you can use the same principles behind each model to manage security and access.
Different Types of Access Control Models
Four main types of access control models are:
- Discretionary access control
- Mandatory access control
- Role-based access control
- Attribute-based access control
Discretionary Access Control
Discretionary access control (DAC) empowers multiple administrators to change user permissions.
Discretionary access control is best for commercial properties that service more than one tenant so that each tenant can manage access for its own employees. It also works for residential properties if the property has more than one manager.
Mandatory Access Control
On the other hand, mandatory access control (MAC) restricts the ability to make changes to one administrator only.
For properties where security takes precedence over convenience, MAC is the way to go. Many governmental and other high-security facilities choose to use mandatory access control.
Role-based Access Control
In role-based access control (RBAC), administrators create different roles with different access permissions. For example, an IT worker might create a “manager” role with access to more databases and information than an “employee” role.
RBAC systems are great for properties that anticipate that there won’t be a lot of role-switching. For example, on a residential property, residents rarely switch roles and become staff members.
In this case, you hardly ever need to manually edit somebody’s role.
Attribute-Based Access Control
Attribute-based access control (ABAC) is similar, but it takes into account somebody’s attributes as opposed to any role that an administrator assigns. Examples of attributes include somebody’s job title, their location, or the time a person is accessing the system.
The best way to illustrate this is with an example. Say an employee who just got a promotion needs access to other areas of the building — and while they’ll get that access under both systems, it happens for different reasons.
In a role-based system, you would have to manually reassign this employee to a different role to get them that access. But in an attribute-based system, the system automatically detects the employee’s promotion and gives them access without manual intervention.
So, attribute-based access control systems are best for larger properties where it would be too time-consuming for an administrator to keep track of and manually switch roles. However, keeping track of attributes in real time is expensive. It’s a feature that smaller properties might not need.
Why Types of Access Control Models Matter
In today’s internet-powered age, physical and cybersecurity are intertwined.
To keep credentials and access permissions straight for all of your tenants or employees, you can count on different access control models as frameworks for managing access. Some of the most popular models are discretionary, mandatory, role-based, and attribute-based access control.
