Educational facilities in general, and higher education institutions in particular, are challenging security environments. This is in part because they have to strike a balance between the ideal of an open, free-flowing campus for interaction and ideas with the need for access controls to keep intruders at bay. Moreover, the administration needs to manage a diverse set of campus identities including students, staff, faculty, visitors, and vendors – each of which have distinct and sometimes varying access levels to campus areas, assets, and buildings.
In practice, institutional leaders usually discover that managing this balance is made more difficult by technical hurdles such as multiple siloed databases and a general lack of automation and integration across existing campus identity systems. For example, there is a wide array of campus databases that facilitate almost every function of campus life activities. This list includes student enrollment systems, HRMS, housing, parking systems, and library and gym access. Each of these systems has an important role in managing campus access; yet these authoritative databases and the identities are rarely integrated with the campus physical security systems that enroll and manage the access throughout the campus. Often, access is provisioned and de-provisioned manually, using paper-based forms and processes. This approach is costly, wastes time, and is susceptible to errors.
To address these challenges, campus administration would ideally implement a centralized system to control and coordinate all the necessary identities and permissions. Such a solution would use a web-based platform to aggregate multiple authoritative sources and enable physical access based on an identity’s current role and attributes such as location, school, class schedule, and enrollment status, as appropriate.
Coordination of these databases would also enable pre-defined policy-based issuance of credentials, which is critical for maintaining operational efficiency when managing a large number of campus identities. Badges would be granted only if all pre-requisites are met, with the specifics determined by the organization to match their security needs. For example, a visitor management portal could be implemented to allow users to pre-register and manage visits using an integrated calendar tool. Visits would be approved based on the authority of the requestor and approver as needed, and a visitor badge would be issued only after all the requested information and approvals were entered. Requested visitors can be pre-screened and cross-referenced to watch lists prior to arrival, speeding check-ins and avoiding surprises at the time of the visit.
Centralized identity management systems provide many important benefits for campus security managers, including expedited reports and audits, increased operational efficiency, reduced costs, and reduced risks. For example, physical identity and access management solutions can provide on-demand or automatically generated scheduled reports; the data delivers insights into campus security and operational efficiency.
Another benefit is a greatly increased operational efficiency and end user experience. Authorized staff can use these systems to provision and de-provision access instantly, across all identity types and covered locations. Access request and removals are automatically routed to the proper approvers, reducing the amount of time from days to seconds. This functionality saves time and operational costs, particularly when managing high volumes of campus identities. Integration with current systems requires no rip-and-replace and allows scalability to meet future needs.
Ultimately, the most important benefit is that controlling movements for all on-campus identities increases security and mitigates risks. The elimination of manual and paper-based processes vastly reduces errors. In addition, the combination of fast, system-wide updates with automated reporting and improved audits results in an overall improvement in security for every member of the campus community.
To learn more on how a private research southwestern university is addressing their identity management needs, read this case study from Quantum Secure.