Access control is arguably the most important security element. Three of the most popular forms of access control include keys, codes and passwords. This post delves into how to use these forms of access control securely.
Key security tips
Keys are the oldest form of access control. They’ve come a long way in the last century – today’s locks are much more challenging to pick and use much more precisely cut keys. Of course, keys do have their drawbacks including the ability to lose them or share them with unauthorised personnel. To stop keys falling into the wrong hands, it’s therefore important to consider these key security tips.
Restrict Which Employees You Give Keys To
Not every employee may need access to every area or vehicle at all times. By restricting who you give keys to, you can reduce the amount of keys in circulation and prevent the wrong people getting hold of them. Only give your most trusted employees keys to certain areas where sensitive company information is kept.
Consider a Key Cabinet for Lots of Keys
Key cabinets can help organise lots of keys, while also keeping them secure. Electronic key management systems are some of the most popular types of key cabinets. These require an electronic key or biometric scanning to open, allowing only certain people access.
Such key cabinets are useful for hotels, realtors, car dealerships and companies with large vehicle fleets.
Decide Whether to Own a Master Key
A master key is a specially cut key that can access all locks. In company buildings where there are lots of different locks, a master key can prevent the need to cut lots of different keys while still allowing you to designate keys to specific locks to certain personnel.
This makes it very convenient while also having security benefits (less keys means fewer keys that can end up in the wrong hands). You do, however, need to be very protective over this master key – if a thief gets hold of this key, they have access to everything.
Weigh The Benefits of Key Cards and Fob Keys
Key cards and fob keys can sometimes be a better option than traditional keys. If they get lost or stolen, you can remotely deactivate them so that the wrong person cannot use them. You can also store data as to when they are used and even set up alerts if a card is used at suspicious times (such as at midnight or the weekend when no-one is supposed to be in your premises).
Code Security Tips
Passcodes are typically used to provide an added layer of security and require entering a sequence of numbers. The most traditional example is the combination lock used by many safes today, which uses several rotating dials with numbers on. Digital keypads are meanwhile a more modern option, which may allow longer codes.
Passcodes are also used as an alternative to passwords in some cases for accessing online accounts and digital devices. They are seen as more convenient, but can also be less secure due to fewer possible combinations. Whether you’re using them for physical or digital security, it’s important to consider these measures.
Avoid Obvious Number Combinations
The most obvious number combinations used by companies are sequences like ‘1234’ or significant dates – particularly dates of birth of company owners, or the date a company was founded. Such information could be easy for thieves to find or work out. This is why it’s better to choose random jumbles of numbers.
Don’t Use The Same Code For Everything
If a thief gets hold of the code to one door, you don’t want them to have access to all doors with code access. Use unique codes for each lock. This may be less convenient, but it is much more secure.
Jumble Combination Locks After Unlocking Them
If you’re using a combination lock, make sure that every user jumbles up all the dials after use. A common mistake people make is entering the code and then leaving the dials all in roughly the same place – making it easy for a thief to crack the code simply by moving one or two dials.
Regularly Clean Code Entry Pads
If codes are entered on a keypad, make sure to clean this keypad regularly. Using UV light, a burglar can see which keys have fingerprint marks on, which can help them narrow down the potential code options. Cleaning keypads on a regular basis can erase these fingerprints.
Look Into Temporary Passcode Authentication
The most secure passcode option is to send every user an individualised temporary passcode through their phone. This is a method more commonly used to secure online accounts, however there are some smart physical locks nowadays that can also send out one-time codes to users via an app. This ensures that every code is personalised and different.
Password Security Tips
Passwords are even more secure than passcodes because they can include letters and symbols too. Their weakness is that they’re more difficult to remember than codes – which can lead to people writing them down or choosing simple passwords. To make sure that passwords are secure, here are a few tips that could be worth considering.
Understand What Makes a Strong Password
The strongest passwords are long and use a variety of letters (upper and lowercase), numbers and symbols. Many security experts recommend a minimum password length of 12 characters – but 14 or 16 is even better. You should try to avoid using obvious dates and words related to your business. A completely random jumble of characters is the most secure option, but if you want to keep passwords memorable, consider incorporating random strings of real words with numbers and symbols such as ‘73RainbowWalrusSpanner!’.
Regularly Change Passwords
The chance of a password leaking increases over time. By regularly changing them, you can reduce the risk of passwords ending up in the wrong hands. It’s particularly recommended that you always change passwords if an employee leaves on bad terms – many data breaches have been caused by bitter ex-employees leaking information.
Don’t Use The same Password For Everything
As with using passcodes, you don’t want to be using the same password for everything. Secure each account with a different password.
Consider Using a Password Manager
How are you supposed to remember all these different passwords? Solution: you don’t have to. A password manager works a bit like a key cabinet but for storing digital passwords – it’s a program where all your passwords are stored. Of course, you don’t want the wrong people gaining access to this password manager, so you do need to have a very strong master password (ideally more than 20 characters). You may also want to use multi-factor authentication, which leads onto the final security tip…
Introduce Multi-Factor Authentication
The most secure accounts require users to enter a password AND a code. In many cases, this is a one time code. Alternatively, you can ask users to enter a password and then use a biometric password (such as a fingerprint or facial recognition). This same multi-factor system applies to other forms of access control – this could include a door that requires two separate keys to open, a door that requires a key and a code, or a door that requires a key and biometric password. Two layers of access control are always more secure than one.
Conclusion
We hope you have found this article about access control security tips helpful and that you will follow these steps to keep your company’s keys, codes, and passwords safe.