2020 was the year of COVID; the year of sheltering in place; and the year of the lockdown. In a moment, “business as usual” lurched a halt. Offices emptied. Business leaders scrambled. Remote work ensued. But under the surface of unrest, something else was happening. Access control pivoted. As the unpredictability of the pandemic dragged on, companies determined they needed a flexible access control solution. En masse, they realized the rigidity of on-premise access control no longer sufficed. Cloud computing accelerated, and a shift to cloud access control began.
Why Access Control is Moving to the Cloud
Douglas Murray, CEO at Valtix, a multi-cloud network security platform, commented on a report published by Neskope in July 2021 called the Cloud and Threat Report.
On-premise systems, often found in a basement or locked in a cabinet, required administrators to be onsite when making system changes. As terminations in workplace occurred — due to the pandemic —administrators would need to travel to the site to remove terminated credentials. Otherwise, credentials would stay active and pose a security risk to the company. With the adoption of the cloud, all this changed.
Fluid credential workflows, video security tethering and mobile access fueled the transition to the cloud. Cloud systems equipped IT teams to add and remove credentials remotely. Enterprises no longer needed to worry about multiple standalone systems at various locations. Instead, it became possible to monitor a single system, globally.
But one benefit stands out — integrations.
Integrations and Cloud-Based Access Control
“Most on-prem systems aren’t built to integrate with other software solutions,” said Robert Vail, Vice President of Sales at Genea. “As we move to an environment where everything is cloud-based, including video management systems, being able to connect solutions together via API (application programming interfaces) is really important.”
But why not integrate with an on-premise server? There are two drawbacks: it’s costly and laborious to connect an on-premise access control system to a cloud-based integration. However, switching to the cloud makes integrating with other software exponentially easier. In fact, some integrations only require an API key. Genea’s integration with Cisco Meraki’s video management is one example of this seamless integration. Learn more about it here.
Further, cloud systems allow administrators to streamline their operations by quickly incorporating new software into their security ecosystems. Other integrations with access control include identity management systems, like Azure Active Directory and Okta, and notification systems like Microsoft Teams, Slack, Google Workspace. As modern technology gets released at a faster and faster rate, cloud-based systems let teams remain flexible in their processes.
Despite the benefits of cloud systems, some still have reservations. This exists for two reasons:
- The cost of installation
- Antiquated ideas about cloud security.
Cloud-based Access Control and Your Security
“What the Netskope Cloud and Threat Report correctly highlights is that public cloud security should be front of mind for all enterprises,” Murray said.
According to the Netskope study, cloud-delivered malware increased to an all-time high of 68%. Despite this percentage, companies like Genea take security compliance seriously. Historically, the cloud has long been viewed as a security risk by skeptics- a place where family photos might safely live but storing company credentials seemed highly reckless. However, advancements in cloud security, transfer speeds, and increased storage capacities have put the cloud in a new light.
A popular cloud service is Amazon AWS. With a client-base of well over 1 million active customers (e.g. GE Oil and Gas, Kellogg’s, Apple, etc.) AWS uses a shared security responsibility model. This means that while Amazon secures its infrastructure, companies like Genea implement added security. Some of the security measures taken by AWS include:
- Continuous monitoring for near real-time security information
- Reducing human configuration errors through automated integrations
- Encryption at the physical layer
- Additional encryption occurs, such as VPC cross-region peering traffic and TLS (Transport Layer Security) connections
Cloud-based ACaaS (Access Control as a Service) providers like Genea and its third-party integrators take security a step further. For example, Genea avoids superuser accounts, thereby making privileges available on an as-needed basis. Genea also encrypts at-rest and in-transit data from mobile credentials to the database.
Finding a Secure Space in the Cloud
While cloud skeptics remain, it’s important to understand the inflections point has passed. With COVID-19 making a resurgence and the traditional work environment in flux, now is the time to innovate. Now is the time to optimize you security processes. After all, the future of access control is floating in the cloud.