Editor, IFSEC Global

Author Bio ▼

James Moore is the Editor of IFSEC Global, the leading online publication for security and fire news in the industry. James writes, commissions, edits and produces content for IFSEC Global, including articles, breaking news stories and exclusive industry reports. He liaises and speaks with leading industry figures, vendors and associations to ensure security and fire professionals remain abreast of all the latest developments in the sector.
February 3, 2020

Sign up to free email newsletters


The Video Surveillance Report 2022

Business growth

Security vs. Scalability: Why not both?

Everyone organisation wants to grow and evolve, but factoring in security to these ambitions, alongside all the other aspects that come with growth, isn’t always straightforward. Indeed, it may even be a major barrier in evolving, for some. Jeff Bransfield, National Sales Manager, RS2 Technologies, explains why this should no longer be the case for access control.

For many, running their own business and in turn being their own boss is dream worth working toward. However, there are a lot of considerations to make when it comes to hiring competent employees, managing finances and establishing best practices. But another often forgotten piece of the puzzle is choosing a security solution that is fit for a businesses’ needs both now and in the future. Thanks to technological advancements, users no longer have to sacrifice security for scalability, or vice versa. Users are demanding solutions that can change as their business does, and in turn, the industry is responding.

There are pros and cons to the many technologies involved in access control systems today, so how can you be sure you are selecting a solution designed with both security and scalability in mind? Several considerations should be made before making a technology investment to bring you to the future.

Should I Use the Cloud?

There are a lot of benefits to choosing a cloud-based access control system, most notably the lower cost of ownership and increased scalability potential. With no software to install, paired with automatic updates, the cloud ensures delivery of the most up-to-date, secure version of the system possible, with room to add or remove services as business trajectory fluctuates.


For example, if a business only requires support for four doors when they launch, but experiences growth and later needs support for 10 doors, this can be done easily within a cloud-based system. Scalability is the biggest advantage of the cloud, but what a lot of people don’t realise is that the cloud is also just as secure as fully local counterparts, if not more.

According to the Hiscox Cyber Readiness Report, 70% of organisations are not prepared for a cyber attack. This tells us two things: First, businesses do not have the resources to dedicate a full team to cyber security; second, businesses are, understandably, putting operations ahead of cyber security best practices.

If your business falls into the 70%, the good news is that cloud-based solutions are typically part of a subscription based model, allowing users to pay a set monthly price for the services they receive. This ensures users are only paying for what they need at present, with the ability to change the services they subscribe to as their business grows. Along with this, users typically receive 24/7 monitoring by the cloud provider, guaranteeing their system is under the watchful eye of an off-premise professional. Vulnerabilities are often detected and dealt with before the company even realizes they were at risk. If the same hacker attacked a local solution at a company without the resources for a dedicated IT team, it is unlikely that the risk would be identified and eliminated as quickly.

Cloud providers employ best in class IT professionals, so that you don’t have to. No capital expenditures and a dedicated team monitoring the system positions the cloud as an ideal option for affordability, scalability and security.

Are open source systems secure?

Open source systems provide a level of flexibility that is unmatched by other options in the market. Instead of choosing a single manufacturer and getting locked into purchasing products and services from only that vendor, users can instead mix and match to receive a true “best-of-breed” solution. An open system means being able to use equipment from a variety of companies to customise the solution to a user’s unique needs. There is no cookie cutter approach to access control, and open systems provide the means by which integrators can create solutions tailored on a case-by-case basis.

As a result of this flexibility, users can start small and add more system components as their company grows. With no vendor lock-in taking place, users can ensure they are choosing equipment to stay at a price point they are comfortable with, while also remaining on the cutting edge of new technologies. This is necessary as users grow their businesses and in turn need additional physical equipment. An open source access control system can also easily integrate with video management systems (VMS), human resources and HVAC to provide a full operational view of a facility.

With proprietary systems, users are instead forced to make up-front commitments that may not allow for variance as new technologies are developed. Open systems ensure users are at the forefront of innovation, on whatever scale works best for them, while also providing the freedom of choice to make security decisions based on functionality and security preferences, rather than manufacturer agreements.

Open source systems are as secure as the people operating them. Work with an integrator to customise a solution based on your security needs, and consider combining an open source system with the cloud for a high level of system oversight, and increased scalability potential.

What about credentials?

The definition of a credential is changing as we know it, and as such, the way we go about credentialing is shifting from traditional cards to smarter options. Credentials today are created around the identity of a user, rather than a simple fob. There are a few credential options to keep in mind to ensure both ongoing security, and the potential to scale up or down to adjust to an evolving business trajectory.

Proximity cards are convenient, but are no longer the most secure option. It is a known risk that unauthorised individuals can gain access to an area by following behind someone with a working credential. Because there is no true identity attached to this type of credential, there is no way to know that the correct person is actually gaining access. End users are recognising this, and are making the move to more secure options.

Mobile credentials are gaining traction because, in theory, users can use their own devices. This eliminates security issues with previous access control credentials, such as card duplication or sharing. Users are more likely to remember and keep tabs on their own mobile devices as opposed to a key fob that is easy to forget when running late or distracted because mobile devices are already so engrained in day-to-day life.

In addition, mobile credentials reduce costs because companies do not have to spend money on plastic cards or fobs, as most users have their own mobile devices that can be programmed with firewalls and multi-factor authentication to ensure the identity attached to the credential is authentic.

However, it is important to note that full-scale mobile credential deployments require a special infrastructure to be in place, which can often be costly. As traditional credentials become outdated it is important to look to the future to be sure you are making wise technology investments that are secure, but are also reflections of a changing technological landscape. If you are not ready to implement mobile credentials today but think you may be in the future, it is important to have this conversation with your integrator to be sure you are ready when the time comes.

What’s more important?

The good news is users no longer need to choose between security and scalability. Thanks to technology advancements and an ongoing commitment to education, users are requesting solutions that are convenient, scalable and secure. There is no need to sacrifice one over the other when implementing a solution. Even if you aren’t ready for some of these systems today, it is important to know the options available to make an informed decision for the future.

‘Secure by Default’ in the Age of Converged Security: Insights from IFSEC 2019

From data security to the risks and opportunities of artificial intelligence, the conversations at IFSEC International shape future security strategies and best practices. This eBook brings you exclusive insights from these conversations, covering:

  • A Global Political and Security Outlook from Frank Gardner OBE
  • Surveillance Camera Day: Tony Porter launches ‘Secure by Default’ requirements for video surveillance systems
  • Using Drones to Secure the Future
  • Autonomous Cars and AI: Relocating human incompetence from drivers to security engineers?
  • The Ethical and Geopolitical Implications of AI and Machine Learning

Related Topics

Notify of
Inline Feedbacks
View all comments