Access control system planning and design guide for architects

These days, instead of mechanical locks and keys, technologically-advanced access control systems keep buildings safe from intruders and sticky fingers. These systems can rely on RFID door lock readers, keycards, electromagnetic mechanisms, smartphone credentials—and even fingerprint and facial scanners—to keep property (and data) safe.

But when planning an access control system for a building or workplace, how do you identify all the features and technology required? This guide will help identify the key components of creating an access control and security strategy that is suitable, and help answer common questions about the access control planning, design, and installation process.

Access control system planning: getting started

The first step in access control planning is understanding the basic security needs of the building. Before even getting into how many door readers or controller units you’ll need, you need to know what types of threats the access control plans need to account for.

Crime threat assessment

The strength of your access control system should be influenced by the safety of the neighborhood. Most business owners have a natural sense for local crime levels, but you may want to reach out to your local police department and nearby businesses to ask for their security recommendations based on recent crime trends.

This will reveal: (1) whether a basic access control system with a minimum of security features is sufficient; or (2) whether you should invest in stronger tech, heavier-duty locks, on-premises security guards, and take other measures to safeguard your facility during the access control system design process.

Access control planning to deter employee theft 

Sometimes, the most serious security concerns for a business come from the inside. Internal theft by employees caused 30 percent of inventory shrink in 2018. Cybersecurity also factors in here, with many recent data breaches being tied to a simultaneous physical security breach—often from an existing employee.

Businesses can benefit from the most advanced access control solutions that we provide at Openpath—like using fingerprint scanners, facial recognition software with a smartphone-based, touchless access control system. Smartphone access control solutions can also prevent employees from passing around or stealing the access control cards of others.

Extreme weather could degrade your access control system

In addition to the criminal threats, consider the additional external and environmental factors that could compromise the utility of your access control system over time. Identify which types of severe weather conditions—like ice, snow, rain, flooding, extreme temperatures, or hurricanes—are a concern in your area. During the access control planning process, look for hardware that can withstand any extremes that are common in your area. For example, access control systems on south-facing exteriors in Arizona should still be able to function reliably when temperatures exceed 100℉ on a regular basis.

Improving security with environmental design

Beyond your access control system, you may want to consider the principles of Crime Prevention through Environmental Design (CPTED) during the access control planning process. CPTED thwarts crimes on your property by focusing on the following four security areas:

• Natural surveillance: Natural surveillance relates to whether your external grounds are free of areas where would-be muggers and burglars can hide, making criminals feel less welcome on your property.

• Natural access control: Natural access control uses lighting, pathways, boundaries, and landscaping techniques to direct foot traffic along specific paths to keep people in designated areas and traffic flows.

• Territorial reinforcement: Territorial reinforcement sets up clear boundaries with high shrubs and fences to distinguish between public and private access areas. 

• Maintenance: A poorly maintained property sends a loud and clear message that no one is paying attention, and a crime will go unnoticed. By keeping the grounds and property well-maintained, criminals will look for another victim.

A can help you determine which of the above factors should be addressed in your access control system design and infrastructure.

Architect’s guide to touchless access control system planning

For architects, access control system design plays an important role in the final aesthetic and functionality of a building. Choosing the right security technology can add to the overall look and feel of a space, or it can draw attention in all the wrong ways. Good access control system planning is also useful in attracting tenants to new office spaces, and helpful in retaining existing tenants. Use this checklist as a guide to contactless access control planning.

Do you have a complete plan for your access control systems installation?

It’s vital to plan for the unique characteristics of your building before you start buying access control components. Here are some important steps to take during this initial access control system planning stage:

• Analyze blueprints and site drawings: A detailed review of your building’s blueprints and site drawings helps you plan for the components you need and where you’ll need to install them.

• Confirm your requirements in writing: When you’re dealing with a professional access control company, discuss every detail and confirm the plan in writing. Don’t move forward with the install until you know exactly what you’re getting and how much it’s going to cost.

• Get approval from local officials: Always check with local fire officials and building code agencies to ensure your access control design complies with existing codes.

An expert access control provider should work closely with you to understand your access control needs and the requirements of your building. Your provider should also check to ensure that your plan complies with local building requirements.

Considerations for access control system installation and maintenance

The installation of an access control system is a multifaceted process, and—for someone who’s never done it before—it’s easy to get lost in the details. Access control system architects should work with a trusted integrator to plan and install the access control system to make sure you haven’t missed anything. However, you’ll also want to have a general idea of what’s involved, so you can supervise the installation effectively. Here are three vital areas of consideration for every access control systems installation.

1. Does the owner have an option for cloud-based or on-premise servers? 

Most commercial access control systems fall into one of two categories: cloud-based, or on-premise. This is a key decision for architects during access control system planning, as it can affect the functionality of the entire building’s security. On-prem systems rely on local servers, with all permissions and credentials configured on-site. Some legacy systems do offer remote access to reporting, but the features and functionality will be limited to what the local servers can handle.

A cloud-based solution is much more flexible, and has the benefit of fully remote management and configuration. Because cloud deployments eliminate on-site servers, they allow every site or location to be managed from a single dashboard, making it much easier to scale up or back at any time. For access control planning purposes, you will need an Openpath software subscription to use Openpath hardware. Subscriptions are based on usage, so they are more cost efficient in the long run compared to all-in-once licensing; it’s easier to add or remove features that you need. For a more future-proof security system, we recommend using a cloud-based access control platform like Openpath.

2. Will you hire a professional for the access control system installation?

While some access control providers allow anyone to purchase and install their hardware, why would you leave something as important as security to anyone but a professional? For the best access control installation experience, we recommend always working with certified access control system installers who knows the ins and outs of your specific system, and can complete the installation in an efficient manner. When planning access control system installation for your building, you should work with the installer to determine:

• Any existing hardware or wiring that will be reused

• If the project requires a full rip and replace

• The amount of space you can dedicate to control hubs and readers

• The types of door locks that will be used in the installation

• Backup protocols in the event of a power failure or Internet outage

If you are keeping legacy hardware installed, choosing a system that is backwards compatible with existing hardware and wiring will make for a faster, smoother access control installation process. Openpath, for example, uses standard wiring and a plug-and-play design for easy install in all building types. Plus, the hardware is backwards compatible with most legacy systems, which makes it easier for access control architects to deploy hybrid systems across properties, retaining initial investment without compromising on security or convenience.

Even though Openpath hardware mainly relies on Internet and Bluetooth connectivity to function, all Smart Hubs also come equipped with a backup battery connector and CloudSync technology to ensure the system functions reliably even if there’s a power or Internet outage in the building. Once power is restored, the system will automatically sync locally stored data to the cloud.

3. What are the ongoing maintenance and update needs?

The initial installation is only part of an access control system plan. There are also recurring maintenance and upgrade processes to factor in. For example, on-premise access control systems will require in-person maintenance to the local servers, and often include costly recurring license renewals. Every time there’s a new update or patch for a security vulnerability, you’ll have to roll up a truck and a certified integrator will need to perform the upgrade. Some readers also require manual updates to each individual component, which could be a time-consuming project if you have a large deployment.

In contrast, Opennpath’s cloud-based system rolls out new features and software upgrades automatically OTA (over the air). This minimizes system downtime, and ensures you have the latest and greatest security features as soon as they are available. A cloud-based system gives you optimal performance and more immediate protection against new vulnerabilities.

Access control system plans to maximize flexibility and control

Most businesses would agree that having greater control over their security, as well as the flexibility to make adjustments as needs shift, is a top priority. Especially for commercial real estate access control plans where there are multiple tenants in a building, the access control system design needs to be more flexible. Here are the top considerations for access control design that’s scalable and future-proof:

• Granular site-specific permissions. This access control feature is important for businesses with more than one location or office site. With granular permissions, system administrators can control specific users’ access levels at every location. With Openpath, this is all done remotely in the cloud for more efficient management.

• Instant credentialing. Still waiting for key cards to be issued and chasing down employees and guests to return badges? With mobile credentials from Openpath, system administrators can issue or revoke a user’s credentials instantly, from anywhere.

• Flexible credentials. The access control plan should take into consideration whether the system supports all the different credential types that tenants want to use. While mobile credentials offer many advantages, not all businesses are ready to make the switch. Openpath Smart Readers support unlocking via the mobile app, tablet app, and Apple Watch, plus encrypted key fobs and cards. The system is even backwards compatible with many legacy credential types, so tenants don’t have to switch right away. 

• Support for zone sharing. Openpath’s zone sharing capabilities allow property owners and managers to give all tenants access to public areas such as lobbies, while still allowing tenants to control access to their own offices and spaces on the same system. It’s quick and easy to configure specific roles and user groups to allow tenants to manage their own security in the Openpath dashboard. You can also use Openpath’s open API to seamlessly integrate with tenant platforms for a unified experience.

• ROI. In a multi-tenant building, having one access control system that’s flexible enough to accommodate rotating tenants helps future-proof the building. Openpath gives property managers the ability to containerize spaces with access control technology that’s easily scalable and customizable to fit a wide range of needs.

• Effortless remote management. One of the key benefits of a cloud-based security system is being able to monitor and manage building security from anywhere. Remote management helps make teams more agile and lean, improving efficiency and sustainability over time.

Additional features and capabilities for access control design

Beyond the basic features of your access control solution, it’s important to consider the different add-ons you may need, both now and in the future. Here are some examples of common features to include in an access control plan:

• Controlled access for ancillary amenities. Does your access control system need to support parking gates, garages, turnstiles, or elevators? With Openpath, the same credentials and software can be used across every entry type.

• Support for touchless elevators. For buildings that need controlled and contactless elevator access, Openpath offers an integration with braXos. It works by virtually mapping elevator relays with APIs and destination dispatch platforms via the braXos middleware product, and controlling access to floors with Openpath’s touchless mobile credentials. In an access control plan, you’ll need to include design for Openpath’s Core Series elevator controller board, the braXos Openpath Connector, and the braXos Steward middleware product.

• Physical security integrations. As part of a comprehensive security system design, Openpath seamlessly integrates with other physical security systems including video surveillance, fire alarms, burglar alarms, and sensors.

• Software integrations. Your access control planning should also mention any integrations with building software and apps. You can easily connect tenant and visitor management platforms, user directory tools, communication apps and more with Openpath’s extensive list of native integrations, and via the open API and mobile SDKs. 

• Ease of scalability. The beauty of a cloud-based system is that adding new doors, offices, and buildings can be done in just a few clicks. Openpath’s software subscriptions are available in monthly or annual installments, and can be adjusted at any time. That means you only pay for what you use, and can scale the system up or back to meet business needs. Plus, with a range of hardware to support anywhere from a single door to up to 24 entries on one network uplink, Openpath makes it easy to get new doors installed quickly.

Access control plan example and template

While the nuances of each access control system plan will depend on the size and type of deployment, most plans have the same main components. An access control example plan should include the following sections:  

1. Introduction: This section should cover all security policies and resources for the team. The introduction should also detail any existing access control models currently in use that may factor in during installation.

2. Physical security: Here is where you can go into detail about environmental access control and physical security measures on the property. Include details about lighting systems, sensors and alarms that may relate to the access control system design, and if video surveillance will be used in conjunction with access control. This is also a good place to include any emergency plans such as lockdown or law enforcement protocol.

3. Installation and power supply: Here’s where the technical aspects start to come in. This section will map out all the hardware requirements, power supply needs, software details, and system support. Types of access control authentication, how the system will be monitored, any reporting parameters and alternatives in the event of a power failure or Internet outage should also be noted.

4. Backend infrastructure: This section of your access control system plan should include all the configurations and internal information for the system to tie into cybersecurity precautions. Parameters for how to handle access control unit passwords, specialized equipment and computer network controls, internal access control methods, and any role-based access control measures are often included here.

Need help with access control planning? Let us help. 

With a dedicated team of access control experts and a nationwide network of trusted access control installers, Openpath can help you with your access control system design at any stage of the planning process.