Part 2: What Is Physical Identity and Access Management? The Relationship Between PIAM and Physical Access Control Systems (PACS)
In part one of our What Is PIAM series, we covered the basics of PIAM including identity management, access orchestration, visitor management and credential management. Now that you are armed with the foundation of PIAM, we can dive into more advanced topics regarding integrations, specifically how physical access control systems (PACS), also commonly referred to as access control systems (ACS) can be seamlessly integrated with a PIAM system for enhanced insider threat prevention.
Now that you are armed with the foundation of PIAM, we can dive into more advanced topics regarding integrations, specifically how physical access control systems (PACS), also commonly referred to as access control systems (ACS) can be seamlessly integrated with a PIAM system.
What Is PACS?
A physical access control system is a security system that controls who can enter and exit a physical location. PACS can be as simple as a lock and key or as complex and multi-layered as a smartcard badge with multi-factor authentication via biometrics.
How Are PIAM and PACS Related?
PIAM is a complement to PACS. It takes some of the capabilities of a PACS and ramps it up significantly. It is not a one or the other scenario, they are not competitors, but partners who can co-exist and work together to achieve a centralized security system that has insight, data and abilities outside of a physical key for enhanced identity-based policy management.
Why Have Both?
Modern workplaces are swiftly expanding, both physically and digitally. Organizations are adding new solutions to their spider’s web of existing networks, software, and processes to accommodate evolving access challenges and business needs but are rarely achieving unity and integration between them.
This leaves physical and IT security professionals — who are trying to manage employee, visitor, contractor, and vendor access — with complications as they face: the need to consider multiplying systems and processes, siloed departments with no collaboration, various locations and diverse teams with differing access requirements. This often results in an organization hindered by disconnected and manual processes. And this doesn’t include the concerns with internal and external compliance requirements, which can add new reporting, data gathering and rule enforcement and codification layers.
But what if you only needed one solution, not dozens, and it could integrate at a single point to manage physical access centrally across an entire organization? That’s where this relationship of PIAM and PACS comes into play.
How Things Might Currently Look
The basis for securing physical locations, buildings and internal spaces is fundamentally through PACS. These systems protect organizations by ensuring that access to secured locations is only granted with an authorized credential — including smart cards, keys, mobile apps and more — against a reader.
The infrastructure ensures that essential security is met throughout a physical organization. Now consider the evolving access activities that go on inside an organization — various types of identities such as employees, visitors, contractors, clients, and vendors. While PACS ensures that access is either authorized or unauthorized, what about the complete lifecycle of the hybrid worker attempting this access? What is the data behind it? On what basis was this person granted access and what do they need it for? What happens when people change roles or need temporary privileges? Traditionally, organizations must conduct multiple manual processes across various systems to retrieve this information and take actions, assuming the information is readily available.
Advancing Access With PIAM
A PIAM solution captures all information relating to an identity and their relationship to an organization, and gives organizations visibility into the who, what, why, when, and where of every access activity across their business. PIAM is about granting, controlling, and understanding access control on a more granular level, down to a single person, to increase overall security and compliance. There’s more to it than that though — it's also about simplifying operations and reducing costs related to onboarding, offboarding, and managing the changes in access as that identity evolves.
A PIAM solution acts as an intelligent layer that sits above multiple systems and locations in your organization, it serves as the one single place where the organization can control access at a role, policy, identity, or attribute level.
PIAM aims to modernize traditional physical security systems and processes that can make compliance to internal and external regimes difficult. HID provides solutions that integrate with current PACS to avoid rip-and-replace, and instead maximize the potential of your current systems.
So, What Is the Biggest Value in Having a PIAM Even if You Already Have a PACS Implemented?
Clear and simple, a PIAM closes all the gaps that can possibly exist when it comes to identities, access management and at the highest level — security of an organization. PIAM knows every place an identity has been added so that it only requires one step to make any changes (i.e., removing access, changing access, etc.). Identities are dynamic and can become a pervasive and persistent problem for any large organization without the proper tools and controls to turn identities into the solution. Even sophisticated access control systems need help when part of a highly distributed and complex organization; PIAM has the data and abilities that help.
Identities are dynamic and can become a pervasive and persistent problem for any large organization without the proper tools and controls to turn identities into the solution. Even sophisticated access control systems need help when part of a highly distributed and complex organization; PIAM has the data and abilities that help.
Learn more in part 3 of this series >>
Samantha Friedman is the Content Marketing Manager for HID helping drive content initiatives and brand positioning for the physical identity and access management solutions within the Identity and Access Management division. She has extensive experience in content strategy and implementation across a variety of industries including advertising technology, media + entertainment, data privacy and global packaging.