Integration of IAM with Physical Access Control Systems

Authors

Doug Simmons – Principal Consulting Analyst

Abstract

Physical access control systems (PACS) are becoming more integrated with Logical Access Control Systems (LACS) via Identity and Access Management (IAM) deployments. This direction is further evidence of the trend towards expanding the breadth of IAM services under consistent governance and security models. There have been continued efforts by many vendors to converge these two environments in response to increasing compliance mandates, requirements to better manage alternative user populations such as on-premises visitors and contractors, and an acute emphasis on timely and secure access. In this sense, standard capabilities such as a common authenticator and automated integration with user provisioning are relatively mature. The goal of this integration is to have one service that choreographs access to both facilities and IT resources.

The purpose of this report is to dive into the concepts and conceptual architectures of converged Physical Access Control Systems (PACS) and Logical Access Control Systems (LACS), referred to as PACS-LACS convergence. This insight addresses the typical enterprise objective to migrate their current set of multiple building/facilities access systems to a single PACS and LACS solution that is more secure, easier to maintain and able to be deployed across the entire organization. These solutions, which in many cases are becoming quite mature in the PACS market must also comprise a complete solution that includes video surveillance, high-availability, fault tolerance, and end-to-end administration and monitoring.