Securing Critical Infrastructure with Touchless Access Control

The COVID-19 pandemic has upended almost every facet of the modern world, from the economy and commerce to manufacturing, supply chains and global trade.

We have become acutely aware of the vital role that critical infrastructure plays in sustaining daily life during this “new normal.” The value of power, cable and telecommunications, water and natural gas transport and delivery systems, their maintenance and ability to keep the world up and running while many parts of the economy are on hold has greatly increased.

At the same time, the general public has been enormously sensitized to the ease that viruses like the coronavirus can be transmitted through touching surfaces. This creates a new challenge for those who manage the service and repair operations at infrastructure companies: How do you send technical personnel to multiple sites each day and have them access and work on those facilities, while adjusting their work practices to minimize touch points and protect workers from becoming viral vectors?

To do so requires modifications in how technical personnel operate and are assigned and scheduled for their tasks servicing infrastructure systems. There are also technologies that can help: Electronic Access Solutions (EAS) provide a platform for safely securing these distributed equipment sites. These systems minimize the need to physically touch doors and access panels on enclosures through electronic locks that can be actuated via Bluetooth-enabled smartphones and RFID cards.

EAS systems consist of integrated electromechanical locks and latches that can be used to secure enclosures in remote locations. Many Electronic Access Solutions today use cloud-based networking to provide a more flexible, secure and efficiently managed way to ensure safe and reliable physical security management of remote equipment sites, incorporating simplified credential management and audit trail monitoring of access activity.

Securing Distributed Technology

Critical infrastructure providers include power, telecommunications and cable, natural gas and water and sewer. All have their equipment installed throughout our built-out landscape, in cities and suburban housing developments, rural communities, in commercial and industrial locations, along roads and highways — even in the most remote locations.

These are more than just pipes, wires and cables. All of these systems have control devices (electronic or mechanical), distribution panels or junction valves, as well as condition monitoring and testing devices distributed across their networks.

These physical components share common attributes:

• Remote equipment is usually secured in enclosures designed to protect the valuable technology that enables their networks to operate.
• This equipment needs to be accessed by a variety of personnel performing common tasks: moves/adds/changes to network configurations, routine maintenance activities and emergency repairs.

There have been investments by some of these infrastructure operators, such as the telecom and cable companies, to manage these distributed systems much more remotely and automatically, reducing the need to send technicians to remote locations as much as possible. However, there is still a broad range of activities to be conducted by experienced technicians, so access to these enclosures must be properly managed.

Securing these widely dispersed systems is crucial, especially since most are located within reach of the public, are (for the most part) unattended and are at significant risk for vandalism and theft. These enclosures can be targets for thieves seeking valuable materials, such as batteries, copper wire and other electronic components. Even though they are hardened against the elements, they can also be exposed to extreme weather events and may need to be accessed when emergency repairs are required.

When equipment in these enclosures is damaged, those elements of the infrastructure or network can go down. Bringing it back online requires emergency repair dispatch and new components, combined with the costs associated with downtime of any network segment. Given the heightened importance these systems play under the “new normal,” investing in secure physical access control systems can help minimize risk and downtime.

Upgrading Enclosure Security

Electronic access solutions provide an effective physical security solution for these enclosures. Compared to mechanical locks, which must be accessed by a physical key, EAS provides a digital credential that can be easily issued, traced and even revoked from a central location.

An electronic access solution is composed of three primary components: an access control reader or input device, an electromechanical lock and a control system for remotely managing and monitoring the access point. When designing an electronic access solution, choosing the appropriate electronic lock for the specific enclosure will provide the intelligence, flexibility and security needed for that location.

Many enclosures still use basic, padlocks, or metal tags which are replaced with each technician’s visit. Manually tracking keys can be time-consuming and not very secure, and audit trails of technician activities can’t be recorded in real-time.

The most common type of electronic access credential is an RFID card, which is widely used in many building management and technician management operations today. Many telecom service providers and the contractor vendors who service them already use RFID cards for accessing central and local offices, data centers and other operational locations.

Another form of access credential is an electronic PIN code that can be changed on a recurring basis, with different codes assigned to each individual. This makes the credential more personal. The downside is that PINs are easily shared, lost or forgotten, which can complicate maintenance activities and add additional security risks.

The most secure access credential is one with more than one layer, is unique to the individual and is easily modified through cloud-based software systems. For example, an EAS platform that supplies an electronic, time-based key via a mobile app on a technician’s smartphone has the following layers of personalization:

• The phone and its phone number are unique to the technician. Many smartphones already have biometric-type security that uses a thumbprint or facial recognition scans to unlock the phone.
• The smartphone app used by the technician to download the key from the cloud platform is secure and password protected.
• The electronic key loaded to the app is site- and event-specific. It can only be used to open a designated enclosure, and only for a scheduled period of time.

When combined with a robust, secure intelligent electronic lock, these cloud-based access controllers can provide simple solutions for providing time-based access control to critical infrastructure equipment enclosures.

Audit trails generated by electronic access solutions provide management with an additional resource: They can track when an enclosure door is opened in order to monitor maintenance and service activity. If equipment is scheduled for maintenance but the audit trail shows the enclosure has not been accessed, management can find out why the delay occurred and exercise better supervision of service personnel and costs for service.  Audit trail data can also reduce admin costs by providing the analytics to better managing the time required for maintenance.

EAS should be scalable to allow for installation across a large number of distributed enclosures. Some enclosure manufacturers and end-users have a perception that these electronic access solutions require significant hardware, IT investment and ongoing support. However, there are EAS platforms that offer incremental, cost-effective ways to add EAS technology to existing enclosure components.

For example, modular electronic latching and locking mechanisms can be customized with different types of readers, such as RFID, PIN, biometric and Bluetooth solutions. This can make it easier for infrastructure operations that have already implemented electronic access solutions to expand to other forms of access control by simply modifying the locking mechanisms on their remote equipment to match whatever platform they have in place.

“Touchless” Entry on the Rise

The “new normal” has significantly elevated awareness of how often common surfaces and access points are touched by individuals and the health risks of transmitting viruses. Until the current situation, it was not much of a concern to consider who had touched surfaces last — such as convenience and grocery store door handles, self-service gas pumps, ATM buttons and touchscreens and other self-service kiosks — or what could be contracted by doing so. That has clearly changed.

For critical infrastructure operations, technician visits to remote equipment sites now need to incorporate practices to minimize risk. For example, one asymptomatic but infected tech could touch multiple enclosures over the course of their assignments and then spread infection to colleagues who would be the next to access that location.

EAS provides a means for a touchless access while helping to minimize the number of common surfaces technicians may touch. When an electronic access system uses RFID or Bluetooth-credential delivery, technicians never have to touch the electromechanical lock to start a task or manually relock it after the service call is complete.

Touchless access at remote equipment locations is actually following a growing trend simply to provide a more convenient and secure means of accessing equipment compartments. It’s becoming common for doors and other access points to automatically open when technicians approach portals with RFID tags or activated Bluetooth apps — there often is no need to reach for and use a door handle.

Similar types of access devices can be included as part of electronic access solutions for any remote enclosure. Concealed electromechanical locks and touchless readers can automatically unlock and release the latch on an enclosure door, literally “popping open” the door, thus eliminating another possible touch point and providing convenient, hands free access.  

Conclusion

It will be some time before we can fully appreciate the impact the coronavirus pandemic will have on how we live, do our work and help our communities. As a result, there is clearly a heightened awareness of the value and importance of the critical utilities and infrastructure all of us depend on. Along with many other front-line personnel, such as healthcare workers and first responders, the technicians servicing and maintaining these facilities should be supported and provided with the tools to keep them safe.

Electronic access solutions can help in this effort. Along with the benefits of improved workforce management, increased security and real-time audit trails, EAS can create a platform for touchless access to remote equipment enclosures — providing one more tool to help minimize touch points where infections can spread.