Selecteer een andere taal om de inhoud voor uw locatie te ontvangen.

|

Zero Trust & Access Control: The answer to increasing security requirements

The zero trust principle is currently the subject of much discussion. The term is, however, no longer just a buzzword in access control, but refers to a concrete problem-solving approach. The basic idea is not to grant universal, permanent access rights, but to manage such rights automatically on a case-by-case basis using networked access control systems.

Zero Trust in der Zutrittsorganisation wird aktuell vielfach diskutiert

The zero trust approach is driven by everyday problems: access control in many companies, institutions, office buildings and commercial properties is still based on classic locking concepts. Once assigned, access rights remain in place for a long time and are static. If changes are made, this usually involves a significant amount of manual programming work to update the offline door components. The result is an enormous administrative burden. At the same time, the need for greater security, traceability and flexibility is growing, for example, due to NIS 2 or ISO 27001.

Seamless connection to digital interfaces
This is precisely the area in which a modern understanding of zero trust is required. Instead of universal and permanent authorisations, access options are assigned specifically and accurately. Modern electronic access systems make it possible to authorise every identification medium precisely. In addition to identity and role, the time and location restrictions required for each access permission are also considered. This is based on a central identity and authorisation management system that automatically controls all access and unauthorised access attempts, ensuring compliance with GDPR.

In practice, this approach is gaining in importance, particularly due to its ease of integration with existing IT infrastructures. Integration with central master data systems, such as Microsoft Entra ID, allows synchronisation of personal master data almost in real time. This means that new service providers or departing staff can be quickly authorised or blocked in the access control system. Authorisations can be assigned automatically and adjusted on a daily basis. If an employee or service provider is deactivated in the system, the associated access rights are also invalidated. This reduces administrative work. At the same time, control and transparency is increased.

A typical example from everyday life is the work of building service providers. Cleaning staff often work at off-peak times and in many different areas of a building. In the past, keys had to be disabled manually. Modern electronic access control systems operate based on access authorisation periods. Used in conjunction with virtual networks and the necessary interfaces, these periods expire automatically. This is where the focus lies today: authorisation cannot be granted if a service provider’s permissions are blocked. This means that they only have access to the rooms that are specifically assigned to them. This reduces the administrative burden and eliminates the time-consuming documentation typically associated with mechanical locking systems.

Sensitive areas can be provided with additional protection
Networked access readers installed on doors can operate in near-real time. This ensures that access rights are assigned to identification media promptly and consistently. In Winkhaus’ blueEvo system, this is handled by so-called Virtual Network Hubs. Existing infrastructure can often be retained, which makes it easier to introduce the new systems. Nevertheless, implementation brings challenges: processes must be adapted, systems integrated and acceptance created among users. This is primarily achieved through the intuitive operation and high level of user-friendliness of the accompanying software.

Modern access control systems offer added value in terms of increased security, better traceability and greater flexibility. Access rights can be configured in offline components without the need for manual programming. This means they are automatically effective. This avoids risks that arise from key loss, among other things. At the same time, different levels of security can be mapped within a building. This allows particularly sensitive areas such as server rooms or laboratories to be protected in a targeted manner.

“Taking this zero trust approach a step further opens up additional possibilities,” adds Dr Volker Brink, Director of Product Management Access Control at Winkhaus. “The future lies in solutions that require a second form of authentication, such as a PIN or biometrics, in addition to the identification medium. This additional security measure then applies only to specific areas, preventing access credentials from being passed on without authorisation.” Which confirms: in the field of locking systems, zero trust is not just a theoretical concept, but a practical solution to the growing demands of modern access control.

Key points at a glance

Would you like to learn more about our company or are you looking for additional information? Then our Winkhaus Magazine is just what you need. There you’ll find helpful explanations, a wealth of background information, and fascinating stories. Feel free to take a look!

Back to the magazine overview