Verroo Partners with Safetrust

Although common knowledge it’s worthwhile to focus on how K-12 schools, especially universities, consist of a set of interconnected physical environments. These include classrooms, athletic facilities, common areas, dining areas, libraries and dormitories. Overlaying these physical spaces is a parallel set of virtual environments, such as library management systems, laboratory equipment checkout software, laundry payment systems and many others.

For years, these physical and virtual environments operated more or less in silos, particularly regarding security and access control. A student might have a key for her dorm room, an ID badge to let her sign a book out of the library, a stored value card for doing the laundry and so forth. This is starting to change.
Security and access control in educational institutions is now converging. The people who manage these different areas of campus life are interested in bringing the silos under a unified access control mechanism. Some want this convergence. Others feel pressure to make it happen due to budget pressures and demands from students and other stakeholders.

The convergence in access control also stems from a recognition that the institution will be better off if it has integrated awareness and control over the access privileges of students, visitors, employees and vendors. It’s costly and complex to oversee access control for these different groups, each of which has its own access requirements and time horizons. For example, a vendor making a delivery needs access for a few hours. A professor might have continuous access for a decade.

End users find it inconvenient to have to keep track of badges, keys, fobs and ID cards. It’s also easy for administrators to make mistakes that affect security, such as by neglecting to switch off access rights to a former employee — resulting in potential safety and theft risks.

The IT department is part of the convergence story, too. As most, if not all, access and security-related systems now run on standard computer hardware and operating systems, connecting via common campus networks, it’s only natural that IT would need to play a role in their operation. In addition, many stakeholders across security, IT and the school’s administration want interoperation among access control systems and nonphysical systems.

For example, admins might want access control privileges to be defined by user roles as set out in an identity and access management (IAM) platform like Microsoft Active directory. Or, they might want a single ID card to allow a student to sign out a library book, pay for laundry and park her car. This is a matter of software and data integration. A related expectation is that stakeholders will have access to comprehensive data about access control and end user behavior — with the capacity for data analytics, data visualization, reporting and alerting.