Showing posts with label Access Levels and Access Areas. Show all posts
Showing posts with label Access Levels and Access Areas. Show all posts

Sunday, July 24, 2016

Access Levels and Access Areas

What's the difference between Access Levels and Access Areas?

Access Levels define when and where a user can go. Access Areas define the physical or logical zones they are trying to reach. Together, they form the backbone of security policies in an organization.

1. Access Areas (Where)

Access areas are categorized into distinct zones or perimeters within a facility or network. They determine what assets are being protected.

·        Public/Perimeter Areas: Entryways or reception where guests are allowed without heavy credential checks.

·        General Workspace Areas: Open offices, standard meeting rooms, or common employee zones.

·        Restricted/Secure Areas: Server rooms, executive suites, HR departments, and R&D labs requiring elevated credentials.

·        Logical Areas: Digital databases, network servers, or software compartments.

2. Access Levels (Who, What, and When)

An access level combines assigned areas, permitted users, and specific operational rules. It dictates the conditions of entry.

·        Time Schedules: Specifies the hours or days a credential is valid (e.g., standard employees 9 AM - 6 PM, Monday - Friday).

·        User Roles: Determines the permissions tied to job functions (e.g., Role-Based Access Control).

·        Clearance/Privileges: Defines whether a user can read, write, execute, or delete information (logical) or bypass locks (physical).

Access Levels combine Access Areas and Time Schedules to control access for groups of users. This allows a site to easily issue access to a user by assigning them into a specific, pre-defined Access Level, without having to select new access privileges each time a new user is entered.  

After you have set up Access Areas and Time Schedules for a site, you create access levels that combine both. Most sites only have 2 - 3 Access Levels for the site:

·         One Access Level for customers who are limited to business hours and to areas that are considered 'On-site'.

·         One Access Level for customers that have 24-hour access to 'On-site' areas of the site.

·         One Access Level for employees that have 24-hour access to all parts of the facility.

Additional Access Levels may include:

·         Customers who have 'extended hours' (such as 6:00 am - 10:00 pm) and have access to 'On-site' areas of the facility.

·         If the site has individual buildings that are keypad-controlled, a separate access level could be set up for each building with the allowed hours for that building.

·         Employees can have separate access levels by shift and areas that they are allowed into.


Posted by at 3 comments:
Labels: ,
Subscribe to: Posts (Atom)