Access Control Systems

How access control works

Four components in any access control system:

• Credential — what the user presents at the door. Card, fob, PIN, mobile credential, biometric (face, fingerprint), or combination (PIN + card).
• Reader — at the door, reads the credential and forwards it to the controller. Sub-types: RFID (proximity), keypad (PIN), Bluetooth/NFC (mobile credential), biometric reader.
• Controller — the brains. Receives the credential from the reader, checks it against the permissions database, decides allow or deny, signals the door release.
• Door hardware — maglock or electric strike, request-to-exit (REX) button or PIR, door position sensor.

In standalone systems, the controller is in the reader itself with the credentials stored locally. In networked systems, a central controller (on-premise or cloud) manages credentials and decisions, with edge controllers at each door.

Standalone vs networked — the architecture choice

Standalone access control

Single-door or small-site. Reader-controller combined, credentials stored locally, no network connection required. Adding/removing users is done at each reader. Simple, low cost, no IT integration. Suits: single-tenancy small commercial (sub-10 staff), home access control, gates and sheds, basic-tier residential strata.

Networked access control

Multi-door or multi-site. Central management of credentials, role-based access (engineering staff can access labs, marketing can't), time-based access (contractors active only during business hours), and full audit logging. Sub-tiers:

• On-premise networked — central server in the building, no cloud dependency, full local control. Suits commercial sites with IT resources to run the server.
• Cloud-managed — central server in the cloud (provider-hosted), accessed via web/mobile, no on-premise server required. Suits sites without local IT, multi-site organisations, and modern SaaS-pattern access control.

Credential types — what to specify

RFID card or fob

The traditional standard. Cheap per credential, simple issue and revoke, well-established. Lower security (cloneable cards exist) but adequate for most commercial use. Most cards now MIFARE DESFire or equivalent for cloning resistance.

PIN keypad

No physical credential. Lower hardware cost, simple to issue (just give the PIN), simple to revoke (change the PIN). Shared PINs are a security weakness (any user can give the PIN away); per-user PINs work for small sites.

Mobile credential (Bluetooth/NFC)

Phone-as-credential. Modern, no cards to lose or issue, supports remote provisioning and instant revocation. Higher security than RFID. Increasingly the commercial standard. Works on iOS and Android via the access platform's app.

Biometric (face, fingerprint)

Highest security at the door — credential is something the user is, can't be lost or shared. Significant privacy compliance load — biometric data storage, consent, retention all need governance under Australian Privacy Principles. Specify for high-security zones, not whole-site.

Multi-factor

Combination — PIN + card, or card + biometric. Used at high-security zones where single-factor isn't adequate.

Specifying access control for your site

Door count and zones

Single door: standalone or networked entry-tier. Multiple doors in one building: networked. Multi-building or multi-site: networked with cloud or central on-premise management. Define the zones (public, staff, controlled, secure) and the access groups (who can enter which zones at which times).

Existing infrastructure

New build: cleanest install with structured cabling to each door. Retrofit: confirm existing door hardware (maglock or strike already installed) and cable runs. Often retrofit needs new cable runs to readers and controllers; some legacy installs can repurpose existing.

Integration paths

• CCTV — door events linked to camera footage. Standard with current commercial NVRs.
• Intercom — door release via intercom call or access credential. See video intercoms.
• Alarm — arm/disarm via access credential, after-hours intrusion detection at access doors.
• HR system — automatic provisioning of credentials when staff onboard, automatic deactivation when offboarded. Avoids stale credentials.
• Visitor management — temporary credentials for visitors with auto-expiry.
• Building management — door events trigger HVAC, lighting, lift access.

Compliance and audit

Audit log of every access attempt (success and failure) is standard in networked access control. Retention period: typically 12 months for most commercial, longer for regulated industries. Role-based access to the audit log itself. For sites with regulatory access compliance (financial services, healthcare, government), specify against the framework requirements.

Privacy and compliance considerations

• Workplace surveillance — access logs are workplace surveillance. Staff notification through workplace agreement.
• Biometric data — significant Privacy Act compliance load. Consent capture, secure storage, retention, deletion process. Consult before deploying biometric.
• Mobile credentials — typically rely on the provider's app and account. Confirm the provider's data handling and Australian hosting where required.
• Visitor data — temporary credential issuance involves recording visitor information. Privacy notice at issue.
• NDAA considerations apply to some access control hardware procurement (federal contracts, some state contracts). See NDAA-compliant range.

Why buy from Security Cameras Australia

• Multi-brand authorised dealer — Hikvision, HID, ZKTeco, and integration with major access platforms (Inner Range, Gallagher, ICT, Honeywell).
• Specification support · we work with you on system design including credential strategy, integration paths, and compliance considerations.
• Installer and integrator referrals · access control installs almost always benefit from professional install and ongoing support relationship.
• Tender support · documentation for procurement-restricted contexts.
• Price-match · free shipping · 30-day returns.

Shop access control

Browse below, or see video intercoms for door-entry systems, business CCTV for integrated CCTV, or the NDAA-compliant range for procurement-restricted contexts.