To many security dealers and integrators, cloud-based access control is something that utilizes a cloud-first or cloud-only approach. Typically, it is used for hosted or managed access control, and is primarily aimed at smaller-sized end users that don’t have their own security or IT departments. Right? Not so fast. 

There are commonalities when it comes to defining what access control in the cloud is — and what it isn’t. For example, Jeff Perri, president and COO, Prodatakey, South Jordan, Utah, defines it as a seamless environment for the user. 

“In some cases you will find platforms in and out of our industry that tout they are cloud-based but really they are just Web-hosted from the site. What we find in the security industry is there is really this noise that has made it difficult to define what true cloud-based access control means. For us the definition is unity of platform. What I can do on my computer I can do from my smartphone or tablet and have 100 percent functionality on all platforms.”

BluBØX, Port Washington, N.Y., has a six-component definition of cloud-based access control, according to company president, Patrick Barry. These include: broad network access; on-demand self-service; a shared pool of configurable computing resources such as servers and storage applications; the capability to be elastic and rapidly provisioned and deployed; minimal and outsourced management; and measured service.

For Steve Van Till, president and CEO of Brivo, Bethesda, Md., the true cloud server is not necessarily public. “Publicly available means not a private server,” he explains. “We see some people taking old, non-cloud software, running it in a virtual private server and calling it cloud.”

Nor is cloud necessarily managed. It’s usually hosted, but that can get murky as well, Van Till says. “It can be a managed system without cloud. Many managed offerings hide the fact that they aren’t a cloud solution. People also equivocate on the term ‘hosted.’ Taking old software and putting it on a virtual machine at Amazon is hosted, but certainly not cloud.”

Others are looser with their definition of cloud. Ross McKay, director of products for Pittsford, N.Y.-based LenelS2, part of UTC Climate, Controls & Security, a unit of United Technologies Corp., calls his company’s evolving cloud product line — which is starting with infrastructure as a service — a hybrid solution. “It will have some data on-prem and some off-prem. [Our customers] want to be very surgical about what data is within their own four walls and what data is outside.”

This is part of an emerging trend that may change or expand the definition of cloud, adds Peter Boriskin, vice president of product management at ASSA ABLOY Americas, New Haven, Conn. “In today’s cloud environment it is important to define cloud-based access control not only in what it does, but how it is set up. Some utilize a public cloud where the system is operated by a third party.…Meanwhile we are seeing larger enterprises and government entities that prefer to set up their own private cloud so they can be the custodians of their own data. We are also seeing hybrid models where confidential data can be stored onsite while the processing power can be handled by a third party.” 

Boriskin says cloud-based access control isn’t so much a technology trend as it is a market trend. “We are seeing a whole new level of acceptance of the solution. There are now so many access control manufacturers leveraging the cloud that it is finding its way into all verticals and market segments. 

“It’s hard to put an exact number on it, but it would be safe to say that current growth of cloud-based access control solutions is easily 10 times the growth of non-cloud solutions. More contextually, we are at a point in prevalence where every integrator needs to have access to a cloud-based solution of some type or they risk being left behind.”

Manufacturers themselves are coming at cloud from all sorts of perspectives. Prodatakey originally introduced its cloud-based system as an addition to an existing standalone platform because they saw the trend coming, Perri says; but they were surprised by the reaction. “We anticipated we would see a gradual decline in on-prem solutions and increase of cloud as people started to adopt. What we saw instead was a hockey stick in cloud connectivity. As people saw there was a cloud option they jumped to that.”

Derek Arcuri, product marketing manager, Genetec Inc., Montreal, calls this the ‘iPhone effect,’ comparing cloud adoption to the disruptive technology of the early 2000s. “All of a sudden people got used to working on a smaller screen. That forced the market to adapt to create smaller products. We are seeing that in our market where cloud-based is growing because of the expectations in consumer life like sharing photos held in the cloud. No one wants to install files on a machine.”

Cisco predicts that by 2020, global cloud use will account for more than 92 percent of total data center traffic, notes Eric Widlitz, vice president, North American sales, Vanderbilt, Parsippany, N.J. “Cloud services have become well established across almost all industry sectors, and changing customer demands mean that many businesses are now reinventing their offerings to harness the power, flexibility and functionality it offers. This is a trend we will see continue to grow as more intelligent software is developed and able to integrate with cloud-based systems.” 

Cloud solutions have expanded horizons in a real way, says Wayne Jared, vice president of engineering, 3xLOGIC, Westminster, Colo. “Cloud solutions change people’s thinking and open up new opportunities as a result. When the ‘right solution’ evolves from a closed network to a solution that can be accessed from anywhere, suddenly mobile credentials, remote management, broader integration with other devices and solutions become obvious.” 

Most security integrators today are interested in finding new ways to get the coveted recurring monthly revenue their dealer counterparts have enjoyed as part of the security alarm business. Cloud offers a great way to do that; but there are many other benefits to cloud-based access control for both integrators and their customers. 

“For integrators, especially small integrators, cloud-based access control allows them to provide a scale beyond their size,” Boriskin says. “For end users, cloud breaks down barriers to access.”

Cloud is easier to install, because it doesn’t require on-site computers, servers or database specifications, with all that entails, Widlitz adds. “These, plus no complex network routing  make it easy to install. Remote diagnostics, technical issues and services can be carried out from a Web-based portal or smartphone — by simply logging in, it’s possible to remotely view status, grant and revoke access, view video and more.” 

Beyond the RMR for simply hosting cloud access, integrators can choose to do more managed services, or charge for diagnostics and maintenance that is now much easier and more cost effective to offer. 

“The real value-add for integrators is the service offering they can provide their customers,” says  Chris Wilson, vice president of operations, Paxton Access, Greenville, S.C. “They can get the system installed easily and provide value remotely from configuration changes, adding and removing users and reporting on the system for their customers.”

This is huge for dealers and integrators, says Richard Goldsobel, vice president, Continental Access, Napco Security Technologies, Amityville, N.Y. “One of the biggest things we spend time on and our dealers spend time on is loading software on various platforms and maintaining it, keeping up with service patches and security patches and security individual users and domain privileges. Getting all of that right is a huge support time issue. In a hosting environment you eliminate a huge portion of those headaches…. Dealers love the RMR, and that is great; but all of those support issues become much simpler as well.”

Not only are diagnostics after the fact easier, but getting the job in the first place might be easier as well, Arcuri says. Often integrators will compete based on price and a big metric for that is the total cost of labor. “Integrators that do lead with access as a service often come out ahead,” he says.

Van Till agrees, adding there is an opportunity for more profit on the front end as well. “The number of hours they would normally invest installing the database and software, setting it up, bringing it to the customer’s building, making sure the licensing is correct and having a tech trained to do all of those things is a huge up-front expense that is eliminated. The integrator can choose to be more price competitive or get higher margins, depending on what the market will bear.”

Access control in the cloud started with small business end users because it made sense. Offering them a way to get many of the same features larger enterprises enjoyed while not having to have the same infrastructure was a natural fit. But the cloud trend has moved on in such a way that enterprise customers themselves are also looking for ways to employ cloud.

This was one reason Genetec put a plan in place about seven years ago to work towards an enterprise cloud solution for video as well as access control customers, Arcuri says. “When we launched Synergis Cloud Link that was our first external move to start preparing customers for the cloud. We began offering access control in the cloud in November 2017. We scanned the market to see where current cloud-based vendors were serving. We decided to stick to our enterprise guns and offer it to them because no one was really satisfying that need. So far it has been fairly successful.

“The enterprise market has a thirst to move to access as a service, but they haven’t been able to get the response they were looking for [from providers].”

Genetec is not alone in that assessment.  Honeywell, which introduced its SMB solution, MaxPro Cloud, in 2015, recently released a version of ProWatch that can be hosted in the cloud, says Aaron Barbe, SMB offering manager for access control, Honeywell Building Technologies, Atlanta. “It is a relatively new trend to move hosting software and IT solutions to cloud management…. Some enterprise customers have requested the ability to host access control in the cloud. They want to get away from all the infrastructure.”

Brivo’s Van Till is also noting the changing attitudes. “From the outside we look like a company addressing the SMB market; but our growth has been more pronounced in the enterprise space in the last couple years.”

Because it is a burgeoning trend, there is not good data on the adoption levels of cloud access in the enterprise space, Van Till adds.  But he notes that revenue streams from this end of the market have been steadily increasing. 

Boriskin sees this as growing evidence of the need for hybrid cloud solutions. “We are seeing larger enterprises and government entities that prefer to set up their own private cloud so they can be the custodians of their own data.”

McKay says that while Lenel doesn’t have enterprise customers demanding cloud, there is a sense that access control is a bit of a dinosaur in the enterprise. “The IT guy says, ‘You are the only one left on-prem; you are the red-headed step child. When are you going to get rid of that?’”

The use of cloud is increasing overall in the enterprise, leading those customers to view older access control solutions with a critical eye. 

“With the increase of bandwidth, WiFi availability just about everywhere and server farms on every continent, global entities now see ACaaS (access control as a service) as a credible offering,” says Paul DiPeso, executive vice president, Feenics, Ottawa, Ontario. “Feenics has a number of enterprise customers with hundreds, and some with thousands of readers in a hosted environment because the metrics proved that the cloud improved their total cost of ownership.”