Bustling European Transportation System Trusts HID SAFE™ with Physical Identity and Access Management

Case Study by HID Global

Our client, a transportation system in a major European city, serves over 750,000 people daily throughout the metropolitan region utilizing a network of buses, commuter and local trains, metro and tram systems and ferries.

As the hub of the country’s economic activity and the key engine that drives the city’s economy, keeping this essential transportation system secure and running as efficiently as possible, 24/7, is imperative.

With a staff of 1,000 employees, the transportation system oversees a workforce of over 20,000 private contractors, tenants and third parties who sustain their operations throughout the region with over 1 million square feet leased to the operating and maintenance contractors, as well as to other tenants.

“Physical identity and access management (PIAM) deployments are increasing due to technology and product development, compliance mandates, a greater desire to manage alternative user populations such as on-premises visitors and contractors, and a sharp emphasis on timely and secure access.”

Gartner Research; Physical Identity and Access Management; Feb 2012

The Challenge

With a diverse set of physical identities (contractors, tenants, employees, line operators, visitors, vendors and landlords) accessing facilities, our client’s key goals were to manage the lifecycle of these identities — from identity creation to termination — ensuring efficient policy-based physical access operations with sufficient internal governance and built-in audit controls to decrease overall risk and processing time.

The complex relationships among identities and environments — employers, contract and contractor configuration rules, access zones, area configurations, and approval/termination rules — were being managed manually, resulting in human errors and unacceptable challenges and inefficiencies. Access requests were taking days and weeks to process, and the opportunity for unauthorized access to tracks, control rooms, substations, facilities, etc. were a threat to safety and security.

A modern system was required to centralize the management of identities and their related access requests, scaling to over 620,000 transactions. The access processing needed to be extremely fast— in minutes rather than days/weeks — and exceedingly focused on safety and security.

Benefits of HID SAFE™ Enterprise:

• Standardize, centralize and automate on-boarding for all Identity types requiring physical access to the transportation system’s facilities, creating a single version of truth across our client’s entire physical infrastructure. A visual example of an access management hierarchy that HID SAFE orchestrates is shown below.
• Identify each person uniquely, even if the person worked for multiple contractors/tenants.
• Create an open environment for physical access control systems (PACS).
  • Allow legacy and new PACS to coexist.
  • Create a competitive environment allowing our client to choose the solution offering the best value based on desired PACS functionality.
• Issue a secure smart card credential to ensure secure access to the transportation system’s facilities and thwart the possibility of counterfeiting. This further eliminates the need for multiple cards, PINs, and keys.
• Real-time integration with legacy and newer PACS allows for cost efficiencies with existing physical security components while ensuring a secure smart card is used for facility access.
• Automatically synchronize person, card and access rights information with building access systems. HID SAFE allows for all employees and contractors to gain role-based access to their facilities through standardized on-boarding and off-boarding processes within HID SAFE.

The Outcome

HID SAFE™ Enterprise offered the client exactly what it needed — automation of physical identities and associated physical access, enforcement of complex policies and rules, and streamlined access operations. Manual processes associated with access and identity lifecycle management are fully automated with HID SAFE, resulting in faster processing time and ‘always on’ audit controls based upon intelligent rules and policies. HID SAFE’s reporting technology presents data in a structured format to the decision maker in real time.

The transportation system evaluated several approaches, including a custom-built in-house solution, which was not financially feasible. In the end, the client selected HID SAFE for their comprehensive solution.