Tuesday, 20 August 2013

Open Sesame?

I'm sure we all know what this is. I have several in my pocket.

Until yesterday, one very like it opened my office door. Then some people came round and replaced it with an electronic card access system. You touch the door with your ID card and it opens. 


Or rather, it will open at some unspecified point in the future. Rather bafflingly, we weren't told that this was going to happen, and the cards haven't been activated. Right now, there are some very annoyed porters puffing and panting their way around the building as they get called to open the doors. Once in, we either have to urinate in the filing cabinets, leave the doors wide open while we visit the lavatories, or call in the porters to open the doors again every time we leave the room, because they lock automatically when the doors close. 

So that's the short-term problem. But it led me to wonder about the long-term aspects. For instance: when we had physical keys, our ID cards functioned as little more than library cards. If I lost it, I could still get into my office and carry on as normal. If I lose or leave behind my ID card now, I won't get onto campus and won't be able to access my work materials. Even worse than that is the security aspect. No doubt whoever sold the university this system claimed that it's more secure. Actually, it isn't. If I lost my office key, the finder had no way of knowing which door it opened. There are no clues on the key at all. If someone finds my ID card, they can get through all the security points, easily look up my room number and ransack the place without any problems at all. Being electronic devices with a master access port, they've already been cracked. With a physical key, you'd get a bit suspicious of someone fiddling around with the lock, but a cracked e-system wouldn't take any longer than opening it legitimately. So I'm actually less secure. 

Oh yes: these locks are networked. Presumably this means they can lock us out of our offices if we're rude about management or something, but it also means that a power cut or a Windows crash (unheard of, I know) on the server will lock out – or in – every single person on campus. One melted motherboard and we're all incarcerated. 

It's also an antisocial system. Because the doors lock whenever they're closed, we won't be able to breeze in and out of each others' offices to drop off an essay, fire off a quick question or have a moan. We'll have to knock. And wait. Then the person required will have to get up and open the door for us and we'll feel bad for disturbing them. (Then again, nobody can see my desk from the door: I can pretend to be out for ever).

Additionally, these card access systems are battery operated. At some point, the batteries will run out. Then the maintenance people have to come up, use their master key to open the door, dismantle the mechanism, replace the batteries and leave again: as opposed to the maintenance-free key system that has operated for more than two thousand years without requiring electrical assistance. Apart from the hassle, I don't quite understand why in a society which really needs to cut down on energy consumption, we'd replace a no-power system with a powered one. 

So in summary, we've replaced a simple, secure and efficient concept (keys) with an unsafe and inefficient one. This, I submit, is an admittedly minor case of two things: Being Too Clever For Your Own Good and Falling For The Attractions Of Shiny Things Being Dangled In Front Of You By Corporate Sales Reps Because It Makes You Look Modern. I can't think that there was a problem with staff members having keys to locks: the technology has endured for a remarkably long time because it simply works

Unless you're a conspiracy theorist. Keys are dumb: they don't tell anyone anything. These cards work via RFID. The networked system logs each and every use. So now they have a register of my presence in the office and a crude guide to how often I'm at work and where I go on campus. As the government says, only people with something to hide need worry, but I confess to finding this sinister. There's no need to collect this data: but once it's collectable, it'll be used. So what seemed like a simple technical innovation is both a profound power-shift and a major social change. 

Or am I just a Luddite? (Actually, I have a lot of sympathy for those misunderstood people). I must confess to liking physical controls: buttons, switches and other manual interfaces. This little example worries me that overcomplication alienates us a little more, and rather pointlessly, from the real world for no obvious gain. 

4 comments:

Wading Treacle said...

And there are other issues. At least you've received an ID card - try a straw poll among your Associate Lecturer colleagues.

http://wadingtreacle.wordpress.com/2013/02/25/security/

The Plashing Vole said...

I remember enjoying that piece. Here too we loan ID cards to hourly-paid colleagues so they can get in to the library, through the doors and for photocopying.

Grumpy Bob said...

Our ID/swipe cards appear to be used to record when and where they are used, judging from one phone call I had asking me to go back and properly shut a door I'd just come through. At least we still have real keys for offices.

Anonymous said...

The main reason to deploy security passes over physical keys is for accountability under compliance. Keys are rarely kept on their own, they are with other keys and information - there is no way to manage that loss without changing the lock(s) concerned. Security passes should be ID-void and not contain any reference to individual or company name - they can be disabled immediately, and replacements can be issued by your security team straight away. Passes facilitate an audit trail, keys do not - that's it.