Greetings. I have a Kwikset 914 Zigbee lock installed at my office. Lock code manager works fine for the 20+ codes assigned to staff, but I'd like to allow staff to unlock without having to enter their code. I'm imagining something that would work like an NFC or RFID reader or even a key FOB with a button. Suggestions? Thanks. -Tim
From a security perspective, I don't think I'd want to go this route for a business. It's a lot easier to get around these implementations than to coerce someone into giving up their lock code. That said; any battery powered ZigBee button could easily act as a fob with a simple rule tied to a button press to unlock the lock. I don't know of any NFC/RFID implementations that don't require installing an app and setting up a local automation for each persons phone.
Thanks for the info. Where can I learn more about how easy it is to exploit a button controller to gain entry? My office is the admin office for a K-12 school so probably not a high-value target for burglars, but I must do dilligence. Thanks. -Tim
Well...someone steals it.
Good point. Thanks.
you could tie it into another system, but it'll require external components to get it to work with HE (like a raspberry pi to authenticate users)
I've been wanting something like this for home use ever since I got my smart locks.
You could use presence detection using the employees phone. So as they get within range of the Wi-Fi network and their phone attaches that shows present which then unlocks the door
I think this falls into the same bucket of "stolen device" being the keys to the kingdom.
Frankly this sounds like a terrible idea, especially if someone unauthorized tried to take over the office. They would just have to steal someone's phone (by force even) and they have unlimited access to your office.
While I hope that never happens to you or to anyone, if the past few years have taught me anything, there are lots of crazy people out there who will do about anything.
Exactly!
Beyond that, I'm sure there's a litany of PII in the office for the students.
This is one thing, at least in the states, that really chaps my rear. My dad is the lead network engineer for the school district in my hometown. He basically had to beg on his knees to get them to provide the budget for adding extra network security (because they basically had none). I'm talking basic components like IPS licensing for their firewall and inbound internet proxying. And that was from the state level, not local.
Seems that security of student information is almost an afterthought, but gathering their data would be a super lucrative criminal venture. I'd wager 70% of public school systems out there could have a full data breach and never know.
Thanks, everyone, for the input. If we had student PII stored here, I'd be implementing a 2FA solution, but like most schools, at least here in CA, we use a vendor to host our student data on their servers. Personnel data is kept in locked cabinets inside a locked office. Insurance providers are now requiring a list of security measures be implemented to avoid having the deductible doubled in the event of a security breach, so there is hope.
I'm letting go of the idea of touchless entry. That convenience isn't worth the increased risk. Thanks again. -Tim
Download the Hubitat app
