Role Types

ARCO enables you to add Access Roles, Operator Roles or Callout Roles based on the user’s function in your organisation.

Access Role: Roles that access the physical locations on site. They can be Door and Area permissions.
Operator Role: Roles that manage and maintain ARCO Platform. They can be assigned role capabilities.
Callout Role: Role that is a point of contact for specific tasks or events.

Users can have multiple Roles.

User Credential Types

ARCO enables you to select several credential types based on the access requirements for Users.

Card: Physical RFID Cards scanned by readers.

Face ID: User facial biometric data scanned by camera readers.

Licence Plate: Vehicle identification plate scanned by CCTV.

QR Code: App generated code scanned by camera readers.

User ID: User PIN or Access Codes input on keypad readers.

Assign User Role

ARCO enables you to manage a User’s Role within their profile.

Basic Role Window

Click the Add Role button to open a pop-up of all available Roles.

You can add any number of roles to the user. A search box is available to find the roles you wish to add.

Advance Role Window

Click the Advanced tab to set the Validity Dates of the role.

Add User Credentials

ARCO enables you to grant User access to Sites, Areas or Doors by assigning credentials.

Profile Picture

ARCO enables you to save a Profile Picture taken from your webcam or upload an existing file.

ARCO will ask for permission before accessing your webcam.

Password Management

ARCO enables you to manage your system efficiently by auto-generating passwords when creating new users. Generated passwords automatically comply with a strong Password Security Policy.

Password Security

ARCO enables you to create any password. It is recommended that passwords are sufficiently strong to prevent malicious attacks. ARCO Platform features a built-in password strength monitor to guide you in creating secure passwords.

 

Keep in mind the following in creating secure passwords:
• Must have a minimum of 6 alphanumeric characters.
• Does not have space.

Change User Password

ARCO allows users with Administrator access to change passwords on the Edit User page.

Delete User

ARCO enables you to delete users directly from the Edit User page.

Deleting a user is permanent.

You will not be able to delete the Super Administrator.

Add User

ARCO enables you to add new users using the User Management page.

The required fields may look different depending on your System Configuration.

ARCO will auto-generate Usernames and Passwords when creating a new user. This can be changed at any time.

Visitor Navigation

The Visitors Search page will be displayed when you click the link in the Navigation Panel.

  • Visitor Workflow – Always displayed at the top of the module to signify where you are on the visitor management process.

  • Search bar – Enables you to search for specific visitors by name their Username, First name or Last name.

  • Scan Documents – Click to scan documents using the ID Reader.

Role Navigation

ARCO enables you to create Roles that control how and what users can access on your system.

The proper configuration of role access rights should be done in the context of your overall organisational security policy. As part of this policy, your organisation should determine which roles need to be defined, the areas to which each role is allowed access and the type of access allowed.

The Roles page will be displayed when you click the link in the Navigation Panel.

  • Search bar – Enables you to search for specific roles using their name or description. The search bar automatically starts searching after typing at least four characters.

  • Add Role panel – Enables you to add new roles in ARCO. The next section will discuss the full details about adding roles.

  • Profile Panel – Displays the available roles in the system.

  • Edit – Update the information on the selected role.

  • Quick Access – Click the dots to display the following commands.

    • Edit – Update the information on the selected role.
    • Delete – Remove the role in ARCO.
  • Tags – Metadata for search and reporting.

User Navigation

The Users is the default page displayed when clicking the Users module.

  • Display Type – Select the User display format.
    -> Card – Display all Uses and their details in a card panel.
    -> List – Display all Uses and their details in a list. Please refer to Reports Management section for more details

  • Search bar – Enables you to search for specific users by name their Username, First name or Last name.

  • Role filter – Click to display users of the selected role.

  • Organisation filter – Click to open and close panels for each organisation.

  • Add User panel – Enables you to add new users in ARCO. The next section will discuss the full details about adding users.

  • Card Panel – Displays the details of the User. Click to edit information.

User Operation Overview

For each user in ARCO Platform, some properties determine the behaviour of the user when controlling the S1000 Smart Controller. There is a PIN, credential that identifies the user when they use a keypad or reader to control the mode of an area(s) or to open a door on the S1000 Smart Controller. There is a valid from and to date that is used to determine if this user is valid in the user database. If these are set to 0, then there is no expiry, and the user is always valid. If the user is not valid, then they will be unable to do an action on the S1000 Smart Controller. If a PIN or card is used to control an area, then an invalid condition will be returned. If a card and/or PIN is used on a Door, then an Expired card condition will be returned.
Each user will have four (4) Access profiles that are used to allow or disallow the user to control the S1000 Smart Controller area modes or access doors. Each access profile contains a valid date window and the remaining properties in the access schedule are only valid if this window is valid. Also, in each access profile is a list of the doors and areas that determine what this user can do. There are up to 16 definitions (88 with SD card ) that can be programmed each definition contains 2 bits to specify a door, floor or an area, and for each entry, there is an ID of the door/area/floor, and an associated time zone. If the time zone or ID is 0, then this definition is not defined and should be ignored in the processing of what this user can do. If this entry does not match the door or area that the user is trying to control, then it will be ignored, and the processing state machine will continue to the next entry in this list. Once an entry matches and is confirmed to be TRUE, then the processing will finish. There are up to 4 access profiles for each user, and all of these will be scanned to find a match. If no profile or entry in the list within the profile matches, then it will return an invalid match condition and the user will be denied area mode change or door access
There are also properties that determine the state of the user – blocked if the user is prevented from doing any actions on the S1000 Smart Controller, for an area mode change there should be a message on the keypad that the user is blocked, and for a Door, there should be an invalid access procedure along with an event indicating a blocked user is trying to access a door. Handicap is used to allow extended access to a door opening process, both strike and shunt times are extended by an additional configurable time, and executive operation is used to allow override of passback rules by automatically allowing access when normal users will be denied, however, an additional event is created to say that passback override has occurred.
For each area, there is also a list of area properties that determine the privileges allowed by that user when doing alarm keypad operation.

User Types

General User: Users that can manage the entire system. They can be assigned all role types.
Access User: User that access the physical locations on site. They can be assigned Access roles and Credentials.
Operator User: User that manage and maintain ARCO Platform. They can be assigned Operator roles.
Contact User: User that is a point of contact for specific tasks or events. They can be assigned Callout roles.
Visitors: Users that are given temporary or limited access to the physical locations on site.

Refer to Role Management section for details.