While Access Links are a convenient feature for Access Managers to share access to a space, improper use can create risks in your security posture, such as:
- Inability to enforce Restrictions
- Being limited to single-factor authentication
- Links can easily be shared with others who may not be authorized to access the space
For security reasons, we only recommend using Access Links for short term access (e.g. infrequent guests) and to always set an expiry date to take effect immediately after access is no longer required.
If your users are commonly accessing the space with this feature, you should regularly rotate their access links by destroying and recreating them. Whenever possible, onboard them to use the Kisi App or a physical credential.
Access Link Resources: