Smart buildings require
smart identeties
A New Era for Buildings – and for Identity
The terms smart homes and smart buildings have, in recent years, become a natural part of our vocabulary. We’ve moved from static to dynamic buildings, where sensors and systems work in the background to ensure that temperature, air quality and lighting are always optimized for the people who live or work there. Still, at Sotera we believe everything rests on one simple question:
| Who has access – and to what?
Imagine you operate a commercial building with many tenants and several hundred employees – all with different needs, roles and security levels. Without an effective system for identity management, typical challenges arise: duplicate registrations, outdated permissions that remain active, and unpredictable administration.
Modern identity management platforms ensure that the right people gain access to the right areas and resources – at the right time and for the right reason. This is not just about technical mechanisms, but about giving organizations control over permissions, reducing errors, and building a more efficient and secure operation. Solutions like Breeze make this work simpler, more traceable, and better integrated into the building’s other systems.
Where traditional access cards and keys were once sufficient, today’s smart buildings require holistic identity management systems (IAM) – cloud-integrated and tightly connected with the building’s other solutions. Identity has become the new key. Not only digitally, but as the very foundation that makes smart buildings safe, efficient and human.
-
Who a person is, the role they hold, and the personal data that defines the rights and access they should have.
-
An electronic representation of a person — including their personal data, roles, and permissions — used to manage access securely and with full traceability.
-
A digital identity managed through structured, automated processes where personal data, access rights, and the full lifecycle are handled correctly. Reduces errors, increases security, and enables truly smart buildings.
From Plastic Cards to Digital Identities
The story of access begins with the physical card – a simple plastic card with a magnetic stripe or RFID chip. It provided access, but little else. Cards were lost, processes were manual, and every change required physical presence and cumbersome administration.
Today we stand in the middle of a technological shift. The industry standard has moved from access and identity systems built on local servers to cloud-based solutions – often referred to as Access Control as a Service (ACaaS).
ACaaS combines the benefits of Software as a Service (SaaS) with physical devices such as access readers, video surveillance and other sensors. The driving force behind this shift is that it eliminates the need for heavy infrastructure and local servers, since data is stored and managed in the cloud. This enables centralized control and real-time monitoring of multiple buildings from one single location.
But even though the technology has advanced, buildings only become truly smart when identity can be managed holistically. This is where Identity and Access Management comes in.
What is Identity and Access Management (IAM)?
Identity and Access Management (IAM) is about ensuring that the right person gains access to the right resource – at the right time, and for the right reason. It is the system that ties together people, buildings and technology in a safe and efficient way.
In practice, this means that everyone from a new employee at a tenant to a service technician on the roof receives a digital identity that can be managed, monitored and terminated – easily and securely. IAM is therefore more than IT – it is a method for handling human presence in both physical and digital spaces with documented safety and control.
How Breeze simplifies identity management
Traditionally, identity management has been a manual and fragmented process. New users were registered via email, HR systems and Excel sheets. Cards were ordered through long email threads, and deletion/deactivation of users often lagged behind if multiple systems were involved – a well-known vulnerability.
With Breeze, everything happens digitally, structured and traceable.
When a new employee is registered, an identity is created in the system – linked to the building’s access zones and the tenant’s guidelines. In cases of leave, role change or end of employment, permissions are deactivated automatically. Every change is logged, ensuring that the organization always has an overview of who has access – and why. For end-users, this results in a significantly simpler everyday experience.
“With just five–six keystrokes, I’ve ordered a new card, and after two–three days it shows up at the reception. It’s so easy,” - says Siri from DNB Stavanger, who orders access cards through Breeze.
This makes identity management less vulnerable, more transparent and far more efficient – both for administrators and for the people who use the building.
Security, Compliance, and Trust
With increasingly strict European regulations, security requirements in commercial buildings have become significantly tighter. Regulations like GDPR and NIS2 set clear expectations for how organizations must handle both personal data and access control. It is no longer enough to “be in control” – you must be able to document it.
An IAM system like Breeze provides this documentation automatically. Every time an identity is created, changed or removed, it is registered with time, date and responsible party. This makes it easier to comply with regulations and internal policies – while reducing administration.
This is also about trust – and about the expectations of the people who use the building. Trust is built when the organization can document who has had access, when and why. Both tenants and employees expect their identity to be handled professionally and securely.
-
The European regulation governing how personal data is collected, used and deleted – and what rights users have.
-
The EU requires organizations to have control of risk, incidents and reporting – including when physical and digital systems are connected.
Moving toward a future where identity is the key
Smart buildings are increasingly about identities – and how they move safely and seamlessly through the building and the day. When identity management works, security becomes more invisible, but the experience noticeably better. Future buildings will be even more complex, with more systems, larger data volumes and stricter requirements. That’s why you need solutions that provide control, flexibility and an operation that actually works.
The K8 building in Stavanger shows how this works in practice. Here, identity was made part of the infrastructure – not an add-on – and the result is a building that feels both simpler and safer for everyone who uses it.
If you want to see how this was solved in detail, you can read the K8 case or contact our sales team for a walkthrough of how identity management can be elevated in your buildings.