How IDCUBE Centralised Access Control for Al Barakah Holding

Overview

Al Barakah Holding operates some of the region’s largest workforce accommodation facilities, managing high-density residential environments where access is not only a matter of security, but also of operational control, tenant governance, and contractual compliance.

Across multiple large-scale sites, access requirements extend beyond traditional entry management. Workers must be granted or restricted access based on tenant company affiliations, accommodation zones, and dining entitlements, creating a highly dynamic and policy-driven environment.

At scale, this translates into managing hundreds of thousands of users, a few hundred access points, and multiple operational workflows each needing to be centrally governed, yet flexible enough to align with commercial agreements.

To meet these requirements, Al Barakah set out to transform its existing infrastructure into a centralised, cloud-enabled, and future-ready access ecosystem, capable of supporting both current operations and long-term scalability. 

The Challenge

Al Barakah’s existing access control system was functional but not built for the scale and complexity of modern workforce accommodation environments.

The system needed to support 3 sites, approximately 100k+ users, 177 access points, and 89 diner access points, making it one of the more demanding access environments in the region. 

Despite being operational, the system presented several structural limitations.

One of the primary challenges was integration. The existing architecture relied on traditional methods such as database staging and DB views for integration. This approach limited automation, increased dependencies, and made real-time synchronisation difficult.

At the same time, the organisation faced high annual maintenance costs (AMC) and a heavy reliance on on-premises infrastructure. Continuous investment in servers, maintenance, and support created a cost burden while limiting flexibility.

Another critical issue was fragmentation. Different systems operated in silos, resulting in limited visibility across sites and requiring manual intervention for routine processes. This not only reduced efficiency but also increased the risk of inconsistencies in access enforcement.

From a business perspective, the system also lacked alignment with commercial realities. Access needed to be governed based on tenant contracts, ensuring that workers could only access authorised zones and dining facilities. However, the existing setup struggled to dynamically enforce these policies at scale.

The challenge, therefore, was not just to upgrade technology, but to fundamentally shift from a fragmented, infrastructure-heavy system to a centralised, policy-driven platform that could align physical access with business logic. 

The Solution

IDCUBE addressed this transformation by introducing a cloud-first, centralised access control architecture, built around Access360.

Rather than replacing the entire infrastructure, the solution was designed to modernise the control layer while retaining existing hardware investments. Existing Lenel controllers and field devices were preserved, ensuring continuity while enabling a shift toward a more advanced software-driven model. 

At the core of the solution is a unified platform that centralises the management of users, policies, and access points across all sites. By moving to a cloud deployment on Microsoft Azure (UAE region), the system ensures data residency compliance while eliminating the need for heavy on-premises infrastructure.

This centralisation enables real-time visibility across sites, allowing administrators to monitor and manage access activity from a single interface.

A key component of the solution is its integration with the existing enterprise ecosystem. Currently, the system is integrated with existing ERP, which manages tenant onboarding and offboarding. Through this integration, user identities are automatically created, updated, or revoked based on tenant data, reducing manual intervention.

ERP feeds user and access group data into the system, which is then synchronised with Access360 to enforce access policies across entry points. 

Looking ahead, the architecture is designed to support direct integration with Oracle through APIs. This future-ready integration framework will enable real-time data exchange, reduce dependency on middleware, and provide a scalable foundation for enterprise connectivity.

Beyond integration, the solution introduces a robust access logic framework tailored to Al Barakah’s operational model. Users are onboarded through the ERP system, and access rights are assigned dynamically based on three key parameters: tenant company, contractual entitlements, and site or zone allocation.

This ensures that access control is not static but continuously aligned with business rules.

A particularly critical aspect of the system is diner access management. As noted in the system design, access to dining facilities is governed based on tenant-level meal entitlements. This ensures that only authorised users can access specific dining areas, preventing misuse while maintaining operational fairness.

The system also enforces centralised policy governance across all sites. Regardless of location, access rules are applied consistently, enabling seamless movement across authorised zones while maintaining strict control over restricted areas.

The Impact

The transformation at Al Barakah Holding is both operational and strategic.

By centralising access control across approximately 100k+ users and three major sites, the organisation has achieved a level of visibility and control that was previously not possible. 

Administrative processes have been significantly simplified. Tasks that once required manual coordination—such as onboarding, access assignment, and revocation—are now automated through system integrations. This has reduced operational overhead while improving accuracy and consistency.

From a security perspective, the system ensures that access is always aligned with policy. Every access decision is based on real-time data, ensuring that users can only access areas and facilities they are authorised for. This is particularly important in an environment where access is tied to contractual agreements.

The shift to a cloud-based architecture has also delivered tangible commercial benefits. Infrastructure costs have been reduced, reliance on on-premises systems has been minimised, and long-term maintenance expenses have decreased.

At the same time, the system provides real-time visibility into access activity, enabling better monitoring, reporting, and decision-making.

Technically, the platform introduces an open, API-ready architecture that supports future integrations and expansion. This ensures that the system is not only effective today but also adaptable to evolving business and technological requirements.

Conclusion

Al Barakah Holding’s transformation demonstrates how access control can evolve from a standalone system into a centralised, intelligent governance layer for large-scale workforce environments.

By combining a cloud-first architecture, centralised policy management, and seamless integration with enterprise systems, IDCUBE has enabled Al Barakah to move from a fragmented, infrastructure-heavy model to a scalable, future-ready platform.

The approach balances immediate operational stability with long-term flexibility. Existing hardware is retained, current integrations are optimised, and a clear roadmap is established for API-driven enterprise connectivity.

The result is a system where access is no longer just controlled—it is governed in alignment with business logic, operational needs, and future growth.

This transformation is not merely a system upgrade. It represents a fundamental shift toward intelligent, centralised access control, setting a benchmark for workforce accommodation environments operating at scale.