Visitor Pass Solutions

Visitor Pass Blog - All Posts

«  previous  |  2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19  |  next  »Displaying posts 1 – 5 of 95 


4 tips for managing visitors in office buildings

Tuesday, June 23, 2015  by Paul Kazlauskas

Visitor management, best practices for office building security, visitor control
Visitors to an office building come in many different forms. A few different types include business guests, contactors, potential new hires, delivery personnel, and employee family members. Some visitors are regulars, while others visit just once and are never seen again in the facility. Regardless of their visitor access needs, all visitors should be processed efficiently and accurately with their intentions documented. Here are 4 tips for well-managed visitor control in office buildings.

1. Verification of identity.
The visitor’s identity needs to be verified without any doubt. A valid driver’s license is the most effective way to accomplish that. A business card should never be accepted as a valid form of identification. The following two questions need to be answered…1) Who is the person seeking access to the facility and 2) can they prove that they are who they say they are? Failure to provide truthful answers to those questions should result in a denial of access to the visitor.

2. Validation of the visit.
Does the person have a valid reason to visit the facility? Every visitor who enters the building should be doing so for a specific reason and they should be up-front about why they are there. A trusted, current employee could have invited the visitor to the place of business for a specific reason or meeting. The host should be expecting them for a meeting or should be prepared to accept a delivery. Solicitation should not be allowed. When a business has a no solicitation policy, they are denying the public from entering the business to make requests, sell something, or ask for donations.

3. Control of access from the building lobby to other areas within the facility.
Is the visitor issued a visitor badge? All visitors who enter an office building should be issued some sort of visitor pass. It can be adhered directly to a person’s clothing or used in conjunction with a badge tag, badge holder, and/or lanyard. Can the visitor badge be used at access control card readers? Some facilities offer plastic visitor I.D. cards, instead of visitor badges, that contain RFID chips and allow visitors to scan certain doors to gain access. The I.D. card should be loaded with the correct access control measures so the visitor isn’t allowed into areas they aren’t authorized to be in. Is an escort required? If so, one should be ready for their duties once the visitor arrives.

4. Screening for contraband.
Do building or company policies require screening for weapons or explosives? After the September 11th attacks, many commercial high-rise operations instituted the use of package x-ray and walkthrough magnetometers for employees and/or visitors. Not all facilities have this protocol in place, but the ones who do have detailed procedures should anything unlawful be found on a visitor trying to enter an office building.

Want the latest, best security practices delivered straight to your inbox? Click here and enter your email address in the "Subscribe" area (look for the green button near the top right corner of the page).

facebooktwitterLinkedInStumbleUpon top Top > Comments   (0 comments)


Security Industry Resources for Security Professionals

Friday, June 19, 2015  by Paul Kazlauskas

In an effort to provide the best resources to our subscribers, the following is a list of professional organizations that have helped our customers. It is a list of security industry resources and they are grouped by relevance to businesses, schools, and healthcare facilities. Each listing contains the site link and a brief explanation of what the organization is about. If you know of any other organizations that should be listed in this post, please add the site link in the “Comments” section.


Professional Organizations for the Business World

International Association of Professional Security Consultants. The most widely recognized and respected organization of independent security consultants.
American Society of Safety Engineers. ASSE and its more than 32,000 members manage, supervise and consult on safety, health, and environmental issues in industry, insurance, and government.
American Society for Industrial Security. ASIS is dedicated to increasing the effectiveness and productivity of security professionals by developing educational programs and materials that address broad security interests.


Professional Organizations for Educators

National School Safety Center. An advocate for safe, secure and peaceful schools worldwide and is a catalyst for the prevention of school crime and violence. NSSC provides school communities and their school safety partners with quality information, resources, consultation, and training services.
Security on Campus, Inc. The first and only nonprofit organization dedicated to the prevention of criminal violence at colleges and universities nationwide through educational, awareness, and policy initiatives.
National Crime Prevention Council. The organization’s mission is to be the nation's leader in helping people keep themselves, their families, and their communities safe from crime. To achieve this, NCPC produces tools that communities can use to learn crime prevention strategies.
American Association of School Administrators. Their mission is to support and develop effective school system leaders who are dedicated to the highest quality public education for all children.
National Association of Elementary School Principals. This professional organization serves elementary and middle school principals and other education leaders throughout the United States, Canada, and overseas. The Association believes that the progress and well-being of the individual child must be at the forefront.
National School Board Association. A not-for-profit organization representing State Associations of school boards and their member districts across the United States. Its mission is to advocate for equality and excellence in public education through school board leadership.
National School Safety and Security Services. Superintendents, school boards, and school administrators use their school safety consulting services to prevent and manage school violence, reduce safety risks and liability, improve school-community relations on school safety issues.
American School Safety. They are an organization of licensed security professionals with over 30 years’ experience in providing comprehensive audit and assessment services to the academic community, and assisting education professionals, administration, faculty and staff in providing a safe and secure learning environment.


Professional Organizations for the Healthcare World

The Joint Commission accreditation and certification is recognized nationwide as a symbol of quality that reflects an organization’s commitment to meeting certain performance standards.
American Society for Healthcare Engineering. They are dedicated to optimizing the healthcare physical environment.
National Medical Association. The conscience of American Medicine looking out for patient’s lives.
International Association for Healthcare Security & Safety. Advancing excellence in healthcare security and safety worldwide through education, credentialing, growth and influence.
American Society for Healthcare Risk Management. Promotes effective and innovative risk management strategies and professional leadership with leading health care organizations and government agencies.


Want the latest, best security practices delivered straight to your inbox? Click here and enter your email address in the "Subscribe" area (look for the green button near the top right corner of the page).

 

facebooktwitterLinkedInStumbleUpon top Top > Comments   (0 comments)


Choosing a visitor management system part 3: Not all badges are made alike

Wednesday, June 10, 2015  by Andrew Jones

Choosing a visitor management system — part 3:  Not all badges are made alike
This is the third of three articles about choosing a visitor management system.

Just as different visitor management systems perform different functions, they also, understandably, comprise different components, depending on your needs and preferences. One of the most important components to consider is the identification badge you use to identify your visitors.

Any time you encounter a stranger at your place of work, you may wonder who he is and what he is doing there — especially if he isn’t wearing an I.D. badge. Some places require visitors to wear a badge, and some don’t. Likewise, some places require employees to wear a badge, while others don’t.

At best, not identifying visitors arouses employees’ curiosity and, at worst, leaves people and property exposed to potential harm. The less an organization relies on identifying its building’s occupants, the more mystery there is about their identity.

A good visitor management system, in conjunction with the policies it supports, should be able to tell you who has permission to be in your facility, as well as who does not. That is the value of requiring identification badges.  

It is not only important to consider whether to have visitor badges as part of your security process, but also how secure they ought to be. For example, there are visitor badges that ...

  • Are generic vs. those that are customized
    • The more distinctive you make your visitor badges, the harder they are for someone to fake. Adding your organization’s name, logo, and colors makes them your own.
  • Have to be returned vs. those that can be thrown away
    • You can buy a bunch of plastic or cardboard badges that just say “visitor” on them, hand them out at the front desk, and require that they be returned when visitors leave. These identification badges would have to be worn with a clip or a lanyard. If visitors forget to return their identification badges, you eventually have to replenish your supply. Disposable badges are cheaper to replace. Either way, every time a badge leaves your facility, there’s the risk it may be reused by someone with dishonest intentions.
  • Can be reused vs. can’t be reused
    • A badge’s “reusability” is not the same as its “disposability,” discussed in the previous paragraph. A discarded visitor badge can always be retrieved from a trash container or picked up off the ground outside and reused.
    • Even if you customize a visitor pass to its wearer, by adding a name, a date, or a photo, it still looks the same as your other badges from a distance. Unless a reused badge is inspected up close, it could let an intruder pass for an authorized visitor.
    • Badges that expire visibly cannot be reused as easily. By expire, we mean it changes color over time so that, even from a distance, you can tell that the wearer should, at the very least, be stopped and questioned.  

In addition to the style and security of the visitor badge used, there is all kinds of information to put on the badge, which then becomes part of your record of the visit, including:

  • Visitor’s name and organization
    Who is this person? Who does she represent? Is she a legitimate representative of the organization?
  • Date and time of arrival
    This helps legitimatize the badge, as well as help you refer to your record of the visit.
  • Person and place being visited, and purpose of visit
    Also, at schools and hospitals, it is important to know the relationship of the visitor to the person being visited (for example, “PARENT” or “FAMILY”).
  • Visitor’s photo
    There’s no better way to verify that the person wearing the badge is the person who it was issued to in the first place. However, if you need to confirm that a visitor is indeed who he says he is, the photo on the badge has to be from his driver’s license or other government-issued identification.
  • Behavior/confidentiality agreement and/or waiver of liability (signed by the visitor)
    Some organizations make this part of the sign-in process as a condition for letting people into their facility, particularly if sensitive information is at risk and/or a visitor’s safety is a concern.
  • Time of departure
    Signing OUT is as important as signing IN when it comes to really knowing who is in your building.

Who knew there was so much involved in choosing identification badges for your visitors to wear? Of course, there’s more than the badge to consider when deciding on a visitor management process. See the links to parts 1 and 2 of this series, below, for additional information.

Previously:
Choosing a visitor management system — part 1: Four basic criteria
Choosing a visitor management system — part 2: What do you want it to do?

Also:
Pro’s and Con’s of a Manual Visitor Sign-In System
Pro’s and Con’s of an Electronic Visitor Management System


Want the latest, best security practices delivered straight to your inbox? Click here and enter your email address in the "Subscribe" area (look for the green button near the top right corner of the page).

facebooktwitterLinkedInStumbleUpon top Top > Comments   (0 comments)


How administrators can reinforce school safety & security

Tuesday, June 09, 2015  by Paul Kazlauskas

School administrators, including principals, district-level administrators, superintendents, and school board members, have a tremendous responsibility when it comes to school security and safety. School security and safety starts with strong leadership. These school administrators should take precautions to prevent crisis and act decisively if the unimaginable occurs. They must be responsible for such things ranging from enforcing a zero-tolerance policy for weapons on campus to devising a policy of visitor management for when visitors/parents/volunteers/contactors visit the school. They must also develop protocols between law enforcement and the school about ways to share information on at-risk youth and enforce such things as dress codes. A school administrator’s actions in the above areas (and everything in between) go a long way in determining how secure a school is.

In addition to actually enforcing policies and procedures, school administrators must communicate their plans to parents and the student body. The details of the plan and their delivery of the material will go a long way towards making the school and community at-large feel safer. According to the National Association of School Psychologists (NASP), there are a number of steps that school administrators can take to reinforce the fact that schools are safe environments and increase student/adult comfort level…

1. Write a letter to parents explaining the school safety policies and crisis prevention efforts and cite statistics that less than one percent of violent deaths are “school associated.”

2. Be a visible, welcoming presence at school, greeting students and parents and visiting classrooms.

3. Issue a press release about the school district efforts to maintain safe and caring schools through clear behavioral expectations, positive behavior interventions and supports, and crisis planning and preparedness.

4. Conduct a formal review of all school safety policies and procedures to ensure that emerging school safety issues are adequately covered in current school crisis plans and emergency response procedures. (Such reviews should be conducted at least annually.)

5. Review communication systems within the school district and with community responders. This should also address how and where parents will be informed in the event of an emergency.

6. Connect with community partners (emergency responders, area hospitals, victim’s assistance, etc.) to review emergency response plans and to discuss any short-term needs that may be obvious in response to the current crisis.

7. Provide crisis training and professional development for staff based upon needs assessment.

8. Highlight violence prevention programs and curriculum currently being taught in school. Emphasize the efforts of the school to teach students alternatives to violence including peaceful conflict resolution and positive interpersonal relationship skills. Cite specific examples such as Second Step Violence Prevention, bully proofing, or other positive interventions and behavioral supports.

Click here for the complete article which includes school violence prevention measures to highlight and what to say to students.

Related topic: Visitor Management Protocol should be updated regularly

Want the latest, best security practices delivered straight to your inbox? Click here and enter your email address in the "Subscribe" area (look for the green button near the top right corner of the page).

facebooktwitterLinkedInStumbleUpon top Top > Comments   (0 comments)


IT best practices to prevent security breaches

Monday, June 01, 2015  by Paul Kazlauskas

Many times at small to midsize businesses, the line between IT Departments and Information Security Departments gets blurred. Occasionally, the same person (or small group of people) has to do both jobs despite the goals of each department being different. The job of IT is to make sure users can access their systems and data to be productive, whereas Information Security tries to reduce risk, even sometimes at the expense of employee productivity. What basic rules should the IT/Information Security staff follow in order to secure their systems without slowing employee productivity?

In the event of a breach, use the log files that your applications and network devices already create to identify potential issues. When a data breach occurs, investigators check log files because they often store crucial data. The key to understanding log files is to ID what doesn't belong. The information in those files is very mundane and appears day-to-day on the surface. In order to spot a trend that is worth investigating, it is critical to have a baseline of normal activity. Otherwise there is no way to know where a data breach could have occurred. In addition, look for log file timings that would indicate a breach in credentials such as accessing the network from a foreign country at an off-hours time.

Phishing is the most popular malware attack because it is easily disguised as a regular email and is a simple way to gain access to a network system. Companies should create policies for employees. They should also provide training to recognize a phishing attack and to not click on email attachments unless they can verify the attachment is legitimate. If the user is not sure about an attachment, they should not open the attachment and seek out IT to follow-up.

If receiving a particular phone call about data access from a fellow employee seems a bit off, trust your gut. If a request for credentials seems unusual or fishy, talk to IT. Always confirm the caller’s identity before sharing any sensitive information. If something seems off, don’t share the information/login/credentials and ask the person on the phone to speak with your boss about this request.

Access control is a very hot topic these days. If your company requires a scan of credentials to access certain doors, never hold the door open for strangers behind you, also known as “tailgating”. While it is nice to hold the door open for someone behind you, this bit of politeness can cost your company dearly if that person has ulterior motives. Good visitor/employee management policy suggests requiring every person going through a security door to present his or her ID as a failsafe.

Thumb drives are popular portable storage devices. Their popularity is driven by them being cheap, effective, and mobile. However, it is imperative to teach your users to never put a thumb drive or other storage device into a corporate computer if the user does not know where the drive originated. A popular ploy of attackers is to give away infected thumb drives or "drop" them in parking lots of target companies. If in doubt about the safety of a thumb drive or other storage device, employees should ask the IT staff to scan it first for potential malware before inserting it into any computer.

Want the latest, best security practices delivered straight to your inbox? Click here and enter your email address in the "Subscribe" area (look for the green button near the top right corner of the page).

facebooktwitterLinkedInStumbleUpon top Top > Comments   (0 comments)


«  previous  |  2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19  |  next  »Displaying posts 1 – 5 of 95 

Data Management, Inc.

P.O. Box 789
Farmington, CT 06034

Phone 1.800.243.1969
Fax 1.800.428.1951
or 1.860.677.6767

www.datamanage.com
 
Follow us on: