Maryland mail scare puts spotlight on mailroom security

Security experts weigh in on how recent attacks will impact mail screening procedures for government and corporate entities


Of course, one of the most important things an organization can do to mitigate some of the risks posed by suspicious package is to have a secure mailroom facility. Ideally, this facility would be located offsite away from the main office complex, but if that is not possible, Heil says it should be built on a ground floor and have a separate HVAC system from the rest of the building. It's also paramount, according to Heil, that an organization mandate that all packages being delivered either though the U.S. Mail or a courier service be sent through the mailroom first prior to being sent to the recipient.

In some cases, blow out walls to help protect the building's structural integrity from explosive blasts might also be a consideration. Basic X-ray screening technology, such as the ones used in airport security lines, can also provide an additional layer of security, according to Heil.

"There are certain types of screening technology and tools that are relatively inexpensive to purchase and practical for a company to deploy - for example, radiological pagers, dual-emitter X-ray screeners, an isolation box or glove box, and a table that can be used to place something on for further inspection," said Coakley. "The practicality of employing specific technology and other screening tools depends on an organization's/agency's threat level. That is why it is important to first conduct a professional threat assessment before embarking on a security program."

In addition to having a secure mailroom, one of the big keys in preventing a suspicious package from creating a major disruption at an organization is training.

"First of all, professional training of mail center workers and updating training periodically is key. Also, these workers need to have the right reminders around them in their work areas to help them stay focused on the task at hand," Coakley said. "For example, Pitney Bowes reminds its workers to remain vigilant in sorting the mail and the necessary processes to detect suspicious packages, screen them for hazards and how to protect themselves, through wall posters and other visual reminders posted throughout their work stations."

In addition to lost productivity, an incident like this can also wreak havoc on a business and its employees in other ways.

"Frequently, even if it's just a scare, it can create symptoms of post traumatic stress disorder in people and they start calling out of work and that costs you even more time," Heil said. "There were some injuries in this (incident) from what I understand with people having some burned fingers and they at least went to the hospital for a little while to get checked out. There is obviously a direct cost with the medical expenses right there. So, that's what you're looking at and this was not a serious device, as in an explosive that killed many people."

Heil also warned against a potential kneejerk reaction to this incident as happened in the aftermath of the 2001 anthrax attacks that targeted several media outlets and two U.S. senators.

"As I'm doing assessments these days and if I encounter someone who is in the mailroom now that was there then, they kind of snicker at how bad things got for a short period," he said. "And then in three of four years with nothing else happening, they had gone all the back to their old procedures. I think when you do have too much of a pendulum swing one way, it, like a real pendulum, swings just as far back the other way."

Coakley said he doesn't believe their will be kneejerk reaction on the part of lawmakers to this incident as receiving and sending mail is a critical element of government. He added, however, that it should serve as a reminder of the threats governments and corporations face via the mail.

"These events should serve as constant reminders that companies and government agencies must assess their threat levels and employ the necessary people, processes and technology in conjunction with their level of threat," he said. "Incidents such as those that occurred in Maryland remind us of the importance of being vigilant in our detection and screening processes, and of employing the right people and technology."