In my line of work, I spend a lot of time on the road visiting customers. Hanging around in a corporate lobby waiting for my host to arrive is an everyday occurrence. So, for better or worse, I have a good deal of experience in how corporations handle visitors.
Out of 10 companies I might visit, I am lucky if one painlessly verifies my identity and issues a personalized visitor credential. Most have me sign the old paper log, assume I must be who I say I am, and hand me a dog-eared visitor badge left over from the Nixon administration. At least one or two out of the 10 doesn’t even use a log book; just a wave to “come on back.” Let’s just say that visitor management is pretty low on the list for most companies.
This always strikes me as strange since the vast majority of the companies I visit are in the security business. It seems they should know better since securing the lobby has been a first line of defense since the dawn of the industrial age. Perhaps that is the issue — we have been doing it for so long we have forgotten why, and a reminder is required. So without further ado, here are the top five reasons why you should consider improving your visitor management and purchasing a computerized system:
1. You need to have a record of who is in your building.
Let’s start with the basics: why do we care? For some companies, it is a matter of compliance. Sarbanes-Oxley, for example, requires public companies to report on the adequacy of their internal control over financial reporting. Those controls are typically taken as control over information systems, but it will be hard to prove if the auditors see loose controls over visitors to the data center. Similarly, companies many be bound by other regulations such as HIPAA or CFATS (Chemical Facility Anti-Terrorism Standards) that can require control over who can access a facility and when. This is not, however, an issue that is brought about by U.S. regulation. “We are seeing global demand and are now providing our system in five languages,” says Paul Terschuren, vice president of Sales and Marketing for STOPware, a supplier of visitor management systems.
Even if regulatory compliance is not an issue for your firm, avoidance of legal liability is. Failure to provide a safe workplace is a lot harder to prove if a company has taken reasonable steps to provide access and visitor control. In addition, almost any company has intellectual property, private data or high-value assets that may be available to any visitor who finds himself in the right place at the right time. Without accurate records, there is no hope of recovery.
2. No one else should know who is in your building
One of the areas often overlooked by companies with a paper log book is loss of privacy. Any salesperson can tell you that the visitor log is an invaluable source of information and can tell quite a story about the deals a company is pursuing or what competitors may be bidding on a job. In the case of a multi-tenant facility, these privacy concerns can create a real liability for the landlord that can outweigh the need for security.
This is a concern that completely goes away with an automated system, since the history data in the system will not be available to any visitor. “Information about who is visiting you should be confidential,” says Howard Marson, CEO of Easy Lobby. “It’s not (confidential) with the paper book — everybody looks through it”