Verifying and Validating Visitors

Strategies for checking and issuing credentials

Most entry control processes are designed primarily to identify and control access to those who normally inhabit a building — trusted employees and building staff — who may have been required to undergo background screening prior to being hired. Part of the entry process includes the checking of credentials issued by the facility, using security staff or automated systems — for example, a building or access control card.

Visitors — whether business guests, contractors, delivery drivers or repair personnel — do not possess building-issued credentials and are usually unknown to building security staff.

What do we need to know in order to assure ourselves that it is acceptable to allow the visitor into our facility? The term “acceptable” is subjective and depends greatly on the security level of the facility being visited — at a regular commercial office building, anyone dressed in business attire may be considered acceptable. At a high-level military facility, nothing short of background checks and processing through metal, x-ray and explosive detectors may be the norm.
Visitor Processing

There are four elements in the process that we should follow to ensure that the visitor should be allowed into our facility: verification of identity, validation of purpose, screening and access control.

Verification: First we need to establish and verify the person’s identity. “What is your name and do you have a government-issued credential with picture identification?” A driver’s license is a commonly accepted identification credential; most states provide a machine-readable license that facilitates extracting the holder’s data and some can verify that the document is not counterfeit. However, procedures also need to be in place to address the individual who does not, or cannot, conform to the expected norm — e.g., has no driver’s license or even no picture identification. One company’s policy might be complete denial of access; another’s might be a requirement for the visitor’s host come to the lobby and vouch for the visitor’s identity.

Validation: Once the visitor’s identity has been verified, the second task is to validate that they have a legitimate need to be in the building. Typically, this will require contact with a known, trusted person within the facility — someone who has the authority and responsibility to admit visitors. This may be as simple as phoning the visitor’s host to verify an appointment or checking a list of pre-authorized visitors. A list is most useful where there are multiple visitors for a conference or for a training course, particularly if the host may not be locatable at a regular phone number. Nothing is more frustrating than arriving a few minutes late for a meeting and knowing that the reason security cannot reach your host is because he/she is chairing the meeting in some unknown conference room!

Screening: The third element is screening for any contraband items that might be hand-carried or on the visitor’s person. Prior to the Sept. 11 attacks, it was rare to see personnel or package screening in a commercial environment; but many facilities have implemented some level of visitor checking — from a cursory look into hand-carried bags and briefcases to a full airport-style screening. Some facilities do not perform personnel screening under normal circumstances but keep the necessary equipment close at hand to implement tighter measures if the DHS security level is heightened.

Manual screening of the person and carried bags is more intrusive and less effective than systems but is needed to verify machine-generated alerts. The use of personnel screening technology — walk-through metal detectors, package x-ray machines and even explosive detectors — has been implemented for visitors to a number of high-rise office buildings and other more sensitive environments. Security officers should have high levels of training in systems operation, manual checking and personnel interaction if the screening process is to operate smoothly.

Should all who enter the facility be screened, or are regular building occupants to be treated as trusted persons? Part of this decision rests in the nature of the facility and the nature of contraband items for which the systems are intended to deny access. An employee with a pocket penknife in a commercial office building is a much lower threat than the same item carried by an employee entering restricted currency or bullion processing area. If tenants/employees will not be screened, is there an automated system to check their credentials and validate them as tenants/employees?

Access Control: The three elements described above usually take place in an entry lobby (front door) or a loading dock (back door.) Once the visitor has been verified, validated and/or screened they have earned a reasonable level of trust but, perhaps, not enough to be given the freedom to roam the facility. Access control from the entry point to the remainder of the facility — and any sensitive areas within the facility — is often necessary. Should the visitor be required to wear a badge that prominently announces the person’s name, their host, and the floor(s)/department(s) that they may visit? Certainly this provides an additional measure of security, but only if employees are encouraged to challenge a visitor in the wrong location or one who is not wearing a badge. However, in a large community where employees are not required to wear their badges, visitors need only remove theirs to look like employees.

A simple and effective access control measure, particularly where higher levels of security are warranted, is to assign an escort to the visitor. It becomes the escort’s responsibility to control the visitor’s movements while on the site. The host signs for the visitor in the entry lobby, thereby accepting responsibility for all of the visitor’s actions, and returns the visitor to the exit once the visit is complete, signing that the visitor has not been out of his/her control during the visit. However, there are a number of practical limitations: the host may be a busy person and may not have the time to collect the visitor from the entry lobby. Also, the visitor may be joining a conference already in progress that is being chaired by the host, or the visitor may need to visit a number of different departments. A form on the back of the visitor’s badge can be used to reassign escort responsibility from one host to another, e.g., from an administrative assistant to the conference chair and then to another department head.

A visitor badge can also double as an access control card permitting the visitor access to allowable areas or, for higher security levels, the badge can be used in concert with an authorized employee’s card — a modified two-man rule. The benefits include the maintenance of an auditable record of visitor access and the authorizing host. For simple applications, a barcode can be printed on the visitor badge; for higher security environments, more sophisticated technology can be used, including passive infrared (PIR) and radio-frequency identification (RFID) systems that allow a visitor’s tag/badge to be tracked within a building on a graphic display and can be paired with the host escort.

This content continues onto the next page...