Access Management

Managing Modern Risks in Access Control and Identification

As evidenced in this year’s Security 500 report, today’s leading organizations have understood that they cannot operate without Security’s participation. They see the security program as a value advantage. And security leaders, in turn, are creating value across the entire organization and “taming their risk tiger.”

Facility access control and identification plays a key role in risk mitigation. In both the physical and virtual world, controlling who and what gains access into buildings and systems is strategic to risk reduction and the value-added model. However, risk reduction and valued-added programming is not easy to accomplish. 

As we have seen, all industries have had to deal with violence in the workplace. Recent events demonstrate the continued need to evaluate access control and identification in order to reduce the potential for violence. For example, recently a student was shot and critically wounded on the first day of classes at a Baltimore County high school. The school had to be evacuated, moving students to a nearby shopping center and middle school. Another example: a disgruntled employee who worked at an import company within the Empire State Building in New York City, fired a year prior, entered his past employer’s business and killed his ex-boss. The assailant was killed by police in the streets of New York City while fleeing from the Empire State Building. Just over a month later, five people were killed and four others were injured after a shooter opened fire inside a sign company in Minneapolis.  

Security leaders not only have to deal with workplace violence, but social unrest as well.  Many companies were caught off guard by the “Occupy Wall Street” movement that occurred in many cities as well as venues across the globe since early 2011. The movement, however small, still exists today – creating an access control and identification nightmare for organizations targeted by this group.

Violence also occurs in the corporate virtual world. A study by the Verizon RISK Team, titled 2012 Data Breach Investigations Report, stated that in 2011 the online world was filled with data breaches where the theft of corporate and personal information was a priority. The report documented 855 incidents of corporate data theft and 174 million compromised records.

Property crime and fraud continued to be a problem for organizations, again looking at access control and identification to key areas of an organization and its systems. According to the 2012 National Crime Victimization Survey(NCVS) by the Bureau of Justice Statistics, more than 1 in 10 property crimes, including motor vehicle theft and property theft, occur in parking lots or garages. The 2012 Report to the Nation on Occupational Fraudand Abusesurvey indicates that a typical organization lost five percent of its revenues to fraud in 2011. Applied to the 2011 Gross World Product, this figure translates to a potential projected annual fraud loss of more than $3.5 trillion. The median loss caused by the occupational fraud was $140,000. More than one-fifth of these cases created losses of at least $1 million. Financial statement fraud schemes made up just eight percent of the cases in our study, but caused the greatest median loss of $1 million. Corruption schemes fell in the middle, occurring in more than one-third of reported cases and causing a median loss of $250,000.

From workplace violence to civil unrest, to property crime and fraud, corporations need to continuously assess risk and implement processes that reduce incidents and provide real value to the corporation. Formulating a program in access control and identification helps to reduce the risks and, when implemented properly, can add real value to the organization and its employees and stakeholders.

Corporate security continues to succeed when it evaluates and improves access control and identification programs in order to ensure it is providing the best possible security and value to the organization. Practices in access control and identification should be ingrained within the organization from the C-suite on down so that that employees and visitors are well protected and feel secure within their workplace.   

This article was previously published in the print edition as "Grabbing the Access Control and Identification Tiger by the Tail."




Did you enjoy this article? Click here to subscribe to Security Magazine. 

Recent Articles by Bernard Scaglione

You must login or register in order to post a comment.



Image Galleries

ASIS 2013 Product Preview

ASIS International 59th Annual Seminar and Exhibits, September 24-27 in Chicago, Illinois, will include an exhibit hall packed with innovative security solutions. Here are some of the products that will be shown at ASIS this year.


Virtualization and Data Center Security: What You Need to Know for 2014

Data centers are increasingly becoming the center of the enterprise, and data center and cyber security is following the same path for security departments. According to Justin Flynn, a consultant at the Burwood Group, the virtualization of data centers allows enterprises to scale more easily and faster, with a smaller footprint.

However, hosting enterprise data in the cloud can make intrusion detection more difficult – how can enterprise security leaders team up with other departments to keep aware of cyber risks and traffic, and physical and data compliance during the virtual transition? How can CISOs and CSOs discuss cyber threats with the C-Suite to get the resources they need? And how can the proper infrastructure test and verify possible malicious attacks? 

More Podcasts

Security Magazine

Security June 2015 issue cover

2015 June

In this June 2015 issue of SecurityIs the security director business’s new “corporate rock star?” Find out how CSOs can become the new leaders of their enterprises through mentorships, partnerships and creatively adding business value. Also, learn how security professionals are training employees in cyber security through games. And why are deterrence and detection so important when it comes to thwarting metal thieves? Find out in this issue.

Table Of Contents Subscribe

Body Cameras on Security Officers

Body cameras are being used increasingly by police in cities across the U.S. Will you arm your security officers with a body camera?
View Results Poll Archive


Effective Security Management, 5th Edition.jpg
Effective Security Management, 5th Edition

 Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics. 

More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.


Facebook 40px 2-12-13 Twitter logo 40px 2-12-13  YouTube  LinkedIn logo 40px 2-12-13Google+

Vertical Sector Focus: Critical Infrastructures

criticalhomepagethumbFrom terrorism to vandalism, it’s preparedness, response, training and partnerships. Learn about some of the critical security issues facing this sector.

Visit the Critical Infrastructure page to read more.