The Virginia Port Authority is the third largest East Coast port. It employs 343,000 people, is responsible for $41 billion in total revenues throughout the Commonwealth of Virginia and handles the operations and security of four marine terminals.

The Virginia Port Authority, located in Norfolk, Va., is the third largest East Coast port. It reaches more than 200 nations with more than 80 foreign ports directly linked to it. It employs 343,000 people, brings in $41 billion in total revenues throughout the Commonwealth of Virginia and is responsible for the operations and security of four marine terminals: Norfolk International Terminals, Portsmouth Marine Terminal and Newport News Marine Terminal and an inland intermodal facility, the Virginia Inland Port in Front Royal, Va. These facilities primarily handle import and export containerized and break-bulk cargoes. 

When the United States Coast Guard required all unescorted visitors have a Transportation Worker Identification Credential (TWIC) to gain access to the terminals, Ed Merkle knew that he had a potential problem. 
Merkle is director of port security and emergency operations, which includes ensuring that the Port complies with local, state and federal regulations. “Complying with TWIC is our main credential system, and we respect it,” he says. “But it is labor intensive and costly to escort someone through our terminals. And it’s a bit redundant. A truck driver who transports highly sensitive cargo to our Port already holds specialized credentials. But with TWIC, he can’t travel the last 500 yards to leave the cargo with us without someone with him when he’s on our premises. We wanted to try to eliminate that extra step.”

Merkle says his first thought to solve the problem was with a cell phone. “I thought: we could issue them a cell phone and pull their location off of it using GPS. But that would only give us updated locations every 15 minutes or so. We needed a much higher level of security.” 

Merkle found a situation management software platform that integrates video surveillance, access control and response capabilities and spans across three terminals and can show him where an individual is within the terminals within the second. The software is from Nice Systems. 

“I was trying to avoid adding another infrastructure to track something that happens very infrequently,” Merkle says. “But this is essentially a pager that a visitor takes and that allows to see exactly where they are.” If the pager breaks down or the individual goes into an area where they cannot be reached, the system automatically calls their individual cell phone, which they always carry.

Merkle adds that he appreciates the low infrastructure cost to implement the system. “We are projecting that we will use this several times a month, between 4-8 hours per visit. We believe we will capture the full installation cost within a few months.”

How to Leverage TWIC and PIV Cards

Transportation Worker Identification Credentials (TWIC) and Personal Identity Verification (PIV) cards are considered two of the most secure methods of identification available because they comply with FIPS 201 standards.

The cards help protect government employees and contractors as well as seaports and petrochemical facilities. Containing more than just a card number, the credentials also house a photo, fingerprint templates, an expiration date and digital certificates. The card’s digital certificates speak to the authenticity of the card itself, and the card’s revocation status, which can be verified by checking a Certificate Revocation List or the TSA hotlist.

Here are a few items for consideration with these cards:

• FIPS 201 compliant cards can be used as a facility’s access control card. Due to the new card format, you may need to replace your reader hardware with FIPS 201 compatible readers. Although this can lead to increased project cost and longer implementation times, your employee population will only need one credential.

• FIPS 201 compliant cards can also be used in conjunction with most legacy access control cards when the FIPS 201 compliant card is added as a second card for a particular individual. This model allows you to take advantage of your existing infrastructure, saving time and money. The downside is that each individual will have more than one card.

Information courtesy of Geri Castaldo, CEO of Codebench, Inc.