Even though they’ve been around for decades, sales of security doors and turnstiles have increased markedly in the last several years. Some of the biggest companies on the planet are implementing them globally and tying them into their access control systems. Why now? What has changed?
Every organization faces a wide range of risks on a daily basis. Of all these various risks, there are five specific categories affected by access control, where the risks increase significantly when an unauthorized person has gained access into a controlled area. To manage any of these risks, you have a choice: you can choose to respond after the infiltration occurs or prevent infiltration from happening up front.
The C-suite is approving the deployment of security entrances today because standard swinging doors, even when normally kept locked, are not effective at managing these risks; once they are open, more than one person can enter ( known as “tailgating”). Doors also can only grant access; they cannot determine credential or identity. It has become important to ensure that when someone enters a facility they are a known entity and they can be identified. This is critical for each of the five reasons presented below. Also, it is critical to define how access can be verified to build a defensible position in the face of risk and the liability that a company either accepts, transfers or mitigates. Here are the five top reasons or risks the C-suite is working to mitigate with security entrances.
Business Continuity or Loss of Productivity: The entrance of unauthorized people can have a huge negative impact on operations, such as bad PR and work stoppage. Stories abound in the news almost daily. At a major bank in an urban location, protestors pushed into the lobby area and attempted to block employees from going to work. At a manufacturing plant, a woman went missing, and the authorities shut down the plant and made it a crime scene because they didn’t know if she was in or out of the plant when she was lost. In situations like these, productivity suffered tremendously, there was negative publicity, and money was lost. Other potential costs for these sorts of incidents are unbudgeted sick days and the need for employee counseling due to fear or anxiety.
Safety: The importance of controlling dangerous areas (construction zones, chemicals, explosives, dangerous equipment and machinery, etc.) and segmenting environments to prevent unauthorized personnel from wandering or purposefully entering secure or regulated areas is huge. Universally, the concern over employee safety is an issue to the C-suite due to the burden of liability they hold and the potential reprehensible damage to the company if they avoid dealing with it.
Physical Security: This category is about protecting people who are already inside a building (staff, approved visitors, etc.) safe from attack by outsiders intent on assault, robbery, domestic violence, shootings, etc. Today one of the greatest concerns for the C-suite is the safety of its employees while still giving them a sense of openness and anonymity. However, in these times, the hope to put convenience before security or safety is quickly fading away.
Loss Prevention: All organizations have assets worth protecting. They may be tangible, such as materials, equipment or finished goods, or they may be intangible such as business plans and intelligence, customer billing information, personal information of the staff and other data. It may seem obvious to control access to physical materials, but unauthorized physical access to internal networks, data servers and physical records can potentially be even more damaging to the organization.
Liability/Regulations: I’ve saved the best for last. If anything goes wrong with Safety (injury), Physical Security (violence) and the other risks, then Liability steps up to the plate. If lawsuits come into play, an organization will have to prove they took adequate measures to prevent infiltration; this usually involves a “three-legged stool” of people, process and technology. Security entrances integrated with access control systems are the “technology” leg of the stool: they address tailgating and therefore enable people and processes to work more efficiently and with greater accountability.
Some organizations are subject to regulations that address liability proactively. These regulations usually require controlling physical access as a prerequisite for operation, for example, NERC (energy facilities), HIPAA (healthcare records processing), FDA (drug and food companies), PCI (personal credit info) and many more. Failure to comply results in hefty fines in the hundreds of thousands or millions. Security entrances such as turnstiles and security revolving doors, along with access control and biometric identification systems, provide the solid proof of compliance needed for regulatory oversight and audit purposes.
As you can see, these reasons for deploying security entrances are not trivial. The news is cycling constantly, reminding all of us of how unauthorized physical entry can wreak havoc on operations, people, continuity and the bottom line. The C-suite today is recognizing that the traditional combination for access management – locks on swinging doors, access control systems and guards – each have weaknesses that combined, reduce their effectiveness and cease to be management tools. Instead, they give the impression of security without the reality. This is no longer acceptable to an “awakened” C-suite that demands accountability, predictability and ROI.