Search Our Site

Our Newsletter

Our Ramblings

The Problem of Tailgating in Secured Buildings

One of the biggest weaknesses of automated access control systems is the fact that most systems cannot actually control how many people enter the building when an access card is presented. Most systems allow you to control which card works at which door, but once an employee opens the door, any number of people can follow behind the employee and enter into the building. Similarly, when an employee exits the building, it is very easy for a person to grab the door and enter the building as the employee is leaving.

This practice is known as “tailgating” or “piggybacking”. Tailgating can be done overtly, where the intruder makes his presence known to the employee. In many cases, the overt “tailgater” may even call out to the employee to hold the door open for him or her. In these cases, good etiquette usually wins out over good security practices, and the intruder is willingly let into the building by the employee.

Tailgating can also be done covertly, where the intruder waits near the outside of the door and quickly enters once the employee leaves the area. This technique is used most commonly during weekends and at nights, where the actions of the more overt tailgater would be suspicious.

Solutions To The “Tailgating” Problem

First, recognize that the tailgating problem is probably the biggest weakness in your security system. This is particularly true at doors that handle a high volume of employee and visitor traffic. Many security managers spent a lot of time worrying about unauthorized duplication of access cards and computer “hackers” getting into their security system over the network. It is far more likely that someone who wants access to your facility will simply “tailgate” into the building rather than using one of these more exotic methods to breach your security.

The practice of overt tailgating can be reduced somewhat through employee security awareness training. If employees are frequently reminded of the tailgating problem, they are less likely to let a person that they do not know into the building deliberately.

It is difficult to overcome the problem of covert tailgating through employee security awareness alone. While it would be possible to ask employees to wait at the door until it locks after they pass, it is probably not likely that this procedure would be followed except under the most extreme circumstances.

The problem of covert tailgating can usually only be reliably solved through the use of special “anti-tailgating” devices.

“Anti-Tailgating” Devices

To minimize the problem of tailgating, the security industry has created a number of “anti-tailgating” devices. These devices include mechanical and optical turnstiles, security revolving doors, security portals, and doorway anti-tailgating devices.

The essential function of each of these devices is that they permit only one person to enter or leave the building at a time. They either do this by providing a physical barrier that only allows one person to pass, or electronically by providing sensors that detect when a person attempts to tailgate in, or when more than one person tries to enter using the same card.

The following is a brief summary of each of the common types of anti-tailgating devices:

HALF-HEIGHT MECHANICAL TURNSTILE

  • Approximate cost: |£2,000 to £3,500 per opening.
  • PROS: Lowest cost anti-tailgating device, readily accepted by most users, relatively unobtrusive, well-proven and reliable.
  • CONS: Can easily be climbed over or under, requires separate door or gate for emergency exit and for handicapped users, easily defeated by knowledgeable intruder.
  • Comments: Good choice for visitor lobbies or employee entrances that are constantly attended by a security officer and where cost is a consideration.

FULL-HEIGHT MECHANICAL TURNSTILE

  • Approximate cost: £3,500 to £5,000 per opening.
  • PROS: Provides good security at a moderate cost. Well-proven and reliable.
  • CONS: Obtrusive in appearance, requires separate door or gate for emergency exit and for handicapped users, lacks sophisticated anti-piggybacking detection features.
  • Comments: Good choice for commercial and industrial facilities where security and cost considerations are more important than appearance.

OPTICAL TURNSTILE

  • Approximate cost: £11,000 to £15,000 per opening.
  • PROS: Aesthetically-pleasing appearance, accommodates handicapped users, does not require separate emergency exit, has sophisticated anti-piggybacking detection systems, provides good visual and audible cues to users.
  • CONS: Expensive, provides little or no physical barrier, must be used at an entrance manned by security guard, relatively high “false alarm” rate.
  • Comments: Good choice for use in manned building lobbies where aesthetics prevent the use of a half-height manual turnstile.

SECURITY REVOLVING DOOR

  • Approximate cost: £22,000 to £38,000 per opening.
  • PROS: Provides best protection against tailgating and piggybacking, fast, handles high volumes of traffic, unobtrusive in appearance, provides energy savings when used at exterior entrances.
  • CONS: Very expensive, requires separate door or gate for emergency exit and for handicapped users, door cannot be used for loading/unloading of large objects, relatively high maintenance costs.
  • Comments: Good choice for use at unattended building entrances where appearance is important.

SECURITY PORTAL

  • Approximate cost: £22,000 to £38,000 per opening.
  • PROS: Provides good protection against tailgating and piggybacking, unobtrusive in appearance, accommodates handicapped users, does not require separate emergency exit, allows load/unloading of large objects.
  • CONS: Very expensive, relatively slow, cannot support large volumes of traffic, high maintenance costs.
  • Comments: Good choice for use at unattended building entrances with relatively low traffic volumes and for entrances into high security internal areas, such as computer rooms.

DOORWAY ANTI-TAILGATING DEVICE

  • Approximate cost: £3,000 to £5,000 per opening.
  • PROS: Easy add-on to existing doors; provides good protection against tailgating and piggybacking, unobtrusive in appearance, accommodates handicapped users, does not require separate emergency exit, allows loading/unloading of large objects, relatively inexpensive.
  • CONS: Must be used at an entrance manned by security guard, does not provide good visual and audible cues to users.
  • Comments: Good choice for use at doorways with relatively low traffic volumes and where conditions do not permit the use of another type of device.

Other Anti-Tailgating Systems

There are several new anti-tailgating detection systems on the market. These include closed-circuit television camera systems equipped with video analytics software, and machine vision sensors that use infrared imaging technology. Both of these systems “look” at the entrance point and use computer software to detect tailgaters. Once a tailgater is detected, an audible alarm is activated to alert the security guard.

While this new technology looks promising in the long run, it is our opinion that these systems are still too new and unproven for use in most applications.

Have additional questions about the prevention of tailgating?  Please contact us.

Increase Guard Effectiveness with Breakthrough Real-Time Event Detection in Sheet Plants

Sheet plants are sensitive areas that need to be strictly protected. As potential targets for thieves or vandals as well as being extremely dangerous environments, even seemingly benign behavior can have seriously consequences. However, the cost of employing human guards, especially in remote locations and along perimeters, can be exceedingly high, and ineffective at preventing incidents.

Rustyice Solutions can help protect sheet plants through:

  • Proactive monitoring of all perimeters and secure entrances: Our IP cameras and encoders increase the effectiveness and efficiency of onsite guards by delivering the market’s leading real-time event detection, notifying onsite security, roaming patrols, and monitoring stations when perimeters and secure areas are breached
  • Immediate event verification and response:  Our IP cameras and encoders enable roaming patrols and central monitoring stations to verify, respond and prevent incidents in real-time by delivering pre and post alarm clips to smart phones and VMS platforms and providing live video plus 2 way audio to cameras.
  • Extended wireless deployments: Our IP cameras and encoders are the best choice for deployment on any wireless network because our recording solutions record all video in a fully integrated, onboard NVR, eliminating the bandwidth used to backhaul video to centralized storage. Therefore, traditional limits on camera density for a network are removed.
  • Minimal infrastructure: Our Industrial Process Control surveillance solutions reduce upfront cost, installation time and ongoing maintenance by archiving all video – even full high definition 1080p/30 fps resolution – in a fully integrated onboard NVR and eliminating the need for external storage servers, dedicated high capacity networks and secure IT facilities to house them.
  • Zero bandwidth recording: By correct network design and encoder choice we consume 90% less bandwidth than traditional IP and high definition cameras by storing video in a fully integrated, onboard NVR and eliminating the bandwidth used to backhaul video to centralized storage. Of course, stored and live video is always available at the click of a mouse.
  • Simple installation: Rustyice’s cameras and encoders are easy to install because the solution eliminates the need to deploy any external servers and our adaptive analytics are 100% self-calibrating, eliminating the need to manually calibrate or tune the analytics in the field.
  • Intelligent logging of all vehicles and personnel:Our solutions accelerate investigations from days to minutes by intelligently profiling and indexing every person and vehicle seen at the site, allowing operators to rapidly search terabytes of stored video at the click of a button for rule violations, and even search for matches for a particular object across all cameras and encoders in the system.

Contact us today to discuss this innovative solution which not only saves you money but helps you to make money.

Debate rages over converging physical and IT security

IT departments are no strangers to turf wars, but the one shaping up between those overseeing computer networks and those in charge of physical security could really get ugly.

Unlike past tussles between say, voice and data communications teams, the contest between IT security and those involved in everything from fire alarms to video surveillance to door-lock access controls tends to involve people who might never have had any reason to cross each other’s paths. The fact is there are different entities in a corporation for physical and logical security.

Merging physical and logical security is seen by advocates as a cost-saving step and a natural evolution for facilities maintenance and guard operations, where door-access equipment and video cameras are increasingly IP-enabled, and a smart card-based badge could be used by employees to access both buildings and computers. But resistance to convergence runs deep among traditional physical security managers, who are wary of IT departments taking control. And even IT security experts voice concerns that it’s risky, with some strongly opposed to the idea of physical security operations, such as video surveillance streams, riding on the same IP corporate network as the rest of the business.

“You don’t want the stuff on the same network as your business data,” says Tom Cross, X-Force advanced research manager at IBM, arguing that physical security controls for building access and video surveillance shouldn’t be mingled into networks for desktops that can become infected by malware and other types of attacks. Physical security systems can be migrated onto IP networks “but it has to be isolated from your general business network as much as possible,” he says.

Another IBMer sees physical and logical security convergence another way.

“Physical security has been about closed systems, but with the move to IP-based systems and connecting campuses there’s the need to have the IT and security department involved,” says Steve Russo, director of security and privacy technology at IBM’s global technology services group. He says there can be advantages in integrating physical security with logical and transactional systems to give management a better picture of what’s occurring, especially in retailing. And although network capacity is a concern, it’s possible to share an IP network for logical and physical security, he suggests.

“Is there a risk associated with combining it? Absolutely,” Russo  acknowledges. But he adds: “The logical-security people are looking at threats to the environment. And where we see the interesting spark is that they can take information about physical events and turn it into operational use.”

But there’s often a cultural rift existing between the physical security department for facilities management, with their isolated closed networks, and the IT department with its systems administrators and security specialists trying to keep scores of Internet-accessing computers and applications running safely.

Many looking at the convergence of physical and logical security say the protocol issue is something that has to be confronted. According to Gemalto’s Tom Flynn, contactless smart cards often use the HID protocol in the United States while in Europe a protocol called Mifare, developed by Phillips, is more often found. In U.S. government agencies, dual-use smart-card badges required to have FIPS 201 compliance may use chips that support both legacy door-readers and computer access with a public-key infrastructure digital credential. In Gemalto’s view, the work that Microsoft has done with Windows 7, .Net technology for the chip and Forefront Identity Manager is helping make smart-card issuance more turnkey.

IBM’s Russo says other protocol issues point to the need for standardized compression techniques and transport in physical-security equipment, as well as standard XML-based definitions so that important meta-data can be shared. “Physical security is transitional right now,” Russo says, pointing to both the Physical Security Interoperability Alliance and OASIS as organizations trying to further interoperability standards that would add convergence and make it worthwhile.

But to date, Flynn says he is only aware of a handful of large enterprises in the oil-and-gas industry, such as Chevron and Exxon, and pharmaceutical giants such as Pfizer, that have adopted converged smart cards for physical and logical security.