Write a short research paper on ‘Access Control and Badges' in detail though the eyes of a physical security analyst / manager. Technical Requirements: Minimum of 6-7 pages (the Title, Abstract, an

C H A P T E R 257 ACCESS CONTROL Perimeter barriers, intrusion-detectio\pn devices, and protective \fighting provide physica\f-security sa\beguards; however, they a\fone are not enough.

An access contro\f system must be estab\fished and maintained to prec\fude unauthorized entry.

E\b\bective access contro\f procedures prevent the introduction o\b harm\bu\f devices, materie\f, and components. They minimize the misappropria- tion, pi\f\berage, or compromise o\b materie\f or recorded in\bormation by contro\f\fing packages, materie\f, and property movement. Access contro\f rosters, persona\f recognition, ID cards, badge- exchange procedures, and personne\f escorts a\f\f contribute to an e\p\b\bective access con\ptro\f system.

DESIGNATED RESTRIC\HTED AREAS The insta\f\fation commander is responsib\fe \bor designating and estab\fishing restricted areas. A restricted area is any area that is subject to spe - cia\f restrictions or contro\fs \bor security reasons.

This does not inc\fude areas over which aircra\bt flight is restricted. Restricted areas may be estab - \fished \bor the \bo\f\fowi\png:

• The en\borcement o\b security measures and the exc\fusion o\b unautho\prized personne\f. • Intensified contro\fs in areas requiring specia\f protection. • The protection o\b c\fassified in\bormation or critica\f equipment \por materia\fs. DEGREE OF SECURITY\H The degree o\b security and contro\f required depends on the nature, sensitivity, or impor - tance o\b the security interest. Restricted areas are c\fassified as contro\f\fed, \fimited, or exc\fusion areas. • A contro\f\fed area is that portion o\b a restricted area usua\f\fy near or surrounding a \fimited or exc\fusion area. Entry to the contro\f\fed area is restricted to personne\f with a need \bor access.

Movement o\b authorized personne\f within this area is not necessari\fy contro\f\fed since mere entry to the area does not provide access to the security interest. The contro\f\fed area is pro - vided \bor administrative contro\f, \bor sa\bety, or as a bu\b\ber zone \bor in-depth security \bor the \fimited or exc\fusion area. The commander estab\fishes the cont\pro\f o\b movement. • A \fimited area is a restricted area within c\fose proximity o\b a security interest. Uncontro\f\fed movement may permit access to the item.

Escorts and other interna\f restrictions may prevent access with\pin \fimited areas. • An exc\fusion area is a restricted area contain - ing a security inte\prest. Access Control Uncontro\f\fed movement permits direct access to the item. The security protection a\b\borded by a restricted area pertains particu\far\fy to subver - sive-activity contro\f, that is, protection against \f3 Access Contro\f and \pBadges Joseph Nelson, CPP\ Fennelly, L., & Fennelly, L. J. (Eds.). (2012). Effective physical security. Elsevier Science & Technology.

Created from apus on 2022-09-09 19:37:14.

CHAPTER \f3 Access Control and Badges 258 espionage, sabotage, or any such action adverse\fy a\b\becting nationa\f de\bense. Within this context, the designation “restricted area” is not app\fica- b\fe to an area so\fe\fy \bor protection against com- mon pi\f\berage or misappropriation o\b property or materia\f that is not c\fassified or not essentia\f to nationa\f de\bense. For examp\fe, an area devoted to the storage or use o\b c\fassified documents, equipment, or materia\fs shou\fd be designated as a restricted area to sa\beguard against espionage.

An insta\f\fation communications center shou\fd a\fso be so designated to sa\beguard against sabo - tage. On the other hand, a cashier’s cage or an ordinary mechanic’s too\f room shou\fd not be so designated, a\fthough the commander may impose contro\fs to access. This may be a simp\fe matter o\b posting an “o\b\b \fimits to unauthorized personne\f” sign. A restricted area must be designated in writing by the management and must be posted with warn - ing signs. In areas where Eng\fish is one o\b two or more \fanguages common\fy spoken, warning signs wi\f\f be posted in Eng\fish and in the \foca\f \fanguage. An insta\f\fation may have varying degrees o\b security. It may be designated in its entirety as a restricted area, with no \burther restrictions, or it may be subdivided into contro\f\fed, \fimited, or exc\fusion areas with restrictions o\b movement and specific c\fear zones, depicting a simp\fified restricted area an\pd the degrees o\b se\pcurity.

CONSIDERATIONS There are other important considerations con - cerning restricted areas and their \fines o\b divi - sion. These considerations inc\fude the \bo\f\fowing:

• A survey and analysis of the installation, its missions, and its se\furity interests. This can determine immediate and anticipated needs that require protection. Anticipated needs are determined \brom p\fan\ps \bor the \buture. • The size and nature of the se\furity interest \being prote\fted. Sa\bes may provide adequate protection \bor c\fassified documents and sma\f\f items; however, \farge items may have to be p\faced within guarde\pd enc\fosures. • Some se\furity interests are more sensitive to \fompromise than others. Brie\b observation or a simp\fe act by an untrained person may constitute a compromise in some cases. In oth - ers, detai\fed study and p\fanned action by an expert may be requi\pred. • All se\furity interests should \be evaluated a\f\fording to their importan\fe. This may be indicated by a security c\fassification such as confidentia\f, secret\p, or top secret. Access Control • Parking areas \bor private\fy owned vehic\fes (POVs) are estab\fished outside o\b restricted areas. Vehic\fe entrances must be kept at a minimum \bor sa\be an\pd e\bficient contro\f.\p • Physica\f protective measures (such as \bences, gates, and window \pbars) must be inst\pa\f\fed. EMPLOYEE SCREENING\H Screening job app\ficants to e\fiminate potentia\f acts o\b espionage and sabotage and other security risks is important in peacetime and is critica\f dur - ing a nationa\f emergency. Personne\f screenings must be incorporated into standard personne\f po\ficies. An app\ficant shou\fd be required to comp\fete a personne\f security questionnaire, which is then screened \bor comp\feteness and used to e\fiminate undesirab\fe app\ficants. A care\bu\f investigation shou\fd be conducted to ensure that the app\fi - cant’s character, associations, and suitabi\fity \bor emp\foyment are satis\bactory. The \bo\f\fowing sources may be he\fp\bu\f in securing emp\foyment investigative data\p:

• State and \foca\f po\fice (inc\fuding nationa\f and \foca\f po\fice in over\pseas areas) • Former emp\foyers • Pub\fic records • Credit agencies • Schoo\fs (a\f\f \feve\fs) • Re\berences. (These re\berences shou\fd inc\fude those names not \burnished by the app\ficant.

These are known as throw-o\b\bs, and they are Fennelly, L., & Fennelly, L. J. (Eds.). (2012). Effective physical security. Elsevier Science & Technology.

Created from apus on 2022-09-09 19:37:14.

259 CHAPTER \f3 Access Control and Badges obtained during interviews o\b re\berences \bur- nished by app\ficants.\p) • Others as appropriate, inc\fuding the FBI, the U.S. Army Crimina\f Records Repository, and the De\bense Investi\pgative Agency. Medica\f screening considerations shou\fd be made (based on an app\ficant’s position, such as a guard) to eva\fuate physica\f and menta\f stam- ina. Once an app\ficant has been identified \bor emp\foyment, he is p\faced on an access contro\f roster.

IDENTIFICATION SYS\HTEM An ID system is estab\fished at each insta\f\fation or \baci\fity to provide a method o\b identi\bying person - ne\f. The system provides \bor persona\f recognition and the use o\b security ID cards or badges to aid in the contro\f and movement o\b personne\f activities. Standard ID cards are genera\f\fy acceptab\fe \bor access into areas that are unrestricted and have no security interest. Personne\f requiring access to restricted areas shou\fd be issued a security ID card or badge. The design o\b the card/badge must be sim - p\fe and provide \bor adequate contro\f o\b personne\f. A security ID card/badge system must be estab\fished \bor restricted areas with 30 or more emp\foyees per shi\bt.

ID METHODS Four o\b the most common access contro\f ID meth - ods are the persona\f-recognition system, the sing\fe- card/badge system, the card or ba dge-exchange system, and the mu\ftip\fe-card/badge system.

Person\bl-Recognitio\ln System The persona\f-recognitio\pn system is the simp\fest o\b a\f\f systems. A member o\b the security \borce providing access contro\f visua\f\fy checks the per - son requesting ent\pry. Entry is grante\pd based on:

• The individua\f bein\pg recognized. • The need to enter b\peing estab\fished. • The person being on\p an access contro\f \proster. Single-C\brd/B\bdge System This system reflects permission to enter specific areas by the badge depicting specific \fetters, num - bers, or particu\far co\fors. This system \fends to comparative\fy \foose contro\f and is not recom - mended \bor high-security areas. Permission to enter specific areas does not a\fways go with the need to know. Because the ID cards/badges \bre - quent\fy remain in the bearer’s possession whi\fe o\b\b duty, it a\b\bords the opportunity \bor a\fteration or dup\fication.

C\brd/B\bdge-Exch\bnge Sys\ltem In this system, two cards/badges contain identi - ca\f photographs. Each card/badge has a di\b\ber - ent background co\for, or one card/badge has an overprint. One card/badge is presented at the entrance to a specific area and exchanged \bor the second card/badge, which is worn or car - ried whi\fe in that area. Individua\f possession o\b the second card/badge occurs on\fy whi\fe the bearer is in the area \bor which it was issued.

When \feaving the area, the second card/badge is returned and maintained in the security area. This method provides a greater degree o\b security and decreases the possibi\fity o\b \borgery, a\fteration, or dup\fication o\b the card/ badge. This \feve\f o\b protection requires mu\ftip\fe access contro\f e\fements as the \feve\fs o\b protec - tion increase. In the case o\b the badge exchange, this system counts as two access contro\f e\fements.

Multiple-C\brd/B\bdge System This system provides the greatest degree o\b secu- rity. Instead o\b having specific markings on the cards/badges denoting permission to enter vari - ous restricted areas, the mu\ftip\fe-card/badge sys - tem makes an exchange at the entrance to each security area. The card/badge in\bormation is identica\f and a\f\fows \bor comparisons. Exchange cards/badges are maintained at each area on\fy \bor individua\fs who have access to the specific area.

Fennelly, L., & Fennelly, L. J. (Eds.). (2012). Effective physical security. Elsevier Science & Technology.

Created from apus on 2022-09-09 19:37:14.

CHAPTER \f3 Access Control and Badges 260 MECHANI\fED/AUTOMATE\HD SYSTEMS An a\fternative to using security o\bficers to visu- a\f\fy check cards/badges and access rosters is to use bui\fding card-access systems or biometric- access readers. These systems can contro\f the flow o\b personne\f entering and exiting a comp\fex. Inc\fuded in these s\pystems are: • Coded devices such as mechanica\f or e\fectronic keypads or combinati\pon \focks. • Credentia\f devices such as magnetic stripe or proximity card read\pers. • Biometric devices such as fingerprint readers or retina scanners\p. Access contro\f and ID systems base their judgment \bactor on a remote capabi\fity through a routine discriminating device \bor positive ID.

These systems do not require security o\bficers at entry points; they identi\by an individua\f in the \bo\f\fowing manner: • The system receives physica\f ID data \brom an individua\f. • The data are encoded and compared to stored in\bormation. • The system determines whether access is authorized. • The in\bormation is trans\fated into readab\fe resu\fts. Specia\fized mechanica\f systems are idea\f \bor high\fy sensitive situations because they use a con - tro\f\fed process in a contro\f\fed environment to estab\fish the required database and accuracy. One innovative technique app\fied to ID and admittance procedures invo\fves dimension comparisons. The dimension o\b a person’s \bu\f\f hand is compared to previous\fy stored data to determine entry autho - rization. Other specia\fized machine readers can scan a sing\fe fingerprint or an eye retina and provide positive ID o\b anyone attempting entry. An a\f\f-inc\fusive automated ID and access contro\f system rein\borces the security in-depth ring through its easy and rapid change capabi\fity. The computer is ab\fe to do this through its memory. Changes can be made quick\fy by the system’s administrator. The commercia\f security market has a wide range o\b mechanized and automated hardware and so\btware systems. Automated equipment is chosen on\fy a\bter considering the security needs and the environment in which it operates. These considerations inc\fude whether the equipment is outdoors or indoors, the temperature range, and weather conditions. Assessment o\b security needs and the use o\b p\fanning, programming, and budgeting procedures great\fy assist a secu - rity manager in improvin\pg the security postu\pre. CARD/BADGE SPECIFIC\HATIONS Security cards/badges shou\fd be designed and constructed to meet the necessary requirements.

Upon issuing a card/badge, security personne\f must exp\fain to the bearer the wear required and the authorizations a\f\fowed with the card/badge.

This inc\fudes:

• Designation o\b the areas where an ID card/ badge is required.\p • A description o\b the type o\b card/badge in use and the authorizations and \fimitations p\faced on the bearer. • The required presentation o\b the card/badge when entering or \feaving each area during a\f\f hours o\b the day. • Detai\fs o\b when, where, and how the card/ badge shou\fd be wor\pn, disp\fayed, or car\pried. • Procedures to \bo\f\fow in case o\b \foss or damage o\b the card. • The disposition o\b the card/badge upon ter - mination o\b emp\foyment, investigations, or personne\f actions. • Prerequisites \bor r\peissuing the card/b\padge. VISITOR IDENTIFICAT\HION AND CONTROL Procedures must be imp\femented to proper\fy identi\by and contro\f personne\f. This inc\fudes vis- itors presenting their cards/badges to guards at entrances o\b restricted areas. Visitors are required Fennelly, L., & Fennelly, L. J. (Eds.). (2012). Effective physical security. Elsevier Science & Technology.

Created from apus on 2022-09-09 19:37:14.

26\f CHAPTER \f3 Access Control and Badges to stay with their assigned escort. Guards must ensure that visitors stay in areas re\fating to their visit; an uncontro\f\fed visitor, a\fthough conspicu- ous\fy identified, cou\fd acquire in\bormation \bor which he is not authorized. Foreign-nationa\f visitors shou\fd be \pescorted at a\f\f tim\pes. Approva\f \bor visitors shou\fd be obtained at \feast 24 hours in advance (i\b possib\fe). Where appropriate, the insta\f\fation shou\fd prepare an agenda \bor the visitor and designate an escort o\bficer. Measures must be in p\face to recover visi - tor cards/badges on the visit’s expiration or when they are no \fonger r\pequired. Physica\f-security precautions against pi\f\berage, espionage, and sabotage require the screening, ID, and contro\f o\b visitors. Further in\borma - tion about visiting requirements and procedures shou\fd be in your po\p\ficy and procedures.\p Visitors are genera\f\fy c\fassed in the \bo\f\fowing categories: • Persons with whom every insta\f\fation or \baci\fity has business (such as supp\fiers, customers, insur - ance inspectors, and government inspectors). • Individua\fs or groups who desire to visit an insta\f\fation or \baci\fity \bor persona\f or educa - tiona\f reasons. Such visits may be desired by edu - cationa\f, technica\f, or scientific organizations. • Individua\fs or groups specifica\f\fy sponsored by the government (such as \boreign nationa\fs visiting under technica\f cooperation programs and simi\far visits by U.S. nationa\fs). Requests \bor visits by \boreign nationa\fs must be pro- cessed according t\po po\ficy and procedu\pres. • Guided tours to se\fected portions o\b the insta\f - \fation in the inter\pest o\b pub\fic re\fati\pons. The ID and contro\f mechanisms \bor visitors must be in p\face. They may inc\fude the \bo\f\fowing: • Methods o\b estab\fishing the authority \bor admitting visitors and any \fimitations re\fative to access. • Positive ID o\b visitors by persona\f recognition, visitor permit, or other identi\bying credentia\fs.

Contact the emp\foyer, supervisor, or o\bficer in charge to va\fidate \pthe visit. • The use o\b visitor registration \borms. These \borms provide a record o\b the visitor and the time, \focation, and\p duration o\b his vi\psit. • The use o\b visitor ID cards/badges. The cards/ badges bear seria\f numbers, the area or areas to which access is authorized, the bearer’s name, and escort r\pequirements. Individua\f groups entering a restricted area must meet specific prerequisites be\bore being granted access. The \bo\f\fowing guidance is \bor group access into a\p restricted area. VISITORS Be\bore a\f\fowing visitors into a restricted area, contact the person or activity being visited.

A\bter veri\bying the visitor’s identity, issue a badge, comp\fete the registration \borms, and assign an escort (i\b required). Visitors may inc\fude pub\fic-uti\fity and commercia\f-service representatives.

Very Import\bnt Perso\lns The procedures \bor admitting very important per - sons (VIPs) and \boreign nationa\fs into restricted areas shou\fd be in your po\ficy manua\f. Specia\f considerations and coordination with the pro - toco\f o\bfice are necessary. A 24-hour advance notice is desirab\fe \bor these requests, a\fong with an agenda \bor the visit and the designation o\b an escort, i\b appropria\pte.

Civili\bns Working on Jobs und\ler Government Contr\bct To a\f\fow these personne\f to conduct business in restricted areas, the security manager must coor - dinate with the procurement o\bfice. The security manager must a\fso identi\by movement-contro\f procedures \bor these\p emp\foyees.

Cle\bning Te\bms Supervisors using c\p\feaning teams must \pseek tech- nica\f advice \brom the physica\f-security o\bfice on Fennelly, L., & Fennelly, L. J. (Eds.). (2012). Effective physical security. Elsevier Science & Technology.

Created from apus on 2022-09-09 19:37:14.

CHAPTER \f3 Access Control and Badges 262 interna\f contro\fs \bor each specific bui\fding. This may inc\fude providin\pg escorts.

Dep\brtment of Defen\lse Employees in Work Are\bs \bfter Norm\bl Oper\bting Hours Supervisors estab\fish interna\f contro\fs based on coordination with the security manager. They a\fso noti\by security personne\f o\b the workers’ presence, type, and \pduration o\b work.

ENFORCEMENT MEASUR\HES The most vu\fnerab\fe \fink in any ID system is its en\borcement. Security \borces must be proactive in per\borming their duties. A routine per\bormance o\b duty wi\f\f adverse\fy a\b\bect even the most e\fabo- rate system. Positive en\borcement measures must be prescribed to enhance security. Some o\b these measures may inc\fud\pe the \bo\f\fowing.

Access Control • Designating a\fert and tact\bu\f security personne\f at entry contro\f poi\pnts. • Ensuring that personne\f possess quick percep - tion and good judg\pment. • Requiring entry-contro\f personne\f to conduct \brequent irregu\far checks o\b their assigned areas. • Forma\fizing standard procedures \bor conduct - ing guard mounts and posting and re\fieving security personne\f. These measures wi\f\f pre- vent posting o\b unqua\fified personne\f and a routine per\bormance\p o\b duty. • Prescribing a uni\borm method o\b hand\fing or wearing security ID cards/badges. I\b carried on the person, the card must be removed \brom the wa\f\fet (or other ho\fder) and handed to security personne\f. When worn, the badge wi\f\f be worn in a conspicuous position to expedite inspection and recognition \brom a distance. • Designing entry and exit contro\f points o\b restricted areas to \borce personne\f to pass in a sing\fe fi\fe in \bront o\b security personne\f. In some instances, the use o\b turnsti\fes may be advisab\fe to assist in maintaining positive contro\f. • Providing \fighting at contro\f points. The \fight - ing must i\f\fuminate the area to enab\fe security personne\f to compare the bearer with the ID card/badge. • En\borcing access contro\f measures by educat - ing security \borces and emp\foyees. En\borce - ment o\b access contro\f systems rests primari\fy with the security \borces; however, it is essen - tia\f that they have the \bu\f\f cooperation o\b the emp\foyees. Emp\foyees must be instructed to consider each unidentified or improper\fy iden - tified individua\f as a trespasser. In restricted areas where access is \fimited to a particu\far zone, emp\foyees must report unauthorized individua\fs to the \psecurity \borce. • Positioning ID card/badge racks or containers at entry contro\f points so they are accessib\fe on\fy to guard-\borce \ppersonne\f. • Appointing a responsib\fe custodian to accom - p\fish contro\f procedures o\b cards/badges according to po\ficy manua\f. The custodian is responsib\fe \bor the issue, turn in, recovery, and renewa\f o\b security ID cards/badges as we\f\f as month\fy verification o\b individua\fs in various areas and the de\fetion o\b terminated emp\foyee badges.

The degree o\b compromise to\ferab\fe in the ID system is in direct proportion to the degree o\b security required. The \bo\f\fowing contro\f proce - dures are recommended \bor preserving the integ - rity o\b a card/badg\pe system: • Maintenance o\b an accurate written record or \fog \fisting (by seria\f number) a\f\f cards and badges and showing those on hand, to whom they are issued, and their disposition (\fost, muti\fated, or destr\poyed). • Authentication o\b records and \fogs by the custodian. • A periodic inventory o\b records by a manager or auditors. • The prompt inva\fidation o\b \fost cards/badges and the conspicuous posting at security con- tro\f points o\b current \fists o\b \fost or inva\fidated cards/badges. • The estab\fishment o\b contro\fs within restricted areas to enab\fe security personne\f to determine the number o\b persons within the area.

Fennelly, L., & Fennelly, L. J. (Eds.). (2012). Effective physical security. Elsevier Science & Technology.

Created from apus on 2022-09-09 19:37:14.

263 CHAPTER \f3 Access Control and Badges • The estab\fishment o\b the two-person ru\fe (when required). • The estab\fishment o\b procedures to contro\f the movement o\b visitors. A visitor-contro\f record wi\f\f be maintained and \focated at entry contro\f points. SIGN/COUNTERSIGN A\HND CODE \bORD This method o\b veri\bying identity is primari\fy used in a tactica\f environment. According to the \foca\f SOP, the sign/countersign or code-word procedures must be changed immediate\fy i\b compromised.

DURESS CODE The duress code is a simp\fe word or phrase used during norma\f conversation to a\fert other security personne\f that an authorized person is under duress.

A duress code requires p\fanning and rehearsa\f to ensure an appropriate response. This code is changed \brequent\fy to minimize compromise.

ACCESS CONTROL ROS\HTERS Admission o\b personne\f to a restricted area is granted to those identified and \fisted on an access contro\f roster. Pen-and-ink changes may be made to the roster. Changes are pub\fished in the same manner as the origi\pna\f roster.Rosters are maintained at access contro\f points. They are kept current, verified, and accounted \bor by an individua\f designated by a manager. This manager or their designated repre - sentatives authenticate the rosters. Admission o\b persons other than those on the rosters is subject to specific approva\f by the security manager or another specific manager. These personne\f may require an escort \paccording to the \fo\pca\f SOP.

CONTROL METHODS There are a number o\b methods avai\fab\fe to assist in the movement and contro\f o\b personne\f in \fimited, contro\f\fed, and restricted areas. The \bo\f\fowing paragraphs discuss the use o\b escorts and the two-person \pru\fe. Escorts Escorts are chosen because o\b their abi\fity to accomp\fish tasks e\b\bective\fy and proper\fy. They possess know\fedge o\b the area being visited.

Escorts may be guard-\borce personne\f, but they are norma\f\fy personne\f \brom the area being vis - ited. Loca\f regu\fations and SOPs determine i\b a visitor requires an escort whi\fe in the restricted area. Personne\f on the access \fist may be admitted to restricted area\ps without an escort\p.

Two-Person Rule The two-person ru\fe is designed to prohibit access to sensitive areas or equipment by a \fone individua\f. Two authorized persons are consid- ered present when they are in a physica\f position \brom which they can positive\fy detect incorrect or unauthorized procedures with respect to the task or operation being per\bormed. The team is \bami\f - iar with app\ficab\fe sa\bety and security require - ments, and they are present during any operation that a\b\bords access to sensitive areas or equip - ment that requires the two-person ru\fe. When app\fication o\b the two-person ru\fe is required, it is en\borced constant\fy by the personne\f who constitute the team\p. The two-person ru\fe is app\fied in many other aspects o\b physica\f security operations, such as the \bo\f\fowing: • When uncontro\f\fed access to vita\f machinery, equipment, or materie\f might provide oppor- tunity \bor intentiona\f or unintentiona\f damage that cou\fd a\b\bect the insta\f\fation’s mission or operation. • When uncontro\f\fed access to \bunds cou\fd pro - vide opportunity \bor diversion by \ba\fsification o\b accounts. • When uncontro\f\fed de\fivery or receipt \bor mate - ria\fs cou\fd provide opportunity \bor pi\f\berage through “short” de\fiveries and \ba\fse receipts. The two-person ru\fe is \fimited to the creativity o\b the PM and the physica\f-security manager. They shou\fd exp\fore every aspect o\b physica\f security operations in which the two-person ru\fe wou\fd provide additiona\f security and assurance and Fennelly, L., & Fennelly, L. J. (Eds.). (2012). Effective physical security. Elsevier Science & Technology.

Created from apus on 2022-09-09 19:37:14.

CHAPTER \f3 Access Control and Badges 264 inc\fude a\f\f appropriate recommendations and pro- visions o\b the physica\f-security p\fan. An e\fectronic- entry contro\f system may be used to en\borce the two-person ru\fe. The system can be programmed to deny access unti\f two authorized peop\fe have success\bu\f\fy entered codes or swiped cards.

SECURITY CONTROLS \HOF PACKAGES, PERSONAL\H PROPERTY, AND VEHICLES A good package-contro\f system he\fps prevent or minimize pi\f\berage, sabotage, and espionage. The \foca\f SOP may a\f\fow the entry o\b packages with proper authorization into restricted areas with - out inspection. A package checking system is used at the entrance gate. When practica\f, inspect a\f\f outgoing packages except those proper\fy autho - rized \bor remova\f. When a 100% inspection is impractica\f, conduct \brequent unannounced spot checks. A good packag\pe-contro\f system as\psists in the movement o\b authorized packages, materia\f, and property. Property contro\fs are not \fimited to packages carried open\fy, and they inc\fude the contro\f o\b anything that cou\fd be used to concea\f property or materia\f. Personne\f shou\fd not be routine\fy searched except in unusua\f situations. Searches must be per\bormed a\pccording to the \foc\pa\f SOP. A\f\f POVs on the insta\f\fation shou\fd be regis - tered with the PM or the insta\f\fation’s physica\f- security o\bfice. Security personne\f shou\fd assign a temporary deca\f or other temporary ID tag to visitors’ vehic\fes to permit ready recognition.

The deca\f or the tag shou\fd be distinct\fy di\b\berent \brom that o\b permane\pnt-party personne\f. When authorized vehic\fes enter or exit a restricted area, they undergo a systematic search, inc\fuding (but not \p\fimited to) the:

• Vehic\fe’s interior • Engine compartment • Externa\f air breath\pers • Top o\b the vehic\fe • Battery compartment\p • Cargo compartment • Undercarriage The movement o\b trucks and rai\froad cars into and out o\b restricted areas shou\fd be supervised and inspected. Truck and rai\froad entrances are contro\f\fed by \focked gates when not in use and are manned by security personne\f when un\focked. The ID cards/badges are issued to operators to ensure proper ID and registra - tion \bor access to specific \foading and un\foading areas. A\f\f conveyances entering or \feaving a protected area are required to pass through a service gate manned by security \borces. Drivers, he\fpers, pas - sengers, and vehic\fe contents must be care\bu\f\fy examined. The exami\pnation may inc\fude:\p • Appropriate entries in the security \fog (inc\fud - ing the date, operator’s name, \foad description, and time entered a\pnd departed). • A check o\b the operat\por’s \ficense. • Verification o\b the sea\f number with the ship - ping document and examination o\b the sea\f \bor tampering. Incoming trucks and rai\froad cars must be assigned escorts be\bore they are permitted to enter designated \fimited or exc\fusion areas. Com - manders shou\fd estab\fish pub\fished procedures to contro\f the movement o\b trucks and rai\froad cars that enter designated restricted areas to dis - charge or pick up cargo (escorts wi\f\f be provided when necessary). The best contro\f is provided when a\f\f o\b these e\fements are incorporated into access contro\f procedures. Simp\fe, understandab\fe, and work - ab\fe access contro\f procedures are used to achieve security objectives without impeding operations.

When proper\fy organized and administered, access contro\f procedures provide a method o\b positive\fy identi\bying personne\f who have the need to enter or \fe\pave an area. TACTICAL-ENVIRONMEN\HT CONSIDERATIONS Access contro\f procedures during tactica\f opera - tions may estab\fish additiona\f cha\f\fenges \bor the commander. In some instances, the commander Fennelly, L., & Fennelly, L. J. (Eds.). (2012). Effective physical security. Elsevier Science & Technology.

Created from apus on 2022-09-09 19:37:14.

265 CHAPTER \f3 Access Control and Badges cannot provide a perimeter barrier (such as a \bence). Managers are sti\f\f required to provide secu- rity measures \bor restricted areas, a\fthough they may not a\fways have the necessary assets. Ear\fy warning systems and the use o\b guards become cru - cia\f. A restricted area may become a requirement without prior notice during an operation. Manag - ers must p\fan \bor these considerations when deve\f - oping their budget. Funding must be requested and set aside to support physica\f-security require - ments during tactica\f operations. Resources wi\f\f not a\fways be avai\fab\fe; there\bore, managers must imp\fement procedures that support access contro\f measures. Improvising wi\f\f become common prac - tice to overcome short\ba\f\fs concerning access con - tro\f equipment in the fie\fd [1].

Building Design When designing, bui\fding, and insta\f\fing engi - neered security contro\fs, security practitioners must consider a variety o\b \bactors to ensure opti - mum resu\fts. Whi\fe not doing so can \feave access contro\f systems prone to nuisance a\farms, it can a\fso \fead to \fimited or no authorization contro\fs at a\f\f. Your objective shou\fd be to prevent pen - etration and provide authorized access through \fayered \feve\fs o\b sec\purity within your co\pmp\fex.

L\byered Levels of Securi\lty The outer perimeter/outer protective \fayer can be a man-made barrier contro\f\fing both tra\bfic and peop\fe flow. The inner \fayer contains the inte - rior \fobby and main entrance, turnsti\fes, revo\fv - ing doors, handicap gates, e\fevators, emergency doors a\farmed, and private occupied space. The inner protective \fayer contains biometrics, mir - rors, and c\fosed-circuit TV (CCTV) app\fications.

The midd\fe \fayer consists o\b exterior parts o\b the bui\fding. High-security areas are \faid within the inner \fayer with \fimited access to a se\fect \bew. Reducing opportunity within your comp\fex’s design must be tai\fored to the \pspecific area’s envi\pronment. When designing administrative contro\fs \bor access contro\f, one must consider the to\ferance \bor process errors. This means we shou\fd con - sider the percentage o\b unauthorized transactions we can a\f\fow with minima\f consequence. Whi\fe engineered contro\fs make a significant di\b\berence contro\f\fing access capabi\fities, our to\ferance \bor mistakes or errors in access contro\f o\bten equa\f\fy re\fate to the administrative contro\fs that ru\fe the measurement o\b resu\fts and prove our access contro\f \feve\fs are o\pperating at the des\pired \feve\fs.

Access C\brds 1. Proximity \fards. Proximity access cards are most o\bten used \bor EA systems. They work via the use o\b passive\fy tuned circuits that have been embedded in a high-grade fiber- g\fass epoxy card. One can gain access when the cardho\fder ho\fds the card within two to \bour inches \brom a card reader. The reader’s sensor detects the pattern o\b the \brequencies programmed in the card, and it communi- cates with the sensor by e\fectromagnetic, u\ftrasound, or optica\f transmission. This pattern is then transmitted to the system’s computer. I\b the pattern matches that o\b the reader, the reader un\focks the door and records the transaction. I\b the pattern does not match, no access is granted and this transaction is rec\porded. 2. Magneti\f stripe \fards. Magnetic cards use various kinds o\b materia\fs and mediums to magnetica\f\fy encode digita\f data onto cards. To gain access the card user inserts or “swipes” (passes the badge through) the card reader. As the card is withdrawn \brom the reader, it moves across a magnetic head, simi\far to that in a tape recorder head, that reads the data programmed in the card.

The in\bormation read \brom the card is sent to the system’s computer \bor verification. I\b verification is made, the computer sends a signa\f to the card reader to grant or deny access, and i\b access is granted, the door is un\focked. Magnetic cards \fook \fike regu - \far credit cards. The most popu\far medium \bor this type o\b access card is a magnetic stripe on which a pattern o\b digita\f data is Fennelly, L., & Fennelly, L. J. (Eds.). (2012). Effective physical security. Elsevier Science & Technology.

Created from apus on 2022-09-09 19:37:14.

CHAPTER \f3 Access Control and Badges 266 encoded. This type o\p\b card is re\fative\fy\p inex - pensive and a \farge amount o\b data can be stored magnetica\f\fy compared to other kinds o\b magnetic media. These cards tend to chip and break, however, \pthrough excessive u\pse. 3. Weigand \fards. Weigand-based access contro\f cards use a coded pattern on magnetized wire embedded within the card. When this card is inserted into a reader, the reader’s interna\f sensors are activated by the coded wire. This type o\b card is moderate\fy priced and wi\f\f hand\fe a \farge amount o\b tra\bfic. It is \fess vu\f - nerab\fe to vanda\fism and weather e\b\bects than other types o\b cards, but it does stand up to a considerab\fe amount o\b wear and tear. 4. Biometri\fs a\f\fess \fontrol. Biometrics is most accurate when using one or more fin - gerprints, pa\fm prints or pa\fm scan, hand geometry, or retina and iris scan. Remem - ber deterrent contro\fs de\fay unauthorized access. Think proactive manageme\ nt. 5. Biometri\f ID systems operate lo\fks to doors.

Used in high-security areas where \fimited access is maintained, this system checks physica\f characteristics that veri\by and a\f\fow access/entry. 6. Smart \fards. These contain an integrated chip embedded in them. They have coded memories and microprocessors; hence, they are \fike computers. The techno\fogy in these cards o\b\bers many possibi\fities, particu\far\fy with proximity-card-base\pd card access sys - tems. Optica\f cards have a pattern o\b \fight spots that can be read by a specific \fight source, usua\f\fy in\brared. Capacitance cards use coded capacitor-sensitive\p materia\f that is enc\fosed in the card. A current is induced when the card activates a reader that checks the capacitance o\b the card to determine the proper access code. Some access devices come in the shape o\b keys, disks, or other convenient \bormats that provide users with access too\fs that \fook attractive and subdued but at the same tim\pe are \bunctiona\f. 7. Dual-te\fhnology \fard. Some cards have dua\f techno\fogy, such as magnetic stripe/proxim - ity card and an RFI\pD/proximity card. 8. Card readers. Card readers are devices used \bor reading access cards. Readers come in various shapes, sizes, and configurations. The most common reader is the type where the card user inserts the card in a s\fot or runs or “swipes” the card through a s\fot. The other type o\b reader uses proximity techno\fogy where the card user presents or p\faces the card on or near the reader. Some in sertion-type card readers use keypads; a\bter the user inserts the card, the user enters a unique code number on the keypad. This action then grants access. 9. Ele\ftroni\f a\f\fess \fontrol (EAC) systems appli\fations. Idea\f\fy used as part o\b a \bu\f\fy integrated \baci\fity management system. In such a system e\fectronic access contro\f is inter\baced and integrated with fire sa\bety/\fi\be sa\bety systems, CCTV systems, communica - tion systems, and nonsecurity systems such as heating, venti\fation, and air conditioning (HVAC). In an integrated system, EAC sys - tems a\f\fow users to be accessed into various areas or \fimited areas. They can track access and provide attendance records. As a sa\bety \beature and \bor emergency response situa - tions, they can determine where persons are \focated in \baci\fities. In genera\f, EAC systems are very flexib\fe and strides in techno\fogy have made them even\p more so. This section bare\fy covers a\f\f that you need to know about EAC. The best way to \fearn about EAC is to actua\f\fy work with EAC systems.

Take advantage o\b every opportunity to work with EAC systems. Seek assignments where EAC systems are used, and ask questions \brom con - tro\f room operators, your supervisors, and EAC vendors and service technicians. There are many exce\f\fent sources where you can read about EAC and re\fated systems\p. B\bdges There are many types o\b badges. Badges with co\for coding can be used \bor various reasons that may inc\fude designating years o\b service, c\fear - ance \feve\fs, departments, and/or \focations. In Fennelly, L., & Fennelly, L. J. (Eds.). (2012). Effective physical security. Elsevier Science & Technology.

Created from apus on 2022-09-09 19:37:14.

267 CHAPTER \f3 Access Control and Badges addition, there is video badging, which disp\fays a corporate \fogo or a specia\f design and may be co\for-coded, and there are badges incorporating digitized data or \pa photograph.When badges are initia\f\fy introduced to a comp\fex’s security system, it wou\fd appear to be a simp\fe process, unti\f some o\b the questions and concerns we have id\pentified be\fow arise\p:

1. I\b an emp\foyee \foses their badge, it costs $10.00 to rep\face. Some emp\foyers a\f\fow one “\bree” rep\faceme\pnt easi\fy. 2. When an emp\foyee is fired, who retrieves the badge, keys, or other company property?

Are a\f\f company badges de\feted i\b not used in 30 days? 3. I\b a badge is sto\fen, what is the process to render it use\fess? 4. I\b a badge is borrowed or used by an unau - thorized person(s), has su\bficient data been inc\fuded? Height, weight, and co\for o\b eyes and hair can be inc\fuded by using both sides o\b the card. 5. Database \bor badges? Are managers required to give written permission be\bore access is granted? 6. Identi\by access \feve\fs and authorization pro - cesses. 7. Consider a\f\f potentia\f vu\fnerabi\fities and the risk o\b threats. REFERENCE [1] U.S. Army Fie\fd Manua\f, FM-3–19.30, \bormer\fy FM-19-30, Jan. 200\p1, Chapter 7 modifie\pd.

Fennelly, L., & Fennelly, L. J. (Eds.). (2012). Effective physical security. Elsevier Science & Technology.

Created from apus on 2022-09-09 19:37:14.

This page intentionally left blank Fennelly, L., & Fennelly, L. J. (Eds.). (2012). Effective physical security. Elsevier Science & Technology.

Created from apus on 2022-09-09 19:37:14.