Until now we have discussed how visitors are signed in, identified and move around a facility, the last element that needs to be considered is how the visitor leaves the site at the end of their visit.
More specifically, we need to ensure that they no longer have a security pass and in the event that their pass is not returned, it cannot be used further.
This can be achieved by technology, human procedures, or a combination of the two.
Let’s take a look at the most common methods…
If visitors are given smart cards and need to use them to go through turnstiles, the most common method is to install a card collector where the visitor had to insert heir smart card into a slot at the top of the turnstile.
The card drops past a reader which opens the turnstile gate and then retains the card.
I have seen little baskets left on the top of the tintype for lanyards and card holders to be placed in, or their are given to the receptionists, but the visitor has no option to exit unless their card is placed in the card collector slot.
Reception or Security Staff
If turnstiles are not used, the facility may require the Card must be handed into staff on reception, this can be quite common if a paper sign in book is used and the visitor needs to sign themselves out.
What happens if the pass is not returned?
Apart from the cost to the organisation of a lost card, or the potential for someone to still have a visitor badge that indicates that they have a need to be on site, a good set of security measures should ensure that even if the visitor pass is not returned, it cannot be used.
Access Control System
The access control system can play its part here by ensuring that the pass cannot be used if it is not returned.
In some systems, this is achieved by telling the access control system what date and time the visit is taking place, and therefore the visitor pass should be valid for, e.g 2pm to 4pm Monday 2nd January.
Alternatively, setting the pass to expire at the end of the day of the visit will ensure that the card cannot be used after that date.
Where paper passes are issued, these should have an expiry date printed on them that security staff can visually inspect.
We discussed in part 4 that QR codes could be used to identify visits.
It is now possible to send a QR code to a visitor using a smartphone app rather than attaching it to an email, or printing it on arrival.
In this case, we can remotely wipe the QR code credential from the smartphone at the event of the visit or day to ensure that it cannot be used again.
This same principal of using a smartphone app can also be used to issue a virtual smart card that can be used as a working visitor pass.
This limits the option for photographic visual identification of the visitor, but still allows the credential to be wiped from the smartphone.