Defence methods against tailgating











up vote
57
down vote

favorite
6












This is a follow-up question to this one: Roles to play when tailgaiting into a residential building



How do you protect yourself or your company against tailgaters? What is the best answer when you are asked by, let's say the delivery guy, to let you in?










share|improve this question









New contributor




Lithilion is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 26




    .... "No." ....
    – A C
    yesterday






  • 1




    Is there data about where/when tailgating is most likely? For example, I've seen places where dozens of people go out for smoke breaks at the same time, and return at the same time, and this smoking area is outside a standard entrance. It seems to me that this would be an ideal time/location for a tailgater to get in.
    – Andy Lester
    21 hours ago






  • 2




    @AndyLester "most likey"? No, I have not seen data. But there is a lot of data about how physical pen testers have been successful, and the "smoke break" route is the common vector.
    – schroeder
    7 hours ago















up vote
57
down vote

favorite
6












This is a follow-up question to this one: Roles to play when tailgaiting into a residential building



How do you protect yourself or your company against tailgaters? What is the best answer when you are asked by, let's say the delivery guy, to let you in?










share|improve this question









New contributor




Lithilion is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 26




    .... "No." ....
    – A C
    yesterday






  • 1




    Is there data about where/when tailgating is most likely? For example, I've seen places where dozens of people go out for smoke breaks at the same time, and return at the same time, and this smoking area is outside a standard entrance. It seems to me that this would be an ideal time/location for a tailgater to get in.
    – Andy Lester
    21 hours ago






  • 2




    @AndyLester "most likey"? No, I have not seen data. But there is a lot of data about how physical pen testers have been successful, and the "smoke break" route is the common vector.
    – schroeder
    7 hours ago













up vote
57
down vote

favorite
6









up vote
57
down vote

favorite
6






6





This is a follow-up question to this one: Roles to play when tailgaiting into a residential building



How do you protect yourself or your company against tailgaters? What is the best answer when you are asked by, let's say the delivery guy, to let you in?










share|improve this question









New contributor




Lithilion is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











This is a follow-up question to this one: Roles to play when tailgaiting into a residential building



How do you protect yourself or your company against tailgaters? What is the best answer when you are asked by, let's say the delivery guy, to let you in?







physical social-engineering physical-access






share|improve this question









New contributor




Lithilion is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




Lithilion is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited Nov 16 at 15:25









schroeder

70.9k29154189




70.9k29154189






New contributor




Lithilion is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked Nov 16 at 15:12









Lithilion

40329




40329




New contributor




Lithilion is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Lithilion is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Lithilion is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.








  • 26




    .... "No." ....
    – A C
    yesterday






  • 1




    Is there data about where/when tailgating is most likely? For example, I've seen places where dozens of people go out for smoke breaks at the same time, and return at the same time, and this smoking area is outside a standard entrance. It seems to me that this would be an ideal time/location for a tailgater to get in.
    – Andy Lester
    21 hours ago






  • 2




    @AndyLester "most likey"? No, I have not seen data. But there is a lot of data about how physical pen testers have been successful, and the "smoke break" route is the common vector.
    – schroeder
    7 hours ago














  • 26




    .... "No." ....
    – A C
    yesterday






  • 1




    Is there data about where/when tailgating is most likely? For example, I've seen places where dozens of people go out for smoke breaks at the same time, and return at the same time, and this smoking area is outside a standard entrance. It seems to me that this would be an ideal time/location for a tailgater to get in.
    – Andy Lester
    21 hours ago






  • 2




    @AndyLester "most likey"? No, I have not seen data. But there is a lot of data about how physical pen testers have been successful, and the "smoke break" route is the common vector.
    – schroeder
    7 hours ago








26




26




.... "No." ....
– A C
yesterday




.... "No." ....
– A C
yesterday




1




1




Is there data about where/when tailgating is most likely? For example, I've seen places where dozens of people go out for smoke breaks at the same time, and return at the same time, and this smoking area is outside a standard entrance. It seems to me that this would be an ideal time/location for a tailgater to get in.
– Andy Lester
21 hours ago




Is there data about where/when tailgating is most likely? For example, I've seen places where dozens of people go out for smoke breaks at the same time, and return at the same time, and this smoking area is outside a standard entrance. It seems to me that this would be an ideal time/location for a tailgater to get in.
– Andy Lester
21 hours ago




2




2




@AndyLester "most likey"? No, I have not seen data. But there is a lot of data about how physical pen testers have been successful, and the "smoke break" route is the common vector.
– schroeder
7 hours ago




@AndyLester "most likey"? No, I have not seen data. But there is a lot of data about how physical pen testers have been successful, and the "smoke break" route is the common vector.
– schroeder
7 hours ago










12 Answers
12






active

oldest

votes

















up vote
76
down vote



accepted










This is not a problem that has a social solution. No amount of corporate policy will save you. Humans are social animals. In the end, if people can let other people in, they will. Even if you may be very security aware and not let anyone in, 95% of your collegues will act differently.



You have to work with human nature, not against it.



So if you want to stop tailgating, you'll need one of these, perferably placed in a reception with human supervision:



Revolving door only letting one person in at a time.






share|improve this answer

















  • 31




    there are nicer-looking gates :)
    – schroeder
    Nov 16 at 15:34






  • 2




    @schroeder Indeed. I've seen Metro/subway turnstiles/gates at occasional office buildings, though its not quite as secure.
    – mbrig
    Nov 16 at 16:25






  • 36




    @Bakuriu Most of the turnstiles I've seen like this have enough room for me and someone I know pretty well, but not enough room for me and a total stranger. It'd be pretty awkward to tailgate through one of these.
    – Nuclear Wang
    2 days ago






  • 2




    @Bakuriu, I certainly do remember one at a back entrance where two normal adults would not fit. At the front entrance there was a normal, more comfortable, turnstile, but there was also security guard there.
    – Jan Hudec
    2 days ago








  • 5




    @Bakuriu there are better doors that physically don't allow anyone to fit in. Somewhat extreme example in this answer worldbuilding.stackexchange.com/a/126499/39218 to a question in Worldbuilding SE.
    – Gnudiff
    2 days ago


















up vote
34
down vote













You protect yourself by politely challenging people who are trying to get in without using the controls. You simply ask to see their pass or offer to escort them to reception/security. I use the simple phrase, "I'm sorry, I do not know who you are so I cannot just let you in. May I escort you to reception?" If they resist, I monitor them and quietly inform security. For me, it doesn't matter if they are the CEO or a delivery person.



The company protects itself by




  • installing physical gates that only allow one person in at a time

  • controls that prevent the same passcard being used on the same side of the gate

  • human monitors to detect tailgating

  • training people to politely challenge those trying to get in without using the proper methods






share|improve this answer

















  • 8




    "I'm sorry, I do not know who you are" - this risks offending people who expect you to know who they are, which can have nasty consequences, especially if you're below-average at remembering people's appearances. Even if the official security policy says it doesn't matter who they are, it matters in practice.
    – user2357112
    2 days ago








  • 14




    @user2357112 do you have an alternate phrase to use? Because in no way should you let someone in just to avoid social awkwardness. And yes, I have said that to CEOs. The security policy should matter more than egos. It NEEDS to matter more than egos.
    – schroeder
    2 days ago








  • 19




    There are two kinds of CEOs: ones that will be pissed, and ones that will applaud you. Either way, you get to find out whether your CEO has your back or not, so it's a win for you.
    – Jörg W Mittag
    2 days ago






  • 5




    @user2357112 If you work in a country where people of a different race can do what they like (including getting you fired) simply because they are a different race, that isn't an Information Security issue, it's a Human Rights issue.
    – alephzero
    2 days ago






  • 13




    Our company is teaching this every three months for years, and makes everyone sign that they got it. Effect: zero. 95% of people hold the door for anyone that doesn't look like a bum.
    – Aganju
    2 days ago


















up vote
18
down vote













The cheap solution is to put up scary “no tailgating - everyone must badge in at this door - no exceptions - don’t risk your job - report all tailgate requests to Joe at 123-456-7890” signs at each unattended controlled portal. Make sure there are obvious cameras in the vicinity.



If you want people to challenge someone, it’s much easier for them to do so when they have something to back up their assertions. That way they can point to the sign and blame it, instead of coming up with their own reason.






share|improve this answer




























    up vote
    17
    down vote













    (Just a passer-by opinion)



    Obviously, a physical gate would work the best.



    In case you don't want to install these, you may try to request all employees to challenge tailgaters, as schroeder suggests. However, I want to underline one distinction that I find important.



    One my employer had the policy "do not allow strangers in, but allow people that you know, even if they do not scan their bage etc.". I have always found this to be somewhat embarassing. I have a bad memory on faces, so I can easily not recognise one of my peers, and if I ask them who they are, this will be an embarassing situation. I believe this is the main reason why such policies do not work good.



    At the same time, another my employer had a different policy: "everybody must scan their badge, even if they come in as a group". And it was followed; even if we a group of peers were going to a canteen together, everybody in the group would scan their badge at a controlled door. This makes much easier for employees to control tailgating. In normal situation everybody will scan their badge with a distinct beep. If someone follows me and I do not hear a beep, then I am absolutely not that embarrassed to challenge them. Just because in case he is in fact my peer, he has already done something (a bit) wrong, and thus it's ok for me to challenge him.






    share|improve this answer










    New contributor




    Petr is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.














    • 9




      The problem with letting in people that you recognise is the case when the employee was recently let go.
      – schroeder
      2 days ago






    • 12




      Our company policy is the "everybody must scan" sort. If the CEO of the company forgot his badge and wanted to tailgate through on my swipe, I'd have to tell him "Sorry, sir. I'll be happy to sign the log with the front-desk guard to get you into the building as my guest, since I recognize you, (and they are going to ask you to show your government-issued photo ID for the log, just in case you're a look-alike who fooled me, and make you hang a Visitor badge around your neck) but I won't subvert security policy by letting you enter without going through that documented-exception process."
      – Monty Harder
      2 days ago










    • What do you mean by "a physical gate would work the best"? Tailgating is when someone with access lets someone in through a gate, literally. What is a gate if not physical?
      – pipe
      2 hours ago


















    up vote
    8
    down vote













    One solution is to have "secret drills".



    Ask someone to let you in without a badge. Try and convince them as best you can to let you in. If they let you in without a badge, fire them. Otherwise, reward them.



    Okay, it does not need to be that severe, but the point is that the secret drills should be frequent, and there is a clear incentive not to let you in much greater than the social consequences. You might want to start with a more reward focused approach, but as the employees become aware of the secret drills, you should move more towards punishment, since they should "no better".



    Of course, don't always use yourself. Use the CEO. Use their immediate boss. Use other employees (although be careful with this, since the employees might let others know they are part of the secret drill. Fake employees might be better). Use someone on a phone just walking in. Use a smoking clown with with a fire axe on his back and a police cap on the head holding 6 packages with a clipboard lying on top demanding to enter the building to check on his elderly mother because he is worried that there is a gas leak.






    share|improve this answer



















    • 3




      One solution is to have "secret drills". so...a rather standard pentest? If they let you in without a badge, fire them. which would be terrible for morale. It's also pretty hard to enforce this the more people work in a building. Especially in a shared office building. What are you going to do if somebody from another company lets you in? Or maybe one of their guests for the day?
      – vlaz
      2 days ago












    • @vlaz well, kind of. The purpose would be training though, not testing. Also, I did say that was a bit of an exaggeration. Also, you could report it to the person's employers, who wouldn't be happy.
      – PyRulez
      2 days ago






    • 3




      there's no company in the world that has enough money to pay me to work for them and have such a policy. If the company can't solve their security issues without getting into my business at the company, it's their own damn fault, and there's no reason I have to pay for it.
      – Andrei
      yesterday










    • @Andrei I don't quite understand what you mean by that. This is a threat vector that pretty much only exists due to individual employee behaviors. The issue is the employees letting unauthorized people in, so the only way to solve the security issue would involve "getting into your business at the company" by making sure you follow security protocol (or full-time security at entrance points and a high-tech system, which is costly). I don't see how this would be any different than breaking other security policies. Every user of the system has some role in security.
      – JMac
      3 hours ago






    • 1




      @Andrei Security practices should never only be the responsibility of the employees with security jobs. They would come up with the policies, and attempt to enforce them; but that doesn't mean regular employees can ignore security entirely. Your employees should be trained to not allow tailgaters at all. Sometimes installing turnstiles and the measures you talk about (such as security guards) is prohibitively expensive. That doesn't mean you can't have security practices in place with your employees, and enforce those practices. Low-overhead companies may need security too.
      – JMac
      2 hours ago


















    up vote
    7
    down vote













    As a receptionist, I am trained to vet everyone who comes into the building. If I do not recognize that person, I immediately ask if they need help with anything, and who they have come to see. If they attempt to act with a sense of urgency or authority, then I notify them that they must sign in before entering the building because of food safety protocols, and continue to ask them about the details about why they are here, and then let the person responsible for meeting with them or checking up on them know that they are here.



    Our office is relatively relaxed so we let a variety of people in, but typically having several procedures to "slow a person down" like having to sign in, talk to and be vetted by at least one person, and be directed to where they need to go can be very beneficial.






    share|improve this answer








    New contributor




    William Michael is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.














    • 4




      Unauthorized tailgaters rarely use the front door. The main concern for this subject is going to be those back-doors that make it easy to convince someone on their smoke break to let you into an unsupervised entrance. There are many social engineering tricks to beating receptionists, but that is a different question.
      – Nosajimiki
      2 days ago






    • 1




      If a building has multiple entrances with a main reception desk, it would seem like the only logical thing to do in that situation would be to either have the receptionist have access to camera systems for other entrances, someone in IT, or a full/part time security guard. Edit : Posted before I finished my comment. As you stated in your response, people will find workarounds when it comes to social encounters, so the only way to ensure this doesn't happen would be to put procedures in place to have people dissociated enough to actually pay attention to these kinds of things.
      – William Michael
      yesterday




















    up vote
    6
    down vote













    There's a lot of value to a sign, at least relative to its literal and sociological costs, but I would assume that the text matters.



    Any variation of You/Everyone must swipe in at this door will set up a rule which an intruder might choose to break. It doesn't set up an expectation of rule-compliant people to enforce the rule on their peers or strangers. Even more precisely, it doesn't reassure rule-compliant people that their peers won't perceive them as uptight for enforcing the rule.



    I would suggest something like
    Make sure everyone entering with you swipes in. Listen for the beep indicating that their badge is valid/up-to-date.

    If I'm entering the building with someone, then I know that they've seen the sign that says that I have to ask them to swipe in.






    share|improve this answer








    New contributor




    ShapeOfMatter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.

























      up vote
      5
      down vote













      This is hard and you need to think about the tradeoff it implies. Most tailgaters should be allowed into the building-they really do have a beneficial purpose there. My company had multiple buildings with doors that only permitted one person through, but I could swipe my badge and let anybody in, then swipe again and go in myself. (I used to joke I should get double pay because there were two of me at work.) Visitors were supposed to check in with reception, but that was in another building and they still needed me to swipe them in-they were not given badges that would swipe.



      You have a choice between a serious effort to prevent tailgating and viewing your access controls as the first step of a defense in depth. If you really want to prevent tailgating, you need to accept that beside the personnel cost for monitoring you will slow everything down. Copy machines will not get repaired as promptly, so meetings will not be as efficient. Some meetings with outsiders will not happen because it is just too much trouble. Maybe one of those held the secret to the ultimate success of your company.



      How bad is it if an unauthorized person gets in? Will they be challenged if they are just wandering around unescorted? Is it worth the cost to really prevent, as opposed to just making it a bit difficult? I started with "this is hard".



      Clearly this is not an answer to the question as asked, but it seems there is an underlying assumption that we need to prevent tailgating. That is true in some situations, but not all.






      share|improve this answer








      New contributor




      Ross Millikan is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.

























        up vote
        5
        down vote













        Once I got a tour by the CEO of ADB through one of their factories. Before we could enter there were 2 control posts. To enter the parking lot you had to go through an ID verification. If you walked to the building you came by this post also.



        The second verification you had to go through was at the entrance. All employees, visitors,... must enter through this entrance. After the door closed you were locked in a grey zone. After you passed another ID verification you received your badge to enter the building. There is no other way in or out. If you left you had to go through the same verification.



        Another example of this technique is used by a company that I used to work for. They buy/sell gold in large quantities. If you wanted to enter the building, you had to push a button, then state your business and name while looking into a camera. If the door opens and you enter the building you are locked in a small room where ID verification happened. And your bags are checked everytime you enter or leave. Even people that worked there 5+ years had to go through all those security steps. I never saw anyone with bad intents get further than the first door. If the situation is fishy the person stays locked in that room, the security takes away this person for further investigation. Never I have seen this system fail.






        share|improve this answer








        New contributor




        Ilyas Deckers is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.

























          up vote
          3
          down vote













          If it's a situation the really matters that much, you station a security person at every entrance whose entire job is to challenge people who enter without swiping — even people known to them, since access be be revoked suddenly. Then you back this up with security camera spot checks, where the job of the cameras is allowing a supervisor to verify the guards are doing what they are supposed to, in addition to keeping records of entrances/exits.



          Eventually, I expect computer vision technology to evolve to the point where a camera can be smart enough to do most of the job of the guard. It only has to detect the number of total people vs the number of distinct swipes, and you can use infrared in addition to visible light to make it difficult to fool the camera.



          Another option is the door fob only rings an alert in the security office, where it's up to a security officer there to unlock the door based on how the camera feed correlates to the fob logs. That can be much cheaper than stationing a guard at every door, while still providing most of the same security against tailgating.






          share|improve this answer























          • They have been that smart for a few years now, and are already used in this capacity, although you only really see them in really high profile buildings like major data centers, expect this technology to become a lot more common place in the next few years.
            – Nosajimiki
            2 days ago


















          up vote
          0
          down vote













          Face recognition technology is about ready for that, and can easily handle large masses of people simultaneously, without the need for badges or turn styles.



          For example, the Orlando airport is being converted to use face recognition instead of passport controls (supposedly still to go live in 2018). You will just walk by, and be automatically identified.






          share|improve this answer

















          • 1




            How easy is this to fool by wearing a mask or something? You can't really do that at an airport - too many people around and it would be suspicious, but what about an office building at a quiet hour or even few minutes - you put the mask on, get in, take it off when nobody is around to question you? How easy is it to get a false negative, either - if somebody grew a beard or maybe had a face injury, would they be denied access? That's lower risk than a false positive but still something to keep in mind.
            – vlaz
            2 days ago










          • I have my doubts too... but they seriously do that in the airport, and they should know what they do.
            – Aganju
            2 days ago


















          up vote
          -1
          down vote













          If you have the budget for it, use high resolution cameras with facial recognition. Security will be alerted even if some well meaning do-gooder holds the door open for them when they enter an unauthorized area.






          share|improve this answer





















          • Unless they duck, or face the other way... Technology is not a panacea.
            – wizzwizz4
            2 days ago












          • This comes down to what level of security you are trying to enforce. Many can be configured to alert you to an unrecognized person; so, obscured faces can create false positives, but false negatives are nearly impossible. Even if you have a bag over your head, it will still mark you as an unknown person alerting security to your presence. Also, the facial recognition software that comes with them typically use machine learning; so, they learn your whole facial profile over time such that false positives become pretty rare after it's seen you a few times.
            – Nosajimiki
            3 hours ago










          • This many not be a good course of action for a building where you have a lot of "unknown" people coming and going, but in general, if you are worried about tailgating as a serious security concern, you are probably talking about somewhere that unknown people should not be to begin with.
            – Nosajimiki
            3 hours ago










          • I've experience with fooling automatic doors; even that's not hard. So fooling a much more complex system? A commando-roll could well be enough. And remember; if the system's too sensitive, it won't be long before positives are ignored.
            – wizzwizz4
            28 mins ago











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "162"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          convertImagesToLinks: false,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          noCode: true, onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });






          Lithilion is a new contributor. Be nice, and check out our Code of Conduct.










           

          draft saved


          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f197817%2fdefence-methods-against-tailgating%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          12 Answers
          12






          active

          oldest

          votes








          12 Answers
          12






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes








          up vote
          76
          down vote



          accepted










          This is not a problem that has a social solution. No amount of corporate policy will save you. Humans are social animals. In the end, if people can let other people in, they will. Even if you may be very security aware and not let anyone in, 95% of your collegues will act differently.



          You have to work with human nature, not against it.



          So if you want to stop tailgating, you'll need one of these, perferably placed in a reception with human supervision:



          Revolving door only letting one person in at a time.






          share|improve this answer

















          • 31




            there are nicer-looking gates :)
            – schroeder
            Nov 16 at 15:34






          • 2




            @schroeder Indeed. I've seen Metro/subway turnstiles/gates at occasional office buildings, though its not quite as secure.
            – mbrig
            Nov 16 at 16:25






          • 36




            @Bakuriu Most of the turnstiles I've seen like this have enough room for me and someone I know pretty well, but not enough room for me and a total stranger. It'd be pretty awkward to tailgate through one of these.
            – Nuclear Wang
            2 days ago






          • 2




            @Bakuriu, I certainly do remember one at a back entrance where two normal adults would not fit. At the front entrance there was a normal, more comfortable, turnstile, but there was also security guard there.
            – Jan Hudec
            2 days ago








          • 5




            @Bakuriu there are better doors that physically don't allow anyone to fit in. Somewhat extreme example in this answer worldbuilding.stackexchange.com/a/126499/39218 to a question in Worldbuilding SE.
            – Gnudiff
            2 days ago















          up vote
          76
          down vote



          accepted










          This is not a problem that has a social solution. No amount of corporate policy will save you. Humans are social animals. In the end, if people can let other people in, they will. Even if you may be very security aware and not let anyone in, 95% of your collegues will act differently.



          You have to work with human nature, not against it.



          So if you want to stop tailgating, you'll need one of these, perferably placed in a reception with human supervision:



          Revolving door only letting one person in at a time.






          share|improve this answer

















          • 31




            there are nicer-looking gates :)
            – schroeder
            Nov 16 at 15:34






          • 2




            @schroeder Indeed. I've seen Metro/subway turnstiles/gates at occasional office buildings, though its not quite as secure.
            – mbrig
            Nov 16 at 16:25






          • 36




            @Bakuriu Most of the turnstiles I've seen like this have enough room for me and someone I know pretty well, but not enough room for me and a total stranger. It'd be pretty awkward to tailgate through one of these.
            – Nuclear Wang
            2 days ago






          • 2




            @Bakuriu, I certainly do remember one at a back entrance where two normal adults would not fit. At the front entrance there was a normal, more comfortable, turnstile, but there was also security guard there.
            – Jan Hudec
            2 days ago








          • 5




            @Bakuriu there are better doors that physically don't allow anyone to fit in. Somewhat extreme example in this answer worldbuilding.stackexchange.com/a/126499/39218 to a question in Worldbuilding SE.
            – Gnudiff
            2 days ago













          up vote
          76
          down vote



          accepted







          up vote
          76
          down vote



          accepted






          This is not a problem that has a social solution. No amount of corporate policy will save you. Humans are social animals. In the end, if people can let other people in, they will. Even if you may be very security aware and not let anyone in, 95% of your collegues will act differently.



          You have to work with human nature, not against it.



          So if you want to stop tailgating, you'll need one of these, perferably placed in a reception with human supervision:



          Revolving door only letting one person in at a time.






          share|improve this answer












          This is not a problem that has a social solution. No amount of corporate policy will save you. Humans are social animals. In the end, if people can let other people in, they will. Even if you may be very security aware and not let anyone in, 95% of your collegues will act differently.



          You have to work with human nature, not against it.



          So if you want to stop tailgating, you'll need one of these, perferably placed in a reception with human supervision:



          Revolving door only letting one person in at a time.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Nov 16 at 15:24









          Anders

          47.8k21136157




          47.8k21136157








          • 31




            there are nicer-looking gates :)
            – schroeder
            Nov 16 at 15:34






          • 2




            @schroeder Indeed. I've seen Metro/subway turnstiles/gates at occasional office buildings, though its not quite as secure.
            – mbrig
            Nov 16 at 16:25






          • 36




            @Bakuriu Most of the turnstiles I've seen like this have enough room for me and someone I know pretty well, but not enough room for me and a total stranger. It'd be pretty awkward to tailgate through one of these.
            – Nuclear Wang
            2 days ago






          • 2




            @Bakuriu, I certainly do remember one at a back entrance where two normal adults would not fit. At the front entrance there was a normal, more comfortable, turnstile, but there was also security guard there.
            – Jan Hudec
            2 days ago








          • 5




            @Bakuriu there are better doors that physically don't allow anyone to fit in. Somewhat extreme example in this answer worldbuilding.stackexchange.com/a/126499/39218 to a question in Worldbuilding SE.
            – Gnudiff
            2 days ago














          • 31




            there are nicer-looking gates :)
            – schroeder
            Nov 16 at 15:34






          • 2




            @schroeder Indeed. I've seen Metro/subway turnstiles/gates at occasional office buildings, though its not quite as secure.
            – mbrig
            Nov 16 at 16:25






          • 36




            @Bakuriu Most of the turnstiles I've seen like this have enough room for me and someone I know pretty well, but not enough room for me and a total stranger. It'd be pretty awkward to tailgate through one of these.
            – Nuclear Wang
            2 days ago






          • 2




            @Bakuriu, I certainly do remember one at a back entrance where two normal adults would not fit. At the front entrance there was a normal, more comfortable, turnstile, but there was also security guard there.
            – Jan Hudec
            2 days ago








          • 5




            @Bakuriu there are better doors that physically don't allow anyone to fit in. Somewhat extreme example in this answer worldbuilding.stackexchange.com/a/126499/39218 to a question in Worldbuilding SE.
            – Gnudiff
            2 days ago








          31




          31




          there are nicer-looking gates :)
          – schroeder
          Nov 16 at 15:34




          there are nicer-looking gates :)
          – schroeder
          Nov 16 at 15:34




          2




          2




          @schroeder Indeed. I've seen Metro/subway turnstiles/gates at occasional office buildings, though its not quite as secure.
          – mbrig
          Nov 16 at 16:25




          @schroeder Indeed. I've seen Metro/subway turnstiles/gates at occasional office buildings, though its not quite as secure.
          – mbrig
          Nov 16 at 16:25




          36




          36




          @Bakuriu Most of the turnstiles I've seen like this have enough room for me and someone I know pretty well, but not enough room for me and a total stranger. It'd be pretty awkward to tailgate through one of these.
          – Nuclear Wang
          2 days ago




          @Bakuriu Most of the turnstiles I've seen like this have enough room for me and someone I know pretty well, but not enough room for me and a total stranger. It'd be pretty awkward to tailgate through one of these.
          – Nuclear Wang
          2 days ago




          2




          2




          @Bakuriu, I certainly do remember one at a back entrance where two normal adults would not fit. At the front entrance there was a normal, more comfortable, turnstile, but there was also security guard there.
          – Jan Hudec
          2 days ago






          @Bakuriu, I certainly do remember one at a back entrance where two normal adults would not fit. At the front entrance there was a normal, more comfortable, turnstile, but there was also security guard there.
          – Jan Hudec
          2 days ago






          5




          5




          @Bakuriu there are better doors that physically don't allow anyone to fit in. Somewhat extreme example in this answer worldbuilding.stackexchange.com/a/126499/39218 to a question in Worldbuilding SE.
          – Gnudiff
          2 days ago




          @Bakuriu there are better doors that physically don't allow anyone to fit in. Somewhat extreme example in this answer worldbuilding.stackexchange.com/a/126499/39218 to a question in Worldbuilding SE.
          – Gnudiff
          2 days ago












          up vote
          34
          down vote













          You protect yourself by politely challenging people who are trying to get in without using the controls. You simply ask to see their pass or offer to escort them to reception/security. I use the simple phrase, "I'm sorry, I do not know who you are so I cannot just let you in. May I escort you to reception?" If they resist, I monitor them and quietly inform security. For me, it doesn't matter if they are the CEO or a delivery person.



          The company protects itself by




          • installing physical gates that only allow one person in at a time

          • controls that prevent the same passcard being used on the same side of the gate

          • human monitors to detect tailgating

          • training people to politely challenge those trying to get in without using the proper methods






          share|improve this answer

















          • 8




            "I'm sorry, I do not know who you are" - this risks offending people who expect you to know who they are, which can have nasty consequences, especially if you're below-average at remembering people's appearances. Even if the official security policy says it doesn't matter who they are, it matters in practice.
            – user2357112
            2 days ago








          • 14




            @user2357112 do you have an alternate phrase to use? Because in no way should you let someone in just to avoid social awkwardness. And yes, I have said that to CEOs. The security policy should matter more than egos. It NEEDS to matter more than egos.
            – schroeder
            2 days ago








          • 19




            There are two kinds of CEOs: ones that will be pissed, and ones that will applaud you. Either way, you get to find out whether your CEO has your back or not, so it's a win for you.
            – Jörg W Mittag
            2 days ago






          • 5




            @user2357112 If you work in a country where people of a different race can do what they like (including getting you fired) simply because they are a different race, that isn't an Information Security issue, it's a Human Rights issue.
            – alephzero
            2 days ago






          • 13




            Our company is teaching this every three months for years, and makes everyone sign that they got it. Effect: zero. 95% of people hold the door for anyone that doesn't look like a bum.
            – Aganju
            2 days ago















          up vote
          34
          down vote













          You protect yourself by politely challenging people who are trying to get in without using the controls. You simply ask to see their pass or offer to escort them to reception/security. I use the simple phrase, "I'm sorry, I do not know who you are so I cannot just let you in. May I escort you to reception?" If they resist, I monitor them and quietly inform security. For me, it doesn't matter if they are the CEO or a delivery person.



          The company protects itself by




          • installing physical gates that only allow one person in at a time

          • controls that prevent the same passcard being used on the same side of the gate

          • human monitors to detect tailgating

          • training people to politely challenge those trying to get in without using the proper methods






          share|improve this answer

















          • 8




            "I'm sorry, I do not know who you are" - this risks offending people who expect you to know who they are, which can have nasty consequences, especially if you're below-average at remembering people's appearances. Even if the official security policy says it doesn't matter who they are, it matters in practice.
            – user2357112
            2 days ago








          • 14




            @user2357112 do you have an alternate phrase to use? Because in no way should you let someone in just to avoid social awkwardness. And yes, I have said that to CEOs. The security policy should matter more than egos. It NEEDS to matter more than egos.
            – schroeder
            2 days ago








          • 19




            There are two kinds of CEOs: ones that will be pissed, and ones that will applaud you. Either way, you get to find out whether your CEO has your back or not, so it's a win for you.
            – Jörg W Mittag
            2 days ago






          • 5




            @user2357112 If you work in a country where people of a different race can do what they like (including getting you fired) simply because they are a different race, that isn't an Information Security issue, it's a Human Rights issue.
            – alephzero
            2 days ago






          • 13




            Our company is teaching this every three months for years, and makes everyone sign that they got it. Effect: zero. 95% of people hold the door for anyone that doesn't look like a bum.
            – Aganju
            2 days ago













          up vote
          34
          down vote










          up vote
          34
          down vote









          You protect yourself by politely challenging people who are trying to get in without using the controls. You simply ask to see their pass or offer to escort them to reception/security. I use the simple phrase, "I'm sorry, I do not know who you are so I cannot just let you in. May I escort you to reception?" If they resist, I monitor them and quietly inform security. For me, it doesn't matter if they are the CEO or a delivery person.



          The company protects itself by




          • installing physical gates that only allow one person in at a time

          • controls that prevent the same passcard being used on the same side of the gate

          • human monitors to detect tailgating

          • training people to politely challenge those trying to get in without using the proper methods






          share|improve this answer












          You protect yourself by politely challenging people who are trying to get in without using the controls. You simply ask to see their pass or offer to escort them to reception/security. I use the simple phrase, "I'm sorry, I do not know who you are so I cannot just let you in. May I escort you to reception?" If they resist, I monitor them and quietly inform security. For me, it doesn't matter if they are the CEO or a delivery person.



          The company protects itself by




          • installing physical gates that only allow one person in at a time

          • controls that prevent the same passcard being used on the same side of the gate

          • human monitors to detect tailgating

          • training people to politely challenge those trying to get in without using the proper methods







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Nov 16 at 15:28









          schroeder

          70.9k29154189




          70.9k29154189








          • 8




            "I'm sorry, I do not know who you are" - this risks offending people who expect you to know who they are, which can have nasty consequences, especially if you're below-average at remembering people's appearances. Even if the official security policy says it doesn't matter who they are, it matters in practice.
            – user2357112
            2 days ago








          • 14




            @user2357112 do you have an alternate phrase to use? Because in no way should you let someone in just to avoid social awkwardness. And yes, I have said that to CEOs. The security policy should matter more than egos. It NEEDS to matter more than egos.
            – schroeder
            2 days ago








          • 19




            There are two kinds of CEOs: ones that will be pissed, and ones that will applaud you. Either way, you get to find out whether your CEO has your back or not, so it's a win for you.
            – Jörg W Mittag
            2 days ago






          • 5




            @user2357112 If you work in a country where people of a different race can do what they like (including getting you fired) simply because they are a different race, that isn't an Information Security issue, it's a Human Rights issue.
            – alephzero
            2 days ago






          • 13




            Our company is teaching this every three months for years, and makes everyone sign that they got it. Effect: zero. 95% of people hold the door for anyone that doesn't look like a bum.
            – Aganju
            2 days ago














          • 8




            "I'm sorry, I do not know who you are" - this risks offending people who expect you to know who they are, which can have nasty consequences, especially if you're below-average at remembering people's appearances. Even if the official security policy says it doesn't matter who they are, it matters in practice.
            – user2357112
            2 days ago








          • 14




            @user2357112 do you have an alternate phrase to use? Because in no way should you let someone in just to avoid social awkwardness. And yes, I have said that to CEOs. The security policy should matter more than egos. It NEEDS to matter more than egos.
            – schroeder
            2 days ago








          • 19




            There are two kinds of CEOs: ones that will be pissed, and ones that will applaud you. Either way, you get to find out whether your CEO has your back or not, so it's a win for you.
            – Jörg W Mittag
            2 days ago






          • 5




            @user2357112 If you work in a country where people of a different race can do what they like (including getting you fired) simply because they are a different race, that isn't an Information Security issue, it's a Human Rights issue.
            – alephzero
            2 days ago






          • 13




            Our company is teaching this every three months for years, and makes everyone sign that they got it. Effect: zero. 95% of people hold the door for anyone that doesn't look like a bum.
            – Aganju
            2 days ago








          8




          8




          "I'm sorry, I do not know who you are" - this risks offending people who expect you to know who they are, which can have nasty consequences, especially if you're below-average at remembering people's appearances. Even if the official security policy says it doesn't matter who they are, it matters in practice.
          – user2357112
          2 days ago






          "I'm sorry, I do not know who you are" - this risks offending people who expect you to know who they are, which can have nasty consequences, especially if you're below-average at remembering people's appearances. Even if the official security policy says it doesn't matter who they are, it matters in practice.
          – user2357112
          2 days ago






          14




          14




          @user2357112 do you have an alternate phrase to use? Because in no way should you let someone in just to avoid social awkwardness. And yes, I have said that to CEOs. The security policy should matter more than egos. It NEEDS to matter more than egos.
          – schroeder
          2 days ago






          @user2357112 do you have an alternate phrase to use? Because in no way should you let someone in just to avoid social awkwardness. And yes, I have said that to CEOs. The security policy should matter more than egos. It NEEDS to matter more than egos.
          – schroeder
          2 days ago






          19




          19




          There are two kinds of CEOs: ones that will be pissed, and ones that will applaud you. Either way, you get to find out whether your CEO has your back or not, so it's a win for you.
          – Jörg W Mittag
          2 days ago




          There are two kinds of CEOs: ones that will be pissed, and ones that will applaud you. Either way, you get to find out whether your CEO has your back or not, so it's a win for you.
          – Jörg W Mittag
          2 days ago




          5




          5




          @user2357112 If you work in a country where people of a different race can do what they like (including getting you fired) simply because they are a different race, that isn't an Information Security issue, it's a Human Rights issue.
          – alephzero
          2 days ago




          @user2357112 If you work in a country where people of a different race can do what they like (including getting you fired) simply because they are a different race, that isn't an Information Security issue, it's a Human Rights issue.
          – alephzero
          2 days ago




          13




          13




          Our company is teaching this every three months for years, and makes everyone sign that they got it. Effect: zero. 95% of people hold the door for anyone that doesn't look like a bum.
          – Aganju
          2 days ago




          Our company is teaching this every three months for years, and makes everyone sign that they got it. Effect: zero. 95% of people hold the door for anyone that doesn't look like a bum.
          – Aganju
          2 days ago










          up vote
          18
          down vote













          The cheap solution is to put up scary “no tailgating - everyone must badge in at this door - no exceptions - don’t risk your job - report all tailgate requests to Joe at 123-456-7890” signs at each unattended controlled portal. Make sure there are obvious cameras in the vicinity.



          If you want people to challenge someone, it’s much easier for them to do so when they have something to back up their assertions. That way they can point to the sign and blame it, instead of coming up with their own reason.






          share|improve this answer

























            up vote
            18
            down vote













            The cheap solution is to put up scary “no tailgating - everyone must badge in at this door - no exceptions - don’t risk your job - report all tailgate requests to Joe at 123-456-7890” signs at each unattended controlled portal. Make sure there are obvious cameras in the vicinity.



            If you want people to challenge someone, it’s much easier for them to do so when they have something to back up their assertions. That way they can point to the sign and blame it, instead of coming up with their own reason.






            share|improve this answer























              up vote
              18
              down vote










              up vote
              18
              down vote









              The cheap solution is to put up scary “no tailgating - everyone must badge in at this door - no exceptions - don’t risk your job - report all tailgate requests to Joe at 123-456-7890” signs at each unattended controlled portal. Make sure there are obvious cameras in the vicinity.



              If you want people to challenge someone, it’s much easier for them to do so when they have something to back up their assertions. That way they can point to the sign and blame it, instead of coming up with their own reason.






              share|improve this answer












              The cheap solution is to put up scary “no tailgating - everyone must badge in at this door - no exceptions - don’t risk your job - report all tailgate requests to Joe at 123-456-7890” signs at each unattended controlled portal. Make sure there are obvious cameras in the vicinity.



              If you want people to challenge someone, it’s much easier for them to do so when they have something to back up their assertions. That way they can point to the sign and blame it, instead of coming up with their own reason.







              share|improve this answer












              share|improve this answer



              share|improve this answer










              answered 2 days ago









              John Deters

              25.6k23985




              25.6k23985






















                  up vote
                  17
                  down vote













                  (Just a passer-by opinion)



                  Obviously, a physical gate would work the best.



                  In case you don't want to install these, you may try to request all employees to challenge tailgaters, as schroeder suggests. However, I want to underline one distinction that I find important.



                  One my employer had the policy "do not allow strangers in, but allow people that you know, even if they do not scan their bage etc.". I have always found this to be somewhat embarassing. I have a bad memory on faces, so I can easily not recognise one of my peers, and if I ask them who they are, this will be an embarassing situation. I believe this is the main reason why such policies do not work good.



                  At the same time, another my employer had a different policy: "everybody must scan their badge, even if they come in as a group". And it was followed; even if we a group of peers were going to a canteen together, everybody in the group would scan their badge at a controlled door. This makes much easier for employees to control tailgating. In normal situation everybody will scan their badge with a distinct beep. If someone follows me and I do not hear a beep, then I am absolutely not that embarrassed to challenge them. Just because in case he is in fact my peer, he has already done something (a bit) wrong, and thus it's ok for me to challenge him.






                  share|improve this answer










                  New contributor




                  Petr is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.














                  • 9




                    The problem with letting in people that you recognise is the case when the employee was recently let go.
                    – schroeder
                    2 days ago






                  • 12




                    Our company policy is the "everybody must scan" sort. If the CEO of the company forgot his badge and wanted to tailgate through on my swipe, I'd have to tell him "Sorry, sir. I'll be happy to sign the log with the front-desk guard to get you into the building as my guest, since I recognize you, (and they are going to ask you to show your government-issued photo ID for the log, just in case you're a look-alike who fooled me, and make you hang a Visitor badge around your neck) but I won't subvert security policy by letting you enter without going through that documented-exception process."
                    – Monty Harder
                    2 days ago










                  • What do you mean by "a physical gate would work the best"? Tailgating is when someone with access lets someone in through a gate, literally. What is a gate if not physical?
                    – pipe
                    2 hours ago















                  up vote
                  17
                  down vote













                  (Just a passer-by opinion)



                  Obviously, a physical gate would work the best.



                  In case you don't want to install these, you may try to request all employees to challenge tailgaters, as schroeder suggests. However, I want to underline one distinction that I find important.



                  One my employer had the policy "do not allow strangers in, but allow people that you know, even if they do not scan their bage etc.". I have always found this to be somewhat embarassing. I have a bad memory on faces, so I can easily not recognise one of my peers, and if I ask them who they are, this will be an embarassing situation. I believe this is the main reason why such policies do not work good.



                  At the same time, another my employer had a different policy: "everybody must scan their badge, even if they come in as a group". And it was followed; even if we a group of peers were going to a canteen together, everybody in the group would scan their badge at a controlled door. This makes much easier for employees to control tailgating. In normal situation everybody will scan their badge with a distinct beep. If someone follows me and I do not hear a beep, then I am absolutely not that embarrassed to challenge them. Just because in case he is in fact my peer, he has already done something (a bit) wrong, and thus it's ok for me to challenge him.






                  share|improve this answer










                  New contributor




                  Petr is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.














                  • 9




                    The problem with letting in people that you recognise is the case when the employee was recently let go.
                    – schroeder
                    2 days ago






                  • 12




                    Our company policy is the "everybody must scan" sort. If the CEO of the company forgot his badge and wanted to tailgate through on my swipe, I'd have to tell him "Sorry, sir. I'll be happy to sign the log with the front-desk guard to get you into the building as my guest, since I recognize you, (and they are going to ask you to show your government-issued photo ID for the log, just in case you're a look-alike who fooled me, and make you hang a Visitor badge around your neck) but I won't subvert security policy by letting you enter without going through that documented-exception process."
                    – Monty Harder
                    2 days ago










                  • What do you mean by "a physical gate would work the best"? Tailgating is when someone with access lets someone in through a gate, literally. What is a gate if not physical?
                    – pipe
                    2 hours ago













                  up vote
                  17
                  down vote










                  up vote
                  17
                  down vote









                  (Just a passer-by opinion)



                  Obviously, a physical gate would work the best.



                  In case you don't want to install these, you may try to request all employees to challenge tailgaters, as schroeder suggests. However, I want to underline one distinction that I find important.



                  One my employer had the policy "do not allow strangers in, but allow people that you know, even if they do not scan their bage etc.". I have always found this to be somewhat embarassing. I have a bad memory on faces, so I can easily not recognise one of my peers, and if I ask them who they are, this will be an embarassing situation. I believe this is the main reason why such policies do not work good.



                  At the same time, another my employer had a different policy: "everybody must scan their badge, even if they come in as a group". And it was followed; even if we a group of peers were going to a canteen together, everybody in the group would scan their badge at a controlled door. This makes much easier for employees to control tailgating. In normal situation everybody will scan their badge with a distinct beep. If someone follows me and I do not hear a beep, then I am absolutely not that embarrassed to challenge them. Just because in case he is in fact my peer, he has already done something (a bit) wrong, and thus it's ok for me to challenge him.






                  share|improve this answer










                  New contributor




                  Petr is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.









                  (Just a passer-by opinion)



                  Obviously, a physical gate would work the best.



                  In case you don't want to install these, you may try to request all employees to challenge tailgaters, as schroeder suggests. However, I want to underline one distinction that I find important.



                  One my employer had the policy "do not allow strangers in, but allow people that you know, even if they do not scan their bage etc.". I have always found this to be somewhat embarassing. I have a bad memory on faces, so I can easily not recognise one of my peers, and if I ask them who they are, this will be an embarassing situation. I believe this is the main reason why such policies do not work good.



                  At the same time, another my employer had a different policy: "everybody must scan their badge, even if they come in as a group". And it was followed; even if we a group of peers were going to a canteen together, everybody in the group would scan their badge at a controlled door. This makes much easier for employees to control tailgating. In normal situation everybody will scan their badge with a distinct beep. If someone follows me and I do not hear a beep, then I am absolutely not that embarrassed to challenge them. Just because in case he is in fact my peer, he has already done something (a bit) wrong, and thus it's ok for me to challenge him.







                  share|improve this answer










                  New contributor




                  Petr is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.









                  share|improve this answer



                  share|improve this answer








                  edited 2 days ago





















                  New contributor




                  Petr is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.









                  answered Nov 16 at 17:23









                  Petr

                  2715




                  2715




                  New contributor




                  Petr is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.





                  New contributor





                  Petr is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.






                  Petr is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.








                  • 9




                    The problem with letting in people that you recognise is the case when the employee was recently let go.
                    – schroeder
                    2 days ago






                  • 12




                    Our company policy is the "everybody must scan" sort. If the CEO of the company forgot his badge and wanted to tailgate through on my swipe, I'd have to tell him "Sorry, sir. I'll be happy to sign the log with the front-desk guard to get you into the building as my guest, since I recognize you, (and they are going to ask you to show your government-issued photo ID for the log, just in case you're a look-alike who fooled me, and make you hang a Visitor badge around your neck) but I won't subvert security policy by letting you enter without going through that documented-exception process."
                    – Monty Harder
                    2 days ago










                  • What do you mean by "a physical gate would work the best"? Tailgating is when someone with access lets someone in through a gate, literally. What is a gate if not physical?
                    – pipe
                    2 hours ago














                  • 9




                    The problem with letting in people that you recognise is the case when the employee was recently let go.
                    – schroeder
                    2 days ago






                  • 12




                    Our company policy is the "everybody must scan" sort. If the CEO of the company forgot his badge and wanted to tailgate through on my swipe, I'd have to tell him "Sorry, sir. I'll be happy to sign the log with the front-desk guard to get you into the building as my guest, since I recognize you, (and they are going to ask you to show your government-issued photo ID for the log, just in case you're a look-alike who fooled me, and make you hang a Visitor badge around your neck) but I won't subvert security policy by letting you enter without going through that documented-exception process."
                    – Monty Harder
                    2 days ago










                  • What do you mean by "a physical gate would work the best"? Tailgating is when someone with access lets someone in through a gate, literally. What is a gate if not physical?
                    – pipe
                    2 hours ago








                  9




                  9




                  The problem with letting in people that you recognise is the case when the employee was recently let go.
                  – schroeder
                  2 days ago




                  The problem with letting in people that you recognise is the case when the employee was recently let go.
                  – schroeder
                  2 days ago




                  12




                  12




                  Our company policy is the "everybody must scan" sort. If the CEO of the company forgot his badge and wanted to tailgate through on my swipe, I'd have to tell him "Sorry, sir. I'll be happy to sign the log with the front-desk guard to get you into the building as my guest, since I recognize you, (and they are going to ask you to show your government-issued photo ID for the log, just in case you're a look-alike who fooled me, and make you hang a Visitor badge around your neck) but I won't subvert security policy by letting you enter without going through that documented-exception process."
                  – Monty Harder
                  2 days ago




                  Our company policy is the "everybody must scan" sort. If the CEO of the company forgot his badge and wanted to tailgate through on my swipe, I'd have to tell him "Sorry, sir. I'll be happy to sign the log with the front-desk guard to get you into the building as my guest, since I recognize you, (and they are going to ask you to show your government-issued photo ID for the log, just in case you're a look-alike who fooled me, and make you hang a Visitor badge around your neck) but I won't subvert security policy by letting you enter without going through that documented-exception process."
                  – Monty Harder
                  2 days ago












                  What do you mean by "a physical gate would work the best"? Tailgating is when someone with access lets someone in through a gate, literally. What is a gate if not physical?
                  – pipe
                  2 hours ago




                  What do you mean by "a physical gate would work the best"? Tailgating is when someone with access lets someone in through a gate, literally. What is a gate if not physical?
                  – pipe
                  2 hours ago










                  up vote
                  8
                  down vote













                  One solution is to have "secret drills".



                  Ask someone to let you in without a badge. Try and convince them as best you can to let you in. If they let you in without a badge, fire them. Otherwise, reward them.



                  Okay, it does not need to be that severe, but the point is that the secret drills should be frequent, and there is a clear incentive not to let you in much greater than the social consequences. You might want to start with a more reward focused approach, but as the employees become aware of the secret drills, you should move more towards punishment, since they should "no better".



                  Of course, don't always use yourself. Use the CEO. Use their immediate boss. Use other employees (although be careful with this, since the employees might let others know they are part of the secret drill. Fake employees might be better). Use someone on a phone just walking in. Use a smoking clown with with a fire axe on his back and a police cap on the head holding 6 packages with a clipboard lying on top demanding to enter the building to check on his elderly mother because he is worried that there is a gas leak.






                  share|improve this answer



















                  • 3




                    One solution is to have "secret drills". so...a rather standard pentest? If they let you in without a badge, fire them. which would be terrible for morale. It's also pretty hard to enforce this the more people work in a building. Especially in a shared office building. What are you going to do if somebody from another company lets you in? Or maybe one of their guests for the day?
                    – vlaz
                    2 days ago












                  • @vlaz well, kind of. The purpose would be training though, not testing. Also, I did say that was a bit of an exaggeration. Also, you could report it to the person's employers, who wouldn't be happy.
                    – PyRulez
                    2 days ago






                  • 3




                    there's no company in the world that has enough money to pay me to work for them and have such a policy. If the company can't solve their security issues without getting into my business at the company, it's their own damn fault, and there's no reason I have to pay for it.
                    – Andrei
                    yesterday










                  • @Andrei I don't quite understand what you mean by that. This is a threat vector that pretty much only exists due to individual employee behaviors. The issue is the employees letting unauthorized people in, so the only way to solve the security issue would involve "getting into your business at the company" by making sure you follow security protocol (or full-time security at entrance points and a high-tech system, which is costly). I don't see how this would be any different than breaking other security policies. Every user of the system has some role in security.
                    – JMac
                    3 hours ago






                  • 1




                    @Andrei Security practices should never only be the responsibility of the employees with security jobs. They would come up with the policies, and attempt to enforce them; but that doesn't mean regular employees can ignore security entirely. Your employees should be trained to not allow tailgaters at all. Sometimes installing turnstiles and the measures you talk about (such as security guards) is prohibitively expensive. That doesn't mean you can't have security practices in place with your employees, and enforce those practices. Low-overhead companies may need security too.
                    – JMac
                    2 hours ago















                  up vote
                  8
                  down vote













                  One solution is to have "secret drills".



                  Ask someone to let you in without a badge. Try and convince them as best you can to let you in. If they let you in without a badge, fire them. Otherwise, reward them.



                  Okay, it does not need to be that severe, but the point is that the secret drills should be frequent, and there is a clear incentive not to let you in much greater than the social consequences. You might want to start with a more reward focused approach, but as the employees become aware of the secret drills, you should move more towards punishment, since they should "no better".



                  Of course, don't always use yourself. Use the CEO. Use their immediate boss. Use other employees (although be careful with this, since the employees might let others know they are part of the secret drill. Fake employees might be better). Use someone on a phone just walking in. Use a smoking clown with with a fire axe on his back and a police cap on the head holding 6 packages with a clipboard lying on top demanding to enter the building to check on his elderly mother because he is worried that there is a gas leak.






                  share|improve this answer



















                  • 3




                    One solution is to have "secret drills". so...a rather standard pentest? If they let you in without a badge, fire them. which would be terrible for morale. It's also pretty hard to enforce this the more people work in a building. Especially in a shared office building. What are you going to do if somebody from another company lets you in? Or maybe one of their guests for the day?
                    – vlaz
                    2 days ago












                  • @vlaz well, kind of. The purpose would be training though, not testing. Also, I did say that was a bit of an exaggeration. Also, you could report it to the person's employers, who wouldn't be happy.
                    – PyRulez
                    2 days ago






                  • 3




                    there's no company in the world that has enough money to pay me to work for them and have such a policy. If the company can't solve their security issues without getting into my business at the company, it's their own damn fault, and there's no reason I have to pay for it.
                    – Andrei
                    yesterday










                  • @Andrei I don't quite understand what you mean by that. This is a threat vector that pretty much only exists due to individual employee behaviors. The issue is the employees letting unauthorized people in, so the only way to solve the security issue would involve "getting into your business at the company" by making sure you follow security protocol (or full-time security at entrance points and a high-tech system, which is costly). I don't see how this would be any different than breaking other security policies. Every user of the system has some role in security.
                    – JMac
                    3 hours ago






                  • 1




                    @Andrei Security practices should never only be the responsibility of the employees with security jobs. They would come up with the policies, and attempt to enforce them; but that doesn't mean regular employees can ignore security entirely. Your employees should be trained to not allow tailgaters at all. Sometimes installing turnstiles and the measures you talk about (such as security guards) is prohibitively expensive. That doesn't mean you can't have security practices in place with your employees, and enforce those practices. Low-overhead companies may need security too.
                    – JMac
                    2 hours ago













                  up vote
                  8
                  down vote










                  up vote
                  8
                  down vote









                  One solution is to have "secret drills".



                  Ask someone to let you in without a badge. Try and convince them as best you can to let you in. If they let you in without a badge, fire them. Otherwise, reward them.



                  Okay, it does not need to be that severe, but the point is that the secret drills should be frequent, and there is a clear incentive not to let you in much greater than the social consequences. You might want to start with a more reward focused approach, but as the employees become aware of the secret drills, you should move more towards punishment, since they should "no better".



                  Of course, don't always use yourself. Use the CEO. Use their immediate boss. Use other employees (although be careful with this, since the employees might let others know they are part of the secret drill. Fake employees might be better). Use someone on a phone just walking in. Use a smoking clown with with a fire axe on his back and a police cap on the head holding 6 packages with a clipboard lying on top demanding to enter the building to check on his elderly mother because he is worried that there is a gas leak.






                  share|improve this answer














                  One solution is to have "secret drills".



                  Ask someone to let you in without a badge. Try and convince them as best you can to let you in. If they let you in without a badge, fire them. Otherwise, reward them.



                  Okay, it does not need to be that severe, but the point is that the secret drills should be frequent, and there is a clear incentive not to let you in much greater than the social consequences. You might want to start with a more reward focused approach, but as the employees become aware of the secret drills, you should move more towards punishment, since they should "no better".



                  Of course, don't always use yourself. Use the CEO. Use their immediate boss. Use other employees (although be careful with this, since the employees might let others know they are part of the secret drill. Fake employees might be better). Use someone on a phone just walking in. Use a smoking clown with with a fire axe on his back and a police cap on the head holding 6 packages with a clipboard lying on top demanding to enter the building to check on his elderly mother because he is worried that there is a gas leak.







                  share|improve this answer














                  share|improve this answer



                  share|improve this answer








                  edited 2 days ago

























                  answered 2 days ago









                  PyRulez

                  1,80431125




                  1,80431125








                  • 3




                    One solution is to have "secret drills". so...a rather standard pentest? If they let you in without a badge, fire them. which would be terrible for morale. It's also pretty hard to enforce this the more people work in a building. Especially in a shared office building. What are you going to do if somebody from another company lets you in? Or maybe one of their guests for the day?
                    – vlaz
                    2 days ago












                  • @vlaz well, kind of. The purpose would be training though, not testing. Also, I did say that was a bit of an exaggeration. Also, you could report it to the person's employers, who wouldn't be happy.
                    – PyRulez
                    2 days ago






                  • 3




                    there's no company in the world that has enough money to pay me to work for them and have such a policy. If the company can't solve their security issues without getting into my business at the company, it's their own damn fault, and there's no reason I have to pay for it.
                    – Andrei
                    yesterday










                  • @Andrei I don't quite understand what you mean by that. This is a threat vector that pretty much only exists due to individual employee behaviors. The issue is the employees letting unauthorized people in, so the only way to solve the security issue would involve "getting into your business at the company" by making sure you follow security protocol (or full-time security at entrance points and a high-tech system, which is costly). I don't see how this would be any different than breaking other security policies. Every user of the system has some role in security.
                    – JMac
                    3 hours ago






                  • 1




                    @Andrei Security practices should never only be the responsibility of the employees with security jobs. They would come up with the policies, and attempt to enforce them; but that doesn't mean regular employees can ignore security entirely. Your employees should be trained to not allow tailgaters at all. Sometimes installing turnstiles and the measures you talk about (such as security guards) is prohibitively expensive. That doesn't mean you can't have security practices in place with your employees, and enforce those practices. Low-overhead companies may need security too.
                    – JMac
                    2 hours ago














                  • 3




                    One solution is to have "secret drills". so...a rather standard pentest? If they let you in without a badge, fire them. which would be terrible for morale. It's also pretty hard to enforce this the more people work in a building. Especially in a shared office building. What are you going to do if somebody from another company lets you in? Or maybe one of their guests for the day?
                    – vlaz
                    2 days ago












                  • @vlaz well, kind of. The purpose would be training though, not testing. Also, I did say that was a bit of an exaggeration. Also, you could report it to the person's employers, who wouldn't be happy.
                    – PyRulez
                    2 days ago






                  • 3




                    there's no company in the world that has enough money to pay me to work for them and have such a policy. If the company can't solve their security issues without getting into my business at the company, it's their own damn fault, and there's no reason I have to pay for it.
                    – Andrei
                    yesterday










                  • @Andrei I don't quite understand what you mean by that. This is a threat vector that pretty much only exists due to individual employee behaviors. The issue is the employees letting unauthorized people in, so the only way to solve the security issue would involve "getting into your business at the company" by making sure you follow security protocol (or full-time security at entrance points and a high-tech system, which is costly). I don't see how this would be any different than breaking other security policies. Every user of the system has some role in security.
                    – JMac
                    3 hours ago






                  • 1




                    @Andrei Security practices should never only be the responsibility of the employees with security jobs. They would come up with the policies, and attempt to enforce them; but that doesn't mean regular employees can ignore security entirely. Your employees should be trained to not allow tailgaters at all. Sometimes installing turnstiles and the measures you talk about (such as security guards) is prohibitively expensive. That doesn't mean you can't have security practices in place with your employees, and enforce those practices. Low-overhead companies may need security too.
                    – JMac
                    2 hours ago








                  3




                  3




                  One solution is to have "secret drills". so...a rather standard pentest? If they let you in without a badge, fire them. which would be terrible for morale. It's also pretty hard to enforce this the more people work in a building. Especially in a shared office building. What are you going to do if somebody from another company lets you in? Or maybe one of their guests for the day?
                  – vlaz
                  2 days ago






                  One solution is to have "secret drills". so...a rather standard pentest? If they let you in without a badge, fire them. which would be terrible for morale. It's also pretty hard to enforce this the more people work in a building. Especially in a shared office building. What are you going to do if somebody from another company lets you in? Or maybe one of their guests for the day?
                  – vlaz
                  2 days ago














                  @vlaz well, kind of. The purpose would be training though, not testing. Also, I did say that was a bit of an exaggeration. Also, you could report it to the person's employers, who wouldn't be happy.
                  – PyRulez
                  2 days ago




                  @vlaz well, kind of. The purpose would be training though, not testing. Also, I did say that was a bit of an exaggeration. Also, you could report it to the person's employers, who wouldn't be happy.
                  – PyRulez
                  2 days ago




                  3




                  3




                  there's no company in the world that has enough money to pay me to work for them and have such a policy. If the company can't solve their security issues without getting into my business at the company, it's their own damn fault, and there's no reason I have to pay for it.
                  – Andrei
                  yesterday




                  there's no company in the world that has enough money to pay me to work for them and have such a policy. If the company can't solve their security issues without getting into my business at the company, it's their own damn fault, and there's no reason I have to pay for it.
                  – Andrei
                  yesterday












                  @Andrei I don't quite understand what you mean by that. This is a threat vector that pretty much only exists due to individual employee behaviors. The issue is the employees letting unauthorized people in, so the only way to solve the security issue would involve "getting into your business at the company" by making sure you follow security protocol (or full-time security at entrance points and a high-tech system, which is costly). I don't see how this would be any different than breaking other security policies. Every user of the system has some role in security.
                  – JMac
                  3 hours ago




                  @Andrei I don't quite understand what you mean by that. This is a threat vector that pretty much only exists due to individual employee behaviors. The issue is the employees letting unauthorized people in, so the only way to solve the security issue would involve "getting into your business at the company" by making sure you follow security protocol (or full-time security at entrance points and a high-tech system, which is costly). I don't see how this would be any different than breaking other security policies. Every user of the system has some role in security.
                  – JMac
                  3 hours ago




                  1




                  1




                  @Andrei Security practices should never only be the responsibility of the employees with security jobs. They would come up with the policies, and attempt to enforce them; but that doesn't mean regular employees can ignore security entirely. Your employees should be trained to not allow tailgaters at all. Sometimes installing turnstiles and the measures you talk about (such as security guards) is prohibitively expensive. That doesn't mean you can't have security practices in place with your employees, and enforce those practices. Low-overhead companies may need security too.
                  – JMac
                  2 hours ago




                  @Andrei Security practices should never only be the responsibility of the employees with security jobs. They would come up with the policies, and attempt to enforce them; but that doesn't mean regular employees can ignore security entirely. Your employees should be trained to not allow tailgaters at all. Sometimes installing turnstiles and the measures you talk about (such as security guards) is prohibitively expensive. That doesn't mean you can't have security practices in place with your employees, and enforce those practices. Low-overhead companies may need security too.
                  – JMac
                  2 hours ago










                  up vote
                  7
                  down vote













                  As a receptionist, I am trained to vet everyone who comes into the building. If I do not recognize that person, I immediately ask if they need help with anything, and who they have come to see. If they attempt to act with a sense of urgency or authority, then I notify them that they must sign in before entering the building because of food safety protocols, and continue to ask them about the details about why they are here, and then let the person responsible for meeting with them or checking up on them know that they are here.



                  Our office is relatively relaxed so we let a variety of people in, but typically having several procedures to "slow a person down" like having to sign in, talk to and be vetted by at least one person, and be directed to where they need to go can be very beneficial.






                  share|improve this answer








                  New contributor




                  William Michael is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.














                  • 4




                    Unauthorized tailgaters rarely use the front door. The main concern for this subject is going to be those back-doors that make it easy to convince someone on their smoke break to let you into an unsupervised entrance. There are many social engineering tricks to beating receptionists, but that is a different question.
                    – Nosajimiki
                    2 days ago






                  • 1




                    If a building has multiple entrances with a main reception desk, it would seem like the only logical thing to do in that situation would be to either have the receptionist have access to camera systems for other entrances, someone in IT, or a full/part time security guard. Edit : Posted before I finished my comment. As you stated in your response, people will find workarounds when it comes to social encounters, so the only way to ensure this doesn't happen would be to put procedures in place to have people dissociated enough to actually pay attention to these kinds of things.
                    – William Michael
                    yesterday

















                  up vote
                  7
                  down vote













                  As a receptionist, I am trained to vet everyone who comes into the building. If I do not recognize that person, I immediately ask if they need help with anything, and who they have come to see. If they attempt to act with a sense of urgency or authority, then I notify them that they must sign in before entering the building because of food safety protocols, and continue to ask them about the details about why they are here, and then let the person responsible for meeting with them or checking up on them know that they are here.



                  Our office is relatively relaxed so we let a variety of people in, but typically having several procedures to "slow a person down" like having to sign in, talk to and be vetted by at least one person, and be directed to where they need to go can be very beneficial.






                  share|improve this answer








                  New contributor




                  William Michael is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.














                  • 4




                    Unauthorized tailgaters rarely use the front door. The main concern for this subject is going to be those back-doors that make it easy to convince someone on their smoke break to let you into an unsupervised entrance. There are many social engineering tricks to beating receptionists, but that is a different question.
                    – Nosajimiki
                    2 days ago






                  • 1




                    If a building has multiple entrances with a main reception desk, it would seem like the only logical thing to do in that situation would be to either have the receptionist have access to camera systems for other entrances, someone in IT, or a full/part time security guard. Edit : Posted before I finished my comment. As you stated in your response, people will find workarounds when it comes to social encounters, so the only way to ensure this doesn't happen would be to put procedures in place to have people dissociated enough to actually pay attention to these kinds of things.
                    – William Michael
                    yesterday















                  up vote
                  7
                  down vote










                  up vote
                  7
                  down vote









                  As a receptionist, I am trained to vet everyone who comes into the building. If I do not recognize that person, I immediately ask if they need help with anything, and who they have come to see. If they attempt to act with a sense of urgency or authority, then I notify them that they must sign in before entering the building because of food safety protocols, and continue to ask them about the details about why they are here, and then let the person responsible for meeting with them or checking up on them know that they are here.



                  Our office is relatively relaxed so we let a variety of people in, but typically having several procedures to "slow a person down" like having to sign in, talk to and be vetted by at least one person, and be directed to where they need to go can be very beneficial.






                  share|improve this answer








                  New contributor




                  William Michael is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.









                  As a receptionist, I am trained to vet everyone who comes into the building. If I do not recognize that person, I immediately ask if they need help with anything, and who they have come to see. If they attempt to act with a sense of urgency or authority, then I notify them that they must sign in before entering the building because of food safety protocols, and continue to ask them about the details about why they are here, and then let the person responsible for meeting with them or checking up on them know that they are here.



                  Our office is relatively relaxed so we let a variety of people in, but typically having several procedures to "slow a person down" like having to sign in, talk to and be vetted by at least one person, and be directed to where they need to go can be very beneficial.







                  share|improve this answer








                  New contributor




                  William Michael is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.









                  share|improve this answer



                  share|improve this answer






                  New contributor




                  William Michael is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.









                  answered 2 days ago









                  William Michael

                  711




                  711




                  New contributor




                  William Michael is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.





                  New contributor





                  William Michael is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.






                  William Michael is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.








                  • 4




                    Unauthorized tailgaters rarely use the front door. The main concern for this subject is going to be those back-doors that make it easy to convince someone on their smoke break to let you into an unsupervised entrance. There are many social engineering tricks to beating receptionists, but that is a different question.
                    – Nosajimiki
                    2 days ago






                  • 1




                    If a building has multiple entrances with a main reception desk, it would seem like the only logical thing to do in that situation would be to either have the receptionist have access to camera systems for other entrances, someone in IT, or a full/part time security guard. Edit : Posted before I finished my comment. As you stated in your response, people will find workarounds when it comes to social encounters, so the only way to ensure this doesn't happen would be to put procedures in place to have people dissociated enough to actually pay attention to these kinds of things.
                    – William Michael
                    yesterday
















                  • 4




                    Unauthorized tailgaters rarely use the front door. The main concern for this subject is going to be those back-doors that make it easy to convince someone on their smoke break to let you into an unsupervised entrance. There are many social engineering tricks to beating receptionists, but that is a different question.
                    – Nosajimiki
                    2 days ago






                  • 1




                    If a building has multiple entrances with a main reception desk, it would seem like the only logical thing to do in that situation would be to either have the receptionist have access to camera systems for other entrances, someone in IT, or a full/part time security guard. Edit : Posted before I finished my comment. As you stated in your response, people will find workarounds when it comes to social encounters, so the only way to ensure this doesn't happen would be to put procedures in place to have people dissociated enough to actually pay attention to these kinds of things.
                    – William Michael
                    yesterday










                  4




                  4




                  Unauthorized tailgaters rarely use the front door. The main concern for this subject is going to be those back-doors that make it easy to convince someone on their smoke break to let you into an unsupervised entrance. There are many social engineering tricks to beating receptionists, but that is a different question.
                  – Nosajimiki
                  2 days ago




                  Unauthorized tailgaters rarely use the front door. The main concern for this subject is going to be those back-doors that make it easy to convince someone on their smoke break to let you into an unsupervised entrance. There are many social engineering tricks to beating receptionists, but that is a different question.
                  – Nosajimiki
                  2 days ago




                  1




                  1




                  If a building has multiple entrances with a main reception desk, it would seem like the only logical thing to do in that situation would be to either have the receptionist have access to camera systems for other entrances, someone in IT, or a full/part time security guard. Edit : Posted before I finished my comment. As you stated in your response, people will find workarounds when it comes to social encounters, so the only way to ensure this doesn't happen would be to put procedures in place to have people dissociated enough to actually pay attention to these kinds of things.
                  – William Michael
                  yesterday






                  If a building has multiple entrances with a main reception desk, it would seem like the only logical thing to do in that situation would be to either have the receptionist have access to camera systems for other entrances, someone in IT, or a full/part time security guard. Edit : Posted before I finished my comment. As you stated in your response, people will find workarounds when it comes to social encounters, so the only way to ensure this doesn't happen would be to put procedures in place to have people dissociated enough to actually pay attention to these kinds of things.
                  – William Michael
                  yesterday












                  up vote
                  6
                  down vote













                  There's a lot of value to a sign, at least relative to its literal and sociological costs, but I would assume that the text matters.



                  Any variation of You/Everyone must swipe in at this door will set up a rule which an intruder might choose to break. It doesn't set up an expectation of rule-compliant people to enforce the rule on their peers or strangers. Even more precisely, it doesn't reassure rule-compliant people that their peers won't perceive them as uptight for enforcing the rule.



                  I would suggest something like
                  Make sure everyone entering with you swipes in. Listen for the beep indicating that their badge is valid/up-to-date.

                  If I'm entering the building with someone, then I know that they've seen the sign that says that I have to ask them to swipe in.






                  share|improve this answer








                  New contributor




                  ShapeOfMatter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                  Check out our Code of Conduct.






















                    up vote
                    6
                    down vote













                    There's a lot of value to a sign, at least relative to its literal and sociological costs, but I would assume that the text matters.



                    Any variation of You/Everyone must swipe in at this door will set up a rule which an intruder might choose to break. It doesn't set up an expectation of rule-compliant people to enforce the rule on their peers or strangers. Even more precisely, it doesn't reassure rule-compliant people that their peers won't perceive them as uptight for enforcing the rule.



                    I would suggest something like
                    Make sure everyone entering with you swipes in. Listen for the beep indicating that their badge is valid/up-to-date.

                    If I'm entering the building with someone, then I know that they've seen the sign that says that I have to ask them to swipe in.






                    share|improve this answer








                    New contributor




                    ShapeOfMatter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                    Check out our Code of Conduct.




















                      up vote
                      6
                      down vote










                      up vote
                      6
                      down vote









                      There's a lot of value to a sign, at least relative to its literal and sociological costs, but I would assume that the text matters.



                      Any variation of You/Everyone must swipe in at this door will set up a rule which an intruder might choose to break. It doesn't set up an expectation of rule-compliant people to enforce the rule on their peers or strangers. Even more precisely, it doesn't reassure rule-compliant people that their peers won't perceive them as uptight for enforcing the rule.



                      I would suggest something like
                      Make sure everyone entering with you swipes in. Listen for the beep indicating that their badge is valid/up-to-date.

                      If I'm entering the building with someone, then I know that they've seen the sign that says that I have to ask them to swipe in.






                      share|improve this answer








                      New contributor




                      ShapeOfMatter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.









                      There's a lot of value to a sign, at least relative to its literal and sociological costs, but I would assume that the text matters.



                      Any variation of You/Everyone must swipe in at this door will set up a rule which an intruder might choose to break. It doesn't set up an expectation of rule-compliant people to enforce the rule on their peers or strangers. Even more precisely, it doesn't reassure rule-compliant people that their peers won't perceive them as uptight for enforcing the rule.



                      I would suggest something like
                      Make sure everyone entering with you swipes in. Listen for the beep indicating that their badge is valid/up-to-date.

                      If I'm entering the building with someone, then I know that they've seen the sign that says that I have to ask them to swipe in.







                      share|improve this answer








                      New contributor




                      ShapeOfMatter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.









                      share|improve this answer



                      share|improve this answer






                      New contributor




                      ShapeOfMatter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.









                      answered 2 days ago









                      ShapeOfMatter

                      613




                      613




                      New contributor




                      ShapeOfMatter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.





                      New contributor





                      ShapeOfMatter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.






                      ShapeOfMatter is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                      Check out our Code of Conduct.






















                          up vote
                          5
                          down vote













                          This is hard and you need to think about the tradeoff it implies. Most tailgaters should be allowed into the building-they really do have a beneficial purpose there. My company had multiple buildings with doors that only permitted one person through, but I could swipe my badge and let anybody in, then swipe again and go in myself. (I used to joke I should get double pay because there were two of me at work.) Visitors were supposed to check in with reception, but that was in another building and they still needed me to swipe them in-they were not given badges that would swipe.



                          You have a choice between a serious effort to prevent tailgating and viewing your access controls as the first step of a defense in depth. If you really want to prevent tailgating, you need to accept that beside the personnel cost for monitoring you will slow everything down. Copy machines will not get repaired as promptly, so meetings will not be as efficient. Some meetings with outsiders will not happen because it is just too much trouble. Maybe one of those held the secret to the ultimate success of your company.



                          How bad is it if an unauthorized person gets in? Will they be challenged if they are just wandering around unescorted? Is it worth the cost to really prevent, as opposed to just making it a bit difficult? I started with "this is hard".



                          Clearly this is not an answer to the question as asked, but it seems there is an underlying assumption that we need to prevent tailgating. That is true in some situations, but not all.






                          share|improve this answer








                          New contributor




                          Ross Millikan is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                          Check out our Code of Conduct.






















                            up vote
                            5
                            down vote













                            This is hard and you need to think about the tradeoff it implies. Most tailgaters should be allowed into the building-they really do have a beneficial purpose there. My company had multiple buildings with doors that only permitted one person through, but I could swipe my badge and let anybody in, then swipe again and go in myself. (I used to joke I should get double pay because there were two of me at work.) Visitors were supposed to check in with reception, but that was in another building and they still needed me to swipe them in-they were not given badges that would swipe.



                            You have a choice between a serious effort to prevent tailgating and viewing your access controls as the first step of a defense in depth. If you really want to prevent tailgating, you need to accept that beside the personnel cost for monitoring you will slow everything down. Copy machines will not get repaired as promptly, so meetings will not be as efficient. Some meetings with outsiders will not happen because it is just too much trouble. Maybe one of those held the secret to the ultimate success of your company.



                            How bad is it if an unauthorized person gets in? Will they be challenged if they are just wandering around unescorted? Is it worth the cost to really prevent, as opposed to just making it a bit difficult? I started with "this is hard".



                            Clearly this is not an answer to the question as asked, but it seems there is an underlying assumption that we need to prevent tailgating. That is true in some situations, but not all.






                            share|improve this answer








                            New contributor




                            Ross Millikan is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                            Check out our Code of Conduct.




















                              up vote
                              5
                              down vote










                              up vote
                              5
                              down vote









                              This is hard and you need to think about the tradeoff it implies. Most tailgaters should be allowed into the building-they really do have a beneficial purpose there. My company had multiple buildings with doors that only permitted one person through, but I could swipe my badge and let anybody in, then swipe again and go in myself. (I used to joke I should get double pay because there were two of me at work.) Visitors were supposed to check in with reception, but that was in another building and they still needed me to swipe them in-they were not given badges that would swipe.



                              You have a choice between a serious effort to prevent tailgating and viewing your access controls as the first step of a defense in depth. If you really want to prevent tailgating, you need to accept that beside the personnel cost for monitoring you will slow everything down. Copy machines will not get repaired as promptly, so meetings will not be as efficient. Some meetings with outsiders will not happen because it is just too much trouble. Maybe one of those held the secret to the ultimate success of your company.



                              How bad is it if an unauthorized person gets in? Will they be challenged if they are just wandering around unescorted? Is it worth the cost to really prevent, as opposed to just making it a bit difficult? I started with "this is hard".



                              Clearly this is not an answer to the question as asked, but it seems there is an underlying assumption that we need to prevent tailgating. That is true in some situations, but not all.






                              share|improve this answer








                              New contributor




                              Ross Millikan is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                              Check out our Code of Conduct.









                              This is hard and you need to think about the tradeoff it implies. Most tailgaters should be allowed into the building-they really do have a beneficial purpose there. My company had multiple buildings with doors that only permitted one person through, but I could swipe my badge and let anybody in, then swipe again and go in myself. (I used to joke I should get double pay because there were two of me at work.) Visitors were supposed to check in with reception, but that was in another building and they still needed me to swipe them in-they were not given badges that would swipe.



                              You have a choice between a serious effort to prevent tailgating and viewing your access controls as the first step of a defense in depth. If you really want to prevent tailgating, you need to accept that beside the personnel cost for monitoring you will slow everything down. Copy machines will not get repaired as promptly, so meetings will not be as efficient. Some meetings with outsiders will not happen because it is just too much trouble. Maybe one of those held the secret to the ultimate success of your company.



                              How bad is it if an unauthorized person gets in? Will they be challenged if they are just wandering around unescorted? Is it worth the cost to really prevent, as opposed to just making it a bit difficult? I started with "this is hard".



                              Clearly this is not an answer to the question as asked, but it seems there is an underlying assumption that we need to prevent tailgating. That is true in some situations, but not all.







                              share|improve this answer








                              New contributor




                              Ross Millikan is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                              Check out our Code of Conduct.









                              share|improve this answer



                              share|improve this answer






                              New contributor




                              Ross Millikan is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                              Check out our Code of Conduct.









                              answered 2 days ago









                              Ross Millikan

                              1513




                              1513




                              New contributor




                              Ross Millikan is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                              Check out our Code of Conduct.





                              New contributor





                              Ross Millikan is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                              Check out our Code of Conduct.






                              Ross Millikan is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                              Check out our Code of Conduct.






















                                  up vote
                                  5
                                  down vote













                                  Once I got a tour by the CEO of ADB through one of their factories. Before we could enter there were 2 control posts. To enter the parking lot you had to go through an ID verification. If you walked to the building you came by this post also.



                                  The second verification you had to go through was at the entrance. All employees, visitors,... must enter through this entrance. After the door closed you were locked in a grey zone. After you passed another ID verification you received your badge to enter the building. There is no other way in or out. If you left you had to go through the same verification.



                                  Another example of this technique is used by a company that I used to work for. They buy/sell gold in large quantities. If you wanted to enter the building, you had to push a button, then state your business and name while looking into a camera. If the door opens and you enter the building you are locked in a small room where ID verification happened. And your bags are checked everytime you enter or leave. Even people that worked there 5+ years had to go through all those security steps. I never saw anyone with bad intents get further than the first door. If the situation is fishy the person stays locked in that room, the security takes away this person for further investigation. Never I have seen this system fail.






                                  share|improve this answer








                                  New contributor




                                  Ilyas Deckers is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                  Check out our Code of Conduct.






















                                    up vote
                                    5
                                    down vote













                                    Once I got a tour by the CEO of ADB through one of their factories. Before we could enter there were 2 control posts. To enter the parking lot you had to go through an ID verification. If you walked to the building you came by this post also.



                                    The second verification you had to go through was at the entrance. All employees, visitors,... must enter through this entrance. After the door closed you were locked in a grey zone. After you passed another ID verification you received your badge to enter the building. There is no other way in or out. If you left you had to go through the same verification.



                                    Another example of this technique is used by a company that I used to work for. They buy/sell gold in large quantities. If you wanted to enter the building, you had to push a button, then state your business and name while looking into a camera. If the door opens and you enter the building you are locked in a small room where ID verification happened. And your bags are checked everytime you enter or leave. Even people that worked there 5+ years had to go through all those security steps. I never saw anyone with bad intents get further than the first door. If the situation is fishy the person stays locked in that room, the security takes away this person for further investigation. Never I have seen this system fail.






                                    share|improve this answer








                                    New contributor




                                    Ilyas Deckers is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                    Check out our Code of Conduct.




















                                      up vote
                                      5
                                      down vote










                                      up vote
                                      5
                                      down vote









                                      Once I got a tour by the CEO of ADB through one of their factories. Before we could enter there were 2 control posts. To enter the parking lot you had to go through an ID verification. If you walked to the building you came by this post also.



                                      The second verification you had to go through was at the entrance. All employees, visitors,... must enter through this entrance. After the door closed you were locked in a grey zone. After you passed another ID verification you received your badge to enter the building. There is no other way in or out. If you left you had to go through the same verification.



                                      Another example of this technique is used by a company that I used to work for. They buy/sell gold in large quantities. If you wanted to enter the building, you had to push a button, then state your business and name while looking into a camera. If the door opens and you enter the building you are locked in a small room where ID verification happened. And your bags are checked everytime you enter or leave. Even people that worked there 5+ years had to go through all those security steps. I never saw anyone with bad intents get further than the first door. If the situation is fishy the person stays locked in that room, the security takes away this person for further investigation. Never I have seen this system fail.






                                      share|improve this answer








                                      New contributor




                                      Ilyas Deckers is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                      Check out our Code of Conduct.









                                      Once I got a tour by the CEO of ADB through one of their factories. Before we could enter there were 2 control posts. To enter the parking lot you had to go through an ID verification. If you walked to the building you came by this post also.



                                      The second verification you had to go through was at the entrance. All employees, visitors,... must enter through this entrance. After the door closed you were locked in a grey zone. After you passed another ID verification you received your badge to enter the building. There is no other way in or out. If you left you had to go through the same verification.



                                      Another example of this technique is used by a company that I used to work for. They buy/sell gold in large quantities. If you wanted to enter the building, you had to push a button, then state your business and name while looking into a camera. If the door opens and you enter the building you are locked in a small room where ID verification happened. And your bags are checked everytime you enter or leave. Even people that worked there 5+ years had to go through all those security steps. I never saw anyone with bad intents get further than the first door. If the situation is fishy the person stays locked in that room, the security takes away this person for further investigation. Never I have seen this system fail.







                                      share|improve this answer








                                      New contributor




                                      Ilyas Deckers is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                      Check out our Code of Conduct.









                                      share|improve this answer



                                      share|improve this answer






                                      New contributor




                                      Ilyas Deckers is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                      Check out our Code of Conduct.









                                      answered yesterday









                                      Ilyas Deckers

                                      1512




                                      1512




                                      New contributor




                                      Ilyas Deckers is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                      Check out our Code of Conduct.





                                      New contributor





                                      Ilyas Deckers is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                      Check out our Code of Conduct.






                                      Ilyas Deckers is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
                                      Check out our Code of Conduct.






















                                          up vote
                                          3
                                          down vote













                                          If it's a situation the really matters that much, you station a security person at every entrance whose entire job is to challenge people who enter without swiping — even people known to them, since access be be revoked suddenly. Then you back this up with security camera spot checks, where the job of the cameras is allowing a supervisor to verify the guards are doing what they are supposed to, in addition to keeping records of entrances/exits.



                                          Eventually, I expect computer vision technology to evolve to the point where a camera can be smart enough to do most of the job of the guard. It only has to detect the number of total people vs the number of distinct swipes, and you can use infrared in addition to visible light to make it difficult to fool the camera.



                                          Another option is the door fob only rings an alert in the security office, where it's up to a security officer there to unlock the door based on how the camera feed correlates to the fob logs. That can be much cheaper than stationing a guard at every door, while still providing most of the same security against tailgating.






                                          share|improve this answer























                                          • They have been that smart for a few years now, and are already used in this capacity, although you only really see them in really high profile buildings like major data centers, expect this technology to become a lot more common place in the next few years.
                                            – Nosajimiki
                                            2 days ago















                                          up vote
                                          3
                                          down vote













                                          If it's a situation the really matters that much, you station a security person at every entrance whose entire job is to challenge people who enter without swiping — even people known to them, since access be be revoked suddenly. Then you back this up with security camera spot checks, where the job of the cameras is allowing a supervisor to verify the guards are doing what they are supposed to, in addition to keeping records of entrances/exits.



                                          Eventually, I expect computer vision technology to evolve to the point where a camera can be smart enough to do most of the job of the guard. It only has to detect the number of total people vs the number of distinct swipes, and you can use infrared in addition to visible light to make it difficult to fool the camera.



                                          Another option is the door fob only rings an alert in the security office, where it's up to a security officer there to unlock the door based on how the camera feed correlates to the fob logs. That can be much cheaper than stationing a guard at every door, while still providing most of the same security against tailgating.






                                          share|improve this answer























                                          • They have been that smart for a few years now, and are already used in this capacity, although you only really see them in really high profile buildings like major data centers, expect this technology to become a lot more common place in the next few years.
                                            – Nosajimiki
                                            2 days ago













                                          up vote
                                          3
                                          down vote










                                          up vote
                                          3
                                          down vote









                                          If it's a situation the really matters that much, you station a security person at every entrance whose entire job is to challenge people who enter without swiping — even people known to them, since access be be revoked suddenly. Then you back this up with security camera spot checks, where the job of the cameras is allowing a supervisor to verify the guards are doing what they are supposed to, in addition to keeping records of entrances/exits.



                                          Eventually, I expect computer vision technology to evolve to the point where a camera can be smart enough to do most of the job of the guard. It only has to detect the number of total people vs the number of distinct swipes, and you can use infrared in addition to visible light to make it difficult to fool the camera.



                                          Another option is the door fob only rings an alert in the security office, where it's up to a security officer there to unlock the door based on how the camera feed correlates to the fob logs. That can be much cheaper than stationing a guard at every door, while still providing most of the same security against tailgating.






                                          share|improve this answer














                                          If it's a situation the really matters that much, you station a security person at every entrance whose entire job is to challenge people who enter without swiping — even people known to them, since access be be revoked suddenly. Then you back this up with security camera spot checks, where the job of the cameras is allowing a supervisor to verify the guards are doing what they are supposed to, in addition to keeping records of entrances/exits.



                                          Eventually, I expect computer vision technology to evolve to the point where a camera can be smart enough to do most of the job of the guard. It only has to detect the number of total people vs the number of distinct swipes, and you can use infrared in addition to visible light to make it difficult to fool the camera.



                                          Another option is the door fob only rings an alert in the security office, where it's up to a security officer there to unlock the door based on how the camera feed correlates to the fob logs. That can be much cheaper than stationing a guard at every door, while still providing most of the same security against tailgating.







                                          share|improve this answer














                                          share|improve this answer



                                          share|improve this answer








                                          edited 19 hours ago

























                                          answered 2 days ago









                                          Joel Coehoorn

                                          1,2851912




                                          1,2851912












                                          • They have been that smart for a few years now, and are already used in this capacity, although you only really see them in really high profile buildings like major data centers, expect this technology to become a lot more common place in the next few years.
                                            – Nosajimiki
                                            2 days ago


















                                          • They have been that smart for a few years now, and are already used in this capacity, although you only really see them in really high profile buildings like major data centers, expect this technology to become a lot more common place in the next few years.
                                            – Nosajimiki
                                            2 days ago
















                                          They have been that smart for a few years now, and are already used in this capacity, although you only really see them in really high profile buildings like major data centers, expect this technology to become a lot more common place in the next few years.
                                          – Nosajimiki
                                          2 days ago




                                          They have been that smart for a few years now, and are already used in this capacity, although you only really see them in really high profile buildings like major data centers, expect this technology to become a lot more common place in the next few years.
                                          – Nosajimiki
                                          2 days ago










                                          up vote
                                          0
                                          down vote













                                          Face recognition technology is about ready for that, and can easily handle large masses of people simultaneously, without the need for badges or turn styles.



                                          For example, the Orlando airport is being converted to use face recognition instead of passport controls (supposedly still to go live in 2018). You will just walk by, and be automatically identified.






                                          share|improve this answer

















                                          • 1




                                            How easy is this to fool by wearing a mask or something? You can't really do that at an airport - too many people around and it would be suspicious, but what about an office building at a quiet hour or even few minutes - you put the mask on, get in, take it off when nobody is around to question you? How easy is it to get a false negative, either - if somebody grew a beard or maybe had a face injury, would they be denied access? That's lower risk than a false positive but still something to keep in mind.
                                            – vlaz
                                            2 days ago










                                          • I have my doubts too... but they seriously do that in the airport, and they should know what they do.
                                            – Aganju
                                            2 days ago















                                          up vote
                                          0
                                          down vote













                                          Face recognition technology is about ready for that, and can easily handle large masses of people simultaneously, without the need for badges or turn styles.



                                          For example, the Orlando airport is being converted to use face recognition instead of passport controls (supposedly still to go live in 2018). You will just walk by, and be automatically identified.






                                          share|improve this answer

















                                          • 1




                                            How easy is this to fool by wearing a mask or something? You can't really do that at an airport - too many people around and it would be suspicious, but what about an office building at a quiet hour or even few minutes - you put the mask on, get in, take it off when nobody is around to question you? How easy is it to get a false negative, either - if somebody grew a beard or maybe had a face injury, would they be denied access? That's lower risk than a false positive but still something to keep in mind.
                                            – vlaz
                                            2 days ago










                                          • I have my doubts too... but they seriously do that in the airport, and they should know what they do.
                                            – Aganju
                                            2 days ago













                                          up vote
                                          0
                                          down vote










                                          up vote
                                          0
                                          down vote









                                          Face recognition technology is about ready for that, and can easily handle large masses of people simultaneously, without the need for badges or turn styles.



                                          For example, the Orlando airport is being converted to use face recognition instead of passport controls (supposedly still to go live in 2018). You will just walk by, and be automatically identified.






                                          share|improve this answer












                                          Face recognition technology is about ready for that, and can easily handle large masses of people simultaneously, without the need for badges or turn styles.



                                          For example, the Orlando airport is being converted to use face recognition instead of passport controls (supposedly still to go live in 2018). You will just walk by, and be automatically identified.







                                          share|improve this answer












                                          share|improve this answer



                                          share|improve this answer










                                          answered 2 days ago









                                          Aganju

                                          16016




                                          16016








                                          • 1




                                            How easy is this to fool by wearing a mask or something? You can't really do that at an airport - too many people around and it would be suspicious, but what about an office building at a quiet hour or even few minutes - you put the mask on, get in, take it off when nobody is around to question you? How easy is it to get a false negative, either - if somebody grew a beard or maybe had a face injury, would they be denied access? That's lower risk than a false positive but still something to keep in mind.
                                            – vlaz
                                            2 days ago










                                          • I have my doubts too... but they seriously do that in the airport, and they should know what they do.
                                            – Aganju
                                            2 days ago














                                          • 1




                                            How easy is this to fool by wearing a mask or something? You can't really do that at an airport - too many people around and it would be suspicious, but what about an office building at a quiet hour or even few minutes - you put the mask on, get in, take it off when nobody is around to question you? How easy is it to get a false negative, either - if somebody grew a beard or maybe had a face injury, would they be denied access? That's lower risk than a false positive but still something to keep in mind.
                                            – vlaz
                                            2 days ago










                                          • I have my doubts too... but they seriously do that in the airport, and they should know what they do.
                                            – Aganju
                                            2 days ago








                                          1




                                          1




                                          How easy is this to fool by wearing a mask or something? You can't really do that at an airport - too many people around and it would be suspicious, but what about an office building at a quiet hour or even few minutes - you put the mask on, get in, take it off when nobody is around to question you? How easy is it to get a false negative, either - if somebody grew a beard or maybe had a face injury, would they be denied access? That's lower risk than a false positive but still something to keep in mind.
                                          – vlaz
                                          2 days ago




                                          How easy is this to fool by wearing a mask or something? You can't really do that at an airport - too many people around and it would be suspicious, but what about an office building at a quiet hour or even few minutes - you put the mask on, get in, take it off when nobody is around to question you? How easy is it to get a false negative, either - if somebody grew a beard or maybe had a face injury, would they be denied access? That's lower risk than a false positive but still something to keep in mind.
                                          – vlaz
                                          2 days ago












                                          I have my doubts too... but they seriously do that in the airport, and they should know what they do.
                                          – Aganju
                                          2 days ago




                                          I have my doubts too... but they seriously do that in the airport, and they should know what they do.
                                          – Aganju
                                          2 days ago










                                          up vote
                                          -1
                                          down vote













                                          If you have the budget for it, use high resolution cameras with facial recognition. Security will be alerted even if some well meaning do-gooder holds the door open for them when they enter an unauthorized area.






                                          share|improve this answer





















                                          • Unless they duck, or face the other way... Technology is not a panacea.
                                            – wizzwizz4
                                            2 days ago












                                          • This comes down to what level of security you are trying to enforce. Many can be configured to alert you to an unrecognized person; so, obscured faces can create false positives, but false negatives are nearly impossible. Even if you have a bag over your head, it will still mark you as an unknown person alerting security to your presence. Also, the facial recognition software that comes with them typically use machine learning; so, they learn your whole facial profile over time such that false positives become pretty rare after it's seen you a few times.
                                            – Nosajimiki
                                            3 hours ago










                                          • This many not be a good course of action for a building where you have a lot of "unknown" people coming and going, but in general, if you are worried about tailgating as a serious security concern, you are probably talking about somewhere that unknown people should not be to begin with.
                                            – Nosajimiki
                                            3 hours ago










                                          • I've experience with fooling automatic doors; even that's not hard. So fooling a much more complex system? A commando-roll could well be enough. And remember; if the system's too sensitive, it won't be long before positives are ignored.
                                            – wizzwizz4
                                            28 mins ago















                                          up vote
                                          -1
                                          down vote













                                          If you have the budget for it, use high resolution cameras with facial recognition. Security will be alerted even if some well meaning do-gooder holds the door open for them when they enter an unauthorized area.






                                          share|improve this answer





















                                          • Unless they duck, or face the other way... Technology is not a panacea.
                                            – wizzwizz4
                                            2 days ago












                                          • This comes down to what level of security you are trying to enforce. Many can be configured to alert you to an unrecognized person; so, obscured faces can create false positives, but false negatives are nearly impossible. Even if you have a bag over your head, it will still mark you as an unknown person alerting security to your presence. Also, the facial recognition software that comes with them typically use machine learning; so, they learn your whole facial profile over time such that false positives become pretty rare after it's seen you a few times.
                                            – Nosajimiki
                                            3 hours ago










                                          • This many not be a good course of action for a building where you have a lot of "unknown" people coming and going, but in general, if you are worried about tailgating as a serious security concern, you are probably talking about somewhere that unknown people should not be to begin with.
                                            – Nosajimiki
                                            3 hours ago










                                          • I've experience with fooling automatic doors; even that's not hard. So fooling a much more complex system? A commando-roll could well be enough. And remember; if the system's too sensitive, it won't be long before positives are ignored.
                                            – wizzwizz4
                                            28 mins ago













                                          up vote
                                          -1
                                          down vote










                                          up vote
                                          -1
                                          down vote









                                          If you have the budget for it, use high resolution cameras with facial recognition. Security will be alerted even if some well meaning do-gooder holds the door open for them when they enter an unauthorized area.






                                          share|improve this answer












                                          If you have the budget for it, use high resolution cameras with facial recognition. Security will be alerted even if some well meaning do-gooder holds the door open for them when they enter an unauthorized area.







                                          share|improve this answer












                                          share|improve this answer



                                          share|improve this answer










                                          answered 2 days ago









                                          Nosajimiki

                                          2297




                                          2297












                                          • Unless they duck, or face the other way... Technology is not a panacea.
                                            – wizzwizz4
                                            2 days ago












                                          • This comes down to what level of security you are trying to enforce. Many can be configured to alert you to an unrecognized person; so, obscured faces can create false positives, but false negatives are nearly impossible. Even if you have a bag over your head, it will still mark you as an unknown person alerting security to your presence. Also, the facial recognition software that comes with them typically use machine learning; so, they learn your whole facial profile over time such that false positives become pretty rare after it's seen you a few times.
                                            – Nosajimiki
                                            3 hours ago










                                          • This many not be a good course of action for a building where you have a lot of "unknown" people coming and going, but in general, if you are worried about tailgating as a serious security concern, you are probably talking about somewhere that unknown people should not be to begin with.
                                            – Nosajimiki
                                            3 hours ago










                                          • I've experience with fooling automatic doors; even that's not hard. So fooling a much more complex system? A commando-roll could well be enough. And remember; if the system's too sensitive, it won't be long before positives are ignored.
                                            – wizzwizz4
                                            28 mins ago


















                                          • Unless they duck, or face the other way... Technology is not a panacea.
                                            – wizzwizz4
                                            2 days ago












                                          • This comes down to what level of security you are trying to enforce. Many can be configured to alert you to an unrecognized person; so, obscured faces can create false positives, but false negatives are nearly impossible. Even if you have a bag over your head, it will still mark you as an unknown person alerting security to your presence. Also, the facial recognition software that comes with them typically use machine learning; so, they learn your whole facial profile over time such that false positives become pretty rare after it's seen you a few times.
                                            – Nosajimiki
                                            3 hours ago










                                          • This many not be a good course of action for a building where you have a lot of "unknown" people coming and going, but in general, if you are worried about tailgating as a serious security concern, you are probably talking about somewhere that unknown people should not be to begin with.
                                            – Nosajimiki
                                            3 hours ago










                                          • I've experience with fooling automatic doors; even that's not hard. So fooling a much more complex system? A commando-roll could well be enough. And remember; if the system's too sensitive, it won't be long before positives are ignored.
                                            – wizzwizz4
                                            28 mins ago
















                                          Unless they duck, or face the other way... Technology is not a panacea.
                                          – wizzwizz4
                                          2 days ago






                                          Unless they duck, or face the other way... Technology is not a panacea.
                                          – wizzwizz4
                                          2 days ago














                                          This comes down to what level of security you are trying to enforce. Many can be configured to alert you to an unrecognized person; so, obscured faces can create false positives, but false negatives are nearly impossible. Even if you have a bag over your head, it will still mark you as an unknown person alerting security to your presence. Also, the facial recognition software that comes with them typically use machine learning; so, they learn your whole facial profile over time such that false positives become pretty rare after it's seen you a few times.
                                          – Nosajimiki
                                          3 hours ago




                                          This comes down to what level of security you are trying to enforce. Many can be configured to alert you to an unrecognized person; so, obscured faces can create false positives, but false negatives are nearly impossible. Even if you have a bag over your head, it will still mark you as an unknown person alerting security to your presence. Also, the facial recognition software that comes with them typically use machine learning; so, they learn your whole facial profile over time such that false positives become pretty rare after it's seen you a few times.
                                          – Nosajimiki
                                          3 hours ago












                                          This many not be a good course of action for a building where you have a lot of "unknown" people coming and going, but in general, if you are worried about tailgating as a serious security concern, you are probably talking about somewhere that unknown people should not be to begin with.
                                          – Nosajimiki
                                          3 hours ago




                                          This many not be a good course of action for a building where you have a lot of "unknown" people coming and going, but in general, if you are worried about tailgating as a serious security concern, you are probably talking about somewhere that unknown people should not be to begin with.
                                          – Nosajimiki
                                          3 hours ago












                                          I've experience with fooling automatic doors; even that's not hard. So fooling a much more complex system? A commando-roll could well be enough. And remember; if the system's too sensitive, it won't be long before positives are ignored.
                                          – wizzwizz4
                                          28 mins ago




                                          I've experience with fooling automatic doors; even that's not hard. So fooling a much more complex system? A commando-roll could well be enough. And remember; if the system's too sensitive, it won't be long before positives are ignored.
                                          – wizzwizz4
                                          28 mins ago










                                          Lithilion is a new contributor. Be nice, and check out our Code of Conduct.










                                           

                                          draft saved


                                          draft discarded


















                                          Lithilion is a new contributor. Be nice, and check out our Code of Conduct.













                                          Lithilion is a new contributor. Be nice, and check out our Code of Conduct.












                                          Lithilion is a new contributor. Be nice, and check out our Code of Conduct.















                                           


                                          draft saved


                                          draft discarded














                                          StackExchange.ready(
                                          function () {
                                          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f197817%2fdefence-methods-against-tailgating%23new-answer', 'question_page');
                                          }
                                          );

                                          Post as a guest















                                          Required, but never shown





















































                                          Required, but never shown














                                          Required, but never shown












                                          Required, but never shown







                                          Required, but never shown

































                                          Required, but never shown














                                          Required, but never shown












                                          Required, but never shown







                                          Required, but never shown







                                          Popular posts from this blog

                                          'app-layout' is not a known element: how to share Component with different Modules

                                          android studio warns about leanback feature tag usage required on manifest while using Unity exported app?

                                          WPF add header to Image with URL pettitions [duplicate]