Access Tailgating: Biggest Security Vulnerability

By Brian Rhodes, Published Jul 22, 2021, 08:31am EDT

What is the 'biggest' access control security vulnerability? One security consultant argues that, for most installations, it is tailgating.

IPVM Image

In this report, we share:

  • A security consultant's analysis that tailgating is the biggest access risk
  • Tailgating is easier to exploit than card copying
  • A short explanation of Tailgating and the problems is creates
  • Easy tailgating solutions are not common

IPVM Resources

IPVM has many resources explaining the problem and how to address it in your access systems including:

Specific Products:

Consultant ***** *******

** ******** ** ************** ** ******** * ****** ****** risk,******* *. *****, *********,***** ********************:

IPVM Image********, *** ******* ************* in **** ****** ******* systems ** **********.

** **** ** ***** a **** ******* *** window, **** **** *** someone ** ***** ** enter *** ******** *** then **** ***** **. Many ****** **** **** politely **** *** **** open *** *** **** asked.

****** ** ******** ***********, I **** **** * can *** **** * building ***** **** ********* over **% ** *** time.

***** *** **** * physical ******** ********** *** 25+ ***** ******* ** the *******, *** ****, and *** ********* * number ** ******-******* ********, including*** ******* ** **********.

Tailgating ****** **** **** *******

***** ******* *** *** credentials ***** ******* *** can ** **** ***** gadgets ******* **** **** $30, ***** **** **** Tailgating ** **** ******:

******* ***** ** ********** are *********** ** ******** types ** ******* **** as ******* **** ************** lines *** ******** ** counterfeiting ***********. *******, ** most **********, ***** *** few ********** ***** ** an ******** ******* ****** using ***** *******.There *** *** ****** **** ** ***** * ********: **********, slipping a latch, or simply looking for a door that has failed to close properly. [Emphasis IPVM]

Members ******

***** ** *** *** only *** *** **** Tailgating ** * **** problem.******* **************** ** *********:

********** *** ****** ****--*** remains--the ******* *** ** overcome * **** ****** entry *****.

******* ********** ****:

** ******* *********, *** easiest ** ***** **********. Double ***** ******* * mullion ** ********* **** as ****.

Tailgating *******

'**********' ******* **** * credentialed ****** **** ***** a **** ******** *** or **** *********** ** immediately **** ******* ***** the **** ** ****.

IPVM Image

*** ********* *** ******** occur **** ******* * door **** *** *******. It **** ******* ************, typically **** ******* ** focused ** ********* ****** it ******* ** **** door.

****, *** **** ***** of ***, ** **** someone ******* * ********* act ** ********* ******** behind * ***** ********** to **** *** ******** system. **********'* ****** *** render ** ****** ******** insecure.

Common ******** *** ******* *****

** **** ********, ******* the **** **** *** people ** * ****, kind **********. ********, ********** slamming *** **** **** behind *** ** ********* as ****, *** *** create *** **** ******* neighbors ** **-*******.

*******, **** ****** ** not ******** *** **** are *********** ** ****** control ****** **** ***** own '**** *******'.

Easy ********* *******

********** ** * ******* and ***** ********* ******* to *****, **** ********* generally ******* **** ******** hundreds ** *************** ******* *** *******.

*** ***** ********* ********* are ***** ********* *** people **********, ***** *********** by ******** *****:

IPVM Image

*******, ********** ***** ****** management ** ********, *** tailgating **** *** *** be **********, *** **** minimized, ** * ****.

Other ****** ******* ***************

** ***** *****, **** if ********** ** *** biggest ************* ** **** installations, **** ************* *** face ******* ****. ********** is ****** * **** in ********** **** **** a **** ****** ** expected *******. ** ****** security **********, ***** ******* is ****** *** ** there ** *** *********** of ** ******* ** certain ***** (*.*., * locked ******** ***** *****), other *************** ********* ******* may ** **** ********* risks.

***** ******** **** ********* ********* ***** **** ***** closing *** *******, ***** fundamentally ******** ***** **** being ******. **** ***** range **** ******** ******** 'Kick-Downs' ** ****** ** trash ** ******* ********* or ***** ****:

IPVM Image

*** ************** ** **** props ** ***** ***, but *** **** **** present ** **** *** is ******* ********* **** to **** ****.

******* ***********, ************** ********* ******* ******, ***********, and ********* ** ******* risk. **** ************* ** when * ***** **** hands ***** **** ** a ****** ** ***, essentially *** ******** *** system ** ******* ****** properly.

*******, * ******* ** premium ****** ******* ** 'anti-passback' ********** **** ******** or ******** *********** **** unlocking *** **** ******* twice ****** * *** minutes.

Vote / ****

Comments (16)

Undisclosed Manufacturer #1

07/22/21 01:54pm

**'* * ****** ********* to **** ********** *** "biggest" *******. ** ******* out ** *** *******, there *** ***** * few ***** *************** **** can ** "******" ********* on *** *************.

** *********, ********** *** be *** ******* *** card ******* **** *** access ** *** *** doors ****** *** ******** that *** ********** **** had ****** **. * significant ******** ** *************.

*** ***** ************* **** comes ** **** ** the *********** ******** *** was **** *** ** from ** ********. ***** access **********, ** **** many *****, ** *** disabled *** **** *** sometime *****. * ******* potential ******* ** **** decide ** ********* ***********. Use ****** ********* *********** with **.

Agree: 2
Disagree
Informative: 1
Unhelpful
Funny

Undisclosed #4

IPVMU Certified | In reply to Undisclosed Manufacturer #1 | 07/23/21 06:00pm

**'* * ****** ********* to **** ********** *** "biggest" *******.

*** ** ****? **’* the **** ******** *********. And ** *****’* **** a *************** ******** ***.

**** ******* *** ** made ************* **** ********* by ***** ***** *******.

*** *** ********* * card ** * ****** manner ** * ******* of *** ***** *******.

Agree: 2
Disagree
Informative
Unhelpful
Funny

Shannon Davis

IPVMU Certified | In reply to Undisclosed Manufacturer #1 | 07/27/21 05:29pm

**** *** *** ****** formats *** *** ***'* copy * ****.

** ***** **** **** customers **** *** **** technology *** * **** them *** **** ** is ** **** ***** cards. ** **** *** I **** ***** **** across * ******** *** had * **** ****** and **** ** ***** system!

***** *** ****** ********* integration ** ***** ** the ******** *** ****** it. *** *** ******* have ** *********** ****** directory ***********.

Agree
Disagree
Informative
Unhelpful
Funny

Undisclosed Manufacturer #2

07/23/21 04:50pm

*'** ******* **** ** ADA ********* ***** **** have ***** ******, ********** is ************* ****. * person ***** ***** *****, lightly ******* ** *** door, *** ***** ****** kicks ** *** ***** the **** *** ***** it **** *** ** seconds ** **.

* ******* ***** ******* are * ********** ****** for *********** **** ************, but ** **** ***** like * **** ******** risk. * **** ***** seen * ****** ***** around *** **** *** the **** ** *****. Most **** **** ** walking ******** *** **** will ***** * ****** later.

Agree
Disagree
Informative: 1
Unhelpful
Funny

Undisclosed #3

In reply to Undisclosed Manufacturer #2 | 07/23/21 05:29pm

**** ****, *** **** is *** ** *** reasons ** ***'* ***** power ****** ********* ** card ****** ***** ** our ********. ** ****** gets * ****-***** ******** if ******** ** ******* at ***. ** **** require *** **** **** to ** *** ** the ******** ******* ****** of **** ********* ** code.

Agree
Disagree
Informative
Unhelpful
Funny
Avatar

Brian Rhodes

IPVMU Certified | In reply to Undisclosed Manufacturer #2 | 07/23/21 05:30pm

* ***** **** ***. For ****-******** **********, * have **** ****** ****** at ********** *** ***** areas. *** ***** ***** I ******* *** * checkpoint ****** ****** ***** and ****** ****** ******* whoever ****** ******* *** gate. * ****** *** provide *** **** ********** in * ***.

Agree
Disagree
Informative
Unhelpful
Funny

Undisclosed End User #5

07/23/21 09:41pm

*** *** **** ** the ***** **** ****** and ****** **** **** with *** **** ********** facilities ** ******** *** problem **** ***-**-*-**** ******* like********** ***? *** **** *** costly *** **** ***** the ******* ***** ****. Define/write *** ******** ************ properly *** **** *** justification **** *-***** **** it ******* * ******** based **** ********* *** risk *** *** ****.

*** **** *** *** for ********** *** ******** to *** **** ** a ****** ****** ***** turnstiles ** ******** ******* the *** *** ****** 100% ****-******* ********** ** there. **** ** *** pay *** * ****** post ********? * **** guarantee *** **** **** a ****** ******.

******* ******. **** ** to *** **** ***.

Agree
Disagree
Informative
Unhelpful
Funny

Undisclosed Integrator #6

07/26/21 01:53pm

********** ** *** ******** a ********** *******... ** is * ****** *******.

************, ** ** * failure ** "*******" *********** (holding ** ****** ***** is * '*******' ********) to ****** *** ************ of ***** ******* **** a *** ** *** facility.

********** *** ** ********* technologically, *** **** ** expensive *** ********* ******* which *** ***** ********* against **********, *************, *** cost.There *** ***% ********* anti-tailgating ************, *** *** will *** *** ***** either ** ******* ** inconvenience.

**** *** **** *** case *** *** ** the **+ ***** *'** worked ** *** ********.

******** ** ** ** HR/Policy ********** ***** *** properly *********** ** ************ violators ** **** **** effective *** ** *** long *** ******* **** cost *********.

Agree: 2
Disagree
Informative: 2
Unhelpful
Funny

Undisclosed End User #5

In reply to Undisclosed Integrator #6 | 07/26/21 03:20pm

* ***** *** *** most **** *** * culture/people ******* **** ****** can ******* *** ***** employees *** *******. ********** is **** * ****** problem **** *** * trusted ********** ******* *** door **** ** * tailgating ******* ** ***** their **********. **** * nefarious ********** ********* ** gain ************ ****** * am *** **** *** HR **** **** ** the ********* ****** ** w/o ********* ** *** unauthorized **********.

** **** ******** ************ such ** **** ******* with **** ******* ***********/******* technology ** *** ** getting ******** **** * breach/violation *** ***** *****.

Agree
Disagree
Informative
Unhelpful
Funny
Avatar

Brian Karas

In reply to Undisclosed Integrator #6 | 07/26/21 04:25pm

********** ** *** ******** a ********** *******... ** is * ****** *******.

* *****, **** ** comes **** ** **, the ********* ***** ********** is ****** * ******* to ******* ******** ***** on, *** "********" **** of ******** ******** ***** comes **** ****. *****, man-traps, ****** ********, ** similar ****** *** ******** part ** *** ******** that ***** ******** ** mitigate **********.

*******, *** *** ***** spot *** ***** ***** analytics ********* **** **** tout ***** "********** *********" before **** **** **** it ** * ******* of * **.* ******** release :)

Agree
Disagree
Informative
Unhelpful
Funny

Undisclosed Integrator #7

07/27/21 04:43pm

* ** ********** ******* this **** *********. *** of *** ******** ** the ******* ** ****** at *** ********** ****** that ** **** ******. (Literally *** **** ******). You ****** *** *** looks * *** **** I **** ** **** up *** ** ** kids, *** **** ****** me **, *** *** mom ****** ** ** INCREDULOUS **** * **** the **** ****** ****** me! "****, * *****!" does *** ***** *** it **.

**, ***, * ***** common ******** ** *** biggest ******* ** ***.

Agree: 1
Disagree
Informative: 1
Unhelpful
Funny: 1

Undisclosed #4

IPVMU Certified | In reply to Undisclosed Integrator #7 | 07/27/21 05:54pm

*** ** *** ******** in *** ******* ** posted ** *** ********** school **** ** **** attend. (********* *** **** school).

* ******* **** ******* was **** * ******* exaggeration ** **********, *** now * **** * question:

IPVM Image

** ** ****** ** portray ******* ********* * man-trap ** ******* **** doors ****? ** **, why ***** *** **** gate ****** ****** *** outer **** *** ****?

Agree
Disagree
Informative
Unhelpful
Funny
Avatar

Brian Rhodes

IPVMU Certified | In reply to Undisclosed #4 | 07/27/21 05:59pm

**'* *** * *******. Notice *** ****** ** stairs ** *** **********. There ***** ** ***** points ** ****/***** *** of ***** ** ****.

Agree
Disagree
Informative
Unhelpful
Funny

Undisclosed #4

IPVMU Certified | In reply to Brian Rhodes | 07/27/21 11:58pm

**'* *** * *******.

**, ** **** ** going ** ****?

Agree
Disagree
Informative
Unhelpful
Funny
Avatar

Brian Rhodes

IPVMU Certified | In reply to Undisclosed #4 | 07/28/21 02:29am

*** ****** ** ******* a **** **** *** someone ****.

** * ****** **** wrong?

Agree
Disagree
Informative
Unhelpful
Funny

Undisclosed #4

IPVMU Certified | In reply to Brian Rhodes | 07/28/21 05:20am

*** ****** ** ******* a **** **** *** someone ****.

** ** *** *****

*) ** ****** ****** to *** ***** ****

*) ****** ** **** his ***** ****

*) ****** **** **

*) *** ******* ******

*) **** *** **** on *** ******* ******, to **** ** **** shutting

*) ****** ****** ** the ****** ****

*) ****** ** **** his **** ****

*) ************* *** **** leg ** **** *** second **** **** ********

*** *** ******’* ** just **** *** ***** the **** *** **** the ***** **** ** open *** ******?

***’* *** *** *** distinct ********** **** ** must **** **** * and * **** ** the **** **** *** some ******?

** **;

**, *’* **** ***** back ** ******** **’* a *********** *******, ****** U7 *** ** ***********…

Agree
Disagree
Informative
Unhelpful
Funny
Read this IPVM report for free.

This article is part of IPVM's 7,211 reports and 960 tests and is only available to subscribers. To get a one-time preview of our work, enter your work email to access the full article.

Already a subscriber? Login here | Join now
Loading Related Reports