Tailgating: Access Control Tutorial

By: Brian Rhodes, Published on Oct 31, 2019

Nearly all access control systems are vulnerable to an easy exploit called 'tailgating'. Indeed, a friendly gesture in holding doors for others often compromises access security.

** **** ****, ** take * **** ** 'tailgating', *** **** ****** causes, *** ******** * options ** *******/******** **********:

  • '**** ****' ******
  • **********/********* *****
  • ********/********
  • ************ *********/*********
  • ******* & *********

The *******

'**********', **** ****** '************', describes *** ********* **** a ************ ****** **** opens * **** ******** one ** **** *********** to *********** **** ******* while *** **** ** open.

*** ********* *** ******** occur **** ******* * door **** *** *******. It **** ******* ************, typically **** ******* ** focused ** ********* ****** it ******* ** **** door.

****, *** **** ***** of ***, ** **** someone ******* * ********* act ** ********* ******** behind * ***** ********** to **** *** ******** system. **********'* ****** *** render ** ****** ******** insecure.

Common ******** *** ******* *****

** **** ********, ******* the **** **** *** people ** * ****, kind **********. ********, ********** slamming *** **** **** behind *** ** ********* as ****, *** *** create *** **** ******* neighbors ** **-*******.

*******, **** ****** ** not ******** *** **** are *********** ** ****** control ****** **** ***** own '**** *******'.

******, **** ******** ********** to *** ******* * door ***** *********. ********* articles ******** *** ******* of ******** *** *******, like:

*******, *** ****** ***** articles **** ** ********* is ***** *** **** secure *** ********** **** closed *** ******.

Security ********* ** ***

**** ****** ** *** deliberately **** ** ********* the ******** ******** ** a **** ** ********, but **** **** ** recognize *** ***** ***** behavior *** **.

*** **** ****** ** balance '**********' **** '********' is ********** ********* ** why, ** **, * door ** * ******** point. *** *** ******** doors, *** **** ***** frequently ****, *** *********** part ** *** ******** access ********** *********. *** if * **** ** kept ****** *** ******, or ** ** ** equipped **** ****** ******* like ******* ** *******, it ****** ***** ** held **** *** ******** kept ****** ***** ********** entry.

*** ***** ********, **** training *** **** ******* is ********* ** ********* security **********. ******** ****** and ******* ******* ** 'low ****', *** ***** effective *** ** ******* with **** ****.

Other ************ *******

***** *** * ******* of ***** ********** **** causes. ************* *** '***' of **** **** ********** helps ** ********* *** best ******* ******* **:

  • Bad *******: Especially in rainy and cold climates, holding the door open offers a welcome shortcut to those seeking the warm and dry environment of a facility. In these cases, sheltered entries, **********, ** ******* **** diminish *** ******** ** hold **** ***** *** of ************* *********.
  • Misaligned/Worn *****: Over the course of thousands of open/close cycles, even commercial grade doors, hinges, frames, and closers sag or become worn over time. If left unchecked, doors may not fully close when opened or may take a long time to close, therefore allowing many people entrance from a single card read. A regular and discipline door maintenance schedule for access-controlled openings is critical to prevent the issue.
  • *************/********:***** *** * ******* of ****** **** ** keep * **** **** latching ***** ** *** been ******. *********, *****, bunched-up ****, *** ******** tampering *** *** ******** employed ** ********* *** task ** ********** * credential *** ******, ***** seen ** ******* ** employees. *** **** ******, consider ************ '******* ****' doors ** ******** ********* with ******* *** ******** systems ** ******** ********* and ******* ***** ************** paths *** ******* ******.
  • Malicious ******: Preventing untrusted or dangerous people from entering an area is often the primary goal of access control. Often, readers and locks alone are not enough to mitigate this risk despite the occurrence being minor. To properly prevent undetected entry, often additional engineering controls like sensors, analytics, or even turnstiles are needed.

Tailgating *********

*** **** ** ********** is ********** *** ****** every ****** ********** ******** is **********. ***********, * host ** *********** ******** are ********* ** ****** the *******. ** *** section ***** ** **** a **** ** *** major *****:

  • '**** ****' ******
  • **********/********* *****
  • ********/********
  • ************ *********/*********
  • ******* & *********

'Hold ****' ******

**** ****** ******* ******* have *** ******* ** monitor**** ******** ********- ****** ******** **** check ******* * **** is ****** ** *** - *** *** ** set ** ***** ** a **** ** **** open *** *** ****.

******** ****** ** ***** open ****** **** * few *******, ******* ********** that ******** ****** *** able ** **** ******* a '**** ****' ****. However, ***** **** ** a ***-**** ** **** measure *** ********** **********, it **** ** *** biggest ****** ** ******** alarming **** ***********. ****** a ******** ******** ******** its ****** ******* ******, this ******** ** ****** to ** (********) ********* as ********** *** ***********.

********** ****** ****** ******* cost ******* $*** - $400 ******* **** ****** control ******* *** ** configured ** ***** * local ***** *** ****** beeper *** **** ******** switches ** * '****' configuration *******.

Turnstiles/Revolving *****

** ****** *****, ********** have ***** **** *******, noisy ********** ******* ** sleeker, *****, *************** ****** access ******* ******. **** type ** ********* ********* entry ** * ****** person ** * **** and ********** *** ******* to **** * **** open *** ************ ******.

*** *********** ***** ***** provides ** ******* ** an '****** *********' ******** to ******** ****** **** an ******** *****, *** features '**********' *********:

** ******* **** ********** unit ** ******* **** ********* (*****)****.

*** **** ** ********** and ********* ***** *** range **** $*,*** ** $25,000+ *** *** ********** core ****** ********, *** retrofitted *************. *** ****, see ************* *****.

Mantraps/ ********

***** ************* *** ********* that ******* *** **** of ********** *****. ******* sized **** ***** ****** for *** ********, *** doors *** ********** ** open *** *** ** a ****.

**** ***** *** ******** set ****** ** ****** until *** ******** *** has **** ****** *** is ******. ******* *** physical ***** ****** * mantrap ** *****, **** one ****** *** **** read ** ********* ******* the *****.

***** ************* **** * variety ** ********* **** beyond ********; ** **** cases, *** ******** ** airlocks ** ********* '***** room' ************ **** ******* contamination, ** **** *** used ** ********** *********** for **********. ***** ************* are *********, ***** ******* $10,000 ** ****, *** because **** *** ******** sets ** ***** *** have ***** ******** **********, they *** ***** *** most ****** ****-********** ********.

*** ****, *** ********* ******* ******** *****.

Piggybacking *********/*********

**** ******, ******* ***** in ******* **** ** the ***** ** * door, ** * ***** mat, ** ****** ********-****** surveillance *******, *** ********** to ****** ********** ******** through ** *******. *** movement ******* ** * single ********** ** ******** against *** ****** ******** measured ** ** *********** into ** *******.

** ******* *** *****-***** sensor ******-********** *******: ************ ******* ******** ***** of **** ******** * door:

*** ******* ** *** door-based ********* ******** **** in *** ***** ***** below:

** **** ****** * video ****** *** ******** that ******* ****** **** overhead ** ******* ******** ********* ****.

*** **** ** ***** solutions **** *** ********* range **** ~$*** *** a ****** ******** (**** camera), ** $*,***+ *** a ****** **** ********* mat ** '***** *******' sensor.

Anti-Tailgating ********* ******

***** ********* ******, *** 'best' ****** ** * tough ****** ** ******.

**** ******** ******** ***** with ********** ****** **** on ******** ************ *** signage ** ****** ********** holders ***** *** *****. Lacking *** ******* ** organizational **** ** ********* the *****, *** ************* (and ********** *****) ** tailgating ******.

** **** *****, ****** more **** ***** *** vigilance *** ********* ** deal **** *** *****, but **** *** ** used ** **** ******:

** ***** ***** ***** tailgating **** ** *********, the *** ** ********** and ******* ** ******. However, *** ** *** cost ** ***** *********, many *** ***** **** them *** ********* *** instead *** *** **** costly (*** ****-*********) ******* like ********* ********* ** Video *********.

Comments (11)

Jeremy Ellis

10/31/19 03:45pm

**** **** **** ** only ********* *****.

Avatar

Brian Rhodes

IPVMU Certified | In reply to Jeremy Ellis | 10/31/19 04:16pm

* ******** ***********-************* **** ******* *********** from ***** ******, *** multiple ****** ******** ******* an ****** ****.

Shannon Davis

TED Systems | 10/31/19 10:44am

*** **** *** ** prevent ********** ** ** access ********** ***********, *** the ********* ****, ** to *** ***** ****** the ******. ** *** employee *****'* **** **** the ********* **** ***** point, *** *** ********* area, **** *** ****** can ** ***** ** not ***** ***** **** the **** ****, *** interior ****, ***** ****** the ******** ** ****** protocol ******. *** ***% effective ****** *** ******** good ****** *** ******* up ***** ** ***** can *** ********** ******* in * ***** ******. This *******, *****'* **** with ******* ****** ** who ** *** **** to *********** ** ****** to *** **** *** does **** **** ****** sure ********* **** **** the ******** ** ****** can ** ******* *** reporting ********.

* **** **** **** help **** *** ***** of ******* ************ ******* from ******** *** ******** by ********** ** ***** in * ****** ******* because *** ***'* ****** know *** ** ** employee *** *** ** not *** **** *** are **** ****** ** hold *** **** **** for ******* ****.

***** *** **** ***** but **** ****.

Undisclosed #1

In reply to Shannon Davis | 10/31/19 05:34pm

*** **** *** ** prevent ********** ** ** access ********** ***********, *** the ********* ****, ** to *** ***** ****** the ******. ** *** employee *****'* **** **** the ********* **** ***** point, *** *** ********* area, **** *** ****** can ** ***** ** not ***** ***** **** the **** ****, *** interior ****, ***** ****** the ******** ** ****** protocol ******. *** ***% effective ****** *** ******** good ****** *** ******* up ***** ** ***** can *** ********** ******* in * ***** ******.

***** ** *** ******* else ******** **** ********. Unfortunately ** ********: ******** spaces ********** **** **** tailgating ***********. **** ** often *** ** ********* leaving ***** ****** ** their *****, ** ******** with ***** ********* ********* where **** *** **** member **** ***** **********. While *** *** **** a ******* *** ********* main ********, *** ********** do *** **** ***** near *** ******** *****.

Undisclosed #1

10/31/19 06:57pm

***********, * **** ****** with * ********* ******** team **** ********* ** resolve ********** ******* *******, and * **** ***** of **************. **** *** driven ******* ******** ********** by *** ******** ****: Monitoring **** ********* **********, holding ********* *********** ** they *** ******* **** in, *** ******** *********** people ** *** ******** who *** *** *** a ****.

*** ***** ******** ****** the ******* **** *** high, ** **** *** using ********** ** *****, staffing ** *****, *** used *** ***** ******** most ******** ***** ****.

*** ******* ** ************** took ***** * ***** until ** *** ********* stopping *********, ****** **** to ***** ***** *****. A ****-****** ******, ***** Security *** *** ******* out ****** ******** ********* for ***** *********. *** it ***** **?

** ******* ***** ** for ******** ***** **** critical ************** ****** ****** the **** ****.

*** **** *** ** address **** ** ******* that ******* ** *******, and **********. *** **** analytics ** *** ***** are ******* ** *** don't **** ******* *** engagement. **** ****, *** MUST ************ ******** ** that ********** ** **********.

Avatar

Carter Maslan

Camio | In reply to Undisclosed #1 | 11/02/19 09:17pm

*********** #*, *** * talk **** *** *** 10 *******?

*'* ****** ********** ******** more ***** *** ********* of **** *******. *'*******@*****.****** **** ******* * quick ***** **** ** your ******** ** ** with ***?

Undisclosed End User #2

10/31/19 10:32pm

** **** ****** ***, put ** **** **** Tourlock ******** ******* ** all ********* ***** ****** and ****** *****. *** person ** * **** with ****** **********, *** a *** ********* *** it ****** *** *******.

Undisclosed Manufacturer #3

11/01/19 05:11am

*** ***** ***** **** dFlow ****'* *******, *** you ****** *** ****** walking ******* ** ******* open ***** **** *********. Not *** **** ******* I ****, ***** ** be ****** ***** ****'* work **** *** *** marketing ********!

**** ****** ***** *** have ******** ******* *** and ****** *** ******* some ******** ************ ***** they *** ****** * break ** *** ****** and ** ***** ** alarm *****. *** **** find *** ****** *** this **** ** ********* is ***** **** **** so *** ******* *** have * *********** ******** apart.

**** ***** ****, ********* times *'** **** ****** hopping ******** ********** **** one ******, ***** ** their ***** **** **** issues. ** ** ***** nobody ** ***** ****.

Undisclosed #4

11/02/19 03:34am

'**********', **** ****** '************'...

************ ** *** ***-*********, consensual **** ** **********, imho.

Undisclosed End User #5

11/03/19 08:07pm

******* ***** ** *** at *** ********, ******* tailgating, ** *** **** wind! *** ** *** layout ** *** **************, an ******** ****** ** 15 *** ** *******, and ******** **% ** our ***** **** *** stuck ****, **** *** auto-closers ****** ** ******** the *** ******** ***********.

** **** ** **** signage ** *** ** these ***** ******* *** employees ** **** *** doors ****** ****** ****! Can *** ******* ***** told, ***** ******* **, that *** **** **** turn ******, **** **** door *** **** ** closed ****** ***? *** can ******* *** **** that ***** ***.

** ******* ****** ******* doesn't **** *** ** our ***** ****, *******, they **** ****** **** such ********, *** ****** the ****** ******** ** start ******* **** ****** like *** ***** ** the *** ** *** Poltergeist *****.

Robert Winslow

11/04/19 03:03pm

* ******* * "******" facility ** *******. **** employ **** ********** *** Man-Traps ** ********* *********. They *** ********** * nuisance ** *** ********* who ** ********** ******** to ********** ****, ********** when **** **** ********* their ********** *** **** it ****. * **** even **** *** ****** cramped **** *** "****" of * ********* **** both ****** "*********" *******. It *** ** * real ****** ** ******* is ************* ****** ** a ***** ***** ** other ******* ******.

********** ******* ** ****** the *****. *** *** only ******* *** ******** the ******** *****. ** is **** ***** ************** to ****** ** ** used ********!

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

Door Operators Access Control Tutorial on Apr 17, 2019
Doors equipped with door operators, specialty devices that automate opening and closing, tend to be quite complex. The mechanisms needed to...
Access Control Turnstiles Guide on Jan 28, 2019
Turnstiles control pedestrian access to secured areas, essentially becoming moving portions of fences, walls, or barricades for physically stop...
Door Closers Access Control Tutorial on May 02, 2019
Door Closers have an important job: automatically shut doors when they are opened, because an open door cannot control access. In this note, we...
Access Control Request to Exit (RTE) Tutorial on May 13, 2019
For access controlled doors, especially those with maglocks, 'Request to Exit', or 'RTE' devices are required to override electrified locks to...
Access Control Mantraps Guide on Sep 26, 2019
One of access's primary goals is keeping people out of places they should not be, but slipping through open doors (ie: Tailgating) is often...
Fail Safe vs. Fail Secure Tutorial on Oct 02, 2019
Few terms carry greater importance in access control than 'fail safe' and 'fail secure'. Access control professionals must know how these...
Securing Access Control Installations Tutorial on Oct 17, 2019
The physical security of access control components is critical to ensuring that a facility is truly secure. Otherwise, the entire system can be...
Lock Status Monitoring Tutorial on Oct 28, 2019
Just because access doors are closed does not mean they are locked. Unless access systems are using lock status monitoring, the doors and areas...
Propped Doors Access Control Tutorial on Jan 07, 2020
Doors should keep 'bad guys' out, but a common access control problem is people propping doors open, preventing them from being secure. Even...
Low-Tech Access Control: Master Keying Explained on Jan 09, 2020
Mechanical keys are one of the most fundamental forms of access control. 'Master Keying' can allow individually different credential keys to...

Most Recent Industry Reports

Dahua CEO Is Out on Feb 28, 2020
Dahua CEO Li Ke has resigned less than 3 years after he was brought in from Huawei to professionalize management. Inside this note, we examine...
Hazardous & Explosion Proof Access Control Tutorial on Feb 27, 2020
Controlling access to hazardous environments requires equipment meeting specific ratings that certify they will not start fires or will not...
Motorola / Avigilon Drops ISC West on Feb 26, 2020
Motorola Solutions has pulled out of ISC West 2020 effective immediately, because of coronavirus concerns, IPVM has learned. This is done amidst...
Cancel or Not? Industry Split Over ISC West on Feb 26, 2020
The industry is split, polarized, over whether ISC West 2020 should run or be canceled. New IPVM survey results of 400+ respondents show heated...
Coronavirus Hits Sony, Bosch Says Switch on Feb 26, 2020
Sony's fall in video surveillance has been severe over the past decade. Now, they may be done. In this note, we examine Bosch's new...
Video Surveillance Cameras 101 on Feb 25, 2020
Cameras come in many shapes, sizes and specifications. This 101 examines the basics of cameras and features used in 2020. In this report, we...
Favorite Video Analytic Manufacturers 2020 on Feb 25, 2020
Video analytics is now as hot as ever, driven by the excitement of advancing deep learning offers. But what are actually integrator's...
Latest London Police Facial Recognition Suffers Serious Issues on Feb 24, 2020
On February 20, IPVM visited another live face rec deployment by London police, but this time the system was thwarted by technical problems and...
Masks Cause Major Facial Recognition Problems on Feb 24, 2020
Coronavirus is spurring an increase in the use of medical masks, which new IPVM test results show cause major problems for facial recognition...
Every VMS Will Become a VSaaS on Feb 21, 2020
VMS is ending. Soon every VMS will be a VSaaS. Competitive dynamics will be redrawn. What does this mean? VMS Historically...

What IPVM Is

The world's leading authority on video surveillance, with 200,000+ visits monthly.

  • Articles on cameras, video analytics, VMS, and trends
  • Tests showing actual performance and problems
  • Courses in surveillance, access control, etc
  • Camera Calculator for designing systems

Dedicated To Independence

We're dedicated to staying independent and objective. We're the only industry source to refuse any and all advertisements, sponsorship, and consulting from manufacturers. Why?