Guest Article: Unlocking cross-divisional impact of a Visitor Management System

June 24, 2020

The first time I faced a VMS implementation was almost 15 years ago.  I was asked to implement a visitor tracking system at a top tier pharmaceutical company.  Looking back, I realize this was your grandpa’s visitor management system, a point solution replacement of a log book, not the platforms we’re dealing with today. Admittedly, I did not realize the value of this type of system when I set out to standardize on an enterprise grade visitor management system 13 years later. What I learned is that visitor management systems have the capacity to impact multiple divisions within the organization and they put a spotlight on a security leader - when implemented well will make you look good.

As a security professional, my focus has always been on assessing risk and applying countermeasures commensurate with the tolerance of the leadership.  This includes risk to the employees, facilities, management, and overall business continuity of the organization.  Visitors had introduced a certain level of risk, but were never the focal point of my program, not by a long shot.. until now.

In order to see the value of a visitor management system, let’s think about all of the interactions involved in someone coming to the office. First, the visit starts with a need or an invitation from a specific department.  Then there are visit logistics from getting on-site, to signing in and meeting the host through the departure and afterwards. Let’s take a count of which departments have the most visitors: HR is doing on-site interviews, facilities have contractors and vendors delivering essential services, sales or executives can have clients, partners or investors coming for meetings. All of them have a stake in the on-site experience.  There is also a compliance and security aspect.

One critical department typically involved in this process is Information Technology (IT). They are tasked with ensuring security of captured data and adherence to corporate standards for any technology implementation.  They might even be impressed to see you contemplating a system with SOC 2 certification.

Like other software purchases, it helps to bring IT to the table as early as possible when we are talking about purchasing security software. From Wifi provisioning, to SSO requirements to system integration capabilities, getting IT on-board early on helps align the vision of the visitor management initiative to the corporate technology goals and make it a part of the core corporate infrastructure.  

Compliance is another department which has a vested interest in visitor management we can easily bring on board in such a project.  Many regulatory authorities have controls associated with visitor identification, sign-in and data processing.  Some require not only positive identification matching of all incoming visitors but usually even vetting against third party watch lists compliant with ITAR and other embargoed lists.  They require information about citizenship even.  In some cases there are contractor compliance programs that a certain demographic needs to go through. What happens if those requirements are not met, or if the audit shows non-compliance? There are potential fees and extensive manual data gathering that a visitor management system automates and enforces compliance standards.

Environmental, Health, and Safety departments generally have a significant interest in who is coming to the workplace from a training and safety best practices perspective.  It's always important to bring them to the discussion and show them how you can make their lives easier when it comes to conducting, recording, and auditing training records.  Such a system of today allows you to inject safety videos, safety posters, evacuation maps, and even signatures for acknowledgements of these rules.  They allow you to keep a record of everyone who has attended, and even allow them to skip past it if they’ve already attended the training until the point at which it expires and they need to do it again.  From an emergency evacuation standpoint you can easily generate a list of everyone who is in the building from a visitor perspective and even send communications to them of the evacuation or keep accountability of them outside.

Human Resources (HR) brings in many candidates for hire and new employees on a regular basis.  The entire experience from the time they arrive to the time they depart is critical in being able to attract the right talent to the company.  That process is different for various geographies, location types  and teams   You can capture certain information needed in the hiring process.  You can show a motivational company video as well. Integrating sign-in information into systems like Salesforce or exporting lists  for quick and easy follow up is another way you can show value to your HR department through VMS.  Sometimes just having a company branded and personalized check-in process goes a long way to help your company stand out from the rest.

There are quite a few other departments which might have interest in your project such as legal where you can have NDAs and other essential documents signed electronically during the check-in process. These NDAs are usually specific to locations and the types of visits - job applicants and customers will sign NDAs, contractors might need health and safety waivers, contractors can sign specific SLAs and employees might have to sign health screening forms before they are allowed on-site.

Facilities, from a workplace planning perspective, and Communications will require a fully branded look and feel of your check-in app.  They will need a fast and efficient sign-in experience that eliminates crowds and line-ups and in light of the current safety risks might require a touchless or contactless process that minimizes the risks of disease transmission.

Ushering in the latest in security controls

Let’s switch gears to security for a moment and just discuss how this new era of visitor management can help ensure safe and secure on-site experience.

Most of the beauty in this type of system is in its flexibility.  It is critical that the system is able to meet your unique use case and integrate with your tech ecosystem. The days of your expected visitors just sitting in a queue to be checked in are gone.  Today, you can invite your guests who will receive an email specific to your company’s visit requirements.  This could be a reinforcement of the security protocols on site, where to go to check in when they arrive, a map of the facility or city.  You can even ask questions and get answers to things necessary for your business or require completing a  safety briefing before they arrive.

Behind the scenes, while your guests are registering, the watch lists are being scrubbed which includes everything from your internal security watch lists to the external watch lists you subscribe to such as most wanted, sanctioned lists, and others.  Having the ability to not only add guests to a watch list but gain approval or notify security teams are core components of the system.  Through universal connectors, you’re able to connect this system to any other security system that is open enough for integration.  At that point the possibilities are endless which, of course, all equates back to making the most informed decisions to mitigate risk to the workplace.

The fun part is, this is just the beginning.  The stakeholder divisions I’ve discussed gain the immediate benefits of automating visitor data gathering and response actions. Once you’ve built a system of record for anyone coming on site, the possibilities are truly endless. The data can be analyzed to help facilities optimize security personnel staffing, HR track the success of on-site interviews, procurement manage vendors across locations, facilities screen against health and safety requirements, I can go on and on.   Hopefully you’ve gotten a good idea of some of the use cases for the visitor management system and every time I talk to my peers, I find another unique use case. Today we can build a more dynamic approach to on-site safety and even update that approach in real time as our risk profile changes day to day. Every security professional had definitely gone through that drill as we’ve navigated the COVID-19 timeline while keeping our employees safe all over the world. Leveraging visitor and now even employee management  systems and bringing together all of these stakeholders will position you to have a positive impact across the entire organization, elevating your impact to the C-level priorities of business continuity and employee safety.

About the Author

Brian Phillips is a veteran physical security executive with expertise spanning multiple global roles for Fortune 500 companies. Currently, he holds the role of Director of Global Security Strategy at Traction Guest.  Previously, Brian has served as the Director of Global Security at Thermo Fisher Scientific, scaling technologies and building teams enterprise-wide along with Alexion and Pfizer.

Brian has deep expertise in technology from visitor management to access control, mass notification and intelligence platforms. Driving innovation, his utmost passion is improving legacy security processes through the use of technology, solving complex data, security and compliance challenges across the enterprise.

Brian holds a degree in Security Management and industry certifications such as Certified Protection Professional (CPP), Physical Security Professional (PSP), and Certified Information Systems Security Professional (CISSP).

Brian Phillips

Lee Odess

I've worked as an Entrepreneur and an Integrator (founded E+L+C), for a multinational billion dollar manufacturer in the lock and access control industry (Allegion), as an Executive of a start-up who pioneered the IoT/smart lock/smart physical access control industry (UniKey), and as an Executive with the first cloud based physical access control manufacturer (Brivo). I put all those years together to form a Growth Studio focused on business creation in the CRETech, proptech and smart home markets for small to large companies in the security, access control and IoT industry.

Labeled as an uber-networker by the Washington Post, Lee Odess has over 18 years starting, building and leading businesses with an exceptional track record for sales growth and marketing effectiveness.

Related Posts

Stay in Touch