Our latest feature update is a great example of this. Hosted employees gives you tighter control over global roamers. 

Employee security – Global roamers

Global roamers are employees who have access to multiple locations within an organization. Imagine a regional manager, who often travels between sites for meetings. 

With global roamer status, employees are able to come and go between locations as they please. For many sites, this may not be an issue. But when it comes to tighter security restrictions or special safety requirements, how can you ensure you’re notified of a visiting employee? 

Employee access comes with security risks

According to the 2019 Global Data Risk Report, employee access to data is leaving companies at risk. 55% of companies had over 1,000 sensitive files open to every employee. Across the whole data set, 22% of all files were exposed to all employees. 

When employees have access to sensitive data beyond that required for their role, you leave your organization vulnerable to leaks and data breaches.

This isn’t just a digital problem. By giving location access to employees from different teams, we are exposing our physical data too – whiteboards marked with the monthly stats, print outs left at reception, conversations overheard in the hallway… 

So how can we tighten up employee security between teams to ensure employees are only able to access the areas and information they need? 

Hosted employees

In the visitor management context, we’re all fairly familiar with the idea of hosting a visitor. We wouldn’t allow visitors to enter a facility unaccompanied and without record, so the process tends to follow similar steps. For example, using WhosOnLocation: 

1. A visit can be pre-registered by sending the visitor a calendar invite. 
2. This can be automatically followed up with a WolPass email, including a map, directions, car park instructions, the nearest cafe… and any other customizable information required. 
3. Once the visitor arrives, they sign in (usually at the kiosk) and select their ‘host’ by searching for the employee’s name. 
4. The host is notified and greets the visitor. 

Our latest update applies the same steps to visiting employees, for greater control and oversight of who’s on-site. 

These settings can also be set to ‘required’ so a visiting employee must select a colleague from that location to host them. 

Benefits of assigning a host

By assigning a visiting employee a host, you ensure someone in your facility is aware they’ve arrived on-site. If they aren’t permitted on-site, you have a record of their sign-in attempt and can alert security.

If they are permitted on-site, the host will receive a notification detailing the entrance they’ve arrived through, so they can be on hand to greet the visiting employee and escort them between meetings. This ensures they are only visiting areas of the facility they are permitted to access. 

Finally, by automating this host arrival notification, you also free up busy receptionists. Your front of house team no longer needs to contact meeting attendees on the visiting employer’s behalf. 

Ready to get started?

All of the features mentioned are available today and included in your WhosOnLocation subscription. Visit our Help Center for more information on enabling hosted employees to tighten your employee security today.

New to WhosOnlocation?

Get started with a FREE 30 day trial today. No credit card required. 

The invention of barcodes provided a solution to this problem. Yet as the use of barcodes spread their limitations became clear. The biggest was that barcode can only hold 20 alphanumeric characters of information. The QR code could not only hold more information, but it could also be read more than 10 times faster. The QR code was first used in the auto industry and contributed to efficiencies across a wide range of tasks from product to shipping. 

Those who developed the QR code were unsure if it would gain market traction (little did they know). It is hard to find much information about the QR code until the early 2000s. At this time it became used in Japan for things like opening subway gates and banking. 

It’s everywhere

Since the early 2000’s the use of QR codes has grown. Not only amongst the Japanese public but globally. First taking off as a marketing tool now QR codes are now part of our daily lives, used for many things. Here’s a few examples:

• electronic ticketing 
• flight check-in 
• food tracing 
• joining a wifi network
• loyalty programs
• coupons

Keeping us safe in 2020

Many years have passed since the QR code was first invented. The COVID-19 pandemic has challenged us this year, with a greater focus on tracking our own movement. This extends to organizations and the need to be able to track who is entering their locations. QR codes are a simple and easy way to keep us safe.

People presence & QR codes

Using QR codes within WhosOnLocation is not new, we’ve offered  them as an alternative way to sign in for many years. Recently, we’ve made some enhancements to our features incorporating the use of QR codes. Making them simple and easy to use. Including:

• WolMobile is our most innovative mobile app. Employees and Service Providers can use the inbuilt QR code to sign in/out as an alternative or replacement for an ID card. 
• Our touchless kiosk removes the need to touch your kiosk creating an easy and touch free sign in and out experience.  
• Print QR codes on the back of your visitor badges for easy access into and around your organization. 
• A WolPass can be sent to pre-registered guests with details of the meeting, it also includes a QR code that can be scanned on arrival for ease of signing in. 

Does this mean the humble QR code is now the sweetheart of this pandemic, tech, and our day-to-day lives?  

For some companies, particularly smaller ones, this can be a major cost since a second location isn’t always readily available. Managing all that storage locally can stretch resources thin. Having cloud-hosted storage for your valuable data incorporates the disaster recovery into the overall storage strategy. That data is safely managed and backed up in such a way that it is retrievable even following a catastrophic event like a fire that takes out all computer hardware on site.

Cloud Tech and Site Security

Site security is the kind of application for which cloud apps have real potential.

Camera feeds and other surveillance data can be streamed to the cloud non-stop. Live “punch in/punch out” data can show accurate numbers and the identities of workers on site. Other live data can also be continuously recorded.

Being able to track and manipulate this kind of information has various wide-reaching implications from schedule management to emergency response.

Real-Time Data Analysis

Collecting data is only part of the picture,. The information has little practical value unless it’s also analyzed. Cloud systems allow for that to happen in real time without the need for ongoing human input.

Systems that do the data collection can generate real-time analytics for managing sites with no lag time and reduced local administrative requirements. A mountain of information can be collected and autonomously curated with simple programs to generate accurate, real-time reporting and statistics.

Human error is largely removed from the process, which is important because the integrity of that information may be critical later for investigation or continuous improvement activities.

Accessibility and Convenience

Once data is collected and organized, security personnel can capture and oversee information from a central terminal. In fact, the storage in the cloud means this data can be accessed from any terminal with the right log in credentials.

Site supervisors or management could have the capacity to view a dashboard from a smartphone, tablet, or any device with access to the internet, whether they are present on site or not. This gives supervisors the ability to monitor multiple sites remotely in a way that wouldn’t be possible with locally hosted data.

Cloud apps and services offer device and location independence when accessing files and media. The days of a file residing on a hard drive in a computer in one static location are nearing an end. Now, the file’s location is distributed, and access to the computing and storage power is leased rather than owned, so in a sense the management of IT infrastructure is at least partially outsourced. Your data is in the hands of specialized companies with IT professionals at the helm, and the cost of infrastructure can be dramatically reduced.

Protecting Cloud-Based Data

Cloud computing may be an incredible innovation, but it’s not without its controversies. Privacy problems make tantalizing headlines, and despite the fact that we interact with cloud systems every day, some people only really know them from scary stories.

In reality, these systems are far more secure than their technological predecessors, but device independence can be a double-edged sword. While it provides convenience, there is also the potential for third-party interference. We’ve all heard about celebrities getting photos stolen, companies losing client information, and other frightening cautionary tales about “the cloud.”

While the catch-all term “hacked” is often used in describing those events, the reality tends to be variations on “social engineering.” Basically, ne’er-do-wells manipulate people into giving up usernames and passwords so that they can gain access to secured files. They don’t corrupt the technology itself but engage the weak spot – the user.

The solution is in better cloud security education strategies for workers and awareness of safeguarding passwords, identifying malicious activity. and ensuring the integrity of the systems.

Conclusion

The safety and security industries can be slow to accept changes to established methods, because failure in any system can result in serious consequences. Managing these two functions needs a little extra caution to make sure people, equipment, materials, and the environment are properly protected. However, we can’t overlook cloud technology’s potential for improving performance.

Perhaps we can strike a balance by approaching this new wave of technology with some caution while still embracing its tremendous potential.

Get Started Today! 

These features are all included within your current WhosOnLocation subscription, regardless of your plan.

In 2016, OSHA conducted 31,948 total inspections. This seems like a significant number, but considering OSHA has jurisdiction over approximately 7 million worksites, you soon realize the odds of having an inspection at your worksite is relatively low. But what if it was you? Do you have systems in place good enough to pass the surprise audit that could be at any given time? 

While the likelihood of an OSHA inspection is low for most businesses, being aware of what happens during an OSHA inspection, and preparing for it, will help you have a safer workplace and could mean the difference between a pass or failed result. 

Who is subject to an OSHA audit? 

Apart from workplaces with ten employees, every other organization has the possibility of being audited. OSHA has both unprogrammed and programmed inspections. Unprogrammed inspections include employee complaints, injuries/fatalities, and referrals whereas programmed inspections focus OSHA’s enforcement resources towards the industries and employers where known hazards exist and are prioritized in the following order: 

1. Imminent danger situations — hazards that could cause death or serious physical harm receive top priority. Compliance officers will ask employers to correct these hazards immediately or remove endangered employees. 
2. Severe injuries and illnesses — employers must report: 

• All work-related fatalities within 8 hours. 
• All work-related inpatient hospitalizations, amputations, or losses of an eye within 24 hours. 

1. Worker Complaints — allegations of hazards or violations also receive a high priority. Employees may request anonymity when they file complaints. 
2. Referrals of hazards from other federal, state, or local agencies, individuals, organizations, or the media receive consideration for inspection. 
3. Targeted inspections — inspections aimed at specific high-hazard industries or individual workplaces that have experienced high rates of injuries and illnesses also receive priority. 
4. Follow-up inspections — checks for abatement of violations cited during previous inspections are also conducted by the agency in certain circumstances.

Do you get notice of an inspection?

Usually, OSHA conducts inspections without advance notice. Employers do have the right to require compliance officers to obtain an inspection warrant before entering the worksite, however, this isn’t a good idea as it could trigger a stricter audit (and raise possible red flags). It’s wiser to give them a good first impression and work with the inspector as much as possible by answering questions honestly (without offering any additional information).   

What happens if you fail an inspection?

If an inspector finds violations of OSHA standards or serious hazards, OSHA can issue citations and fines. Violations are categorized as:

• de minimis 
• other-than-serious 
• serious 
• willful
• repeated 
• failure to abate

The citations describe OSHA requirements allegedly violated, list any proposed penalties, and give a deadline for correcting the alleged hazards.

In settling a penalty, OSHA has a policy of reducing penalties for small employers and those acting in good faith. For serious violations, OSHA may also reduce the proposed penalty based on the gravity of the alleged violation. Alleged willful violations will not have any good faith adjustments.

How do you prepare for an OSHA audit?

The biggest mistake organizations make when they are hit with a surprise audit is that they are not prepared. It seems extremely obvious, but preparing for an audit is often put on the back burner as there are no deadlines; therefore, it is not a priority. 

Instead of putting preparing for an audit in the too hard basket, be proactive, and use an application like WhosOnLocation that will save you time and money in the long-term. WhosOnLocation stores all data electronically; therefore, you will be able to search, sort, analyze, and retrieve data easily and quickly, perfect for an audit situation.

Employers are required by OSHA to perform hazard assessments and safety training for each type of job performed in the workplace. Employers need to make sure that their employees have completed their required training as well as keeping them entirely up to date on what hazards exist for each job and how they plan to reduce those hazards. 

Paper-based systems make this difficult as they are easily lost, hard to update, and even wasteful. Instead, whenever there’s an updated process, or a new hazard or regulation, you can use WhosOnLocation to update the changes electronically and can then be easily distributed out to employees at induction. You can also put employees, contractors and visitors through safety training at sign in and /or induction that asks them to accept that they have completed this training before they are allowed on site. 

To show the auditor you have been following the correct steps, you must keep careful records. WhosOnLocation reports will give you access to information on almost everything you need, including training records, worker compensation files, insurance, and third-party audits, to name just a few data points. You’ll be able to access information during an audit easily.

Whether you’re part of a high-risk or a low-risk industry, there is still a chance you could receive a surprise audit, so you need to make sure you are prepared at all times. There’s no better way to put your mind at ease than to know you’re on top of everything. 

A variety of apps offer an easy solution for keeping tabs on lone workers. For example, WhosOnLocation includes features like mobile sign-in, GPS geolocation and lone worker reporting. If you’re interested in finding the right app for your workers, take a look at our guide here.

3. Centralise your contractors’ documentation

Keeping track of when a contractor’s insurances, qualifications or induction processes need updating can be difficult in any organization. With WhosOnLocation, you can grant your contractors access to the Service Provider Portal, so they can fill in their own details. You’ll also receive notifications when their documentation needs renewing, so you know you’ll always be on top of contractor safety. Even better – these automated updates will save you some time, too. 

4. Use Photo ID Scanning to verify a visitor’s identity

[vc_row][vc_column][vc_single_image image=”9190″ img_size=”full” alignment=”center”][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]In high security organizations, just signing a visitor in using their name might not be enough. With WolScan, you can add an extra layer of security to the sign-in process by capturing the information from your visitor, contractor or employee’s ID card.

Not only does this allow the host to better verify the identity of those coming into the facility, it also makes sign-in a lot faster!

5. Make safety inductions more engaging with interactive training

The OSHA rules and regulations can be a stiff read, so it’s important to make your safety inductions as interesting as possible. We recommend using engaging formats – whether that’s induction videos, tasks or even interactive training modules.

One option is to use WhosOnLocation to create an eLearning Induction Course. You can even set restrictions using triggers, so anyone who’s failed to complete the course is unable to enter the organization.

6. Get your evacuations running like clockwork with collaborative, cloud-based apps

OSHA warns that workplace emergencies are often more common than people think, so it’s important to have a robust evacuation plan in place.

Employers need to be able to account for everyone on site quickly and easily during an evacuation to minimise risk. This can be tricky, especially if your employees and visitors are working across a multi-zoned or multi-level site.

By using a cloud-based evacuation app, you’ll be able to work collaboratively with other floor wardens or safety marshals to verify the safety of everyone on-site.[/vc_column_text][/vc_column][/vc_row]

Nowadays, there’s an app for everything. Unless you do all your business on ledger paper and an abacus, it’s likely you know the constant pain of needing a new digital solution for this or that.

If you’ve noticed this, you might have noticed another interesting trend – the integration of everything. Look at solutions like Zapier or Station, apps with the primary function of connecting other apps.

This concept is going physical too. Or rather, what’s physical is going digital; we’re calling it the internet of things. The connectivity between machines, all integrated into one intelligent network. A network that’s expected to have more than 30 billion connected devices by 2020.

But where does this all fit in the safety and security landscape?

A growing need for safer, more secure buildings.

The global smart building market is expected to grow 34% between 2016 and 2024 – from a value of $5,800 million USD to $61,000 million USD. (Source: Zion Market Research).

Smart buildings have many benefits, from occupant comfort to reducing energy consumption. But perhaps the most important benefits to increasingly connected systems within our buildings are the advances in safety and physical security.

According to industry experts’ insights shared in the report, “intelligent security systems will be offering services that will be utilizing the latest technologies thus providing enhanced reliability.”

These systems will be embedded in the network of the building, expanding functionality and better protecting people and assets. An example of this in action is the integration of people presence management systems with physical access control.

Related: WhosOnLocation + Brivo: Visitor registration meets access control

What is ‘people presence management’?

People presence management is a centralized system that encompasses the management of visitors, contractors, employees or incidents on-site. Visitor management is one component of people presence management software or cloud applications.

People presence management systems offer much more comprehensive safety and security features than its components can as standalone solutions. All in one system, you can run inductions, send live hazard awareness notifications, track and monitor lone workers and perform evacuations on a smartphone or tablet.

When integrated with an access control solution, the result is a powerful system suited to organizations with complex safety and security needs.

Related: Why choose People Presence Management over Visitor Management?

Keep your facility safe and secure.

Visitor management, in some form, is accepted as a must-have in many industries. But tracking people who sign in and out is only one part of keeping a site safe and secure.

To ensure your workplace supports the safety and security of all employees, contractors and visitors, there is much more to consider, for example:

• Hazard awareness, and safety training and/or site inductions where relevant
• Qualification and permissions management, in particular for facilities with zones that require security clearance or additional safety training
• Incident management, including things such as chemical spill protocol, live site hazard updates, or evacuations
• The safety of people working alone, in isolated areas or after hours
• The safety of people working off-site
• Regular reporting of key safety and security metrics

The purpose of using a people presence management system is being able to centralize these functions, so that you can monitor them all in one place.

You can even set up alerts to notify you when something needs attention, for example if a lone worker has exceeded their expected duration in a freezer zone, or if a contractor has tried to enter a zone without the relevant safety training.

Related: Employing a Lone Worker? Here are 10 apps that have got your back

Protect data, beyond cybersecurity.

An organization’s security is only as strong as its weakest link. A smart manufacturing facility might have ground-breaking cyber-security measures in place to protect confidential project information – but then use a paper-based sign-in sheet to check in visitors.

Any company serious about protecting their data needs to consider implementing a physical security system with zone access control above and beyond cybersecurity measures.

What does this look like? A people presence management system allows inter-zone kiosks to be set up at zone entry points, for example, the door to a server room. The system integrates with an access control system, and will only unlock the door if the person has the relevant permissions. If they don’t, security personnel will be notified that an unauthorized person tried to enter the server room.

Related: Security: Reduce the threat of insider attacks

Comply with federal health and safety regulations.

To ensure the safety of every person throughout a facility or work site and meet U.S. regulations, organizations must have information about the identities and whereabouts of all visitors, contractors, and employees on-site.

A people presence management system helps organizations comply with federal health and safety regulations and serves to protect both the employer and the people in its duty of care.

Using a people presence management application, employers have central access to people presence data. This enables them to quickly and easily account for everyone in the event of an emergency. Additionally, floor wardens or emergency marshals can use the mobile evacuation function to track cleared zones, view requests for help, monitor real-time evacuation progress, and more. You can report on all this kind of information (and more) for post-incident reporting as well.

A note on GDPR compliance:
Make sure your solution allows you to be GDPR-compliant if you are processing data of EU residents. In fact, being GDPR-compliant is really best practice even if you’re not.

Related: GDPR: What you need to know

The future of people presence management

Biometric authorization, AI answering visitors’ queries, coffee machines that make visitors a latté while they wait in reception… it’s all part of the future of people presence management. And it’s increasingly a reality with smart buildings already using integrating security systems.

Our vision is for a world where facilities aren’t designed for productivity and streamlined operations, they are designed for the comfort, safety and accessibility of all occupants – from full-time employees to first-time visitors. This is all possible with a people presence management system.

Increased safety, better physical security and more robust compliance are all core benefits of using people presence management. And as an added bonus, it’s likely you’ll notice a huge improvement in visitor experience and first impressions of your brand too.

Try WhosOnLocation at your organization for 30 days.

In a study by PwC this year, it was found that 34% of security incidents are attributed to insiders attacks on information security, including trusted third parties and employees.

This is an alarming rate, and serves to remind us that physical security is just as important as cyber security. In fact, they are often closely linked.

Without a comprehensive and effective physical security plan empowered with visitor and employee management, organizations are at a constant risk from their visitors, contractors and employees accessing and stealing their IP and other sensitive types of data.

It’s important to remember that an internal security breach may not necessarily be by a malicious attacker, but can also be by an uninformed or careless insider. To ensure employees are security-conscious, build up a strong security culture in your organization.

Inadvertent breaches: Foster a strong security culture

Have a set of guidelines for ‘red flag’ activity and a clear protocol for what to do in the event of a security breach.

For example, every employee should know how to spot a phishing email. Phishing attacks are one of the most common methods of targeting business, and are sometimes difficult to identify to the untrained eye. Phishing attacks attempt to steal passwords, credit card details or other sensitive information.

Employees should be hardware-savvy too. Have you ever found a USB flash drive and plugged it into your computer? If so, you potentially opened yourself up to a cyber attack.

Hardware security is just as important as online security; attackers have been known to post malware-infected USB flash drives to targeted businesses, and may even drop them in victims’ buildings or parking lots.

Malicious breaches: Keep track of everyone on-site

Your physical security system should be designed to reduce the threat of both outsider and insider attacks.

Of the two types of attacks, the threat posed by insiders is much more difficult to evaluate and combat. Malicious insider attackers could be passive or active, violent or non-violent. The attack could be spontaneous or it could be premeditated and calculated.

Malicious insiders are likely to be in positions of power or trust, with access to sensitive information, or who are able to abuse their authority or physical access rights – for example, emergency response personnel.

There is no reason for anyone to be able to enter or leave a company and wander the premises without being recorded and tracked, including employees and other insiders.

It’s important to know exactly who’s on-site at all times – particularly if you store sensitive data or operating information at your workplace or facility. If your organization is victim to an insider attack, accurate people presence reports will be invaluable.

Use people presence and visitor management software, like WhosOnLocation, for all visitor, contractor and employee sign-ins. This will enable you to run people presence reports for any given time – i.e. for a window around the time of a security breach, if you know when it occurred.

For more comprehensive people presence management, don’t just track who is on-site but track any key movements around the site too.

Restrict access to all zones and entry/exit points, and integrate these control mechanisms with digital security systems for advanced, real-time tracking and reporting. For extra security, use photo ID cards linked to visitor records so that these can be checked against surveillance footage.

Security and management personnel can keep track of everyone who enters and leaves the facility, control access rights for different areas, as well as standardize access and security procedures across different locations. WhosOnLocation enables staff to view visitor details, assign badges and modify any visitor’s permissions.

Close the gap with WhosOnLocation

It’s no longer enough to have haphazard or incomplete people presence tracking at your site. Visitor management and employee time and attendance software is a staple for security-conscious organizations.

WhosOnLocation is a secure, cloud-based people presence management software that enables organizations to keep a record of all people on-site. Security features include ‘red flag’ alerts that fire when someone on a watchlist enters the site, visitor and employee access card printing, photo identification and real-time reporting.

Try WhosOnLocation for your business free for 30 days.