3 minutes read time
In small organizations, knowing who’s permitted on-site is easy. But what happens when you reach thousands of employees across multiple sites? Bigger businesses carry bigger risks, and tightening up your employee security is an iterative process.
Our latest feature update is a great example of this. Hosted employees gives you tighter control over global roamers.
Global roamers are employees who have access to multiple locations within an organization. Imagine a regional manager, who often travels between sites for meetings.
With global roamer status, employees are able to come and go between locations as they please. For many sites, this may not be an issue. But when it comes to tighter security restrictions or special safety requirements, how can you ensure you’re notified of a visiting employee?
According to the 2019 Global Data Risk Report, employee access to data is leaving companies at risk. 55% of companies had over 1,000 sensitive files open to every employee. Across the whole data set, 22% of all files were exposed to all employees.
When employees have access to sensitive data beyond that required for their role, you leave your organization vulnerable to leaks and data breaches.
This isn’t just a digital problem. By giving location access to employees from different teams, we are exposing our physical data too – whiteboards marked with the monthly stats, print outs left at reception, conversations overheard in the hallway…
So how can we tighten up employee security between teams to ensure employees are only able to access the areas and information they need?
In the visitor management context, we’re all fairly familiar with the idea of hosting a visitor. We wouldn’t allow visitors to enter a facility unaccompanied and without record, so the process tends to follow similar steps. For example, using WhosOnLocation:
Our latest update applies the same steps to visiting employees, for greater control and oversight of who’s on-site.
These settings can also be set to ‘required’ so a visiting employee must select a colleague from that location to host them.
By assigning a visiting employee a host, you ensure someone in your facility is aware they’ve arrived on-site. If they aren’t permitted on-site, you have a record of their sign-in attempt and can alert security.
If they are permitted on-site, the host will receive a notification detailing the entrance they’ve arrived through, so they can be on hand to greet the visiting employee and escort them between meetings. This ensures they are only visiting areas of the facility they are permitted to access.
Finally, by automating this host arrival notification, you also free up busy receptionists. Your front of house team no longer needs to contact meeting attendees on the visiting employer’s behalf.
All of the features mentioned are available today and included in your WhosOnLocation subscription. Visit our Help Center for more information on enabling hosted employees to tighten your employee security today.
Get started with a FREE 30 day trial today. No credit card required.
3 minutes read time
Is the humble QR code now an integral part of our day to day lives?
While we have seen a heightened use of QR codes recently, they are by no means new. They were born out of the barcode which was first developed by Denso Wave, a subsidiary of Toyota, back in the 1960’s. Japan had entered its highest economic growth period which meant cash registers were ringing. As cashiers entered prices manually the boom was starting to cause them injuries such as numbness and carpal tunnel syndrome from the repetitive task.
The invention of barcodes provided a solution to this problem. Yet as the use of barcodes spread their limitations became clear. The biggest was that barcode can only hold 20 alphanumeric characters of information. The QR code could not only hold more information, but it could also be read more than 10 times faster. The QR code was first used in the auto industry and contributed to efficiencies across a wide range of tasks from product to shipping.
Those who developed the QR code were unsure if it would gain market traction (little did they know). It is hard to find much information about the QR code until the early 2000s. At this time it became used in Japan for things like opening subway gates and banking.
Since the early 2000’s the use of QR codes has grown. Not only amongst the Japanese public but globally. First taking off as a marketing tool now QR codes are now part of our daily lives, used for many things. Here’s a few examples:
Many years have passed since the QR code was first invented. The COVID-19 pandemic has challenged us this year, with a greater focus on tracking our own movement. This extends to organizations and the need to be able to track who is entering their locations. QR codes are a simple and easy way to keep us safe.
Using QR codes within WhosOnLocation is not new, we’ve offered them as an alternative way to sign in for many years. Recently, we’ve made some enhancements to our features incorporating the use of QR codes. Making them simple and easy to use. Including:
Does this mean the humble QR code is now the sweetheart of this pandemic, tech, and our day-to-day lives?
6 minutes read time
You’ve probably heard someone say “The files are stored in the cloud.”
And you might have thought “OK, so … Where are they, exactly?”
“The cloud” is a fitting metaphor for a technology that seems to involve mystery, ambiguity and a little bit of magic. At least, that’s the way it seems to the average user.
Most of us know in a superficial way what “the cloud” means, but we’re flummoxed whenever we have to try to explain it or even understand it. As is often the case with technology, it’s that lack of understanding that makes so many people apprehensive about adopting and using cloud-based apps and services.
It doesn’t help that the term has largely been seized by marketing companies and used with little consistency. Not since the word “quantum” has a term been made practically incoherent by marketing slogans and advertising.
The media tends to make things worse, too. Most of their reports about cloud-based technology is either a nebulous misuse of the term or fear mongering about stolen information and files.
We need to cut through all that noise and get right down to the facts. With a little education and advocacy, we can get past all the fear and worry and start making use of what really is an amazing innovation in computing, one that can be applied to the health and safety industry with great results.
What, then, is “the cloud?”
To put it as simply as possible, it’s a method of distributing demand for storage and computing power across a network of devices.
Instead of the conventional method of storing a single file in a single place, you can think of cloud storage as storing that file in several different locations. This method allows for less demand on individual computer resources and it gives you the ability to rebuild a file if one, or several, of the devices were to fail.
That’s a gross oversimplification. But the methodology behind it is quite complicated and for our purposes, it’s enough to think of the cloud as just a way of having your files managed on the internet rather than locally on a hard drive.
To some organizations, having storage on site feels more secure. They like the comfort of being in direct control of the physical media.
In data management, however, a major consideration is the capacity for disaster recovery. On-site servers are usually configured with redundancy so that they can tolerate some hardware failure locally, but there typically needs to be redundant copies of data stored off-site.
For some companies, particularly smaller ones, this can be a major cost since a second location isn’t always readily available. Managing all that storage locally can stretch resources thin. Having cloud-hosted storage for your valuable data incorporates the disaster recovery into the overall storage strategy. That data is safely managed and backed up in such a way that it is retrievable even following a catastrophic event like a fire that takes out all computer hardware on site.
Site security is the kind of application for which cloud apps have real potential.
Camera feeds and other surveillance data can be streamed to the cloud non-stop. Live “punch in/punch out” data can show accurate numbers and the identities of workers on site. Other live data can also be continuously recorded.
Being able to track and manipulate this kind of information has various wide-reaching implications from schedule management to emergency response.
Collecting data is only part of the picture,. The information has little practical value unless it’s also analyzed. Cloud systems allow for that to happen in real time without the need for ongoing human input.
Systems that do the data collection can generate real-time analytics for managing sites with no lag time and reduced local administrative requirements. A mountain of information can be collected and autonomously curated with simple programs to generate accurate, real-time reporting and statistics.
Human error is largely removed from the process, which is important because the integrity of that information may be critical later for investigation or continuous improvement activities.
Once data is collected and organized, security personnel can capture and oversee information from a central terminal. In fact, the storage in the cloud means this data can be accessed from any terminal with the right log in credentials.
Site supervisors or management could have the capacity to view a dashboard from a smartphone, tablet, or any device with access to the internet, whether they are present on site or not. This gives supervisors the ability to monitor multiple sites remotely in a way that wouldn’t be possible with locally hosted data.
Cloud apps and services offer device and location independence when accessing files and media. The days of a file residing on a hard drive in a computer in one static location are nearing an end. Now, the file’s location is distributed, and access to the computing and storage power is leased rather than owned, so in a sense the management of IT infrastructure is at least partially outsourced. Your data is in the hands of specialized companies with IT professionals at the helm, and the cost of infrastructure can be dramatically reduced.
Cloud computing may be an incredible innovation, but it’s not without its controversies. Privacy problems make tantalizing headlines, and despite the fact that we interact with cloud systems every day, some people only really know them from scary stories.
In reality, these systems are far more secure than their technological predecessors, but device independence can be a double-edged sword. While it provides convenience, there is also the potential for third-party interference. We’ve all heard about celebrities getting photos stolen, companies losing client information, and other frightening cautionary tales about “the cloud.”
While the catch-all term “hacked” is often used in describing those events, the reality tends to be variations on “social engineering.” Basically, ne’er-do-wells manipulate people into giving up usernames and passwords so that they can gain access to secured files. They don’t corrupt the technology itself but engage the weak spot – the user.
The solution is in better cloud security education strategies for workers and awareness of safeguarding passwords, identifying malicious activity. and ensuring the integrity of the systems.
The safety and security industries can be slow to accept changes to established methods, because failure in any system can result in serious consequences. Managing these two functions needs a little extra caution to make sure people, equipment, materials, and the environment are properly protected. However, we can’t overlook cloud technology’s potential for improving performance.
Perhaps we can strike a balance by approaching this new wave of technology with some caution while still embracing its tremendous potential.
4 minutes read time
COVID-19 has completely taken over our lives. Non-essential businesses are closed, airplanes are grounded, and what seems like the whole world has been forced into isolation. It’s now more important than ever to make sure our employees are safe during these unpredictable times.
Isolation could be our reality for at least a month, if not more, so we need to make sure we have the correct systems in place to get us through these unusual and uncertain times. Organizations need to be able to monitor the safety of their employees, even if they are not working at one of their primary locations. This is where we come in, helping you ensure everyone is safe.
Learn how we can keep your organization safe.
For some of us, work is still a possibility, but this does come with its challenges. Employees working from home (WFH) and remote workers such as maintenance technicians or social workers performing house-calls are still under the duty of care of their employer. Therefore as an employer, you still have the responsibility to keep them safe. This is why monitoring and accounting for all workers is essential to keep organizations safe and secure.
Here are some ways you can utilize your WhosOnLocation subscription to keep those in your duty of care safe:
WolMobile enables your employees to sign in to work while working remotely. Employees are given the option to select working remotely. This will give you visibility of those employees who are actually working and therefore still in your duty of care. You can also set up specific acknowledgement notices or triggers that these employees will see when they sign in and can communicate with them by sending Instant Messages to ‘everyone working remotely’ in-app.
Now that businesses are working from home, we need to ensure that our employees are able to stay focused and productive throughout the working day, whilst maintaining a healthy work-life balance. As employees can no longer interact with colleagues in their usual office situation, it is difficult for them to communicate and collaborate. This includes the small everyday things, such as taking micro-breaks or stepping outside for some fresh air.
With WhosOnLocation, you can use your free trigger add-on to set up recurring best practice reminders for employees working from home. These reminders can be anything from home office posture tips to ways to best manage online meetings. This feature enables you to define the Trigger Event, add one or many Trigger Rules that must be met, and set your Trigger Actions, which includes defining recipients to receive an email and/or an SMS (text) message.
It is important to have an emergency management plan in place no matter where your employees are working. WhosOnLocation makes it easy to update people in your duty of care with the information they need to keep safe. By using Instant Messages sent as either email, SMS, or push notifications, you can inform your employees of the crisis at hand. The Instant Message can include what your immediate response is going to be, where they will be able to find the latest information, how often your organization will provide updates, and remind them of your crisis management operating procedures.
While Google, Gmail, and Outlook support ‘scheduling of emails’, it is difficult for an organization to audit who received it, when and how many times it was sent, and, more importantly, easily define the audience of the email. For example, if you wanted to send an email to a specific group of people such as ‘Employees not on-site,’ or ‘Employees in the Marketing team’ at a particular date and time, you won’t be able to achieve this using regular email programs. This is why setting up Instant Messages within your app is necessary for these specific criteria.
If an employee enters your facility while it is in a lockout, then this can create a health and safety risk for your organization. In essence, this employee is placing themselves at risk if they have an accident while on-site alone. Set up an alert that is triggered if an employee enters your organization during a lockout.
These features are all included within your current WhosOnLocation subscription, regardless of your plan.
5 minutes read time
In 2016, OSHA conducted 31,948 total inspections. This seems like a significant number, but considering OSHA has jurisdiction over approximately 7 million worksites, you soon realize the odds of having an inspection at your worksite is relatively low. But what if it was you? Do you have systems in place good enough to pass the surprise audit that could be at any given time?
While the likelihood of an OSHA inspection is low for most businesses, being aware of what happens during an OSHA inspection, and preparing for it, will help you have a safer workplace and could mean the difference between a pass or failed result.
Apart from workplaces with ten employees, every other organization has the possibility of being audited. OSHA has both unprogrammed and programmed inspections. Unprogrammed inspections include employee complaints, injuries/fatalities, and referrals whereas programmed inspections focus OSHA’s enforcement resources towards the industries and employers where known hazards exist and are prioritized in the following order:
Usually, OSHA conducts inspections without advance notice. Employers do have the right to require compliance officers to obtain an inspection warrant before entering the worksite, however, this isn’t a good idea as it could trigger a stricter audit (and raise possible red flags). It’s wiser to give them a good first impression and work with the inspector as much as possible by answering questions honestly (without offering any additional information).
If an inspector finds violations of OSHA standards or serious hazards, OSHA can issue citations and fines. Violations are categorized as:
The citations describe OSHA requirements allegedly violated, list any proposed penalties, and give a deadline for correcting the alleged hazards.
In settling a penalty, OSHA has a policy of reducing penalties for small employers and those acting in good faith. For serious violations, OSHA may also reduce the proposed penalty based on the gravity of the alleged violation. Alleged willful violations will not have any good faith adjustments.
The biggest mistake organizations make when they are hit with a surprise audit is that they are not prepared. It seems extremely obvious, but preparing for an audit is often put on the back burner as there are no deadlines; therefore, it is not a priority.
Instead of putting preparing for an audit in the too hard basket, be proactive, and use an application like WhosOnLocation that will save you time and money in the long-term. WhosOnLocation stores all data electronically; therefore, you will be able to search, sort, analyze, and retrieve data easily and quickly, perfect for an audit situation.
Employers are required by OSHA to perform hazard assessments and safety training for each type of job performed in the workplace. Employers need to make sure that their employees have completed their required training as well as keeping them entirely up to date on what hazards exist for each job and how they plan to reduce those hazards.
Paper-based systems make this difficult as they are easily lost, hard to update, and even wasteful. Instead, whenever there’s an updated process, or a new hazard or regulation, you can use WhosOnLocation to update the changes electronically and can then be easily distributed out to employees at induction. You can also put employees, contractors and visitors through safety training at sign in and /or induction that asks them to accept that they have completed this training before they are allowed on site.
To show the auditor you have been following the correct steps, you must keep careful records. WhosOnLocation reports will give you access to information on almost everything you need, including training records, worker compensation files, insurance, and third-party audits, to name just a few data points. You’ll be able to access information during an audit easily.
Whether you’re part of a high-risk or a low-risk industry, there is still a chance you could receive a surprise audit, so you need to make sure you are prepared at all times. There’s no better way to put your mind at ease than to know you’re on top of everything.
3 minutes read time
On April 28, the International Labour Organisation will look back over 100 years of progress for the World Day for Safety and Health at Work. This year, there’ll be a clear focus on the future of occupational safety. How can you use new technology to make your workplace safer than ever before?
Here at WhosOnLocation, we dedicate our working lives to answering this question. So if you’re looking to update your safety procedures, you’ve come to the right place.
The first step you can take to secure your facility is to use people-tracking software. Applications like WhosOnLocation can not only help you understand who’s on-site in real time, but they can track which zones they’re in, too.
So when you need to account for your employees and visitors, you know the information is all in one place.
Whichever way you define a lone worker, the chances are you’ll need special processes to keep them safe.
A variety of apps offer an easy solution for keeping tabs on lone workers. For example, WhosOnLocation includes features like mobile sign-in, GPS geolocation and lone worker reporting. If you’re interested in finding the right app for your workers, take a look at our guide here.
Keeping track of when a contractor’s insurances, qualifications or induction processes need updating can be difficult in any organization. With WhosOnLocation, you can grant your contractors access to the Service Provider Portal, so they can fill in their own details. You’ll also receive notifications when their documentation needs renewing, so you know you’ll always be on top of contractor safety. Even better – these automated updates will save you some time, too.
[vc_row][vc_column][vc_single_image image=”9190″ img_size=”full” alignment=”center”][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]In high security organizations, just signing a visitor in using their name might not be enough. With WolScan, you can add an extra layer of security to the sign-in process by capturing the information from your visitor, contractor or employee’s ID card.
Not only does this allow the host to better verify the identity of those coming into the facility, it also makes sign-in a lot faster!
The OSHA rules and regulations can be a stiff read, so it’s important to make your safety inductions as interesting as possible. We recommend using engaging formats – whether that’s induction videos, tasks or even interactive training modules.
One option is to use WhosOnLocation to create an eLearning Induction Course. You can even set restrictions using triggers, so anyone who’s failed to complete the course is unable to enter the organization.
OSHA warns that workplace emergencies are often more common than people think, so it’s important to have a robust evacuation plan in place.
Employers need to be able to account for everyone on site quickly and easily during an evacuation to minimise risk. This can be tricky, especially if your employees and visitors are working across a multi-zoned or multi-level site.
By using a cloud-based evacuation app, you’ll be able to work collaboratively with other floor wardens or safety marshals to verify the safety of everyone on-site.[/vc_column_text][/vc_column][/vc_row]
6 minutes read time
Nowadays, there’s an app for everything. Unless you do all your business on ledger paper and an abacus, it’s likely you know the constant pain of needing a new digital solution for this or that.
If you’ve noticed this, you might have noticed another interesting trend – the integration of everything. Look at solutions like Zapier or Station, apps with the primary function of connecting other apps.
This concept is going physical too. Or rather, what’s physical is going digital; we’re calling it the internet of things. The connectivity between machines, all integrated into one intelligent network. A network that’s expected to have more than 30 billion connected devices by 2020.
But where does this all fit in the safety and security landscape?
The global smart building market is expected to grow 34% between 2016 and 2024 – from a value of $5,800 million USD to $61,000 million USD. (Source: Zion Market Research).
Smart buildings have many benefits, from occupant comfort to reducing energy consumption. But perhaps the most important benefits to increasingly connected systems within our buildings are the advances in safety and physical security.
According to industry experts’ insights shared in the report, “intelligent security systems will be offering services that will be utilizing the latest technologies thus providing enhanced reliability.”
These systems will be embedded in the network of the building, expanding functionality and better protecting people and assets. An example of this in action is the integration of people presence management systems with physical access control.
People presence management is a centralized system that encompasses the management of visitors, contractors, employees or incidents on-site. Visitor management is one component of people presence management software or cloud applications.
People presence management systems offer much more comprehensive safety and security features than its components can as standalone solutions. All in one system, you can run inductions, send live hazard awareness notifications, track and monitor lone workers and perform evacuations on a smartphone or tablet.
When integrated with an access control solution, the result is a powerful system suited to organizations with complex safety and security needs.
Visitor management, in some form, is accepted as a must-have in many industries. But tracking people who sign in and out is only one part of keeping a site safe and secure.
To ensure your workplace supports the safety and security of all employees, contractors and visitors, there is much more to consider, for example:
The purpose of using a people presence management system is being able to centralize these functions, so that you can monitor them all in one place.
You can even set up alerts to notify you when something needs attention, for example if a lone worker has exceeded their expected duration in a freezer zone, or if a contractor has tried to enter a zone without the relevant safety training.
An organization’s security is only as strong as its weakest link. A smart manufacturing facility might have ground-breaking cyber-security measures in place to protect confidential project information – but then use a paper-based sign-in sheet to check in visitors.
Any company serious about protecting their data needs to consider implementing a physical security system with zone access control above and beyond cybersecurity measures.
What does this look like? A people presence management system allows inter-zone kiosks to be set up at zone entry points, for example, the door to a server room. The system integrates with an access control system, and will only unlock the door if the person has the relevant permissions. If they don’t, security personnel will be notified that an unauthorized person tried to enter the server room.
To ensure the safety of every person throughout a facility or work site and meet U.S. regulations, organizations must have information about the identities and whereabouts of all visitors, contractors, and employees on-site.
A people presence management system helps organizations comply with federal health and safety regulations and serves to protect both the employer and the people in its duty of care.
Using a people presence management application, employers have central access to people presence data. This enables them to quickly and easily account for everyone in the event of an emergency. Additionally, floor wardens or emergency marshals can use the mobile evacuation function to track cleared zones, view requests for help, monitor real-time evacuation progress, and more. You can report on all this kind of information (and more) for post-incident reporting as well.
A note on GDPR compliance:
Make sure your solution allows you to be GDPR-compliant if you are processing data of EU residents. In fact, being GDPR-compliant is really best practice even if you’re not.
Related: GDPR: What you need to know |
Biometric authorization, AI answering visitors’ queries, coffee machines that make visitors a latté while they wait in reception… it’s all part of the future of people presence management. And it’s increasingly a reality with smart buildings already using integrating security systems.
Our vision is for a world where facilities aren’t designed for productivity and streamlined operations, they are designed for the comfort, safety and accessibility of all occupants – from full-time employees to first-time visitors. This is all possible with a people presence management system.
Increased safety, better physical security and more robust compliance are all core benefits of using people presence management. And as an added bonus, it’s likely you’ll notice a huge improvement in visitor experience and first impressions of your brand too.
4 minutes read time
In a study by PwC this year, it was found that 34% of security incidents are attributed to insiders attacks on information security, including trusted third parties and employees.
This is an alarming rate, and serves to remind us that physical security is just as important as cyber security. In fact, they are often closely linked.
Without a comprehensive and effective physical security plan empowered with visitor and employee management, organizations are at a constant risk from their visitors, contractors and employees accessing and stealing their IP and other sensitive types of data.
It’s important to remember that an internal security breach may not necessarily be by a malicious attacker, but can also be by an uninformed or careless insider. To ensure employees are security-conscious, build up a strong security culture in your organization.
Have a set of guidelines for ‘red flag’ activity and a clear protocol for what to do in the event of a security breach.
For example, every employee should know how to spot a phishing email. Phishing attacks are one of the most common methods of targeting business, and are sometimes difficult to identify to the untrained eye. Phishing attacks attempt to steal passwords, credit card details or other sensitive information.
Employees should be hardware-savvy too. Have you ever found a USB flash drive and plugged it into your computer? If so, you potentially opened yourself up to a cyber attack.
Hardware security is just as important as online security; attackers have been known to post malware-infected USB flash drives to targeted businesses, and may even drop them in victims’ buildings or parking lots.
Your physical security system should be designed to reduce the threat of both outsider and insider attacks.
Of the two types of attacks, the threat posed by insiders is much more difficult to evaluate and combat. Malicious insider attackers could be passive or active, violent or non-violent. The attack could be spontaneous or it could be premeditated and calculated.
Malicious insiders are likely to be in positions of power or trust, with access to sensitive information, or who are able to abuse their authority or physical access rights – for example, emergency response personnel.
There is no reason for anyone to be able to enter or leave a company and wander the premises without being recorded and tracked, including employees and other insiders.
It’s important to know exactly who’s on-site at all times – particularly if you store sensitive data or operating information at your workplace or facility. If your organization is victim to an insider attack, accurate people presence reports will be invaluable.
Use people presence and visitor management software, like WhosOnLocation, for all visitor, contractor and employee sign-ins. This will enable you to run people presence reports for any given time – i.e. for a window around the time of a security breach, if you know when it occurred.
For more comprehensive people presence management, don’t just track who is on-site but track any key movements around the site too.
Restrict access to all zones and entry/exit points, and integrate these control mechanisms with digital security systems for advanced, real-time tracking and reporting. For extra security, use photo ID cards linked to visitor records so that these can be checked against surveillance footage.
Security and management personnel can keep track of everyone who enters and leaves the facility, control access rights for different areas, as well as standardize access and security procedures across different locations. WhosOnLocation enables staff to view visitor details, assign badges and modify any visitor’s permissions.
It’s no longer enough to have haphazard or incomplete people presence tracking at your site. Visitor management and employee time and attendance software is a staple for security-conscious organizations.
WhosOnLocation is a secure, cloud-based people presence management software that enables organizations to keep a record of all people on-site. Security features include ‘red flag’ alerts that fire when someone on a watchlist enters the site, visitor and employee access card printing, photo identification and real-time reporting.