The WhosOnLocation Blog

Featured post

Tighten up your on-site security with WolScan

3 minutes read time

WolScan adds a further layer of security to your on-site visitor management. Our recent user interface update makes the scanning process simple and quick. Learn more about how to make your visitors’ registrations more efficient by using WolScan.

What is WolScan?

WolScan is an iPhone/iPad app that allows you to quickly and securely capture and register your visitor’s identity by scanning their photo ID. The information is automatically uploaded to your WhosOnLocation account, to either sign in as a new visitor or update an existing/pre-registered profile. There is no need to enter the details manually which speeds up the process for your front-of-house team.

Why use it?

For any organization that is security conscious, it is critical to ensure that only those with permission have gained on-site access.

By scanning your visitor’s photo ID you validate their identity and reduce the risk of unauthorized entry, making sure that your company property, information, and employees are protected. 

Imagine a scenario where a file with sensitive information went missing or intentional damage was discovered on site. WolScan allows you to keep a verified record of who has had access to your premises.  It is also an excellent way to reassure your auditors and insurance providers that you have a valid visitor management process in place and you have done all that is necessary to mitigate risks.

How does it work?

To verify and register visitors simply scan their photo ID using the WolScan app on your iPhone or iPad with iOS 10 or higher. Once ready, the information is automatically uploaded and saved to your WhosOnLocation account. Simple, fast, and secure!

Which documents are compatible?

WolScan allows you to automatically upload the information from all passports. It also supports driver’s licenses from the USA, Canada, United Kingdom, Australia, and New Zealand.

You can also scan generic photo IDs. The photo will be stored in your WhosOnLocation account, and you have the option to enter any other details from the photo ID that need to be retained.

How do I know the data is securely stored?

We take data privacy and security seriously. We are ISO 27001 certified and GDPR compliant. When using WolScan, the visitor information, including captured images, is sent directly to the WhosOnLocation server. No data is processed by a third party. You can also decide how long the visitor’s information is retained and set an automatic data deletion after a set period of time.

Ready to get started? 

WolScan is available to enable in your account today and is priced per device. Visit our Help Center for step-by-step instructions on getting started. 

New to WhosOnLocation?

Get started with a FREE 30 day trial today. No credit card required.

Read more.

5 minutes read time

Keep Flattening COVID-19 – Contact Tracing

We may be winning the war on flattening COVID-19 around the globe but as we move back to a somewhat regular working environment we need to ensure we have the correct processes in place to continue to manage our obligations to keep those in our duty of care safe.  One of the key obligations required of organizations is ensuring they can trace who is likely to have come into contact with who if they are notified of a potential COVID-19 diagnosis of an employee or visitor.

Contact tracing is talked about a lot in the media at the moment and could be compared to the process a detective uses to solve a mystery. It is the process of piecing together accurately and quickly who has likely come into contact with the person diagnosed with COVID-19. In essence, who entered that person’s bubble. 

When contact tracing is performed manually it can be time-consuming to contact each person who may have been inside the same bubble.  With COVID-19 the need to identify, notify, and isolate those affected quickly has never been so important as the world races to reduce the spread, and eventually irradicate COVID-19.

In the context of contact tracing in the workplace having the ability to contact trace quickly and effectively can only be done electronically. This is not in a big brother way with granular tracking of every step a person takes when on-site, but at the very least at a level where you know which visitors and contractors have entered your building or facility, who they met with, and which areas of your facility they were present in. If it is an employee then where they work, who was on-site at the same time, and whether they met with external parties.  Contact tracing is not a nice to have, it’s a must-have in the modern work environment. 

The benefits to your organization having contact tracing is that you can quickly identify: 

  • Those employees that should be sent home to self-quarantine, 
  • Visitors that need to be contacted and,
  • Areas of the building which may require additional cleaning.


Management and reporting

The management and reporting on who was in your organization on a certain day at a particular time is easy and simple with WhosOnLocation. Allowing you to remove possible human error when drawing on paper records or memory.  Using our People Presence report you can identify who was on-site be they visitors, contractors, or employees. This allows you to identify who was likely to engage with another person on-site and as a result, contact those in that bubble and hopefully mitigate any potential wider spread.


Use inter-zone kiosks

For facilities with a large footprint like large scale manufacturing plants, granular tracing is possible using our inter-zone kiosks feature. Where the commonly used reception sign-in kiosks allow you to know who was on-site at a specific time, Inter-zone kiosks allow you to track people as they move through your facility delivering a more detailed insight as to who went where.  With inter-zone kiosks, employees and contractors are encouraged to sign in to each zone as they move through a site. This gives you the ability to accurately track who is accessing which areas of your location and when.


Data retention

Your visitor, contractor, and employee data is retained for the lifetime of your WhosOnLocation account. This enables you to pull contact tracking reports if and when needed with peace of mind that all of the information will be present.

In order to comply with GDPR and various privacy regulations, we do provide options for customers to have visitor data automatically removed after a specified period. In addition, customers are able to manually erase and purge visitor records from their WhosOnLocation account. For future contact tracing purposes, we recommend retaining visitor information for at least 60 days before removing. 


Other features

In addition to contact tracing, you can also use these features within WhosOnLocation to further strengthen your organization’s on-site safety and security to keep COVID-19 out:

Entry greeting – Make your guest aware of your on-site rules and expectations at the time of entry.  A mandatory rule could be that anyone coming on-site needs to use hand sanitizer before proceeding to the reception. 

Instruction banner – Inform guests of your on-site mandatory rules before gaining entry. 

Pre-entry qualification – Asking guests (visitors and contractors) a series of questions, that if they don’t meet the criteria they are unable to enter. As an example, this could be “Have you experienced flu-like symptoms in the last 14 days?”.

Banning entry – If you were in the unfortunate situation to experience an on-site exposure to COVID-19. Add the employees, visitors, and contractors to a banned list so they are unable to gain access during their self-isolation period to keep your organization protected. 

If you are an existing WhosOnLocation customer contact tracing and all other features mentioned are available within your current subscription. To find out more about contact tracking click here

Not a customer? Take a free 30-day trial to get started with contact tracing to protect your organization against COVID-19 and beyond. 


4 minutes read time

Aged care: protecting the vulnerable from COVID-19

The effects of a pandemic on aged care facilities can be devastating. Since January, families have been physically distancing themselves from elderly loved ones in an effort to protect them from the deadly COVID-19 virus. 

Why aged care facilities are vulnerable

Those over the age of 65 are most at risk of complications from COVID-19, so with visitors, employees, and volunteers regularly entering facilities, the residents of aged care centers are left in a particularly vulnerable situation. 

This is evident in the news stories and statistics we’re seeing every day. Weeks after governments across the globe advised visitors against entering aged care facilities, clusters of cases continue to be reported in care homes across the world. Just this week, the UK confirmed care home deaths are continuing to rise, as hospital deaths decline.

Employees are at risk, too

It’s crucial to consider that it’s not just residents who are affected at this time.  Employees continue to put themselves at risk by attending work everyday, and find themselves managing the pressure of added scrutiny and increased workloads, too.

So what processes can we put in place to help employees manage the risk to residents, as well as themselves? And how can we continue these practices as lockdown rules relax in the future? 

How a People Presence Management tool can help

Log it, trace it, contain it

Let’s start with the obvious. The best way to trace everyone who’s been in contact with an affected individual is to digitally sign in (and out) every single person who comes into an aged care facility. Most visitor management apps will be able to help you with this, but WhosOnLocation goes a step further. 

Where possible and required, zoning of residents and staff can be adopted to minimize exposure. For example, you might physically distance your residents in groups, and pair each group with their own team of staff. Each employee/contractor can be assigned a zone within WhosOnLocation, so any outbreak can be tracked by the specific area they worked in, as well as their time on-site. 

Ask the right questions 

Although visitors might not be currently entering your facility, it’s important to remember the outside risk employees, service providers, and volunteers can pose. By screening everyone who comes on-site each day, you can identify anyone who poses a risk and prevent them from entering. 

Ask everyone signing in each day if they’ve felt unwell lately, been in contact with anyone who has symptoms, or returned recently from overseas. By enabling triggers, you’ll also be able to ensure the right people are alerted if someone answers ‘yes’ to any of the above. 

Touch-free sign in for employees and service providers

It might surprise you to know the average user touches your kiosk screen 35 times during the sign in process. Minimize touch points for all those working and volunteering on-site by using the WolMobile app instead. By allowing individuals to sign in using their own device, you can significantly reduce the risk of contamination.

A new process for the future

As we look to the future and a time when aged care facilities can begin to allow visitors once again, there are a number of ways to minimize risk during the transition period.

Maintaining physical distance 

Although it’s difficult to deny families the opportunity to visit their loved ones, as we transition back to normal you will likely need measures in place to limit the number of people on-site at any given time. Setting a maximum occupancy means the facility will never be overcrowded. As soon as the maximum number of visitors is reached, any further attempts to sign in will be automatically denied by the system. 

For further control, you can require that all guests are pre-registered. This gives employees greater oversight as to who to expect on-site each day, so they can plan accordingly. 

Make your policies clear

Require all visitors to use hand sanitizer before entering your facility? Only permitting those with a recent flu vaccination to visit? You can use both acknowledgment notices and your kiosk banner to inform your visitors of your policies when signing in. Receive alerts if a visitor refuses to acknowledge your policy, too, and view a record of all responses through the reporting feature.

Coming soon… go completely touch free

We’re currently working on another helpful feature – touch free sign in for visitors. This feature will make it possible for visitors to sign in using their own smartphones rather than the kiosk, minimizing the number of touch points in your facility. More details to come. 

All features mentioned are available with all WhosOnLocation subscriptions. 

Not already a customer? Take a free 30 day trial today. 

7 minutes read time

8 things to consider when developing an emergency response plan

First published by Safeopedia, written by Daniel Clark.

In an emergency, every second counts. There’s no time to debate. Everyone needs to know their responsibilities, who’s in charge, and what has to be done. It all comes down to planning. Every variable has to be accounted for and thoroughly considered well before the alarm sounds. A carefully constructed emergency response plan (ERP) can be the difference between an orderly evacuation, a panicked mob, or an outright tragedy. An ERP is a substantial, specialized part of an organization’s overall safety program and it takes deliberate forethought to ensure its performance. Whether you are developing a new plan, or the one you have in place needs a checkup, here are a few things to keep in mind.

1. What types of emergencies are plausible?

An ERP should consider all scenarios that are reasonably likely for a given site, with extra attention given to those that pose a higher risk.

Think of a sour gas leak. What would happen if one occurred? Coming from sour gas country myself, I know that’s a common scenario in ERPs because sour gas:

  • Is toxic
  • Moves in the wind
  • Rolls downhill
  • Is flammable

That makes it a useful example because it highlights the kind of planning and specificity that need to go into an ERP. Considering those factors, if your plan involves mustering downwind or downhill from the leak location, you might be planning a disaster.

A complete vulnerability assessment of the site is a starting point. It should consider the whole array of technological and natural hazards to come up with scenarios. It should also consider that emergencies are not discrete categories and can crossover and combine. An earthquake that starts a leak that starts a fire that leads to a building collapse that releases a toxic substance – are you ready for it?

Obviously you can’t write up a plan for every permutation possible, but the plans should account for the fact that combined events can happen.

(Learn more in Lessons from 3 of the Worst Workplace Disasters.)

2. Avoid cookie-cutter plans

One size does not fit all. A well-constructed ERP should be customized to the site at which it is to be used. Starting from a template is fine, but it should be bolstered to include real numbers of personnel, emergency contacts, layout and geography, special considerations and conditions, and other site-specific factors.

The plan has to account for the unique nature of the company and all of its operations. Every step may introduce a new hazard – from raw material characteristics to types of equipment on site to environmental setting. For fire alone, you have to think about:

  • What kind of fire protection is in place?
  • Who is qualified to operate it?
  • Does it need an operator at all?
  • Is it static but nonetheless important to know, like fire doors or fire-rated walls?

(Find out What Should Be Included in Your Emergency Management Plan.)

All of this has to be considered well before it is needed. All of it is unique to each individual site.

3. What does the future hold?

How are you supposed to know which events are likely (or even possible)? It is going to depend on a number of factors, and the company may or may not have direct experience to draw from.

A little research will help you determine the nature of emergencies that similar operations in your industry have encountered. Consulting a loss control or insurance specialist may be useful because they tend to monitor this kind of data. Especially in considering natural hazards, it pays to know whether an ice storm or an earthquake (or an ice quake?) is likely, and even which hazards can be safely ignored.

4. Don’t go at it alone

Any one person’s field of view is going to be limited. Planning for an emergency should include an interdisciplinary team, representing a cross-section of the organization. Experience, education, and training all inform how each worker perceives hazards and priorities. Management and frontline workers may not agree on what is most important, and yet both perspectives have value in establishing an emergency plan.

Creating a team has a dual purpose. You gain more comprehensive input, and because ownership of the plan is distributed you will have improved buy-in.

Furthermore, since people are prime in safety, you’ll want to involve everyone who may be affected and ensure they understand their responsibilities.

(Learn more in 5 Reasons You Struggle with Safety Buy-In – And What to Do About it.)

5. Where is help coming from (and how can you help the helpers)?

A worksite may be spitting distance from a hospital, or it might be too remote for cell phone signals. An ERP has to consider what kind of access there is to emergency responders, as well as the safety of those that do respond.

To that end, it is a good practice to collaborate with emergency services in the area (where possible) to go over medical or fire response provision. They may request a copy of site plans or an inventory of chemicals, for example, to know what they may be heading into.

6. An emergency response plan that isn’t drilled is just paper

Once you have written up a comprehensive plan and considered everything, the ERP is ready to implement.

Except… you haven’t considered everything.

The only way to fine tune an ERP is to drill, recap, and revise – and it’s no simple task. Drills and tabletop exercises can highlight deficiencies in the plans, then those deficiencies have to be corrected.

An emergency plan should be audited once a year. This includes evaluating training needs, inventory of emergency supplies, contact lists, and an updated roster of emergency responsibilities. You need to make sure that the contact numbers still reach the people they should, and that responsible parties are current and cover all shifts. Depending on the scope of the plan, this could be a mountain of information.

Many sites are going paperless to help keep them organized and improve the ability to audit systems in a consistent way. Much of the manual tracking and record-keeping can be automated to improve effectiveness and keep the focus where it should be – on the plan itself. Digital and cloud-based solutions can also be integrated with security for better live data capture. A headcount at a muster point, for example, is no good if you don’t know how many people were on site to begin with, and where to look for them if they are missing.

7. Be a good neighbor

Even in remote and rural areas, there are likely to be a few residents or other workplaces and jobsites close by. You may need to consult with them to determine their needs in an emergency, and contact them in the event of a real emergency or drill.

Companies are mandated to exercise due diligence in protecting their workers and the public, so you can’t forget to include the Joneses when planning to keep everyone safe.

8. Management commitment

As with all parts of a safety program, management commitment is crucial. Setting up emergency response plans shouldn’t be viewed as an exercise in legislative box-ticking, nor an administrative burden. Management should actively participate in the planning and contribute the resources needed for effective implementation.

This may involve a substantial financial and time investment, and one that is ongoing. But it is worth it. It is highly likely that at some point in time, under some circumstances these plans will be put to use in a real emergency. And when that time comes, being prepared is priceless.

6 minutes read time

Cloud Apps: The Site Security Management Tool You Should Get to Know

First published by Safeopedia, written by Daniel Clark.

You’ve probably heard someone say “The files are stored in the cloud.”

And you might have thought “OK, so … Where are they, exactly?”

“The cloud” is a fitting metaphor for a technology that seems to involve mystery, ambiguity and a little bit of magic. At least, that’s the way it seems to the average user.

Most of us know in a superficial way what “the cloud” means, but we’re flummoxed whenever we have to try to explain it or even understand it. As is often the case with technology, it’s that lack of understanding that makes so many people apprehensive about adopting and using cloud-based apps and services.

It doesn’t help that the term has largely been seized by marketing companies and used with little consistency. Not since the word “quantum” has a term been made practically incoherent by marketing slogans and advertising.

The media tends to make things worse, too. Most of their reports about cloud-based technology is either a nebulous misuse of the term or fear mongering about stolen information and files.

We need to cut through all that noise and get right down to the facts. With a little education and advocacy, we can get past all the fear and worry and start making use of what really is an amazing innovation in computing, one that can be applied to the health and safety industry with great results.

What Is the Cloud, Anyway?

What, then, is “the cloud?”

To put it as simply as possible, it’s a method of distributing demand for storage and computing power across a network of devices.

Instead of the conventional method of storing a single file in a single place, you can think of cloud storage as storing that file in several different locations. This method allows for less demand on individual computer resources and it gives you the ability to rebuild a file if one, or several, of the devices were to fail.

That’s a gross oversimplification. But the methodology behind it is quite complicated and for our purposes, it’s enough to think of the cloud as just a way of having your files managed on the internet rather than locally on a hard drive.

Cloud-Based Storage and Data Security

To some organizations, having storage on site feels more secure. They like the comfort of being in direct control of the physical media.

In data management, however, a major consideration is the capacity for disaster recovery. On-site servers are usually configured with redundancy so that they can tolerate some hardware failure locally, but there typically needs to be redundant copies of data stored off-site.

For some companies, particularly smaller ones, this can be a major cost since a second location isn’t always readily available. Managing all that storage locally can stretch resources thin. Having cloud-hosted storage for your valuable data incorporates the disaster recovery into the overall storage strategy. That data is safely managed and backed up in such a way that it is retrievable even following a catastrophic event like a fire that takes out all computer hardware on site.

Cloud Tech and Site Security

Site security is the kind of application for which cloud apps have real potential.

Camera feeds and other surveillance data can be streamed to the cloud non-stop. Live “punch in/punch out” data can show accurate numbers and the identities of workers on site. Other live data can also be continuously recorded.

Being able to track and manipulate this kind of information has various wide-reaching implications from schedule management to emergency response.

Real-Time Data Analysis

Collecting data is only part of the picture,. The information has little practical value unless it’s also analyzed. Cloud systems allow for that to happen in real time without the need for ongoing human input.

Systems that do the data collection can generate real-time analytics for managing sites with no lag time and reduced local administrative requirements. A mountain of information can be collected and autonomously curated with simple programs to generate accurate, real-time reporting and statistics.

Human error is largely removed from the process, which is important because the integrity of that information may be critical later for investigation or continuous improvement activities.

Accessibility and Convenience

Once data is collected and organized, security personnel can capture and oversee information from a central terminal. In fact, the storage in the cloud means this data can be accessed from any terminal with the right log in credentials.

Site supervisors or management could have the capacity to view a dashboard from a smartphone, tablet, or any device with access to the internet, whether they are present on site or not. This gives supervisors the ability to monitor multiple sites remotely in a way that wouldn’t be possible with locally hosted data.

Cloud apps and services offer device and location independence when accessing files and media. The days of a file residing on a hard drive in a computer in one static location are nearing an end. Now, the file’s location is distributed, and access to the computing and storage power is leased rather than owned, so in a sense the management of IT infrastructure is at least partially outsourced. Your data is in the hands of specialized companies with IT professionals at the helm, and the cost of infrastructure can be dramatically reduced.

Protecting Cloud-Based Data

Cloud computing may be an incredible innovation, but it’s not without its controversies. Privacy problems make tantalizing headlines, and despite the fact that we interact with cloud systems every day, some people only really know them from scary stories.

In reality, these systems are far more secure than their technological predecessors, but device independence can be a double-edged sword. While it provides convenience, there is also the potential for third-party interference. We’ve all heard about celebrities getting photos stolen, companies losing client information, and other frightening cautionary tales about “the cloud.”

While the catch-all term “hacked” is often used in describing those events, the reality tends to be variations on “social engineering.” Basically, ne’er-do-wells manipulate people into giving up usernames and passwords so that they can gain access to secured files. They don’t corrupt the technology itself but engage the weak spot – the user.

The solution is in better cloud security education strategies for workers and awareness of safeguarding passwords, identifying malicious activity. and ensuring the integrity of the systems.


The safety and security industries can be slow to accept changes to established methods, because failure in any system can result in serious consequences. Managing these two functions needs a little extra caution to make sure people, equipment, materials, and the environment are properly protected. However, we can’t overlook cloud technology’s potential for improving performance.

Perhaps we can strike a balance by approaching this new wave of technology with some caution while still embracing its tremendous potential.

6 minutes read time

Leading in a crisis from 12,000 miles away

As WhosOnLocation CEO it is my responsibility to ensure the safety of those in my duty of care. Like many organizations today we are a global team. Split across three different continents and three offices.

I am currently based in London, my closest team members are 5,500 miles away, the furthest 12,000 miles. Our use of video conferencing tools, Slack chats, and email has been crucial in managing a remote workforce 24×7.

Globally we are all facing the challenge of how we navigate our business in this new “norm” we are working and living in. Until a few weeks ago I had three locations and the people within them to ensure they were safe while in my duty of care.

Now we are all faced with working from our home offices, and while I’ve got more ‘virtual’ offices to manage than I would have ever imagined in my wildest dreams, my obligations to my employees regarding their health and safety did not disappear behind a mask. While this may seem daunting it’s actually not. As a SaaS company we operate in the cloud, this works to our advantage, particularly in this situation.

I’d like to share my learnings over the past few weeks managing and fulfilling my requirement to keep the team safe and secure while distributed across the globe.

Act fast, be decisive; a crisis is not always a crisis when well managed

Right from the onset of Covid-19 and before the lockouts imposed by most countries we made changes to our practices to keep the team safe and secure. While some were general hygiene reminders others were to ensure that office-based teams weren’t exposed to anyone who had recently traveled overseas or wasn’t feeling well. We did this by updating our kiosks to:

    • Notify all visitors to our office procedure changes. These included:
      • Updating our welcome greeting to include mandatory use of hand sanitizer before entry
      • Pre-registering guest and sending a WolPass notifying them of the procedures we were taking on site
      • Red flag alerts, if anyone acknowledged they were not feeling well or had recently traveled overseas

Communication is king

This one seems pretty simple, communicate with your people. However, in a time of uncertainty, it is even more important to keep clear, consistent and frequent communication. While working remotely, a great tip is to over-communicate without effectively crossing that boundary of ‘spamming’ your team. You should be making more calls and sending more messages than you normally would, to bridge the physical gap.

In times of crisis, it is a known fact that we may not respond as we normally would. Research shows we fit into one of three coping styles; task orientated, emotion orientated and avoidance orientated.

I fit firmly in task-orientated, looking to see what I and WhosOnLocation can do to help our employees and customers. It’s sometimes hard to know what your employees are going through; however, with open communication and regular meetings, it’s easy to identify those who are not themselves and be able to address the situation directly one-on-one. I have found taking a few minutes at the beginning or end of meetings to ask how everyone is feeling or check on motivation levels has been cathartic for all parties.

On a personal note, I believe decisive leadership is key in a crisis. Leadership, and CEO’s especially, earn their stripes in adversity, not when the sun is always shining. Set expectations, and be clear and concise on strategy and direction.

Wellness check and best practice

Working in an office environment, we are often reminded about best practices for things like posture and taking breaks, we even have a notice above our office coffee machine to remind staff. However, when working from home offices or dining tables, best practice is often the furthest thing from our minds.

Using WhosOnLocation, we have set up a series of reminders using the Triggers feature. These triggers are automatically emailed to staff at predefined times each week reminding the team of best practice while working at home, such as remembering to take microbreaks. No one has to remember to keep sending the reminder out. It just goes out at scheduled times until we deactivate them.

Office and Facility security

We used the Triggers feature again to set up alerts notifying us if any employee re-enters our offices when they are in lockout. Why? Well as CEO I know anyone on-site alone and/or without supervision is a risk to themselves. As I stated earlier, our company’s duty of care to our employees does not get excused in the face of a breach just because of the current crisis.

A culture of trust really pays off in a crisis

Trust is the foundation to all positive relationships. ‘Deliver on what you say’, ‘Play as a Team’, ‘Participate’, and ‘Be Authentic’ are core principles here at WhosOnLocation and they form the foundation of our trusting culture.

Trust allows us to operate a flexible working environment. We do this by giving parents the flexibility to work around their children, working from home when you need to, and flexible breaks so staff can exercise (read more about it here). When the government mandated lockdown came into effect, our flexible standard operating procedures and our ISO27001 BCP training meant the transition from office-based workspaces to the home office was fairly seamless.

That said; moving from a regular office routine and working remotely intermittently to working remotely full-time can take some adjustments. We gave our employees the time they needed to get into a routine. For some it took a day or two and for others a week. We have not had any drop off in SLA’s or delivery on projects. Customer satisfaction, the adoption of new Covid-19 centric features, and employee engagement is as high as ever. But the foundation to this was our trust in each other.

Learn to adapt, and innovate

We’ve got new features coming to help you manage your remote team over the coming week. Until then remember to check out our COVID-19 series on the helpdesk to see what you can do with your WhosOnLocation subscription today.

4 minutes read time

How to keep your people safe while working from home

COVID-19 has completely taken over our lives. Non-essential businesses are closed, airplanes are grounded, and what seems like the whole world has been forced into isolation. It’s now more important than ever to make sure our employees are safe during these unpredictable times. 

Isolation could be our reality for at least a month, if not more, so we need to make sure we have the correct systems in place to get us through these unusual and uncertain times. Organizations need to be able to monitor the safety of their employees, even if they are not working at one of their primary locations. This is where we come in, helping you ensure everyone is safe.

Learn how we can keep your organization safe.

Utilize WhosOnLocation features

For some of us, work is still a possibility, but this does come with its challenges. Employees working from home (WFH) and remote workers such as maintenance technicians or social workers performing house-calls are still under the duty of care of their employer. Therefore as an employer, you still have the responsibility to keep them safe. This is why monitoring and accounting for all workers is essential to keep organizations safe and secure. 

Here are some ways you can utilize your WhosOnLocation subscription to keep those in your duty of care safe:

Gain visibility of your employees 

WolMobile enables your employees to sign in to work while working remotely. Employees are given the option to select working remotely. This will give you visibility of those employees who are actually working and therefore still in your duty of care. You can also set up specific acknowledgement notices or triggers that these employees will see when they sign in and can communicate with them by sending Instant Messages to ‘everyone working remotely’ in-app.

Recurring reminders for employees 

Now that businesses are working from home, we need to ensure that our employees are able to stay focused and productive throughout the working day, whilst maintaining a healthy work-life balance. As employees can no longer interact with colleagues in their usual office situation, it is difficult for them to communicate and collaborate. This includes the small everyday things, such as taking micro-breaks or stepping outside for some fresh air.

With WhosOnLocation, you can use your free trigger add-on to set up recurring best practice reminders for employees working from home. These reminders can be anything from home office posture tips to ways to best manage online meetings. This feature enables you to define the Trigger Event, add one or many Trigger Rules that must be met, and set your Trigger Actions, which includes defining recipients to receive an email and/or an SMS (text) message. 

Manage crisis event notices and keep your employees updated

It is important to have an emergency management plan in place no matter where your employees are working. WhosOnLocation makes it easy to update people in your duty of care with the information they need to keep safe. By using Instant Messages sent as either email, SMS, or push notifications, you can inform your employees of the crisis at hand. The Instant Message can include what your immediate response is going to be, where they will be able to find the latest information, how often your organization will provide updates, and remind them of your crisis management operating procedures.

While Google, Gmail, and Outlook support ‘scheduling of emails’, it is difficult for an organization to audit who received it, when and how many times it was sent, and, more importantly, easily define the audience of the email. For example, if you wanted to send an email to a specific group of people such as ‘Employees not on-site,’ or ‘Employees in the Marketing team’ at a particular date and time, you won’t be able to achieve this using regular email programs. This is why setting up Instant Messages within your app is necessary for these specific criteria. 

Your office is in lockout 

If an employee enters your facility while it is in a lockout, then this can create a health and safety risk for your organization. In essence, this employee is placing themselves at risk if they have an accident while on-site alone. Set up an alert that is triggered if an employee enters your organization during a lockout.

Get Started Today! 

These features are all included within your current WhosOnLocation subscription, regardless of your plan.

6 minutes read time

Lone worker management: Your guide to lone worker monitoring solutions

First published by Safeopedia, written by Daniel Clark.

Whether a worker is completely alone on site or just working in an area by themselves, extra care is required to ensure that this solitude doesn’t create a dangerous situation.

While isolation may not be a true hazard in and of itself, it can be a factor in various types of incidents. It should, therefore, be anticipated and controlled. With appropriate planning and foresight, lone workers can still be protected.

Assessing Lone Worker Risks

Solo work involves a little extra danger because there is no direct supervision and immediate help is not available if an incident were to occur. The latter is the primary consideration, since an accident or injury can quickly go from minor to major quickly if it isn’t attended to soon enough.

Something as mundane as a twisted ankle, for example, can be a serious if it means the worker can’t walk or drive, and winds up stranded at the work site. Worse yet, if a lone worker becomes unconscious or finds themselves in medical distress, the situation can become dire.

Assessing risks is the first and most important element of a lone worker safety program. Working alone can be considered as a kind of score multiplier for risk – it combines with all other hazards relevant to that task and raises the risk that they present. If you consider the response time or access to aid in the event of an incident, suddenly tasks involving normally tolerable risks are no longer acceptable. Work that is already risky by their nature are generally not allowed for lone workers, including hot work, work at heights, and confined space entry.

(Find out How to Perform a Lone Worker Risk Assessment.)

Ensuring Lone Worker Safety

Now that we understand the risk, what can be done to make working alone safer?

Communication Checkpoints

Communication is key. The established strategy for working alone is a communication checkpoint system. This means that there is an expected period for checking in with another worker (say, every half hour), and defined actions if a check-in is missed.

(Learn about Radio Etiquette for Safe and Effective Communication.)

When a worker is wrapped up in what they are doing, however, missed check ins can and do happen. When they do, some action is triggered for the supervisor, and it all ends up in fruitless, ineffective back-and-forth. Better solutions are being developed to correct for worker forgetfulness and distraction to ensure consistency with minimal false alarms.

Software to Improve the Check-In Process

Software solutions aim to streamline the check-in process by partially automating the contact for a defined period. A worker acknowledges a periodic “all is well?” prompt. If they don’t, an alert is triggered and sent to a supervisor.

“Man down” detection might also trigger an alert if no movement at all is detected for a period of time. An attempt will be made to contact the worker, and if there is no response, a more rigorous, tiered action is taken, including contacting supervisors, management, and ultimately emergency services.

It’s a minor adjustment in approach, but it makes for a more effective process because forgetfulness and distraction are largely removed from the picture. Workers have plenty to focus on while performing a task, so solutions that reduce their cognitive load while still keeping communication open are preferable to overlapping, cumbersome manual procedures.

Some solutions go a step further and require defined action at specific intervals, such as using a smartphone to scan a QR code on site. This will create a record or notify a designated supervisor when checkpoints are missed, but also has the added benefit of location specificity and showing exactly where a worker is.

Most systems of this kind either utilize onboard smartphone technology with an installed app, or include a peripheral like a bracelet that connects via Bluetooth. There are some all-in-one solutions on the market that don’t need a phone complement at all, but these require their own dedicated data plan. This kind of scheme can work well and is widely used, but encounters problems when communications are intermittent or unreliable.

(Find out How to Improve Lone Worker Safety.)

Combined Solutions

Those working in very remote areas are likely to encounter situations where basically every means of electronic communication fails. Radios are out of range, cellular service is unavailable, and even satellite communication may be intermittent.

The best solutions combine communications technologies and tether to the strongest connection available at the moment, such as automatically moving to a satellite feed when no cellular connection can be established.

As you might expect, the data plans required for this type of device don’t come cheap, but the reliability continually improves so that connection is available from nearly any location.

Some Lone Work Is Disappearing – But Monitoring Is Still Relevant

I’m up here in oil country, so when I think of working alone, I picture a worker in coveralls climbing out of a pickup at some remote site.

However, there are lone workers who don’t fit that mold at all, like those who work with the public and for whom violence can be a significant hazard. Individuals responsible for closing up shop, ending restaurant shifts, working late at all-night convenience stores are subject to additional risks from working alone.

(Learn more in Violence in the Workplace: Recognize the Risk and Take Action.)

Many jurisdictions now recognize the inherent danger of this type of work and require that at least two workers be present on night shifts or during times when communication may not be readily available. Regulators have stepped in and removed the choice from employers altogether in the matter and specified that working alone under some circumstances is simply not acceptable.

Still, even with two workers present, many of the same risks remain. Whether or not a jurisdiction allows solo work in a given scenario may vary, but communication and monitoring solutions are still essential tools for keeping these workers safe.


A combination of worker training, diligent planning, and risk assessment and monitoring can make working alone safer. The technology for remotely monitoring workers improves all the time, with a key focus on automation and ease of use. Keeping a digital eye on workers to ensure they remain safe is easier than ever. There’s no longer any reason to leave workers alone with out an effective lifeline.

6 minutes read time

Working from home: How to make it work for you

The one question on everyone’s mind is can I be as productive working from home as I am working from the office? A recent poll found that 51% of New Zealanders prefer working from home compared to working in an office and in another survey 65% of Americans said they were more productive working from home. It is very dependent on the environment that you are working in, for example, if you add in the factor of children at home you would probably prefer the usual office situation. However, now that we are forced to work from home, how can we make sure that we stay productive? Here are some useful ideas to help you adjust to this new style of working.

1. Keep a similar routine 

Get up early, eat your breakfast, get dressed and get to work. It’s important that we stick to a routine, to keep consistency in our lives. If we continue with familiar routines, it will be easier to work the full 8 hour day and adjust back to normal life when COVID-19 is over.  

2. Team communication

Not only can it get lonely working by yourself but you can also lose motivation. This is why you should make sure that you keep up communication between your colleagues and teams. First of all, you need to ensure that when you are working, your ‘status’ in the workforce communications tool (i.e., Slack) is set to ‘working, available or online,’ so the team knows that you can be reached. You should also regularly check your organization’s primary communication tools for updates and announcements. This will ensure you: 

  1. Stay motivated to get your work done.
  2. Know what everyone is working on.
  3. Make sure you are all working towards the same goal. 

At WhosOnLocation, we have added two 15 minute catch up meetings on top of our usual Monday team meeting. This enables us to raise any problems and ensures we have all the information we need to carry on with our work. 

3. Online meetings

To minimize the risk of meeting delays, you should remind your employees of good online meeting practices. As we all know, technology can sometimes test our patience, so it’s good to sign in a couple of minutes early to make sure everything is in working order. We should also do our best to make sure the environment where we’re taking calls with clients or team members is without distraction and is quiet.

4. Health and wellness

To get the most out of the day, we need to make sure we are looking after ourselves by staying fit and healthy. You can reduce the risks from display screen work by following some of these simple ideas:

  • Microbreaks 

A microbreak is a frequent break that lasts anywhere between 30 seconds to 5 minutes. Evidence suggests microbreaks reduce muscle fatigue by as much as 20-50 percent in an eight-hour day. Regular breaks are better than longer breaks, so a 5 – 10-minute break after 50 – 60 minutes is better than a 20-minute break every 3 hours.

  • Proper desk chair posture

Poor posture (e.g., slumped shoulders, protruding neck, and curved spine) is the culprit of physical pain that many office workers experience. The way you are sitting can have a transformative impact on your day. It’s hard to imagine that we might be doing damage to our body by simply doing nothing. Nonetheless, our posture has a huge impact on our health, success, and overall happiness. It’s crucial to be mindful of the importance of good posture throughout the workday. Here’s how to achieve good posture: 

  • Adjust the chair height so your feet are flat on the floor and your knees are in line (or slightly lower) with your hips
  • Sit up straight and keep your hips far back in the chair.
  • The back of the chair should be somewhat reclined at a 100- to 110-degree angle.
  • Ensure the keyboard is close and directly in front of you.
  • To help your neck stay relaxed and in a neutral position, the monitor should be directly in front of you, a few inches above eye level.
  • Sit at least 20 inches (or an arm’s length) away from the computer screen.
  • Relax the shoulders and be aware of them rising toward your ears or rounding forward throughout the workday.
  • Exercise

When you neglect exercise, you’re putting both your physical and your mental health at risk, which can negatively impact your productivity and effectiveness at work. This is why you need to get up and move at some point of the day, even if it’s just a 15-minute walk or stretching exercises.

  • Eye fatigue

Computer use is a common cause of eyestrain. These self-care steps can help take some of the strain off your eyes: 

  1. Blink often to refresh your eyes. Blinking produces tears that moisten and refresh your eyes.
  2. Take eye breaks. Throughout the day, give your eyes a break by looking away from your monitor. 
  3. Check the lighting and reduce glare. Bright light and too much glare can strain your eyes and make it difficult to see objects on your monitor. The worst problems are generally from sources above or behind you, including fluorescent lighting and sunlight.
  4. Adjust your monitor. Position your monitor directly in front of you about an arm’s length away so that the top of the screen is at or just below eye level.
  5. Adjust your screen settings. Enlarge the type for easier reading. And adjust the contrast and brightness to a level that’s comfortable for you.

5. Set boundaries with whoever is in your bubbles

Staying focused means removing any unnecessary distractions within your work hours. This doesn’t mean you shouldn’t communicate with the people in your bubble for the full 8 hours of the working day (remember you have microbreaks), but it means setting boundaries. For example make sure the people in your bubble aren’t watching TV too loudly or put up a do not disturb sign outside your workspace. This will help you stay focused throughout the day and keep your workspace as a work-only zone. 

(Note: it’s recommended to find a space that does not coincide with other activities such as sleeping or watching TV if possible) 

5 minutes read time

Use WhosOnLocation to help your organization manage COVID-19

Download our handy checklist here.

Get the full set-up instructions in our Help Centre.

Updated May 1, 2020

Since January 2020 those on the frontline have been working tirelessly to help combat COVID-19, we would like to express our thanks to all involved for their tireless work. 

Here at WhosOnLocation we live and breathe keeping people safe and secure. We have a number of features that you can utilize within your WhosOnLocation subscription to help protect your organization while aiding the reduction and spread of COVID-19. 

With recent advice to go “hands-free” as a way to combat the spread of the virus, we’ve also pulled together an overview of the features within your WhosOnLocation subscription to help your employees, visitors and contractors go “hands-free” when signing into and out of your organization. 

‘Contact tracing’ is currently all over the news, so we’ll take a look at how your WhosOnLocation subscription has got you covered.

Managing Employees, Visitors, and Contractors

Utilize the power of Important Notices and Triggers to strengthen your organization’s defenses against not only COVID-19 but any threats to those in your duty of care.

Important Notices

We offer two types of Important Notices; acknowledgment notices and instant messages. Use Acknowledgment Notices to define your audience, period of time to be published and the frequency for the notice to be displayed. If Acknowledgement notices are not “acknowledged” guests will be unable to proceed, notify the appropriate person within your organization. 

  • Example: “In the last 14 days have you suffered from the flu or traveled to any of the following countries; China, Northern Italy, Japan, Iran?”  Answer “Yes” or ”No”. 
  • If your guest answers “Yes” the appropriate people are notified and on site procedures can be taken within your organization to deny access.  

Instant messages are a one-off notification that can be sent to employees, contractors, and visitors to notify of onsite process, emergencies or changes to policies – the options are endless. 

  • Example: Hello, to protect our employees and guests we are operating with additional measures and caution with regard to the spread of COVID-19. Please ensure you follow all onsite instructions which can be found here.


Triggers can be used to display messages, deny entry and sign in and out. One way you could utilize triggers is to understand if guests have traveled to an infected area and if they answer “yes” deny access and notify the appropriate person in your organization. Read our recent blog to learn more.  

Contact tracing


If you are currently signing all employees, service providers, and visitors in and out, and someone is diagnosed with COVID-19, you can easily report on

  • Everyone on-site at the same time as the individual, for the days leading up to the diagnosis
  • Everyone from the individual’s department working in close proximity during this time
  • Any visitors the individual hosted during this time
  • Anyone working in the same ‘zone’ as the individual in the given time period

Take action

By identifying the people and areas at risk, you’re able to take action to protect your organization, by:

  • Those employees that should be sent home to self-quarantine 
  • Visitors that need to be contacted, and
  • Areas of the building which may require additional cleaning.

Go touchless

For employees and service providers

There are a number of options available for employees and service providers that involve minimal touch points, or none at all.


Issue your service providers and employees with WolMobile to manage their presence. By taking full advantage of the features WolMobile offers they can sign in and out without the need to use a Kiosk, therefore minimizing the number of touch points and the potential for contamination.


Tokens are assigned to employees or service providers so they can sign in and out of a location by scanning a barcode or RFID tag. With a quick scan, the employee or service provider can be instantly signed in, without the need to input their details on a Kiosk.

For Visitors

On average guests touch your Kiosk screen 35 times to sign in/out, using the Pre-registration and WolPass features you can reduce the number of Kiosk touches down to 2 or 3.  


Limit the number of people who need to touch your Kiosk by pre-registering visitors prior to their arrival on site. This allows your Front of House Team team to know in advance who is due on site. They can also sign them in with just one click using the Sign In/Out Manager, this means they don’t need to touch your Kiosk at all. 


Consider WolPass as your guest’s boarding pass to your organization. It can contain a variety of information including specific instructions of what a guest needs to do when they arrive on site to sign in/out. The WolPass has the visitor’s details embedded within a unique QR or barcode. When they arrive on site they simply scan their WolPass at the Kiosk reducing the need to touch the Kiosk.  

Using Brivo with WhosOnLocation 

If you are using  Brivo* cloud access control system with WhosOnLocation you can place your Kiosk outside the door to your Front of House Team. As you are integrated with Brivo, the door will automatically unlock once the visitor has signed in. In effect introducing hands-free unlocking of the doors, your visitors can access. Once signed in your visitor can collect their visitor pass from reception and use it to ‘hands-free’ unlock any door a visitor is permitted to enter. 

To get started with these features, your WhosOnLocation Administrator will need to activate them within your subscription. If you need further assistance please don’t hesitate to contact our Support Team.  

*Brivo incurs an additional cost outside of standard WhosOnLocation subscription costs.  


3 minutes read time

Employing a Lone Worker? Make sure you’ve got their back

Employees who work alone often lack the safety or backup of those around them should they face confrontation, injury, or otherwise require assistance. In many countries, the law requires employers to carefully consider and then mitigate the health and safety risks to employees working alone. 

Is Lone Worker safety specific to the construction industry?

Although working alone is synonymous with contractors and employees in isolated or remote locations, in the eyes of the law, it’s possible to be surrounded by a thousand people and still be working alone. 

By definition a lone worker can actually include:

  • Staff on the night shift working in petrol stations
  • Contractors working inside occupied premises but in isolation of any close or direct supervision
  • Delivery drivers
  • Social and medical workers
  • Cleaners
  • Security guards on lone patrol
  • Miners
  • Maintenance and repair staff in the field
  • Agricultural and forestry workers
  • Telecommunications technicians
  • Estate agents
  • And many more…

How do I keep my Lone Workers safe?

Managing the risks associated with employees and contractors working alone can be a challenge. Luckily, there are a number of apps and services available to help organizations reduce the chances of lone worker injury or loss of life.

People presence software is a great place to start, as understanding who is on or off site (and in your duty of care) is the first hurdle to overcome.

A small number of people presence software providers go further than this, with mobile apps, features, and add-ons specifically created to keep your at-risk workers safe. WhosOnLocation is a perfect example of this.

How can technology help?

Mobile sign in

WhosOnLocation’s mobile app, WolMobile, allows employees and contractors to sign in for work even when they’re out on the road or working in a remote location. For those locations where safety is a top priority, a geofence can be configured to automatically sign in anyone who enters the location. As soon as an employee or contractor’s phone crosses the geofence, WhosOnLocation automatically records their status as on-site, and signs them out again as they leave.

Follow Me

Do your employees or contractors often travel between sites, or work alone on a large site? For added safety, WolMobile offers the option to ‘follow me’. Each time the employee or contractor’s geolocation moves more than 100m an update is sent to WhosOnLocation, so you can be there to offer assistance as quickly as possible in an emergency.

Set up alerts

Using WhosOnLocation’s Triggers feature, alerts can be set up when an employee or contractor signs in to carry out work alone. The software can also ask how long the work is expected to take, and can send alerts when employees or contractors are overdue to finish and sign out. 

Triggers don’t end there – alerts can be sent when someone tries to sign in after hours, on non-business days or has signed into a hazardous zone.

Be ready in an emergency

WolMobile has an SOS Alert button in-built. If your lone worker gets into trouble and needs immediate assistance, they simply hit this button to send an SOS with their geolocation to a nominated safety operator.

8 minutes read time

We’re ISO-27001 certified. Here’s why it was worth it.

Are you a cloud-based service looking into getting ISO-27001 certification? Are you wondering about the process, the benefits, and whether it’s worth it?

There are a lot of articles about ISO-27001 written by security and compliance consultancy firms, but there’s not much out there about what it’s actually like from the perspective of an organization going through the process.

This was something we thought was lacking when we were doing our research, so we thought – why don’t we share our first-hand account?

This blog post addresses some of the big questions we had before making a decision.

Why become ISO-27001 certified? 

After completing our GDPR compliance requirements prior to its implementation in May 2018 we decided to pursue ISO-27001 certification.

We realized that in an ever-evolving security landscape, our customers were becoming more and more stringent in their procurement process. With major security breaches such as the Dropbox incident in 2016 (which led to the leaking of 68 million user passwords) and the iCloud leak of more than 500 private celebrity photos in 2014, organizations are much more aware of the security risks of using cloud-based services.

Prospective customers were beginning to ask us detailed and specific questions about our security management processes. One question that kept coming up was “Are you ISO 27001-certified?” We knew many of our competitors were attaining SOC 2, but direct customer feedback was telling us that ISO-27001 was more important for our particular service and market niche: we serve many international enterprises, and ISO is more globally applicable than SOC 2. This, of course, is something that your organization needs to weigh up. 

How long does it take to get ISO-27001 certified? 

We found it really difficult to find an answer to this online – and now it’s very clear why. It really does completely depend on your organization. We had read everything from a couple of months to more than a year. It took us 18 months.

There were a few factors that stretched the process out for us:

  • We are a relatively small team, and we did not have a dedicated person working on this full-time, so our IT and Security departments were working on ISO over and above BAU.
  • We also decided to address and meet every control as outlined in Annex A of the standard, including things that were not necessarily risks for us. This was a decision to be completely thorough and follow best practice. Some organizations might not choose to do this.

“ISO 27001 is very resource hungry on your teams, and when you are trying to focus on growth, ISO can seem like a distraction. But it is not. It is an essential part of our DNA and creates opportunities for growth in your people, your culture, and your customer footprint.”
– Darren Whitaker-Barnett, CEO

Is ISO-27001 certification worth the time, energy and cost?

For us, becoming ISO 27001-certified was absolutely worth it. Even despite the fact that we had contracts that were contingent upon our eventual certification, this was a sound business decision for so many reasons.

“This process has been great for building customer confidence. And it lowers the barriers to sale when we are interacting with potential customers. For many of them, it’s a must. And for the others, it’s a huge bonus.”

– Andrew Thompson, Chief Security Officer

Business benefits for us include…

  • Having a solid foundation to pursue other security certifications or attestations, such as SOC 2
  • Establishing a strong security culture throughout our organization
  • Living and breathing our vision to become the most trusted people presence management system in the market
  • Further establishing our brand as the top choice for enterprise-level organizations
  • Potential cost savings in the long run that come from having a sound information security management system

“Being ISO 27001-certified allows us to speak confidently about our security practices because we know we’re following international best practice. That’s the best value you can possibly offer from a security perspective.”

– Tom Peck, Chief Technology Officer

What is the ISO-27001 certification process like?

We engaged Axenic, a security consultancy agency, to assess our current state of security, conduct internal audits and assist us on the path to certification (getting us ready for external audit and assessment – which was ultimately conducted by a third party auditor from BSI).

“It was the right decision to engage a security and compliance consultant. We couldn’t have done this without Lisa [from Axenic].”

– Tom Peck, Chief Technology Officer

Firstly, Axenic conducted a gap analysis using the Framework in conjunction with Annex A of ISO/IEC 27001 to create a Current Profile. As we mentioned earlier, we decided to implement everything in Annex A – even things that were not risks to our business/security processes – this was a business decision to follow best practice.

After this, we conducted a risk assessment. This report identified which controls were there and did not need improvement, which controls were already there but did need improvement, and which controls needed to be implemented from scratch. These are “risks” and are categorized as either low, moderate or critical.

Originally, we identified 35 risks. We achieved certification with only 7 areas of concern (though none enough to be a nonconformity).

“The process was not complicated, but we certainly had no idea how extensive or time-consuming it would be.”
– Andrew Thompson, Chief Security Officer

What kind of ongoing maintenance does it require to keep ISO-27001 certification?

ISO-27001 requires consistent management and maintenance. We’ve seen it said that ISO is a lifestyle, and that’s definitely true!

Retention of ISO 27001 certification includes…

  • An annual surveillance audit makes sure you’re on track to managing all outstanding areas of concern
  • A 3-yearly major re-audit will determine your eligibility to retain certification
  • There will be other reports and documentation that requires even more regular review, bi-monthly etc.

Should you get ISO-27001 certified? 

Consider ISO-27001…

  • If you want to serve customers in countries like Japan and India, it’s a legal requirement.
  • If your customer base includes international organizations, ISO-27001 is more widely applicable globally than SOC 2.
  • If your customers include large enterprises, it is good practice, and it removes a barrier when trying to get new customers over the line.


  • If you’re a small company (say, smaller than 20 people), consider that there are many roles that are required of staff over and above BAU, so a small team may not feasibly be able to complete or maintain ISO-27001.
  • If you only service small businesses (who generally are less discerning than larger organizations) ISO-27001 certification is possibly not necessary.

“ISO certification has created a ‘security first’ mentality in our office culture; this is an absolute must-have when dealing with customer information.”

– Darren Whitaker-Barnett, CEO

Our advice to any organization going through the certification process:

Make sure you’ve got the resources to get through it because it’s not something you can go into half-heartedly. For example, sometimes it will make sense to bring in external experts.

Make sure you’ve brought everyone in the company along on the journey. This requires a big culture shift, so make sure everyone understands why this is important and what the process is like.

Make sure you have enough people to fill the roles required by the standard. We have a relatively small leadership team so with all the roles necessary it might not have been possible to do it if the team were any smaller.

You need someone to really own and drive this process internally. For us, this was our CEO – he was committed to this and really gave it everything. It had his full attention over and above everything else.


We are not security or compliance consultancy. Everything outlined in this article is purely our own experience or opinion. Every organization considering ISO-27001 should undertake their own research and gain professional advice before making a decision.

About WhosOnLocation

WhosOnLocation provides people presence management software that monitors the safe and secure movement of people through buildings and work sites. Our powerful, cloud-based solution unites visitor, contractor, employee, and emergency management, enabling organizations to secure their facilities and ensure the safety of every person on-site. Armed with a rich, unified source of people presence information, our users are empowered to make more strategic, data-driven decisions that mitigate risk, reduce overhead costs, and streamline operations. Compliant with ISO:27001 2013 for Information Security Management. WhosOnLocation serves organizations in 42 countries around the world and manages over 60 million secure movements through thousands of locations each year. For more information, visit

4 minutes read time

2020 vision: Where is facility management heading?

The expectation of your role as a facility manager is to manage costs without compromising workers’ experience, which is becoming increasingly difficult with the pressure to become more efficient, both financially and in terms of energy, while satisfying multicultural and intergenerational teams. To ensure facility managers stay on top of their demanding job, it is important to keep up to date with facility management trends. So what are they? Don’t get left behind, learn what 2020 has in store for you.

Click here for infographic

Top trends of 2020:

1. Smart technology

Technology continues to redefine the world around us, and there is no exception when it comes to facility management. As we enter into 2020, we can expect to see the majority of buildings adopt smart technologies as it is not only cost-effective, but you can also reduce your organization’s environmental impact. The five core benefits of smart technologies include:

  • Integrated workplace and wellbeing management solutions to drive productivity, performance, and longevity 
  • Energy and sustainability solutions for eco-friendly carbon footprint impact and compliance 
  • Increased efficiency via automation for workstream optimization and cost-saving 
  • Predictive maintenance capability for effective operations and better asset management
  • Best practice and agile processes for converting reactive activities into smart services

2. Employee wellness programs

The productivity and wellbeing of employees have taken center stage in recent years, with organizations recognizing the value of happy and engaged staff when they have excellent mental and physical health. The health and wellness of their employees usually have a direct effect on the productivity and profits of a company. 

Wellbeing programs have led to a trend in FM managers focusing on the creation of workplace strategies that actively promote engagement, wellbeing, and, ultimately, the productivity of their staff. Some strategies include: 

  • Healthy lunch and snacks
  • Assistance programs
  • Naps
  • Fitness activities 

3. Sustainable solutions

The responsibility of sustainable solutions will only expand in the future for facility managers, as it’s a given fact that buildings account for almost 40% of global energy use, therefore sustainability has become an essential strategic topic. 

Existing assets and systems will need to be put into a sustainable framework, including making life-cycle assessments and undertaking life-cycle building management. Training employees in maintaining a sustainable workplace and developing new methods to reduce energy levels, waste and carbon footprint overall, is the future of facility management. 

4. Drones for inspection 

Within facility management, drones are primarily being used for inspections in hard to reach areas such as rooftop equipment or building facades. Drones can save time by preventing the need to erect scaffolding or aerial work platforms which also makes it cost effective. 

5. Augmented reality 

Augmented reality will enhance visibility and allow you to experience situations without physically being there. This will improve awareness of the surrounding risks and asset monitoring, especially for those that are difficult to access, such as pipes buried deep within walls or underground tunnels that may be dangerous to walk through. Maintenance tasks and system modifications can be completed more efficiently while helping protect workers. 

6. Outsourcing

There is a lot of pressure on companies in the modern world to offer value to their customers, forcing them to constantly innovate and expand their core services to deliver more and more value. The consequence of this is often a reduction in their non-core facility management budget, at the same time as employees and clients expect better workplace experiences. This is exactly what makes outsourcing such an attractive proposition and an upcoming trend in facility management.

7. Collaborative spaces

Collaborative spaces have quickly become a hot trend in office design over the last few years, and for a good reason. More space to collaborate in an office means improved employee morale, creativity, and productivity. 

It is no surprise that most of these trends stem from the evolution of technology. WhosOnLocation is one smart technology that has revolutionized the way thousands of organizations manage the safety and security of everyone on site. A paper book can record the details of who is on site but is ineffective when it comes to ensuring visitor data isn’t shared with others, that contractors have the relevant insurances, are inducted to site processes and procedure, and most importantly everyone is able to be accounted for in the unfortunate event of an emergency. 

Take a free 30 day, no obligation trial of WhosOnLocation today to find out how our smart technology can help you manage visitors, contractors, employees, and emergencies