In corporate security, the biggest challenge and weakest link has always been the humans. Yes, you and I and our inherently flawed behaviors and mistakes that we make every day–sometimes without even recognizing them as possible attack vectors. We can’t help it; we’re human.
For instance, we humans struggle to remember many complex things, so we use the same password over and over across our personal and professional logins because it’s easy for us to remember. That act, however, makes it very easy for an attacker to acquire one credential, then move laterally across our digital footprint, from corporate networks to personal bank accounts.
A common approach that nefarious actors take to gain unauthorized access to networks, data, and physical spaces is social engineering. The InfoSec Institute updated its Most Common Social Engineering Attacks 2020 a few months back. As expected, most attacks are focused on the cyber realm. However, tailgating is included as a socially engineered attack in the physical world that represents a high-risk security event that has been a tough nut to crack for many organizations.
What is tailgating?
Tailgating, also known as piggybacking, is when an authorized user knowingly or unknowingly allows an unauthorized user to ‘ride-along’ their access into a space. For example, I am an authorized user for a server room. I swipe my badge and hold the door open for you to come in with me to look at something in the room. Or, I tap my access credential and enter a secure space, and someone grabs the door behind me without my knowledge and sneaks in behind me.
Many times, tailgating occurs out of politeness and convenience. For example, as a couple of colleagues and I approach the office after lunch, I present my credential and hold the door open as the group enters the space without individually themselves badging in. But, again, it’s just common courtesy and more convenient for those that didn’t badge in appropriately to walk right in rather than follow the correct procedure.
What is the potential risk?
Many times, tailgating is with a known group of colleagues entering general or common areas–an office lobby, etc. And while that day-to-day interaction may seem low risk, one should consider that tailgating doesn’t occur just at the front door after a group goes out to lunch. It happens every day among colleagues in high-security areas, which does pose incremental risk to an organization. Also, from a security perspective (both cyber and physical), today’s insider threat risk is a significant area of concern. Insiders may seem like regular colleagues amongst us, but they may have ill intent, so allowing them to piggyback into sensitive areas creates more risk.
Likewise, disgruntled ex-employees, corporate sabotage, and even violent attacks can be perpetrated inside a physical space when an unauthorized individual gains access by exploiting the courtesy of an unsuspecting staff member.
How does a threat actor use tailgating to infiltrate?
Socially engineered attacks prey on our human nature. With tailgating, this is almost too easy. Simply asking someone to hold the door or making up a story about a badge left at home, on a desk, or in a car, is easy.
Other ways that bad actors are using this tactic is posing as delivery drivers–whether packages or food delivery. This approach is increasingly challenging for security leaders as the pandemic has dramatically increased the reliance on delivery for everyday items like food and more, resulting in a wide variety of new individuals entering a space. Whatsmore, this activity is pervasive today and, for the average employee, seems part of the daily routine.
What can you do to mitigate tailgating?
The solution isn’t easy. To tackle, you need a multifaceted approach including the human components related to education and culture, as well as the technology element to reduce this overall risk.
Education and culture are critical. Technology can help, and we’ll get to that, but evangelizing to your staff the dangers of tailgating and changing the ingrained mindset that it’s not safe–even if you’re just polite. Enforce every individual using their credentials, even if it’s a group of five people walking in simultaneously–everyone has to swipe. Changing behavior isn’t easy, but it is necessary to lessen the threat of tailgating.
Technology also has a role to play here too. For example, access control solutions, like Brivo, provide the foundation for ensuring only authorized users have access to the appropriate spaces across the facility, and combined with video surveillance, you have a visual record of offenders and events. But there’s more you can do to proactively address tailgating by integrating access control solutions like Brivo with tailgating detection tools via video AI and real-time video search such as Camio.
The Brivo – Camio integration detects tailgating incidents and flags them for security leaders automatically. The integration works by leveraging access event data, including the approved credential holder information and the number of people expected to enter with that credential. Then, using existing video cameras and AI-powered Camio tailgating detection, the number of people who actually enter during that access event is identified. When the number of humans detected is higher than the number expected based on the credential, the solution automatically flags a tailgating event, sends an alert, and provides video evidence for remediation.
BRIVO + Camio
Learn more about how this powerful integration can help you address the technology elements to reduce tailgating risk at