Barely a day goes by without hearing about a new hacking or ransomware incident. Even school systems have become a major target. Companies are fighting back by investing heavily in cybersecurity technologies. Gartner, an IT research and advisory firm, estimates global information security spending will reach $84.5 billion by the end of 2017, up 7 percent from 2016. But what about physical security for high risk places like banks, data centers and airports? Should you consider things like bulletproof barriers, biometrics and mantraps for access control?
At data centers, for example, the majority of information breaches result from “hands-on” activities, including the theft of servers and hardware, unauthorized use of computers and servers, and damage caused by the loss or improper disposal of equipment, according to an Information Security & Data Breach Report from Navigant, a global management consulting firm.
Depending on your needs, structural security often requires a multi-layered approach. As a first line of defense, you may need to invest in perimeter security – barriers, guard gates, fencing. To control the flow of visitors and employees in individual facilities, you’ll need to think about access control technologies, such as card readers or biometric devices (think fingerprint scanners). If you require enhanced protection for mission-critical facilities or restricted areas within facilities, a mantrap may be the answer.
What is a Mantrap?
In its most basic form, a mantrap is a small room, or vestibule, with two doors designed to “trap” an individual before he or she is cleared to enter a secure location. Either a security guard can allow access or the person can use some type of verification technology, such as a card reader, PIN code or fingerprint scan, to gain entrance.
Three Basic Variations
- Air Lock Control – This system offers the perfect solution for minimum-security applications, such as a clean room environment, where all doors are normally unlocked until you enter the mantrap. Once inside, all other doors automatically lock, and you must use verification technology to exit.
- Restricted Entry/Unrestricted Exit – This option provides a step up in security. This system secures exterior doors and keeps interior doors unlocked. You can use a valid access card to unlock an exterior door only if the interior doors are closed. When you unlock an exterior door, the interior doors lock. Once the exterior door is re-secured, interior doors unlock to give you access to the facility.
- Restricted Entry and Exit – This variation, where all doors are always locked, provides the highest level of security. A typical system with two doors works as follows:
- To enter a secure area, you swipe a keycard, enter a PIN, scan your fingerprint, or use some other method. Once the system authenticates your credentials, the door unlocks automatically, allowing you to enter the mantrap.
- Once you’re inside, the first door to the mantrap locks, preventing other individuals from entering the vestibule. The most effective mantraps employ technologies that verify the presence of only one person. If the system detects more than one person, it denies access and signals an alert.
- You then apply the necessary security credentials to the second door. When the system verifies these credentials, you can enter the secure area. Until this door is closed and locked once more, no one else can gain access to the mantrap.
To prevent an employee from lending his or her keycard to an unauthorized user, many card readers incorporate anti-passback features where access cards must be used in a specific sequence for the system to grant access.
To control access to and from a facility, for example, you would swipe your card to enter (“card in”) and swipe again to leave the building (“card-out”). Regional anti-passback systems establish additional rules for card readers within a specific area of a building. If you don’t enter a building through an authorized card reader entrance, for example, you won’t be granted access from any other card readers within the facility.
These systems often employ timed, soft or hard anti-passback features. In a timed setup, the violator is blocked for a set period of time. Soft anti-passback admits the violator to the secure area, but it notifies a system operator. Hard anti-passback technologies completely deny access to the violator.
Where Are Mantraps Commonly Used?
If your facilities house mission-critical operations, highly proprietary research or sensitive data, using mantraps for access control can help keep your buildings secure. They’re frequently used in airports, back-facing banking operations, healthcare facilities, research labs and government installations. They also find widespread use in data centers to protect servers and sensitive digital information.
Mantrap Use in Data Centers
While data centers often focus security efforts on virtual threats, such as hackers and malware, these critical facilities require advanced protection against physical intruders, as well. A criminal with access to a server room and armed with a flash drive can do as much, if not more, damage than a hacker breaking into the system.
These data center robberies help highlight the need for increased structural security:
- Vodaphone: Thieves stole computer equipment and network hardware from British telecom provider Vodafone in 2011, causing mobile disruptions for several hundred thousand customers across southern England.
- Vudu: Wal-Mart’s streaming media provider Vudu experienced a break-in at its office in 2013, where criminals stole hard drives containing users’ emails, addresses, account activity, dates of birth and credit card information.
- Plan UK: A thief forced his way into the server room of children’s charity Plan UK in 2015, taking five servers containing information on 90,000 supporters, including names, addresses, contact details and bank account numbers.
Is a Mantrap Right for My Facility?
So how do you decide if a using a mantrap for access control is the answer? First, you need to balance security requirements with your budget constraints. Take the time to assess your threat profile and come up with a cost-effective solution to match – whether it’s a combination of perimeter security, access-control technologies and mantraps, or a more scaled-down version.
To avoid potential problems of misuse with card reader systems, a growing number of companies and organizations use biometric technologies to effectively control access to their facilities. These scanning devices make use of your unique physiological characteristics, such as your fingerprints, face shape or vein patterns, to verify your identity. Since they are difficult, if not impossible, to replicate, they serve as an ideal way to make sure you are really you. Biometric technologies range from facial recognition and voice authentication to fingerprint and iris scans.
At what point do mantraps become a necessary add-on? It depends on the level of security you require. They make sense if you need to protect large amounts of sensitive data, and the risk of a physical breach is high. But, if you don’t have a track record of break-ins, and the threat level is lower, biometric technology by itself may be sufficient.
Important Mantrap Considerations
As you weigh your security options, keep the following in mind:
- Cost & Complexity – Mantraps can cost between $30,000 and $60,000 each, depending on their level of sophistication. That doesn’t account for the potential cost of hiring guards to monitor the access process. Also, installation can be complex. Mantraps typically come in one or two pre-fabricated configurations, so if you want to add a mantrap to an existing facility, the installers will need to make several modifications to accommodate the system, including moving walls, enlarging entryways and other structural changes.
- Protecting Employees vs. Securing Access – Think about the purpose of the security measure. Mantraps are best suited for access control in back-facing, restricted areas. If you’re looking for a more front-facing solution, protecting your employees in high-traffic areas without sacrificing good customer service, a bulletproof barrier is a better option.
- Maximizing Safety – What if someone gets caught in the mantrap during a power outage or fire? You need to consider fire code requirements and establish back-up plans to avoid creating a safety hazard.
- Ensuring One Person at a Time – Mantraps are designed to allow entry to only one person at a time and avoid the “piggybacking” or “tailgating” effect. This happens when someone slips into a secure area by following a person who has authorized access. But how do you make sure there is only one person in the mantrap at a time? You can hire a security guard to monitor the vestibule, but there’s a cost associated with securing these resources. Or, you can incorporate technologies that perform this task automatically.
Some systems make use of infrared sensor beams to count the number of entrants to the mantrap. Others involve pressure mats or video analytics that sense if more than one person is present. But what happens to the authorized delivery person carrying large items on a dolly into the secure area? These technologies can mistake the delivery for a second person and deny access or trigger an alert. Advanced cameras, such as Newton Security’s T-DAR system, are designed to avoid this issue and can sense if more than one person is present in the mantrap.