Social engineering is almost(?) always the greatest risk. At my last workplace we were required to close the door on someone behind us, no matter how close, so they would have to use their own key card to get in. It is VERY HARD to close the door in the face of a fellow employee you know even though they might have been fired that morning for all you know.

It is VERY HARD to close the door in the face of a fellow employee you know even though they might have been fired that morning for all you know.

Yes, it is very hard. Where I'm, now, even the head of security sometimes holds the door for fellow employees.

One place I used to work had revolving doors so only one person per card "swipe" could get through.

(There was also a door for handicap access at the main entrance. It was activated by the security guard.)

Sometimes things get absurd. I our data center we had the usual separation units with key cards, finger prints, video etc. And this units have sensors under the floor that check if someone is inside. And the sensors have a threshold. Some day a guy that looked like John Coffey in "The Green Mile" checked in. But he couldn't check out - probably because of his weight. The security guys needed about an hour to get him out.

Best regards, Karl

«The Crux of the Biscuit is the Apostrophe»

perl -MCrypt::CBC -E 'say Crypt::CBC->new(-key=>'kgb',-cipher=>"Blowfish")->decrypt_hex($ENV{KARL});'Help

We had the same problem when they tried implementing that policy at my $job--. Management "solved" the problem by installing what they called "fast lanes" that all the employees had various alternate derogatory names for instead (they were anything but fast). The lanes were basically a sensor for your badge, two glass panels that met in the center and slid open left and right when a badge was scanned, and motion sensors to make sure only one person walked through. The problem was the sensor would get it wrong all the time, people would frequently have to do things like push equipment carts through (setting off alarms), and you could only scan in if you weren't logged as inside any company building and scan out if you were inside THAT building. Massive problems all the time, alarms always going off, if security wasn't present such as anytime after 5:00 there was no way to get in a building if the system wasn't working (as if people weren't already upset about working late).

One day when the entire system had crashed (that happened quite a bit), there was a blue screen of death on the LCD on top of the badge scanner noting that it was running Windows CE. All the Software Engineers who had experience doing embedded projects based on both Linux and Windows CE for the company of course had a good laugh saying things like, "well, that's your problem right there." My immediate manager at the time, who was awesome, jokingly said things like, "I wonder which executive's brother-in-law owns the company that does these fast lane things," and, "I'm pretty sure this 'security' talk is all a ruse and they are just starting to log lists of all the employees who dare to not work a 45+ hour work week every week."

On the plus side, a few of us did become pretty good friends with one of the security people, who after you got a beer or two in him would lament that, "yep, my job is pretty much ridiculous... but hey, if this is what somebody wants to pay me for."

Just another Perl hooker - My customers appreciate that I keep my code clean but my comments dirty.

Just pretend its a bathroom door

Also report the guy to OSHA guy, walking face first is dangerous