Tuesday, February 12, 2019

How Will Your Correctional Facility Deal With These Challenges in 2019?

Jail keys
While the Bureau of Justice Statistics has indicated that prison and jail populations have been trending slightly down over the last decade, the reality is that such a decline has done little to alleviate the common problems at correctional facilities around the nation.

As we move into the thick of 2019, correctional facilities will continue to face major challenges that leave officers and employees at risk, increase the chances of inmate violence, and cause many other headaches inside your walls.

Here are some challenges correctional facilities can expect to deal with in the coming year, along with ways to combat them.

Retaining Staff


As you're no doubt aware, working in a prison is a stressful job. Correctional officers (COs) deal with dangerous people and must face the risk of riots, attacks and escape attempts on a daily basis. In many ways, being a CO can be a thankless job since it can be difficult for people to get a sense of what the job provides to society. From poor safety practices to low pay, several issues have driven many good COs away and contributed to staff shortages in many states.

One small thing you can do to help retain your COs is to help them feel like management understands their concerns and issues. Reassure them of the importance of their position and what it provides to society — keeping criminals off the streets. In addition, take what steps you can to give them better safety and security within your facility, whether by implementing new technologies or providing them with better safety equipment.

Managing Overcrowding


Though the number of inmates has generally declined in recent years, prisons and jail have remained overly crowded based on official capacities. Overcrowding opens the door to many issues, such as an increased chance of inmate violence and a strain on CO and inmate morale. In fact, overcrowding was credited with fueling riots in Kansas prisons in 2017 and 2018.

The construction of more correctional facilities is largely out of your hands, so managers and officers simply have to do the best they can with the available resources to manage the overcrowding issue. Consider reviewing your protocols for what your COs' responsibilities are, how you manage your keys and how you address inmate issues and complaints. Look for areas where lapses in these areas might be leaving everybody at risk and develop better processes. Hold staff accountable to make sure they follow these new rules.

Preventing Violence


Unfortunately, violence is a reality of life in and around correctional facilities, and it affects inmates as well as COs. Even when inmates aren't directly attacking officers, the latter must still get involved during fights between inmates, putting themselves at risk and potentially causing violence to escalate.

Preventing violence is difficult, especially since overcrowding can only be managed internally so much. The best thing you can do is to take steps to better protect your officers who are in harm's way every day. Provide them with equipment, tools and training to handle threats. Find inefficiencies in your physical security that could leave COs at risk of attack or prevent riots from being contained quickly.

Some of these challenges are, to some extent, inescapable due to the myriad of reasons that contribute to people ending up incarcerated and the lack of funding. However, setting policies and making sure COs and employees follow them can give you a step up in protecting your staff not only this year but for years to come.

Tuesday, February 5, 2019

Customer Tip: Revoke Access Privileges When Employees Leave

Access denied graphic
When an employee leaves your organization, how long afterward are they able to access your company’s systems or use facility keys?

Failure to revoke former employees’ access privileges is a rampant problem across all industries. In a survey of IT decision makers, nearly half of respondents said they were aware of ex-employees who still had access to company applications. Some of these respondents (20 percent) also said that their organization had experienced a data breach as a result of continuing to allow former employees access to company resources.

Just as it’s important to deprovision access to corporate accounts such as email and customer databases, it’s critical to ensure no former employees have access to your key control system by deleting users immediately after they terminate employment.

By following best practices for reducing internal theft — both during and after someone’s employment — you can keep your business secure.

Tuesday, January 29, 2019

How Comprehensive Is Your K-12 School Campus Security Plan?

High school hallway
Protecting the students and staff on your K-12 campus is not a small or simple task. Schools across the country have felt the repercussions of inadequate security measures in very real and tragic ways in recent years, and you've likely responded to this by stepping up the security at your own campus.

However, it can be easy to fall into the trap of being sold on a cheap, simple solution that either doesn't work in practice — potentially at a time when it is needed most such as during an active shooter scenario — or is sold as one-stop-shop solution that will solve all your problems.

The Partner Alliance for Safer Schools recently released the fourth edition of Safety and Security Guidelines for K-12 Schools to help administrators implement layered and tiered approaches to campus safety and avoid the pitfalls of ineffective and oversold solutions.

The guidelines point out that protecting students and staff from potential threats takes a comprehensive approach. Even one small gap, such as a door that isn't locked or a key that isn't returned, can leave your campus at risk.

Among the guidelines is an emphasis on the role key management must play in your security infrastructure, whether you use traditional keys or an electronic keyless system. The guidelines recommend that keys should be carefully controlled and limited and that "requests for keys should be handled by a process in which each key distributed is logged and documented."

Take a look at the guidelines here so you can make sure you aren't leaving any gaps in your security strategy.

Monday, January 14, 2019

What Happens When You Don't Have Accurate Key Control Records?

Antique copy of Constitution
Imagine reconstructing history without important documents such as constitutional amendments, peace treaties and records of significant events. How many different accounts of the same events would there be? How different would our understanding of the world be? On a smaller scale, that’s why it’s important to have accurate records of how your business’s keys are used.

Relying on an employee’s word or making assumptions based on the circumstances simply won’t cut it. You must have a reliable key control audit trail.

What Is a Key Control Audit Trail?


A key control audit trail captures specific details about the history of an employee’s interactions with a specific key:

  • Who accessed the key
  • When they removed it
  • Why they removed it
  • Who authorized the transaction
  • When the key was due back
  • When it was actually returned

With a verifiable record of these details, a company can build a historical record of key-related activity within the business. If the audit trail doesn’t exist or isn’t reliable, the organization is forced to rely on conjecture and employees’ versions of events.

To help you learn from others’ mistakes, we’ll examine two real-life examples demonstrating the consequences of a poor audit trail and explain what you should do instead.

Poor Audit Trail 1: A Dealership Goes to Court


Two vehicles in fender bender
For one dealership, a poor audit trail resulted in costly legal action. A dealership employee used one of his employer’s vehicles to run a personal errand on his lunch break and rear-ended a couple who then brought a lawsuit against the dealership.

The jury found that the dealership had given the employee implied permission to use the vehicle based on its policies for vehicle use (or lack thereof) and method for controlling access to keys. Described in the case summary as “an elaborate process,” the dealership’s key control procedure involved keeping keys in a shack staffed by an attendant. The key-issue process included the following steps:

  • Request Keys — Employees needing access to a vehicle approached the window of the shack to request the keys they needed.
  • Complete a Key Request Tag — Either the employee or the shack attendant filled out a key request tag containing the date, time, vehicle stock number, name of the person requesting the keys and the vehicle’s destination (test drive, detail line, gas station, third-party vendor, etc.). Employees weren’t required to list the return time, and they could check out multiple keys at once.
  • Update the Key Control Log — The attendant transferred the information from each tag to a key control log and hung the tags on a board in the shack. A new key control log was started each day.
  • Highlight the Log Entry When the Vehicle Is Returned — When a vehicle was returned, the attendant highlighted the log entry. If the vehicle was returned on a subsequent day, however, the attendant didn’t always go back to the earlier date’s log sheet to highlight the appropriate record. At least one log showed vehicles being checked out in the early afternoon for detail work — a one- to three-hour job — and not being returned until late at night, indicating that employees didn’t always return vehicles in a timely manner.

The Problem

Because one person was in charge of issuing keys and the dealership didn’t have a clear policy against using vehicles for personal reasons or without supervisor approval, employees assumed that if the shack attendant gave them keys to a vehicle, they were authorized to use it.

In addition, relying on one person to manage keys without any cross checks increased the risk of human error, and the data’s accuracy couldn’t be verified. Since keys weren’t always marked as returned and the vehicles’ gas, oil or mileage levels weren’t monitored, it was easy for unauthorized use of vehicles to go undetected.

The Consequences

Although the dealership insisted that employees weren’t allowed to drive vehicles for personal use, the jury ruled that the dealership’s lack of strict vehicle monitoring and lax key control processes implied tacit permission for employees to use the vehicles. Despite appealing the jury’s verdict, the dealership was held liable for $277,662 in damages.

Poor Audit Trail 2: A Prison Is Cited for Key Control Deficiencies


Hand holding prison keys
A 5,200-bed state corrections facility is required to undergo annual audits conducted by the state’s Office of Inspector General. One of the audit categories reviews how keys are stored and accounted for in each unit within the facility. In one year’s inspection, the audit uncovered several problems with the facility’s key control records:

  • Inaccurate Key Inventories — In several units, key inventory records didn’t match actual key stock. There were keys that were shown as on-site but were actually out for repair, a master key inventory that was off by several sets, recorded key numbers that didn’t match the number printed on the keys, and multiple key rings stored on single hooks with the additional sets not recorded in the key inventory.
  • Improperly Completed Key Logs — Some units had key control logs in place, but the logs weren’t completed properly, and keys weren’t always marked as returned. For example, of the 17 times emergency keys were signed out in one unit, the keys were marked as returned only 10 of those times. In the main control unit, returned keys weren’t signed back in or placed in key boxes until an hour after shift changes.
  • Missing Historical Records — One unit was required to keep on file a monthly report showing the inspection and inventory of all keys, but the key control officer didn’t have any master key inventory records older than three months. Of the past inventories that did exist, the corrections officer didn’t have copies available for review.
  • Separate Data Sources — The master key inventory and total number of keys on hand were documented in separate reports.
  • Unauthorized Key Use — Inmates possessed keys without written authorizations on record.

The Problem

The facility’s key storage methods and manual, paper-based processes made it difficult to keep an accurate audit trail. For example, when storing multiple key rings on a single hook, it was difficult to see how many sets of keys there actually were, which led to the wrong number of key rings being recorded.

Employee training and accountability issues resulted in key control logs not being updated in a timely manner — if at all. It was also problematic that key-issue authorizations weren’t always completed and there wasn’t an effective process for storing and accessing historical records.

The Consequences

The deficiencies in the key control audit added to the correctional facility’s compliance burden, since it had to correct all the key control problems it was cited for, in addition to issues cited in other categories. Worse, the inaccurate records would make it easier for missing keys to go unnoticed, increasing security risks.

Best Practices for Creating and Maintaining an Audit Trail


Regardless of your industry or the types of keys you manage, there are typically two culprits for inadequate audit trails: manual processes and lack of employee accountability. To create and maintain a verifiable audit trail that’ll help you avoid unauthorized key use and liability, follow these best practices:

  • Move away from manual logs and digitize the key control record by using an electronic key control system.
  • Ensure you capture all pertinent details of a transaction, including who took the key, why they took it, when it was removed and when it was returned.
  • Store keys in such a way that they can be easily found within the system and can’t be accessed without authorization.
  • For sensitive keys, automatically record which manager or supervisor authorized someone to have a key (e.g., by requiring both an employee and their manager to log in to an electronic key control system in order to check out certain keys).
  • Set due dates for keys and enable text or email alerts for when keys aren’t returned on time.
  • Have a way to easily run reports of key activity.
  • Back up data to ensure you have a copy of your key access history.
Key control audit trail checklist

By ensuring you have accurate, verifiable key control records, you’ll help protect your business from costly lawsuits, compliance hassles and security breaches. When it comes to creating a history of how your business’s keys are used, don’t take someone’s word for it.

Monday, January 7, 2019

How Effective Key Management Can Help Your Dealership Get More 5-Star Reviews


In today’s customer-driven world, it’s crucial to differentiate your dealership by providing a 5-star customer experience. But if your salespeople aren’t happy, they’ll become unmotivated and their performance will suffer. In fact, the industry’s employee turnover rate is a sky-high 46 percent.

five starsDisengaged employees also helps explain why nearly 30 percent of car buyers are dissatisfied with their experience at a dealership. Unhappy employees lead to disappointed customers, which lead to negative online reviews. When you consider the fact that 61 percent of car buyers research online before visiting a dealership, it becomes clear how crucial online reviews are.

There are several factors that go into engaging employees and creating a positive customer experience, but one thing you might not have considered is your key management process.

How Effective Key Management Affects the Customer Experience


One of the most important aspects of selling a car is the test drive. If your salespeople are bogged down with a clunky key checkout process, your customers’ frustration will grow as they wait. Invest in tools that make employees’ jobs easier and show you value their success.

Think of it this way: If you were given the choice between the following two key checkout processes, which would you choose?


  • Manual Process: 5-10 minutes. When retrieving a key for a test drive, the salesperson goes to a desk, cabinet or pegboard where keys are kept and rifles through them to find the correct one. If the key isn't there, the salesperson has to spend time tracking it down, not knowing who has the key, when it was last taken, or if it's even available anymore. This process could take well over 10 minutes, especially if the key was taken back to a sales person’s desk and not returned to the correct place. 


  • Electronic Process: 15-60 seconds. When retrieving a key for a test drive, the salesperson goes to an electronic cabinet or drawer system where keys are locked and enters a password or scans their fingerprint to gain access. The salesperson then removes the required key, and the system automatically records transaction details such as the salesperson’s name, the date and time, and which key was taken. This information helps salespeople quickly and easily track down a desired key even if it isn't physically in the system. It also gives management an overview of what keys are checked out and who took them.


It goes without saying that when it comes to getting a customer into a vehicle for a test drive, faster is better. Over 60 percent of car buyers have spent nearly 15 hours researching their intended purchase before stepping foot in your dealership, and they don’t want to prolong the buying process by waiting to get into the vehicle they want to test drive.

If your salespeople are forced to use inefficient processes to access keys, both they and your customers become frustrated. And when your customers are dissatisfied, they’ll go straight to your competitors.

On the flip side, when your salespeople are happy and can work more efficiently, they'll provide better service and leave your customers satisfied, impressed and, hopefully, ready to give that 5-star review!

To learn more ways electronic key control help you get your 5 stars, visit us at NADA 2019 in booth #421S.

Thursday, December 13, 2018

Home for the Holidays? Not So Simple for Correctional Facilities

Christmas tree made of barbed wire
For people in many industries, working during the holidays is inevitable. Hospitals, police departments and prisons are all among the entities that have important roles to serve while much of the rest of the country spends time with their families and away from work.

Working during Christmas is especially difficult in correctional facilities, where officers and inmates alike deal with the struggle of being away from families at a difficult time of year. As emotions run high, tensions can escalate, making it difficult to maintain morale and prevent lapses in security protocol that put your officers’ safety at risk. It’s important to make sure that an already difficult week doesn’t become a nightmare. Here are some tips to help your officers deal with working around Christmastime.

Address Stress Among Correctional Officers


Around the holidays, corrections officers’ occupational stress levels are amplified. Open a dialogue with your corrections officers about stress management strategies and watch for behavioral changes that could signal issues such as burnout, post-traumatic stress disorder or substance abuse.

Unfortunately, as the National Institute of Justice points out, policies and programs for supporting corrections officers’ well-being are lacking due to inadequate funding and research. However, some correctional facilities are borrowing strategies from law enforcement and offering peer-support groups and mental health treatment programs. If your facility offers any of these resources, make sure officers are aware of them and are encouraged to use them.

Bring Some Cheer to the Facility


Many people volunteer to help inmates feel that they aren’t quite so alone during the holidays, but your officers might still feel left out. Some ways you can alleviate this problem include allowing some holiday decorations in certain areas of the facility and perhaps having some special food brought in for those who are working on Christmas Day. For example, one Illinois prison throws a Christmas party for officers, and a prison in Washington holds an annual Christmas potluck.

Your officers still have jobs to do, but small touches can help the facility feel a bit more like a home away from home on the toughest day. Of course, it’s important to ensure that any decorations and celebrations you permit at your facility don’t interrupt your standard operating procedures.

Reinforce Standard Security Protocols


Help your employees help themselves. If your officers are feeling down or stressed around the holidays, it can lead to them slacking off and mentally checking out at work in the weeks before Christmas. However, in the corrections industry, slacking off can have some dire consequences, such as an attack, riot or a breakout attempt. While any of those can turn a random Tuesday into a volatile situation, it also creates additional work, stress and danger for your officers.

In the days leading up to Christmas, keeping your officers in the right frame of mind is critical to maintaining top-notch security and reducing employee risk. Take some time to reinforce the importance of following your standard security protocols. Whether it’s how you manage your keys or ensure kitchen knives are secured, officers need to follow the same procedures they do every day to keep everybody in the facility safe and avoid the added stress of a security breach.

While many corrections officers won’t have the luxury of being home for the holidays, following these steps can help their workdays be a little more merry.

Tuesday, December 11, 2018

Ensure New Condo Board Members Follow Key Control Policies

Board members talking in conference roomFor many condo associations, the board election season is approaching. If your association is welcoming new board members soon, it’s important to begin organizing your training to ensure that members are well prepared to fulfill their obligations to the community. Be sure your training includes key control policies and procedures — especially if your property uses an electronic key control system.

Key control issues that result in litigation are often due to the lack of checks and balances and employee accountability, so it’s critical that new board members follow the appropriate steps to protect keys from theft or inappropriate use. Here are three steps to set up your key control system for new board members.

Create New User Accounts


Don’t wait until a board member needs to use a key to set up their key control system user profile. Immediately after new members are elected, create new user accounts with the appropriate authorizations (more on that below). Don’t forget to disable former board members’ accounts as well. If you use a biometric fingerprint reader for login, scan each board member’s fingerprints and have them practice logging in using the reader.

Set up Checks and Balances


As a key control best practice, board members’ access privileges should be restricted to certain keys and certain purposes based on their responsibilities and powers. For example, you might set up the following parameters:

  • All board members have access to keys to common areas.
  • Only the board president can access the keys to the records room.
  • If it’s necessary for the board to check out the key to a resident’s home, have two members remove the key and provide a checkout reason.

To keep board members accountable, you could set up key control reports to automatically be emailed to designated members of the board at predefined intervals (daily, weekly, monthly, etc.).

Train Each Board Member How to Use the Key Control System


Once a new board member is elected, they’re responsible for familiarizing themselves with the property’s declaration, bylaws and articles of incorporation and for agreeing in writing to uphold those policies. To help them follow the association’s key control policies, board members need to be familiar with how your key control system works. Walk them through procedures for checking out and returning keys, running reports and other steps required for carrying out their duties. Also take advantage of any system training your key control provider may offer.

By following these three steps to help new board members follow your key control procedures, you can help ensure that you protect your property — and your board — from liability related to misuse of keys.