Below we have outlined four best practices to remember when implementing your college or university’s key control policy.
Store Keys Securely
Office drawers, pegboards and an unmonitored lockboxes are all methods for storing your school's keys. But are these methods secure? The answer is a resounding no. Keys could be easily stolen by anyone who gains access to the area in which they are contained.
Instead, consider storing keys in a tamper-proof electronic key management system. This will greatly reduce the chance for key theft and enhance the overall security of your keys.
Establish Access Levels for Users
Securely storing your college or university’s keys is only the first step in key management. Do you want every user to have access to every key in your system? For instance, would an English professor need the chemistry lab key?
Establishing access levels ensures that users can only take keys that are essential to their job functions. To enforce access levels, consider an electronic key security system that requires users to enter a unique password or scan their fingerprint to retrieve keys. This non-replicable access information ensures that only authorized users can take certain keys.
Keep an Accurate Log
One of the pitfalls of using a pegboard or lockbox to manage keys is that transactions are recorded in a manually updated log. The problem with this method is that it’s difficult to enforce the proper checks and balances for checking out keys. If employees do not sign out or sign in the keys they use, locating the unaccounted-for keys and updating the log becomes an administrative headache and, even worse, a liability for the campus.
To alleviate administrative challenges and reduce your campus’s liability, implement an electronic key control system that provides a verifiable audit trail of key activity. Choosing a system with software that captures a video each time a key is checked out will deter deliberate key theft.
Set up Alerts
With manual key control processes, how do you hold users accountable for key usage? How do you know if a key is missing? There’s no way to know if a key hasn’t been returned until that key is needed again, nor is there a way to know if an unauthorized user attempts to access a key.
Solve all of these issues by setting up alerts on your electronic key management system. Alerts can immediately notify system administrators when keys have not been returned or a user attempts to take a key to which they do not have access.
Have some best practices that your college or university uses with its key control policy? Let us know in the comments!