Three rules for visitor data privacy and protection

Issue 2 2022 Access Control & Identity Management

Since Covid hit our shores in early 2020, it brought a sea of data breaches, one crashing wave after another. From Experian to Lightstone and now TransUnion, personal data is under siege from all sides.

What can your business do to protect visitors’ information? ATG Digital gives insight into the triad of visitor data protection.

“When people do business with your company, they trust you with their information,” says ATG’s Ariel Flax. “Your responsibility for their privacy should extend to anyone who submits their personal information when they check in at the gate or reception.”

According to Flax, visitor data can be targeted by criminals or competitors. Good privacy practices aren’t just a courtesy but a legal requirement since PoPIA came into effect in July last year.

Rule 1: Only collect what you need

Collecting critical data only at check-in saves visitors time and mitigates risks. “Your guests love the swift experience and feel safer on your premises,” says Flax. Visitors immediately get annoyed when they have to answer too many questions.

As per PoPI Act regulations, Flax advises businesses only to collect what is necessary for the purpose of access control security on-site.

Rule 2: Encrypt personal information at reception

“If you’re still using handwritten registration books, ditch it,” cautions Flax, “our most recent survey revealed that over 60% of visitors peep at who’s checked in ahead of them — that’s 60% too many.”

Names, cellphone numbers and ID numbers should not be exposed at any time. Electronic devices can be locked, encrypted and remotely wiped in the event of theft.

Rule 3: Write data protection into your company DNA

Security and governance go hand-in-hand, yet many companies fall short by assigning the responsibility of visitor data either to physical security or IT.

Firewalls, IPS and IDS go a long way, but Flax says, “It’s everyone’s responsibility to know and enact the security policy. Employee training against social engineering (phishing), network and physical perimeter protection must be enforced daily.”

These days, a cellphone number and a name are enough for unscrupulous hackers. In line with PoPIA, have a policy that defines the process of collecting data, securely storing it and deleting it as soon as it is no longer necessary. You’ll need a shredder if you have paper records.

Digital visitor management software like At The Gate and At Reception immediately encrypts data and uploads it to the cloud. Records are not stored on the device and cannot be accessed by security guards, receptionists, or anyone else who may handle the device.

Consider ears too

While most companies are primarily concerned with prying eyes (and long fingers), Flax raises an interesting point about keeping sensitive information out of earshot.

“Discussions in meeting rooms and offices also need protection,” he says. “Assess the acoustics of your offices and meeting rooms. Consider investing in some soundproofing if need be. You can make a policy not to discuss the personal data of visitors/patients/partners in common areas of the office.

“The point of [data] entry can be the very point where sensitive information leaves. If you’re asking visitors for information on arrival, guard it the same way you would any other data on your network,” concludes Flax.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

New State of Physical Access Control Report from HID
HID Global Editor's Choice Access Control & Identity Management News & Events
HID released the 2024 State of Physical Access Control Report, identifying five key trends shaping access control's future and painting a picture of an industry that has been undergoing considerable transformation.

Read more...
Smart intercoms are transforming access control
Access Control & Identity Management Products & Solutions
Smart intercoms have emerged as a pivotal tool in modern access control. They provide a seamless and secure way to manage entry points without the need for traditional security guards to validate visitors before granting them access.

Read more...
Easy, secure access for student apartments
Paxton Access Control & Identity Management Surveillance
Enhancing Security and Convenience at Beau Vie II Student Accommodation, a student apartment block located at Banghoek Road, Stellenbosch, with Paxton's access control and video management solution

Read more...
Invixium acquires Triax Technologies
News & Events Access Control & Identity Management
Invixium has announced it has acquired Triax Technologies to expand its biometric solutions with AI-based RTLS (Real-Time Location Systems) offering for improved safety and productivity at industrial sites and critical infrastructure.

Read more...
ControliD's iDFace receives ICASA certification
Impro Technologies News & Events Access Control & Identity Management
The introduction of Control iD's iDFace facial biometric reader, backed by mandatory ICASA certification, underscores the commitment to quality, compliance, and innovation.

Read more...
The future of workplace access
HID Global Access Control & Identity Management
Mobile credentials are considerably more secure than physical access control, because they eliminate the need for physical cards or badges, support multiple security protocols, and add layers of protection on top of basic card encryption.

Read more...
Integrated, mobile access control
SA Technologies Entry Pro Technews Publishing Access Control & Identity Management
SMART Security Solutions spoke to SA Technologies to learn more about what is happening in the estate access world and what the company offers the residential estate market.

Read more...
Bespoke access for prime office space
Paxton Access Control & Identity Management Residential Estate (Industry)
Nicol Corner is home to a six-star fitness club, prime office space, and an award-winning rooftop restaurant. It is also the first building in South Africa to have its glass façade fully incorporate fritted glazing, saving 35% on energy consumption.

Read more...
Next-generation facial recognition access control system
Enkulu Technologies Products & Solutions Access Control & Identity Management Residential Estate (Industry)
With a modern and innovative design, iDFace is the ideal device for monitoring and controlling people entering and exiting a building using facial recognition technology, including liveness detection, for enhanced security.

Read more...
Long-distance vehicle identification
Products & Solutions Access Control & Identity Management Residential Estate (Industry)
The STid SPECTRE reader can identify vehicles up to 14 metres away, across four traffic lanes, ensuring secure access to an estate without disrupting the traffic flow.

Read more...