The security squeamish should look away now. Actually, scratch that, the security squeamish should grit their teeth and face up to my top ten count-down of the loopholes that criminals just love to exploit. I compiled them after putting the finishing touches to the Welcome Gate Security Scorecard  – an online test of a business’s vulnerability, with advice on ways to tighten protection.

The development phase of the Scorecard revealed the common weak spots. Modern security requires more system integrations then ever. Cloud-based or online solutions that require heavy IT input are also prevalent. From online access to physical access – every system or integration has the potential to create a loophole for criminals to exploit if not planned, installed and maintained properly.


Here, then, are the most common loopholes:


  1. Unmaintained external CCTV can provide easy access points for wiring into the rest of a building’s network, therefore accessing other areas of security and confidential networks
  1. Personal devices – with proximity, NFC, Bluetooth and all the things that make our lives easier – can also compromise security when they are then allowed on a company wide network.
  1. Tailgating” into premises. We all allow this because we are all kind people, but we should be asking them who they are, which area they work in, or who they are here to see. If not, it’s time to explore access control security passes and the installation of entry lanes.
  1. Access Cards. Someone might say they’ve left theirs at home, but there should be processes and procedures in place to verify matters.
  1. A high vis jacket. Just because someone looks the part doesn’t mean they are a bone fide visitor. ID must be checked and access control measures put in place to provide access to relevant working areas – and nowhere else.
  1. Older style access cards can be cloned. I even noticed an advert in a key cutting shop recently offering to clone cards. The risk is obvious. The solution is to upgrade.
  1. Be careful with Bluetooth. It’s possible with some old technology for someone to clone your card with Bluetooth when you are entering a building. The person stealing your credentials makes the system think they are actually you. Again, the answer is to upgrade to newer tech.
  1. Passwords are often an Achilles heel. Change them regularly, make them long, and use symbols, numbers and letters. Make sure your incumbent security installer is not leaving default passwords in the system. This could leave you vulnerable.
  1. Keys! They still have a place in securing premises. Lock your perimeter doors with a key, don’t rely on access control alone. Consult the best locking device for out-of-hours security, especially when buildings are vacant.
  1. Lax levels of authentication. It’s too easy to assume that the minimum effort will get the job done. Multi-factor authentication is essential for logging in, particularly for areas holding sensitive data. Out of hours, extra credential layers such as card, pin and finger print can be added.


I hope this article hasn’t left you feeling too vulnerable, but I would recommend that you complete our bespoke Security Scorecard test to identify your potential loopholes. The expert Welcome Gate team is always on hand if you’d prefer to talk one-on-one. Email [email protected] or call 020 7620 6288.