Tailgate detection at entry
Demonstrate that physical entry points to sensitive areas employ functioning tailgate detection mechanisms that alert security personnel or prevent entry when unauthorized individuals attempt to follow authorized personnel through access-controlled doors.
Description
What this control does
Tailgate detection at entry is a physical security control that prevents unauthorized individuals from following authorized personnel through access-controlled entry points without proper credential verification. This control typically employs sensors, cameras, weight detection systems, or mantrap configurations to identify when multiple persons enter on a single credential presentation. Effective tailgating prevention is critical for maintaining the integrity of physical access logs, ensuring personnel accountability, and preventing unauthorized access to sensitive areas such as data centers, server rooms, and secure facilities.
Control objective
What auditing this proves
Demonstrate that physical entry points to sensitive areas employ functioning tailgate detection mechanisms that alert security personnel or prevent entry when unauthorized individuals attempt to follow authorized personnel through access-controlled doors.
Associated risks
Risks this control addresses
- Unauthorized individuals gain physical access to data centers or server rooms by following authorized employees through secured entry points without presenting valid credentials
- Malicious actors exploit social engineering to bypass physical access controls, enabling theft of equipment, media, or confidential documents
- Access logs become unreliable as they fail to reflect actual personnel presence, undermining incident investigation and compliance audit trails
- Terminated employees or contractors re-enter facilities by tailgating, retaining access to systems or data despite revoked logical credentials
- Regulatory compliance violations occur when physical access controls fail to meet standards for protecting sensitive data environments
- Insider threats coordinate with external actors to facilitate unauthorized entry without creating audit evidence of the breach
- Emergency evacuation procedures become compromised due to inaccurate headcount data from unreliable access control records
Testing procedure
How an auditor verifies this control
- Obtain and review the physical security policy and procedures documentation identifying all entry points designated for tailgate detection protection
- Generate an inventory of tailgate detection systems deployed at data center, server room, and other sensitive area entry points, including device types, manufacturers, models, and installation dates
- Conduct a physical walkthrough of each protected entry point to verify presence and operational status of tailgate detection equipment including sensors, cameras, mantraps, or optical barriers
- Review configuration settings for tailgate detection systems including sensitivity thresholds, alert escalation rules, and integration with access control platforms
- Examine security incident logs and alarm management system records for the prior 90 days to identify tailgate detection events, false positives, and security response actions
- Perform supervised tailgate simulation testing at a sample of entry points by having an authorized person badge through while a test participant attempts to follow without credential presentation, observing system response
- Interview security operations personnel to confirm alert notification procedures, response protocols, and escalation paths when tailgate events are detected
- Review maintenance and calibration records for tailgate detection equipment to verify preventive maintenance schedules are followed and devices remain within manufacturer specifications
Where this control is tested