Security Within Reach

Terminals have been ramping up security for more than a decade

Since the aftermath of 9/11, the United States has intensified transportation security efforts across the board. For most of us, stronger security measures have been focused at the nation’s airports, where travelers are subject to more stringent screening protocols. But, other critical points of transportation infrastructure have been impacted by the need for heightened vigilance as well.

The country’s maritime terminals have been ramping up security since 2002, navigating requirements from various authorities and implementing technological advancements to protect the maritime economic infrastructure from terrorism.

America’s ports, waterways and vessels are involved in billions of dollars of commerce on an annual basis. Because of their size, proximity to metropolitan areas, volume and value of cargo, and integral place in the global supply chain, U.S. ports are potentially attractive targets for terrorist activity. While security is of paramount importance, terminal operators must find ways to balance vigilance with commerce to ensure as little interruption as possible.

Progress in Securing Maritime Facilities

This past June, the Government Accountability Office (GAO) issued a new report describing progress made in elevating security in key areas of the country’s maritime terminals since the adoption of the Maritime Transportation Security Act (MTSA) of 2002. The MTSA provides a framework for developing assessments, plans and protocols for protecting ports and waterways. According to the report, the Department of Homeland Security (DHS) and its agencies, particularly the Coast Guard and Customs and Border Protection (CBP), have made significant progress in implementing security measures. However, challenges remain; among them is the implementation of biometric identification programs.

Through a program administered by the Transportation Security Administration (TSA) and the Coast Guard, MTSA-regulated maritime facilities and vessels must require workers to obtain biometric identification cards for unescorted access to secure areas of maritime facilities and U.S.-flagged vessels. Currently, at most maritime terminals, these Transportation Worker Identification Credentials (TWIC) are verified by visual inspection; but, if proposed regulations are approved, those terminals may need to adopt a process that validates credentials electronically.

Potential Pain Points for Terminal Operators

To meet proposed electronic verification rules, terminal operators would need to acquire specially-certified verification readers that are on the TSA’s Qualified Technology List (QTL). In anticipation of legislation that will require a greater use of this technology, some operators have already made an investment in such readers while others are holding off until receiving greater regulatory clarity. Ultimately, though, the switch seems to be inevitable.

Moving away from visual inspection of TWICs to electronic verification raises some concerns among maritime terminals. First, the timing and extent of the implementation of regulations could impact terminal operations. The Coast Guard, which is responsible for enforcement, could impose fines on terminals that are out of compliance. It could also prevent commerce at a facility that has not upgraded its systems to meet new regulations.

In addition, maritime terminals must consider the cost of implementing these new regulations. Depending on the QTL-certified product selected, the price for a system could result in an annual cost of tens of thousands of dollars per system.

Lastly, although it is often assumed that an electronic approach will speed up any processing need, this may not always be the case. Electronic verification may add more time to the screening process, especially under elevated threat conditions that may require multi-factor authentication, thereby slowing through-put into a terminal. Even an additional few seconds per screening can create back-up traffic in some of the nation’s busiest terminals and could adversely impact commercial activity.

Improving Transitions to QTL-certified Tools

While a transition to electronic verification presents certain risks to terminal operators, there are some steps that security officers can take to get ahead of the proposed changes and minimize those risks. TSA updates its QTL on a regular basis, providing terminal and ship operators with a carefully curated selection of vendors and products to consider that meet regulatory requirements. Investing some time in evaluating QTL-certified providers and the solutions they offer can assist security officers in adopting a systems approach to ensuring their infrastructure’s security. Consideration of the hazards and value of handled cargo, in conjunction with the broader security plan requirements of the Coast Guard with QTL-approved solutions, puts security officers in the best position to meet their responsibilities.

A key feature of TWIC readers is that they compare presented credentials to the agency’s daily updated canceled card list for an immediate security flag. In addition, some QTL readers include software that allows maritime operators to customize their security protocols. Certain readers may have the capability to scan a variety of authoritative credentials (Federal “PIV” or Commercial “PIV-I”) beyond TWIC to help facilitate additional terminal-specific access controls for those desiring to enter the facilities. Some readers have the ability create tailored barment lists, allowing guards to conduct automatic and instantaneous comparisons between credentials and an individual’s facility status.

TSA breaks down vendors further according to whether or not readers are fixed or portable. Depending on a maritime terminal’s needs, a portable device may offer greater flexibility in daily operations. Security officers would be able to move around and check credentials, doing spot checks at different locations within a facility rather than just checking credentials at the gate. Such flexibility could help reduce backlogs and keep commerce moving.

The costs for implementing a QTL reader solution will vary depending on the hardware, software and chosen feature set. However, maritime terminals can get help in funding their upgrades through the Federal Emergency Management Agency (FEMA) Port Security Grant Program (PSGP) that offers funding assistance to eligible operations. In fiscal year 2014, $100 million was made available to support maritime transportation infrastructure security activities; 55 percent of monies are allocated to the highest risk port areas in the country; 45 percent is dedicated to the remaining qualifying ports.

While owners and operators of federally-regulated terminals are encouraged to apply for PSGP funding, the process requires dedication. FEMA recommends setting aside 15 business days to complete the five-step process. Some vendors of the QTL are well-versed in the grant application process and can provide some assistance. If funds are awarded, a maritime terminal has 24 months to implement its projects, and recipients must agree to regular financial and programmatic reporting, as well as FEMA oversight.

Supplementing TWIC with even Greater Assurance

Along with investigating a QTL solution, security officers may want to consider a particular vendor’s broader security capabilities. Some vendors have amassed significant experience in providing identity and access management solutions to highly-sensitive government, military and civilian facilities. Consider the track record of these vendors’ installations to get a sense of their identity assurance and electronic verification capabilities.

As security requirements are likely to become more stringent over time, a maritime operation may want to consider additional means to bolster identification solutions, particularly if dealing with commodities considered a higher risk for targeting by terrorists. TWIC offers a certain level of assurance, as individuals must pass an FBI background check. However, criminal records are only evaluated for TWIC eligibility at the time of issuance and reissuance, and not all felony convictions may result in disqualification. Additionally, individuals holding TWICs are responsible for reporting convictions that may adversely affect their eligibility.

For maritime terminal operators who desire a higher level of assurance, it may be worthwhile to consider utilizing a TWIC verification solution that provides a more robust and ongoing vetting program. Some of today’s more advanced systems refresh eligibility on a regular basis and conduct recurring background checks, incorporating the latest records to ensure that port security stays constant even when people change.

Keeping America’s ports, waterways and vessels secure is no small task. To protect their facilities, cargo and commercial viability, operators must adopt robust security management solutions that are equipped to handle the demands of today and the technological advancements and regulatory requirements of tomorrow. By investing time now into researching options and pursuing the available financial assistance, maritime terminals can position themselves to ensure the next level of port security.

This article originally appeared in the October 2014 issue of Security Today.

Featured

  • The Business Case for Video Analytics: Understanding the Real ROI

    For security professionals who may be hesitant to invest in video analytics, now's the time to reconsider. In a newly released Omdia report commissioned by BriefCam (now Milestone Systems), the research firm uncovered a compelling story: more than 85% of North American and European organizations that use video analytics achieve a return on investment within just one year. The study, which surveyed 140 end users across multiple industries, demonstrates that security technology is no longer just for security — it's a cross-organizational tool that delivers measurable business value far beyond traditional safety applications. Read Now

  • Survey: 54% of Organizations Cite Technical Debt as Top Hurdle to Identity System Modernization

    Modernizing identity systems is proving difficult for organizations due to two key challenges: decades of accumulated Identity and Access Management (IAM) technical debt and the complexity of managing access across multiple identity providers (IDPs). These findings come from the new Strata Identity-commissioned report, State of Multi-Cloud Identity: Insights and Trends for 2025. The report, based on survey data from the Cloud Security Alliance (CSA), highlights trends and challenges in securing cloud environments. The CSA is the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment. Read Now

  • Study: Only 35 Percent of Companies Include Cybersecurity Teams When Implementing AI

    Only 35 percent of cybersecurity professionals or teams are involved in the development of policy governing the use of AI technology in their enterprise, and nearly half (45 percent) report no involvement in the development, onboarding, or implementation of AI solutions, according to the recently released 2024 State of Cybersecurity survey report from ISACA, a global professional association advancing trust in technology. Read Now

  • New Report Series Highlights E-Commerce Threats, Fraud Against Retailers

    Trustwave, a cybersecurity and managed security services provider, recently released a series of reports detailing the threats facing the retail sector, marking the second year of its ongoing research into these critical security issues. Read Now

Featured Cybersecurity

Webinars

New Products

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge. 3

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening. 3

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3