Security Within Reach
Terminals have been ramping up security for more than a decade
- By Mark H. Johnson, Greg Russell
- Oct 01, 2014
Since the aftermath of 9/11, the United States has intensified transportation
security efforts across the board. For most of us, stronger
security measures have been focused at the nation’s airports,
where travelers are subject to more stringent screening protocols.
But, other critical points of transportation infrastructure have been
impacted by the need for heightened vigilance as well.
The country’s maritime terminals have been ramping up security since 2002,
navigating requirements from various authorities and implementing technological
advancements to protect the maritime economic infrastructure from terrorism.
America’s ports, waterways and vessels are involved in billions of dollars of
commerce on an annual basis. Because of their size, proximity to metropolitan
areas, volume and value of cargo, and integral place in the global supply chain,
U.S. ports are potentially attractive targets for terrorist activity. While security is
of paramount importance, terminal operators must find ways to balance vigilance
with commerce to ensure as little interruption as possible.
Progress in Securing Maritime Facilities
This past June, the Government Accountability Office (GAO) issued a new report
describing progress made in elevating security in key areas of the country’s maritime
terminals since the adoption of the Maritime Transportation Security Act
(MTSA) of 2002. The MTSA provides a framework for developing assessments,
plans and protocols for protecting ports and waterways. According to the report,
the Department of Homeland Security (DHS) and its agencies, particularly the
Coast Guard and Customs and Border Protection (CBP), have made significant
progress in implementing security measures. However, challenges remain; among
them is the implementation of biometric identification programs.
Through a program administered by the Transportation Security Administration
(TSA) and the Coast Guard, MTSA-regulated maritime facilities and
vessels must require workers to obtain biometric identification cards for unescorted
access to secure areas of maritime facilities and U.S.-flagged vessels.
Currently, at most maritime terminals, these Transportation Worker Identification
Credentials (TWIC) are verified by visual inspection; but, if proposed regulations
are approved, those terminals may need to adopt a process that validates
credentials electronically.
Potential Pain Points for Terminal Operators
To meet proposed electronic verification rules, terminal operators would need to
acquire specially-certified verification readers that are on the TSA’s Qualified Technology
List (QTL). In anticipation of legislation that will require a greater use of
this technology, some operators have already made an investment in such readers
while others are holding off until receiving greater regulatory clarity. Ultimately,
though, the switch seems to be inevitable.
Moving away from visual inspection of TWICs to electronic verification raises
some concerns among maritime terminals. First, the timing and extent of the implementation
of regulations could impact terminal operations. The Coast Guard,
which is responsible for enforcement, could impose fines on terminals that are out
of compliance. It could also prevent commerce at a facility that has not upgraded
its systems to meet new regulations.
In addition, maritime terminals must consider the cost of implementing these
new regulations. Depending on the QTL-certified product selected, the price for a
system could result in an annual cost of tens of thousands of dollars per system.
Lastly, although it is often assumed that an electronic approach will speed up any
processing need, this may not always be the case. Electronic verification may add
more time to the screening process, especially under elevated threat conditions that
may require multi-factor authentication, thereby slowing through-put into a terminal.
Even an additional few seconds per screening can create back-up traffic in some
of the nation’s busiest terminals and could adversely impact commercial activity.
Improving Transitions to QTL-certified Tools
While a transition to electronic verification presents certain risks to terminal
operators, there are some steps that security officers can take to get ahead of the
proposed changes and minimize those risks. TSA updates its QTL on a regular
basis, providing terminal and ship operators with a carefully curated selection of
vendors and products to consider that meet regulatory requirements. Investing
some time in evaluating QTL-certified providers and the solutions they offer can
assist security officers in adopting a systems approach to ensuring their infrastructure’s
security. Consideration of the hazards and value of handled cargo,
in conjunction with the broader security plan requirements of the Coast Guard
with QTL-approved solutions, puts security officers in the best position to meet
their responsibilities.
A key feature of TWIC readers is that they compare presented credentials to
the agency’s daily updated canceled card list for an immediate security flag. In
addition, some QTL readers include software that allows maritime operators to
customize their security protocols. Certain readers may have the capability to scan
a variety of authoritative credentials (Federal “PIV” or Commercial “PIV-I”) beyond
TWIC to help facilitate additional terminal-specific access controls for those
desiring to enter the facilities. Some readers have the ability create tailored barment
lists, allowing guards to conduct automatic and instantaneous comparisons
between credentials and an individual’s facility status.
TSA breaks down vendors further according to whether or not readers are fixed or portable. Depending on a maritime terminal’s needs, a portable device may offer
greater flexibility in daily operations. Security officers would be able to move
around and check credentials, doing spot checks at different locations within a
facility rather than just checking credentials at the gate. Such flexibility could help
reduce backlogs and keep commerce moving.
The costs for implementing a QTL reader solution will vary depending on
the hardware, software and chosen feature set. However, maritime terminals can
get help in funding their upgrades through the Federal Emergency Management
Agency (FEMA) Port Security Grant Program (PSGP) that offers funding assistance
to eligible operations. In fiscal year 2014, $100 million was made available
to support maritime transportation infrastructure security activities; 55 percent
of monies are allocated to the highest risk port areas in the country; 45 percent is
dedicated to the remaining qualifying ports.
While owners and operators of federally-regulated terminals are encouraged
to apply for PSGP funding, the process requires dedication. FEMA recommends
setting aside 15 business days to complete the five-step process. Some vendors of
the QTL are well-versed in the grant application process and can provide some assistance.
If funds are awarded, a maritime terminal has 24 months to implement its
projects, and recipients must agree to regular financial and programmatic reporting,
as well as FEMA oversight.
Supplementing TWIC with even Greater Assurance
Along with investigating a QTL solution, security officers may want to consider
a particular vendor’s broader security capabilities. Some vendors have amassed
significant experience in providing identity and access management solutions to
highly-sensitive government, military and civilian facilities. Consider the track record
of these vendors’ installations to get a sense of their identity assurance and
electronic verification capabilities.
As security requirements are likely to become more stringent over time, a maritime
operation may want to consider additional means to bolster identification
solutions, particularly if dealing with commodities considered a higher risk for targeting
by terrorists. TWIC offers a certain level of assurance, as individuals must
pass an FBI background check. However, criminal records are only evaluated for
TWIC eligibility at the time of issuance and reissuance, and not all felony convictions
may result in disqualification. Additionally, individuals holding TWICs are
responsible for reporting convictions that may adversely affect their eligibility.
For maritime terminal operators who desire a higher level of assurance, it may
be worthwhile to consider utilizing a TWIC verification solution that provides
a more robust and ongoing vetting program. Some of today’s more advanced
systems refresh eligibility on a regular basis and conduct recurring background
checks, incorporating the latest records to ensure that port security stays constant
even when people change.
Keeping America’s ports, waterways and vessels secure is no small task. To protect
their facilities, cargo and commercial viability, operators must adopt robust security
management solutions that are equipped to handle the demands of today
and the technological advancements and regulatory requirements of tomorrow. By
investing time now into researching options and pursuing the available financial assistance,
maritime terminals can position themselves
to ensure the next level of port security.
This article originally appeared in the October 2014 issue of Security Today.