Security Within Reach

Terminals have been ramping up security for more than a decade

Since the aftermath of 9/11, the United States has intensified transportation security efforts across the board. For most of us, stronger security measures have been focused at the nation’s airports, where travelers are subject to more stringent screening protocols. But, other critical points of transportation infrastructure have been impacted by the need for heightened vigilance as well.

The country’s maritime terminals have been ramping up security since 2002, navigating requirements from various authorities and implementing technological advancements to protect the maritime economic infrastructure from terrorism.

America’s ports, waterways and vessels are involved in billions of dollars of commerce on an annual basis. Because of their size, proximity to metropolitan areas, volume and value of cargo, and integral place in the global supply chain, U.S. ports are potentially attractive targets for terrorist activity. While security is of paramount importance, terminal operators must find ways to balance vigilance with commerce to ensure as little interruption as possible.

Progress in Securing Maritime Facilities

This past June, the Government Accountability Office (GAO) issued a new report describing progress made in elevating security in key areas of the country’s maritime terminals since the adoption of the Maritime Transportation Security Act (MTSA) of 2002. The MTSA provides a framework for developing assessments, plans and protocols for protecting ports and waterways. According to the report, the Department of Homeland Security (DHS) and its agencies, particularly the Coast Guard and Customs and Border Protection (CBP), have made significant progress in implementing security measures. However, challenges remain; among them is the implementation of biometric identification programs.

Through a program administered by the Transportation Security Administration (TSA) and the Coast Guard, MTSA-regulated maritime facilities and vessels must require workers to obtain biometric identification cards for unescorted access to secure areas of maritime facilities and U.S.-flagged vessels. Currently, at most maritime terminals, these Transportation Worker Identification Credentials (TWIC) are verified by visual inspection; but, if proposed regulations are approved, those terminals may need to adopt a process that validates credentials electronically.

Potential Pain Points for Terminal Operators

To meet proposed electronic verification rules, terminal operators would need to acquire specially-certified verification readers that are on the TSA’s Qualified Technology List (QTL). In anticipation of legislation that will require a greater use of this technology, some operators have already made an investment in such readers while others are holding off until receiving greater regulatory clarity. Ultimately, though, the switch seems to be inevitable.

Moving away from visual inspection of TWICs to electronic verification raises some concerns among maritime terminals. First, the timing and extent of the implementation of regulations could impact terminal operations. The Coast Guard, which is responsible for enforcement, could impose fines on terminals that are out of compliance. It could also prevent commerce at a facility that has not upgraded its systems to meet new regulations.

In addition, maritime terminals must consider the cost of implementing these new regulations. Depending on the QTL-certified product selected, the price for a system could result in an annual cost of tens of thousands of dollars per system.

Lastly, although it is often assumed that an electronic approach will speed up any processing need, this may not always be the case. Electronic verification may add more time to the screening process, especially under elevated threat conditions that may require multi-factor authentication, thereby slowing through-put into a terminal. Even an additional few seconds per screening can create back-up traffic in some of the nation’s busiest terminals and could adversely impact commercial activity.

Improving Transitions to QTL-certified Tools

While a transition to electronic verification presents certain risks to terminal operators, there are some steps that security officers can take to get ahead of the proposed changes and minimize those risks. TSA updates its QTL on a regular basis, providing terminal and ship operators with a carefully curated selection of vendors and products to consider that meet regulatory requirements. Investing some time in evaluating QTL-certified providers and the solutions they offer can assist security officers in adopting a systems approach to ensuring their infrastructure’s security. Consideration of the hazards and value of handled cargo, in conjunction with the broader security plan requirements of the Coast Guard with QTL-approved solutions, puts security officers in the best position to meet their responsibilities.

A key feature of TWIC readers is that they compare presented credentials to the agency’s daily updated canceled card list for an immediate security flag. In addition, some QTL readers include software that allows maritime operators to customize their security protocols. Certain readers may have the capability to scan a variety of authoritative credentials (Federal “PIV” or Commercial “PIV-I”) beyond TWIC to help facilitate additional terminal-specific access controls for those desiring to enter the facilities. Some readers have the ability create tailored barment lists, allowing guards to conduct automatic and instantaneous comparisons between credentials and an individual’s facility status.

TSA breaks down vendors further according to whether or not readers are fixed or portable. Depending on a maritime terminal’s needs, a portable device may offer greater flexibility in daily operations. Security officers would be able to move around and check credentials, doing spot checks at different locations within a facility rather than just checking credentials at the gate. Such flexibility could help reduce backlogs and keep commerce moving.

The costs for implementing a QTL reader solution will vary depending on the hardware, software and chosen feature set. However, maritime terminals can get help in funding their upgrades through the Federal Emergency Management Agency (FEMA) Port Security Grant Program (PSGP) that offers funding assistance to eligible operations. In fiscal year 2014, $100 million was made available to support maritime transportation infrastructure security activities; 55 percent of monies are allocated to the highest risk port areas in the country; 45 percent is dedicated to the remaining qualifying ports.

While owners and operators of federally-regulated terminals are encouraged to apply for PSGP funding, the process requires dedication. FEMA recommends setting aside 15 business days to complete the five-step process. Some vendors of the QTL are well-versed in the grant application process and can provide some assistance. If funds are awarded, a maritime terminal has 24 months to implement its projects, and recipients must agree to regular financial and programmatic reporting, as well as FEMA oversight.

Supplementing TWIC with even Greater Assurance

Along with investigating a QTL solution, security officers may want to consider a particular vendor’s broader security capabilities. Some vendors have amassed significant experience in providing identity and access management solutions to highly-sensitive government, military and civilian facilities. Consider the track record of these vendors’ installations to get a sense of their identity assurance and electronic verification capabilities.

As security requirements are likely to become more stringent over time, a maritime operation may want to consider additional means to bolster identification solutions, particularly if dealing with commodities considered a higher risk for targeting by terrorists. TWIC offers a certain level of assurance, as individuals must pass an FBI background check. However, criminal records are only evaluated for TWIC eligibility at the time of issuance and reissuance, and not all felony convictions may result in disqualification. Additionally, individuals holding TWICs are responsible for reporting convictions that may adversely affect their eligibility.

For maritime terminal operators who desire a higher level of assurance, it may be worthwhile to consider utilizing a TWIC verification solution that provides a more robust and ongoing vetting program. Some of today’s more advanced systems refresh eligibility on a regular basis and conduct recurring background checks, incorporating the latest records to ensure that port security stays constant even when people change.

Keeping America’s ports, waterways and vessels secure is no small task. To protect their facilities, cargo and commercial viability, operators must adopt robust security management solutions that are equipped to handle the demands of today and the technological advancements and regulatory requirements of tomorrow. By investing time now into researching options and pursuing the available financial assistance, maritime terminals can position themselves to ensure the next level of port security.

This article originally appeared in the October 2014 issue of Security Today.

Featured

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

  • Access Control Technology

    As we move swiftly toward the end of 2024, the security industry is looking at the trends in play, what might be on the horizon, and how they will impact business opportunities and projections. Read Now

Featured Cybersecurity

Webinars

New Products

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities 3

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area. 3

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation. 3