Managing the critical flow of people with a global security management system
- By Kim Rahfaldt
- Sep 01, 2009
The Port of Houston tenants more than 150 private industrial companies along the 25-mile-long Houston Ship Channel. The Port of Houston Authority owns and operates the public facilities located on the Houston Ship Channel, which extends over complicated terrain from downtown Houston to the Gulf of Mexico.
The terminals were designed to handle virtually any kind of cargo, from heavy containers to dry bulk materials or frozen goods. The port also has two major container terminal locations to move large containers in and out of PHA.
The Port of Houston’s facilities offer shippers deep-water access to world markets and a direct link to 14,000 miles of U.S. intracoastal and navigable inland waterways. A vast network of interstate highways and rail connections link Houston with inland markets; two major railroads and approximately 150 trucking lines connect PHA to the United States, Canada and Mexico.
Two major airports, Bush Intercontinental and William P. Hobby, and dozens of private terminals provide easy air service.
The Port of Houston is ranked No. 1 in the United States in foreign waterborne tonnage and second in total tonnage.
More than 225 million tons of cargo moved through the port in 2007, and more than 8,000 vessel calls were recorded during 2008.
The Port of Houston is solely responsible for the security of its terminals. Private owners have their own security plans; however, they closely figure into the security matrix for protection within the port.
The PHA is split between the Barbour’s Cut and Turning Basin region of the port. Each region manages a portion of the facility. AMAG Technology’s Symmetry Global Security Management software operates as two regions; however, everyone gets enrolled in the Symmetry Central Card Handler regardless if an employee is in Barbour’s Cut or Turning Basin. The central card handler provides a central place for all basic cardholder information. Once enrolled, the cards are pushed out to the region where they will be used. Each card holder record that is part of the port’s management system is managed by the central card handler. These access rights can be communicated quickly and easily to any card reader location, which gives the system superior power and flexibility.
“If a person needs access to Barbour’s Cut but has no reason to come to Turning Basin, then the information is pushed to Barbour’s Cut,” said Mike Lee, senior technician at Texas Technical Services Inc. “If two or three years from now, that same person needs to be at Turning Basin, the information is already in the system so the administrators just have to push his information to Turning Basin, give him access and it’s done.”
The symmetry central card handler also can access information on a regional basis. A person can receive card access from any workstation since every system has the same card information.
An additional feature is that in the event of a disaster, all records are saved. The system could be rebuilt and cards pushed right back to the region. All TWIC and non-TWIC workstations can access it.
In 2002, Congress enacted the Maritime Transportation Security Act, which requires a biometric security credential of any person using unescorted access when entering secure areas of facilities and vessels.
The final result was TWIC, an identification credential for all staff requiring unescorted access to secure areas of MTSA-regulated facilities and vessels, as well as all mariners holding Coast Guard-issued credentials. People who met TWIC eligibility requirements were issued a tamper-resistant credential containing the person’s fingerprint and an access code that allowed for a positive link between the card and that person.
To receive a TWIC, a person must pass a security threat assessment conducted by the Transportation Security Administration, which looks at criminal background, immigrant status, terrorist watch list screening and mental capacity. It takes approximately 21 days to receive the TWIC.
PHA successfully implemented the TWIC program on the compliance deadline of April 14. Implementing TWIC ensures that people who pose a threat do not gain unescorted access to secure areas of the nation’s maritime transportation system. If someone needs access to a secure area of the PHA, or any federally regulated terminal or facility along the Houston Ship Channel, they must either have a TWIC or be personally escorted by an authorized security team member.
“TWIC controls access to restricted areas, whether it’s an entire terminal or a section of a terminal, but it’s all based on access,” said Bill Crews, port security and emergency operations manager. “Not every port employee has a TWIC. For example, those who work in the executive building in accounting, payroll and purchasing don’t have a TWIC because they don’t have a reason to go to a restricted area. Receiving a TWIC is based on job requirements and where staff interface with people.”
Nearly 300,000 people are required to have a TWIC in the Houston region, including certain PHA employees, longshoremen, truckers, steamship lines staff, stevedores and vendors.
A TWIC is required for access throughout Barbour’s Cut and Bayport container terminals, as well as for access to the waterfront area of PHA’s Turning Basin terminal. All waterfront access throughout the 25-mile ship channel requires a TWIC.
“The TWIC program added a layer of security to port operations that we didn’t have before,” Crews said. “Now we have a method to vet the people that we are allowing access. It’s robust and great to know who is on your port facility at all times.”
Enrollment Outreach Campaign
About seven months prior to the deadline, PHA began an outreach campaign to notify people about the TWIC implementation.
The campaign included one-on-one meetings with the owners, distributing bilingual brochures at every main gate, and e-mail notifications to customers and tenants. Messages were displayed on highway message boards to specifically communicate with truckers, the largest population that needed to be enrolled.
To help streamline the enormous enrollment process that was ahead of them, PHA not only set up five desktop enrollment stations throughout the PHA to make it easy for people to enroll, but they also went out to the companies involved to proactively register workers. Using their Datastrip DSV2+Turbo© mobile reader with Codebench’s PIVCheck Plus software, they made arrangements with the transportation companies and UL labor unions to visit and enroll people at their locations. “
When you ask people to come in, you are taking them away from what they should be doing,” Crews said. “We worked with some of the larger trucking companies and asked if they would get their guys together. We went to their location with our mobile reader and registered 200 people at one time. They didn’t have to worry about 200 of their people taking a break and coming down to the credentialing office on company time to do that.”
“The PHA security staff enrolled approximately 60 to 70 percent of the TWIC registrations remotely,” Lee said. “In the evenings they would come back to the office and register all the people they could.
“It was time consuming due to the amount of people. There were nearly 7,000 hourly people easily, and that’s not including the truckers. They did all of this in three to four weeks.”
Crews was thrilled he could use the handheld reader to get people enrolled ahead of time. After everyone is enrolled, the reader will become a compliance tool to help maintain a high level of security by spot checking people throughout PHA.
How it Works
At this point, only electronic verification of the TWIC is being implemented. Ports require people to show credentials, and the security staff is trained to recognize false information. Security is ensuring the card is legitimate and making sure the person holding the card is the person on the card, but there is no interrogating of the card at this point.
The PHA had chosen AMAG’s Symmetry Global Security Management System prior to the TWIC mandate because they felt it was a proven product. AMAG’s experience in other sectors of the government proved they could provide government compliance as new mandates were initiated.
The key to the PHA’s TWIC implementation is integration between AMAG Technology’s Symmetry Global Security Management System and Codebench’s PIVCheck Plus software.
The integration allowed PHA to link the new TWIC to its legacy Desfire card, the card in use prior to TWIC. In some cases, people needed to use their legacy card, but they also needed to have TWIC because there are secure areas of the port and they needed a mechanism to update the existing cardholder record with the additional information.
Symmetry global enables new TWIC holders, such as truckers, to capture the information and import it directly as a new cardholder record. In some cases, they are linking the TWIC to a cardholder record that exists. In other cases, they are adding a new cardholder record with a TWIC in Symmetry. TWIC information is automatically loaded into Symmetry -- no manual data entry is needed.
Codebench’s PIVCheck Plus software performs a four-factor authentication that includes viewing the photo of the cardholder, matching a PIN, verifying a biometric fingerprint and checking the card’s digital certificates against the TSA Hotlist. PHA currently uses the visual verification and checks digital certificates, using the Certificate Manager feature of the PIVCheck Plus software against the TSA Hotlist. PHA is waiting for the government to mandate the biometric phase of the TWIC program.
“The PHA checks the TSA Hotlist during the registration and import of the information into Symmetry, but Codebench’s Certificate Manager constantly rechecks the TSA Hotlist afterwards on a periodic basis,” said Geri B. Castaldo, Codebench CEO. “If it finds a TSA revoked card, our software can go into Symmetry and suspend any card that is associated with that person. This only happens when you are checking the digital certificates.”
The PHA checks the TSA Hotlist every 11.2 hours to ensure no unauthorized people are on the premises. If the TSA Hotlist confirms a person is on the list, it immediately suspends the person’s card and sends an e-mail notification to PHA security personnel.
Challenges for TTSI
Established in 1985, Texas Technical Services was founded on the philosophy of providing customers with the best value by leveraging integrated solutions to meet any need. TTSI uses open-architecture systems to allow integration with existing technologies.
This philosophy provides customers with greater ROI by reducing support costs via a single user interface and allowing customers’ organizational units easier access and flexibility when using these types of solutions.
Overcoming the short time period from approval to completion was a big challenge for TTSI. It took weeks of everyone on all sides of the project working around the clock to complete the project on schedule.
Another monumental challenge was getting as many people as possible enrolled. Many of the people are migratory -- they may work in Galveston one month and Houston the next month.
Overseas vessel masters and their crews are considered foreign nationals and are not eligible for a TWIC. If they leave their vessel to go on shore leave, they have to be physically escorted from the vessel to outside the restricted area.
To resolve this issue, the PHA partnered with a faith-based organization and a security company. The groups were issued TWICs and now personally escort the foreign nationals to and from their vessels.
Crews is happy with the outcome of his security program as a whole and feels he has a comprehensive system in place. “TWIC added another layer of security to an already robust security system,” he said.
Securing the Water
By Edward Troha
Securing maritime environments is one of the most challenging tasks for security professionals. However, video analytics offers comprehensive capabilities for helping to keep the waters safe.
During the 2008 Beijing Olympics, for instance, the city of Qingdao incorporated ObjectVideo’s video analytics software into its existing security infrastructure. The software has key functions particularly suited for water-side environments. It can detect if someone or something appears from under the surface of the water, while filtering out many of the normal occurrences on the water, such as white caps, reflections and tide movement, and reducing false alarms.
One of the world’s largest global petroleum suppliers also has implemented ObjectVideo’s video analytics to help secure on-load and off-load access bridges, supply pipelines, docks and the surrounding open water to help them better identify potential threats. Every off-load of fuel tankers represents more than $1 million in gross profit -- an investment worth securing. The technology also has been used to help secure the Port of Jacksonville, Fla.
While securing water environments may be difficult, it is not impossible. Video analytics can supply the intelligent ingredient to any surveillance solution for keeping a watchful eye over an area that is often difficult to secure effectively.
Edward Troha is the managing director of global marketing at ObjectVideo.
Kim Rahfaldt is Director of Media Relations at AMAG Technology, Inc., based in Torrance, Calif.