It’s not clear how the shooter got access to the secure base but it is clear that many systems managers do not delete old users on a regular basis.
When folks leave for a new job or medical leave, many times we do not remove their access authorization to secure areas. Even though the user may come back in the future, it’s a simple task to clear access and return it when they return.
Anything could happen while they are gone. A family member or acquaintance could get hold of the credential and breach security for a variety of reasons! A few minutes a week and this security hole can be plugged quite easily.
Communication with HR can provide a weekly list of who’s not going to need access for a period of time and those credentials can be edited to make sure there’s no unauthorized entry.
We recommend that the credential have the access removed instead of deleting the credential. That way if unauthorized entry is attempted, there will be an electronic trail. If you video system in integrated with the access i.e. Genetec, you will be able to determine who attempted entry.
Take a look at your databases today and make sure you are not leaving your facility at risk by having cards or FOBs floating around that are not longer authorized. It’s for everyone’s good!