Tailgating is more dangerous than expected.
Tailgating, also known as piggybacking, is a physical security breach where an unauthorized individual gains access to a
restricted area by following an authorized person. Unlike digital attacks, tailgating targets physical access points such
as office entrances, secure rooms, or facilities. This module helps users understand the importance of physical security and
how to prevent unauthorized access.
How to Notice a Tailgating Attempt
Tailgating often occurs when someone without proper credentials attempts to enter a secured area by taking advantage of
another person’s access. Warning signs include individuals asking others to hold the door open, claiming they forgot their
access badge, or carrying items to gain sympathy and assistance. Attackers may also pretend to be employees, maintenance staff,
or delivery personnel. Any person entering a restricted area without visibly using proper credentials should be considered
suspicious.
Reacting to a Tailgating Attempt
If you notice someone attempting to gain unauthorized access, do not allow them to enter using your credentials. Politely
ask them to use their own access badge or direct them to the appropriate entry point. If the situation feels suspicious, report
it to security personnel or your organization’s security team. Avoid confrontation, but ensure that security protocols are
followed at all times.
Avoiding Tailgaiting Attempt
Preventing tailgating requires awareness and adherence to physical security policies. Always use your own access credentials
and never allow others to enter secured areas without proper authorization. Do not hold doors open for individuals you do not
recognize or who do not have visible identification. Encourage a culture of security awareness where employees understand the
importance of protecting physical access points. Regular training and reminders can help reinforce these practices.
Tailgating is a simple yet effective method attackers use to bypass physical security. By staying alert, following access
control procedures, and not allowing unauthorized individuals to enter secured areas, users can help protect their organization
from physical and cybersecurity risks.