When there is an attempt at unauthorized entry using an expired visitor pass, you can use incident automation workflows to track and resolve those incidents.
Automation workflow design considerations for Visitor pass expired incidents
When the Genetec Mission Control™ Rules Engine detects an Access denied event due to expired credentials or access rules, it must trigger the Visitor pass expired incident.
- A live video feed at incident location.
- Steps of action to guide the operator in any of the following situations:
- The visitor is present at incident location.
- The visitor is not present at incident location.
- There is no camera at incident location.
- An export of incident details for forensic analysis.
- Directive for the system to close the incident and remove it from operator view in the Incident monitoring task.
Automation workflow for Visitor pass expired incidents
When the Rules Engine detects a trigger for the incident and the incident becomes active, the first step towards incident resolution would be for the operators to verify the validity of the incident.
- Visitor present
- Visitor not present
- No camera at location
- If the visitor is present at incident location, you can use the Dispatch incident activity to forward the incident to security personnel on-site.
- If the visitor is not present at incident location, you can use the Change priority activity to escalate priority of the incident and dispatch security to find and escort the visitor out.
When one activity branch is complete, the system exits the Parallel tasks activity and proceeds to the incident resolution steps.
Automating post-resolution activities for Visitor pass expired incidents
In this example, the automation workflow waits for confirmation from the operator that the incident is considered resolved.
The operator waits for the security personnel at incident location to clear the incident and changes the incident state to resolved in Security Desk. After the incident state change, the system exports the incident details to predetermined location, closes the incident and removes it from operator view in the Incident monitoring task, all without operator intervention.
When the incident resolution is simple, for example, the visitor is at incident location and security team has been dispatched, you can consider the incident resolved. You can use the Change incident state activity after the Dispatch incident activity to automate incident resolution. If you choose this option, you must move the Export incident and Close incident activities into the same sequence of activities.
After the incident state changes to Resolved, the Export incident activity exports the incident details in XML format to the configured location, and the Close incident activity immediately closes the incident, removing it from the operator's view in Security Desk.
The operator's screen for Visitor pass expired incidents
When the system detects an Access denied: Expired credential or Access denied: Denied by access rule event, it triggers the Visitor pass expired incident in the operator's Incident monitoring task in Security Desk. In this example, the incident is configured to open the video feed at incident location when available.
When there is an escalation in incident priority, it is highlighted in the incident listing with an upward arrow. Based on the user procedure configuration, the operator must enter a comment to describe the situation.
The operator's comment is captured in the incident activity log and when the incident gets dispatched to the security team, they can see those comments and act on them if required.