InstaKey Security System

Key Control Analysis

The InstaKey® Security System incorporates many key control analysis practices to determine the best and most cost effective program designs. InstaKey® personnel work directly with you providing many tools that can properly evaluate your mechanical lock and key management program. Whether you have an on-staff locksmith or contract those services out, InstaKey® can help determine if there is a better way. Is your key control a cornerstone or liability? Our staff will help review your current re-key expenses, generate Return on Investment (ROI) charts, assist with developing capital expenditure funding justifications, implement new construction order procedures, and always provide you with a listing of our satisfied customers. Please contact your InstaKey® representative if you would like assistance with determining how you can start saving.
Rate Your Key Control

Do you know who has all the keys currently distributed within your system(s)?
Yes | No | Don't Know

Yes: You are one of few who have achieved this level of control. Many security experts consider it the single most important element to key control and you have that aspect in place.

No: Not a good situation... There are those who focus on whether keys can be duplicated. There are others who tout their readiness to rekey. But think about it, not knowing who has all the currently operable keys is a very vulnerable position to be in.

I Don't Know: Wouldn't you like to?

Are the keyblanks utilized in your system(s) restricted such that duplication of a cut key can only happen with properly authorized approval?
Yes | No | Don't Know

Yes: Good for you... Using a lock system with restricted keys provides you with the assurance that five keys cannot turn into six keys without your knowledge.

No: This is typically a very serious flaw in any key control program. If keys you hand to trusted keyholders can be easily duplicated by going to the local hardware store or home improvement center, there are now keys out there we don't even know about.

I Don't Know: Try going to a local key duplicating facility and see if you can get a copy made of your key.

Is every locked door in your facility documented and recorded?
Yes | No | Don't Know

Yes: Great! You'd be surprised how many security/facility managers have lost control of their actual number and identification of locked doors over time (renovations, moving, new construction, etc.).

No: The good news is that you are a member of the majority. The bad news is that if you aren't even aware of a locked door, it is unlikely you have much control over who gets in.

I Don't Know: Need we say more?

If a key is reported "lost", do you rekey the effected door(s)?
Yes | No | Don't Know

Yes: Excellent! It is surprising how many security/facilities managers will try justifying the risk of a lost key to the cost of actually rekeying.

No: Possibly okay - maybe not. If that lost key was dropped over the side of a boat, it is likely not to be any risk at all. However, are we entirely sure that a lost key is not in the hands of someone we may not wish to have it?

I Don't Know: It would be interesting to check the policies.

If a key were reported "stolen", would you rekey the effected door(s)?
Yes | No | Don't Know

Yes: Perfect! A key known to have been purposefully taken is hardly considered "risk free".

No: It's hard to believe, but you are not the only one. Many a security manager has determined the cost required to rekey is not worth the risk. Not taking any action for a lost key is understandable, but a stolen key is something altogether different.

I Don't Know: Should we be asking someone?

If the police were summoned to an event and asked "who has a key to this door?", would you know the answer?
Yes | No | Don't Know

Yes: You have control of your system. Most folks in your position never even think about the answer to a question like this until it's asked - and then it's too late.

No: Think about the ramifications of this answer. Someone just stole all the computer equipment out of this office and we are not in a position to even name who may have had a key to get in.

I Don't Know: We suspect that "I don't know" is really not the answer. Why? Because we either know or don't know who has access.

If you found a key on the floor in a hallway, would you know whose key it was?
Yes | No | Don't Know

Yes: Answering yes means you have likely gone to that next major step in key control. You are to be congratulated. Most managers focus on the identification of the door and the keyholder, but typically forget about actual identification of the key itself. Rather than handing someone a piece of brass that operates a door, you have brought this to a new level. You can hand them this piece of brass and forever more know who this piece of brass is assigned to.

No: If you think about it, without being able to identify a specific key, we really have no way to audit or monitor who is holding what keys. Without such identification, keys can be moving from person A to person B and we'll end up eventually not knowing the fundamental answer to the question "who has access to this space?".

I Don't Know: Like most folks, the newly found key will find its way into that coffee can down in Facility/Security Management - you know the can - the one that houses all those other keys that we don't know where they go or what they do, but we better not throw them away.

Does anybody other than your own employees ever carry a key to your facility?
Yes | No | Don't Know

Yes: Now ask yourself the question as to whether you know exactly who they were loaned to and did you get them back. Think about that last construction project you had when you were handing out keys to every subcontractor that needed access. Are you at risk?

No: This is probably the safest answer to security, but not likely in that most every operation will, from time to time need to grant an outsider access. The trick is to maintain full control of that loaned key and get it back when it is no longer needed.

I Don't Know: What can we say? If we don't know, it is unlikely we have control.

Is there a single individual/department in your organization ultimately chartered with the management aspects of your key management system(s)?
Yes | No | Don't Know

Yes: Good for you. The art of any security program is that it be designed from the top with delegation and authorities handed down and controlled entirely. The fact that it is a security system automatically means it needs a set of checks and balances throughout. The fact that you answered yes to this questions means you likely understand that philosophy entirely. Now all you need to do is assure yourself that the single entity you empowered is administering the very rules you put in place.

No: One of the biggest flaws found in many a security program is that we tend to want to disseminate responsibility to many when indeed it is that very dissemination without tight controls that can lead to the downfall of a program's integrity.

I Don't Know: Not an uncommon answer. We may see many involved in a program, but we need to dig deeper to see if those involved are indeed properly controlled.

Is the data management (records) of your key system computerized?
Yes | No | Don't Know

Yes: Way to go! Is it "real time" (as in events being recorded as they occur)?

No: Isn't it time to join the rest of society?

I Don't Know: We probably need to check into this - don't you think?

INFORMATION

	FAQs

	Myths

	Key Control Analysis

	Program Tools

	Downloads