Tailgating and Piggybacking: The Access Control Vulnerability That Hardware Alone Cannot Fix

An access control system is only as effective as the behaviour of the people using it. This is a principle that is easy to state and genuinely difficult to act on. In our experience surveying commercial premises, schools, and public sector sites, tailgating — where an unauthorised person follows an authorised one through a controlled door without presenting their own credentials — is by far the most common access control failure we find. And unlike a faulty reader or an expired card, it does not show up in the event log.

Piggybacking is a related problem. Where tailgating is usually opportunistic — a delivery driver slipping through behind a member of staff, a visitor following someone into a secure area out of apparent politeness — piggybacking typically involves the cooperation of an authorised person. A staff member holds a door open for a colleague who has forgotten their card. A contractor is waved through by someone who recognises their van. The intent may be entirely benign. The result is the same: an unrecorded entry, no credential presented, no audit trail.

Why it matters more than most organisations think

Access control systems justify their cost partly through the audit trail they produce. When an incident occurs — a theft, a safeguarding concern, an allegation against a member of staff — the event log is the first thing that gets reviewed. It tells you who was where and when. Tailgating and piggybacking create gaps in that log that are invisible until you need the information that is missing.

In a school, an unrecorded entry by a visitor is a safeguarding failure regardless of whether anything actually happened as a result. The governing body and the DSL need to be able to demonstrate that access was controlled. An event log that shows a door opening at 10.43 but no credential presented — because someone held it open — is a gap in that evidence. Repeat that across a working day at a busy school entrance and the audit trail becomes largely meaningless.

In a commercial setting, the consequences are more directly financial. Organised retail theft regularly involves one person entering through a controlled back door to let others in. Data centre access, server room access, and research facility access are all targets for credential bypass. The technical security of an access control system is irrelevant if the physical vulnerability of a held door defeats it.

Hardware measures that help

Turnstiles and speed gates are the most effective physical countermeasure. They physically prevent more than one person passing per credential presented. The access event log records every entry. There is no door to hold open, because the gate closes immediately after each authorised passage. Turnstiles are standard in transport and large commercial environments; they are increasingly specified for school main entrances, healthcare site receptions, and secure commercial lobbies where tailgating is an identified risk.

Airlocks — sometimes called mantrap vestibules — are a higher-security version of the same principle. A visitor passes through one door into a small lobby. The first door must fully close before the second door can be opened. Only one person can occupy the airlock at a time. This is standard in high-security environments such as data centres and pharmaceutical facilities, and is occasionally appropriate for secure areas within schools or commercial buildings.

Anti-tailgate detection uses sensors — typically infrared or weight-based — to detect when more than one person passes through a doorway after a single credential presentation. When triggered, it can generate an alert, sound a local alarm, or lock the door until the situation is resolved. Anti-tailgate sensors can be retrofitted to existing door installations and integrated with most access control systems including Paxton Net2.

Door position monitoring is simpler and more widely applicable. A door contact sensor records when a door opens and closes. If the door remains open for longer than a defined period — say, more than ten seconds — an alert is generated. This does not detect tailgating directly, but it catches the most common mechanism by which it occurs: doors being propped or held. For schools in particular, an alert when a fire door is held open for more than a few seconds is useful both for security and fire safety.

The part that hardware cannot do

None of the above eliminates the human factor. Turnstiles can be bypassed if the motivation is sufficient. Anti-tailgate sensors generate alerts that someone has to respond to. Door position monitoring is only useful if the alerts are acted on. And piggybacking — where the authorised person deliberately assists the entry of an unauthorised one — is not a technical problem at all. It is a cultural one.

The most effective countermeasure for tailgating and piggybacking is staff awareness: a clear policy that every person must present their own credential at every controlled door, every time, with no exceptions — and the understanding of why that policy exists. This sounds straightforward. In practice, it runs against deeply ingrained social behaviours. Holding a door open for someone is courteous. Refusing to do so feels rude. Staff who challenge an unfamiliar face following them through a door risk an uncomfortable confrontation.

Training that addresses this specifically — not just a general access control induction, but a conversation about what to do when you are the person in front of a controlled door and someone is following you — makes a genuine difference. Giving staff a simple, scripted response reduces the social friction: 'Sorry, everyone needs to badge in separately here' is a complete and inoffensive explanation. The alternative — saying nothing and holding the door — is not politeness. It is a security failure.

What a good access control review covers

When we carry out an access control survey, we walk every entry point and look specifically at the conditions that create tailgating risk. Long swing doors with slow closers are a problem. High-traffic doorways where multiple people typically move through together need different treatment to a low-traffic secure door. Areas where staff routinely bypass the access control system — even for legitimate reasons — need to be identified and addressed.

We also look at the event log. A Paxton Net2 system records every credential presentation and every door opening. If a door is showing significantly more openings than credential presentations, tailgating is the most likely explanation. Reviewing event data over a few weeks gives a clearer picture of where the vulnerabilities actually are — which is often not where the client expects them to be.

Access control is most effective when the technical system and the human procedures that surround it are designed together. A well-specified system with poor user behaviour provides weaker security than a modest system with a well-trained and engaged team. The survey is the point at which we can address both — and where the gap between what a system does on paper and what it does in practice becomes visible.