Browse Definitions :
Definition

tailgating (piggybacking)

Contributor(s): Matthew Haughn

Tailgating, sometimes referred to as piggybacking, is a physical security breach in which an unauthorized person follows an authorized individual to enter a secured premise. 

Tailgating provides a simple social engineering-based way around many security mechanisms one would think of as secure. Even retina scanners don't help if an employee holds the door for an unknown person behind them, out of misguided courtesy.

People who might tailgate include disgruntled former employees, thieves, vandals, mischief makers people with issues with employees or the company. Any of these have the potential to disrupt business, cause damage, create unexpected costs and lead to further safety issues.

Methods to protect your premises from tailgating include:

The presence of security measures can lead to a false sense of security, which can make people ignore simple and non-technical methods of subverting security. Although simple, tailgating can be very effective and educating employees to recognize and resist social engineering attempts is the single-most effective way to prevent it.

This was last updated in January 2017

Continue Reading About tailgating (piggybacking)

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

Share your Margart, 

Great post!   Re: Tailgating, sometimes referred to as piggybacking.

Just a subtle distinction: Tailgaiting and piggybacking similar in that two people pass through a door using the first person's credential - but they are actually different.

Piggybacking implies that the person opening the door knowingly allows passage to an unauthorized subject. With piggybacking, both people are complicit and are deliberate and active participants. Whereas tailgating implies only the unauthorized subject is aware of the breach because they sneak in before the door closes without consent or awareness of the person that opened the door.
Cancel

SearchCompliance

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

  • PCI DSS (Payment Card Industry Data Security Standard)

    The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to ...

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

SearchSecurity

SearchHealthIT

SearchDisasterRecovery

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

  • cloud disaster recovery (cloud DR)

    Cloud disaster recovery (cloud DR) is a combination of strategies and services intended to back up data, applications and other ...

SearchStorage

Close