Physical barriers must be accompanied by an admission procedure “filter”. Such procedures determine when, how and who gains access to any part of the office. Access to sensitive areas, such as keys, information and money, must be restricted.

The easiest way to gain entry to an office where human rights defenders work is to knock on the door and get inside. Many people do this every day. In order to reconcile the open character of a human rights office with the need to control who wants to visit you and why, you need appropriate admission procedures.

In general, people have a particular reason to want to enter or knock on your door. They often want to ask a question or to deliver something, without neces- sarily asking permission first. Let’s examine this case by case:

Someone calls and asks for permission to enter for a particular reason.

You should then follow three simple steps:

1 - Ask why the person wishes to enter. If s/he wants to see some-

body in the office, consult the latter. If that person is not present, ask the visitor to return at another time or to wait somewhere outside the restrict- ed office area. It is important to use spy holes, cameras or entry phones to avoid having to open or approach a door, especially if you want to refuse someone entry or are facing violent or forced entry. It is therefore good to have a waiting area which is physically separate from the office’s internal entrance. If an easily accessible public area is essential, ensure that there are physical barriers blocking access to restricted parts of the office.

Someone could request entry in order to check or repair the water or elec- tricity supply or carry out other maintenance work. S/he could also claim to be a media representative, a state official, etc. Always confirm their identity with the company or organisation they claim to be representing before allowing them entry. Remember that neither a uniform nor an iden- tity card are guarantees of proper and secure identification, especially in a medium or high-risk situation.

2 - Decide whether or not to allow access. Once your visitor’s reason

for entering has been established, you’ll need to decide whether or not to allow them in. Just because someone states a reason for entering isn’t a good enough reason to let them in. If you are not sure what their errand is, don’t allow access.

3 - Supervise visitors until they leave. Once a visitor has entered the

office, make sure that someone is supervising them at all times until they leave. office, make sure that someone is supervising them at all times until they leave. It is useful to have a separate area to meet with visitors, away from the restricted areas.

Someone arrives or calls asking questions.

Regardless of what a caller or visitor might say, you should under no circum- stances tell them the location of a colleague or other people nearby, nor give them any personal information. If s/he is insistent, offer to leave a message, ask them to come or call back later or make an appointment with the person they wish to see.

People can often show up mistakenly, asking if so-and-so lives there or if some- thing is for sale, etc. Some also want to sell things, and beggars can come look- ing for help. If you deny these people access and information, you will avoid any security risk.

A record should be kept of every visitor with name, organization, purpose of visit, who they met with, time at which they arrived and left. This can be particularly useful when reviewing what went wrong after a security incident.

Someone wants to deliver an object or package.

The risk you run with a package or object is that the contents could compromise or hurt you, especially in case of a package or letter bomb. No matter how the innocent it may look, do not touch or handle a package until you have taken these three simple steps:

1 - Check if the intended recipient is expecting the package. It is

not enough that the recipient knows the sender, because the sender’s identity could easily be faked. If the intended recipient is not expecting a package, s/he must check that the supposed sender has actually sent them something. If the package is simply addressed to your office, check who sent it. Wait and discuss the issue before making a final decision.

2 - Decide whether or not to accept the package or letter.

If you can’t establish who sent the package, or if this will take time, the best option is not to accept it, especially in a medium or high risk environ- ment. You can always ask for it to be delivered later, or collect it at the post office.

3 - Keep track of the package inside the office. Make sure you know

where in the office the package is, at all times until the recipient accepts it. In some countries, a package is announced over the phone and it is the defender who has to go and pick it up. It might be a trick to attract the defender and expose them to aggression. As the phone might not be reg- istered, it is impossible to track the caller down. Once the defender has enquired about the origin of the package, they can check the information with the alleged sender and ask them the route of the package. Then, the defender can decide whether it is safe to go and pick it up or not. They can also ask the caller to bring round to the office and follow the above proce- dures. Most probably, if it is a pretext, the caller will abstain from turning up at the office.

During functions or parties.

In these circumstances, the rule is simple: Do not let anyone whom you don’t know first hand enter. Only people who are known to trusted colleagues should enter, and only when that colleague is present and can identify their guest. If a person shows up saying they know someone in the office check the information the person being mentioned and if s/he isn’t there, don’t let them in.

Defenders might hesitate and find it difficult to enquire about a visitor and send them away. However, they don’t need to proceed on their own account. They can simply say that they are not authorised to let the visitor in.

Also, for all visitor admission procedures, remember that if the visitor is genuine, they will appreciate the care the organization takes in security and if the visitor is not genuine, they are aware that they also implement security procedures. So, whatever the case, defenders can simply give themselves the authority to deny entry to the unknown visitor. If it helps, they can use a “no and...”: I am not authorized to let unknown visitors in however, if you care to leave your visit card, I will be pleased to inform you of future public events we might organise”.

Keeping records of phone calls and visitors.

It may also be useful to keep a record of phone calls, phone numbers and visi- tors (in some organizations, new visitors are requested to present an identity document and the organization registers the number of the document).

Working extra hours at the office.

There should be procedures for staff working extra hours. Members of an organ- ization intending to work extra hours late at night should report by certain hours with another designated member, take special care when leaving the premises, etc.

All staff members have a responsibility to take action against anyone who is not properly observing the admission procedures. They should also make a note in the security incidents book of any movements by suspicious people or vehicles. The same applies to any object placed outside the building, in order to rule out the potential risk of a bomb. If you suspect a bomb, don’t ignore it, don’t touch it, and do contact the police. When moving offices, or if keys have been lost or stolen, it is essential to change all the locks in the entrance area, at the very least.