3.10.3 — Escort Visitors and Monitor Visitor Activity

Every visitor who enters an area where CUI is present must be escorted by an authorized employee and monitored during their entire visit. No exceptions — this includes vendor technicians, delivery personnel, and auditors.

Example 1: Implement a visitor sign-in process at your front desk or building entry. Use a visitor management system like Envoy, SwipedOn, or even a simple paper log. Record the visitor’s name, company, purpose of visit, escort name, and time in/time out. Issue a temporary visitor badge that is visually distinct from employee badges (e.g., a bright red "VISITOR" lanyard).

Example 2: Ensure your escort policy is included in employee training. Employees should know that visitors are never to be left unattended in areas where CUI is accessible. This includes not propping open secure doors for a vendor "just for a minute." Post signage near secure areas reminding staff of the escort requirement.