The logs enable the OneCard office to keep track of its overall ID card production. If a newly printed card isn’t working, then an employee can easily look up the customer number along with the timestamp from when the card was printed. The tracking system also ensures that employees cannot create free ID cards for their friends or other unauthorized users, as they’re almost guaranteed to be caught.
Lastly, Bodnar took the necessary measures to improve the OneCard office’s physical security. Secured cards awaiting destruction are now locked in a safe box that only the office manager can access. The box is also physically attached to the counter. Blank cards and ribbons, meanwhile, are also locked away in a storage room, and an inventory is kept and updated whenever a manager removes supplies from the storage room.
Bodnar stresses that the new process at Ohio isn’t one-size-fits-all. He does, however, encourage other card office managers to observe their own production environments and make changes where needed.
Each campus may need to take a different approach to securing their cardstock, materials and card production environments. Campuses need to assess their own level of risk individually, he says.
Bodnar also makes it clear that the process of overhauling issuance security can be time-consuming. It took roughly two months for the Ohio OneCard team to test and develop the logging software alone. Cost is also an important factor, as buying new software can be expensive.
“I really recommend that you look at the tools you already have in place that you can utilize,” suggests Bodnar. By using Ohio’s existing logging software, the OneCard office avoided having to pay for new software. The only investment needed was for the locks on the storage boxes where blank cardstock and ribbons are kept.
Finally, Ohio’s OneCard office is now audited yearly in order to update user accessibility. While audits can be nerve-wracking, they also help staff keep track of who has access to the workstations and improve the overall security of card production. The new changes also enable the office to revoke privileges to employees and users that may have left their position to prevent them from having access to the workstations.
As of now, everything has been running smoothly for Bodnar and the Ohio University OneCard office. For other campuses contemplating a security overhaul of their issuance environment, Bodnar offers some universal advice: Determine the level of risk that’s acceptable to your institution, and always test your changes before deploying.