Key Control Should Control Access and Costs

Interview with Cita Doyle, LPQ

Doyle is the vice president of sales and marketing at InstaKey Security Systems where she is responsible for consulting and educating leadership in loss prevention on mechanical key system best practices. Her tenure at InstaKey has spanned nearly two decades, and during that time she has had the privilege and satisfaction of supporting the advancement of loss prevention one key system at a time. Doyle has been recognized by the International Association of Interviewers as a “remarkable woman” with regard to her commitment to the industry, and she’s received the LPM Magpie Award for Excellence in Partnerships.

With all the programs that loss prevention is responsible for, key systems tend to be a forgotten or overlooked asset that can cost retailers more than they expect or even realize. Despite obvious security concerns, the importance of maintaining a secure key system can also go ignored because of excessive costs and time investments that are often involved in regaining control of a system that tends to become out of control again shortly thereafter. But if the security of a key system is always kept in check, retailers could prevent some losses before opportunities arise, especially when it comes to internal theft. We asked one solution provider for her take on the importance of realizing and addressing these costs.

Why is key control important outside of keeping access controlled?
Keeping control of a key system isn’t just about keeping store perimeters and areas inside of a store secure. It’s about controlling costs as well. A key system that isn’t well controlled will result in the need to rekey locks or swap out cores frequently, and this can be very expensive each time it is needed, especially if we’re talking about a master key system. The goal in controlling these costs should revolve around reducing the number of rekeys or core swaps needed.

- Sponsors -

How are typical key-system costs affecting retail operating expenses?
Key-system costs are often listed as miscellaneous expenses or even part of facilities’ budgets, so they fly under the loss prevention radar. What is typically mixed into profit and loss statements as miscellaneous expenses can be easily overlooked. But this is actually hidden loss that’s not being accounted for and often dubbed an unavoidable cost of doing business. I would suggest that key system expenses get their own budget line for just a year, to be tracked. At the end of the year, retailers will be amazed at how much they are spending on key-system expenses that can be better managed and drastically reduced just by paying attention to them.

How can key systems affect loss?
Most retailers have a policy around keys not being provided to unauthorized individuals as well as policies against leaving keys in areas where they can be taken or borrowed. But there’s not typically enough accountability placed on key holders as most retailers have no method of keeping track of keys. Even if they do, key holders are rarely audited after keys are issued, if at all. Even more alarming, most retailers have key systems with keys that can be duplicated without authorization. So despite issuing keys to authorized personnel, retailers can never really know who has keys and what those keys might open. This leaves many opportunities for internal theft, which is a leading cause of shrink. Employee theft equates to more than $16 billion in retail loss annually.

How can anyone be sure that keys are not duplicated without authorization?
Policies and procedures are a good place to start, but if a key holder wants to take a key to the local hardware store or locksmith to have it copied without permission, it’s likely that they’ll just do it. The best way to maintain control over how many keys are in circulation is through restricted keys. These keys cannot be duplicated because the key blanks that are needed to make a copy do not exist on the open market. I’ve had some people ask me if keys stamped with “DO NOT DUPLICATE” are the same as restricted keys. The answer is no. That stamp is simply a request, and it does not prohibit any willing locksmith, hardware store employee, or automated key copying kiosk from simply ignoring that request and copying a key anyway.

How often should retailers audit keys and key holders, and what is the best way to do that?
I recommend auditing keys and key holders at least quarterly. Moreover, audits should follow a frequency that is in line with the employee turnover rate. The best way to audit is through a blind process where each key holder gets an email or text message requiring that they respond with a list of the unique identifiers on each of the keys they are in control of. Assuming these unique identifiers are kept track of upon the issuance of each key, auditors can cross check that keys are in the possession of the appropriate key holders at any time.

Stay Updated

Get critical information for loss prevention professionals, security and retail management delivered right to your inbox.