Show Notes
When Temporary Access Stops Being Temporary
In this episode of Built, Wired & Secured, Alex Morgan and Michael Harrington break down one of the most common and underestimated building operations risks: short-term vendor access that quietly turns into long-term exposure. The conversation opens with an anonymized but familiar scenario. A maintenance crew needs access to a telecom closet for fiber work, so a badge is issued with a week-long window for convenience. Two months later, a nighttime door alert reveals the badge is still active. The contractor is long gone, the closet should never have remained exposed, and the building team is left sorting through logs, invoices, and tenant concerns.
That example frames the core issue of the episode: temporary access is necessary, but if it is not governed carefully, it can create physical, digital, and operational risk. Rather than focusing on products or legal advice, this discussion stays centered on approval models, lightweight controls, evidence collection, and demobilization steps that commercial property and operations leaders can actually put into practice.
Approval Should Be Structured, Not Casual
Michael explains that the person requesting access should not also be the person approving it. Instead, he recommends role-based decision points:
- The site operations lead approves the physical scope of access.
- The IT lead signs off on any network or digital access.
- A business owner, tenant, or property manager acknowledges work affecting tenant spaces.
That structure creates a small approval committee instead of relying on a single sign-off. The point is not bureaucracy for its own sake. It is to prevent overgranting privileges and to make sure the access window matches the actual job.
The episode also stresses that convenience-driven durations are often where problems begin. Michael’s rule of thumb is task-based timing:
- Roughly four hours for simple inspections
- One day for small installs
- Up to three business days for more complex work
Most importantly, every access request should include a prescribed end time, not an open-ended “until finished” assumption. Hard expirations should be built into the badging system so access cannot quietly continue without reauthorization.
Templates Reduce Guesswork
One of the most practical recommendations in the episode is to use pre-authorization templates for common trades. Instead of reinventing approval logic every time, building teams can prepare standard scopes for electricians, low-voltage technicians, HVAC contractors, telecom vendors, and cleaning crews.
According to Michael, those templates should define:
- Allowed zones
- Maximum duration
- Whether on-site supervision is required
- Mandatory evidence items such as signed logs or timestamped photos
This makes access decisions more consistent, easier to audit, and faster to execute under pressure.
Issuance and Verification Patterns That Actually Work
The conversation then moves into the operational side of issuing and validating short-term access. Michael outlines three lightweight patterns that work across both physical and digital environments.
- One-time or single-use credentials that expire after first use or after a tight time window
- Dual-control handoffs for sensitive zones, where someone from operations escorts the contractor in and out
- Simple evidence capture that proves the work occurred and the space was secured afterward
That evidence does not need to become a heavy audit burden. In fact, the episode argues for keeping it simple and reliable. A strong minimum chain of evidence can include:
- A timestamped photo of the contractor at the workstation or of the secured door after work
- A signed exit log with the contractor name and badge ID
- An automated system note showing badge issuance and expiration
Together, those artifacts create enough accountability to investigate issues quickly if something later looks wrong.
Tenant Communication Matters Too
Another useful point in the episode is that ephemeral access is not just a security workflow. It is also a tenant experience issue. Tenants often want visibility when vendors are entering their suite, working in adjacent areas, or affecting common spaces.
Michael recommends simple, pre-approved notices that cover:
- Scheduled work date and time
- Expected impact
- The operations point of contact
- Whether the work is intrusive or non-intrusive
That kind of notice reduces surprises, supports professionalism, and creates a documented record that the tenant was informed.
Revocation and Demobilization Cannot Be an Afterthought
The final segment focuses on what happens when the job ends. Michael’s advice is clear: access cleanup must be part of the closeout process, not something teams remember later. He recommends an acceptance test before the contractor leaves site, followed by a quick sampling audit within 48 hours.
A practical demobilization checklist should include at least three required items:
- Evidence that credentials were revoked in the system, with timestamps
- Physical confirmation that temporary keys or badges were returned and accounted for
- A signed handoff note showing the work is complete and documenting any open follow-ups
If there are unresolved items, they should be assigned to named owners with deadlines before the team leaves the building. That closes the loop operationally and limits ambiguity later.
Two Field Examples, Two Different Outcomes
To bring the framework to life, Michael shares two anonymized examples. In the clean example, a telecom vendor performs a weekend fiber pull using a one-day access window. Operations escorts the crew, captures a timestamped closure photo of the telecom room, gets the demobilization checklist signed, and revokes the badge at 6 p.m. Sunday. On Monday morning, the team samples the logs and confirms there was no access after the revoke time. The result is a smooth, low-friction handover with zero tenant impact.
The second example shows what happens when cleanup is missed. A subcontractor working on an HVAC tune-up is issued a badge for a multi-day job. Scheduling shifts, the work finishes early, and the badge is never returned or explicitly revoked. Three weeks later, a night access alert tied to that badge forces the team to investigate, check footage, notify tenants, and tighten controls. The lesson is direct: never assume a credential was returned just because the work appears complete.
Three Actions to Take This Week
Michael closes the episode with three immediate actions building teams can implement right away:
- Create role-based approval templates for the five most common trades and define a maximum duration for each
- Require a demobilization checklist plus evidence, including a timestamped photo and signed handover, before any access request is closed
- Run a 48-hour sampling audit on recent access events to find badges that outlived their approval windows
The broader message of the episode is simple but important: small, repeatable governance steps do more than improve security. They reduce operational cleanup, protect tenant trust, and keep a routine vendor visit from becoming a monthslong liability. Listeners are also directed to the Built, Wired & Secured resource hub at GDS Technology to download the one-page Ephemeral Access Checklist and pre-approved notice templates referenced in the discussion.
Clocked In, Locked Down: Why Ephemeral Vendor Access Needs Real Governance
Temporary vendor access is one of those building operations issues that feels routine right up until it creates a serious problem. A contractor needs to enter a telecom closet. A maintenance team needs access to a tenant-adjacent area. A short project requires both physical entry and some level of digital connectivity. The request sounds practical, the work feels time-bound, and everyone is trying to keep the day moving.
But as this episode of Built, Wired & Secured makes clear, “temporary” access often fails not because the work was unusual, but because the control process around it was too loose. Alex Morgan and Michael Harrington use an anonymized opening scenario that many property and operations leaders will recognize immediately: a week-long access badge is issued to make scheduling easier, the job ends, and the badge remains active. Weeks later, a nighttime alert reveals that the badge still opens a sensitive telecom closet. Now the building team is not just managing a credential problem. They are chasing logs, explaining exposure, dealing with tenants, and cleaning up an issue that should have ended with the original job ticket.
The value of this conversation is that it does not get lost in products, platform settings, or abstract policy language. Instead, it focuses on a practical operating model for approving, issuing, verifying, revoking, and auditing ephemeral access in commercial buildings.
Start With Separation of Duties
One of the strongest points in the episode is also one of the simplest: the person requesting access should not be the person approving it. That distinction matters because convenience and security do not always point in the same direction.
Michael recommends role-based decision points that align with the type of access being requested. The site operations lead approves the physical scope. The IT lead signs off on network or digital access. If the work affects tenant spaces, a business owner, tenant, or property manager should acknowledge it. In practice, that creates a small committee rather than a casual single approval.
For property teams, this is about more than internal discipline. It creates a repeatable governance structure that reduces overgranting and improves accountability. When multiple stakeholders confirm scope, duration, and impact, the access request becomes a controlled business process instead of an informal favor.
Define Access Around the Task, Not the Calendar
The episode also pushes back on one of the most common habits in vendor coordination: issuing access windows that are longer than necessary because it seems easier operationally. That approach may reduce scheduling friction in the moment, but it increases exposure immediately.
Michael offers a practical rule of thumb. A simple inspection may justify a four-hour window. A small install may need one day. A more complex fix may need up to three business days. The important principle is not the exact number. It is that the window should be task-based and tied to a prescribed end time.
That last point matters. “Until finished” sounds flexible, but it leaves too much room for drift. By contrast, a hard end time forces a decision. If work needs to continue, someone must reauthorize it. That creates a clean line between approved work and lingering risk.
For building operators, this is where access hygiene becomes business discipline. Shorter, clearly defined windows limit exposure, reduce cleanup, and make downstream auditing far easier.
Templates Make Good Decisions Easier
Ad hoc decision-making is one of the main reasons temporary access gets messy. The episode recommends pre-authorization templates for common trades such as electricians, low-voltage technicians, HVAC vendors, telecom contractors, and cleaning crews.
These templates are not just administrative shortcuts. They standardize what a valid request should include and what controls must accompany it. Each template can specify:
- Which zones are allowed
- The maximum access duration
- Whether escorting or supervision is required
- Which evidence items must be collected before closeout
This approach improves both speed and consistency. Staff are not reinventing rules under pressure, and vendors know what the building expects before work begins. In a commercial real estate setting, that consistency supports smoother operations and a more professional tenant experience.
Use Lightweight Controls That Leave a Clear Trail
The episode does a good job separating “good evidence” from “heavy process.” Many teams hear words like audit trail and immediately imagine bloated paperwork. That is not what is being recommended here.
Michael outlines three practical patterns that work well across physical and digital access scenarios. First, use one-time or single-use credentials whenever possible, or at minimum credentials that expire after a narrow time window. Second, apply dual-control handoffs in sensitive areas so operations escorts the contractor in and out. Third, capture a few reliable evidence points that confirm who was there, when they were there, and whether the space was secured afterward.
The suggested chain of evidence is intentionally simple:
- A timestamped photo
- A signed exit log with the contractor name and badge ID
- An automated system note showing issuance and expiration
That is not an overbuilt audit program. It is a lightweight proof package that helps teams answer questions quickly if something looks wrong later.
From a business standpoint, this matters because response time shapes impact. The faster a building team can verify what happened, the faster it can reassure tenants, isolate a problem, and avoid prolonged operational disruption.
Tenant Trust Is Part of Access Governance
Another insight from the episode is that ephemeral access is not only a facilities or security issue. It is also a tenant communication issue. Vendors often move through spaces that tenants care about deeply, whether those are suites, adjacent corridors, or shared infrastructure areas.
Simple pre-approved notices can make a major difference. A brief message that explains the work date, expected impact, and operations point of contact reduces surprise and sets expectations. It also creates a record that the tenant was informed.
That may sound like a small operational touch, but it supports trust. In commercial environments, tenants do not only judge a property by whether work gets done. They also judge it by whether that work feels controlled, communicated, and respectful of their space.
Closeout Is Where Access Programs Usually Succeed or Fail
The most important operational lesson in the episode may be this: demobilization has to be part of job close. If revocation and return are treated as afterthoughts, temporary access will eventually become a recurring liability.
Michael recommends an acceptance test before the contractor leaves, followed by a sampling audit within 48 hours. Before closeout, operations should confirm that credentials were revoked, access points are secure, temporary equipment is removed, and keys or cards are returned. A demobilization form should be signed by both the contractor and the site lead.
He highlights three must-have closeout items:
- Revocation evidence with timestamps
- Physical confirmation that temporary keys or badges were returned
- A signed handoff note showing the work is complete and noting any follow-up items
This is where many teams think they are done because the technical work is complete. In reality, the access workflow is not complete until the credential state is verified and documented.
Two Real-World Patterns Every Building Team Should Recognize
The episode’s anonymized examples make the contrast clear. In the successful case, a telecom vendor performs a weekend fiber pull using a one-day access window. Operations escorts the team, captures a closure photo of the telecom room, gets the paperwork signed, revokes the badge that same evening, and samples logs the next morning. No access occurs after revocation, and the job closes cleanly.
In the failed case, a subcontractor badge for an HVAC tune-up remains active after scheduling changes and early completion. Weeks later, after-hours activity tied to that same badge forces the team into reactive investigation mode. The core lesson is not complicated: never assume return, and never assume expiration happened just because the work ended.
Three Immediate Actions for Property and Operations Leaders
Michael closes with a three-step action list that is easy to adopt this week:
- Build role-based approval templates for your five most common trades
- Require a demobilization checklist and evidence package before closing any access request
- Schedule a 48-hour sampling audit to catch badges that outlived their approved windows
Those are practical controls, not theoretical ideals. They help teams reduce exposure without making day-to-day operations unworkable.
The larger takeaway is that ephemeral access is a governance issue disguised as a scheduling issue. When handled casually, it creates avoidable risk. When handled with repeatable approvals, constrained durations, lightweight evidence, and disciplined closeout, it becomes manageable.
For property leaders, operations teams, and anyone responsible for shared building infrastructure, this episode offers a strong reminder: small controls protect more than doors and closets. They protect trust, reduce cleanup, and keep temporary work from becoming a lasting problem. To go deeper, listen to the full episode and use the checklist and notice templates referenced in the conversation through the Built, Wired & Secured resource hub at GDS Technology.