Is Your Mailroom Vulnerable? 5 Tips for Improving Security

The 2019 SafeMail® Mail Security Survey revealed that more than one-third of U.S. organizations surveyed had received at least one mail threat, to include hazardous mail and hoaxes, within the past year. Those surveyed included mailroom managers as well as facilities and securities managers from a variety of service sectors, including government, financial services, and manufacturing. The same survey revealed that 48% of organizations screen only some or none of their mail for hazards.

While we hear a lot about threats to digital mail, threats to physical mailrooms are alive and well. These include letter or package bombs, chemical threats, biological threats, radiological threats, and mail theft.

Mail screening is just one of a suite of processes to tend to if you want optimal security for your mailroom. But if you’re like many mailroom managers, just keeping up with the chaos of the day to day activity is enough to pack your days full. So how do you improve mailroom safety with only limited time to do so?

Here are a few tips from our PackageX management team:

1. Assess your risks. Your security plan will look different depending on your organization’s risk profile. Perpetrators of mail threats could include terrorists, homegrown extremists, disgruntled employees, ex-employees, or people who have a vendetta against your organization.

Consider the following factors as you assess your risks from these potential perpetrators:

• Public profile — If you’re a dance studio in Beaver, Utah, you probably have less to worry about than a congressional office in Washington D.C. Some industries—such as banking, legal and transportation—loom larger in the public eye and tend to be more vulnerable to threats.

• Location — Per our example above, location matters. Organizations in urban areas are more prone to mailroom threats than those in more rural areas.

• Symbolism — If your organization is associated with something controversial, no matter how small or rural it is, it could still be a target. An abortion clinic or a small non-profit to help immigrants might be the subject of mail attacks because of the fraught issues they represent.

• Mail volume — This one is simply a game of odds. If you get huge volumes of mail, it follows that you’ll have a higher chance of getting a dangerous piece of mail.

If your risk profile is high, you’ll need to raise your standards accordingly, augmenting your processes with sophisticated mail scanning equipment if appropriate.

Be mindful that your risk levels could change. For example, if your organization shakes up the staff with hirings and firings, or if they release a controversial press release, you’ll want to alert your staff to increased risks.

2. Streamline your workflow. Sloppy or clumsy processes create security gaps. Carefully define proper processes for receiving, sorting, storing and delivering mail and packages. We’ve seen some pretty chaotic mailrooms with archaic equipment, cramped or haphazard sorting areas, undefined receiving areas, and unsecured package storage areas. Don’t be one of those. Organizing processes and physical spaces helps reduce risks for errors and security breaches.

If you haven’t integrated a cloud-based package tracking system yet, consider doing so. It can go a long way in improving your workflow. When you scan incoming mail, the software can generate automatic emails to recipients letting them know that their mail has arrived. With a few keystrokes, they can signal their intentions for the package (forward, deliver between these hours, hold for pickup, etc.) The software can also track how long a package has been sitting around waiting for pick up. In addition, many of these software suites include machine vision to track packages and assets with a simple photo. This end-to-end visibility helps you see exactly what is coming in and out of your mailroom.

3. Define communication processes. Things can fall through the cracks if mailroom employees don’t know who to report suspicious mail to. Make sure that employees on every shift (including graveyard) know exactly who to contact and how to reach them if they have concerns. Clearly define which types of threats must be escalated higher up the chain of command.

4. Train your employees. Do your employees know what constitutes a suspicious package? If you have screening equipment, do they know how to use it? How do they handle suspicious powders or liquids? Explosives? How do they report missing packages? Knowledge is power, and your employees need to know how to handle the full range of potential mail threats. This can be accomplished through thorough staff trainings.

Make sure that these trainings are integrated into the onboarding process for new employees and that you hold refresher courses regularly. You should also conduct drills so that employees can put what they have learned into practice. This can help get those processes into their “muscle memory.” Appoint someone with the right credentials to develop and offer this training and run the drills (or consider outsourcing it to a qualified company).

5. Post safety guidelines. Post threat mitigation steps in conspicuous places in your mailroom. This helps keep safety measures top of mind for your employees and also gives them step-by-step guidance that they can refer to if a threat does arrive. Because these experiences can induce panic, posted refreshers can help people stay calm and follow directions.

It has been said that complacency is the enemy of security. Mail attacks will undoubtedly continue—and in many cases, with greater sophistication. However, proactive preparation can help safeguard your staff, your residents and your facilities and give you greater peace of mind.