Maintaining Office Security and Hospitality

Man at iPad

by the Nonprofit Risk Management Center

As community-serving nonprofits, we all need to weigh visitor hospitality against staff and client protection. What can go wrong, does go wrong. People do come through unlocked front doors and grab wallets out of purses or computers off of counters. Domestic violence does spill over into the workplace. Folks who disagree with your nonprofit’s mission do retaliate. But there are other safety-related reasons to know who is and who isn’t in your facility at a given time. In an emergency, the fire department or rescue squad needs to know how many people are unaccounted for. Knowing who is in the facility can also be used to prove in a court of law that someone was or was not on the premises at a date and time several months or years in the past or to identify a stranger wandering the halls, entering a restricted area or attempting to remove a client or property from the premises.

Monitor Visitors

For security purposes, anyone who isn’t an employee – temporary employees, VIPs, consultants, contractors, volunteers and clients – should sign in upon entering the building and sign out when leaving.


Establish a main entrance to your facility and secure it. Access can be controlled at varying levels of cost by a locked door with door bell and peephole, a locked door with intercom or a locked glass interior door with electronic release controlled from receptionist’s desk.

Visitor Log

Record all persons entering the facility (except full-time employees and permanent part-timers), in a permanent logbook. The log should include space for a persons name, the entity it is representing, a badge number, purpose for visit, who the visitor is visiting, time arrived and departed.

Before an unknown person is allowed to go further than the entry area, whomever has unlocked the door should be certain that the person has signed the logbook, the name is legible and the purpose of the visit is legitimate. Should the name seem questionable, politely ask the person to wait while calling to verify they are expected before allowing him/her to proceed.


A visitor badge program helps quickly legitimize people in the building who aren’t staff. The badge says the visitor has been vetted at the checkpoint, has signed in, and stated their business. The visitor should be instructed to turn in the badge when signing out of the building.

The word “Visitor” should be large and bold on badges. Badges can also be color-coded to identify types of visitors, show the date, and indicate the department to be visited.

Some nonprofits provide photo ID badges for regular visitors in lieu of a daily pass. Others don’t require badges for daily, uniformed mail delivery personnel.


Requiring staff members to meet and escort visitors provides an added layer of security that can also double as hospitality or customer service. Consider instigating this practice if you serve a vulnerable population, or if it would be easy for a visitor to get lost while navigating your premises.

Train People Who Act as Primary or Backup Receptionist

There’s a world of difference in being greeted with a sign instructing you to log in while the person continues a conversation with a co-worker and being greeted with a smile and asked to please sign our guest book. Educate your staff to smile, greet visitors warmly, request compliance with your policies, exude an air of confidence and professionalism, double check via phone call if a visitor or visit is questionable, and call for backup when they need assistance.

The main purpose of a checkpoint is to protect staff and clients. While being hospitable is essential to the success of every nonprofit, never avoid basic security measures in order to ensure hospitality. Doing so puts your nonprofit – and the people who serve and receive services – at unnecessary risk.