Eric Colwell and Leslie Contreras told commissioners that the county’s physical access-control system uses ID badges that, in some cases, can be spoofed. Contreras said a staff member purchased a small device from an online retailer and was able to spoof a card and open doors, a test that highlighted a security flaw.

Colwell described the proposed upgrade as moving to access-control technology that is not subject to that form of spoofing. Commissioner Nina Payne asked whether lost or stolen badges can be deactivated; IT staff said yes, badges can be canceled in the county’s Velocity system when reported lost or stolen, though Contreras cautioned that not all lost badges are reported.

The physical-access upgrade was lower on IT’s prioritized list and was presented for future capital consideration. No procurement or timeline was decided during the workshop.