Unwelcome correspondence

Postscript

The annual global mail stream consists of over 500bn pieces carried by postal services, licensed postal competitors, daily messenger services and companies like my own that provide on-site mail services within large organisations. Keeping the mail stream secure is a daunting task. But there are measures that can be taken to reduce the risk.

In the UK, MI5 takes the issue seriously enough to offer practical security guidelines against letter bombs (including chemical, biological and radioactive threats) on its official website. Quite how many businesses have taken the trouble to view these guidelines remains unknown. Certainly, the number of organisations that have implemented robust changes to their mail-handling procedures remains small, although momentum in this area is gathering.

Anthrax – the myths and realities

Before the recent letter-bomb campaign, it was the possibility of anthrax attacks that exercised the media. The anthrax issue seems to have taken on a life of its own. There have been no reported cases of an anthrax attack since November, 2001.Yet since then, discovery of ‘suspicious powder’ has caused closure in 20,000 post offices.

One of the persistent myths about anthrax is that it is a powder that can be seen inside an envelope. In fact, the spores filter very easily through the pores in a paper envelope. Once it is in a building, even if the powder is contained in a paper envelope, the building is contaminated.

Happily, plastic is one way to contain anthrax. Pitney Bowes is developing a detection system that uses airtight plastic bags as the first line of defence. Bagging the mail is a safe approach for low-volume recipients of mail. If anthrax is detected inside the sealed bag it is contained and can be disposed of properly. But for high volume users, bagging the mail may not be practical. It may be more practical to 'bag' the mail handlers instead.

At this level, off-site, self-contained negative pressure air rooms can be built to keep the mail quarantined until proven safe.

Addressing the threat

The real threat most businesses face results from the lost productivity and downtime associated with false alarms. How does one calculate the loss to a company if a building with 2000 employees is shut down for 2-3 days due to a false alarm? As with any other anti-terrorist activity, there is no silver bullet solution. A number of different, integrated approaches must be used. By having the right people and processes in place, these disruptions can be minimised.

In fact, the most important factor by far in mailstream security is a well-trained, educated mail handling team. Equipment alone cannot replace aware mail centre staff. Working in conjunction with security personnel, this is the best line of defence against an attack on the mail centre.

Being able to identify the sender of a particular mail piece is an important safety consideration. None of the anthrax-tainted letters that caused such panic in 2001 carried indicia from a postage meter, because the indicia are traceable and trackable to a specific device. Mail centre personnel should be aware of this and should be trained to identify that the mail piece comes from a trusted source.

After employee training, the possible counter measures that organisations can implement to improve mail centre security run from relocating the incoming mail function, to isolating it from other departments, to automating the function to reduce manual handling, to improving the screening of incoming mail and packages through the use of video, x-ray and even specially trained dogs.

Some firms at a higher level of perceived risk are implementing additional safety measures, which include the mandatory use of protective clothing and equipment for personnel, the creation of secure and self-contained work stations for opening mail, and the use of high efficiency vacuums and air filtration systems. In the unlikely event that actual biohazards are present they can be contained in a vacuum-sealed room that can be cleaned at a cost far lower than that of cleaning a building. The mail handlers inside are trained professionals that understand the procedures for remediation and know what steps to take to minimise the threat to themselves and the operation.

Digitisation of the mail is a practice that is also interesting government and big business sites. In response to the 2001 attacks, which shut down the US Congressional postal centre, the House of Representatives piloted a digital mail system, which allows first-class mail to be scanned off site and delivered in electronic form in order to reduce the House's vulnerability through the mail.

Keeping the physical mail off site is an important component in this strategy. The cost of cleaning up an anthrax-contaminated facility is about the same as the cost of tearing it down and rebuilding it completely. Clean up at the two postal service facilities that were infected in 2001 cost over $150m and took two years.

An array of products and technologies are available to help bolster mail centre security. These range from the common, such as metered mail and address management software to help verify the origin and authenticity of individual mail pieces, to the advanced, such as e-mail alerts with attached digital images of unexpected packages or the remote opening and digital delivery of messages, to the premium, which can include measures to isolate and contain biohazards, as well as the use of cleansing or biohazard detection devices.

Every product or technology related to mail centre security may not be appropriate for every organisation. But every organisation needs to strike a balance and take sensible safety precautions. When mail-processing personnel use awareness, common sense, and documented procedures, mail safety and security is achievable. The cost of ignoring the issue can be astronomical.

Richard Thompson is managing director, UK, Pitney Bowes Management Services, www.pitneybowes.co.uk