You terminate an employee at 10:07 a.m. By 10:40, can their badge still open the lobby, elevator, or suite?
In most buildings, “access” lives in many places: turnstiles, elevator banks, office doors, parking, amenities, and visitor systems. When those systems don’t all update together, a request to remove access becomes a string of emails and tickets that can take time.
That time gap is a security gap.
This risk is not theoretical. FBI reporting shows 24 active-shooter incidents occurred in 2024, down from 48 in 2023 and 50 in 2022, with many events happening in commerce or workplace settings. These are specific “active shooter” cases as defined by the FBI, so it doesn't include every type of workplace violence. Beyond the FBI's narrow definition, the Bureau of Labor Statistics counted 458 workplace homicides in 2023 and 463 in 2022. Violence can and does show up at work.
By the Numbers: Workplace Violence in the United States
In 2023, the U.S. recorded 458 workplace homicides—about 1.25 per day or ~9 each week. They made up 8.7% of all work-related deaths.
In 2022, there were 358 U.S. civil aviation deaths (mostly general aviation). In 2023, there were 327, and none involved scheduled airlines. Workplace homicides in 2023 exceeded all U.S. civil aviation deaths.
Law enforcement officers feloniously killed in the line of duty in 2023: 60. Workplace homicides were roughly 7–8× higher.
On-duty firefighter fatalities in 2023: 93. Workplace homicides were about 5× higher.
Lightning kills about 20 Americans per year. Workplace homicides are more than 20x the annual toll.
Why We Care More Than Ever Right Now
Two incidents in just the past 18 months illustrate why the offboarding process is so important:
On November 5, 2024, a former employee entered a back-of-house area at Chicago’s Navy Pier and fatally shot two former colleagues. Days later, he was arrested and charged.
On July 28, 2025, a gunman killed four people in the Midtown Manhattan tower at 345 Park Avenue that houses the NFL’s headquarters before dying by suicide. The building later reopened with increased security.
Although the details differ, both cases pose the same question for tenants and owners: Who can be where, and how quickly can that change?
Research also shows why employers and landlords must work together. In business locations closed to the public, like secured back-of-house offices and warehouses, current or former employees have carried out most of these attacks. Violence that starts at home can also spill into the workplace. Federal guidance recommends prevention programs because attackers sometimes target a partner’s or former partner’s workplace.
It’s rarely one dramatic failure. It’s small, ordinary frictions that add up:
- A tenant revokes a badge in their suite system but has to message building security to remove base-building access.
- An elevator group change waits in a help-desk queue.
- A nightly sync leaves ghost credentials active until tomorrow.
- A visitor system doesn’t talk to the tenant directory, so a blocked person is still “pre-approved” at the front desk.
Each of these delays is minor by itself. But taken together, they leave a door open—literally—at the worst possible time.
From Fragmented Steps to One Action
Cohesion’s Cloud Access Portal closes this door by turning fragmented steps into one action. Cloud Access Portal unifies profile, credential, and clearance data across your existing systems so that building-wide and tenant-level changes propagate in real time. Landlords keep control of the base building. Tenants control their suites. Both act from the same pane of glass with role-based guardrails.
When security removes a person's clearances, the change updates doors, turnstiles, elevators, parking, and amenities together immediatley, and the platform records a tamper-proof audit of what changed and when. This real-time revocation means “Access is revoked. Confirmed,” instead of just, “We sent an email.”
In simple terms, Cohesion's Cloud Access Portal gives you one place to issue and manage cards and mobile credentials, one place to set who can use which doors and elevators, and one switch to turn access off everywhere.
It keeps visitor and tenant information in sync, so a blocked former employee can’t reappear as a “guest,” and the system maintains exportable logs for compliance and post-incident reviews. Because it’s vendor-agnostic, you don’t have to rip and replace your access control hardware to deploy this solution.
Not every threat is employee-to-employer. Sometimes a personal relationship brings risk to the workplace. Employers can enforce least-privilege defaults for guests, time-box access, and rapidly revoke credentials when a protective-order status changes, while building security sees the same unified picture at the front door. The point isn’t to predict the next incident. It’s to remove the routine lag between “we need to remove access” and “access has been removed everywhere.” That lag is the part we can actually control.
Liability & Partitioning
Partitioned control does not shift liability from the building to the tenant. It clarifies who operates which doors. The building retains primary control over base-building credentials and clearances and can still revoke them at any time, independent of tenant actions. Tenants, in turn, manage their own suite access without the ability to grant more privileges than the building allows.
Cloud Access Portal enforces that separation and gives both parties a shared audit trail, so decisions are fast and provable. Practically speaking, most properties don’t currently run background checks when staff manually add tenant personnel. Moving to a unified, partitioned workflow doesn’t create a new screening obligation or transfer liability. It replaces emails and batch updates with real-time control and documentation. In other words, this is an operational shift, not a liability shift. (As always, specific responsibilities are governed by leases, service agreements, and local law, so consult counsel for your situation.)
Changing Regulatory Environment
California was the first state to require a broad, general-industry Workplace Violence Prevention Plan—SB 553 took effect July 1, 2024—and it’s already influencing the rest of the country. Other states are exploring similar measures, and at the federal level, OSHA is advancing a (for now) healthcare-focused standard. In multi-tenant buildings, the legal duty sits with the employee. But, compliance is complicated without the landlord’s cooperation because base-building access, elevator groups, lobby procedures, and visitor systems live on the building side. Tenants should bake this into leases and building rules: shared incident logs, real-time access-revocation SLAs, visitor identity and watchlist checks, and unified audit trails—ideally through a platform like Cloud Access Portal—so employers can actually meet their plan, training, and record-keeping obligations without gaps.
Bottom Line
The bottom line is straightforward. Workplace incidents are rare; the 2024 totals were lower than the prior year. However, the cost of relying on manual emails and overnight syncs is too high.
Buildings and employers both have a role and a responsibility to secure their spaces.
When the workflow to remove an employee is instant and audit-confirmed across systems, you reduce the most fixable vulnerability in modern access control: the time it takes to turn the key.
It's time to close the offboarding gap. With Cohesion’s Cloud Access Portal, access is revoked everywhere, instantly, and auditable.
Learn more about Cloud Access Portal or talk to our team today.
