Overview

This guide is for admins configuring Envoy Visitors at aerospace and defense organizations subject to ITAR, EAR, or CMMC 2.0. It assumes you need to demonstrate consistent, audit-defensible visitor records across one or more controlled facilities.

Compliance and operational requirements

Aerospace and defense facilities typically need to screen against denied- and restricted-party lists, document foreign-national access and escort arrangements, capture proof of export-control training and NDA acknowledgment, and produce identical visitor records across all plants. CMMC 2.0 raises the bar for physical access controls at facilities handling controlled unclassified information.

Recommended features and configuration

Gate the front door before visitors arrive

Invite approvals: require a security review on every visitor invitation before it reaches the guest
Disable walk-in visitors: require all guests to pre-register before arriving at your workplace to ensure thorough background checks can be completed

Screen every visitor against restricted-party lists

Visual Compliance integration: real-time check against ITAR/EAR restricted-party databases
Identity Screening: adds OFAC, SDN, sex-offender, and watchlist screening via Checkr Trust
Watch list: internal flagged-individual list for VIPs or persons of concern
Block list for visitors: hard block on banned individuals across all locations

Verify identity and capture proof

ID scanning: government-issued ID validation across 230+ countries, AI-driven authenticity check powered by Veriff
Visitor photos: Capture a photo of every visit

Capture export-control attestations

Legal document signing: configure NDAs and export-control acknowledgments
Visitor assessments: quiz-style training captured at sign-in, available globally

Standardize the experience across sites

Global sign-in flows: push one approved sign-in flow to every location
Visitor types: separate flows for contractors, foreign nationals, escorts, and auditors

Make records audit-ready