One aspect of the invention is a method for restricting access to an enterprise network that includes determining whether a computer that may be connected to an enterprise network on a temporary basis has one or more malicious code items where the computer accompanies a visitor to a facility associated with the enterprise network. An indication is provided to a human if it is determined that the computer has one or more malicious code items.