Every day, hundreds of employees who work at the Navy Yard stream onto the base in their cars or on foot after flashing a badge and swiping it through a scanner. There are no metal detectors, pat-downs or bag searches for staffers.

That’s the case at military facilities nationwide, with commanders struggling in recent years to strike the proper balance between shielding installations from attackers while keeping them accessible to employees and their families.

The rampage Monday at the Navy Yard, which authorities say was carried out by a former Navy reservist who worked as a defense contractor, is certain to renew a decades-old debate over whether the Defense Department is doing enough to protect its personnel from attacks at home, particularly those carried out by lone-wolf assailants.

Suspected gunman Aaron Alexis appears to have entered the base heavily armed but drawing little scrutiny. He was in possession of a valid military identification card, known as a common access card, which allows unfettered access into most facilities, according to his employer, the Experts, a Florida-­based IT consulting firm.

Alexis was working as an hourly technical employee on a large subcontract with Hewlett-Packard to refresh computer systems worldwide at Navy and Marine Corps installations, said Thomas Hoshko, chief executive of the Experts.

In the wake of Monday's shooting at the Washington Navy Yard, The Post's Pentagon Correspondent Ernesto Londoño speaks with us about how the military will need to reassess its security protocols. (The Washington Post)

Discharge from the military does not automatically disqualify a person from getting a job as a defense contractor or a security clearance. “It depends on what the circumstances are,” Hoshko said, adding that he and his co-workers are reeling from the news of the rampage. “Obviously he was well-qualified.”

But Alexis received a general discharge, in part for misconduct after he was arrested on a firearms charge in Texas.

That a gunman could have entered the base so heavily armed without drawing suspicion appeared to bewilder employees at the compound and other witnesses. But if he presented credible identification at a security control point, the suspect could probably have walked in with the weapons hidden on his person or in a bag without raising alarm.

The building where the shooting occurred is among the most secure in the compound, according to people who work at the Navy Yard.

A Navy official said that establishing whether the suspect was eligible for a military card will be a key question for investigators.

“The Navy Yard is very tight. You can’t get anywhere” without a common access card, said J.S. Fordham, 43, a Navy historian who works at the compound.

The Defense Department’s inspector general this year conducted an assessment of the Navy’s procedures for granting access to bases, according to a summary of the audit, which is slated for release in coming days. The summary, posted in the agency’s August newsletter, did not provide details about the findings, but inspector general probes are typically launched in response to a credible report of lapses or wrongdoing. Draft copies of the audit were shared with some congressional offices on Monday just hours after the shooting. A congressional aide who has seen a copy said the audit mentions that at least 52 convicted felons had access to military installations in recent years.

Although the post-Sept. 11, 2001, security enhancements across military posts were drawn up largely to guard against terrorist sleeper cells, violent incidents to date suggest that military personnel or people employed in the defense industry pose a more serious threat.

After an Army psychiatrist killed 13 people and wounded more than 30 during a rampage at Fort Hood, Tex., in November 2009, the Pentagon asked the service commanders to review security protocols and identify vulnerabilities. But experts say that standards and procedures continue to vary widely at the country’s nearly 500 military installations.

“There’s complete lack of uniformity,” said John Pike, director of globalsecurity.org, an Alexandria-based outlet that tracks and studies military infrastructure and national security threats. “The difficult part of the problem in all these things is getting agreement on the threat level.”

On Monday, with many key questions about the latest attack unanswered, lawmakers and defense officials vowed to move swiftly to determine whether new safeguards are needed. Rep. John Carter (R-Tex.), who called for enhanced training for first responders after the shootings at Fort Hood, which is in his district, said there is no foolproof way of keeping military facilities safe from lone gunmen.

“Unfortunately, we don’t live in the sweet world of the 1950s,” he said. “There are a lot of bad people doing a lot of bad things.”

Pentagon spokesman George Little said the Defense Department has taken several steps to “harden our facilities” and train the military to respond swiftly to mass shootings on bases.

“While every DoD installation has its own unique requirements, each military service has established protocols to improve collaboration with federal and local law enforcement to respond to these situations,” Little said in a statement. “In the days and weeks ahead, we will evaluate how those lessons might apply to the incident at the Washington Navy Yard and take additional steps as necessary.”

In January 2010, the Defense Department issued a report, titled “Protecting the Force: Lessons from Fort Hood,” that recommended expanding the use of an FBI-run ­suspicious-incident notification system that enables local and federal law enforcement officials to communicate with defense personnel in real time during emergencies.

The report also called on the Pentagon’s various law enforcement agencies to share data more seamlessly to identify personnel who could pose a threat. It said the department’s “force protection policies are not optimized for countering internal threats,” calling it a “key deficiency.”

The issue resurfaced last fall after four U.S. soldiers stationed at Fort Stewart, Ga., were charged with plotting to assassinate President Obama. Authorities said the men belonged to an anti-
government militia.

In the 1980s, the United States began taking a hard look at security at military facilities, a task that took on greater urgency after the Marine barracks bombing in Beirut in 1983, which killed 299 American and French troops. But access to bases, many of which include residential neighborhoods, schools and commercial districts, remains relatively open.

A House Armed Services subcommittee held a hearing a few months before the Sept. 11, 2001, attacks during which lawmakers said more robust protection at military bases was needed.

“We have a lot to look at and a lot to be concerned about relative to not only our mission capabilities, but also our ability to protect our personnel and our assets here in the United States,” said the head of the panel, then-Rep. H. James Saxton (R-N.J.).

After the Sept. 11 attacks, many military facilities took immediate steps to restrict access to outsiders.

“It used to be that most of these places were wide open and you could just drive up to them,” said Pike, the military security expert. “That was a long time ago. They have gates now. But if it’s a lone wolf, I don’t think there’s much you can do about a lone wolf.”

Carol D. Leonnig and Hamil Harris contributed to this report.