Kevin Ian Schmidt

Using Social Media in Investigations

|

As every moment of people’s lives—both inconsequential and monumental—have spread onto Facebook, Twitter, Instagram, LinkedIn, SnapChat, TikTok, and other platforms, a record has been created of comings and goings, personal opinions and piques, that can be a trove during investigations.

First off, What is a Social Media Investigation?

A social media investigation looks into the social media posts, status updates, photos, and conversations of an individual. You might require a social media investigation for a court case, custody battle, or as part of a background investigation. This can be used as evidence in court cases to support alibis and provide supplementary evidence, for risk assessment, and for active monitoring.

What you’re searching for will depend on the investigation.

For the average court case, social media can be searched to establish a foundation of character, verify, or disqualify an alibi, and find supporting evidence. This includes looking at the location tags for Facebook, Twitter, and Instagram posts, verifying that the posts were original, and identifying what other individuals associated with the case are involved. For some investigations, like for crimes against minors, alerts and searches can be set up for specific search terms, and it can be discovered what type and age of individuals the person is interacting with.

For a domestic investigation, you might search for photos of your partner that support your suspicions of infidelity, or check the location data on posts on Twitter to verify he or she is where they say they are. Internet messaging, Facebook messages, and Twitter direct messages can also indicate whether or not the individual is staying faithful.

A custody case can involve looking at photos posted across platforms to identify who the individual is associating with. Twitter posts could indicate whether the individual is suited and trustworthy for retaining custody, and a Tumblr investigation can reveal the individual’s priorities, thoughts, and intentions.

Any case involving possible drug use can mean searching for photographs and posts across platforms that would indicate potential drug use, as well as a search for Tumblr posts of images or comments, reblogs, that support drug use. This type of investigation includes searching and setting up alerts for specific terms relating to drug use. In some cases, a sting can be set up to see if, through internet messaging services, the individual is dealing or affiliated with a dealer.

Check Out: 5 Myths about Employee Theft

 

When it comes to mining social media for potential evidence, content can broadly be divided into two categories:

  • Incriminating content that subjects inadvertently upload themselves: People are so used to sharing their activities on social media, that they’ll occasionally share something that incriminates them, or contradicts their legal claim, without thinking. For example, an insurance fraudster who claimed that a vehicle accident had left her severely debilitated was outed when investigators found photos of her snowboarding and scuba-diving on her social media accounts.
  • Incriminating content uploaded by third parties: Just because someone isn’t very active on social media—or their privacy settings don’t allow outsiders to see much on their accounts—doesn’t mean that you can’t use social media to find useful evidence. In the case of a major car crash, for instance, it’s very possible that a bystander uploaded footage of the accident to Twitter, Facebook, or YouTube. One great example is a 2015  case, during which a man claimed that he’d wrecked his $60,000 Corvette while driving on the Interstate. Unfortunately for him, investigators found YouTube footage of the sportscar being crashed into a barrier during a drag-racing event.

 

So, now we have talked about WHAT a social media investigation consists of, let’s talk about if you SHOULD or CAN do a social media investigation.

Social media postings may also constitute evidence or provide leads to potential witnesses. For example, many of the far-right agitators behind the 2017 Unite the Right rally in Charlottesville, Virginia openly coordinated their mayhem online. A number of their posts appear in the complaint against them and will likely be entered into evidence at trial.

Social Media Investigation Findings as Evidence

Wall posts, status updates, photos, check-ins and tweets have all been used as evidence in workplace investigations. In the Zimmerman v. Weis Markets Inc. case, Zimmerman was an employee of a subcontractor of Weis Markets and was seeking damages for an injury that occurred at work. Zimmerman claimed that an accident seriously and permanently impaired his health.  Weis Markets reviewed the public portions of Zimmerman’s Facebook and MySpace pages, and felt that there might be some additional information to refute the damage claims in the private sections of his profile.

On the public portions of his profile, the company found photos of Zimmerman engaging in some of his favorite activities after the accident took place at work. They knew the photos were from after the accident because his scar from the accident was visible in the pictures.

The court decided that Zimmerman had to hand over his passwords and login information to the counsel for Weis Markets so that they could access the private sections of his Facebook and MySpace accounts. The opinion released by the court said:

Zimmerman voluntarily posted all of the pictures and information on his Facebook and MySpace sites to share with other users of these social network sites, and he cannot now claim he possesses any reasonable expectation of privacy to prevent Weis Markets from access to such information.

Below are a few key cases involving social media as evidence.

  • State v. Eleck
  • Rene v. State
  • Bland v. Roberts
  • Thompson v. Autoliv Asp, Inc.
  • Richards v. Hertz
  • State v. Tienda
  • Tompkins v. Detroit Metropolitan Airport

 

One of the biggest hurdles to social media becoming a staple in the courtroom has been provability. Most courts require metadata and MD5 hash values for evidentiary validation and to establish chain of custody, applying Rule 901(b)(4) of the U.S. Federal Rule of Evidence (see Lorraine v. Markel American Insurance Company or State v. Tienda).

Metadata –

Metadata can be a laundry list of items, including unified resource identifier, item type, parent item, thread id, recipients, created time, updated time, link, comments, and picture url, to name a few.

MD5 Hash Value –

MD5 hash value is a one-way cryptographic hash function that is used to verify data integrity. It is a 32 character hexadecimal string of numbers and letters that has a 1.7 undecillion (that’s 36 zeros) chance of being replicated . In layman terms, the chances of the MD5 hash being replicated are about the same as someone winning the powerball 32 times in a row.

Courts have rejected simple printouts of social media posts, citing inadequate authentication (see State of Connecticut v. Eleck). As an extension of provability through MD5 hash values and metadata, we can also provide expert testimony to validate evidence.

 

What Employers Need to Consider

You won’t always be granted permission to obtain login information and passwords from an employee under investigation. Be aware of the Patterson v. Turner Construction Company to remind employers that their requests must be “made in the right kind of case, at the right stage of the case, and have the right scope.”

Employers also have to be careful about how they access information posted on an employee’s social media profile. Attorneys and investigators cannot misrepresent who they are in order to get access to join their opposition’s private social media network. For example, you cannot create an account under an alias, “friend” the employee under investigation and then expect to use that information to support your case – the evidence won’t be admissible.

Principle: an investigator is almost always prohibited from using misrepresentation or dissemblance to obtain information, and it is evident that this injunction applies to social media investigations. In New York, as in most states, conduct involving dishonesty, fraud, deceit, or misrepresentation is prohibited under NY Rules of Professional Conduct, Rule 8.4 (c). Further, it is axiomatic that lawyers may not violate the rights of third parties when obtaining evidence. Most jurisdictions have adopted ABA Model Rule 8.4(a), stating that an investigator’s unethical acts may be imputed to the attorney. Even in states that have not explicitly adopted it, there is “substantial case law that supports the proposition that the duty of an attorney. . . not to deceive extends beyond the courtroom.”

Bar associations have also addressed the question of how investigators may contact people on social media. The New York City Bar Association says investigators may contact unrepresented parties without violating ethical rules provided that there are no overt misrepresentations. The San Diego County Bar Association takes a stricter view, requiring that even where contact or “friending” may be otherwise proper, an attorney should not make contact with an individual without disclosing that she is an attorney and the purpose of the contact. When investigating in different jurisdictions—and keeping in mind that most social media companies are headquartered in California—it is wise to adopt the more restrictive guidance.

Advice for Using Social Media During a Fraud Investigation

Of course, near-constant content creation has a major downside: because of the sheer amount of social media content out there, finding that crucial piece of evidence isn’t always easy. For this reason, social media investigation has become its own specialized field, and in order to use it effectively, you have to be systematic in your approach.

With that in mind, here are five tactics to use when collecting social media content as evidence during a fraud investigation:

  • Consider all the platforms: When it comes to looking for online evidence, Facebook and Instagram tend to be the most useful platforms, but there are many others worth considering. In fact, there are around 200 widely-used social media sites at the moment, so if you’re limiting your investigation to the top two, or three, you could be missing out on crucial evidence. Just consider the December 2019 case, during which a claim of serious physical injury was proved false with posts of a 10-mile run and a 20-mile bike ride on the fitness-oriented social media platform Strava.
  • Use tools to find online profiles: A simple Google search remains a good way of finding a particular individual’s online profiles, but other excellent tools also exist. Search tools like Pipl, Peoplefinders, PeekYou, and Classmates can all be used to identify social media profiles. If you have an image and would like to see where it appears online, TinEye is another great tool.
  • Always obtain evidence ethically and legally: It’s important to stay on the right side of the law. While law enforcement might sometimes be able to create fake social media profiles to investigate suspects, law firms and fraud investigators don’t have that same freedom. And even API tools that were once very useful for collecting social media evidence are now creating severe preservation challenges thanks to privacy concerns. So, when collecting social media evidence, focus only on content that you can view and capture legally—and use a browser-based evidence tool to collect it.          
  • Consider someone’s social connections: While an individual being investigated might be clever enough to utilize strict social media privacy settings and refrain from posting incriminating content, they probably won’t be able to keep all their activities hidden. As mentioned earlier, a bystander might upload an incriminating video to YouTube. Similarly, someone’s friends, family, roommates, team mates, or colleagues might also post useful images and information. Because of this, it’s worth exploring the accounts of people in an individual’s social circle, as well as any pages belonging to an employer, association, sports team, etc.
  • Make sure evidence is defensible: Collecting incriminating evidence is only half the battle—legal teams also need to be able to convince other parties of the information’s authenticity. While taking a simple screenshot might seem like a quick and easy way of collecting evidence, it’s all too easy for the person under investigation (or their legal

Five Tips for Effective Social Media Investigation

  1.  Google And Bing Are Your Friends

Never underestimate the power of your favorite search engine. Many people don’t realize how much information is available about almost everyone via the internet. Simply searching your subjects name might uncover surprising results.

Another easy search engine technique is reverse image search. Sometimes an image search reveals social media accounts, online dating profiles, employers, personal blogs, and a wealth of other resources. Use critical thinking when evaluating the results as some phishers, scammers, and catfishers steal people’s pictures to use to build false profiles.

  1. Look Your Subject Up On Social Media

Social media offers hints to a subject’s location, lifestyle, and interests. According to Pew Research, 48% of social media users report finding each channels privacy settings difficult or confusing. As a result, many leave some or all of their information public. A public social media profile is one of the first visits for any investigator.

Even when the subject uses privacy settings, there may still be publicly posted information on major channels like Facebook and Instagram. Facebook’s graph search may uncover unexpected gems as many people allow the public to see photographs they are tagged in. Insurance investigators, divorce attorneys, potential employers, and debt collectors have all uncovered valuable information and evidence of a subject’s lifestyle and character simply through casual, candid photographs posted on Facebook, Snapchat, or Instagram.

Savvy investigators also look at less personal social media accounts such as Pinterest. Even though users are less likely to post telling, personal details, these channels can indicate location and interests.

Check Out: External Theft – Shoplifting
  1. Look at Your Subject’s Friends’ Accounts

Many people allow friends of their friends to see even private details. Also, sometimes friends with public profiles may comment on photographs, location check-ins, or status updates from friends with private accounts.

A recent study uncovered that nearly 50% of all social media users accept friend requests from strangers. Be aware that many social networks forbid false profiles.

  1. Take Screenshots To Preserve The Evidence

Since social media posts are ephemeral, your subject may remove embarrassing or incriminating content. Savvy investigators keep a record of these posts including a screenshot. Be sure to track important details about the posts you uncover and find a way to preserve and archive any valuable information.

  1. Try Social Listening Tools

Social listening tools help businesses with marketing and customer service purposes. Some of these same social listening tools have investigative applications. It would be prohibitively time-consuming to constantly search Google, Bing, and each social network for new updates on your subject. However, you can automate some of this using social listening tools.

 

 

As investigators, we spend a great deal of time on these platforms reviewing information posted by and about the subjects of our investigations. Modern social media platforms can be a tremendously useful resource. The reason for this is simple: a lot of us are active on social media these days—and we tend to share more than less. At the end of Q1 2020, Facebook reported 1.73 billion daily active users and 2.6 billion monthly active users, with around half of all social media site visits in the United States going to Facebook. Add Instagram’s 500-million daily active users—not to mention the 500 hours of video uploaded to YouTube every minute!—and you’re left with a lot of potential digital evidence.

Overview of the PEACE Method: investigative Interviews

|

The PEACE Method of investigative interviews is best suited for detailed employee investigations, and you need a strict understanding of the processes involved, so you can execute it properly. I am writing to provide you with a detailed overview of the PEACE Method, so you can decide if you are interested in trying it for your company. If you want to learn more, contact me and we can set up a consultation.

 

  1. The role of investigative interviewing

eye metricsThe gathering of information from a well-prepared victim or witness interview will contribute significantly to any investigation. An effective interview of a suspect will commit them to an account of events that may include an admission or may provide information leading to further witnesses of benefit to an investigation. Conversely, failure to professionally undertake interviews can have adverse consequences in terms of failure to adhere to legislation, loss of critical material, lack of credibility and loss of confidence. For this reason our Investigators adopt the PEACE framework detailed below.

  1. Principles of investigative interviewing
  2. The aim of investigative interviewing is to obtain accurate and reliable accounts from
    victims, witnesses or suspects about matters under investigation.
    ii. Investigators must act fairly when questioning victims, witnesses or suspects.
    Vulnerable people must be treated with particular consideration at all times.
    iii. Investigative interviewing should be approached with an investigative mindset.
    Accounts obtained from the person who is being interviewed should always be tested
    against what the interviewer already knows or what can reasonably be established.
    iv. When conducting an interview, investigators are free to ask a wide range of questions
    in order to obtain material which may assist an investigation.
    v. Investigators should recognize the positive impact of fairly and considerably conducted interview
    vi. Investigators are not bound to accept the first answer given. Questioning is not unfair
    merely because it is persistent.
  3. The PEACE Interview Framework

There are five phases to the PEACE framework:

Planning and Preparation
This includes what to consider when planning for an interview
Engage and Explain
This describes how to cope with the special features of getting an interview started and establishing the ground rules
Account
This deals with the central issue of obtaining the interviewee’s account, clarifying this and, where necessary, challenging it
Closure
This describes the considerations before closing an interview
Evaluation
This consists of asking questions about what was achieved during the interview and how it fits into the whole investigation. Evaluation also includes the development of an interviewer’s skill level, through assessment (self, peer and manager) and feedback

P – Planning and Preparation

Planning involves the thought processes in getting ready to interview; and Preparation involves getting the location, the environment and the administration ready. The planning process involves gathering information so as to allow the interviewer to remain in control of the interview, to ensure that it goes in the right direction and that sufficient time is available . The maxim – “Proper preparation prevents poor performance” or other colloquial versions are very relevant. In addition, the interviewer should understand the purpose of the interview, the previous background circumstances, and have a profile of the interviewee. Not every interview is well planned but the more significant the issue, the more likely time nay be invested in preparation. Preparation may involve simply defining the purpose of the interview but it can also involve the set up of the interview space. An assessment of available prior knowledge might also be carried out in advance in order to understand what information is required. Understanding what is required may go some way towards understanding how it can be obtained. The mechanics of the interview space may involve seating, logistics and venue, however they will also involve making any exhibits, if relevant, available for examination during questioning, Good interviewers are investigative whereas poor investigators are merely interviewers. Unless preparation takes place an interviewer may overlook important evidence or miss inconsistencies in the interview information. Unnecessary breaks may then be taken in order to ratify forthcoming information

E – Engage and Explain

The opening phase of an interview can be crucial to the interviewer’s success. If the interviewer can engage the interviewee for a few minutes, this can then “warm up” the interviewee and assist that person to engage with the interviewer in a relaxed relationship which may then be continued throughout the interview. Engaging the interviewee is sometimes described as the Rapport stage of the interview. Courtesy, politeness, and understanding cost nothing to the interviewer but can make all the difference between his/her success and failure as an interviewer. Successful interviewers may take time to find out what motivates the interviewees. Once these drivers are understood then it may be possible to take steps to use them. In addition, the formalities of the interview may need explanation. The tape recording, and other procedures, once understood, can help the interviewee to empathize with the interviewer. If this happens then the interviewer will have much greater success. The format of the interview may then be explained – in order to demystify the process and to give the interviewee the impression that he is not going to be tricked. This sense of security may later be challenged by an interviewer who wishes to ask supplementary questions, or to clarify an earlier account

The interviewee may be asked to comment on matters which have not already been described in the interview or to repeat an earlier explanation in their own words. The interviewer is likely to use the interviewee’s words and repeat them back to him where he or she is checking for a correct interpretation Frequently interviewers will take a great deal of time and put themselves out in order to show consideration for the interviewee. Frequently the interviewee will be asked if he wants a drink or to use the toilet or how he or she wants to be addressed in the interview. Successful interviewers often ask whether there are any time restraints on the interviewee as these concerns may be used to increase the interviewee’s tension later on

The Interviewer will set the scene by saying that the interview is very important and that everything the interviewee says is important. As a result they should not leave anything out, even if they believe it is of no relevance. The interviewee may even be given the impression that they will have to work hard because they have all the information. This creates the impression that there is something that the interviewee needs to say to the interviewer.

At any stage of the interview, in order to ensure fairness, the interviewee may be encouraged to ask a question of the interviewer if there is something which they do not understand, if there is something they do not know or if they do not understand the interviewer

It is unlikely that an interviewee will be encouraged to ask a question for clarification where there is more than one possible meaning for a question, or ask the interviewer to explain something which was inappropriate or leading or to say that they do not feel that it is appropriate for them to answer a question, or refuse to speculate or give their opinion as to hypothetical circumstances

Once this engagement stage has passed, the witness will be asked to give his account. The interviewer may then ask questions to clarify the account or to interrupt where additional information is required

The interviewer may also use the engagement stage as training for later in the interview. The interviewer will be establishing their control and getting the interviewee ready for the next stage of the interview. The interviewee will be encouraged to answer simpler questions (with yes or no answers) and the interviewer will be assessing the interviewee’s language and communication
abilities

A – Account

At this stage an interviewer obtains the interviewee’s full account of events. The three main steps are:

  • obtaining the interviewee’s account of events
  • Expanding and clarifying that account
  • Challenging the interviewee’s account with information from other interviewees (if helpful)

Good questioning and listening skills are required to produce an accurate and reliable account. During the Account process an interviewee may change from being cooperative to un-cooperative so it is important for the interviewer to be fully alert during the interview. The interviewer should be able to detect changes in the interviewee’s language and behavior. For cooperative interviewees such as victims and witnesses, the interviewer may use additional techniques of free recall to begin with and perhaps move on to cognitive interviewing for more advanced interviews. For uncooperative interviewees the interviewer will normally rely on conversation management as a technique. Interviewers are recommended to ask all their relevant questions – even in the face of a ‘No comment’ response. This is so as not to leave any gaps that the interviewee (or their organization) might later seek to fill in as part of a defense. After allowing the interviewee to begin to give their account of the facts, the interviewee may use questioning techniques such as summarizing, empathizing, repeating questions, leading questions, accusing questions, varying the questions to ask about the same circumstances, varying the interviewee’s previous responses to suggest that they have already said something or encouraging different ways or repeated attempts to recall the same or related facts

The interviewer may need to clarify or challenge the interviewee’s account. This could be because the interviewer is unclear about something the interviewee has said, or because the information is inconsistent with other known information. This “Challenge Phase” of the Account may include challenges to inconsistencies in the Account or it may also include pre-planned challenges. Information may be held back in order to test what the person might say in the absence of certain key facts.

 

C – Closure

The Closure stage should ensure there is an understanding on the part of the interviewee as to what has happened during the interview and ensure that the interviewee is certain that the information they have given is accurate in all material respects or that any grey areas have been sufficiently highlighted. The interviewer should confirm that all aspects of the Account have been covered, allowing the interviewee to give any additional information which they think may be relevant and are willing to provide and allow them to be able to give further information in future. It is important to explain what will happen in the next phase of the interview process

A positive close to the interview may mean an interviewee is able to give any new and relevant information in the future, either through recall or as new information comes to light. The closure may also assist in facilitating future interviews with other interviewees.

E – Evaluation

This stage concludes the PEACE interview but not necessarily the interviewing process. The interviewer will, in this section of the interview, often suggest a short break for them to re-review their notes to see if the aims and objectives for the interview have been achieved. In addition, the interviewer will also review the investigation in the light of information obtained during the interview and may reflect upon how well he or she conducted the interview

 

When conducting an investigative interview, you also need to be aware of the non-verbal indicators.

Understanding the PEACE Method is an important part of an investigative interview, but know the Factors to consider in an investigative interview is equally important in being successful when using the PEACE Method.

 

I have gone ahead and made a simple flyer for you, so you can share the PEACE method on your blog, to help your readers.

Simple Solutions to Reduce Workplace Accidents

|

workplace accidentsIn the office, equipment cables and wires can become a trip-and-fall hazard – and an expensive workers’ compensation case. Poised and ready to trip all who pass, office cables and wires are far more than an unsightly nuisance. Slips, trips and falls constitute the majority of general industry accidents. In the United States, they cause 15 percent of all work-related deaths and are second only to motor vehicles as a cause of fatalities, according OSHA.
In a home office environment, small children and common household animals like cats, dogs, rabbits and ferrets often see equipment wires as play things – all too often as chew toys. Clearly such a circumstance puts the child or pet at great risk, with electric shock and strangulation at the top of the list.

  • Cable Control on the Cheap: For just a few dollars, computer cables can be easily shielded with a split wire loom, a flexible and durable polyethylene corrugated tube with a split down the side where you enter your multi-cable bundle. If you have to add another wire later on, you can easily slip it into the split wire loom along with the others without removing the entire bundle.
  • Achieve Lift-Off: Cables, power adapters, power strips, hubs, modems and other small devices can be readily lifted off the floor and put safely out of harm’s way with cable management products that loop, tie and hang “cable clutter” off the floor to reduce work space risks including snags, trips and liquid spills.
Check Out: Ignoring Workplace Safety
  • Wire Fire Can Be Dire: With a glut of equipment, wiring and electrical outlets conducting heat, often over long periods of time and in compact spaces, fire safety is an important workspace consideration. In addition to the standard fire extinguisher, other fire safety measures also should be employed. Flame spread is one vital safety consideration that easily can be addressed. Flame-retardant wire sleeving that does not support combustion can significantly reduce office fire hazards. You also can establish an effective insulating barrier to prevent the spread of fire and smoke through structural gaps and voids with fire-rated expanding polyurethane foams – a cost-effective way to establish an insulating seal on concrete, brick, wood, metal, aluminum and steel.
  • An Important Mat-ter: Use traction floor mats in high-traffic and extended-use areas, particularly those prone to moisture or spills. Be sure to use a floor mat with beveled edges to eliminate trip risk. Mats with sponge bases will enhance ergonomic safety for employees who must stand for longer periods of time.
  • Surface Raceways: Home office wires that run across the floor to a distant outlet are among the most dangerous office situations, with a high risk of injuries or damaged equipment. Fortunately, surface raceways are a readily available and easy way to organize and protect electrical cords that run along the floor or on the wall. These “cable channels” are made of tough PVC and can be painted to match office décor.
Check Out: Mistakes in Managing Safety
  • Cord Protectors: These wire cover systems are another great way to keep from tripping on loose cables and cords running across a walkway or behind your desk. Cord protectors cover, hide and protect cords and cables while keeping floors clear and safe. They also lie flat, and stay flat, and are easy to install.
    Heavy Metal: Whether you want greater protection for your wires from children, animals, rodents or pests, or have a need to protect outdoor fiber optics, RG-6 coaxial cable or Category 5E cables from wildlife or the elements, metal braided sleeving, made from tin-coated copper, is both flexible and strong, and also offers electromagnetic interference (EMI) protection.
  • Take the Edge Off: Wrap anything with a sharp edge such as broken/cracked glass, brittle plastic casings or other materials that may break and produce a sharp or rough edge in corrugated cardboard and secure with a heavy-duty duct tape to protect yourself and others from accidental lacerations. This is especially important before placing such items in a trash container.

Clear Communication Tips

|

security guardsWhen an officer receives a message, does he (she) take the time to “play back” the information to the caller, or simply answer with “Yeah, I got that” and then forget it? Are there pink message pads or a computer log screen available that have the blank spaces for “caller”, “time”, “date”, “number”, “note”, and “operator”? And, after the call is completed, does the officer make an attempt to follow through by locating the recipient, or simply toss the message into the “in box” near the console?

How about the famous “Oh, he knows who it is” or “No, I don’t want to leave a number-it’s unlisted!” These can frustrate the officer who attempts to complete the call. Add to this the wife or child calling with the tenth domestic emergency of the night- “Ask Jim to call me right away-my son smeared peanut butter in our VCR”. Now complete the daily routine with eight “Isn’t this Mario’s Pizza?” and you can see how the routine task of telephone message handling can become a frustration. (Remember-remain professional and approach each call in the same manner.)

Check Out: Incident Report Writing Guide

Radio messages are another challenge. Portable radios, even with speaker microphones attached, have to compete with noise from passing cars, screaming kids, and whatever else is happening while the officer is copying a transmission from base. Does the dispatcher take the time to phonetically spell out names and addresses? (“That’s R-Romeo-U-Uniform-N-November”). When numbers are used, are they run together or is a pause taken such as “044 ** 46 ** 6699”? And-the most frustrating cause of lost information- do you wait a few seconds before broadcasting or grab the mic and start talking right away? (A radio system needs time to “breathe” between transmissions, or else the beginning of each message will be cut out!)

SecurityManagerWhen speaking on the phone or radio, or taking a message, the officer should try to project a positive image. This helps the company, the supervisor, and the security staff to “satisfy the public”. Avoid prejudging a caller, or editing information based on your own emotions or experience. I have personally witnessed alarm accounts rescued from cancellation by prompt delivery of an irate client’s message to management. If you use pink pads, computer logs, or the well-known “officer’s notebook” in the field, taking down the correct information and relaying that data to the proper individual is a vital part of your duties in security or alarm dispatching.

A final note- in the communications office, the Dictaphone recorder will allow the officer to play back a conversation to make sure that all pertinent information was obtained. In the field, the patrol officer does not have that luxury, and so asking base to “repeat the last message” or “Did you say A as in Alpha or J as in Juliet?” is recommended to complete the call. If there are noise or interference problems, ask the dispatcher to relay the message by telephone.

Clear communication skills will allow others to easily get relayed information for safety and security of all involved.

Conducting a DIY Security Audit

|

No business is totally immune from the threat of crime but a little prior planning and a few common sense precautions are all that is necessary to deter most criminals.

Use this test to conduct a survey of your business. Each “NO” answer indicates a weakness that could help a criminal. As you eliminate the “NO” answers, you improve your level of protection and reduce your risk of becoming a victim. Go through the list carefully and systematically. You will also want to look at the business during the night and on weekends. Those are times when you may be most vulnerable.

Remember, this checklist points out your weak areas. You are not fully protected until each of them is corrected. Of course complying with these suggestions won’t guarantee that your business will never be the target of crime but it will improve odds in your favor.

This test is limited mainly to the physical security of your business. There are many other areas which also deserve your attention. A well rounded loss prevention program will also address internal security, customer theft, fraud, safety and fire prevention and emergency preparedness.

Physical Security Checklist

Building Exterior

  1. Are all vulnerable points adequately lighted?security audit
  2. Is shrubbery trimmed to provide for good visibility at all vulnerable points
  3. Is all access to the roof eliminated or secured?
  4. Have weeds and trash near your building been cleared away?
  5. If a fence would improve your protection, do you have one?
  6. Is your fence high enough and/or protected with barbed wire or tape?
  7. Is your fence in good repair?
  8. Are gates in good repair and locked properly?
  9. Have you protected solid block walls and wooden fences that someone could climb and/or hide behind?

Doors

  1. Have you secured all unused doors?
  2. Is glass in back doors and concealed or secluded locations protected by bars or heavy screen?
  3. Are all doors designed so that the lock release cannot be reached by breaking out glass or light-weight panels?
  4. Do exposed hinges have non-removable pins?
  5. Is a good quality deadbolt lock used whenever possible?
  6. Is the lock designed or the door frame constructed so that the door cannot be forced open by spreading the frame?
  7. Is the bolt protected so that it cannot be cut?
  8. Is the outside lock cylinder protected from twisting or prying?
  9. Is the lock a cylinder type with at least a five pin tumbler?
  10. Are keys issued only to persons who actually need them?
  11. Are doors with panic hardware properly secured after hours?
  12. Are padlocks locked in place when the door is unlocked?
  13. Are hasps made of hardened steel with non-removable screws?

Windows

  1. Are accessible windows protected by heavy screen or bars?
  2. Are unused windows permanently sealed?
  3. Are bars and screens securely mounted?
  4. Are window locks designed or located so they cannot be defeated by merely breaking out the glass?
  5. Is burglary resistant glazing used whenever possible?
  6. Is valuable property removed from unprotected windows after hours?

Other Openings

  1. Have skylights been protected by bars or polycarbonate glazing?
  2. Are roof hatches securely locked?
  3. Are ventilator shafts, air conditioning ducts and fan openings adequately protected with bars or wire mesh?
  4. Do you check panic hardware regularly to insure that it is properly closed and in good working order?
  5. If there are common attics, has some provision been made to prevent access through them?

Safes

  1. Is safe designed for both burglary and fire protection?
  2. If safe weighs less than 750 pounds is it secured in place and are wheels removed?
  3. Is safe well lit and visible from outside, especially after hours?
  4. Is cash on hand kept to a minimum by banking regularly?
  5. Do you spin the dial when you lock the safe?
  6. Is the combination changed when personnel possessing it terminate?
  7. Is the cash register left empty and open after hours?

Alarms

  1. Do you have an alarm system?
  2. Does your system meet Underwriters Laboratory standards?
  3. Is your system tested daily?
  4. Does it report to a central station?
  5. Does it have a back-up power supply for power failures?
  6. Is your system free from false alarms?
  7. Do you or a designated employee respond to every alarm and check it out?
  8. Is the system designed to fully protect all vulnerable areas?
  9. Does your system include fire protection?

Other Considerations

  1. Do you lock up carefully at night, making sure that the safe is locked, doors and windows are secure, lights are on and the alarm is set and working?
  2. Have you recorded the serial numbers of all valuable merchandise, tools and office equipment?
  3. Do you maintain a good inventory control program?
  4. Do you guard against internal theft by having a written security policy and an audit system to maintain employee account ability?
  5. Do you carry sufficient insurance coverage?
  6. Do you have an effective background investigation program for screening new employees and promotional candidates?
  7. If your local police department has a helicopter or other aircraft, are your street numbers painted conspicuously on the roof of the business?

Office Security

  1. Do you restrict office keys to those who actually need them?
  2. Do you keep complete, up-to-date records of the disposition of all office keys?
  3. Do you have adequate procedures for collecting keys from terminated employees?
  4. Do you secure all typewriters, calculators, computers, etc. with some type of locking device?
  5. Do you prohibit duplication of office keys except for those which are specifically ordered by you in writing?
  6. Do you require that all office keys be marked “Do not duplicate” to prevent legitimate locksmiths from making copies without your knowledge?
  7. Have you established a policy that keys will not be left unguarded on desks or cabinets – and do you enforce the policy?
  8. Do you require that filing cabinet keys be removed from locks and placed in a secure location when not actually in use?
  9. Do you have procedures to prevent unauthorized persons from reporting a “lost key” and getting a “replacement”?
  10. Do you routinely obliterate code numbers on all keys to prevent unauthorized duplication?
  11. Do you have a responsible person in charge of your key control program?
  12. Are all keys systematically stored in a secure wall cabinet of either your own design or from a commercial key control system?
  13. Do you keep a record showing issuance and return of every key, including name of person, date and time?
  14. Do you use telephone locks to prevent unauthorized use of phones when the office is unattended?
  15. Do you provide secure areas for employees to store their personal property?
  16. Do you have at least one filing cabinet secured with an auxiliary locking bar so that you can properly secure sensitive documents?
  17. Do you leave lights on at night?
  18. Do you record all equipment serial numbers and file them in a safe place?
  19. Do you shred sensitive documents before discarding them?
  20. Do you lock briefcases and bags containing important material in a safe place when not actually in use?
  21. Do you insist on proper identification from all vendors and repair persons who come into your office?
  22. Do you make regular bank deposits and avoid keeping large sums of money in the office overnight?
  23. Do you clear desks of important papers every night?
  24. Do you frequently change the combination to your safe?
  25. When employees work alone at night do they set the door lock to prevent anyone from entering uninvited?
  26. Are emergency phone numbers posted near all phones?
  27. Is computer access restricted to authorized personnel and are access telephone numbers kept confidential?
  28. Are all doors leading to the office protected by heavy duty, double cylinder deadbolt locks?
  29. Are all windows, transoms and ventilators properly protected?
  30. Is there a closing routine established to make sure that everything is properly secured prior to leaving?
  31. If the office is protected by an alarm system, does the equipment work properly and is it set every night?
  32. If you employ a guards, do you check their watch clock tape or dial each morning to be certain that they are doing their job properly?
  33. Do you periodically review your security policies and procedures and update them where necessary?
  34. Are computer files routinely backed up and backup files stored in a secure off-site location?

Policies, Procedures & Training

  1. Do you have a Workplace Violence Prevention Policy?
  2. Do you have a Crisis Media Management Policy?
  3. Do you have a Disaster Preparedness Plan?
  4. Do you have a Workplace Harassment Policy?
  5. Do you provide on-going training to employees at all levels of the organization regarding these policies?

Obviously, completing this checklist won’t solve all your security problems. It will however, give you a good idea of the level of security that now have. With that knowledge, you can begin to develop a security program that provides the type of individualized protection your particular business requires.

If after completing this survey you find that the security of your business is poor or if you have any questions regarding security procedures and equipment, contact me.

Remember too, this test covers only a small part of a complete business security program. Your business isn’t fully protected until you have taken steps to improve the security of every aspect your business.

After a Security Audit, it is also a good time to check out your security policies, and my post, the 7 Security Policies you need, is a great starting point.

Risk Assessment Guidelines

|

risk assessment

Purpose of Risk Assessment Guidelines

Most Corporate Risk and Security requires all locations to implement the baseline physical security controls described in the physical security standards. These controls are considered the minimum standards for the majority of locations. However, as a result of political, environmental or other local issues additional controls may be necessary. An analysis must be completed for each location to determine what additional risk exists and what additional controls are required.

Scope

Corporate Risk and Security will conduct a risk assessment of each location every three years or less if necessary.

Definitions

Risk Assessment: the risk assessment is a process, which identifies and quantifies the real risks and key business factors associated in operating a business location. The process is based upon a survey which facilitates the gathering of data specific to the following: environmental factors, business factors, site location and design, municipal resources, crime and demographic factors, business risk profile factors.

Environmental factors: weather, geological activity, political, chemical.

Business factors: value of operation, proprietary information, key assets (including manufacturing processes) duplicated/non-duplicated activity, level of staff, impact to total corporation.

Site Location and Design: physical attributes, fire suppression, public accessibility, access points and natural hazards.

Municipal Resources: public utilities police and fire resources and response, medical resources, bomb procedures, disaster assistance.

Business Risk Profile: crime history and demographics, population analysis, historical crime survey and possible trends.

Check Out: How to Complete a Risk assessment

Requirements

Risk Analysis Process:

 

  1. Evaluate the risk exposures and determine the corresponding risk category that must be applied to that location, if any, in reference to the Corporate Profile.
  2. The evaluation for the location must be done and approved by the Corporate Director of Risk and Security.
  3. Both a vulnerability and exposure matrix will be used for three distinct categories: (1) natural disasters; (2) man-made incidents; and (3) incidents.
Check Out: Understanding of Real Risk

Responsibilities

Risk Quantification will be conducted by Corporate Risk and Security who will utilize four categories for quantifying risks in reference to the Corporate Profile:

Category 1 (Extreme Risk):

Civil and other war situations wherein the central government does not control significant geographical areas, which are in the partial control of insurgent forces, or where government control is immediately threatened. Also, nations or cities undergoing violent transformation through a military coup or revolution. A major environmental hazard has been determined to be uncontrollable and would cause serious harm, i.e., volcano. Travel and/or event movement are discouraged.

Category 2 (High Risk):

Locations where terrorist or guerrilla groups pose a serious threat to a nation’s political and/or economic stability; a country or city faced with widespread street violence resulting from political dissension or economic unrest. Also, countries or cities with known potential for military coup/militia groups or evidence of prejudicial treatment against foreign/nationality interests. Only essential travel would be recommended. Any location where company has been the target of terrorists around the world. Additional measures should be set forth to mitigate the threat of bombings, bomb threat searches, and reduce any real event risks to personnel and property. An environmental hazard has been determined to be uncontrollable and would cause harm if incident occurs. Stringent security precautions and travel awareness is warranted.

Category 3 (Moderate Risk):

Locations where political or economic turmoil is evident and/or terrorist/guerilla groups are regularly active but have not become strong enough to threaten government stability. Also, nations or cities involved in potentially violent regional disputes or with high rates of crime. The threat of violence in the work place is high. Non-US locations where the risk exists or is emerging where economic crime, underground/street gang/mob influence is prevalent. The measures designed to prevent or mitigate violence are on property must be implemented in all US locations wherever the risk exists worldwide. An environmental hazard is possible due to location and trend of natural disaster paths, i.e., cyclone paths, tornado alleys, earthquake epic centers, etc. Upgraded security precautions are warranted for travel or investment if disaster mitigation methods are required.

Category 4 (Low Risk):

Locations relatively free of frequently recurring acts of political, economic or criminal violence and societal arrest. Nations or cities where organized antigovernment elements or terrorist/guerilla groups may be active but maintain only limited operational capabilities. No known environmental hazards are apparent. Modest security precautions are warranted for travel or investment if corporate security concepts meet corporate standards.

If you have any questions do not hesitate to contact me.

Transparent Security: not seeing it is the point

|

transparent securityFor businesses, the need for increased security is apparent. Yet there are many cases where the businesses may not want the appearance of security to be obvious. Although government organizations usually make security a priority over aesthetics, corporate and private facilities often cannot afford to follow this policy. With government facilities, if a property requires 12-foot-chain-link fence with razor wire, then that is what is put into place.

So where does that leave facility executives at corporate and private organizations? Many are taking physical security design to a new level: transparent security. Transparent security is strategy that addresses the need for security while respecting the importance of a low-key appearance.

Transparent Security

Enabling Technology

Transparent security follows two lines, hard and soft. Hard includes equipment, specifically equipment that is designed to be discrete or invisible. Soft involves policies and a strategy known as Crime Prevention Through Environmental Design (CPTED). Occasionally, nonsecurity objects may be used to serve soft security purposes. In one recent application, maple trees were planted in a park specifically to prevent vehicles from traveling into a restricted area. The trees were part of the park, the placement was part of the security plan.

The concept of transparent security design is proactive. The idea is to look for potential problems and take steps to put invisible or unobtrusive material in place to mitigate the potential problem.

Technology is helping to make transparent security easier, and recent advances in the field of window films are an example. An optically clear film is available that can be applied to almost any window, providing a significant increase in protection. Window films provide several security advantages. Glass-fragmentation retention film actually strengthens the glass, increasing the force necessary to break the glass and prevents glass fragments from flying. Window film is relatively inexpensive and is typically done as a retrofit on existing glass. An added benefit is that when properly applied, glass fragmentation window film is invisible.

Glass fragmentation window film has been applied at facilities owned by such diverse organizations as NASDAQ, Wells Fargo, and not surprisingly, the Department of Defense.

The idea of hiding security devices is not new. Manufacturers have been building hidden or low-profile closed-circuit television camera housings for years. Intrusion-detection equipment has also been available in hidden housings. Now, manufacturers of high-security vehicle barriers have followed suit. The vehicle barrier approach is unusual in that high-strength antivehicle bollards are now available in an ornamental configuration. One manufacturer has created a line of architecturally designed fiberglass and plastic sleeves to slip over bollards.

These ornamental barriers are being used to protect buildings as well as to control vehicle access in residential areas. In California, West Hollywood is employing the same type of antiterrorism bollards as used by the federal government to stop car bombers. The city’s barriers are used to block off residential areas from nighttime traffic off Sunset Boulevard from the new Sunset Millennium Shopping Center. The high-security barriers will stop vehicles weighing as much as 7 tons travelling at speeds of up to 62 miles per hour.

Security Meets Design

On the other side of the country, multiple entrances to the Florida State Capitol Building rate protection as well. High-security decorative bollard systems are proposed for the legislative members’ garage that will blend in with the aesthetics of the building. This system balances strength and design by placing ornamental trim around the perimeter of each bollard. In a crash test, the same bollards stopped a 7.5 ton vehicle traveling at 44 miles per hour. Mixing strength and aesthetics, these bollards carry a U.S. Department of State and Department of Defense rating of K8, L2, the highest rating that the government has given to a bollard system.

The impact of security is evident in perimeter systems, too. Some facilities are blending designs into the metal perimeter fence construction to reduce the visual impact of the fence. The corporate headquarters for Delta Airlines in Atlanta is surrounded by a fence with the Delta logo incorporated into it. Less than 10 miles away, the corporate headquarters for the Southern Company — parent company to Georgia Power and other utilities — sports lightning bolts bent into the metalwork of the perimeter fence. In both cases, the additional metal does nothing to increase the physical security.

CPTED takes the built environment and carefully modifies it to increase security. The concept has been used by planners and architects for many years to control behavior; the emphasis is on the placement of existing nonsecurity materials to achieve a security benefit.

CPTED classifies people as either normal users, abnormal users or observers. Normal users are the people that belong in a facility. They are the employees, the guy who fills the drink machine, the customers and anyone else who has legitimate business in a facility. The abnormal users are the opposite of the normal users. They are the thieves, the vandals, the graffiti artists and everyone else who is to be kept away.

The idea of letting some people in while keeping others out is at the heart of any access control system. What makes CPTED different is the idea of observers. A CPTED observer is a person who has been placed at a specific location to minimize the probability of a crime. The concept is simple: The more people looking at something, the less likely crime is to occur. As the number of people looking is increased, so is the probability that someone committing a crime will be seen, and therefore identified and caught.

Visibility Matters

Observers are not told that they are “observers.” They are not there to watch a location and report any crime. But reasonable people are is likely to call 911 if they witness a crime. Thus, security in crime-prone areas can be improved if there are reasons for someone — the observer — to be present. For example, park benches provide a place for people to sit, and as a result, they become places for observers to gather. From a design perspective, an observer is a transparent security measure.

CPTED also utilizes the concept of taking high-risk activities and placing them in low-risk areas to minimize the potential for crime. This is done without the use of security devices and is also transparent. Bank ATMs, for example, are inherently high-risk. The transparent goal in providing security for an ATM is to place the machine in an area of high visibility.

As the need for security continues to increase, transparent security design is becoming a factor in good architectural and security planning. Minor changes can make a big difference, without compromising aesthetics.

How do your alarms communicate?

|

There are many ways that a signal from a fire or burglar alarm can reach the receiver; from POTS (the telephone line that you talk on every day) to sophisticated radio transmitters that seem to have been designed for the CIA to cellular service. Whatever method your security system is using, the important function is to get the correct data from the device (motion detector, heat detector, door contact, etc.) to the base station where dispatching occurs.

The oldest method is the regular telephone wire. In the older systems, each account leased a copper wire connecting them to alarm company central station via the local telephone company switching station. Developed in the 1870’s to measure changes in current at a box in a store or home, it is still used by many private customers. One problem is that the communication flow depends on a solid connection between the two points – if a wire is cut on a pole, the earliest systems show an alarm. Over the past few years, telephone companies have begun to phase out this type of service, since maintenance costs are high and switching equipment is dated.alarm communications

The answer is derived channel monitoring – where the phone company provides a special device at the switching station and another at the alarm company. The digital signals are then monitored by the phone company for quality control – so line faults can be reported and alarms transmitted more securely. Please note this system is an option: not available in all areas of the country.

A third source may use a cell-phone similar to what you probably carry with you today. It was marketed in the 1980’s and allows the alarm user to transmit data on the same system that local cellular phone companies provide. There is a charge, of course, as you are paying for the phone number and usage. A typical system has an alarm control interface, a cell phone mounted in a cabinet with back-up power, and an outside antenna if needed. This device allows for alarms to be transmitted even if local phone service is down, providing that it can “hand-shake” with a cellular tower site. Upgrades are ongoing, such as the same technology that allows you to operate your laptop computer in the car. (Telemetry)

Another plan of action is radio, again this is a newer technology developed in the past twenty years. The simplest type simply substitutes a two-way radio (such as your officers use in the field) to transmit alarm information from one building to another instead of a phone line. This requires a dedicated radio channel as well as line-of-sight reception. A better solution is becoming part of a commercial network, where tower sites and equipment are maintained by a private company and channels are shared based on repeating the messages from office building roofs, water towers, mountaintops and other elevated locations.

Hardwired alarm panels are less expensive than wireless panels, but they are harder to install. Keep this in mind when working on budgeting for alarm systems. An average alarm installation with a hard-wired system takes about 12-16 hours. A typical wireless installation will take less than 4 hours.

Another consideration is that some types of construction lend themselves well to a hardwired installation, and others will require the use of wireless.

Even if you select a wireless alarm panel, some jurisdictions still require that the device back-ups are hardwired. These typically include the power transformer, the electrical ground wire, the telephone connections and any keypads/arming stations and audible alarms.

Check Out: Emergency Action Plan Basics

The main difference between a hardwired and a wireless alarm panel is how each one communicates with the protection devices connected to the system. A hardwired panel will require a wire to each “zone” or device on the system, while a wireless system utilizes a radio frequency to communicate with the “zones” or devices that are connected to it.

While a normal electrical circuit is a Parallel Circuit, a typical hard wired alarm circuit is a 2-wire normally closed loop with end of line supervision commonly referred to as a Series Circuit.

A Series Circuit allows electrical current to flow from the alarm panel, down one wire through the alarm initiating device and back to the alarm panel. When the current is interrupted, the panel will register a fault on the circuit/zone. End of Line (EOL) resistors are added to the circuit so that the alarm panel can supervise the condition of the zone for ground faults, electrical shorts and open or cut wires.

Multiple normally closed devices can be connected to a single zone by connecting the devices in series, with the EOL resistors installed on the last device in line. This way, the entire circuit is completely supervised from the panel to the last device in line.

When wireless alarm systems first appeared on the market, they were not the most reliable systems around. Most of them utilized non-supervised wireless transmitters to communicate to each of the field devices. A non-supervised wireless alarm transmitter would only send a signal “one way” to the alarm panel receiver when it was activated.

For example, when a door or window was opened, the transmitter would send a wireless signal. The alarm panel would receive the signal and activate the appropriate zone. The transmitter would not send a signal when the door or window was closed, so the receiver/zone had to reset itself after a few seconds. With a non-supervised wireless system, you could actually arm the system with a door or window wide open without even knowing it.

Most new alarm systems utilize a redundant bi-directional fully supervised wireless connection for two way communication between the transmitters and the alarm panel receiver. With fully supervised wireless, the alarm panel can tell you the real time status of a door or window. If a door is open, it will keep the zone faulted until the door is closed.

Most of the early wireless systems were very limited in their addressing schemes. They utilized dip switches with binary addressing (explained later) to differentiate between points on the system.

This was O.K. if your wireless system was installed and commissioned correctly, but what happened when a neighboring location installed the same type of system? If the neighbors motion detector was addressed the same as your dock door, your alarm would go off every time they moved around inside their building. As you can imagine, this could cause some major problems that were very difficult to troubleshoot.

Modern wireless systems utilize serial numbers, binary house codes, or other proprietary technology to assure that only transmitters enrolled into your panel will be received by your alarm system. If you do your research and purchase a good reliable supervised alarm system, you should never need to worry about your neighbor’s wireless transmitter setting off your alarm system.

Another problem with the older non-supervised systems is that you did not know when the batteries in the transmitters are low or need to be replaced. The only way to verify that they were working is to periodically test them.

Because, even the most sophisticated wireless alarm panels are useless if the transmitter batteries are dead, therefore supervised wireless panels are programmed to check in with each of the remote transmitters at least once every 24 hours. If your transmitter has a low battery, the keypad/arming station will immediately inform you of the trouble condition.

Check Out: Improve Your Security Guard Service in 5 Steps

With any wireless security system you should always test the performance of your system regularly. The range of any wireless product can be affected by the environment and the structure in which it is installed. Additionally, the range can be adversely affected by environmental conditions, interference form electrical devices or even the orientation of the transmitter in relation to the receiver.

So who is the winner of this argument? Well, according to Underwriters Laboratory (U.L.), the most secure and reliable installation methods utilize hardwired installations with End of Line (EOL) 1 or 2-resistor supervision. In fact, U.L. approved installation standards for federal government and other high security installations require all zones of protection to be hardwired with complete 2-resistor line supervision.

Not to say that wireless systems are an inferior product. In fact the fully supervised systems offer excellent protection that is perfectly suitable for 90% of residential installations.

If you are considering a wireless alarm system, be warned, there are still systems being sold and installed today that are non-supervised, so make sure that any system you are considering offers complete wireless supervision.

If you opt for a hard-wired alarm system, make absolutely sure that the system is installed with the supervisory resistors at the end of the line. To make installation faster and simpler, some installers will place the resistors in the alarm panel rather than at the end of the line.

While this method provides supervision of the zone for ground faults, it does not provide protection for a direct short or worse yet, someone splicing into the wire and shorting them together which will essentially close the loop so the panel will not see the zone open or close.

Whatever method that your security department chooses to move the alarm information from the point of occurrence to the receiving station, make sure that you can provide interference-free data and your staff is able to interpret and dispatch the information. As technology grows into the twenty-first century, new ideas about alarm transmission will be unveiled and older technology will be challenged by parts shortage, lack of technical support, or noise on the line. This article does not offer any specific vendor names or ultimate solutions – but I hope that you will examine your burglar and fire alarm system with an eye toward data transmission.

Basics of a Security Risk Assessment

|

security risk assessment

A proper security risk assessment is necessary to truly understand what security risks your company faces. As a physical security professional you must understand how to conduct a proper security risk assessment. Check out the Risk Assessment Guidelines to understand in-depth what a full security risk assessment entails.

The following tips will guide you in understanding how to conduct a Security Risk Assessment.

Zone 1: The Interior

Every facility executive needs to protect interior space from unauthorized entry. The means available include:

  • An effective system at the front desk or lobby to identify and badge employees and visitors
  • Locking systems
  • Intrusion detection and 24-hour alarm monitoring
  • Closed-circuit television (CCTV) in key locations
  • Security guards

Zone 2: The Perimeter

The typical multi-tenant building perimeter base building system focuses on elements that are incorporated into the design of a new structure, but also may be retrofitted. Some of these elements are:

  • Window coatings to minimize glass shards; polycarbonate glass from grade to 30 feet or higher
  • Structurally hardened building exteriors
  • Defensive landscaping — avoiding landscaping that conceals intruders or provides natural “ladders”
  • Lighting and CCTV in key areas
  • Control of loading dock traffic
  • Control of building entrances — main lobby and elevator core interface with public

Mail facilities are also vulnerable to biological and chemical weapons, and unauthorized entry. To combat those threats, consider:

  • Limiting access to authorized personnel
  • Placing barriers at the building perimeter to decrease access and reduce the impact of hazards
  • Installing X-ray package-screening equipment
  • Installing nuclear, biological and chemical (NBC) detection equipment
  • Installing negative pressurization systems to contain hazardous materials
  • Using HVAC filtering and treatment, such as HEPA filters and UV treatment

Finally, the building’s air systems and mechanical room, if located on the perimeter, are another area of vulnerability. Protect air handling systems from tampering by:

  • Fencing off fresh-air intakes and return-air vents or moving them to roof
  • Securing mechanical room exits

Zone 3: Building Grounds

Building grounds should be treated as a defensive zone to prevent cars and trucks, which might be carrying explosives, from crashing into the building. One security measure against these threats is the installation of highway barriers, but these are unsightly. Instead, use landscape elements to create a stand-off zone around the building, remembering that the effect of blasts diminishes with the distance from the blast. Effective methods include:

  • Using mature trees, landscaped earth berms, raised planter beds, benches, ornamental fencing and ornamental light posts
  • Incorporating effective lighting

Zone 4: Property Boundary

Implement security measures at the property line, which may include:

  • Roadway and barrier systems, such as a guardhouse
  • Communication systems in remote parking lots, such as emergency intercom and CCTV surveillance
  • Secured access to gas, water, electric, telephone service and utilities, such as locking manhole covers

Zone 5: Parking Structures

Parking structures are a significant area of vulnerability. Limit and monitor access and use, particularly if the parking structure is within or under the main part of the building. In addition to eliminating on-street curb parking, successful methods might include using:

  • Parking control system
  • Vehicle identification system
  • License plate recognition system

Zone 6: Public Domain

Finally, leverage the assets that are available to property owners in the public domain: streets, police, fire and emergency services departments. Coordinate security policies and procedures with public agencies at the local, state and federal levels, as appropriate. Establish a liaison to obtain real-time intelligence about actual and potential threats.

In today’s world, facility executives must take a holistic approach to security planning, programming and system design. They must assess the full range of security assets available — both human and electronic — and develop a system that protects the property at every zone from the interior to the public domain.

 

Here are suggestions of what to check before contracting Kevin Ian Schmidt for a physical security risk assessment.

This article is just to provide you with the basics of a security risk assessment, so you are knowledgeable on what to expect when hiring a consultant, and will potentially be able to address minor, simple issues beforehand to save cost.

Layered Security

|

layered securityAt its most basic, layered security refers to concentric rings of site and building security. These rings typically progress from the exterior boundaries of a site to the exterior building shell to increasingly secure areas within the building. The rings are not always symmetric or well defined, but each one represents an increase in security hardening against external threats as one moves inward from the site boundary or building exterior.

In a layering approach, design consideration must be given to the flow of people and material as they move though public, private and restricted building areas. Controlled paths need to be established in conjunction with each layer of security. This is where design with security concerns in mind can minimize implementation and future operating costs.

Equally important are the internal security layering requirements that segregate building spaces from one another — a key requirement when multiple tenants or departments with differing security needs occupy a single building.

Securing Core Areas

Most buildings share core areas that include vertical transportation, electrical and telephone rooms, janitor closets, and public amenities like parking areas, lobbies and toilet facilities. A successful security design must not only plan for the flow of people and material during occupied and unoccupied hours, but also consider how this flow affects the sharing of public and service areas.

For example, building access from surface or underground parking facilities needs to be segregated and directed to a common access control point to minimize security staffing and other operating costs. Because of past incidents in high-profile buildings, underground parking may in the future be limited or not be provided at all.

When designing security to maintain segregation of building areas, life safety code requirements must be observed, and the required emergency egress paths must be maintained using appropriate egress hardware. Though it sounds simple, this is one of the most difficult requirements to implement because it requires comprehensive understanding and interpretation of building codes and close coordination of door hardware, security system and fire alarm system requirements.

Check Out: Physical Security Program – Know the Process

Design Principles for Security

Proper design and use of the built environment can assist in effective security layering. The following four design principles are key:

  1. Natural surveillance: The ability to keep potential threats easily observable in parking areas and building entrances.
  2. Territorial reinforcement: Defining private and public areas in the facility or campus using landscape plantings, pavement designs, gates and fences
  3. Natural access control: Design of streets, sidewalks and building entrances to indicate clearly the public access routes and to discourage pathways outside the secure areas, using structural elements to complement electronic access control.
  4. Target hardening: Design using features that prohibit entry or access, such as window, door and air intake location; locks; dead bolts; electronic card access; and closed circuit television (CCTV).

To enhance security, building exteriors will in the future likely be designed with fewer windows and other openings; exterior windows and doors at the lower floors will be reinforced. Fresh air intakes will no longer be at grade. The number of outside entrances for pedestrians on foot or from parking areas will be reduced to channel the flow to lobby security stations that can be staffed with the minimum number of personnel.

Underground parking, loading docks and service entrances will be located and designed to segregate and effectively control the flow of personnel and goods using transition areas. Building service areas, toilet facilities, corridors, and electrical and telecommunication closets will be located so that the building’s net usable space can be subdivided, segregated and secured as needed to meet the requirements for each tenant or department’s security, while maintaining the code-required means of egress.

Technology’s Role in Layered Security

In addition to physical barriers, a layered approach to security typically requires electronic security systems — different combinations of things like badges, biometrics, card access, door alarms, CCTV and package scanning machines in different combinations — along with personnel trained to make the final decisions. The effective placement of these systems can reduce staffing requirements.

The upper box on page 53 shows the placement of card access devices and personnel to control access to building core areas from the outside while minimizing staff needed to handle visitors.

In the example shown, everyone who wants access to non-public areas of the building is directed to the turnstiles that control access to the elevators. Visitors can gain access when authorized by the security personnel.

In a building similar to the one in the example, delivery trucks could gain access to the loading dock after being cleared by the security staff. Depending on the security level required, access to the freight elevators can be further controlled after inspection of the cargo.

Check Out: How do Your Alarms Communicate

Further security layering can be implemented for personnel and material that have been cleared for access to tenant spaces. The bottom box on page 53 shows a typical arrangement of multiple-tenant floors. Tenant security is maintained with the use of card readers to control access into the space. Tenants that need to track personnel who enter and leave their spaces can use their own card readers. Tenant personnel can gain access to the toilet facilities while maintaining security; the use of keys or card readers at the toilet facilities is an option that needs to be evaluated separately. Those making deliveries from the freight elevator need to request access to tenant spaces via telephone or intercom.

CCTV systems with motion detection can provide continuous monitoring that is useful not only to grant access to the protected spaces, but also to provide forensic evidence needed to investigate security-related incidents. Digital CCTV provides for easy retrieval of information on demand without the time-consuming searching required by older analog systems.

Although security layering is a valuable strategy for controlling the flow of people and materials within the building, it isn’t the whole story. Operational plans are needed to limit access only to suppliers and staff with legitimate need. Deliveries of supplies from known sources should be coordinated in advance. Delivery times may have to be restricted to off-peak hours to avoid unnecessary delays to building occupants. For particularly sensitive areas, requirements for background investigations of outside contractor staff may need to be established to prevent “Trojan horses,” such as bugging devices, from being introduced into the building during construction, maintenance or deliveries. Emergency plans need to be developed and tested with the building occupants to address different types of security-related emergencies. Exit and emergency pathways need to be established for different scenarios.

Special measures and additional staffing may be required for special events, such as social functions and tenant relocations, where a large number of strangers may require access to secured areas.

In new buildings, security layering can be integrated into the original design in a very cost-effective manner. But, of course, occupants of existing buildings are demanding increased security as well. In most of these buildings, security improvements are more costly to provide because of significant additional staffing costs or building modification costs to redirect the flow of people and materials. Many existing buildings were designed with multiple entrance pathways; these buildings must add significant security staff or make costly changes to the building itself to provide minimum levels of security. Building owners will have to treat those additional expenses as a cost of doing business; tenants are demanding increased security, and those measures carry additional costs. Another challenge for existing buildings is that the security layering approach requires both building owners and tenants to accept changes in behavior without developing a trench mentality.

When it comes to upgrading security from what was acceptable in the past, there is no free lunch. To put it another way, no pain, no gain.

With new buildings, costs can be minimized. Doing that requires building owners to remember two key points: first, that during the design process it is never too early to plan for security; second, that many tools are available to provide security. And it’s not just building owners who need to think in a new way about security in new buildings. The increased demand for security also will require a change in the mindset of architects and engineers. Design professionals will have to consider how to incorporate into building designs the sometimes conflicting desires and requirements of building owners, occupants, vendors, visitors and governing agencies.

If everyone on the design and construction team focuses on security early and consistently, security does not need to be expensive and in many cases can be incorporated with minimal impact on the tenants who spend a great deal of their everyday lives in the building.

It’s also important to remember that effective security requires the building owner to address both operational and security technology issues as well as architectural factors. For example, it is critical that the issues of security staffing and training be addressed. With solid planning and an awareness of the tools available to designers, building owners can achieve the security levels they need without high ongoing costs.

Categories

Important Links