April 20, 2014

Featured Articles

Featured Articles of Interest to Security Professionals

 

Loose Lips Sink Ships
“This phrase has more relevance today than ever intended”

This World War II phrase suggests… Unguarded talk may give useful information to the enemy.  Since that time, this phrase has continued to be relevant for businesses that wish to be successful and survive in a very competitive world.

In the late 70’s while meeting with a group of traders in a small public lunchroom adjacent to a trading floor, I became alarmed by the details being exchanged about a recent suspected leak of trading position information.  When I mentioned my concern about discussing this matter at our closely surrounded table, the complacent response was…”Oh, we’re fine, we know those guys.  They’re from the company (competing company) next door to us.”

While traveling to a meeting for my employer at a remote operation I stopped for lunch.  Sitting in a booth behind me were two men discussing how they were going to take business away from the very facility I was in town to discuss security with.

Many years later a client was concerned that details discussed at their after-hours board meeting seemed to be in the hands of their competitor before the start of the next business day.  Conversations overhead were validated by meeting notes tossed into the wastepaper baskets and sold to the competitor by the custodian who cleaned the executive offices during the scheduled meetings.

Today this phrase has more relevance than ever intended.  Businesses have to face a whole mirage of risks and dangers unleashed by smart phones and a whole arsenal of personal computing devices that are capable of connecting with and talking to millions of people over the Internet and a growing number of wireless social networks.

Since “unguarded talk” has taken on a whole new meaning and “secret and confidential” are words that are hardly recognized anymore, businesses should review their communication security policies and ensure these policies address the risks and threats created by our instant communication cultural.

Internet Usage

Security policies must clearly state whether or not employees are allowed to use company computers for personal use.  Policies should also address whether or not Instant Messaging may be used during company time and on company equipment.

E-Mail and Social Networking

Security policies should address appropriate content for company e-mails and social media pages.  It should be assumed that nothing will stay private on the Internet and there are no limits to dissemination.

PDA/Mobile Devices

If your company is using personal digital assistant or mobile devices you should address security with safeguards such as data encryption and password protection.  As one data security author put it…” You don’t have enough fingers to plug all the leaks that a mobile device can punch in your security dike.”

Non-Disclosure Agreement

Your Non-Disclosure Agreement should be reviewed to make sure it includes e-mail, social media, verbal communication and any other means of sharing information that could affect your company.

Effective security policies should be clear and as easy to comply with as possible. Policies that are overly complicated have a tendency to encourage employees to by-pass the system.

For a better understanding of Loose Lips Sink Ships and how this simple concept can be applied to today’s business environments go to http://www.eyewitnesstohistory.com/lslips.htm

By: Curtis M. Haugen, CPP, S’curo Group LLC, Middleton, WI

Curtis Haugen, CPP is a member of Central Wisconsin ASIS Chapter 067 in Madison, WI where he serves as Chapter Website Coordinator.  Curtis Haugen is also CEO and Operations Director of S’curo Group LLC, a security consulting firm in Middleton, WI.

 

 

 

BE READY IN 2012

Guidelines For Protecting Your Business and Employees

The National Climatic Data Center reports that 2011 has seen more billion-dollar natural disasters than any year on record.   The United States experienced its first hurricane landfall since 2008, the most deadly series of tornadoes since the 1950s, significant earthquakes and severe flooding – hazards that impacted every region of the country.

“While we can’t control where or when they might hit, we can take steps in advance to prepare for them – efforts that can go a long way toward protecting our families, homes and businesses” said FEMA Administrator Craig Fugate when recently announcing Resolve to be Ready in 2012 a nationwide effort led by FEMA’s Ready Campaign in partnership with Citizen Corps and The Advertising Council to increase awareness and encourage individuals, families, businesses, and communities to take action and prepare for emergencies in the New Year.

Business owners that have not already implemented a plan to protect their businesses and employees can learn how with free documents provided by Ready.gov including the following steps for developing and implementing effective emergency preparedness plans.

Program Management – A successful plan is built on a foundation of management leadership, commitment and financial support necessary to maintain resources and keep the plan up-to-date.

Planning – The planning process should take an “all hazards” approach and include strategies for prevention, deterrence and risk mitigation for threats or hazards that could cause injury, property damage, business disruption or environmental impact.

Implementation – Implementation of a plan should include identifying and assessing resources, writing documents for the plan, developing a system to manage incidents and training employees so they can execute the plan.

Testing and Exercises – Conducting tests and exercises to evaluate the effectiveness of a plan is critical to make sure employees know what to do and can help identify any missing parts.

Program Improvement – The opportunity for program improvement follows each testing exercise and actual incident.   Accurate notes should be made and reviewed in a post incident assessment to evaluate the responses to the incident and make necessary changes.

According to The Insurance Information Institute, up to 40% of businesses affected by a natural or human-caused disaster never re-open.  Resolve to be Ready in 2012 so your business and employees are prepared to face 2012 and the unforeseen threats or hazards that the New Year might bring.

Learn how to Resolve to be Ready at www.Ready.gov/Resolve.  Other free emergency preparedness documents and planning guidelines can be found at Ready.gov or Listo.gov.

By: Curtis M. Haugen, CPP, S’curo Group LLC, Middleton, WI

Curtis Haugen, CPP is a member of Central Wisconsin ASIS Chapter 067 in Madison, WI where he serves as Program Chairperson and Chapter Website Coordinator. Curtis Haugen is also CEO and Operations Director of S’curo Group LLC, a security consulting firm in Middleton, WI.

 

CULTURAL DIVERSITY
- Race and Ethnicity Must Be Considered in Workplace Safety Plan -

An employee for 15 years at a cement plant in Cupertino, CA, arrived at a pre-dawn company safety meeting in October with a rifle and handgun in tow.  Using rope and a piece of plywood, he jammed shut a trailer door to trap about a dozen coworkers inside and then opened fire, killing three and wounding seven others.

The motive for the rampage is still a little fuzzy, but racial tension seems to have been involved and has been an issue in several workplace rampage shootings in recent years.

Many employers embrace the concept of a melting pot of workers with different demographic characteristics, backgrounds, attitudes, ideas, and experiences.  “However, they must also make a concerted effort in providing an environment of justice, tolerance, and civility, within which a diverse workforce can succeed,” warns Sameer Hinduja, an associate professor in the School of Criminology and Criminal Justice at Florida Atlantic University and co-director of the Cyberbullying Research Center.

In his research project, which included personal interviews with 327 workplace violence victims, race and ethnicity was identified as the cause for their workplace mistreatment three times as often as gender, age, religion, or education level.

Five Steps Toward Cultural Diversity

Management must be aware of cultural diversity in their workplaces and use the following steps to eliminate confusion and misunderstandings and to prevent workplace hostility and violence.

1. Workplace rules must be applied fairly and impartially to all employees and employee groups.

2. Steps must be taken to ensure all employees understand and interpret workplace rules correctly, no matter what language or cultural barriers might exist.

3. There must be a process in place where concerns can be voiced, investigated, and resolved quickly by management and peers that can represent the respective employees.

4. Corrective action must be taken against all persons who knowingly and willfully violate workplace rules and cause harm to the company and its employees.

5. All threats or reported concerns must have a closure that is understood and acknowledged by all parties.

The following is a helpful guide for developing and implementing a Workplace Violence Plan:  The USDA Handbook on Workplace Violence Prevention and Response: http://www.usda.gov/news/pubs/violence/wpv.htm

By: Curtis M. Haugen, CPP, S’curo Group LLC, Middleton, WI

Curtis Haugen, CPP is a member of Central Wisconsin ASIS Chapter 067 in Madison, WI where he serves as Program Chairperson and Chapter Website Coordinator. Curtis Haugen is also CEO and Operations Director of S’curo Group LLC, a security consulting firm in Middleton, WI.

 

 

Five Steps That Will Help You Protect Your Business Against Terrorism

Strong, stable and secure businesses are critical to our Nation’s stand against terrorism.  Business owners and their employees are an essential component in this effort.

Here are five things you can do to reduce the affects terrorism can have on your business, your employees, customers and communities.

1. Remain aware that the United States is in a “war” against terrorism at home and abroad.   Recognize that this ongoing effort is protecting access to today’s global markets that are essential to the success of your business.

2. Remain aware of and involved in precautionary actions in which your business is being asked to participate.  Knowledge of the impact terrorism has had and may continue to have on your business will help you react appropriately and respond in a timely manner.

3. Reinforce your business values and strengths by staying involved with industry associations and civic organizations.  Industry partners that work together will have access to more information and will be stronger and better prepared to respond faster and more effectively to threats that might develop.

4. Help your employees understand and manage fear and uncertainty.  Informed employees will be able to support your business functions more effectively if they understand the nature of the threats your industry and business face.  They will also be more productive if they are confident their families are safe and protected.

5. Provide information to your customers.  Sharing timely and reliable information with your customers about threats that you are aware of will strengthen their trust in your businesses and help them make decisions about their own operations and the commodities they will be preparing to purchase or sell.

A proactive response to terrorism will help protect your assets, instill confidence in your employees and customers and help your business display strength and stability in your community.

Additional information on terrorism for businesses can be found at the following websites.

National Terrorism Advisory System – U.S. Department of Homeland Security – www.dhs.gov/alerts
Counterterrorism Division – Federal Bureau of Investigation – www.fbi.gov/about-us/investigate/terrorism
Counterterrorism Office – U.S. Department of State – www.state.gov/s/ct

By: Curtis M. Haugen, CPP, S’curo Group LLC, Middleton, WI

Curtis Haugen, CPP is a member of Central Wisconsin ASIS Chapter 067 in Madison, WI where he serves as Program Chairperson and Chapter Website Coordinator. Curtis Haugen is also CEO and Operations Director of S’curo Group LLC, a security consulting firm in Middleton, WI.

 

5 Steps That Will Help You Maintain A Violence Free Workplace

Violence in the workplace is a top concern for employers since workplace violence can cause loss of life, create huge liability and fiscal damage and cause irreconcilable damage a company’s image.

A survey by the Society of Human Resource Management found that over two-thirds of their members have experienced violence at their organizations in the last three years. These incidents have involved inappropriate language, verbal abuse, verbal threats of violence, sexual harassment, bullying, threatening e-mails sent by employees and received by employees and physical damage to employee property.

It is estimated that $55 billion a year is lost to litigation awards, property damage and lost productivity from workplace violence.

U.S. Department of Justice statistics suggest that companies that have effective workplace violence policies, consistent training and a good security program have the lowest rate of violence in the workplace.

Here are five steps that will help your company maintain a Violence Free Workplace.

1. Develop a “zero tolerance” policy against all forms of violence in the workplace and require all employees to read, sign and validate their understanding of the policy.

2. Educate managers and supervisors on how to recognize early warning signs or symptoms of impending violence.

3. Provide all employees with a safe and trusted mechanism for reporting violence or threatening behavior.

4. Take immediate action against those who have threatened or committed acts of workplace violence.

5. Create in-house support systems such as Employee Assistance Programs and Peer Review panels that can help employees resolve concerns before they become formal complaints or grievances.

All threats should be taken seriously since employees may not step forward with their concerns if they think management doesn’t care or will minimize their concerns.

More detailed information on workplace violence can be found in The Occupational Safety and Health Administration’s Guidelines for Preventing Workplace Violence and the National Institute for Occupational Safety and Health’s Violence in the Workplace: Risk Factors and Prevention Strategies.

By: Curtis M. Haugen, CPP, S’curo Group LLC, Middleton, WI

Curtis Haugen, CPP is a member of Central Wisconsin ASIS Chapter 067 in Madison, WI where he serves as Program Chairperson and Chapter Website Coordinator. Curtis Haugen is also CEO and Operations Director of S’curo Group LLC, a security consulting firm in Middleton, WI.

7 Steps That Will Strengthen Your Security Program

“A new employee orientation program will provide many unforeseen benefits”

Good security at any business begins well before an employee’s first day on the job. A safe and secure work environment is very important to today’s employees. A company’s commitment to security will be recognized as a benefit to future employees and their families.

New employee orientation is where it starts. A well designed new employee orientation program will provide many unforeseen benefits. Here are 7 steps that will strengthen your security program and your new employees’ attitude toward security.

1.  Introduce New Employees To Your Security Program Before They Come On Site

Mention your company’s value of and commitment to security in your recruitment materials and job offer letters.

2.  Show New Employees Your Company Is Committed To Security

A clear message about your company’s commitment to security will create a strong “first impression” and a “lasting perception”.

3.  Engage New Employees Through An Interactive Process

Active participation in your new employee orientation will help new employees better understand their role in security and give them confidence to respond appropriately.

4.  Make The Content Interesting And Relevant

Well written material is easy to read and remember. Real life examples of what new employees will experience on the job will prepare them for their responsibilities.

5.  Deliver A Consistent Message

No matter how many departments you have in your business it is important that they all share the same message and commitment to security.

6.  Deliver An On-Going Message

Security training and awareness is an on-going process. Use department meetings, newsletters and events such as annual security awareness weeks to promote security.

7.  Lead By Example

Management’s attitude toward security is crucial to a successful security program. New employees will quickly recognize this attitude and adopt the same values and commitment.

By: Curtis M. Haugen, CPP, S’curo Group LLC, Middleton, WI

Curtis Haugen, CPP is a member of Central Wisconsin ASIS Chapter 067 in Madison, WI where he serves as Program Chairperson and Chapter Website Coordinator.   Curtis Haugen is also CEO and Operations Director of S’curo Group LLC, a security consulting firm in Middleton, WI.

 

Emergency Preparedness
“A well written and rehearsed emergency action plan will save lives and property.”

The cold temperatures of late fall and winter place unusual stress on all operating systems within a facility as well  as the personnel charged with managing the day to day functions.  Cold weather has very often been identified as a contributing factor in fires, explosions and equipment related accidents.  For this reason a review of a facility’s Emergency Preparedness Plan with all employees and community emergency response services is well advised.

The actions that are taken within the first few minutes after an incident occurs will have a direct affect on loss of life and injuries, the extent of damage to a property and the length of recovery.  To be affective copies of an Emergency Preparedness Plan must be kept in places that will not be directly affected by an incident and can be quickly accessed by responding employees and emergency services personnel.

The following are actions that need to be taken immediately and events that typically follow the occurrence of an unexpected business disruption.  A well written and rehearsed Emergency Preparedness Plan will give employees the confidence to respond to emergencies and do their very best to mitigate the damaging effects of a business disruption.

Immediate Actions

• Account for all employees and customers
• Notify emergency response services
• Designate a “person in charge”
• Notify insurance company
• Identify persons who need to be at the site for support
• Document all actions and conversations thoroughly

Prepare For The Arrival Of Service Providers and Other

• Fire and Law Enforcement personnel
• Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF)
• Insurance Representatives and Adjusters
• Media representatives
• Employees, family members and friends
• Vendor representatives offering services

Immediate Needs

• Secure property and control access to damaged areas
• Develop list of persons authorized to be on the property
• Establish designated areas to meet with family and media representatives
• Staff  telephones to handle incoming phone calls from employees, families and customers
• Establish a telephone “hot line” where employees can call to receive current updates and notices
• Ensure all messages released to employees, customers and community are consistent and accurate

By: Curtis M. Haugen, CPP, S’curo Group LLC, Middleton, WI

Curtis Haugen, CPP is a member of Central Wisconsin ASIS Chapter 067 in Madison, WI where he serves as Program Chairperson and Chapter Website Coordinator.   Curtis Haugen is also CEO and Operations Director of S’curo Group LLC, a security consulting firm in Middleton, WI.

 

Operations Security
“Make your employees part of the solution rather than the problem.”

Effective security for any operations has always depended upon loyal and trusted employees; thus the term Our Most Valuable Asset.

Workplace security studies spanning over many years have concluded that most employees want to do a good job and will meet these goals if their organizations support them and encourage them in their daily job functions.  Respect for management, adequate training, clear and open communications, accountability and a sense of appreciation are the common traits that create loyal and productive employees.

A 1970 landmark study on theft in the workplace by John P. Clark, University of Minnesota and Richard C. Hollingier, University of Florida found that “a lowered prevalence of employee theft is a valuable consequence of a management team that is responsive to the current perceptions and attitudes of its workforce”.  In 2008 Peter Goldman the editor and publisher of White-Collar Crime Fighter brought attention to the term “Tone at the Top”.  This term is used often in the context of Sarbanes-Oxley compliance as meaning that management is charged with infusing the organization’s culture with an attitude of “putting people first”.  Using Goldman’s terms, walking this talk means…

• Maintaining an open-door policy on the part of all managers.
• Establishing and maintaining transparency in major management activities.  Avoiding secrecy
and surreptitiousness in decision-making and ensuring that key decisions result in no surprises
or unfair actions affecting employees.
• Clarity and consistency in communicating with employees.  The CEO needs to be out and around
the workplace as much as possible to show concern and interest.
• Invest in employees with training and retraining and re-assignment to jobs that provide added
challenge and the  potential for financial reward.

Former GE Chief Jack Welch has often cited these practices as among the most powerful in building and sustaining employee loyalty, commitment and integrity.

 

By: Curtis M. Haugen, CPP, S’curo Group LLC, Middleton, WI

Curtis Haugen, CPP is a member of Central Wisconsin ASIS Chapter 067 in Madison, WI where he serves as Program Chairperson and Chapter Website Coordinator.   Curtis Haugen is also CEO and Operations Director of S’curo Group LLC, a security consulting firm in Middleton, WI.

 

The Importance of Understanding Terrorism
The media covered the Times Square terrorist attempt in depth and law enforcement did an outstanding job of grabbing the perpetrator(s).  What was not emphasized was… a street vendor, a citizen, made the observation and immediately reported it to the police.  This alert citizen may have saved lives and major property damage.

Understanding Terrorism - Times SquareTerrorism…“the use of violence and threats to intimidate or coerce”…is a threat to each of us, our families, and our businesses.  A better understanding of what terrorism is and the groups or individuals that choose to be classified as terrorists is our best defense and most power tool against acts of terrorism.

Our intelligence agencies tell us that the largest and most serious threat to our Nation is Al Qaeda Central which is operating on foreign soil and being fought by our Military Forces and our allies.  Al Qaeda “hybrids”, and others identified as “sleeper cells” have been identified all around the world.  Al Qaeda hybrids and sleeper cells are a serious concern to our intelligence communities because although they claim to be affiliated with Al Qaeda Central, their individual strategies may be different and are therefore very unpredictable.

Of greatest concern and threat to smaller communities in the United States is what our intelligence agencies refer to as domestic or “home grown terrorists”.  These terrorists described as “lone wolf extremists” are individuals or small groups who claim to be sovereign citizens, militia extremists, animal rights and environmental extremists.

These individuals and groups are of concern because they have manufactured illegal weapons using some of the products we produce.  Others have successfully sold or attempted to sell stolen commodities to us to fund their operations.  These individuals and groups have also used unfounded protests against our industries to call attention to their individual causes.

As with the Times Square perpetrator(s), “home grown terrorists” are generally well educated, have families, and blend into the American middle-class landscape.  In retrospect, neighbors and casual acquaintances recall being aware of unusual travel habits, activities in the residences at unusual hours of the day, an unusual number of package deliveries, and pleasant but evasive conversations with these individuals.

As citizens we need to trust our eyes, ears, and intuitions.  If something doesn’t look right… it probably is not.  We should share our concerns with our local law enforcement authorities.  Our instincts are important.

As the English philosopher and statesman Sir Edmund Burke said, “All it takes for evil to flourish is for enough good men (and women) to do nothing.”

More information on terrorism can be found at:

Federal Bureau of Investigation   www.fbi.gov
U.S. Department of State   www.state.gov
U.S. Department of Homeland Security   www.dhs.gov
National Counterterrorism Center   www.nctc.gov

 

By: Curtis M. Haugen, CPP, S’curo Group LLC, Middleton, WI

Curtis Haugen, CPP is a member of Central Wisconsin ASIS Chapter 067 in Madison, WI where he serves as Program Chairperson and Chapter Website Coordinator.   Curtis Haugen is also CEO and Operations Director of S’curo Group LLC, a security consulting firm in Middleton, WI.