|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465How Security Departments Can Leverage Enterprise Risk Management2015-02-27T05:00:00Z0|#21788f65-8908-49e8-9957-45375db8bd4f;L0|#021788f65-8908-49e8-9957-45375db8bd4f|National Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465Video preview: Chemical Emergency Response 2015-03-03T05:00:00Z|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465A Giant Leap for Arecont Vision2015-02-12T05:00:00Z|#21788f65-8908-49e8-9957-45375db8bd4f;L0|#021788f65-8908-49e8-9957-45375db8bd4f|National Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465House Approves Full Year of DHS Funding2015-03-03T05:00:00Z|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465Free Access to Security Journal during March 2015-02-25T05:00:00Z|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465Book Review: Integrated Electronic Security: A Layered Approach2015-02-09T05:00:00Z|#3795b40d-c591-4b06-959c-9e277b38585e;L0|#03795b40d-c591-4b06-959c-9e277b38585e|Security by Industry;GTSet|#8accba12-4830-47cd-9299-2b34a4344465Industry News March 2015|#3795b40d-c591-4b06-959c-9e277b38585e;L0|#03795b40d-c591-4b06-959c-9e277b38585e|Security by Industry;GTSet|#8accba12-4830-47cd-9299-2b34a4344465Malware Attacks Show the Connection Between Markets and Cybercrime2008-10-29T04:00:00Z|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465VIDEO: Preparing for the worst 2015-01-21T05:00:00Z|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465Securing the Fan Experience2015-02-09T05:00:00Z

Security Management

 Morning Security Brief

View RSS feed

 SM Weekly

Retrieving Data

 SM Daily

Retrieving Data
Not a Member? Join Now News March 2015GP0|#3795b40d-c591-4b06-959c-9e277b38585e;L0|#03795b40d-c591-4b06-959c-9e277b38585e|Security by Industry;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<span style="color:#222222;font-family:novecentosanswide-bold, sans-serif;font-size:1.1em;line-height:1.2em;text-transform:uppercase;">Castle Sentries</span><p>Windsor Castle in Berkshire, United Kingdom, is the largest inhabited castle in the world. It was originally built for William the Conqueror as part of a defensive ring around London, and a wooden palisade protected the wooden castle in the 11th century. Renovations and additions to the castle over the centuries have made it more comfortable and safer.</p><p>In the 21st century, bollards from Delta Scientific have been installed to defend the stone castle from vehicular attacks. The DSC800 decorative bollards can stop 15,000-pound vehicles traveling 30 miles per hour. If damaged, the outer sleeve of the bollard can be removed and a new one slipped over the base.​</p><h4>PARTNERSHIPS AND DEALS</h4><p><strong>Arecont Vision</strong> is providing video sur­veillance cameras for SpaceX to be de­ployed on the SpaceX Dragon spacecraft.</p><p><strong>Arteco</strong> has announced partnerships for distribution and support of its video event management software with Dodic in the Lazio region of Italy and SVT Solutions in western Canada.</p><p>Starwood Hotels & Resorts Worldwide, Inc., has introduced a keyless entry system using <strong>ASSA ABLOY</strong> Mobile Access for Hospitality to allow guests to use smartphones to access their rooms.</p><p><strong>Carousel Industries</strong> has joined the Palo Alto Networks NextWave Partner Program and will offer Palo Alto’s portfolio of enterprise solutions to its customers.</p><p><strong>Catbird </strong>announced that the immixGroup has selected its cloud security and compliance solution to enhance its offerings for government customers.</p><p><strong>Cautela Security UK Ltd</strong> was the main security provider and event spon­sor for “An Evening with Arnold Schwarzenegger” at the Centenary Pavilion in Leeds, United Kingdom.</p><p><strong>Eaton</strong> has been selected by Miller­Coors to provide an integrated emergency communications system for the company’s brewery in Fort Worth, Texas.</p><p><strong>Eyelock Inc. </strong>and Wistron NeWeb Corporation have entered into a licensing agreement to embed EyeLock’s iris authentication technology into a broad array of consumer and enterprise devices.</p><p><strong>Eyewitness Surveillance</strong> is providing security and surveillance solutions to Kelly Auto Group.</p><p><strong>Genetec </strong>has partnered with VenTek to integrate the VenTek Pay-by-License solution and Genetec’s license plate recognition system.</p><p><strong>HID Global</strong> has completed a successful pilot program with Dial-N-Document and Integrity Home Care to test HID’s real-time authentication of caregiver visits using smartphones.</p><p><strong>Hughes Network Systems, LLC,</strong> and the All-Hazards Consortium have created a strategic information-sharing partnership to aid in disaster preparedness.</p><p><strong>PSA Security Network</strong> has formed a vendor partnership with Alertus Technologies.</p><p><strong>Tristar </strong>has been named a nonexclusive distribution partner for SMARTRAC N.V. RFID tags and inlays in Latin America.</p><p>Bitnet Technologies has chosen <strong>Sphonic </strong>to provide global anti-money laundering transaction monitoring and know your customer verification.</p><p><strong>STANLEY Security</strong> has added Vanderbilt Industries, Low Voltage Contractors, Stone Security, and Xentry Systems Integration to its network of value-added resellers for EyeLock identity authentication products and solutions.​</p><h4>Government Contracts</h4><p><strong>Astrophysics</strong> has secured a contract to provide x-ray inspection systems for seaports to the U.S. Navy.</p><p>Chester County, Pennsylvania, is protecting its cell tower sites with <strong>ECKey</strong> access control technology. The Protection Bureau is overseeing the planning and installation.</p><p><strong>General Dynamics Land Systems-Can­ada</strong> was awarded a contract by the government of Canada to provide and integrate an enhanced surveillance suite on its LAV 6.0 vehicles.</p><p><strong>Implant Sciences Corporation </strong>will provide its QS-B220 Desktop Explosive Trace Detectors to the U.S. Transportation Security Administration.</p><p><strong>IndigoVision </strong>cameras are deployed at the Mars Mission control room of the Indian Space Research Organisation.</p><p><strong>The Mariner Group</strong> recently completed a CommandBridge installation for the Port of Stockton in California to improve situational awareness.</p><p>The Alpha Elite Body Armor System from <strong>Point Blank Enterprises </strong>is being used by more than 40 law enforcement agencies, including the Chicago Police Department, the Los Angeles County Sheriff’s Department, and the Boise Police Department.</p><p>More than 40 U.K. police forces have contracted to use the HOLMES criminal investigations and incident management system from <strong>Unisys Corporation’s U.K. </strong>subsidiary.</p><p>São Bernardo do Campo, Brazil, has deployed a security intelligence platform that includes <strong>Verint Systems Inc. </strong>video management software and cameras.​</p><h4>AWARDS AND CERTIFICATIONS</h4><p><strong>AlliedBarton Security Services</strong> was named a 2015 Military Friendly Spouse Employer by Victory Media, publisher of G.I. Jobs and Military Spouse.</p><p>Popular Science named the MINI Z Handheld Z Backscatter Screening System from <strong>American Science and Engineering, Inc.</strong>, among its Best of What’s New.</p><p><strong>CSi </strong>was awarded a Marketing Excellence award from Honeywell.</p><p><strong>DSM Dyneema</strong> has won the 2014 WorldSafe Safety Product Innovation award from the Safe America Foundation for its Force Multiplier Technology, which delivers ballistic performance with light weight and low profile for armor applications. Point Blank Enterprises was also recognized with a Safety Product Breakthrough award for its Alpha Elite system, which uses the Dyneema product.</p><p><strong>Fire-Lite Alarms</strong> by Honeywell has won a Campus Safety BEST Award for its Lite-Connect solution.</p><p><strong>Gamewell-FCI</strong> by Honeywell S3 Series addressable fire alarm control panels and accessories have received approval and certifications from Factory Mutual, California State Fire Marshal, New York City, and Chicago.</p><p>The QS-B220 desktop explosives and drugs trace detector from <strong>Implant Sciences Corporation</strong> has won the 2014 Government Security News Homeland Security Award for Best Explosives Detection Solution.</p><p><strong>Morpho (Safran)</strong> announced that its fingerprint matching technology placed first in the ongoing Minutiae Interoperability Exchange Test (MINEX), which is sponsored by the National Institute of Standards and Technology. Neurotechnology’s fingerprint matching algorithm achieved second place.</p><p><strong>Tacprogear </strong>announced that it has received certification from the National Institute of Justice for its Threat Level IIIA soft armor package.</p><p>Training magazine has named <strong>U.S. Security Associates</strong> one of its Training Top 125.</p><p><strong>Visualant, Inc., </strong>has received a patent from the U.S. Office of Patents and Trademarks on its ChromaID technology, which can be useful in marking goods invisibly to prevent counterfeiting. </p><h4>ANNOUNCEMENTS</h4><p><strong>ADI</strong> is opening branch locations in Jackson, Mississippi, and Mobile, Alabama.</p><p>A new app from the <strong>American Red Cross </strong>teaches children about emergency preparedness via a game. Monster Guard can be played on tablets and other mobile devices. </p><p><strong>Boon Edam Inc.</strong> is expanding its training programs for dealers, installers, and end users. It will offer free monthly webinar training, plus more sessions of factory training.</p><p>The <strong>Digital Risk Management Institute</strong> is a new nonprofit organization that will develop best practices for digital risk governance and management.</p><p><strong>D-Link</strong> is offering new resources and tools, including posters, bandwidth and storage calculators, and evaluation units for its IP surveillance customers.</p><p><strong>G4S Government Solutions, Inc.,</strong> has been sold to a private equity firm and has launched Centerra Group, LLC, a global government and critical infrastructure services company.</p><p><strong>Ganz </strong>has launched a newly redesigned website at, with online product selector and simple search parameters.</p><p><strong>Geutebruck</strong> has launched a new website with clear navigation, adaptive display, and a fast search function at</p><p><strong>Milestone Systems </strong>has announced that its Milestone Husky Series of network video recorders is now available in Latin America.</p><p><strong>Napco Security Technologies, Inc</strong>., was a sponsor of the Security100 K-12 Summit in Arizona.</p><p><strong>ONVIF</strong> hosted a virtual annual membership meeting last fall, where members were updated on the work of the group and selected committee representatives.</p><p><strong>SCATI</strong> has established a sales department in Turkey.</p><p><strong>The Security Identity & Biometrics Association</strong> and the<strong> Security Industry Association </strong>have formed the Airport Entry and Exit Working Group and released Identity and Biometric Entry and Exit Solutions Framework for Airports.</p><p><strong>Securitas North America </strong>and Kaplan University are partnering to offer a scholarship to honor veterans and current members of the military in the Securitas family.</p><p><strong>TRI-ED</strong> has opened new branches in St. Louis, Missouri, and Fort Lauderdale, Florida.</p><p><strong>Zenitel</strong> is uniting its VINGTOR and STENTOFON brands under the VINGTOR-STENTOFON brand.</p> For DutyGP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p>​<span style="line-height:1.5em;">Security professionals are a company’s first line of defense in preventing and dealing with employee threats, violence, corporate sabotage, and other wrongdoing in the workplace. Amid the recent rise in workplace violence, security executives have led efforts to implement procedures aimed at countering cyberthreats, establishing a drug-free workplace culture, and eliminating hostility and harassment on the job.</span></p><p>These types of issues, however, can make both employees and supervisors hyper vigilant of their surroundings. This is especially true for security personnel, who make daily in-the-moment decisions that can affect the safety of those around them.</p><p>Thus it is imperative that security directors and other decision makers have confidence that their employees are psychologically fit to perform their jobs. When they are not, the outcomes can be catastrophic, resulting in significant harm to the company, or even serious injury or death in the workplace. In this context, psychological fitness for duty evaluations (FFDE) can be instrumental in promoting safety and ensuring that employees can competently perform their jobs. </p><p>The mechanics of an FFDE may vary, but some patterns are common. Often, but not always, psychologists and psychiatrists who conduct FFDEs are chosen by an independent company, usually referred to as a fitness for duty evaluation facilitator, which can coordinate the assessment process. This organization protects the employee, employer, and employee assistance program (EAP) in a number of ways, including ensuring that the doctors are well qualified and use appropriate and thorough assessment techniques.  </p><p>FFDEs often include a lengthy clinical interview.  Objective psychological testing is also an important part of the assessment process; doctors can review available medical records and even call the professionals who prepared those materials. In addition, they can contact workplace supervisors to learn about the employee’s at-work behavior, past and anticipated job stressors, and anticipated levels of support.  </p><p>The independent company, or facilitator, can help employers develop their referral questions for the doctors in a manner that will both help them make employment decisions and comply with applicable laws. This independent entity also provides other services, such as delivering the doctors’ reports to employers. The facilitator can act as an intermediary when doctors contact employers to discuss results with them and to ensure that all of their questions are answered. </p><p>Following are some real-world examples of typical scenarios employers face every day, based on composites drawn from common incidents. They illustrate that psychological issues can affect people of any age, race, or sex, and in any type of employment setting—including a security operation. Using these examples as context, the article offers best practice guidance on how to use and administer FFDEs and how to comply with applicable laws and current requirements.  </p><h4>Inappropriate Behavior </h4><p>The senior management team decided to downsize the company. Its vice presidents announced the layoffs, following the guidelines set out in the company’s employee assistance program. During the announcements, an employee appeared to be deeply distraught. Security personnel overheard him yell, “Wait ‘til I get back to my computer—maybe then this company will suffer and know how powerful I can be!” </p><p>The employee’s closest coworkers were obviously rattled by this incident. Nobody knew if this was a true threat or a harmless outburst because such behavior was out of character for this employee. Management, however, had noticed that this employee had been moody, angry, and distraught in prior days, and so they suspected the employee was experiencing some psychological problems. As a result, management requested a psychological FFDE. </p><p>Fortunately, the FFDE revealed that this long-term, previously stellar employee had a low potential for violence. It also revealed that he was experiencing some personal difficulties, but there were no signs of a major psychological problem. Management then worked with him and his fellow employees to encourage more appropriate workplace behavior and de-escalate the tensions he had caused.</p><p>As this example shows, organizations often struggle to determine whether or not an employee’s behavior poses an actual threat to the workplace. However, it’s the security professional’s responsibility to be vigilant regarding an employee’s warning signs and to understand when it is necessary to take action. Knowing when to consider an FFDE is vital to ensuring that the workplace remains a safe and productive environment for employees. </p><p>An FFDE is appropriate to consider when employee behavior includes threats of violence, inappropriate outbursts, suicide threats or attempts, serious employee errors, or sudden changes in mood or bizarre behavior. It’s also appropriate if management suspects the employee is suffering from a medical condition or if management has received reports from coworkers that an employee is being hostile or behaving in a way that is dramatically increasing tension at work. If management suspects that mental impairment is the cause for the employee’s difficulty, then a referral for an FFDE may be appropriate, regardless of whether there has been one incident or a pattern of behavior.</p><p> To make this judgment effectively, security directors in most cases should cooperate with HR, legal, and other managers to make the request for an FFDE. Not requesting such an evaluation may lead to legal implications and jeopardize workplace safety. Thus, as outlined below, it is imperative that security professionals know what an FFDE is, when to request one, and when applicable laws may prevent one from being requested.  ​</p><h4>When to Evaluate</h4><p>Jason has worked for a large international defense contractor for 18 years. He has held several positions during that time, including a three-year period during which he was a supervisor. A year ago, Jason was demoted because of his verbal aggressiveness with customers and an explosive temper with new employees. For example, after one disagreement he threatened to burn down a coworker’s house. </p><p>After a complaint from a female colleague, Jason was required to attend a communications skills workshop and counseling with the company’s EAP. After one counseling session, he said, “No one is going to tell me what to do, and I will keep my rifle in my truck when I come to work—every day!” Further, he threatened to use his gun at work if he were provoked.</p><p>An FFDE revealed that Jason had recently started collecting weapons, wearing camouflage, and fantasizing about killing a coworker. There were no outward signs of mental illness. However, due to his threat, his violent fantasies, and other inappropriate workplace behavior, Jason was fired to protect workplace safety.</p><p>State and federal laws, as well as collective bargaining agreements and civil service policies, often give employers the authority to require FFDEs. According to the EEOC’s Enforcement Guidance: Disability-Related Inquiries and Medical Examinations of Employees, inquiries or medical examinations are permitted if they address reasonable concerns about whether an individual is fit to perform the essential functions of his or her position.</p><p>Thus, an employer can generally require an FFDE if it is job-related and consistent with business necessity. This standard will be met if the employer reasonably believes, based on objective evidence, that the employee’s ability to perform essential job functions will be impaired by a medical condition, or if the employer suspects the employee poses a direct threat to his or her own safety or others. According to the EEOC, this standard may be met when an employer knows about a particular employee’s medical condition, an employer has been given reliable information by a credible third party that an employee has a medical condition, or an employer has observed symptoms indicating a suspected medical condition, has observed performance problems or safety issues, and can reasonably attribute the problems to the medical condition. </p><p>Still, employers who want to administer comprehensive FFDEs must be aware of the many relevant laws. Nervous employers sometimes ask for FFDEs when employees show behavior that, although worrisome, does not impact performance or jeopardize safety. For example, an employee might report paranoid thoughts to a close confidante, but still perform his or her job duties and show no signs of anger. The Americans with Disabilities Act (ADA) generally prevents FFDEs in such circumstances, under the rationale that the employee’s thoughts neither affect his or her ability to perform critical job tasks nor reveal indications of potential violence. In sum, if the employee has not endangered his or her own job performance or workplace safety, the employer may not request an FFDE, even though the employer might suspect mental illness.  </p><p>On the other hand, in safety-sensitive fields, such as aviation, law enforcement, healthcare, and transportation, the threshold for requiring an FFDE is lower. Preemptive FFDEs, requested before work performance has declined or safety issues have become apparent, may be appropriate. Because an employee’s behavior in these fields may threaten workplace safety or endanger the lives of others, it is critical for employers to monitor warning signs in these employees. These warning signs, if negligently ignored, can leave companies liable for their employees’ behavior. Juries commonly award multimillion-dollar judgments against employers for failing to take appropriate action regarding impaired or dangerous employees.</p><p>In addition, certain state and federal laws, such as the U.S. Occupational Safety and Health Act of 1996, require employers to proactively maintain workplace safety. And in some instances, courts have found that in highly stressful and dangerous jobs, employers might have the obligation to require an FFDE even before the employee’s job performance declines.  ​</p><h4>Best Practices</h4><p><em>Jim had been with ABC Trucking Company for 15 years. He had been a trustworthy and reliable driver for most of that time. His dispatcher noticed that recently he seemed confused and was often late completing deliveries. Security personnel suspected that drug use might be a factor. When confronted with these issues, Jim claimed to have no idea about his problems. After a psychological FFDE, it was clear that he had early signs of dementia. The company then arranged for his transfer to a different position, and eventually for his early retirement.</em></p><p><em>In another case, Judith, an older employee, was having work performance issues. It was her job to monitor the feeds from security cameras, and she recently failed to identify a break-in. She also had become irritable, snapping at customers and coworkers. Thinking she might be depressed or have some other medical issue that was impairing her cognitive ability, the employer referred her for an FFDE. The psychiatrist who performed Judith’s FFDE noticed that she relaxed considerably, and seemed less distracted, when she moved from the noisy waiting area to the privacy of his back office. Upon questioning, he learned that Judith’s new hearing aid picked up sounds from distant corners of the large work area around her desk. When this happened, she felt anxious and distracted. His suggestion to move her to a quieter work area resulted in a tremendous improvement in mood and concentration. </em></p><p>To ensure that workplace safety remains protected, security executives should have well-thought-out practices for both arranging the FFDE and proceeding once the completed report is received. To achieve this, companies should follow an eight-step program–purpose, policies, protocol, paperwork, procedures, partnership, personalization, and a plan.  </p><p><strong>Purpose. </strong>The first step is to know the purpose of the FFDE. As required by the ADA, such examinations must focus on the employee’s ability “to perform essential job functions or to work without posing a direct threat.” Therefore, security executives must be clear in their purpose of determining an employee’s ability to safely carry out tasks critical to his or her performance. Thus, the FFDE must be designed to answer very specific questions. </p><p><strong>Policies. </strong>The company should develop well-defined FFDE policies. These should be informed by state and federal law and be applicable to collective bargaining agreements. Employer security policies should identify scenarios when an FFDE might be appropriate and when FFDEs should be mandatory. They should also specify the manner in which the employee is notified about the FFDE—typically, both orally and in writing. The policy should clearly establish the consequences for employees who refuse to participate. </p><p><strong>Protocol.</strong> The next step is to establish a collaborative team protocol to ensure that only the appropriate parties see an employee’s sensitive information. This may include security, HR, legal, and EAP professionals. It is critical to identify each player’s role and determine who works with the employee and who works with management. Keeping these areas separate can help the company maintain employee confidentiality and preserve working relationships. </p><p>For example, if EAP professionals work directly with the evaluating psychologist or psychiatrist, they might become aware of an employee’s personal information. To the extent that this is not relevant to job performance, they should protect that sensitive information from other team members. Similarly, the employer’s lawyers might work only with the employer, rather than with the employee. </p><p><strong>Paperwork.</strong> Companies must determine the paperwork needed to document the objective evidence required to justify the FFDE. This can include the employer’s direct observations, credible third-party reports, or other reliable evidence. </p><p>An employer should be able to create a detailed statement of the problems that led the company to the conclusion that the employee is unable to safely perform the essential functions, and why a medical condition may be contributing to these problems. The amount of evidence necessary to support an FFDE depends on the functions of the job; safety-sensitive jobs often require less evidence. </p><p><strong>Procedures.</strong> As part of the program, companies must also establish referral procedures to send employees to the appropriate mental health specialist. To do this, the nature of forensic FFDEs must be understood. In clinical treatment exams, doctors typically develop a therapeutic alliance with their own patients. In contrast, a forensic FFDE doctor does not establish a standard doctor/patient relationship. FFDE doctors, such as psychologists and psychiatrists, do not treat the employee, but instead impartially gather objective evidence. They then give the employer the information they need to make the best employment decision. They do not have a primary obligation to the employee, and therefore they can more impartially protect the workplace. Hence, it is usually a poor practice to enlist the services of a doctor who establishes a treatment alliance with employees and does not understand the importance of neutrality. </p><p>Objective psychological testing can be an important part of the data collection that goes into a forensic FFDE. Such testing can improve doctors’ accuracy and help the evaluation withstand the scrutiny of litigation. </p><p>The FFDE can make use of the many assessment tools that have become commonplace during hiring, career promotion, and leadership development programs. Courts often place significant weight on objective psychological test results, so obtaining an FFDE from a doctor who incorporates objective testing can be a good practice for ensuring the most accurate and objective information and guarding against legal challenges.</p><p><strong>Partnership. </strong>Companies should consider establishing a partnership with a third-party facilitator. This independent entity can select a doctor and help encourage a thorough assessment, with psychological testing, that is consistent with state and federal laws. A third-party facilitator may serve as an intermediary between the doctor and the employer, which can reduce concerns about the employer having undue influence on the doctor. The facilitator can also oversee the assessment process. </p><p><strong>Personalized.</strong> Personalized referral questions should be written to address the specific circumstances of each individual referral. These should be written to help the employer get the information needed to make the best employment decisions, while not overstepping the limitations on FFDEs imposed by law. For example, the employer may not write overly broad questions requesting information about the employee’s complete medical or psychiatric history. The referral questions should be limited in scope and clearly tied to employment.  </p><p><strong>Plan.</strong> The final step is to have a clear plan for the results. The results of an FFDE might reveal that an employee is fit for duty, needs treatment or accommodations, could be helped by managerial changes or a work adjustment, or is unfit and presents a clear safety risk or is unable to perform job tasks. Given this range of possible scenarios, the employer must have a clear plan of how to take action based on the report. </p><p>This is a good time to rely on the internal team. Knowing about security, the law, EAP, accommodations, and disability management, they can coordinate their efforts to achieve the most beneficial outcome.  </p><p>Fitness for duty evaluations, when focused on employee work behavior and consistent with the law, can greatly help employers maintain safe workplaces. But achieving this end can require the collaboration of professionals with different areas of expertise. Fortunately, this goal is within reach of most employers who take the time to learn about the potential benefits, and how to avoid the risks, of FFDEs. </p><p><em><strong>Dr. David Fisher</strong> is a psychologist and has been president of PsyBar LLC since 1995. Fisher oversees independent psychological and psychiatric evaluations performed across the country through a network of 1,800 psychologists and psychiatrists. He publishes and lectures on psychiatric and psychological assessment, and has developed national assessment protocols.</em></p> News March 2015GP0|#3795b40d-c591-4b06-959c-9e277b38585e;L0|#03795b40d-c591-4b06-959c-9e277b38585e|Security by Industry;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<strong></strong><span style="line-height:1.5em;"><strong>Walsh Award Goes to Sparks</strong><br><br></span><p>The 2014 Timothy J. Walsh, CPP, Award has been bestowed by the ASIS Foundation on Sergeant Walter Kevin Sparks, a law enforcement officer with the Georgia Ports Authority. The award includes the tuition and travel expenses for the Assets Protection Course I (APC I), one of ASIS International’s oldest and most respected educational programs, which will take place in Las Vegas, Nevada, March 16 to 19.</p><p>“I’m a career law enforcement officer, but I’ve begun planning for my career after law enforcement. In doing so, I felt that I needed to expand my networking opportunities, so I joined ASIS in 2013,” says Sparks, who is a member of the Savannah-Lowcountry Chapter. “I am currently pursuing a master’s degree in security management from American Military University, and I just attended my first ASIS Annual Seminar and Exhibits in Atlanta. I am active in my local chapter as membership chair and newsletter coeditor, and on the ASIS Physical Security Council as cochair of the Chapters and Councils Liaison Committee.”</p><p>Sparks’ employer, the Georgia Ports Authority, watches over the deep-water ports of Savannah and Brunswick, together with inland barge operations in Bainbridge and Columbus. These are the critical conduits through which raw materials and finished products flow to and from destinations around the globe. The ports serve as magnets for international trade and investment, enriching the state’s economy. The Authority states that it is dedicated to providing customers with the most efficient, productive port facilities in the nation, and to creating jobs and business opportunities to benefit more than 9.7 million Georgians. </p><p>“APC I will help me gain critical knowledge. As a law enforcement officer for the Authority, I am tasked daily with the protection of millions of dollars in assets and the protection of personnel at our facilities. This is a new arena for me as a law enforcement officer, as I now supervise law enforcement and security personnel tasked with providing access control and physical security for our facilities,” he says.</p><p>The Walsh Award was introduced in 2004 to honor Timothy J. Walsh, CPP, ASIS president from 1964 to 1965.</p><p>Walsh was an ASIS pioneer who served at the committee, chapter, and national levels. He created and taught APC I, the longest-running education program in ASIS history, and coauthored the Protection of Assets Manual. </p><p>In 1967, Walsh served as a member of the first ASIS Foundation Board of Directors (later Trustees). Walsh also played an influential role in developing the Certified Protection Professional® (CPP) program. He was a member of the task force that proposed a certification program to the ASIS Board of Directors and served for four years on the Professional Certification Board. He was involved in the monumental task of identifying and organizing the subject matter to be included on the original certification examination.</p><p>Walsh Award winners are nominated by their chapter. They must be members in good standing and may not already have attended an APC I course. In addition, applicants must have at least two years of security experience. The application dates can be found at the Foundation tab of the Society’s website, The Foundation Board of Trustees selects the winner.</p><p><br></p> Upon a Time in ColombiaGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p>​<span style="line-height:1.5em;">My job was to provide executive protection and operational risk management guidance to a senior project manager working on behalf of a consortium of international investors. The manager was going on a site visit to view the location for a possible gold mine investment near Antioquia, Colombia. This operation was to be one of many that I worked on for clients in the region, providing risk consulting and operational risk management support.</span></p><p>After two days in the country, my team and the client had been briefed. We would be leaving the city of Medellin to make a reconnaissance trip into the acountryside to view the infrastructure and the lay of the land. At only a couple of hours from Medellin, the expectation was that there would be limited problems, because our route would take us through areas still mostly within reach of a state presence.</p><p>During our reconnaissance, various choke points and communications black spots had already been identified. But a determination was made that the trip was manageable from a security risk perspective.</p><p>Our requests had all been met by the client—including company ID cards for everyone to ensure that those of us in the protection detail would not be singled out for special treatment at the hands of any potential aggressors. We would be dressed similarly to the project manager to ensure a low profile and travel in clearly identifiable vehicles emblazoned with company livery, equipped with GPS trackers and a panic button.</p><p>Winding through hills and valleys in our armored 4x4, our progress was reasonable—despite the poor infrastructure, abundant potholes, and a torrential rainstorm. I was communicating frequently with a colleague back in the city at preplanned intervals wherever my cell phone, backup cell phone, or GPS system would allow.</p><p>Our visibility was poor because of the storm, but spirits were high as we were safe in the knowledge that our emergency response vehicle was a short distance behind us. However, we were having a problem reporting to the head office. Both the weather and the terrain were hindering our communications equipment.</p><p>Approaching a small town, we ran into trouble. The rain was bucketing down, visibility was almost nil, and all around us were homes that had been so hastily built that their corrugated iron rooftops and walls threatened to blow away in the next strong wind.</p><p>Ahead of us, blocking the narrow street, was a broken-down bus at the crest of a hill. The warning signs were clear. This was not a formal roadblock as I had encountered elsewhere, but it might as well have been. There was no way around.</p><p>Joking boisterously, our project manager in the back seat made light of the situation and his voice carried outside through a slightly lowered window. His intonation and foreign accent were noticed by some suspicious characters who’d been carefully observing locals alighting from the bus. A member of the group moved towards our vehicle and the window that had mistakenly been cracked open.</p><p>The houses and shops on either side of our vehicle, the narrowness of the street, and the stationary bus provided perfect cover and handed the advantage to our aggressors. This was also one of the black spots I had identified during my advance work. There was no signal on our cell phones, limited GPS coverage via our tracker, and the panic button—hidden on my person—was of no use given the topography of the region and the fact that we were inside a vehicle.</p><p>Even if the triangulation of our position was successful, we were so far from the city we had left behind that any response plan from my colleague would be hours in coming. My only reassurance was that I had been able to fire off a report location message approximately 15 minutes before sighting the bus.</p><p>Prior analysis of the region and its key players suggested that the group we were facing was likely affiliated with the Rastrojos—a Colombian drug trafficking paramilitary organization—and we could see that they were disorganized and, quite possibly, drunk or high. This could conceivably provoke rash decisions from them. They had no radios, and we could assume that their telephones were also inoperable. They were also conspicuously armed, each brandishing a pistol.</p><p>The leader of the group approached our vehicle, spotting the client who had his expensive camera equipment slung around his neck. Banging on the window, first with his knuckle, then with the butt of his pistol, the leader motioned that we should hand the camera over to him.</p><p>Rather than becoming a fatal statistic in Colombia, I had to get my client, my driver, and myself out of this situation. I reached behind me for the camera, ensuring that my movement was calm and measured, not wanting to trigger any kind of reaction from the man with the gun outside. I flicked the switch that ejected the memory card, cracked my window, and passed the camera through the smallest gap possible.</p><p>At the same time, I urgently ordered our driver to mount the curb and swing our armored SUV around the bus. We had to move, but the driver was concerned about having enough space to pass, the height of the curb, and the ragtag group’s reaction. In the best Spanish I could muster, I convinced him to follow my commands.</p><p>His right foot slammed onto the accelerator and we bounced up over the curb, careening past the bus and leaving the Rastrojos behind with only an empty camera and half a passenger side wing mirror in their possession.</p><p>After putting significant distance between us and the town, we paused to assess the events, conduct a communications check, and make sure the client was okay. I also used the time to send a situational report back to my colleague in the city.</p><p>The window being cracked in our vehicle was wrong. I should have advised the client to remain silent and to keep his camera hidden until we arrived at the site, if not permanently. </p><p>Everything had changed in the space of half a minute and no one could have foreseen a broken-down bus at this particular spot. But it is our job to constantly reassess the situation after every action taken, after every turn of the wheel. Looking back, the advance work was essential, but it’s a naive, or stupid, operative that relies on technology for crisis management.  </p><p><span style="line-height:1.5em;">--</span></p><p><span style="line-height:1.5em;"><em><strong>Benjamin Hockman </strong>is a Senior Consultant for crisis and security consulting with Control Risks in Bogata, Colombia. He is a member of ASIS International.</em></span><em></em><br></p> in DataGP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p>​<span style="line-height:1.5em;">Big data, now being leveraged in countless business and security contexts, may also be of significant benefit to those involved in disaster response operations. Through the use of analytics and sophisticated data collection, actionable knowledge of on-the-ground conditions, available recovery resources, and situational awareness factors can be enhanced, and they can be of great assistance to response planners and security teams.</span></p><p>At first, all this promising information may seem like an embarrassment of riches. But getting from Point A to Point B—from collecting massive amounts of raw data to having focused, actionable information at the ready to inform critical decisions—can be a hard road, filled with hazards. Experts are still trying to work through these obstacles, in particular those that hinder information integration, access, and translation.   </p><p>“Data is an asset. And an asset doesn’t do you any good unless it’s liquid,” said Thad Allen, the former 23rd commandant of the U.S. Coast Guard who led government emergency response operations for Hurricane Katrina and the Deepwater Horizon oil spill. Now executive vice president with Booz Allen Hamilton, Allen spoke at a recent event held at the National Press Club called Technology-Enabled Decision Making in Support of Disaster Response, Recovery & Resilience, which he moderated. </p><p>“Most of the issues related to Big Data, at least from where I sit, are not necessarily technology issues,” Allen said.  “The real issue is….how do you actually manage this process?” </p><p>That management process comes with challenges at every stage, experts say. On one end, the initial process of integrating data can be hindered by technological difficulties. This can be a problem for emergency response operations, which sometimes need to combine data sets—like correlating information about on-the-ground conditions with an inventory of available resources. Some organizations have “every shiny pebble piece of technology known to man” to collect this information, but they are separate pieces of technology that are not interoperable, said Brad Medairy, senior vice president with Booz Allen.</p><p>“When you look at the product vendors out there, they all have these great technologies. The problem is they are not incentivized to actually work together,” Medairy said. “If the technologies don’t work together, how do you share data?”</p><p>In turn, efforts at making hardware more compatible can be hampered by budget constraints. The post-9-11 period was a heavy investment environment for the security and disaster response fields;  now, technology procured in the wake of 9-11 is aging, so maintenance costs are increasing—often while overall security budgets are staying flat or decreasing. Thus, Medairy has found that some companies are in need of more technology to merge disparate systems, but can’t afford it. </p><p>And systems modernization may warrant the phasing out of old equipment. This process can be tricky. Sometimes executives become invested in old technology systems, even if their worth is uncertain, said Sam McLean, acting deputy of the office of policy, architecture, and governance at the Federal Emergency Management Agency (FEMA). </p><p> “We have a lot of systems that our program officers deem to be mission critical or mission essential systems. But I don’t know that we in the past used the right criteria to establish this,” McLean said. “So, we continue to put money into those systems because somebody says we have to.” </p><p> For organizations that have successfully modernized and now have working systems that are vigorously capturing data, there is another challenge: overload. Not all data is good data. To illustrate, Medairy quotes analyst Nate Silver: “Every day, three times per second, we produce the equivalent of the amount of data that the Library of Congress has in its entire print collection. But most of it is like cat videos on YouTube, or 13-year-olds exchanging text messages about the next Twilight movie.”</p><p> “Our clients continue to deal with too much data—they’re drowning in data. They lack true insights,” Medairy explained. “In many cases, they don’t even know what questions to ask.” This has led to an increasing need for “data janitors” to sift through data and decide what is rubbish and what is potentially valuable, he added.</p><p>Once relevant data is identified, another pitfall awaits: a gap that frequently exists between the data scientists, who are working directly with the information, and the executives or officials who need to use the data to support actions and decisions. “There’s a major information sharing problem,” said Ellie Graeden, director of strategic systems analysis for Gryphon Scientific. </p><p>Scientists, she said, are skilled at making theoretical models from data, but they are less adept at making models that connect the information to timely real-world issues. “What the scientific community is not doing a good job of is figuring out what kind of questions are being asked, and then [determining] what figures they can generate,” she explained.  </p><p>Allen, who concurred, highlighted this problem by citing an incident from his work after Hurricane Katrina. After the storm created a diaspora of 1.5 million displaced citizens, Allen wanted to use a density chart at a press conference that would compare zip code regions in terms of number of residents applying for FEMA assistance. Allen said he knew that the data was available, but creating the chart was an enormous challenge. </p><p>“Translating the very complicated models produced by scientists, and making them understood by subject matter experts involved in the response who have to use them, is very, very critical,” he said. The incident, he added, showed the need for “data emancipation”—releasing data in such a way that laypeople can understand it. </p><p>Moreover, there’s another information-sharing problem that can come with the use of Big Data. The federal government collects piles of potentially useful data, but sometimes agencies consider certain data sets too sensitive to share. These ownership issues still need to be broken down, McLean said. “Some people say data belongs to them. It doesn’t belong to them. It should belong to everyone,” McLean said.   </p><p>While the challenges are numerous, experts said they have also seen successes in managing Big Data, and they offered observations and advice based on those positive experiences.</p><p>On the technology side, Medairy said that some companies are having success with a gradual process of modernizing and streamlining their data operations. “One of the strategies that we focus on is starting small and scaling up. We call it the one miracle at a time strategy,” he said. For example, some are migrating away from legacy databases into ones that use open source technology to streamline and automate the date ingestion process, which can make the resulting data sets more manageable, and also make for budget savings. </p><p>To address the “translation gap,” Graeden sees organizations that are looking to hire staffers who understand data and have quantitative skills, but who also have the ability to convey the findings in an understandable and meaningful way. “They need to be able to draw one simple picture that can tell a story,” she said. These multitalented staffers have diverse backgrounds; Graeden said she has seen them come from a range of fields, including statistics, physics, and biology.  </p><p>In addition, crowdsourcing is another potential source of data that can be effectively leveraged in emergency response situations. Graeden cited Did You Feel It?, a crowdsourcing program run by the U.S. Geological Survey (USGS), in which residents send in their locations and tremor reports—“my dishes shook and the table vibrated,” for example—which USGS then uses to map out fault lines and help gauge the severity of an earthquake.  </p><p>The crowdsourcing concept can also apply to information sharing during the management of a response, Allen added. He cited a Harvard University study of the response to the Boston Marathon bombings, which found that, in essence, the response operation was successful in part because no one was in charge. According to the study, which was released in April 2014, during the 102-hour response event, various agency leaders were able to exhibit “swarm intelligence” though cooperation, information sharing, and unity of mission, and so they acted as a “unified cadre of crisis leaders.”</p><p>Finally, McLean touted the usefulness of establishing broad enterprisewide strategies that integrate data management with other components of disaster response operations. Working with Big Data, he said, is “about providing decision makers with relevant information regarding the status of the response.” And if the data is actionable and relevant, it will also continue to be a valuable tool to enhance rebuilding efforts. </p><p>“[Data] is also about, lastly, economic recovery,” McLean said. “It’s about the whole community.”</p>’s-Perspective.aspxAn Insider’s PerspectiveGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p>​<span style="line-height:1.5em;">With years of experience offering executive protection services in South America, Benjamin Hockman provides risk consulting and operational risk management support to clients throughout both the Andean and Central American regions. He sat down with Security Management to provide an exclusive insider’s look at the essential best practices necessary to run a successful executive protection operation.</span></p><p>Among the issues critical to any executive protection detail are advance work, vehicle selection, staffing, and whether the team should carry firearms.</p><p><strong> Knowledge. </strong>Part of any effective executive protection operation is knowing what’s going on in the area you’re working in. “If you don’t know the environment you’re working in, or going to be working in, you can’t effectively and safely deliver an operation like this,” Hockman says. “It’s absolutely essential to have an understanding of what’s going on where you are from a security perspective, to understand the economy, to understand the politics.”</p><p>With the Internet, learning about a country and its economy, politics, major crime centers, and other general security information is easier than ever. Hockman uses a variety of news sites, and the company he’s currently with has in-house data sources that he can use to keep up-to-date with the latest information. </p><p><strong>Reconnaissance.</strong> “Advance reconnaissance is probably the most important part of any executive protection detail, whether it’s armed or unarmed,” Hockman says. “If the planning’s done well, you should be able to reduce or completely remove a large amount of the risk that could affect an operation.” </p><p>Typically, reconnaissance is conducted about a month in advance of a trip and consists of “really detailed route analysis,” with distances between fuel stops, police stations, hospitals, and communication dead zones carefully measured. </p><p>Executive protection professionals also identify a number of alternative routes as well, “partly so that we can vary the routine—which is obviously important for security—but also so, if we get to a point and we’ve got a problem…we’ve got a load of other options that we can quickly move to,” Hockman explains. This will also aid in contingency planning for ambushes and medical emergencies. Such planning is done during reconnaissance work to ensure that the client can get out of a dangerous situation as quickly as possible.</p><p>Photos are taken throughout the reconnaissance work to share with the rest of the team. “If there was a big team on an operation, it might be that only one or two of them would go out and do the advance reconnaissance work, so they’ve obviously got to paint a clear picture for the rest of the team when they get back, and we do that using diagrams, schematics, photos, and things like that,” Hockman adds.</p><p>Furthermore, part of reconnaissance might involve reaching out to the local community directly to open communication with local law enforcement and others. “Depending on the job, the advance work may involve liaising with the local community to ensure that they’re ready for our arrival,” Hockman says. “We might also make contact with the local authorities and ask them if there’s anything they need to know, is there anyone they’d like us to communicate with?” </p><p>However, this is done on a case-by-case basis; the team may not want to tip off individuals that a client is coming to the area. “In environments where we’ve got such a tenuous relationship between the state and the criminals—like Colombia and Mexico and so many other parts of the world—there you would obviously want to limit your reliance on anyone that you didn’t know,” Hockman explains.</p><p>After all of this information is gathered, the reconnaissance team goes out a day or two before an operation to check the routes again to ensure that nothing has changed between the original reconnaissance mission and the client’s arrival. </p><p><strong>Vehicles. </strong>Based on the reconnaissance findings, the executive protection detail decides what kinds of vehicles the team will use to complete three different jobs: immediate advance reconnaissance, transporting clients, and emergency response. Immediate advance reconnaissance vehicles travel five to 10 minutes ahead of the main convoy, radioing back if there are any problems ahead—“anything from a security problem to something doesn’t seem right to there’s a blockage in the road,” Hockman explains.</p><p>Emergency response can be one vehicle or several depending on the operation, and their job will “usually be to race to the scene of an incident and actually provide a physical deterrent or physical blockade if that’s required,” he adds. Or, a single vehicle can be used to transport all of the executives away from the scene. It can be any type of vehicle, but is usually dictated by the terrain and should be large enough to accommodate all of the executives at one time, Hockman says.</p><p><strong>The team.</strong> Using information garnered during reconnaissance, Hockman would also use the seven Ps—people, places, personality, prejudice, personal history, political views, and private lifestyle—to assess the level of risk a client has. This methodology allows the team to learn almost everything about a client and make a judgment about how large the team should be. For instance, in Hockman’s Colombia example, the team consisted of him, the driver, and an emergency response vehicle—making it a relatively small operation. </p><p><strong>Attire. </strong>Once the team has been created, one major decision it has to make is whether to dress like a security team or a group of business professionals. In Hockman’s story, they chose to wear business attire and use vehicles with the company livery because “we didn’t want to look like a security team,” he explains. “If we’re automatically assumed to be a security team, there’s potentially an assumption there that we’re carrying guns, and that’s never a good thing.”</p><p>“In some environments, you might argue that by showing that the client and the team are affiliated with a big company, you’re actually increasing their value,” he explains. “You’re showing criminals that this is part of a multinational company, and you’re alluding to the fact that there’s some money behind that.”</p><p>In some cases, this could increase the likelihood of kidnapping, but showing company connections can also be a turn-off for some criminals because a company's response can drain resources, cause bad PR, or get the authorities involved. </p><p><strong>Firearms. </strong>Another major decision the team has to make is whether to be armed when working with a client, and a large factor in that decision is where the operation is taking place. “The environment where you see these heavily armed guys in Iraq and Afghanistan and the Middle East is very different to the one that I work in in South America where, arguably, you’d say the risk’s equally as real. And it’s no safer to be at the hands of a Colombian drug cartel or a Mexican cartel than it is to be facing down ISIS or al Qaeda in Iraq,” Hockman says. “The difference is that, in these environments, you can’t just drive around or walk around armed because you’ll get shot by the police potentially.”</p><p>Also, in South America the criminals are often better armed than the police or the federal government. “If these groups are that well armed and that well prepared…what are our two guys with a couple of pistols and a car going to do, apart from make the situation worse?” Hockman asks. He adds that, instead, his team does its best to avoid risk in the first place and focuses on evacuation—not confrontation.</p><p>“We want to be looking at how we get out of that situation, and not stand and exchange gunfire with these people, because our two guns and our 12 bullets aren’t going to do anything,” he adds.</p><p><strong>SOPs. </strong>Once the reconnaissance work is completed and the team assembled, the information is put into standard operating procedures (SOPs) that detail everything from the client, the locations, the routes for travel, and contents of vehicles involved. </p><p>“It’s basically like an idiot’s guide to the operation,” Hockman jokes. The day before the operation, the team then runs through the whole SOP, which might take three or four hours depending on the operation. “You’re talking through absolutely everything, from emergency procedures…all the way through to phone numbers, communication procedures, everything.”</p><p>All of these steps come together in an effort to reduce risk as much as possible for the operation, but nothing can eliminate risk entirely. “Obviously, there’s always an element of uncertainty and things you can’t control, but if the planning’s done well, you should be able to reduce or completely remove a large amount of the risk that could affect an operation like this.”  </p>