Security Management Magazine Cover
​Beginning December 2016, Security Management will also be available as a PDF. View ​Issues available for Download

 July 2017 Review: Interviewing2017-07-01T04:00:00Z<p><em>​Advanced Interviewing Techniques, Third Edition. </em>​Charl​es C. Thomas;; 216 pages; $39.95.<br></p><p>​An excellent reference for anyone who interviews people on a regular basis, the third edition of <em>Advanced Interviewing Techniques </em>offers varied methods for conducting interviews. Authors John R. Schafer and Joe Navarro acknowledge that there is no one-size-fits-all interviewing technique, so they explore many.</p><p>While the title implies that these are advanced techniques for interviewers, in fact, the techniques outlined in the book are fairly standard for the experienced interviewer. Nonetheless, the novice interviewer will find much to learn here.</p><p>The book is written in a concise and reasonable fashion. The table of contents flows in a logical sequence. The first chapter concisely and appropriately details the importance of planning the interview, and subsequent chapters contain short but substantive scenarios and interviewing tips. </p><p>The authors clearly have considerable experience. They cite and give credit to other authors to better illustrate key points of learning, including the interview setting, props, and other logistical considerations. They point out how critical these issues can be without dwelling on them.</p><p>While topics and techniques are discussed in a concise fashion, that brevity does not detract from the key ideas; rather, it engages the reader to understand the point without getting bogged down in unneces­­s­­ary verbiage. </p><p>Chapter 8, “Detecting Deception,” is exceptionally noteworthy. It neatly describes the techniques and observable behaviors that can help interviewers perceive deceptiveness on the part of the interviewee.</p><p>This book is an excellent resource for its intended audience, which is primarily military, law enforcement, and intelligence gathering personnel. Although HR personnel are also ad­dressed by the authors, the contents of this book will be of limited value to them.</p><p><em><strong>Reviewer: James E. Whitaker, </strong>CPP, PCI, CFE (Certified Fraud Examiner), has more than 40 years of experience in law enforcement and private sector investigations. He served on the ASIS Investigations and Insurance Fraud Councils and serves on the Healthcare Council and the PCI Review Course Faculty. Whitaker has also been active with the Association of Certified Fraud Examiners.</em></p> Review: Insider ThreatGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p><em>Insider Threat: Prevention, Detection, Mitigation, and Deterrence. </em>​ Butterworth-Heinemann;; 252 pages; $49.95.​<br></p><p>​Organizations face an increasing number of risks in today's uncertain and complex world. Security has become even more challenging with the digital transformation of the business environment. These challenges are not limited to external threats, so it is equally important to manage and mitigate threats within the organization.</p><p><em>Insider Threat: Prevention, Detection, Mitigation, and Deterrence </em>aims to provide a people-centric and technology-enabled approach for creating a program to identify and mitigate the risk of insider threats. Author Michael G. Gelles sets the stage with a clear conceptualization of the insider threat, the motivations underlying the behavior, the challenges for maturing a program, and the changing nature of the phenomenon over time. </p><p>Each of the 15 chapters, with contributions by various specialists, provides insights and strategies on key segments for building a holistic and risk-based program. Topical contributions relate to data analytics, information security, cyber and supply chain risks, just to name a few. The reader will find information on risk tolerance as well as the use of potential risk indicators. In addition, attention is given to governance, ownership, and stakeholder management.</p><p>Overall, the book is well structured and well written. The visuals throughout the book and key takeaways at the end of each chapter are practical and insightful. The manuscript taps into developments in regulatory requirements, offers advice for developing resilience against insider threats; and builds upon the wide experience, practices, and solutions of multiple well-qualified contributors.</p><p><em>Insider Threat</em> is of great value to the professional who manages or aspires to manage the prevention, detection, response, and deterrence of insider threats.</p><p><em><strong>Reviewer: Rachid Kerkab</strong> has almost two decades of experience in criminology, security, risk, and resilience. He is a member of ASIS.</em></p> Review: The Ongoing WarGP0|#21788f65-8908-49e8-9957-45375db8bd4f;L0|#021788f65-8908-49e8-9957-45375db8bd4f|National Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p><em>Spiral: Trapped in the Forever War.</em> Simon & Schuster;; 288 pages; $26.</p><p>It is often said that 9/11 changed America. The aftermath of the worst terrorist attack on U.S. soil has precipitated a Global War on Terrorism, and many lives have been lost in the effort to find those responsible and to eradicate the threat. While euphemisms have been coined, in effect, the United States has been in a constant state of war for more than 15 years now, with no end in sight. And, perhaps more significantly, America’s worldview and its core values have changed in ways that are dark and disturbing.</p><p><em>Spiral: Trapped in the Forever War</em> by Mark Danner examines how this has come to be and what it means for the United States. He examines what he calls the “state of exception” that has characterized the Global War on Terrorism and that appears to have become both perpetual and self-perpetuating, slowly eroding some cherished foundations of the nation. He identifies the corrosive effects of this on the body politic and challenges the reader to consider whether what we have been doing is counterproductive—not only to our stated objectives but, more importantly, to our own well-being.</p><p><em>Spiral</em> confronts readers with some difficult questions to ponder. Benjamin Franklin famously said, “Those who would sacrifice essential liberty to purchase a little temporary safety deserve neither liberty nor safety.” Those words may be even more relevant now than when originally spoken.</p><p><em><strong>Reviewer: Mayer Nudell,</strong> CSC, is an independent consultant on crisis management, contingency planning, and related issues. He is coauthor of </em>The Handbook for Effective Emergency and Crisis Management <em>and </em>No One a Neutral: Political Hostage-Taking in the Modern World<em>.</em></p> and SecureGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p>​With more than 8,000 Locations across the United States and approximately 247,000 employees, drugstore chain Walgreens puts a priority on protecting its assets, employees, and customers. The company’s security team, located at Walgreens headquarters in Deerfield, Illinois, strives to respond to any incident that requires attention in a timely manner, whether it be a robbery or a door alarm.</p><p>“Responding to events and dispatching is extremely important, especially in critical situations where we want to provide the best services to our people,” says Hal Friend, director of physical security and fire prevention for Walgreens.</p><p>The corporate headquarters, known as the support office, is home to around 7,000 employees. The security department, referred to as Asset Protection Solutions, is made up of asset protection officers (APOs), a physical access control systems team, and security specialists, among others.</p><p>About five years ago, the company was looking to upgrade its access control solution at its corporate headquarters and distribution centers. “We realized that we had outgrown the old platform we were on, and it wasn’t going to be able to keep up with us,” Friend notes. <img src="/ASIS%20SM%20Callout%20Images/0717%20Case%20Study%20Stats.png" class="ms-rtePosition-2" alt="" style="margin:5px;width:289px;" /></p><p>Walgreens turned to the Genetec Security Center platform, which offered an integrated video and access control solution with various features to meet the corporation’s needs. The installation was rolled out over the last few years across the corporate campus’s more than 40 buildings and distribution centers, and the last phase of the installation was completed in February 2017. </p><p>Synergis, the access control platform from Genetec, is unified with Genetec’s Omnicast video management platform through Security Center, tying the support office’s 700 cameras into one system. </p><p>Synergis operates card readers and turnstiles located throughout Walgreens’ support office campus and allows Walgreens to easily issue temporary badges for employees who forget or misplace their credentials. If workers forget or misplace their cards, they must produce identification to one of the company’s APOs. “The APOs verify in Genetec that the person is a badged employee, and then we have a process in Synergis to issue them a temporary badge that will expire at the end of that business day,” Friend explains.  </p><p>Through Synergis, the company can also set an expiration date for temporary badges for vendors, consultants, and contractors who need access for only a certain amount of time. </p><p>Walgreens has a handful of high-security locations, such as data centers, which require two-factor authentication. The employees with access to these areas must present their card to the reader, and place their fingerprint on a biometric scanner. </p><p>The company has also deployed anti-passback measures, which means the worker must badge in and badge out of the high-security location to prevent the badge from being shared. “If you leave without badging out, it will prevent you from badging back in, because the system thinks you’re still in there,” Friend notes. “It helps enforce compliance in high-value areas, so that we have exact record keeping on who was where, when.”</p><p>Through Synergis, the security team can also generate ad hoc reports that show the company who has access to specific locations. “We send those reports to the managers of those high-value areas, such as the data centers, and they audit them routinely to ensure that people who have access still require access,” he says.</p><p>Security Center from Genetec integrates into the company’s own security operations center, a 24/7 monitoring location staffed with trained officers called security specialists. If an alarm goes off anywhere on campus, the officers can click the associated alarm notification to view the video. “It’s really easy to immediately get that footage to see what happened,” he notes. </p><p>Many of the cameras on campus are situated around the perimeter or pointed at access control points. This allows for easy review of video footage related to any alarms triggered by doors forced open or turnstiles that appear obstructed. If an alert goes off, “we can immediately dispatch an asset protection officer to respond to that alarm, realizing that most of the events are mistakes,” he says. “But we investigate them all in case we do have an intrusion.”</p><p>In addition to protecting the support office, these officers monitor Walgreens locations across the country and provide dispatch calls to local law enforcement in the event of an emergency, using a video management platform from a different vendor.  </p><p>When a burglar alarm goes off at any of the store locations, security specialists use high definition video to go back and view the video associated with the alarm. If they can confirm that an intruder set off the alert, they call the police. “We dispatch only on verified alarms to cut down on false alarm dispatching, which is appreciated by law enforcement,” Friend notes. </p><p>With the headquarters located in a suburban environment, near major roads and highways, Friend says that unwelcome visitors can wander onto campus, though it is a rare occurrence. “There was an instance where the Genetec platform helped us identify an individual who came to the campus, and was not supposed to be here,” Friend says. Using video, which they turned over to law enforcement, “we identified how he got in, and then assisted the police in the investigation to apprehend that individual and resolve the matter.” </p><p>Walgreens does retain video for a specified amount of time to remain in compliance with the various audits that the company participates in. </p><p>Friend says that Genetec Security Center gives the corporation the flexibility it needs to maintain business efficiencies while providing security. “We’re ensuring security, but at the same time we never want security to impede the needs of the workforce at the campus,” Friend says. “We really feel we have that experience today with what we have.”</p><p><em>For more information: Beverly Wilks,,, 866.684.8006</em></p> on the FlyGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p>​Long before Jack Hanagriff was tasked with creating a temporary camera deployment for Super Bowl LIVE, he called on Keith Drummond, senior director of sales for IDIS America, for help supplementing the city’s camera infrastructure. Drummond traveled to Houston for the NCAA Men’s Final Four tournament in April 2016 to better understand the city’s needs, and found that Houston was dealing with a common problem: it needed temporary coverage of the event area but didn’t have time to deploy a whole surveillance system.</p><p>“They have an existing video surveillance system with hundreds of cameras, but when they have these special events they don’t always have cameras where they need them,” Drummond explains. “And IP-based video surveillance is just inherently very difficult to employ and very time consuming.”</p><p>Although the Final Four was at a known location, Drummond said last-minute changes could leave officers scrambling: bad weather could force an outdoor event to relocate, or companies or celebrities might decide to throw their own side events at the last minute. “These celebrities will decide they want 10,000 people in an outdoor gathering for their party, and the city finds out last minute and now needs cameras where they don’t have them,” Drummond explains. </p><p>After visiting Houston and talking with Hanagriff about the city’s needs, IDIS and integrator Edge360 created a rapidly redeployable solution to be used during Houston’s 2016 Freedom Over Texas Fourth of July event. The solution they created could be deployed in under four hours by untrained personnel—setup only requires a place to hang the camera and a power source, Drummond notes. </p><p>John Rezzonico, CEO of Edge360, says that his military background taught him the importance of being able to adapt in the field, and he applied that logic to surveillance systems. “We came up with a solution that allows police officers to deploy cameras wherever they want, and if something changes they can quickly grab them, power them down, move them, stand them back up, and they come back up online,” Rezzonico explains. “The goal of the project is freedom of movement of the camera sensors, so that way they augment and support existing infrastructure of security that’s already in place.”</p><p>Rezzonico noted that the biggest challenge was overcoming bandwidth saturation to send the video feeds to command centers or mobile devices. “If everyone is using their cell phones at the same time, bandwidth goes away and everyone relying on it for public safety loses the video feed,” he explains. “Houston wanted a wireless solution that could augment their fixed security that was mobile and easy to deploy but could also utilize whatever bandwidth was available. Our solution didn’t just include cellular, it included WiFi and point-to-point transmission. It was all built in.”</p><p>The Freedom Over Texas event took place at Discovery Green, a 12-acre park, and 50,000 people were expected to attend. The park already had some broad camera coverage, but Drummond explains that there were a few areas where more specific views were needed. Four pan-tilt-zoom cameras were installed to focus on high-volume areas such as the stage. IDIS had to address the unique environment, taking the event itself into account. Because the fireworks show was going to be the centerpiece of the event—making the camera image go from nighttime to broad daylight with each explosion—cameras that could handle the fluctuation were required. </p><p>Video feeds were sent to the city’s main command center where they could be viewed side-by-side with the city’s existing camera feeds, but unlike the existing cameras the redeployable cameras could be viewed on mobile devices at satellite command centers and in the field. Since the main goal of the solution was to create a rapidly redeployable surveillance system, Drummond says IDIS and Edge360 tried to be as hands-off as possible during the deployment.</p><p>“We set ourselves up for failure—the concept is that they need to be deployed quickly by untrained personnel, in some cases the utility guy who had never seen them,” Drummond says. “We were obviously available if needed, but we didn’t give them any training and let them do things how they wanted.” The deployment went as expected, and there was no connectivity trouble.</p><p>During the Freedom Over Texas event, the cameras were able to use the cell network almost exclusively, but experienced occasional blips in the service. During those moments, video continued to be recorded on the camera’s SIM card, and that footage was transmitted back to the control center once the live feed was active again. </p><p>“Frankly, most of the time it’s the recorded video that’s most important, not the live video,” Drummond explains. “They are watching those cameras in real time, but most of the time there’s no action to be taken. But if an event does take place during an outage, you didn’t record it for evidence purposes. The smart failover technology changes that.”</p><p>“It’s key for cities to be able to share this system,” Rezzonico notes. “If a municipality buys it, they can send it to another one that needs it for easy deployment.” ​</p> ForensicsGP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p>​Scientifically sound forensic evidence is one of the cornerstones of the U.S. legal system. But recent research by a presidential advisory committee has questioned the soundness of some evidential techniques. This is only the latest critique of the practices of forensic science, which has faced a call for reform from some quarters.    </p><p>The most recent research has its roots in another report, which was issued in 2009 by the National Research Council on the state of the forensic sciences. That report, conducted at the behest of the U.S. Congress, was highly critical; among many other things, it found that strong protocols and standards for reporting on and analyzing evidence were lacking. </p><p>In response, various initiatives were undertaken by different U.S. government agencies, and the National Commission on Forensic Science, aimed at raising forensic standards, was formed. Additionally, in 2015, the Obama administration asked the President’s Council of Advisors on Science and Technology (PCAST) to investigate additional scientific steps that could help ensure the validity of forensic evidence used for legal matters. PCAST is a presidentially appointed advisory group of scientists and engineers.</p><p>As requested, PCAST produced a report, Forensic Science in Criminal Courts: Ensuring Scientific Validity of Feature-Comparison Methods, issued several months ago. </p><p>The report found two existing knowledge gaps. The first gap was the need for more clarity regarding the scientific standards upholding valid forensic methods. The second gap was the need for specific forensic methods to be evaluated, to better prove their validity.</p><p>To help close these gaps, the report examined seven forensic “feature-comparison” methods, which are used to determine whether an evidence sample is associated with a potential source sample, such as from a suspect. </p><p>The seven methods evaluated were for DNA analysis of single-source and simple-mixture samples, DNA analysis of complex-mixture samples, bite marks, latent fingerprints, firearms identifications, footwear analysis, and hair analysis. </p><p>Based on their analysis, PCAST recommended that judges should not admit into evidence four of the methods: bite marks, firearms identifications, footwear analysis, and hair analysis. </p><p>PCAST also suggested that judges be cautious when admitting DNA from complex-mixture samples, and it recommended that juries be advised that fingerprint examinations have a high error rate.</p><p>Several months after the release of the PCAST report, another significant development occurred: the U.S. Department of Justice announced that it was disbanding the National Commission on Forensic Science. Some experts now say that the absence of research and guidance from the commission could make the future task of challenging questionable scientific evidence in court even harder.</p><p>“Even if defense attorneys jump up and down and complain about [questionable evidence], they won’t have the power of a national commission to back them up,” Erin Murphy, a professor at New York University School of Law, told the Associated Press in April. “The status quo right now is to admit it all. The status quo is where things are likely to stay.”  ​ ​</p>’s-New-in-Technology.aspxQ&A: What’s New in TechnologyGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465<p>​Steve Surfaro, industry liaison with Axis Communications and chair of the ASIS Security Applied Sciences Council, discusses emerging technology that cities and organizations can use to become smarter and safer.</p><p><em><strong>Q. </strong>How can smart buildings increase the safety of those who work there?</em></p><p><strong>A. </strong>First responders with mobile devices can use mobile location technology to find victims inside a building without relying on GPS. If all tenants who live or work in a smart building register their mobile devices, it’s possible to find out whose phone is not registered and potentially identify the approximate location of an active shooter. Seconds count on this. </p><p><strong><em>Q.</em></strong><em> What about the future of gunshot detection and triangulation?</em></p><p><strong>A.</strong> Gunshot detection is a really controversial issue. There are companies that use triangulation technology that estimates the location of a gunshot based on strategically placed microphones, but they can produce false alarms. Newer technologies use acoustic signature recognition. It employs deep learning and can be fine-tuned to listen for a particular pattern, and, once that pattern is established, it’s repeatable and does not create as many false alarms. In an environment where there’s noise of one type, like vehicles passing by, and there’s an explosion or a gunshot or glass is broken, that is a definitive acoustic signature. </p><p><strong><em>Q. </em></strong><em>What trends can we expect to see from surveillance cameras?</em></p><p><strong>A. </strong>Thermal imaging is such a tremendous technology and is getting better. Cooled thermal imaging sensors are expensive, especially when mounted on a helicopter—but they can save lives. One such sensor located the Boston bomber after the Boston Marathon bombing. Some lower-cost thermal imaging cameras can detect temperature gradients as well, so they can discern between people moving around and an explosion. This will also help firefighters. I’m from Phoenix, and out there, and in California, people suffer so much and have lost firefighters to these rapidly spreading fires. Through this technology, you’re able to have early warning if fires start to get too close to firefighters.</p><p><strong><em>Q.</em></strong><em> What about facial recognition?</em></p><p><strong>A. </strong>It’s used largely for forensics, so if investigators are trying to find an individual based on a photo, they can run a search on a facial recognition database. But the technology is being used in other ways as well. For example, airlines are testing it to streamline boarding. Stores in St. Louis, Missouri, were being robbed a few times a month, and one chain worked with the St. Louis Police Department, which had pictures of the robbery suspects. They created technology that stored images of the robbers in a microcomputer and compared them to a camera feed of people walking up to the convenience store door. The person looks up at the camera and the door is automatically unlocked in stride. If it’s not unlocked, either you’re not looking at the camera, or your picture is one of those tagged ones. Their faces aren’t being recorded, just compared to a list of potential suspects. During the test period of six months, there were no false positives and no armed robberies.</p> Prevention Lab Review: Compliance News June 2017 Attention! Report June 2017 to Build a Wall Report Resources June 2017 Play: Resilience & Infrastructure Review: Resilience in Asia’s-Who-in-Retail-Loss-Prevention.aspx2017-06-01T04:00:00ZWho’s Who in Retail Loss Prevention and the Turnstile & Me an Active Shooter's-Note---On-Wolves.aspx2017-05-01T04:00:00ZEditor's Note: On Wolves Brief History of Bullying Report May 2017 Review: Biosecurity Steps Up

- Issues

July 2017 June 2017 May 2017 April 2017 March 2017 February 2017 January 2017 December 2016 November 2016 October 2016 September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 November 2015 October 2015 September 2015 August 2015 July 2015 June 2015 May 2015 April 2015 March 2015 February 2015 January 2015 December 2014 November 2014 October 2014 September 2014 August 2014 July 2014 June 2014 May 2014 April 2014 March 2014 February 2014 January 2014 December 2013 November 2013 October 2013 September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 June 2012 May 2012 April 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 April 2010 March 2010 February 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 December 2007 November 2007 October 2007 September 2007 August 2007 July 2007 June 2007 May 2007 April 2007 March 2007 February 2007 January 2007 December 2006 November 2006 October 2006 September 2006 August 2006 July 2006 June 2006 May 2006 April 2006 March 2006 February 2006 January 2006 December 2005 November 2005 October 2005 September 2005 August 2005 July 2005 June 2005 May 2005 April 2005 March 2005 February 2005 January 2005 December 2004 November 2004 October 2004 September 2004 August 2004 July 2004 June 2004 May 2004 April 2004 March 2004 February 2004 January 2004 December 2003 November 2003 October 2003 September 2003 August 2003 July 2003 June 2003 May 2003 April 2003 March 2003 February 2003 January 2003 December 2002 November 2002 October 2002 September 2002 August 2002 July 2002 June 2002 May 2002 April 2002 March 2002 February 2002 January 2002 December 2001 November 2001 October 2001 September 2001 August 2001 July 2001 June 2001 May 2001 April 2001 March 2001 February 2001 January 2001 December 2000 November 2000 October 2000 September 2000 August 2000 July 2000 June 2000 May 2000 April 2000 March 2000 February 2000 January 2000