Intrusion & Access Control’s-Willis-Tower-Is-Renovating-Security.aspxHow Chicago’s Willis Tower Is Renovating SecurityGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a43444652019-08-01T04:00:00Z<p>​On the ledge, nothing but a glass floor separates you from 1,353 feet of air and the pavement below. The Ledge is a glass box that extends 4.3 feet from Willis Tower, allowing 1.7 million visitors to test their nerve and experience the views from the second tallest building in the Western Hemisphere.</p><p>Willis Tower (formerly Sears Tower) was the tallest building in the world when it was originally constructed in 1970. While tourists come for exhilarating 1,800-feet-per-minute, ear-popping elevator rides to the top and the expansive views of the Chicago skyline, 15,000 people come to the iconic building every day to work. They represent the top 100 firms in Chicago, including an international airline, law firms, trading companies, and high-tech entities.</p><p>While many marvel at how a glass floor can sustain a constant flow of visitors, those familiar with the structure know that The Ledge and the tower are protected by more than plates of glass. They are protected by a complex security management program, rated as best-in-class by the U.S. Department of Homeland Security, and encompassing physical, operational, and technical systems. And now, the skyscraper is engaged in a $500 million transformation that will result in significant impacts on its operations and security, from The Ledge to the lobby.</p><h4>The Fou​ndation</h4><p>Willis Tower is one of the largest office buildings in the world, encompassing more than 4.5 million square feet of space—the equivalent of 78 football fields. Today, the tower welcomes approximately 20,000 tenant employees, tourists, business visitors, building employees, and deliveries each day.</p><p>The tower relies on a combined command center of building engineers and security staff to monitor the building’s video surveillance systems, access control alarms, intrusion detection, and continuous fire and life safety systems, along with the tower’s heating and cooling, water, and electrical systems.</p><p>The command center staff can pinpoint the exact temperature and electricity used for each floor and track the movement and destination of its numerous elevators. The building was the first to have automatic sprinklers cover every square foot of the property, and its advanced smoke detectors can zero in on the source of smoke and alert the command center to activate the exhaust system.</p><p>Security practitioners know that tracking dynamic security conditions is infinitely more complex than detecting smoke, and that is certainly the case here. The building management firm at Willis Tower, EQ Office (EQ), relies on security staff members to monitor the building in the command center, patrol the public areas, and man stationary posts at the loading docks, common spaces, tourist areas, and throughout the building at all hours.</p><p>The program encompasses a detailed security management approach to emergency planning and response, technology and personnel vetting, monitoring of packages, and evacuations. This is in addition to security and life safety training for the security team and tenants, coordination with all levels of law enforcement, and extensive documentation.</p><p>Training is paramount, especially since a major focus for the renovation is customer service. With so many diverse visitors, areas for misinterpretation are continually present and must be carefully addressed. For instance, how does a security officer on patrol tell the difference between tourists taking photos inside the building and potentially malicious reconnaissance? To address these and several other potential scenarios, in 2018 the security and life safety team trained for nearly 6,000 hours on topics encompassing active shooter, emergency operations, customer service, building navigation, and control room operations.​</p><h4>The Exp​​ansion</h4><p>“Catalog” is the soon-to-be-completed five-story, 300,000-square-foot dining, retail, and entertainment space at the base of Willis Tower. The name is a historical nod to its original developer and owner, Sears Roebuck, and its famous printed catalog. From a security perspective, this project means more square footage to monitor and patrol, more members of the public entering the space, and more media attention.</p><p>Currently, the tower’s publicly accessible retail operations are limited to the main lobby. However, the renovation plans for Catalog entail a major expansion in retail operations, including creating multistory restaurants, apparel shops, fast food eateries, coffee shops, retail venues, and a public roof deck. The overall goal is to enhance the service available at the facility and increase pedestrian access to the building beyond the typical 8 a.m.–5 p.m. business hours. The increased traffic and expanded business hours are expected to create new security challenges for the facility.</p><p>EQ recognized this early and committed to ensuring security was at the forefront of these plans, while maintaining the building’s Support Anti-Terrorism by Fostering Effective Technologies (SAFETY) Act designation. The<a href="" target="_blank"> SAFETY Act</a> is part of the Homeland Security Act of 2002 and is administered by the Office of SAFETY Act Implementation (OSAI) at the DHS Science and Technology Directorate.</p><p>The program was created to address private sector liability concerns and the lack of incentive to implement or develop anti-terrorism technology. It offers liability protections for providers of Qualified Anti-Terrorism Technologies to encourage the development and deployment of these products. Under EQ’s management, the building has held its SAFETY Act designation for the Willis Tower Security and Life Safety Services since 2013. The DHS recertified the tower’s SAFETY Act Designation in 2018. To maintain the designation, Willis Tower must report any planned changes to its program for review by DHS authorities.</p><p>The effort to maintain the vertical village’s high-caliber security program and SAFETY Act designation included a partnership between EQ and Guidepost Solutions, LLC, a security and technology consulting firm. Together, they assessed how the plans might impact onsite security and oversaw installation and testing of the security systems during the renovation.</p><p>It’s important for security to be involved in renovation and construction plans from the beginning; however, security is often the last discipline brought to the design table for input. This can result in poorly considered security solutions, lack of proper balancing of risks and controls, and a disregard for how the building will function and provide protection. In this case, EQ Office took the opposite approach by trusting the leadership of its security director and team.</p><p>This level of commitment to security is not new for EQ. Immediately after the 9/11 attacks, the Willis Tower team started preparing for the worst by consulting with safety and security experts to unify around the principle of providing safe, inviting spaces for employees and visitors. This approach to security has been adopted across EQ’s 80 locations, which comprise 40 million square feet of Class A office space throughout the United States.</p><p>Gary Michon, general manager of Willis Tower, says that “the key to this project was to bring Guidepost in early, so that we could properly plan and execute the expansion of our security systems to properly monitor and control access to more than 20,000 tenants and visitors who enter the building each day. Throughout the entire planning process, we focused on the customer access and their experience with the new technologies that are being introduced to the building and Catalog.”</p><p>The Willis Tower redevelopment project is a mammoth undertaking because the base floor of the building anchors high-rise towers and defines the pedestrian experience on the street level. EQ and Guidepost Solutions worked collaboratively to develop the security program with the focus on the tenant and guest experience. The project includes major enhance­ments to public areas across multiple floors, a rooftop space on the fourth level, all new lobbies and entrances, and new physical security solutions, such as the use of barriers; segregation of office building tenant, visitor, and public areas; barrier turnstiles that can handle 70,000-plus transactions per day; screening rooms for visitors; duress alarms; surveillance cameras; card readers; integrating elevator destination dispatch systems; and implementing a new visitor management system. </p><p>One of the significant challenges of the renovation is the increased foot traffic through the lobby, so the improved screening lanes and organized access management are imperative. The new security measures are intended to provide tenants with a user-friendly and comfortable workspace, business visitors with an efficient method to reach tenant floors, and visitors with a welcoming environment to explore retail stores, restaurants, and entertainment venues in the Chicago landmark. </p><p>Willis Tower is steadfast in maintaining its high-quality security program and ensuring the redevelopment project does not interfere with its site security posture commensurate with other similar tourist destinations. Indeed, the EQ team used the challenges presented during this project as an opportunity to provide needed security technology enhancements, focusing on replacing obsolete technology with devices capable of integrating with current systems. In addition to upgrading its surveillance cameras, Willis Tower is in the process of establishing a gunshot detection system that will monitor common areas, alert staff to emergency situations, and—via integration with the elevator systems—direct elevators away from the identified danger.</p><p>Another important element of the security strategy is the overall tenant–guest experience. Tenants of the building invite more than 350,000 visitors a year to their offices, and each visitor must register and go through x-ray and magnetometer screening equipment similar to Transportation Security Administration lines at the airport.</p><p>EQ and Guidepost Solutions developed a way to streamline this process by harnessing technology that can support multiple methods of checking in visitors. Visitors can check in by using an email or mobile pass on a smartphone, at a manned lobby desk, through a mobile concierge officer, or self-check-in at multiple kiosks.</p><p>This flexibility allows the security team to scale up their personnel levels during peak visitor times, quelling lines while offering a high-quality guest experience. Willis Tower is reaching out to tenants to share information on the new visitor management system to prepare the tenants for the influx in traffic to the tower.</p><p>In addition, the new system adds layers of security and authentication by integrating driver’s license readers into the self-service kiosks and using license plate reader technology for dock access.</p><p>To further enhance the tenant experience, EQ and Guidepost Solutions are implementing IDEMIA’s MorphoWave biometric technology, integrated into 26 new Automatic Systems Slimlane turnstiles for tenants who opt in to the building’s amenity program. The biometric technology provides frictionless access control and allows authorized tenants to wave their hand above the device’s touchless sensors for access, forgoing the need to present a credential. The turnstiles also include technology for phone-based mobile credentials and regular card readers to maximize flexibility in how tenants experience processing through the turnstiles each day.</p><p>For the much-anticipated common space, EQ sought an array of security measures to provide clear situational awareness. The common areas within the main lobbies on Franklin Street, Jackson Boulevard, and Wacker Drive will have surveillance cameras strategically located to observe and record activity.</p><p>Other measures include providing architecturally designed full-height partitions and solid doors to protect back-of-house operations and elevator access from common areas, while card readers and alarms will control access throughout. EQ installed an additional local security operations room near the new common space to focus on monitoring the public areas during normal business hours, as opposed to the entire complex.</p><p>Willis Tower is stepping away from a traditional security strategy, instead facilitating a neighborhood approach to serve as the cornerstone for the entire project by providing clear divisions between screened and unscreened individuals and deliveries. This method focuses on reinforcing a highly active, community-based environment that encourages professional networking.</p><p>Under this approach, non-screened individuals can access the common levels, but multiple layers of controls manage access to tenant spaces and allow for enhanced monitoring capabilities via analytics. The purpose is to reduce the expense of monitoring, a task with a limited return. The technology in place detects changes in the environment and alerts security staff to unusual activity, freeing up personnel and resources to monitor areas with fewer controls, such as the lobbies or common areas.</p><p>For example, instead of requiring constant monitoring of camera surveillance and guard posts, staff can use the sensors to identify any abnormal activity. This change enables them to provide greater coverage while simultaneously decreasing screen time and improving response capabilities.</p><p>Overall, major renovations can create considerable security concerns, particularly when the public area footprint of the site is expanding, a common trend in Chicago and commercial real estate. Such projects, however, also offer opportunities to evaluate the current security program in place, determine areas for improvement, and provide a means to consider needed security enhancements—and sooner in the process is always better.</p><p>It is essential to ensure leadership supports the process early, security expertise is sought and included in the design phase, and the transition process is managed to identify areas of potential risk while maintaining a valuable security certification. The key is constant communication and transparency.</p><p><em>Keith Kambic, CPP, is the senior director of security and life safety for Willis Tower. He is a member of the ASIS Commercial Real Estate Council and Building Owners and Managers Association of Chicago Emergency Preparedness Committee. Edward Batchelor, PSP, brings more than 15 years of physical, technical, and operational security design and consulting experience to his role as Guidepost Solutions' director in Chicago. Angela J. Osborne, PCI, is a regional director for Guidepost Solutions based in Washington, D.C., serving on the ASIS Commission on Standards & Guidelines and advisor to the Young Professionals Council.</em></p><p>If you would like to learn more about the renovation project, SAFETY Act Designation, and general security at Willis Tower, we invite you to our <a href="" target="_blank">G​SX ​</a>Session #4101 on Monday, 9 September 2019 from 10:30 a.m. to 11:45 a.m. in Chicago, Illinois.​​<br></p>

Intrusion & Access Control’s-Willis-Tower-Is-Renovating-Security.aspx2019-08-01T04:00:00ZHow Chicago’s Willis Tower Is Renovating Security’s-Digital-Shift.aspx2019-04-01T04:00:00ZSecurity’s Digital Shift Federal Facilities is Open? Amenity of Necessity Access At The State Intoxication Issue Of Safety.aspx2019-01-01T05:00:00ZWellspring Of Safety Review: Electronic Access Control Online With A Twist Shooting Demonstrates Vulnerabilities Of Run Hide Fight Response.aspx2018-06-29T04:00:00ZNewsroom Shooting Highlights Challenges of Securing Open Offices Charleston International Airport Modernizes Security with Pivot3 Chain Company Makes Access Control a Priority Fatalities in Texas School Shooting Peril.aspx2018-04-01T04:00:00ZPersonnel Peril No Chances Governor Unveils Major School Security Plan In Wake Of Shooting the Fire for Help

 You May Also Like... Check In<p>​Just after 8:00 a.m. on January 25, attackers detonated a truck bomb outside the gates of the Dayah Hotel in the Somali capital of Mogadishu before storming inside. Fifteen minutes later, another truck bomb exploded, and security forces were dispatched to take control of the hotel. </p><p>The hotel, located near Somalia’s Parliament building, was said to be popular with lawmakers and government officials. That may have made it a target for the attackers—later identified as al-Shabaab, an extremist group linked to al Qaeda, whose attacks are designed to turn Somalia into a fundamentalist Islamic state.</p><p>The attack in January killed at least 21 people and injured more than 50, according to CNN. It was just the latest in a succession of recent attacks on soft targets in Africa and Europe, and it raised awareness of a global and shifting threat that no international business can ignore: the risk of an attack on a hotel where a traveling employee is staying.</p><p>Since 2002, more than 30 major terrorist attacks have targeted hotels across the world. Because of this outbreak of attacks, businesses, tourism professionals, and hoteliers themselves are calling hotel risk procedures into question.​</p><h4>Hotels as Soft Targets</h4><p>Hotels became major targets for bomb attacks by terrorists in Asia in the 2000s, and the threat has since moved to Africa. Attacks against hotels in 2015 and 2016 accounted for a third of all major terrorist attacks in the world, likely because they are considered to be soft targets.</p><p>Some hotels make more attractive targets than others, for a variety of reasons. One of these is the opportunity to harm a large number of people. Hotels are gathering places, and in addition to guests there are visitors for banquets, as well as bar, restaurant, and leisure facility customers.</p><p>Another reason a hotel might be an attractive target is that it is likely to garner international media attention. The more victims there are from different countries, the more media attention the attack is likely to generate. </p><p>Attacks on hotels also express an ideology: international luxury hotels symbolize Western culture. Jihadists often consider hotels immoral places where men and women interact, and where alcohol is easily accessible.​</p><h4>Attack Strategies</h4><p>Terrorists used three attack strategies when targeting hotels between 2002 and 2015: explosives (44.4 percent), firearms (25 percent), and a combination of the two (30.6 percent), according to the Global Terrorism Database.</p><p><strong>Explosives.</strong> There are two varieties of attacks on hotels using explosives: the human bomb and the vehicular bomb. These tend to cause the most physical destruction and injure the most people, making them effective for terrorists.</p><p>Human bombs tend to have geographically restricted limits and are mainly used in spaces that are open to guests. For instance, in November 2005 in Amman, Jordan, terrorists detonated explosive belts in the ballroom of the Radisson SAS, near the coffee shop of the Grand Hyatt Hotel, and in the entrance of a Days Inn. Fifty-seven people were killed in the attacks, and more than 100 people were wounded, according to The New York Times.</p><p>In contrast, vehicular bombs account for 31 percent of terrorist attacks on hotels. This technique is used to cause large-scale material destruction and potential chain reactions from the explosion—such as gas line bursts, fire, structural collapse, and destruction of guest and staff lists.</p><p>In 2008, for example, terrorists packed a truck with a ton of explosives and drove it into the Islamabad Marriott’s security gate. The vehicle exploded, killing 53 people and injuring 271, and officials were concerned that the building itself might collapse and cause even more injuries and damage, The Telegraph reported.</p><p>Occasionally, the two techniques are used together. One such case was in 2005 in Sharm El Sheikh, Egypt, when terrorists set off a truck bomb near the Iberotel Palace hotel while simultaneously discharging a bomb in the façade of the Ghazala Gardens Hotel. They also detonated a third bomb in a parking lot of one of the city’s tourist areas. The coordinated attacks killed 88 people, most of whom were Egyptian instead of the targeted Western tourists, according to the Times’ analysis of the attack.</p><p><strong>Assaults. </strong>Terrorists often use the assault technique, armed with automatic rifles and hand grenades, to target hotels. This method makes it easier for the terrorists to damage a wider area while also killing a large number of people as they move through the hotel and its floors.</p><p>This kind of attack occurred in November 2015 when heavily armed and well-trained gunmen drove into the Bamako, Mali, Radisson Blu hotel compound. They detonated grenades and opened fire on security guards before taking 170 people hostage, according to The Guardian. Twenty-one people, including two militants, were killed in the attack and seven were wounded.</p><p>Terrorists will also move from one hotel to another, not hesitating to take clients hostage to make the operation last longer. The duration of the siege often has a direct impact on the amount of international media coverage the attack receives.</p><p>Additionally, some assault-style attacks show that terrorists had knowledge of the hotels before attacking them. For example, in the 2009 attacks on the Ritz-Carlton and the JW Marriott in Jakarta, the attackers blew themselves up—one in a parking garage at the Marriott and the other at a restaurant at the Ritz-Carlton. Authorities later discovered, according to the BBC, an unexploded bomb and materials in a Marriott guest room that was dubbed the “control center” for the attacks.</p><p>Terrorists also may plan to conduct attacks during a hotel’s peak operation times—such as during meals or organized events. For example, the attack in Bamako took place around 7:00 a.m. when breakfast, checkouts, and security officer shift changes were taking place.​</p><h4>Travel Policies</h4><p>Not all companies have well-developed travel security policies. Predictably, companies with employees who travel more frequently for work have a more advanced travel security program, as do companies that operate in countries with elevated security risks or in remote areas.</p><p>Companies also tend to have a more highly developed travel security program if one of their employees has been affected by a security incident, such as a hotel bombing, in the past. In this current threat environment, however, all international companies should review their travel risk policies because they have a duty to protect employees when they travel for work.</p><p>The European Directive on the Safety and Health of Workers at Work mentions this obligation, as do national regulations: Germany’s Civil Code, France’s Labor Code and a judgment by the Court of Cassation, and the United Kingdom’s Health and Safety at Work Act of 1974 and the Corporate Manslaughter and Corporate Homicide Act of 2007.</p><p>The United States also addresses this responsibility through its statutory duty of care obligations detailed in the Occupational Safety and Health Act of 1970. The act requires large and medium-sized companies to define basic emergency planning requirements.</p><p>Also, depending on the U.S. state, workers’ compensation laws may have provisions for American business travelers abroad. Similar obligations apply in Australia, Belgium, The Netherlands, and Spain. And case law has reinforced this legal arsenal addressing the security of employees traveling abroad.</p><p>Under these frameworks, employers must assess foreseeable risks, inform employees of these risks, and train them to respond.</p><p>And these risks are no longer reserved for employees traveling to Africa or the Middle East; the succession of terrorist attacks in countries qualified as low-risk destinations—Berlin, Brussels, Nice, and Paris—means that many companies need to address these locations in their crisis management preparation for employees traveling abroad.</p><p>Some companies have already changed their internal procedures to address these risks, including changing the way that hotels are chosen for business travel. ​</p><h4>Choosing Hotels</h4><p>Given the current threat environment and duty of care obligations for traveling employees, corporate security managers and travel managers need to work together to choose the right hotels. No matter the choice of accommodation, security and travel managers must conduct their own risk analysis to adopt the best strategy for choosing hotels for their employees. The analysis should include the destination, the profile of the business traveler, the duration of the employee’s stay, the company’s image, and the potentially controversial nature of the project in that destination.</p><p>Once the analysis is complete, companies have four options for choosing accommodations for traveling employees: international brand hotels, regional chain hotels, apartment or house sharing, or residences that are owned and operated by the company.</p><p>The most common option is to choose hotels with an international brand whose rates have been negotiated by the company. These big-name hotels can be reassuring. However, these institutions—described by some specialists as high-profile—tend to meet terrorists’ selection criteria for targets.</p><p>These hotels are also often franchise hotels, meaning they are independent institutions, master of their own investment decisions and the management of their staff. This can make it difficult for security professionals and travel managers to get answers to important questions during the vetting process: What security procedures does the hotel have in place and what is its staff management policy? Does it subcontract its security to a guard company or have its own security team?</p><p>The second option is to choose less emblematic hotels that some would consider low-profile, such as regional chain hotels—like Azalaï, City Blue, Serena, and Tsogo Sun in Pan-Africa—or independent boutique hotels. </p><p>Hotels such as these may provide more discretion than an international brand hotel, but may come with slightly lower levels of security, which could become a problem should a crisis develop. Lesser-known hotels, for instance, may not receive as rapid a response from security forces as a luxury hotel frequented by public figures and politicians. And for travel managers, this second option could be a difficult sell to employees who might be used to staying at international brand hotels.</p><p>Another option that companies might choose is to have employees stay at a private residence through the sharing economy, such as Airbnb. Google and Morgan Stanley recently began allowing employees to use Airbnb for business travel, and the company saw 14,000 new companies sign up each week in 2016 for its business travel services, according to CNBC. </p><p>For some destinations, this is not a viable option because of the lack of accommodations, but for other locations Airbnb has numerous places to stay and even offers a dedicated website for business travelers, which make up 30 percent of its overall sales.</p><p>One location where Airbnb is a pop­ular choice is in sub-Saharan Africa where a major influx of young expatriates used to traveling and staying in Airbnbs have rooms, apartments, and houses available for business travelers.</p><p>However, this option has collateral risks, and many companies forbid employees from staying at an Airbnb while traveling because of the lack of verification and vetting of the residences, which may not allow them to meet many companies’ duty of care obligations. </p><p>Also problematic is the risk that employees will get lost while trying to locate their Airbnb, as opposed to an easily identifiable hotel. And the traveler might be unable to check in when the host is unavailable to let them in or provide a key. </p><p>The Airbnb option also raises questions for security professionals: If it’s attacked, how will local law enforcement respond? Who is responsible for contacting law enforcement?</p><p>The final option is for the company itself to provide private accommodations for its travelers. This is only cost effective, though, for high-risk destinations where companies frequently send employees to work. With this option, companies have full control over the security of the accommodations. However, this level of security comes with a high operational cost—purchasing or renting the accommodation, ensuring the maintenance of the location, and supervising essential service providers, such as housekeeping and security.</p><p>Additionally, companies that choose to provide a private accommodation for traveling employees would have the responsibility to secure the property—creating a security plan; purchasing, installing, and implementing security equipment, such as access control, CCTV, and fences; and providing security staff, either in-house or through a contract.​</p><h4>Improving Security</h4><p>In 2002, a Palestinian suicide bomber killed 30 people at a Passover Seder at the Park Hotel in Netanya, Israel, in the deadliest attack during the Second Intifada. Following the attack, Israel’s hotel industry led the charge to address security threats by tightening security regulations. These regulations required the hospitality industry to staff a chief security officer in each hotel, led to the development of dedicated educational programs on security with recognized diplomas, and ultimately provided career opportunities for skilled and motivated security professionals.    </p><p>This model is one where companies can support hoteliers by including security as a key element when choosing which hotels can be used by employees on business trips.  </p><p><em><strong>Alexandre Masraff </strong>is a security and crisis management senior advisor at Onyx International Consulting & Services Ltd. and the cofounder of the InSCeHo certification program that focuses on hotel security. He is a member of ASIS International. <strong>Aude Drevon</strong> is a security analyst with a master’s degree in geopolitics and international security. <strong>Emma Villard</strong> is a regional security advisor based in Vienna, Austria, and a member of ASIS.     ​</em></p>GP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465 Your Team<p>​</p><p>Whether the action is on the battlefield or the basketball court, you can be certain that the winning team owes its success in large measure to extensive training. Recognizing the importance of training to any team’s performance, the Cincinnati Children’s Hospital Medical Center set out to makes its own training program better. </p><p>The existing training program, which the director of protective services felt lacked specificity, consisted of one of the shifts’ veteran officers sitting with the new security employees and covering several department and hospital-specific policies along with administrative topics. Additionally, the new officers would be given several commercially produced security training videotapes to view, after which they were required to complete the associated tests. Following the completion of the tapes and review of the policies and administrative procedures, officers would go through brief hands-on training for certain subjects such as the use of force and pepper spray.</p><p>Once they completed these tests and training sessions, the officers would then begin their on-the-job training. Officers have historically stayed in the on-the-job phase of training between three and five weeks, depending on how quickly the officers learned and were comfortable with command center operations. When the officers completed their training program, they had to pass the protective services cadet training test as well as a test on command center procedures.</p><p>Training council. To help devise a better training program, the security director chose several members of the staff to sit on a training council. The group, which included the director, three shift managers, and the shift sergeants, met to discuss the current training program and what could be done to enhance it.</p><p><br>Through discussions with new employees, the council learned that the existing program was boring. The council wanted to revitalize the training to make it more interesting and more operationally oriented. The intent was to emphasize hands-on, performance-oriented training. The council also wanted to improve the testing phase so that the program results could be captured quantitatively to show the extent to which officers had increased their knowledge and acquired skills. <br> <br>Phases. The council reorganized training into four phases: orientation, site-specific (including on-the-job), ongoing, and advanced. Under the new program, the officers now take a test both before training, to show their baseline knowledge, and after the training, to verify that they have acquired the subject matter knowledge; they must also successfully demonstrate the proper techniques to the instructors.</p><p>Orientation training. The orientation training phase begins with the new employees attending the hospital’s orientation during their first day at the facility. The security department’s training officer then sits down with the new officers beginning on their second day of employment. This training covers all of the basic administrative issues, including what the proper clock-in and clock-out procedures are, when shift-change briefings occur, and how the shift schedules and mandatory overtime procedures function.   </p><p>The training officer also administers a preliminary test to the new officers that covers 12 basic security subjects including legal issues, human and public relations, patrolling, report writing, fire prevention, and emergency situations. New employees who have prior security experience normally score well on the test and do not need to view security training tapes on the subjects. The officers must receive a minimum score of 80 percent to receive credit for this portion of the training. If an officer receives an 80 percent in most topics but is weak in one or two subjects, that officer is required to view just the relevant tapes, followed by associated tests.</p><p>All officers, regardless of the amount of experience, review the healthcare-specific tapes and take the related tests for the specific subjects including use of force and restraint, workplace violence, disaster response, bloodborne pathogens, assertiveness without being rude, and hazardous materials. Also included in the orientation training phase are classes covering subjects such as pepper spray, patient restraint, defensive driving, and the hospital’s protective services policies.</p><p>Site-specific training. During site-specific training, officers learn what is entailed in handling specific security reports. The shift manager, shift officer-in-charge, or the training officer explains each of the reports and has the new employee fill out an example of each. Examples of reports covered in site-specific training include incident reports, accident reports, field interrogation reports, fire reports, motorist-assist forms, ticket books, safety-violation books, broken-key reports, work orders, bomb-threat reports, and evidence reports.</p><p>On-the-job training is also part of the site-specific training phase. The new employee works with a qualified security officer for a period of two to three weeks following the first week of orientation training with the departmental training officer. The new employee works through all of the various posts during this time. At least one week is spent in the command center. The site-specific phase of training culminates with both the security officer cadet training exam and the command center exam, which were also given in the original program.</p><p>Ongoing training. The ongoing training includes refresher training in which shift managers have their officers review selected films covering healthcare security and safety subjects. The training occurs during shift hours. The officers also receive annual refresher training covering topics such as using pepper spray and employing patient-restraint methods.</p><p>Another type of ongoing training, shift training, is conducted at least weekly. Managers conduct five-to ten-minute meetings during duty hours to refresh the security staff on certain subjects, such as customer service. These sessions are not designed to deal with complex topics. Managers can tie these sessions to issues that have come up on the shift.</p><p>Advanced training. Advanced training includes seminars, management courses, and sessions leading to professional designations and certifications. Qualified personnel are urged to attend seminars sponsored by several professional societies and groups such as ASIS International, the International Healthcare Association for Security and Safety, and Crime Prevention Specialists. Staff members are also encouraged to attain the Crime Prevention Specialist (CPS) certification, the Certified Protection Professional (CPP) designation, and the Certified Healthcare Protection Administrator (CHPA) certification.</p><p>Staff members are urged to pursue special interests by obtaining instructor certification such as in the use of pepper spray or the use of force. This encouragement has already paid off for the hospital. For example, the department’s security systems administrator has trained officers on each shift in how to exchange door lock cylinders, a task that would previously have required a contractor. Officers are currently being trained to troubleshoot and repair CCTV, access control systems, and fire alarm equipment problems.</p><p>Training methods. A special computer-based training program was developed to help quantify and track the success in each of the training modules. Additionally, a program was developed to present training subjects during shift changes.</p><p>Computer training. Security used off-the-shelf software to create computer-based training modules and included them in the site-specific training and ongoing training phases, both of which occur during shift hours. The training council tasked each shift with creating computer-based training modules for the various security officer assignments on the hospital’s main campus and off-campus sites. These training modules cover life safety, the research desk, the emergency department, exterior patrols, foot and vehicle patrols, and the command center.</p><p>The training council asked officers to participate in the creation of the computer-based training modules. The officers produced the training modules during their respective shifts when it did not interfere with other responsibilities.  </p><p>The group participation paid off. For example, the officers who created the command center and the emergency-department training modules not only spent several hours discussing what information should be included in the modules, but then allowed their creativity to flow by using the software to make these modules interactive. These particular modules include test questions of the material, and the program will respond appropriately to the employees as they answer the questions correctly or incorrectly. The volunteers also created tests for before and after an officer goes through each of the computer modules to track the effectiveness of the training.</p><p>Shift-change training. A major question with ongoing training is how to fit it into the officer’s routine. For most industries using shift work, difficulties arise when trying to carve out enough training time without creating overtime. The training council decided to take advantage of downtime that occurs as officers come to work ready for their shift to begin. They are required to show up six minutes before the shift. This time is now used for training.</p><p>The shift-change training is used to cover specific topics—already covered in some of the training phases—that can be easily encapsulated into a six-minute program. For example, some topics include departmental policies, radio communication procedures, command center refresher sessions, self-defense subjects, confronting hostile people, proper report writing, and temporary restraint training. By implementing the shift-change training sessions on a weekly basis, the department created an additional five hours of training per year for each officer.</p><p>One of the security supervisors created a six-minute training binder to house all of the lesson plans. Each shift supervisor uses the same lesson plan so that the training is consistent across the shifts. As with all other training, the before-and-after tests are given to quantitatively document changes in subject knowledge or skills.</p><p>Results. After implementing the training program, the training council wanted to check the initial results to see whether the training was effective. There were numerous quantifiable measurements that the council could use to evaluate the new training program, such as tracking the rate of disciplinary actions from the previous year to the current year. However, since the council desired to have a quick assessment of the training program changes, it decided to compare the after-training test scores to the before-training test scores for the computer-based training modules as well as the scores of the six-minute training tests. </p><p>To the council’s surprise, the initial tabulated scores resulted in an average before-training test score of 93 percent and an after-training test score of 95 percent. The council also found in many of the officers’ tests that they missed the same questions on both the before and after tests.</p><p>Based on these results, the council decided to make several changes. First, the test questions were reviewed and tougher questions were added. Based on the preliminary test score, the council felt that the questions were not challenging enough and might not indicate how competent the officers were with the subject matter. </p><p>The training council assigned each shift the task of revising the tests for their computer-based training modules as well as the six-minute training tests. The goal was to make the tests more challenging and to obtain more accurate assessments of the effectiveness of the training program. </p><p>The training council also reviewed how the different shifts were conducting the six-minute lessons. Managers noted that the shifts initially followed the schedule of the six-minute subjects from week to week, but then they began to conduct their own lessons without an accepted lesson plan or to forgo training altogether. </p><p>To avoid this problem, the training council determined that the training program needed to be more structured. The group created a schedule to indicate which class would be covered each week. One of the shift supervisors volunteered to take over the six-minute training program and formally structure it so that each shift would conduct training in a consistent manner.</p><p>The training council has plans to further hone the training program in the near future. The council plans to analyze the program us­ing other quantitative evaluative instruments such as an employee survey and a comparison of disciplinary action data from previous years. </p><p>In battle, it is said that an army fights as it has trained. Thus, commanders know the value of training. In the businessworld, though the stakes are different, training is no less critical to the success of the mission.</p><p>Ronald J. Morris, CPP, is senior director of protective services at Cincinnati Children’s Hospital Medical Center. Dan Yaross, CPP, is manager of protective services. Colleen McGuire, CPS (crime prevention specialist), is sergeant of protective services. Both Morris and Yaross are members of ASIS International.</p>GP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465 the Alarm at Lone Star<p>In our interconnected world, the vast majority of people within a college campus community think little of an emergency and how the institution will communicate with them—until it happens. Then, they want timely information on what is occurring, what to do, and where they can learn more.  </p><p>There is an assumption that if anything happens, everyone will receive a text message instantly, the faculty and staff will know what to do, and there will be an announcement over a public address system. Expectations are set. </p><p>Recent events, like the shooting at Oregon’s Umpqua Community College in October 2015, have students, faculty, parents, and guests inquiring about the notification equipment and procedures in place on their campus. They want assurances that the emergency systems will work when needed. </p><p>Many institutions have opt-in text messaging solutions and public address systems used for a broad range of services, including special events. In an emergency, speakers, sirens, and horns are often the first warnings received that danger is present or imminent.  </p><p>To meet the expectation of the campus community, schools must understand what emergency communications are necessary, what the law requires, and what the school can afford.  </p><p>This was the challenge facing Lone Star College (LSC) in 2010. The largest higher education institution in the Houston area, with six colleges, eight centers, two university centers, and LSC-Online, LSC provides high-quality academic transfer, workforce education, and career training programs to more than 83,000 credit students each semester, and a total enrollment of 95,000 students. It would need a robust emergency communication system to support its diverse campus community. ​</p><h4>Crafting a Solution </h4><p>When LSC decided to create its notification system, LoneStarAlert, in 2010, it used a team approach, crafting a selection committee and choosing a sponsor who could move the project forward. An LSC vice chancellor responsible for safety and security was chosen as the sponsor—an indicator of the project’s importance within LSC. </p><p>LSC then began selecting its committee members, including a cross section of the organization: administrative, college relations, compliance, emergency management, facilities, IT, law enforcement, procurement, student services, and tenants. </p><p>The committee also included individuals who preferred the status quo system at LSC, which had six colleges and six alert systems with their own name, workflow, vendor, and contracts. Having individuals on the committee who represented each of these systems made them realize that one solution with one name was a better overall system for LSC. Because of this, these individuals felt they had a voice and were being heard, making them great ambassadors for the new system. </p><p>Once the committee was assembled, LSC began assessing its environment. It knew it had different systems and various levels of sophistication because the campus had buildings that ranged from 40 to less than five years old. The buildings were also geographically dispersed among the city of Houston and Harris and Montgomery Counties in Texas, each of which has its own building and fire codes.  </p><p>To tackle this service area—approximately the size of Rhode Island—LSC first targeted the LSC-Greenspoint Center, a mid-rise atrium building with the most stringent fire ordinances of all the buildings on LSC campuses.  </p><p>LSC also targeted buildings within two colleges: LSC-North Harris and LSC-Kingwood. LSC-North Harris was chosen because it is close to a major airport and runway. LSC-Kingwood was chosen because it falls under three jur­isdictions—half the campus sits in Montgomery County, the remaining half is in Harris County, and the entire campus is annexed by the City of Houston.  </p><p>Then, over a five-year period, LSC created a mass notification system (MNS) with multiple levels of redundancy. ​</p><h4>the lone star system </h4><p>LSC implemented LoneStarAlert in 2011, consolidating its various emergency campus text messaging services under one solution. LoneStarAlert is a Web-based warning system that can send voice and text alerts to registered individuals when an emergency occurs. </p><p>The system works by issuing an alert over speakers, via a prerecorded or live message, and through e-mail messages in English and Spanish. For example, for a lockdown the prerecorded message says: “Attention. Lockdown now. There is an emergency on campus. Go into the nearest room or closet and lock the door.” Messages also instruct the campus community to wait for further instructions while they remain in a safe place. </p><p>LoneStarAlert also uses text messages of 90 characters or less—in English and Spanish. For an active shooter situation, messages say “Lockdown now. Emergency on campus. Go to nearest safe place, stay calm, and wait for further instructions.”  </p><p>More than 100,000 users are registered for the alert system, and it is only used for emergency messaging and testing of the system. Users are added through an automated system at the beginning of the semester, and users also have the option to self-register.  </p><p>This information is collected in compliance with the State of Texas Education Code Section 51.218 Emergency Alert System. The code requires institutions of higher education to gather a student’s personal e-mail, cell phone, or telephone number to deliver emergency communiques; using only LSC’s e-mail and voice mail system does not satisfy the requirement. </p><p>This information must be added to LSC’s LoneStarAlert system once provided, typically during registration. This process is repeated at the start of each semester.  </p><p>The system is also designed as an opt-out system, rather than an opt-in (choosing to participate) system, in compliance with the code. LSC does not allow this data to be used for any other purpose.  </p><p>Some users are still reluctant to regist­er for LoneStarAlert for fear that their information will be sold to third-party marketers. Ensuring this personal information is only used for emergency use not only keeps LSC in compliance with state regulations, it also shows that the institution is committed to protecting users’ privacy.  </p><p>LSC has made a commitment to closely manage this information and grant access to it only on a need-to-know basis and as authorized.  ​</p><h4>targeting the lsc population </h4><p>For an MNS to work, the institution has to think of the recipients it wants to target and ensure the system is capable of sending alert messages to those target groups. </p><p>LSC identified its target groups as employees, distribution lists (internal and external response teams), dynamic groups (created as needed), geographical locations, networked equipment, students, contractors, tenants, and guests. </p><p>LSC also needed to consider its unique status as a commuter college without campus housing. Some students, employees, and guests visit different campus locations more than once throughout the semester. Sending an emergency communication to just one given area would limit the reach of the MNS, and might miss some individuals who are en route and others who want to know what is occurring on any LSC campus.  </p><p>Instead, the system would need to be structured to send emergency messages to all registered users, regardless of their location. This system would be easier for LSC to administer and more desirable for the LSC community. </p><p>LSC also knew that accessibility and inclusion would be key to the success of its MNS. The system would need to be accessible to individuals with physical, sensory, mental health, and cognitive or intellectual disabilities that affect their ability to function independently. </p><p>The system would also need to be inclusive of seniors, those with limited English proficiency, and unaccompanied minors on campus. LSC has dual education programs for high-school students, Discovery College for children during the summer, full- and part-time day care centers, high schools, and public libraries that all provide opportunities for underage guests on campus.  </p><p>To reach these individuals, LSC would need to design its MNS to provide information online and to enroll them through LoneStarAlert. Because minors cannot be asked directly for personal contact information, LSC would have to work with leaders of these various groups to contact parents and guardians—who would then provide the information that then allowed their child to be enrolled in the system. </p><p>LSC also knew that its system would need to reach the public libraries, four-year educational partners, school systems, executive conference centers, and commercial tenants that are a part of its campus. To reach these stakeholders, LSC would have to provide instructions and a means for individuals to self-register in LoneStarAlert. ​</p><h4>choosing the right integrator </h4><p>LSC awarded its initial MNS contract to a local system integrator, Convergint Technologies. They worked together to create LSC’s wide-area MNS, which is used for any hazard or threat that poses an imminent or present danger and requires immediate action. This includes an evacuation, shelter-in-place, or lockdown scenario. Advisories and alerts that do not pose an imminent or present danger are sent out via LSC e-mail. </p><p>LSC’s MNS is deployed using Windows and Microsoft SQL Servers in a secured and high availability environment. The servers are clustered into a shared pool of monitored resources, so if a host fails, the system immediately responds by restarting each affected host from a different host. </p><p>The MNS encodes and decodes audible signals and live-voice messages transmitted across a TCP/IP local area network using voice over Internet protocol (VoIP). LoneStarAlert text, voice mail, and e-mail are delivered using a Web-based application hosted by the provider. </p><p>LSC’s wide-area MNS command system is located at the main administrative offices and is interconnected with each campus’ central control station, comprising the total system.  </p><p>Each campus is classified as a zone, and each building within a zone is considered a sub-zone. Most campuses have sub-zones that are interconnected. This configuration enables activation of prerecorded, live voice, or tone signals that can be sent to a sub-zone, zones, or the total system, providing redundancy throughout the system. </p><p>LSC police dispatch is responsible for immediately distributing voice messages or alert signals. It is authorized—and empowered—to send emergency messages to the affected populations using either prerecorded messages or live messaging via the wide-area MNS and LoneStarAlert.  </p><p>Dispatchers will send an alert when requested by an officer on the scene, or when requested by senior leadership. They will also issue an alert if there is credible information coming to the dispatch center that warrants sending a message. </p><p>As part of its initial installation, LSC included speakers for common areas with signals adjusted so the message could be heard through a closed door. However, the level of noise in the area impacts the level of intelligible voice or tone that can be heard.  </p><p>Additionally, LSC has video displays at all of its campuses where emergency messages are displayed using a digital management system. This ensures that individuals who cannot hear the emergency alerts do not miss them. </p><p>LSC also uses a buddy system where a buddy will help ensure a person with functional needs is supported, and first responders are aware of their last known positions and conditions. This information is then captured—when provided—in each campus fire safety plan. </p><p>As an additional measure, most LSC campus community members have cell phones. This enables those who are deaf or have other hearing impairments to receive emergency text messages and, where available, two-way communications using the Telecommunications Relay Service (TRS).  </p><p>The TRS bridges the communication gap between voice telephone users and people with hearing impairments by allowing users anywhere in the United States to dial 711 to be connected to a TRS operator. The operator then serves as a link for the call, relaying the text of the calling party in voice to the called party, and converting to text what the called party voices back to the calling party. </p><p>Following the initial setup, in-house resources assumed most of the responsibility for supporting the system over a five-year period. However, the system integrator supplements LSC resources.  </p><p>Additional system integrators are also used to provide support for the MNS. Sharing the service responsibilities among multiple vendors provides redundancy in the event a vendor is unable to provide services to one or more of LSC’s locations. ​</p><h4>testing </h4><p>Whether a fire exit drill or a lockdown drill, testing of emergency communications processes and systems is a base requirement. LSC has a rolling three-year sustainability and exercise program that’s part of the LSC Emergency Management Plan, which tests the LoneStarAlert and its MNS. </p><p>In the beginning, some questioned the approach and anticipated backlash from disrupting operations by testing the systems. However, LSC quickly learned that the process built confidence within the community that the school is doing its part to keep its campus safe. </p><p>Testing also gave users who were registered incorrectly and did not receive text message alerts a chance to inform LSC. Users who did receive texts and e-mail alerts could also report how long it took to receive them. </p><p>This helped LSC determine that, on average, more than 95 percent of regis­tered users received text and e-mail alerts within two to three minutes of activation. </p><p>On one occasion when LoneStarAlert was not tested during a larger emergency management drill, LSC received negative feedback, debunking the myth that testing the system during normal operations is viewed negatively. This approach has helped LSC align its MNS with its brand.   </p><p>-- </p><p><em>Denise Walker is chief emergency management officer at Lone Star College System, responsible for policy and direction on emergency management; safety and security audits; fire safety; environment, public health, and safety; and victim advocacy. She serves as the chair of the Greater Houston Local Emergency Planning Committee and is executive member of the Texas Emergency Management Advisory Committee. She is the author of several books, including Mass Notification and Crisis Communications: Planning, Preparedness, and Systems.   ​</em></p>GP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465