Surveillance

 

 

https://sm.asisonline.org/Pages/ENDURECE-BLANCOS-SUAVES-CON-PSIM.aspxENDURECE BLANCOS SUAVES CON PSIMGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a43444652017-11-21T05:00:00Z<p style="text-align:justify;">Los "blancos suaves" (del inglés <em>soft targets</em>) son aquellos que son fácilmente accesibles para el público, como centros comerciales, hoteles, y hospitales, y resultan especialmente vulnerables a ataques por mano de terroristas, criminales, y otros actores maliciosos. Los ataques recientes alrededor del mundo han aumentado la concientización sobre la necesidad de proteger estos espacios. Los practicantes de seguridad deben tener en mente que el deber de proteger una empresa se extiende desde sus empleados a cualquiera que ponga pie en su propiedad.</p><p style="text-align:justify;">En estos sitios, las soluciones típicas de seguridad física incluyen una separación clara entre las áreas públicas y las restringidas al personal, acceso controlado a áreas sensibles para prevenir entradas no autorizadas, y acceso limitado a las instalaciones fuera del horario comercial. Estas medidas dependen fuertemente en la implementación y gestión de niveles variantes de permisos de acceso para cada área, aplicando una combinación de tecnologías de seguridad. Incluso los mejores despliegues de estos sistemas no eliminan el riesgo; sino que ayudan al equipo de seguridad a contener las amenazas.</p><p style="text-align:justify;">Al contar con diversos sistemas, ésto se vuelve una tarea compleja que podría abrumar al personal de seguridad encargado del monitoreo, la identificación y la respuesta ante eventos. Para instalaciones multiuso, las soluciones de Gestión de Información para la Seguridad Física (PSIM) simplifican estos complicados procedimientos con alertas y acciones de respuesta automatizadas e inteligentes, junto con una conciencia situacional significantemente mejorada.</p><p style="text-align:justify;"><strong>Alerta</strong></p><p style="text-align:justify;">Cada vez que un individuo no autorizado ingresa a un área privada o sensible, las organizaciones deben tratar al incidente como sospechoso a menos que y cuando sepan que hay una razón válida para el ingreso. Y, tras cualquier brecha de seguridad, ya sea intencional o accidental, malintencionada o inofensiva, cada segundo cuenta. Ésto enfatiza la necesidad fundamental de que los operadores y el resto del personal de seguridad sepan sobre la situación lo antes posible. Con automatización y la capacidad  de integrar de forma fluida múltiples sistemas en una sóla interfaz, las soluciones de PSIM pueden acelerar el proceso de alerta para mejorar la conciencia y la respuesta.</p><p style="text-align:justify;">Por ejemplo, se podrían desplegar sistemas integrados de control de acceso y videovigilancia inteligente para alertar al personal cuando alguien ingresa a un área restringida, tal como un centro de datos, fuera del horario laboral. Cuando una alerta proviene del sistema de control de accesos, la solución PSIM puede invocar automáticamente la transmisión de video asociada con el evento, proveyendo a los operadores visibilidad directa sobre la situación.</p><p style="text-align:justify;">Otra alerta podría ser disparada por un informe o descripción inicial entregada por un usuario móvil. En este caso, la PSIM podría correlacionar los datos con transmisiones de cámaras de videovigilancia cercanas, y otros sistemas. Sin importar cuál sea la fuente de la alerta, la solución se asegura de que los operadores tengan acceso instantáneo a información valiosa que les permita analizar rápidamente la situación e iniciar una respuesta apropiada, basada en un completo entendimiento del incidente.</p><p style="text-align:justify;"><strong>Respuesta</strong></p><p style="text-align:justify;">Una vez que se ha generado una alerta, deben existir acciones prestablecidas para ayudar al personal a determinar el camino a seguir para resolver una situación lo más pronto posible. En muchos casos, no es necesaria ninguna respuesta. Por ejemplo, si un individuo sostiene una puerta abierta por unos segundos, el sistema de control de accesos puede generar una alerta que indique que la puerta está siendo bloqueada. Usando material videográfico asociado con la acción, un operador puede terminar en segundos si ésto fue realizado para permitir un ingreso no autorizado o si la persona entrando simplemente se detuvo un momento para leer su teléfono móvil. Sin la capacidad que ofrece la videovigilancia, tendría que enviarse a un guardia para que evalúe la situación: es decir, no sería el uso más eficiente de tiempo y recursos.</p><p style="text-align:justify;">Dado el considerable número de alertas no accionables que los operadores reciben durante sus turnos, pueden no estar preparados para un evento que sí requiera acción, más allá de qué tan bien hayan sido entrenados. Ésto puede causar confusión y estrés, lo que puede complicar la situación y conducir hacia el caos. Contar con procedimientos operativos estandarizados (POEs, SOPs en inglés) bien deinifidos para que guien a los operadores y a otros a través de cada proceso reduce el potencial de estrés, pánico, o confusión, los cuales contribuyen a una alta probabilidad de errores humanos. Sin embargo, POEs que son complicados o difíciles de ubicar no harán nada para reducir esta probabilidad.</p><p style="text-align:justify;">La PSIM puede automatizar muchos de los más mundanos y básicos pasos para simplificar procesos y permitir que los operadores se concentren únicamente en las tareas críticas que requieren intervención humana, tales como determinar si una persona detectada a través de videovigilancia realmente representa una amenaza. Ésto permite al personal de evaluar rápidamente la situación y determinar la respuesta más apropiada.</p><p style="text-align:justify;"><strong>Conciencia Situacional en Tiempo Real </strong></p><p style="text-align:justify;">Al responder a un incidente, es importante que los guardias, primeros respondientes, y otros, tengan la información más completa posible para asegurar la respuesta más efectiva y eficiente.</p><p style="text-align:justify;">Los sistemas integrados mejoran esta conciencia al reunir grandes cantidades de datos, provenientes de varios sistemas, que pueden ser combinados para evaluar un incidente. Mientras que inspeccionar manualmente innumerables sistemas para obtener y clasificar esta información no es viable, las soluciones automatizadas de PSIM ponen toda la información relevante al alcance de la mano de los operadores. Ésto permite al personal de seguridad tomar decisiones rápidas y precisas basándose en una imagen completa del evento; compartir fácilmente la información en tiempo real con los respondientes apropiados; y coordinar la respuesta entre todas las partes involucradas. Esta colaboración provee una conciencia situacional crítica a aquellos respondientes que, entonces, pueden realizar decisiones más informadas que permitan una respuesta ágil para ayudar a prevenir que el incidente se desenvuelva.</p><p style="text-align:justify;">Cuando deben protegerse instalaciones con múltiples niveles de privilegios de acceso, surge una amplia variedad de desafíos. Al desplegar una solución PSIM para englobar la información decisiva, las organizaciones pueden superar los retos a los que se enfrentan, mientras que aumentan la seguridad para aquellas aplicaciones potencialmente complejas.</p><p style="text-align:justify;"><strong><em>Simon Morgan</em></strong><em> es el director de tecnología (CIO) de SureView Systems.</em></p><p style="text-align:justify;"><em>The translation of this article is provided as a courtesy by Ari Yacianci. </em>Security Management <em>i</em><em>s not responsible for errors in translation. Readers can refer to the original English version here:</em><em> https://sm.asisonline.org/Pages/Harden-Soft-Targets-with-PSIM.aspx​</em><br></p>

Surveillance

 

 

https://sm.asisonline.org/Pages/ENDURECE-BLANCOS-SUAVES-CON-PSIM.aspx2017-11-21T05:00:00ZENDURECE BLANCOS SUAVES CON PSIM
https://sm.asisonline.org/Pages/Subway-Surveillance.aspx2017-11-01T04:00:00ZSubway Surveillance
https://sm.asisonline.org/Pages/Harden-Soft-Targets-with-PSIM.aspx2017-10-23T04:00:00ZHarden Soft Targets with PSIM
https://sm.asisonline.org/Pages/Driving-a-Security-Transition.aspx2017-10-01T04:00:00ZDriving a Security Transition
https://sm.asisonline.org/Pages/House-Rules.aspx2017-09-01T04:00:00ZQ&A: House Rules
https://sm.asisonline.org/Pages/Interoperability-for-the-Safe-City-.aspx2017-08-21T04:00:00ZInteroperability for the Safe City
https://sm.asisonline.org/Pages/Surveillance-on-the-Fly.aspx2017-07-01T04:00:00ZSurveillance on the Fly
https://sm.asisonline.org/Pages/Healthy-and-Secure.aspx2017-07-01T04:00:00ZHealthy and Secure
https://sm.asisonline.org/Pages/On-Site-and-Cloud-Access-Control-Systems.aspx2017-05-22T04:00:00ZOn-Site and Cloud Access Control Systems
https://sm.asisonline.org/Pages/Surveillance-and-Stereotypes.aspx2017-04-01T04:00:00ZSurveillance and Stereotypes
https://sm.asisonline.org/Pages/The-Virtual-Lineup.aspx2017-02-01T05:00:00ZThe Virtual Lineup
https://sm.asisonline.org/Pages/Surveillance-is-Instrumental.aspx2017-02-01T05:00:00ZSurveillance is Instrumental
https://sm.asisonline.org/Pages/Wildlife-Trafficking.aspx2017-01-01T05:00:00ZWildlife Trafficking
https://sm.asisonline.org/Pages/Speedy-Surveillance.aspx2016-11-01T04:00:00ZSpeedy Surveillance
https://sm.asisonline.org/Pages/Reducción-de-la-Violencia-en-América-Latina.aspx2016-10-11T04:00:00ZReducción de la Violencia en América Latina
https://sm.asisonline.org/Pages/Guarding-A-Floating-Treasure.aspx2016-09-01T04:00:00ZGuarding A Floating Treasure
https://sm.asisonline.org/Pages/Scholastic-Surveillance.aspx2016-08-01T04:00:00ZScholastic Surveillance
https://sm.asisonline.org/Pages/A-Casino-Makes-a-Sure-Bet.aspx2016-06-01T04:00:00ZA Casino Makes a Sure Bet
https://sm.asisonline.org/Pages/In-the-Public-Interest.aspx2016-05-01T04:00:00ZIn the Public Interest
https://sm.asisonline.org/Pages/Staying-On-Message.aspx2016-02-25T05:00:00ZStaying On Message

 You May Also Like...

 

 

https://sm.asisonline.org/Pages/Driving-a-Security-Transition.aspxDriving a Security Transition<p>​When Christopher Martini, CPP, took the wheel as Jaguar Land Rover North America’s regional manager for corporate security and business protection in 2013, he knew he had a long road ahead of him. He was the first person to serve in the role, which focused on keeping the British automotive company’s American and Canadian administrative facilities safe. Jaguar Land Rover North America had been previously owned by Ford, which provided general security functions but did not have an onsite security professional dedicated specifically to Jaguar Land Rover. After Ford sold the company, a few years passed without a leader to organize safety, security, or asset protection. “Security functions were under the stewardship of the site services facilities department but there was no functioning security department,” Martini notes.</p><p>Jaguar Land Rover North America has more than a dozen facilities, including service and sales training academies, regional offices, and driving experience centers throughout the United States and Canada. “We’re not the manufacturing company but we directly help facilitate the sale of our products and the ongoing use of our products through training dealer personnel, and importing vehicle parts and accessories,” Martini says.</p><p>After years without any organized security approach, Martini faced two distinct challenges: building a culture of security and equipping facilities with up-to-date access control and perimeter protection technology. </p><p>“It was a mature organization—people had been operating in a certain way without the influence of an organized security and safety and asset protection structure around them,” Martini explains. “Those behaviors were set because people had been here for a while, and there was a lot of organizational resistance to having a security professional start to change how people did things, even something as simple as accessing the building.”</p><p>Similarly, Jaguar Land Rover North America facilities were equipped with legacy security systems so out of date that facilities personnel had been buying spare parts from eBay because they were no longer produced or supported by the manufacturer. The access control system had an inaccessible database, so some employees had multiple access control cards in multiple formats. “It was exactly what you would imagine—it had been left to decay,” Martini notes.</p><h4>Technology Tune-Up</h4><p>Martini had a lot of work to do, and quickly. A brand new facility in Portland, Oregon, was scheduled to be built within six months of Martini’s arrival at the company—and he knew whatever security solution he chose would ultimately be used at other facilities, including the company’s regional headquarters in New Jersey. “What I didn’t want to do was deploy the solution that was currently in place at the other locations—it was out of date and not supported,” he says. He was familiar with S2 Security Corporation from visiting its booth at ASIS International seminar and exhibits, and he ultimately decided on its platform for regional security monitoring, administration, and operations management, as well as for standardizing access control and video. </p><p>“What really guided my selection was the fact that I knew that I wasn’t going to have a tremendous ability to call upon internal resources for maintenance, upkeep, or even operation of the system, so it had to be something that was easy to train people on—resilient and very reliable—and that didn’t require constant updates to stay current with desktop and operations software,” Martini explains. The S2 system is accessed via Internet browser and does not require any dedicated client software. Martini said it was the “perfect fit” for the Jaguar Land Rover North America environment.</p><p>The new, cutting-edge infrastructure—including HID access cards and Axis cameras that integrated with S2’s Enterprise access control and NetVR video management systems—was installed at the Portland location. After that successful deployment, the solution was installed in the Irvine, California, training office; the Mahwah, New Jersey, headquarters; and a new facility in Mississauga, Canada, that opened in 2016. The New Jersey facility has an enterprise-level system that allows for round-the-clock monitoring of the other three locations.</p><p>“We do all the administration here in New Jersey, and we do monitoring for those other locations,” Martini says. “I have 24-hour staff that is interacting with the system, and any alarm or information that comes back to us requiring a response gets escalated from here out to the location.”</p><p>Martini’s responsibility to protect Jaguar Land Rover’s American and Canadian facilities and fleet of more than 900 high-end vehicles was made easier with the new technology. “The most direct benefit that I get is I now know what’s happening at my facilities,” he notes. “Prior to having this technological capability, I had to rely on people in those locations to report issues and incidents to me as they occurred. Now I have more direct visibility to what’s happening to those sites in real time, which gives me a much better sense of situational awareness to what’s really happening.”</p><p>At the remote facilities, an intrusion panel—integrated with the S2 system—allows the first employee to arrive at the facility and the last to leave the ability to deactivate or activate the alarm system with a swipe of an access control badge. After the system is armed, it will dial out to a third-party monitoring company if an alarm is triggered, as well as alert the security officer on duty at the company’s New Jersey headquarters. </p><p>Martini explains that the local monitoring company will call headquarters to discuss what action to take. “The officer starts looking for video associated with that alarm, and the alarm company will call in and ask whether it should dispatch police,” he says. “The officer can see if it’s just the new housekeeper who forgot to use the control panel, or whether there is evidence of intrusion.” Then the officer can tell the company to send police. </p><p>The officer would then go through an escalation process, which could involve reaching out to staff at headquarters  or a local site contact, depending on the situation. “Officers have a detailed escalation list as to who they need to notify about the range of things they may notice or be called about for one of those remote locations,” Martini says.</p><p>This chain of response went according to plan when someone tried to break into the company’s Irvine location. The security officer on duty in New Jersey was watching the remote video feeds and noticed a man walking around the outside of the facility after hours, trying to open the doors. The officer was able to switch the view to pull up all feeds of the site to gain better situational awareness and observed the man trying to pry open one of the patio doors with a crowbar. </p><p>“Irvine is a regional office collocated with a training center,” Martini notes. “Training centers are like really nice, clean automotive garages where we bring service technicians and train them on our cars. The first level has a nice main lobby and a couple automotive bays and things like that, and the second level is basically office space. Likely what was drawing this guy was that there was a vintage Jaguar just inside those doors.”</p><p>The man had not triggered any alarms because he hadn’t yet managed to open the door, but the security officer contacted the local alarm company and had it call the police, who responded within a minute. </p><p>“It’s not a huge incident, but the quality of the video is so excellent and the ability for the officer to quickly switch and bring up everything associated with the site and get a better sense of where the guy was located and what his target was going to be is really quite interesting to see,” Martini says.</p><h4>Culture Change</h4><p>The changes at Jaguar Land Rover North America facilities haven’t just boosted situational awareness—they have helped change the employee culture as well. While Martini was upgrading the physical security, he was also striving to get employees on board with working together to create a more secure workplace. </p><p>“It’s really difficult, in my experience, to create a controls-based environment if the environment doesn’t have good controls,” Martini explains. “It’s one thing to tell people ‘It’s important that you wear your badge, you don’t leave doors propped open.’ If the system doesn’t provide you with the information necessary to know when those problems are happening, then it’s difficult to address the behaviors.”</p><p>Understanding that employees were not used to wearing access control badges, Martini solicited employee feedback and created a team to help design the look and feel of the new badges. As part of the rebadging strategy, employees were encouraged with contests and could take selfies to use as their badge photos.</p><p>“Rather than us taking your photo and making it like getting a driver’s license, people took their own, as long as they met the criteria—it was a really fun experience,” Martini says. “It allowed people to send me the photos they were the happiest with, and my opinion is that if I want you to wear the badge, then you should be happy with the photo.”</p><p>Once the S2 system was in place, it was easy for Martini’s officers to be alerted when doors were propped open or other security protocols were not followed and make a call to the facility and correct the behavior in real time. “It sends a subtle message, not that Big Brother is out there watching, but it reinforces the behaviors you’re expecting from your employees, and lets them know that as an organization we take it seriously,” Martini says. “The messaging has been augmented by the fact that we now have an environment and infrastructure that supports the application of administrative and policy controls. That’s a huge benefit.”</p><p>It’s been almost a year since the updated S2 solution was installed at the facility in Canada, and the organization is planning a second rollout to several facilities across North America. Martini says he considers the first deployment a success—both in tightening the physical security at the facilities, and in evolving company culture. Jaguar Land Rover North America conducts pulse surveys among its employees, and Martini says that during the last two years employees’ perception of health and safety has increased. He also notes that, anecdotally, false alarms greatly decreased because employees are following protocol. “It’s a good indicator that we’re on the right path and people understand the organization is making an effort, and what we’re doing is effective,” he notes.</p><p>When he started at Jaguar Land Rover North America, Martini approached security as an amenity to the business and hoped that a stronger physical security footprint would benefit company culture—and vice versa.</p><p>“We have really talented people and we hire you to apply your talent to the work, not to be worried about security or personal safety,” Martini says. “Your job is to come in and contribute all your talent and energy to the task at hand. Because the system is providing us with intelligence about what’s happening at our sites, we can let people know that our sites are secure and we’re taking security seriously. Employees feel more secure in the workspace, they have a better understanding of what their individual responsibility is to contribute to the security program, and that reinforces the kind of culture I was trying to build.” </p><p><em>(Editor's note: At press time, Martini began a new position as an area security and safety manager for PayPal.) ​</em></p>GP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465
https://sm.asisonline.org/Pages/Surveillance-and-Stereotypes.aspxSurveillance and Stereotypes<p>​Juveniles make up 40 percent of the shoplifters in the United States. Shoplifters, in total, contribute to billions of dollars of loss each year, according to the National Association for Shoplifting Prevention’s 2014 report <em>Shop­lifting Statistics.</em></p><p>To combat adolescent shoplifting, according to the report, retailers depend on private security officers combined with other security measures, including security cameras, observation mirrors, and radio-frequency identification (RFID) tags. </p><p>The key to apprehending juveniles during or after shoplifting, however, is to correctly determine whom to surveil. Security personnel often rely on a combination of common underlying physical characteristics—race, gender, and age—and behavioral indices—glancing at clerks nervously, assessing security measures, and loitering—to distinguish shoppers from potential shoplifters. </p><p>Are these surveillance decisions a result of bias? To find out, the authors conducted original academic research funded by the John Jay College of Criminal Justice of the City University of New York on how stereotypes play into who is suspected of shoplifting, how that suspect is dealt with, and what private security can do to limit discriminatory practices.​</p><h4>Existing Data</h4><p>A 2003 Journal of Experimental Psychology article, “The Influence of Schemas, Stimulus Ambiguity, and Interview Schedule on Eyewitness Memory Over Time,” which discussed research findings and lawsuits against retailers, concluded that stereotypes of juvenile shoplifters may unduly influence security officers to target juveniles on the basis of their physical characteristics, rather than their behaviors.</p><p>Over the past 20 years, the media has reported on cases in which the retail industry engaged in discriminatory practices. This is known as consumer racial profiling (CRP), “the use of race and or ethnicity to profile customers.” According to a 2011 study in the Criminal Justice Review, “Public Opinion on the Use of Consumer Racial Profiling to Identify Shoplifters: An Exploratory Study,” officers sometimes use CRP to determine which juvenile shoppers are potential or actual thieves. </p><p>Most people develop negative stereotypes about juvenile thieves through exposure to various types of media, particularly when they reside in areas that contain few minorities. The media has the unique ability to both shape and perpetuate society’s beliefs about which juveniles typically commit offenses through its selective coverage of crimes. </p><p>It is also common for the media to portray adolescents—particularly boys—as criminals. Biases are then used, whether consciously or unconsciously, in the private sector by retailers and security officers to target shoppers, and in the public sector by those in the legal system, including law enforcement officers, prosecutors, judges, and even legislators, to arrest and prosecute thieves.</p><p>The consequences of applying discriminatory practices can be seen in the private sector through lawsuits against retailers. Ethnic minority shoppers purport that they were targeted through excessive surveillance—and even through false arrests. </p><p>Researchers have shown that this automated bias occurs even when observers were trained to focus on behavioral cues, and it persists despite findings that shoplifting occurs across racial and ethnic groups, according to the 2004 Justice Quarterly article “Who Actually Steals? A Study of Covertly Observed Shoplifters.”</p><p>Stereotypes also affect retailers’ decisions on how to handle shoplifters, either formally by involving the police, or informally. The results of accumulated discrimination, accrued during each step in the legal process—initial involvement of police, decision to prosecute, conviction, and sentencing—continue in the legal system. This is evidenced by the disproportionate number of African- and Latin-American boys shown in the apprehension and arrest statistics of juvenile thieves, compared to their representation in the population, according to Our Children, Their Children: Confronting Racial and Ethnic Differences in American Juvenile Justice, a book published by the Chicago University Press. ​</p><h4>Current Research</h4><p>To test the premise that there is a widespread stereotype of the typical juvenile thief and shoplifter, our research team obtained information from young adults in two diverse areas:  97 psychology-major college students in a small city in the U.S. state of Kansas, and 156 security and emergency management majors at a college in a large city in New York state. </p><p><strong>Shoplifter profile. </strong>The psychology-major students were 83 percent European American. The rest of the students were represented as follows: 5 percent African American, 2 percent Asian American, 1 percent Latin American, and 9 percent of mixed or unknown descent.</p><p>The security and emergency management major students—72 percent of whom were male—came from a variety of backgrounds: 31 percent European American, 37 percent Latin American, 19 percent African American, 9 percent Asian American, and 2 percent Middle Eastern American.</p><p>Participants in both locations were asked to guess the common physical characteristics of a typical juvenile shoplifter—age, gender, ethnicity or race, and socioeconomic status. </p><p>The stereotypical juvenile shoplifters described by both the Kansas and New York respondents were remarkably similar: male, aged 14 to 17, and from lower- to middle-class families of African-American, Latin-American, or European-American descent. The two samples also indicated that the stereotypical thief was likely to have short or medium length brown or black hair and an identifying mark—such as a piercing. </p><p>These findings show commonality in the prevalence of certain physical characteristics, despite the diversity of the two groups of respondents, and demonstrate that American society has a well-developed juvenile shoplifter stereotype.</p><p><strong>Decision processes. </strong>After determining the stereotype, the research team considered whether juvenile shoplifter stereotypes affected respondents’ decisions. The goal was to determine the degree to which the respondents believed that physical characteristics influenced the security guards’ decisions regarding whom to surveil, and what consequences to apply when a youth was caught stealing.</p><p>The New York respondents read a brief scenario describing a juvenile shoplifter as either male or female and from one of five backgrounds: European American, African American, Asian American, Latin American, or Middle Eastern American. However, the description of the overt behaviors by the juvenile was the same for every scenario—selecting and returning shirts in a rack, glancing around the store, and stuffing a shirt into a backpack.</p><p>Respondents provided their opinions about the degree to which the security officer in the scenario relied on physical characteristics in surveilling a juvenile, and whether the retail manager and security officer should impose informal or formal sanctions on the shoplifter. Researchers reasoned that respondents should draw identical conclusions for surveillance and sanctions if they were simply evaluating the juvenile shoplifters’ behaviors, but that students would have different recommendations for these choices if their racial or ethnic stereotypes were activated.</p><p>Respondents who indicated a preference for applying informal sanctions did so more frequently for girls of African-American and Middle Eastern-American descent. These respondents also assessed that the officer described in the scenario based his or her surveillance decisions on physical characteristics. No other gender differences for race or ethnicity were notable when considering reliance on physical characteristics.</p><p>Stereotypes also affected decisions on how to sanction the shoplifter. Respondents were given the option of implementing one of four informal sanctions: speak to the juvenile, call parents to pick up the juvenile, get restitution, or ban the youth from the store. Their selection of the least severe sanction—talk to the juvenile—was doled out at a higher rate for boys than for girls of each ethnicity except European Americans, which did not differ.</p><p>The moderate level sanction—call the youth’s parents—was selected more for girls than for boys of African and Latin descent. The most severe level sanction—ban the youth from the store—was selected more for boys than for girls of African descent. However, it was selected more for girls than for boys of Asian, European, and Middle Eastern descent.<img src="/ASIS%20SM%20Callout%20Images/0417%20Feature%202%20Chart%201.jpg" class="ms-rtePosition-2" alt="" style="margin:5px;width:510px;" /></p><p>Respondents who indicated a preference for applying formal sanctions attributed physical characteristics to the guards’ surveillance decision for girls more than for boys of Latin descent; gender differences were not apparent for the other ethnicities. </p><p>Respondents were also given five formal sanctions for the youths: involve the police, prosecute the theft as larceny, impose a fine, give the youth diversion or community service, or put the incident on the youth’s criminal record. Their selection of the least severe sanction—involve the police—was endorsed more for boys than for girls of Asian, European, and Latin descent, but more for girls than for boys of African descent. No gender difference was apparent for youths of Middle Eastern descent.</p><p>The most severe sanction—diversion or community service—was preferred more for boys than for girls of African descent. A small percentage of respondents endorsed a criminal record for the theft of a shirt, but only for girls of African and European descent and for boys of Middle Eastern descent.</p><p>Finally, a comparison of our data revealed that respondents believed informal—rather than formal—consequences should be imposed for girls rather than for boys of Asian and European descent, and for boys rather than for girls of Latin descent. ​<img src="/ASIS%20SM%20Callout%20Images/0417%20Feature%202%20Chart%202.jpg" class="ms-rtePosition-2" alt="" style="margin:5px;width:519px;" /></p><h4>Lessons Learned</h4><p>Our findings clearly demonstrate that people have stereotypes about juvenile shoplifters. They also showed that people unconsciously use the typical physical characteristics of gender and race or ethnicity associated with their criminal stereotypes to make decisions and recommendations, such as whom to surveil and how to handle a shoplifting incident. Otherwise, there would not have been a difference in how the juvenile shoplifter was processed or punished, because the behaviors exhibited by all of the juveniles were identical across scenarios.</p><p>Consumer racial profiling is a defective filtering system that may direct private security officers’ attention to characteristics that are not reflective of actual shoplifting conduct. Our data suggests that CRP not only hurts retail businesses by discouraging minority consumers from shopping in their stores, but also simultaneously prevents security officers from apprehending shoplifters.</p><p>Other research, such as from “Juvenile Shoplifting Delinquency: Findings from an Austrian Study” published in the 2014 Journal for Police Science and Practice, shows that only 10 percent of juveniles are caught shoplifting. Even more disconcerting, the typical shoplifter steals on average 48 to 150 times before being apprehended. Clearly, retailers need a better strategy if they are to reduce loss due to shoplifting.</p><p>Another issue that was addressed was the decision to involve the legal system. Many businesses, despite having posted prosecution warnings, reported only about half of the adolescent shoplifters they caught to the police. </p><p>Retailers instead focus on minimizing loss and negative publicity, and may rationalize against reporting the offense to the police because they do not want to stigmatize the adolescent or because they consider it a one-time incident, particularly when the juvenile admits to the theft and then pays for or returns the items, according to the U.S. Department of Justice’s (DOJ) Community Oriented Policing Services.</p><p>These beliefs, however, may be misguided. Though current research is scarce, a 1992 study—The Sociology of Shoplifting: Boosters and Snitches Today—indicated that 40 to 50 percent of apprehended adolescent shoplifters reported that they continued shoplifting. </p><p>There are benefits for retailers who involve the legal system, especially for informal police sanctions. </p><p>First, criminal justice diversion programs and psychological treatment and educational programs treatment may reduce recidivism. For example, shoplifters who attended and completed a diversion program had significantly fewer re-arrests compared to those who failed to complete or did not attend, a DOJ study found.</p><p>Second, the private sector needs the support of the public sector to reduce shoplifting. Shoplifters can be given an opportunity to participate in first offender programs and, upon completion of classes on the effects of shoplifting, have their charges dismissed or even erased. ​</p><h4>Recommendations</h4><p>Retailers and private security officers need training to make them aware of their own biases and how their stereotypes affect their choices. They also need training to learn which behavioral indices are most effective in distinguishing shoppers from shoplifters. </p><p>If retailers do not make significant changes in guiding their employees—particularly security officers—towards objective measures of vigilance to prevent shoplifting, their financial loss will continue to be in the billions of dollars. </p><p>Private security officers must be taught how to treat all potential shoplifters, regardless of their gender, in the same way to prevent making mistakes and subjecting retailers to lawsuits for discriminatory security practices.</p><p>Overcoming unconscious biases is difficult. Prior to specialized training in bias identification and behavioral profiling, it is important to determine the biases of security officers. Self-assessment measures similar to the ones the researchers used in their study can be administered. </p><p>The officers should also keep records that specify each incident of shoplifting, what behaviors drew their attention to warrant surveillance, what act occurred to provoke them to approach the juvenile shoplifter, the items that were taken, the method used, the shoplifter’s demographics, how the situation was handled, who made the decision, and reasons for the decision. The officers should then review these records with their retail managers.</p><p>Retailers should also implement a mandatory training program to provide private security officers with the tools needed to identify shoplifting behaviors to increase detection and reduce shrink. </p><p>The incident records could be introduced and used to help identify the impact biases have on private security professionals’ decisionmaking about juvenile shoplifters. It would also help security guards learn the various types of suspicious behaviors that shoplifters exhibit, such as juveniles who make quick glances at staff, examine items in remote aisles, monitor security cameras and mirrors, and purposefully draw employees’ attention away from others.</p><p>Additionally, a practical component would be to show surveillance videos of the behaviors exhibited by juvenile shoplifters of different gender and race or ethnicity. In this way, the findings of past studies showing the insignificance of race, ethnicity, or gender can be learned through real-world examples.  </p><p>--<br></p><p><em><strong>Dr. Lauren R. Shapiro </strong>is an associate professor in the Department of Security, Fire, and Emergency Management at John Jay College of Criminal Justice. She has published several journal articles and chapters on the role of stereotypes in perception and memory for crime and criminals. <strong>Dr. Marie-Helen (Maria) Maras</strong> is an associate professor at the Department of Security, Fire, and Emergency Management at John Jay College of Criminal Justice. She is the author of several books, including Cybercriminology; Computer Forensics: Cybercriminals, Laws, and Evidence; Counterterrorism; and Transnational Security.   ​</em></p>GP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465
https://sm.asisonline.org/Pages/On-Site-and-Cloud-Access-Control-Systems.aspxOn-Site and Cloud Access Control Systems<p>​Back in the 1970s, electronic access control systems were rudimentary by today’s standards. Those early systems consisted primarily of simple keypads for inputting PIN (personal identification number) codes, or ID cards and readers using magnetic stripe or Wiegand technology to grant or deny access while also maintaining a record of user access. There were few choices when it came to options, integration, and vendors.</p><p>Fast forward to today: now access control systems are frequently the main control platform in a physical security system. These evolved systems allow authorized staff to move freely while keeping a facility or an area secure—and they do much more. Network connectivity allows integration with security subsystems, as well as with business and operational systems such as retail and HR functions. Open architecture designs allow for compatibility with multiple technologies. Smartphones are becoming a mainstream tool in access control systems, and they can sometimes be used in place of an access card. </p><p>Even the most basic access control solution provides some level of tracking, auditing, and reporting. The combination of advanced functionality, flexible features, and integration with other systems allows current systems to provide in-depth information that far exceeds the capabilities of earlier systems.</p><p>Considering these many sophisticated features and functions can be a challenge for the end user, who must not only select an access control system but also determine how and where it will be managed and which solution best meets the organization’s financial and operational needs. Because physical security is vital to the protection of people, premises, and assets, it’s a decision that requires understanding of the technology and the applications. Following are a few examples of the options available for managing an access control system and where they are best suited.</p><h4>Credential Type</h4><p>In addition to incorporating biometrics and other advanced access credentials, today’s solutions can support PIN pads, magnetic stripe and/or Wiegand cards, proximity readers, and other technologies that organizations already use. This provides customers with the flexibility to select the credential type that best suits their needs. </p><p>For example, magnetic stripe and Wiegand access cards offer the convenience of embedding user-specific information in addition to access privileges. Because they incorporate embedded wires as opposed to magnetic material and can be used with contactless sensors, Wiegand technologies are less susceptible to extreme temperatures and other hostile environments. Cards used in systems that require contact with readers suffer from wear and tear and therefore must be replaced on a regular basis.</p><p>Proximity readers offer tremendous ease of use and the ability to quickly deactivate lost cards and issue new credentials. Because no contact is required between card and reader, credentials don’t suffer from the wear and tear common with magnetic stripe and Wiegand systems. </p><p>PIN pads are often employed for single-door applications, and their lower cost makes them attractive to organizations with limited budgets. They are extremely easy to use but also less secure, because users can easily share their codes with others.</p><p>In addition to cost, security level, and system size, organizations must also consider each technology’s ability to work with a range of access control software, as well as the ability to deploy and manage the solution using any or all of the below models.</p><h4>User-Managed on Site</h4><p>In this scenario, the customer purchases or leases equipment from an authorized reseller/integrator, who installs the system and provides training. A service contract may be included in the sale or lease. The customer is responsible for all programming activity on the dedicated PC, including data entry and updating for names, scheduling, reports, backup, and software updates. Depending on the system, badging may also be included. Other than the installation and training and any service agreement, the reseller/integrator has no additional responsibility.</p><p>Systems managed by the user on site are ideal for small to medium-sized businesses, local government offices, sporting facilities, and the like, where one or two individuals are tasked with maintaining the database, software upgrades, and infrastructure maintenance.  </p><h4>User-Managed Cloud </h4><p>Like the on-site user-managed scenario, this version starts with equipment that is purchased or leased from an authorized reseller/integrator, who installs the hardware and provides training. The difference is that the software is in the cloud and is managed, along with the supporting infrastructure, by the integrator or service provider. All backup, software upgrades, system monitoring, programming, scheduled door locking and unlocking, and other vital access control actions are performed remotely by professional monitoring providers. The user may manage only the simple functions of entering, deleting, and modifying names, and possibly badging via a Web portal.</p><p>User-managed cloud systems work well for sites with few or no IT staff—such as franchise locations or property management sites. Each location can handle the day-to-day functions of database maintenance and scheduling via a Web portal, but reports, applying patches and updates, backup, and other group functions are handled in the cloud by the integrator. One useful advantage of this scenario is that the browser application can be accessed at any time and from any device by the user. </p><h4>Remotely Managed Cloud   </h4><p>The user has little or no access to the head end software in this scenario, and all activity is performed by the service provider. Sometimes known as ACaaS (Access Control as a Service), this service is popular with enterprise-level organizations. Hardware can be new or legacy, owned or leased. When modifications are required, the service provider makes the changes. Reports can be run and sent to the end user on a scheduled or as-requested basis. Credentialing is also handled by the service provider.</p><p>Access control systems for several organizations may be hosted in the cloud by the service provider, and the security of the data is ensured with AES encryption. Multilayered filtering and partitioning allows end users to access only their own information (cardholders, access groups, hardware, etc.), while the service provider has full access to all customers’ data.</p><p>By working with a knowledgeable technology partner, such as an integrator or vendor, users will find the help they need to identify which of these solutions best meet their needs. Expertise and experience can help the end user make better and more confident decisions about an access control installation.</p><p><em>Robert Laughlin is president at Galaxy Control Systems. </em></p>GP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465