Education

 

 

https://sm.asisonline.org/Pages/School-Lockdown-Procedure-Prevented-Tragedy-in-Rancho-Tehama.aspxSchool Lockdown Procedure Prevented Tragedy in Rancho TehamaGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a43444652017-11-16T05:00:00Zhttps://adminsm.asisonline.org/pages/lilly-chapa.aspx, Lilly Chapa<p>​Students were running around on the playground and parents were dropping their children off at Rancho Tehama Elementary School Tuesday morning when the school secretary heard the first gunshots fired by Kevin Neal up the road. Without delay, the administrators started a reverse evacuation and lockdown procedure, whisking children and parents alike into the elementary school. By the time Neal—who was on a shooting rampage throughout the small town—arrived at the campus, two-thirds of the school’s 100 students were inside, said district superintendent Richard Fitzpatrick. </p><p> The school’s head custodian saw Neal crash his truck into the school’s gate and begin walking toward the facility, so the custodian stepped out and distracted him while the rest of the students were ushered into safety. Neal began firing but his gun jammed, providing essential seconds for the custodian to escape.</p><p>"The custodian's actions in diverting the attention from the shooter at that time gave us the much-needed seconds to complete the (lockdown) process," Fitzpatrick said in a Wednesday press conference. "That amount of seconds was critical."</p><p>Through surveillance video, Neal can then be seen going from door to door trying to find an entry, and when he failed, he began shooting through the school’s walls, windows, and doors. One child received gunshots in his chest and right foot while crouching under a table inside the classroom and is in fair condition at a local hospital.</p><p>Neal was unable to find an unlocked door to access the students, parents, and staff in the school, so he left the campus and was shot and killed by police a short time later. Fitzpatrick acknowledged that while one student was seriously injured, the incident could have ended much worse.</p><p>"The reason that I'm standing here today and I'm able to speak to you without breaking down and crying is because of the heroic efforts of our school staff," Fitzpatrick said.</p><p>Paul Timm, PSP, vice president at Facility Engineering Associates and a member of the ASIS School Safety and Security Council, says that the school’s straightforward and efficient lockdown procedure was the result of a heightened level of awareness.</p><p>“We are in a time of heightened awareness,” he tells <em>Security Management</em>. “This is following the events of Las Vegas, New York, and Texas. While only one of those involved a school, at the forefront of our minds is that there could be some kind of violence that takes place in our communities. One was a concert, one was a church, and one was right during dismissal time near a bike path before a parade. I think that helps everybody because we’re thinking, ‘how would I respond, what would I do, are we prepared?’ And that had to help them.”</p><p>Timm encourages school officials to always err on the side of caution when it comes to enacting lockdown or evacuation procedures—he notes that Rancho Tehama administrators began lockdown procedures before seeing the threat or being alerted by law enforcement. </p><p>“Not many of us really know, genuinely, what gunshots will sound like, and in Rancho Tehama they were able to just say, ‘I’m not going to assess whether that’s a real gunshot or not, we’re just getting in motion,’” Timm notes. “I think that erring on the side of caution is always the best thing to do. We can always say ‘whoops’ if someone got excited over a balloon popping and went into lockdown, but you’d much rather see them err on that side than someone investigating and finding out we’re not where we should be and we’re in big trouble.”</p><p>Timm has been in the school security industry since before the Columbine High School shooting, and says that, despite the relative regularity of incidents at schools, he often hears that people don’t want to increase school security. “Sometimes people say to me that it’s a shame that we have to live in a time where these things happen and we have to keep schools locked down,” he says. “I like to equate it to vehicle safety—In the 70s you could buy a car that didn’t have seatbelts and car seats were nonexistent. That doesn’t mean it was better back then—it wasn’t. It might be less comfortable, but let’s face it, it’s safer to wear a seatbelt, to have kids in car seats. Whenever schools are questioning whether or not basic access control, emergency preparedness, and communication systems and capabilities are necessary, I don’t think it’s sad—I think the safer way to go is generally the better way, as long as we can keep perspective. I don’t want schools to look like Fort Knox either, but I do want them to be safer than they are today.”</p><p><em>For free school security resources compiled by ASIS, visit <a href="https://www.asisonline.org/Membership/Member-Center/Security-Spotlight/Pages/Spotlight-on-School-Security.aspx" target="_blank">https://www.asisonline.org/Membership/Member-Center/Security-Spotlight/Pages/Spotlight-on-School-Security.aspx</a>.</em><br></p>

Education

 

 

https://sm.asisonline.org/Pages/School-Lockdown-Procedure-Prevented-Tragedy-in-Rancho-Tehama.aspx2017-11-16T05:00:00ZSchool Lockdown Procedure Prevented Tragedy in Rancho Tehama
https://sm.asisonline.org/Pages/Building-a-Professional-Guard-Force.aspx2017-10-10T04:00:00ZBuilding a Professional Guard Force
https://sm.asisonline.org/Pages/An-Education-Connection.aspx2017-09-01T04:00:00ZAn Education Connection
https://sm.asisonline.org/Pages/Responding-to-San-Bernardino.aspx2017-05-01T04:00:00ZResponding to San Bernardino
https://sm.asisonline.org/Pages/Industry-News-February-2017.aspx2017-02-01T05:00:00ZIndustry News February 2017
https://sm.asisonline.org/Pages/The-Role-of-School-Resource-Officers.aspx2017-01-01T05:00:00ZThe Role of School Resource Officers
https://sm.asisonline.org/Pages/Yale-Opens-Doors.aspx2016-12-01T05:00:00ZYale Opens Doors
https://sm.asisonline.org/Pages/School-of-Threats.aspx2016-11-01T04:00:00ZSchool of Threats
https://sm.asisonline.org/Pages/Lake-Brantley-High-is-School-Security-Funding-Winner.aspx2016-09-11T04:00:00ZLake Brantley High is School Security Funding Winner
https://sm.asisonline.org/Pages/As-School-Year-Begins,-France-Enhances-Security-at-Educational-Institutions-.aspx2016-09-06T04:00:00ZAs School Year Begins, France Enhances Security at Educational Institutions
https://sm.asisonline.org/Pages/School-Security-Trends.aspx2016-09-01T04:00:00ZSchool Security Trends
https://sm.asisonline.org/Pages/Scholastic-Surveillance.aspx2016-08-01T04:00:00ZScholastic Surveillance
https://sm.asisonline.org/Pages/Feds-Take-on-Assault.aspx2016-05-01T04:00:00ZFeds Take on Assault
https://sm.asisonline.org/Pages/U-Penn-Puts-Out-the-Fire.aspx2016-03-01T05:00:00ZU Penn Puts Out the Fire
https://sm.asisonline.org/Pages/Staying-On-Message.aspx2016-02-25T05:00:00ZStaying On Message
https://sm.asisonline.org/Pages/Book-Review---The-Handbook-for-School-Safety-and-Security.aspx2016-02-01T05:00:00ZBook Review: The Handbook for School Safety and Security
https://sm.asisonline.org/Pages/MIT-Launches-Cybersecurity-Professional-Education-Course.aspx2016-01-12T05:00:00ZMIT Launches Cybersecurity Professional Education Course
https://sm.asisonline.org/Pages/Campus-ID-Gets-a-Makeover.aspx2015-11-30T05:00:00ZCampus ID Gets a Makeover
https://sm.asisonline.org/Pages/To-Ensure-A-Safe-Haven.aspx2015-11-20T05:00:00ZTo Ensure A Safe Haven
https://sm.asisonline.org/Pages/School-Funding-Winner.aspx2015-09-28T04:00:00ZSchool Funding Winner

 You May Also Like...

 

 

https://sm.asisonline.org/Pages/November-2017-SM-Online.aspxNovember 2017 SM Online<h4>​Telework Safeguards </h4><p>Employees who telework may be using their own PCs, laptops, tablets, and smartphones for work purposes, so a telework program may require another layer of security to protect sensitive data. Security managers facing this issue may want to consult the <em><a href="http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-46r2.pdf" target="_blank">Guide to Enterprise Telework, Remote Access, and Bring Your Own Device (BYOD) Security</a></em>, issued by the U.S. Department of Commerce’s National Institute of Standards and Technology. The free guide provides information on security considerations for remote access solutions, and it makes recommendations for securing a variety of telework, remote access, and BYOD technologies. It also gives advice on creating related security policies.​</p><h4>Elections </h4><p>The Russian hacking of the U.S. 2016 presidential election was an “assault” on election infrastructure, and there may be similar efforts affecting future elections. <em><a href="https://www.brennancenter.org/sites/default/files/publications/Securing_Elections_From_Foreign_Interference.pdf" target="_blank">Securing Elections from Foreign Interference</a></em>, issued by the Brennan Center for Justice at the New York University School of Law, outlines steps that can be taken now to protect the most critical elements of the U.S. election infrastructure.</p><h4>Secure Access</h4><p>A study conducted among IT professionals explores the security threats faced by organizations today. Among its findings, <em></em><a href="https://www.bomgar.com/assets/documents/Bomgar_Secure_Access_Report.pdf" target="_blank"><em>The Secure Access Threat Report 2017 </em>from Bomgar reveals that while 90 percent of security professionals trust employees with privileged access most of the time, only 41 percent have “complete trust” in those users. ​</a></p><h4>​Disclosure</h4><p>In <em><a href="https://www.belfercenter.org/sites/default/files/legacy/files/vulnerability-disclosure-web-final3.pdf" target="_blank">Government’s Role in Vulnerability Disclosure: Creating a Permanent and Accountable Vulnerability Equities Process</a></em>, experts recommend that the United States formalize the process it uses to disclose cyber vulnerabilities.</p><h4>Fake News Technology</h4><p><a href="https://www.vanityfair.com/news/2017/01/fake-news-technology" target="_blank">In a Vanity Fair article, </a>Nick Bilton writes about new technologies that can change audio and video in the same way that photos can be altered. He fears that “governments can weaponize fake news.” The article includes videos that show these technologies in action.​</p><h4>Military Supplies</h4><p>Investigators <a href="http://www.gao.gov/assets/690/685916.pdf" target="_blank">posing as a fictitious federal agency</a> were able to acquire excess military equipment, and the U.S. Defense Department<a href="http://www.gao.gov/assets/690/684935.pdf" target="_blank"> needs to do more​</a> to track equipment it provides to Iraq.</p><h4>Seeing=Believing</h4><p>Humans are predisposed to believe fake news. <a href="https://poseidon01.ssrn.com/delivery.php?ID=764097064115114087102023107085076029057062017031026026005090098067007091028083023031101007022041026027017101026070086017001071041034005023078068013105096092102069064065078040075030090065005127003080070094090119089088002115080084075073107080116110124067&EXT=pdf" target="_blank">A Yale University study</a> found that even one exposure to a false news story predisposed the reader to believe that the story was true. The more times the reader was exposed, the more he or she believed it. <a href="https://www.apa.org/pubs/journals/features/xge-0000098.pdf" target="_blank">Another study</a> uncovered a tendency to believe clearly untrue information even if the reader previously knew that the information was false.</p><h4>Data breaches​</h4><p>The heightened risk of future identity theft is sufficient to show standing to sue at the pleading state in a lawsuit, <a href="http://law.justia.com/cases/federal/appellate-courts/cadc/16-7108/16-7108-2017-08-01.html" target="_blank">a U.S. court of appeals ruled</a>.</p><h4>Driver testing</h4><p>The Federal Motor Carrier Safety Administration and Federal Railroad Administration <a href="http://cdn.ca9.uscourts.gov/datastore/opinions/2017/07/17/16-16067.pdf" target="_blank">withdrew a proposed rule​</a> to require truck drivers and train operators be tested for obstructive sleep apnea.​</p><h4>Data protection</h4><p>The United Kingdom will<a href="https://www.gov.uk/government/news/government-to-strengthen-uk-data-protection-law" target="_blank"> introduce new legislation </a>that will align U.K. law more closely with the EU General Data Protection Regulation.</p>GP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465
https://sm.asisonline.org/Pages/Interoperability-for-the-Safe-City-.aspxInteroperability for the Safe City <p>​​Today's cities often use video management systems or other platforms to view camera footage, protect citizens and property, analyze incidents, evaluate security, and determine appropriate responses to events like natural disasters, disruptions to public transit and other municipal services, and other threats to public safety. <br><br>Cities implementing this connected security approach are typically referred to as safe or smart cities. Most safe cities share a common infrastructure and operate using sensors and cameras over a shared municipal network. Synthesizing information from these sensors and the data from other devices through one interface, government officials and law enforcement are afforded a comprehensive view of a city's security.<strong> </strong></p><p><strong>Integrating the Many Parts of a Safe City</strong></p><p>There are operational challenges that accompany the many systems that are included in a safe city deployment. Interoperability continues to present one of the greatest challenges, particularly with video management systems, video recording devices, and cameras. The most common scenario is that municipalities have several management systems for city operations that were created by different manufacturers, each with proprietary interfaces for integration.<br><br>To connect their different systems together, cities often end up employing a single-vendor "build once and maintain forever" approach, in which the continuing cost for integration of systems becomes prohibitively expensive. In a world where technology and features change quickly, this approach is not practical because it severely limits an end user's ability to try new technology and different vendors' products and requires a substantial financial commitment to specific manufacturers and proprietary interfaces.<br></p><p><strong>Standards in Safe Cities </strong></p><p>ONVIF was founded in 2008 by Axis, Sony, and Bosch to create a global standard for the interface of IP-based physical security products. The organization was developed to provide increased flexibility and greater freedom of choice, so installers and end users can select interoperable products from a variety of different vendors. </p><p>Product interoperability is a driving force behind ONVIF. Interoperability is a simple concept: it is the ability of a product or system to work with another product or system, often from different brands made by different manufacturers. </p><p>ONVIF profiles are subsets of the overall ONVIF specification. They group together sets of related features to make product selection easier for end users, consultants, and systems integrators. Products must be conformant with one (or more) of ONVIF's specific profiles. </p><p><strong><em>ONVIF's current profiles are:</em></strong></p><p><strong></strong></p><p><strong>Profile S</strong> for IP-based video and audio streaming, including:​<br></p><ul><li>Video and audio streaming<br></li><li>Pan-tilt-zoom control and relay output<br></li><li>Video configuration and multicast<br> </li></ul><p><strong>Profile G</strong> for edge storage and retrieval, including:</p><ul><li>Configure, request, and control recording from conformant devices<br></li><li>Receive audio and metadata stream<br></li></ul><p><strong><br>Profile C</strong> for IP-based access control, including:</p><ul><li>Site information and configuration<br></li><li>Event and alarm management<br></li><li>Door access control<br></li></ul><p><strong><br>Profile Q</strong> for easy configuration and advanced security, including:</p><ul><li>Out-of-box functionality<br></li><li>Easy, secure configuration<br></li><li>Secure client/device communications using transport layer security (TLS)<br></li></ul><p><strong><br>Profile A</strong> for Broader Access Control Configuration</p><ul><li>Granting/revoking credentials, creating schedules, changing privileges<br></li><li>Enables integration between access control and IP video management system<br> <br></li></ul><p><strong>Profile T</strong> for Advanced Video Streaming is currently in draft form and is scheduled for initial release in 2018. </p><p>Standards, such as those from ONVIF, provide the common link between disparate components of safe city systems. Designed specifically to overcome the challenges in multi-vendor environments, ONVIF's common interfaces facilitate communication between technologies from different manufacturers and foster an interoperable system environment where system components can be used interchangeably, provided they conform to the ONVIF specification. </p><p>In 2014, ONVIF member company Meyertech helped the city of York, United Kingdom, deploy a safe city solution for the city's public spaces and transportation system. Using Meyertech video management software (VMS) and information management software, the city integrated IP cameras with the many legacy systems for its York Travel and Control Centre command center. </p><p>The city's control room monitors more than 150 cameras from different manufacturers in York, and city representatives reported an immediate impact on crime rates. The integration of legacy and new IP cameras with the new VMS, which interfaced with the information management software, was made possible through ONVIF's video specification. </p><p>A standardized approach for both file format and associated players, which is often a challenge in multi-vendor environments, is also provided by ONVIF, increasing the efficiency of the process and also adding the potential of including metadata—for example, data from an analytic, indicating number of objects, speed of objects, or even colors—in exported materials and reports. Standardized file formats include MPEG4, H.264, and, with Profile T, H.265, which are readable by many standard video players on the market, including Windows Media Player, VLC, DVD players, and many more. </p><p>ONVIF has also released an export file format specification that outlines a defined format for effective export of recorded material and forensics. These specifications together make it possible not only to integrate devices in multi-vendor video security system deployments in safe city environments, but also to offer a common export file format that can streamline post-event investigations where authorities are trying to react as quickly as possible to apprehend suspects or to defuse an ongoing situation.<strong> </strong></p><p>Another ONVIF member, Huawei, is considered a leader in smart city solutions. Huawei's video management system was used in Shanghai, China, as part of the Chinese Ministry of Public Security's safe cities construction initiative. One of the key challenges of the project was to integrate old and new technology. Huawei's VMS uses ONVIF to integrate cameras from manufacturers Dahua, Haikang, Axis, Sony, and others.<strong> </strong></p><p><strong>Multi-Discipline Standards</strong></p><p>A multi-discipline physical security standard that specifies parameters for video surveillance, access control, and other essential operations of a safe city command center would likely increase the prevalence of safe cities even further.</p><p>Many in the broader technology industry see standards as an important component in both safe cities and the Internet of things (IoT). The Institute of Electrical and Electronics Engineers and other standards groups are already working on IoT standards for technology-based industries, and some experts that global IoT standards will be introduced by the end of this year. </p><p>As standards and industries collaborate even further and establish minimum interoperability standards together, the need for a multi-discipline physical security standard will become more urgent. ONVIF envisions that all physical security systems will eventually have the same interfaces for interoperability, and the organization is dedicated to facilitating the work of its members in developing such a multi-discipline standard. </p><p><em>Jonathan Lewit is chairman of the ONVIF Communication Committee.</em></p>GP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465
https://sm.asisonline.org/Pages/To-Ensure-A-Safe-Haven.aspxTo Ensure A Safe Haven<p>​<span style="line-height:1.5em;">When the 15-year-old access control system at Calvary Chapel Fort Lauder­dale (CCFL) in Florida began to fail, Senior Systems Administrator Benny Brown knew it was time for a change. Repairing and maintaining the current access control system in the eight buildings that make up the CCFL megachurch and the pre-K to 12th grade school was costing too much, and the system was so old that manufacturers said the new system would have to be designed from scratch.</span></p><p>“That opened the door for us to shop the whole market for access control products,” says Brown, who started looking for a new solution in May 2014.</p><p>CCFL wanted to move beyond a network-based system to a Web-based portal for programming and management, as well as to find something that could take advantage of the extensive network structure across the sprawling 75-acre campus. </p><p>“Our campuses use Macs, PCs, and even Linux, and compatibility with client applications is always a little bit of a concern,” Brown says. “Having the management be Web-based alleviated a little bit of that.”</p><p>Brown also wanted to find a solution that would help CCFL maintain its open-campus feel for both students and parishioners. About 2,500 students attend the school, 20,000 worshippers come to services on the weekends, and 1,000 faculty and staff keep the operations running. “We try to keep the campus open and inviting, we want people to come make use of the facilities and feel comfortable being here,” he notes. “During the school hours, we typically need to keep the areas where the kids are a little more locked down and strict.”</p><p>In 2013, Brown met a Viscount representative at the ASIS International Seminar and Exhibits in Chicago, and he reached out to him when it became clear that CCFL needed a new access control system. After working with Viscount, CCFL settled on purchasing the company’s Freedom platform, a server-based software application that communicates over IP. “It checked all the boxes for us,” Brown says. </p><p>Brown notes that the Viscount Freedom encryption bridges are compact and function through power over Ethernet. Since the application software is completely Web-based, Brown was able to set up multiple access groups and schedules—he can control the access of certain badgeholders throughout different parts of the campus at different times of the day. This flexibility is important on an open campus like CCFL.</p><p>“We need our schedules to be dynamic and have the ability to mark certain controlled areas and lock them at a particular time, and even have temporary unlocked periods within that schedule for certain areas, depending on whether the school is having a function where parents will be coming in,” Brown explains. </p><p>Viscount’s platform makes receiving real- time updates much easier and more consistent, he says. With CCFL’s old solution, each building’s system would have to be updated individually, which could take hours. </p><p>“A lot of times the log on our control panels didn’t get updated until that controller decided to communicate everything back across the network, or the controllers would just lose contact with the server,” Brown explains. </p><p>This was a problem when CCFL enabled or disabled a badge for access, because it took up to two hours for the changes to be pushed out to all of the control panels. </p><p>“The beauty with Viscount is their encryption bridges literally only act as a translator between the reader and the IP network, so their server makes all the decisions,” Brown says. “We make changes on the database in the server, and it’s instantaneous—we don’t need to worry about pushing that information out all over the campus.”</p><p>Brown says his team was able to install 60 Viscount Freedom encryption bridges on the new system by the start of 2015. He has set up 105 controlled areas throughout the campus and church on 31-week schedules to correspond with the school year, and about 1,625 cardholders are in the access control system. </p><p>Right now it’s mainly staff that use the badges, although Brown says he’d eventually like to extend their usage to students as well. Badges are also given out to vendors and contractors who come to the campus on a regular basis and have passed background checks. </p><p>The system was installed throughout both the school campus and the church, and Brown says it has less to do with letting people in than keeping unwanted criminals out in an emergency. The solution allows Brown, or anyone with enhanced credentials, to swipe their card and lock down every single door in a certain building or hallway, or even throughout the entire campus. </p><p>“It’s unique and allows you to be creative for whatever situation or policy your security team wants to implement,” Brown explains. “It’s very flexible, and you can pretty much tailor the access control system around what you need. I have controlled areas for each of our buildings, so I can lock each building in its entirety or conversely unlock each building from the management portal itself.”</p><p>Brown also says that the access control system comes in handy when there is a special event or after-hours gathering, because he can keep all but a few entrances secure to control the flow of visitors. And if a staff member needs access to a building after hours, he can unlock specific doors from an app on his mobile phone. </p><p>Overall, everyone who has been involved in the installation, management, and use of the Viscount Freedom platform has been pleased, Brown says. Compared to the old system, there is virtually no downtime. CCFL’s security team has quickly been able to learn the system, and can view constantly-updating access logs as well as control access points through the management portal.</p><p>Brown says he’s hoping to work with Viscount to take advantage of technology, such as QR codes or near field communication (NFC), which would enable staff, students, and visitors to use their smartphones to gain access to the campus. </p><p>“That would allow us to keep the schools locked a little more consistently during events, and we would have a better idea of who is on campus at any given time,” Brown notes. “We can pretty much limit access to parents, family members, and known volunteers without actually having to issue a badge. I’m looking forward to when they have that perfected.”    ​</p>GP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465