Industry View

By Jim Caudill, SVP Marketing & Strategy, Xterprise

Recently reported sales at U.S. retail stores showed a significant improvement over the same month last year. These results are better than expected at many apparel chains and department stores and likely were aided by easy comparisons to sales of last January, when the recession really took hold in retail. Overall, leaner retail inventories meant retailers didn’t have to resort to steep markdowns to clear unsold merchandise as often as in years past. But simply slimming down inventories alone isn’t a sustainable solution - forward-looking apparel, specialty retailers, and department stores are leveraging RFID-based store inventory management applications to drive down costs, eliminate waste, and improve customer service and store security.

Why RFID?
In the 1980s the industry ushered in the age of standards and barcodes by adopting the UPC and the use of barcodes with store POS systems to increase efficiency and accuracy. In the 1990s the retail industry eagerly adopted sophisticated planning and optimization tools for forecasting, merchandising, warehousing and distribution, and pricing functions. The 2000s saw the advent of cross-channel integration, retail ERP platforms, online storefronts, more pricing/markdown optimization tools, and many specialized applications like retail PLM. Yet, for all the technology investments in these areas, in-store and distribution center-to-store inventory processes have remained largely unchanged over the past two decades. Recent advances in reliability and performance of a new generation of RFID tags and hardware, combined with a much lower price point, have given rise to a class of applications that applies lean principles, RFID technology, and item-level inventory management to address this gap and create value in the retail merchandise life cycle.

Item-level RFID effectively creates a high-definition view of inventory levels for the retailer, ROI of one year or less, and other significant benefits including:

• 90% or more efficient inventory counting processes
• 7–15% more accurate inventory as a result of effective measurement processes
• 10–25% improved service levels from the distribution center because of real-time replenishment and demand-driven ordering
• 15–50% reduced sales floor replenishment effort/stocking time
The business impacts include higher customer satisfaction, increased revenue, reduced labor, and reduced shrink.

RFID for Loss Prevention
A key benefit to keeping a closer eye on retail inventory as it moves from the supplier or factory, through the supply chain all the way to the ultimate consumer at the point of purchase, is a marked reduction in internal and supplier theft. Published case studies from leading retailers and academics point to 90-95% reductions in this area. This is a significant value point to a retailer as estimates suggest that close to half of all dollars lost to shrink are attributable to employees, the largest overall portion when compared to consumers, vendors, or errors.

Retailers have recognized an opportunity to take significant cost out of their store infrastructures with a standardized inventory and a simplified tagging process - leveraging the same RFID item-level store solution infrastructure for EAS item-level consumer l theft deterrence, detection and protection. Unlike traditional RF-based EAS solutions widely deployed today, RFID-based EAS gives apparel, specialty and other retailers visibility to theft incidents when they are occurring, but goes further by identifying exactly what was stolen and from where in the store. This invaluable information allows the retailer to quickly restock the otherwise unknown merchandise and avoid missed sales opportunities due to out-of-stocks. The fidelity of the data also gives the retailer insight into theft patterns and trends that might otherwise take weeks or months to see. Retailers also gain a tool that, when combined with CCTV, becomes evidence against shoplifters, even if they are not ultimately caught until a subsequent incident.

Standards to Increase Adoption
A recently published standard by GS1 EPCglobal represents just how far the promise of RFID-EAS and LP has come. This standard was developed and ratified by the members of this standards group, which includes RFID hardware and technology providers, retailers, application providers and traditional EAS market leaders Checkpoint and Tyco who now clearly accept RFID as the inevitable successor to their existing solutions and technologies. The next phase of the standards development will include updates to address tags that are embedded in products (sewn in for example), and the applications and product categories that will leverage these embedded tags that may require electronic deactivation or tag alteration.

Item-level RFID solutions provide many retailers the tools they need to maximize their lean operating advantage. From better inventory management and more efficient use of store employees’ time, to loss prevention improvements, item-level RFID solutions are making better execution a reality at the store level.

By Jeff Floreno
Schools pride themselves on offering very open, warm environments that welcome parents, students and visitors. But unfettered access to facilities and both literal and figurative open-door policies may put schools in the position of inviting unnecessary risks on campus. For some schools, security can become a dreaded “to-do” that is constantly pushed to the end of the list.

It is not that administrators do not want to take action; on the contrary, they have tremendous interest in providing secure learning environments. Yet in many ways, prioritizing problems, selecting the best technologies, stretching limited budgets and simply knowing where to start can be overwhelming amidst a slew of other priorities and daily distractions. Consequently, many schools respond by pushing the risks to the back of their minds, or take cursory steps to secure the campus by implementing solutions that symbolize security.

There are many lessons that schools can learn from the corporate world when it comes to controlling access on campus. In the business world, security is an everyday part of what they do: a series of habits and a way of working. They also tackle security in layers. Corporations begin by securing the area employees and visitors hit first when arriving: the parking lot. They consider parking areas part of the experience customers, prospects and employees will have with their company and may monitor the area with surveillance, live security or access control.

From the moment someone walks in the door, everyone at a company becomes responsible for security. Employees are taught to greet visitors, assist them, and escort them to their destinations. Sensitive areas are protected with surveillance or access control. Employees are given opportunities and training on reporting suspicious behaviors or activities anonymously. Companies are also quick to implement work-around solutions. For example, if it is not practical for a company to always secure the front door, management may issue policies directing employees to secure high value items such as laptops when the area is unattended. It may not be the ideal solution, but it’s a way to protect assets and reduce risks by taking some simple steps. The point is not for schools to follow each step taken in the corporate world, but to learn and adopt those approaches that best serve their needs, such as enrolling everyone in security efforts and identifying simple, cost-effective steps to reduce risks.

A Layered Approach to Security
When it comes to access control, schools must shed the myth of “all or nothing.” Controlling access is merely the act of keeping unwanted and dangerous elements off the premises. It also involves controlling visitors, contractors, and family members who may have a valid reason for entering the school. Actions such as requiring visitors to sign in when they enter the building, wear a badge identifying them as a visitor. Other options to help control access may be as simple as a “No Trespassing” sign at the perimeter of the school property or a traditional lock and key system on doors. Having good access control does not necessarily require state-of-the-art biotechnology on every door in the facility. There are many steps, actions and tools that lie between the ultimate, ideal solution and no access control whatsoever. Think of access control as more than a door and a lock. Think of it as the layers of an onion, each layer creating more of a barrier to unwanted elements and reducing risk to the school.

To help administrators take a practical approach when thinking about improving security and controlling access on their campus, it is helpful to consider security in terms of “good, better, best.” Each additional layer of action taken further reduces risk and improves overall security. It is also helpful to break down the school into “zones” of protection:
• the outer perimeter of the school property
• the traffic and parking areas on campus
• the building exteriors
• the facility interiors

Each of these zones offers an opportunity for the school to control access and manage the security and safety of those on campus.

The chart below suggests just a few measures, policies and technologies that a school can implement. The list is cumulative, so conducting good, better, and best practices is the ideal. However, schools that just follow “good” practices eliminate some level of risk, better practices eliminate even more and so-on.

The key is to take a practical approach and to know that, regardless of budgets, resources and technologies, every small step brings the school closer to a more secure learning environment. With a practical approach and culture of security, schools can close the door on risk and security problems.

Jeff Floreno is director of security operations and strategy for Wren, providers of physical security solutions that create safe learning environments. He can be reached at jeff.floreno@wrensolutions.com. To learn more, visit www.wrensolutions.com.

By Jumbi Edulbehram
The security industry is undoubtedly experiencing a technological sea change, transforming from analog infrastructure with proprietary software to an IP network infrastructure with standards-based software. While this change has been afoot for more than 10 years, the rate of change has accelerated rapidly in the past few years. Though smaller businesses have much to gain from the security industry’s advancements in IP-enabled products, this market has not been able to take advantage of them, even though they have the necessary network infrastructure in place.

What are SMBs anyway?
Traditionally, a small business has been defined by the number of employees (e.g. fewer than 500 for manufacturing) or by the total revenue (e.g. less than $6.5 million in revenue for retail and services). But when it comes to security, it’s more important to define a business by the size of the security system needed than by its workforce or revenue. Most commonly, the infrastructure required for securing facilities in the SMB market is a CCTV system of up to 16 cameras, an access control system of up to four doors and one-to-two intrusion panels.

Why have IP manufacturers underserved the SMB market?
There are a host of reasons why major manufacturers of IP network hardware and software have underserved the SMB market. Manufacturers focus on the enterprise market: Most IP solution providers market their solutions as “enterprise-class” and “full featured.” Customers in the SMB market, however, don’t require enterprise-class solutions and need only a small fraction of the features, making these products less than an ideal fit for these facilities. Further, given that most solutions are targeted to the enterprise market, they are also relatively expensive. In the SMB market, regardless of great feature sets and incredible ROIs, solutions need to be affordable. Very often, manufacturers’ efforts to “dumb-down” enterprise-class solutions, in order to make them affordable, result in less than desirable solutions. Finally, “best-of-breed” systems are difficult to specify and implement: Unfortunately, SMBs and their security providers usually lack the IT expertise necessary to implement network solutions, as those that traditionally serve the market may not be adequately trained to install, configure and maintain IP systems.

What is needed in the SMB market?
There are a number of ways suppliers of IP-based hardware and software and systems integrators can address the issues above and serve the SMB market better. Cost-effective solutions are undoubtedly key for this market. The cost of the solution should factor in all the equipment (hardware and software) as well as costs associated with installation and maintenance. Newer technologies continuously reduce hardware costs, but to dramatically lower overall system costs, the answer is an integrated solution in which the costs of different components don’t add up.
Integrated solutions require much lower effort in the integration of different components (video, access control, intrusion) and the sub-components of each system. They require less time and effort in selecting different hardware components that meet certain specifications, and they should have easy-to-use software interfaces, rather than disparate applications with different interfaces.
Integrated solutions also enable SMB customers and those integrators who serve this market to benefit from reduced complexity and ease-of-installation. Since most SMB customers and integrators lack IT expertise, the interoperability of IP devices is critical. Standards development efforts, such as those being led by the Physical Security Interoperability Alliance (PSIA) and the Open Network Video Interface Forum (ONVIF), are driving interoperability between network devices, enabling disparate products to work in conjunction without in-depth and time-consuming integration.
In sum, SMB customers are likely to be best served by fully integrated, network-based security systems with sophisticated feature sets that are easy-to-configure and cost effective. There are solutions coming to market today that combine multiple subsystems such as digital video management, video analytics, access control and intrusion detection into a single appliance that meet these needs. By specifying integrated security appliances, security systems integrators and resellers can sell top-of-the-line solutions at bottom-of-the-line prices to their devoted customers.

Jumbi Edulbehram is VP of business development for Next Level Security Systems, a physical security company focused on developing a new breed of network security solutions. He has served in a similar capacity for Axis Communications and IntelliVid. He can be reached at jumbi@nlss.com.

by Edward M. Roche, Ph.D., J.D., Henley-Putnam University

If you recently saw James Cameron’s new movie AVATAR, then perhaps you are thinking of having your own personal avatar living somewhere in a virtual world. Many people are doing it, so why not you?

Let’s look at the basics: A virtual world is a computer-based three-dimensional simulation intended for its users to inhabit and interact via avatars. Avatars are three-dimensional graphical representations of people, much like video game characters. They are controlled remotely by their owner. Inside a virtual world, the one’s avatar expressed the participant’s identity and personality.

Virtual worlds started out as a multi-party gaming platform. Individuals would be connected to each other over a network. They would be able to interact in a cybernetic reflection of the real world, complete with buildings, terraces, roadways, and other people. Today’s virtual worlds have libraries, universities, research institutes, facsimiles of the finest museums, and wonderful demonstrations of complex scientific phenomena.

Perhaps like many, you are skeptical about virtual worlds, but the facts point in a different direction. Although the experience at first is strange, you probably will be surprised at how quickly your mind makes the adjustment to living in a virtual reality.

Owners tend to quickly identify with their avatar. It has been reported that most users experience a sense of tele-presence, particularly when other avatars are nearby and can be engaged in some type of social communication. This “mind meld” effect is so great that some medical researchers are finding success in pain therapy for burn patients when they are plugged in.

Current technology is not as advanced as seen in James Cameron’s new movie AVATAR, but experiments are being conducted in treatment of war veterans and paraplegics who might benefit from being able to live “whole” again.

Virtual worlds are one of the most exotic and exciting technologies to come along in a long time. As measured by both the number of participants, and the scale and scope of complexity, they continue to grow rapidly. The number of participants has exceeded the population of some smaller European countries. Some argue that the virtual world platform is the richest and most complex collaborative environment ever to come into existence in cyberspace. It is the ultimate 3-D Internet social networking and social media platform.

Why are virtual worlds important? Are they merely giant online games, or something more? What, if anything, do they have to do with crime and terrorism? How do they aid the dark hand of conspiracy?
The problem is that when globalization, technology and terrorism are combined, we see the emergence of new and rather dark possibilities that must be accounted for. These “worlds” are full of pornographic sites, sex dens, recreations of slave societies, vampire societies, witchcraft, and criminal activities. Recent research has suggested a link between some activities in virtual worlds and international terrorism.

Virtual worlds, offer government and law enforcement an important source of intelligence. After all, international criminal syndicates and terrorists are using virtual worlds to coordinate their activities. But in order to leverage this new source, it will be necessary both to understand how this new form of social media technology works, and to possess the training to exploit it.

The threat of criminal conspiracy and international terrorism is enough to pay attention. Crime scenes can be virtual as well as real. A response from the government is required. Intelligence and law enforcement must locate suitable personnel and integrate monitoring of virtual worlds into their standard surveillance and intelligence-gathering activities.

The intelligence implications of virtual world platform will be governed by their underlying technological infrastructure. Consequently, an appreciation of the relationship between technology and intelligence capabilities in this environment is based on several factors: First, what may be done by actors on all sides within these virtual world platform is enabled solely through the different applications and functions on the menu; Second, how these systems are designed and provisioned gives a clue as to how they might be compromised by either criminals or terrorists; Third, the underlying technology provides also a type of landscape through which law enforcement and intelligence communities charged with monitoring and responding to emerging threats can accomplish their work.

What is the vision for the future? Virtual worlds require 24×7 monitoring. Agents must be able to work in a variety of languages. Many of the same techniques used to infiltrate criminal groups in the real world will be used in the virtual world. It will be necessary to shield the identities of those involved. For foreign-based virtual worlds, the challenges are stiffer. Besides foreign language skills and concealed identities, the analyst must be able to communicate well enough to blend in and socially interact with those they meet. New types of dossiers and record keeping systems must be integrated with social media analysis. A new art of surveillance and cultivation of contacts must be leveraged. A watch system will be set up to trigger alarms when suspicious activity is detected.

Other countries, particularly the People’s Republic of China are moving ahead. It is not too late for the United States, but the clock is ticking.

Edward M. Roche, Ph.D., J.D., is the director of scientific intelligence for Barraclough Ltd

By Ravi Acharya, associate director of B2B marketing for TeleNav

While many security managers are skilled at ensuring a watchful eye is kept on people and property to meet client needs, these same managers may be neglecting to keep a watchful eye on the efficiency of their very own operations and staff. With the emergence of new wireless technologies and mobile communications tools, security managers have access to more information regarding the daily activities of their mobile personnel and property than ever before. Security firms of all sizes must use this information to do more with fewer resources and maintain a successful business despite the current economic environment. Technology that may have once been viewed as “nice to have” has now become a key component to ensuring security firms maintain a competitive advantage and survive in this challenging marketplace.

To maintain that competitive advantage, many security firms are adopting an emerging wireless technology called Mobile Resource Management. MRM combines GPS tracking, navigation, wireless forms and timecard entry into a single product installed on security officers’ mobile phones or company property such as patrol vehicles. Using MRM products on their mobile devices, security officers can clock in and out for their shift, receive turn-by-turn directions to the patrol site, access details about the current assignment, keep management informed of any emergency situations with the push of a button and capture incident information right from the phone. Management can easily access information on the real-time locations of officers to ensure they are guarding their assigned area, dispatch the nearest officer in emergency situations, monitor company vehicle and equipment usage, ensure timecard accuracy, and improve customer communication.

MRM products allow mobile security personnel to spend less time traveling to and from the office to transfer paperwork or receive job information and more time in the field providing security for clients. Management benefits from officers that are more productive, travel more cost effectively and are more accountable to both the company and clients. These benefits, combined with the low cost of MRM products, deliver a strong ROI that security managers will see soon after implementation.

A Mobile Workforce Presents Challenges to Security Directors
Most security managers are well aware of the challenges that come with managing a workforce that operates in the field, often with limited supervision. It can be extremely difficult for management to ensure employees are completing work within company guidelines and performing their assigned duties. Currently, many security firms have limited processes in place to hold their mobile personnel accountable.
Additionally, current supervision methods in use by security firms require physical patrols by management to confirm personnel are actually at their assigned locations. This not only takes a substantial amount of time, but also drives up costs for vehicle fuel and maintenance. Eliminating the man hours and equipment costs of these supervisor patrols can drastically improve the efficiency of a security operation and reduce operating costs.

Security managers must also ensure their mobile personnel are accountable to customers. The security industry is unique in that many times the only person who may be able to confirm if a patrol was conducted is the actual officer conducting the patrol. With the exception of random supervisor patrols or video surveillance, management and customers have limited ways of knowing if the assigned security duty is being completed. This uncertainty can cause issues for security management when disputes arise with customers regarding the level of service they’re receiving.

MRM Offers Managers a Solution
While the challenges facing security managers are not easy to tackle, MRM products help them address these challenges in efficient, affordable ways and often lead to large operational cost savings. MRM products combine the latest in GPS, wireless and Web technologies to allow security officers to do more from the field and give management an unprecedented look into the daily operations of their business and staff. By implementing MRM products into their operations, security managers can improve efficiency throughout their business.

Improve Employee Accountability
MRM products provide location data that enables management to monitor the location of remote personnel using a simple Web-based interface. In real-time, managers can locate all deployed security officers and verify that they are securing their assigned location. This eliminates the need for physical supervisor patrols, significantly decreasing man hours and equipment costs associated with these patrols. A California-based security firm reported annual savings of $120,000 after introducing MRM and reducing supervisor patrols.

Managers can also use MRM products to be alerted when an officer enters or exits a pre-determined area, instantly letting them know when a specific geographical area is or is not secure. Other alerts include speeding alerts for officers using company vehicles and notification if an employee forgets to clock in or turns the application off during their work shift.

Improve Customer Service and Dispute Resolution
With exact employee locations provided by MRM products, security managers can provide customers with detailed reports of current and past locations of security personnel. This is not only helpful to provide an accurate ETA when a customer asks when an officer will arrive at the patrol site, but also when a customer disputes the service they received. With an easy to produce report, management can provide customers with an historical “breadcrumb” tracking view that will demonstrate the exact location of the officer during the disputed time frame.

Intelligent Dispatching Improves Response
With MRM products, dispatchers can locate security personnel through tracking their handheld devices, eliminating time wasted searching for employee locations. This enables dispatchers to easily send the closest employee to emergency situations or dispatch employees to new jobs based on their present location.

Fuel Conservation Saves Money
No matter what the cost per gallon, fuel will always be a significant expense for security companies that depend on vehicles to conduct patrols. A December 2007 study by the Aberdeen Group noted that MRM products offered the following benefits related to fuel consumption:
• 13.2% reduction in fuel costs
• 19.2% decrease in miles traveled
• 27.4% improvement in fleet utilization
Security companies can conserve fuel by efficiently dispatching employees in the field and eliminating unnecessary trips to and from the office. In addition, mobile personnel can reduce excess mileage using voice-guided, turn-by-turn GPS navigation provided by some MRM products.

Wireless Timecards Reduce Payroll Expenses
Wireless timecards eliminate paper-based processes and reduce error-prone, time-consuming data entry. Security companies using wireless timecard capabilities have indicated the process has improved time and attendance, and reduced payroll costs. MRM solutions provide detailed wireless timecard functionality that includes labor codes, tracking of overtime and double time, and can seamlessly integrate with existing payroll systems.

Conclusion
Security managers are faced with a number of challenges when it comes to managing a mobile workforce. With the integration of MRM, managers can outfit staff with wireless devices that have a broad range of features and uses that drive improvements in efficiency and productivity throughout the business, both in the field and in the back office. MRM solutions help security companies better manage their mobile workforce and stay ahead of the competition even in challenging economic times.

Ravi Acharya is associate director of B2B marketing for TeleNav. He oversees product marketing for TeleNav’s Mobile Resource Management solutions developed for the enterprise. For more information, visit www.telenav.com.

How New Analysis Methods Can Enable CSOs and Directors to
Reduce Costs While Raising Security Efficiency and Effectiveness
By Ty Richmond, Chief Operating Officer, Andrews International

From corporate enterprises to government agencies, chief security officers and directors are being asked to protect more with fewer resources. In contrast, industry vendors are interested in selling products and services that increase a security manager’s budget. It’s a contradiction that existed before the current recession, though there’s no denying today’s business climate has placed far greater pressure on those tasked with attaining the highest levels of cost-efficiency…without sacrificing security quality.

Yet, this seemingly insurmountable challenge can be overcome through new analysis techniques that comprehensively evaluate the effectiveness of security operations with a simultaneous goal of reducing costs and improving efficiency and effectiveness. At Andrews International, we have developed a new methodology that matches security resources to risk profiles, maximizes the integration of uniformed guards and electronic security assets, and accurately projects return on investments (ROI) through industry-specific financial models.

Already, the analysis has been used to evaluate enterprise security programs across several key industries, including high-tech and manufacturing. According to one Fortune 500 global manufacturer, the methodology identified actionable improvements that will enable it to reduce uniformed guard costs by 20 percent across its U.S. headquarters and manufacturing site, all while enhancing the strength of its security operations.

In its simplest form, when evaluating the total cost of ownership (TCO) of an organization’s security budget, the process allows for a reduction of operating costs associated with the convergence of security human resources and electronic technologies.

The Traditional View
Traditionally, organizations periodically review their uniform security officer costs. Efforts to reduce costs vary depending upon if security personnel are in-house staff or outsourced. Most organizations utilize contracted services and are faced with the challenge of continually reducing the cost of the contract itself. This includes negotiating with the current supplier, obtaining discounts for term commitments, competitively bidding the contract, aggregating multiple facilities into a corporate agreement for volume discounts, and utilizing a “reverse auction.”

Unfortunately, when faced with creating value beyond the basics, and doing this in a progressive manner, very few security professionals challenge themselves or their suppliers to assess efficiencies in an integrated TCO approach. Uniformed security service providers, technology manufacturers and integrators typically have different agendas and see “their world” only, which doesn’t usually include the integration of their respective areas or making sacrifices in the best interest of the client. In other words, “enterprise or total solution” analysis tends to be more silo oriented around their service area only.

The fact that there is a subjective element to providing “good security” makes the challenge of determining cost effectiveness even more difficult. The security industry’s general practice is to determine the overall security risk by evaluating the value of the asset being protected, its potential threat and vulnerability, with mitigation measures then applied to reduce the overall risk.

Factors such as the replacement cost to an organization of an asset, and the operational cost of being without it, can help determine the measures necessary for effective security. Management or consultants then figure appropriate staff levels for locations, security equipment required, as well as the architectural elements and correct processes and procedures needed for efficiency. With new construction or remodeling, security measures can remain the same for years with no changes in staffing levels, procedures or equipment. Even if there are eventually changes, these may occur as unrelated elements where one facet is changed without considering its impact on another.

Unfortunately, security organizations do not always know where they stand relative to industry peers. Sometimes, a steady state-of-operations settles in where the same uniform hours are purchased every year under contract with cost reductions obtained through a reduction in billing rates. Then again, security officer and staff assignments put in place to address temporary needs often turn into standing long-term assignments and add to the total hours of security staffing.

Neither is security technology immune to waste. Budgets dictate investments and recurring costs, yet, the initial price of a technology may not include an analysis of ROI over the life of the equipment. In some cases, technology may have been deployed with the idea that an upgrade would follow at a later date as funds became available. Often, those funds fail to appear and a less-than-effective solution remains in place. This can also lead to redundancy in staffing and technology. Over-implementation is also fairly common with technology, and, equipment may be purchased without thought to recurring maintenance and support costs, placing a further burden on a budget.

Architecture can play a role in evaluating security costs, too. For instance, a security plan may have been implemented at the time of a building’s design. However, needs change over time, and when an organization can participate in the design process — enabling security and architects to work together — significant savings can result. Unfortunately, security management often deals with existing limitations on access, perimeter, lighting, parking, and other dimensions of a building. Remodeling and changes in construction during occupancy can raise additional challenges, especially if security managers are not a participant in the process. Disparate systems add to the dilemma of reducing costs.

The Big Picture
The methodology we’ve developed follows a planned approach designed to provide the “big picture;” an evaluation of the effectiveness and efficiencies of enterprise security operations used in the deployment and integration of uniformed security officers and electronic/technical security.

The goal of the process and the methodologies are as follows:

• Provide a protective solution commensurate with the identified risk profile and risk tolerance;
• Ensure enterprise security services are integrated, converged and operating effectively and efficiently; and
• Identify supporting financial models to show ROI, payback and other economic metrics that enable organizations to gain efficiencies and effectiveness in their use of these assets.

This process lays a roadmap and migration strategy designed to execute the desired benefits. It entails a comprehensive study of the enterprise security operating model to include a review of global, regional and local asset utilization based on the following methodology:

• Identification and evaluation of reasonably foreseeable internal or external threats for locations/site(s) and business operations.
• Study and assessment of location/site(s) vulnerability based on neighborhood and area crime environment.
• Assessment of uniformed security personnel deployment and utilization to further ensure the operation’s state of readiness.
• Assessment of uniformed security force policies, procedures, post orders, functional responsibilities and training programs to ensure the state of readiness for security events or emergency situations.
• Assessment of utilization and functionality of existing local and global command center operations.
• Assessment of existing electronic security measures for effectiveness in addressing location/site(s) and business exposure to identified threats/vulnerabilities.
• Evaluation of architectural elements such as landscaping, fencing, lighting, doors, windows and other access points.
• Identification of inadequate or obsolete equipment and systems in need of updating, replacement or re-deployment.
• Identification of opportunities to converge total security resources more effectively by blending and leveraging the benefits of technology and security personnel.
• Integration with other business functions (payroll, HR systems, etc.)
• Review of work processes using LEAN business practices to reduce, integrate and generally improve work flow throughout the operations.
• Presentation of financial models and scenarios to reduce security officer operating costs with technology in a more effective and efficient converged model.

The methodology inherently ties staffing, technology and their associated cost impact together with the effectiveness of each security measure. This allows organizations to arrive at an optimum model that improves the level of security while controlling costs, supported by an ability to accurately project resulting outcomes.

A New View
In addition to determining effectiveness and cost efficiency, our methodology process also has a toolbox of software programs deployed “post study” that can be used in creating a “security information fusion center.”

The result is a software platform that features an integrated view of the security operations and business program with numerous modules that allow an operations center to proactively monitor various aspects of a security program and gather information that supports risk mitigation. These modules encompass task areas involved in daily operations, incident tracking, data distribution, analysis and resource optimization.

Front-end process software is designed to screen, test and qualify personnel to work in a complex dispatch and security operations center environment. It uses customizable testing modules for evaluating personnel on key skills essential to each unique security scenario. To effectively manage a security operations center, and then take the next step to handle processes and systems for “strategy altering” intelligence, the entire team must operate with key communication, analysis and decision-making skill sets.

The back-end features risk-analysis software that integrates all components to allow the information and intelligence to reveal specific threats, vulnerabilities and mitigating solutions. This tool is the basis for the perpetual assessment process, aimed at continually improving risk mitigation strategy and resource optimization.

Living the Dream
Developments in enterprise risk management, and converged physical and logical security assets and value-driven software tools, have provided a significant platform for increased productivity and/or cost reduction opportunities. After all, success in security should not be measured by volume of staff hours or the newest trick technology, but by the overall effectiveness and value of the security solution.

The goal of our methodology is to integrate resources in a manner that enhances the security environment and allows personnel to function on a more professional, effective level. To that end, the analysis often results in recommendations for fewer hours provided by more qualified personnel, combined with technical resources. The outcome is overall cost savings and an improved level of security efficiency and effectiveness, enabling CSOs to live what has long seemed the illusive dream.

And that’s the ability to “protect more with less.”

Ty Richmond is the COO of Andrews International and co-creator of the company’s Security Asset Effectiveness and Efficiency Analysis. Previously, he held executive security posts for a number of Fortune 200 companies, including Agilent Technologies, where he was Senior Director of Security, overseeing operations in sixteen countries throughout Asia Pacific, and Hewlett-Packard, where he was Manager of Corporate Worldwide Security and Americas Security Manager. He also has worked as a security executive in several sectors including energy, consumer products, high-tech and now as the COO of a service provider.

by Mark Johnson, vice president & national practice leader, fraud and compliance and
Elaine Carey, senior vice president & national director of investigations, Control Risks

You don’t have to be a fraud professional to know that the Madoff fraud cost billions. The media headlines scream about losses of $65 billion in the Madoff case and $8 billion in the Stanford case. Then there are the record Foreign Corrupt Practice Act fines levied by the Department of Justice that take one’s breath away – notably the Siemens fine of $1.6 billion last year. But none of these figures are remotely close to the true cost of any one of those frauds.

Fraud costs far, far more than just actual dollars lost, whether it is Enron or the corner family business where the bookkeeper has been skimming money for years.

The actual dollar loss of any single fraud suffered by an organization is just one part of the true cost. What the headlines don’t capture are the many other hard and soft costs of fraud. Just a few of these are management time and distraction from running the business, lawyers’ fees, reputation, lost market share, impaired ability to hire talent and retain talent. When it comes to violations of the FCPA, individual officers go to jail. And often stock price decline. At times the very viability of the organization is jeopardized. No fidelity bond can ever cover all these losses. Moreover, the chances of recovery of the actual stolen dollars are slim to none in most cases. Fraudsters spend their ill-gotten loot too quickly, and often the fraud schemes are discovered too late for the victim to have a chance to get meaningful restitution. In most cases the victim gets nothing or mere pennies on the dollar. And many times they don’t even get the satisfaction of someone being sent to jail for the crime.

Take your company’s annual revenues and figure out what 7% of that is. That is what fraud experts estimate your organization loses to fraud each year, according to the Association of Certified Fraud Examiners (ACFE). The fraud may be as large as cooking the books or as small as employees calling friends around the globe and inflating travel expenses. In the United States alone fraud losses annually run $994 billion, which is 7% of U.S. gross domestic product according to the ACFE. But again these figures are based on known frauds and don’t include the very expensive “other” costs of fraud.

Fraud is a major corporate crisis and yet very few corporations treat it that way – until it is too late (think Enron, Arthur Andersen, Long Term Capital Management, Broadcom, Worldcom etc.). Frauds happen because something or many things are wrong in the corporation that allowed fraud to take root. Too often corporations ignore the small signs that a fraud cancer is growing until it has metastasized. Management should interpret fraud as a big flashing red light indicating that the business is in trouble, and react accordingly.

When a country manager for an American corporation in Russia can take a 40% kickback from each supplier, that business is not profitable. When the payroll run includes paychecks to ghost employees and is 50% higher than it should be, that business is hemorrhaging money. When a corporation fails to conduct enhanced due diligence on a senior hire and discovers years later that he has been funneling intellectual property to a competitor, it is too late – the company’s market share has already been badly eroded. When a shop floor supervisor for a government contractor ignores obvious drug use on the shop floor because “everyone does it,” is it really a surprise when the contract is lost due to defective manufacturing? It also raises another question - isn’t the fraud incident an indicator of much deeper rooted organizational problems? If the country manager in Russia can take 40% kickbacks from suppliers, what other criminal behavior is possible in the organization?

Fraud should be high on the list of triggers that convene a corporation’s crisis management team. Knowing that a fraud has the potential of major to extreme impact on the organization’s people, assets and reputation, strategic crisis management is the magic formula for coming through a crisis with the business intact along with share price, market share and reputation. The key goal to crisis management is to reduce the impact of the negative event, whether it is fraud or another major threat. Effective crisis management controls escalation of an event, initial response and ensures management of the issue with the right players at the appropriate level within the organization both strategically and tactically. It provides crisis communications to the media, clients, regulators, employees, suppliers, shareholders and pressure groups.

The other vital function of an effective crisis management response that corporations frequently miss is the ability to continue doing business. What do you do when law enforcement performs a dawn raid and confiscates critical IT infrastructure? For law enforcement, that IT infrastructure holds evidence. For you, it is a vital tool in being able to do business. How do you continue running the Russian business when the country manager sits in jail? Without a prioritized, tested and coordinated business continuity plan that addresses the ability to work around the loss of such critical tools and processes, the best of efforts to resolve the crisis will still leave a wounded organization.

Empirical research indicates that good crisis management can give a company a healthy and consistent jump in stock price (around 7%) in 250 days after an incident, such as a fraud, hits the headlines. Conversely, a poor reaction can send the stock price down by as much as 15% in that same timeframe.

The other nasty “hangover” that a fraud usually leaves a corporation is trouble with regulators and governments that takes years to settle and requires hordes of lawyers and buckets of money. An FCPA violation can result in prosecution by the Department of Justice, Securities and Exchange Commission and the government of any other country where the bribe may have occurred. Moreover, most companies that have FCPA problems also have fraud, money laundering issues, and incorrectly stated accounts. Remediation of all those facets again costs far more than the actual fraud itself.

There is one thing that is cheap by comparison in all of this – prevention. What can you do to minimize the likelihood of a fraud incident occurring? Due diligence, pre-employment screening, proper risk assessments up front and periodically, establishment of anti-fraud governance through explicit policies and procedures, a whistle-blowing program and policy and education of staff, over and over again. These measures will take investment up front but will always cost the corporation a fraction of what a material fraud will cost in both hard and soft costs that can drag on for years.

By Shawn I. Reilly, CPP

To whom do you point your finger if you are not happy with your security force? If they are contracted, your provider is a natural target. If they are in-house, there has to be a manager or supervisor to blame. But remember, when you point your finger at someone else, you have three other fingers pointing back at you. Professionalizing your security force can benefit everyone in your organization. The cost in dollars is minimal compared to other investments and when combined with active leadership you can gain productivity in all areas across the board.

As Director of Security for a large hospital system that encompasses five campuses totaling 1,110 beds and nearly 10,000 employees, I work diligently to increase the professionalism of the security force for which I am responsible. It is my feeling we are on the right track.
Private security has come a long way, and yet has a long way to go. In today’s business world, there exists great potential for business owners to have a competent security force working with them and adding value to their organization. There are many reasons businesses with a security presence do not get the best security product they can. The two most common reasons are a lack of funding and a lack of leadership.

The first rationalization is always funding. Businesses tend to look at reducing costs by paying little for a security presence whether it is a contracted security person or an employee. Some businesses may not see the need to even employ security at their business, but by force of law or fear of lawsuit, a security officer is present. As a result, business owners decide to pay as little as possible; many times the result is a worse outcome than if no security was present. You can tell if you have hired a low paid security officer. For example, you will be asking questions like: ‘Where are they, what are they doing, and who hired that person?’ Employers and contractors are both afraid of spending money on a transitory group like security guards. Do you know why they are transitory? Because you treat them like they are transitory. Low pay and no sense of belonging will send people to another company. Sure, some officers will always come and go, but you do not have to be inflicted with an 80 percent turnover. What do you get when you have long-term people working at your company? You get people that know your organization and what to do in almost every emergency situation. What happens when you start to move the pay scale up? Not only do you increase the selection opportunities from the pool of applicants, you can also increase every other employment aspect such as reliability, honesty, work ethic, etc. Still you may not get the quality service you desire and that may be part of the fear of hiring and paying more for security. What guarantees do you have? None really, but if you add some leadership to your security presence there is a great chance of success.

That brings us to the second reason you may be failing to produce a professional security force—leadership. If you are not paying attention to the needs of the security officer you are growing a liability issue. Finding a leader in your organization who can oversee the security department will take that little bit of money and make it some of the most valuable dollars your company has ever invested.

Leadership applied to your security force (one or a hundred) is the critical success factor you need. Across the 50 states there is a huge disparity between security officer requirements. One state requirement may have you sign on the dotted line and miraculously you are a security officer, and in other states, you may be required to go through record checks and hours of training. It is up to you to know what the contractor is doing to prepare his people to secure your employees and property. The point is that the security officer sitting downstairs from you right now is more than likely doing exactly that, just sitting there. Is that what you want or expect? If you pay them $5, $10, or $15 an hour it won’t make a difference if you don’t do what you would do with your other employees, which is train, educate and motivate them.

Focused training and motivation is at the heart of good security leadership. When was the last time your security officer received any training? For that matter, were they ever trained? Do you regularly test your security officers with key drills and exercises? Did you require the officer to pass a physical fitness test prior to hiring? What training do your security supervisors have in leading and or training people? In short, do you treat your security force the same as you treat your other valued employees? They need a plan for professional growth like everyone else.

If you feel there are no worries because you have a contracted security force and you are not responsible for training them, you are mistaken. These contracted people work in your organization providing safety and security for your employees. Who wants your employees better protected you or the contractor? Hold your contractor or yourself accountable for the security officers’ professional growth and write it into a plan or the contract.

I require all our security officers to get International Association of Healthcare Security and Safety (IAHSS) certification. We promote from within, and require advanced certification if they want to advance in pay and position. See how I said “we” yet my security force, all 130, are contracted. If you are saying “they” you might be overlooking an opportunity to increase the professionalism of the security force by no more than a change in attitude.

By Chief Donald White

The dearth of female security directors, under age 40, represents a generational issue that affects public safety, too. Thanks to proactive efforts by many in the industry we can now remove the historical barriers to gender equity in the corporate environment.

GENDER PARITY – THE 5-YEAR EXPERIMENT

Gender parity in the United States was successfully demonstrated in what was arguably its largest “pilot test” in American history. Thousands of under-40 women joined America’s factories and military forces during World War II. Whether managing a flock of hospital nurses, a fleet of cargo aircraft, or even a flotilla of supply ships, women leaders capably managed corporate-sized workforces during this five-year national emergency from 1941-1946. Wartime urgencies led to abbreviated training, accelerated responsibility, and rapid promotions for women and men alike. With one major exception . . . segregated by gender, similar to ancient cultures in the Middle East countries today. Genders co-existed, although side-by-side in their own dual worlds such as barracks, factories, classrooms and offices.

GENDER RARITY – THE 20-YEAR ABSENCE

Postwar American society quickly resumed centuries of cultural divisions, abolishing this proven experiment. A whole generation of new workers grew up in a gender segregated society, wherein corporate boards rarely included women, regardless of age, from 1946 to 1964.

GENDER INTEGRATION – THE 30-YEAR CONFLICT

America’s Civil Rights upheaval during the 1960s eventually led to gender integration throughout American workforces. From 1970 to 2000, waves of women joined public safety departments and military forces as boot camp recruits. All had to work their way up the ranks to corporate leadership positions. No lateral entry permitted, except for the agency heads (police chiefs, sheriffs, etc.). Organizationally ingrained rationale is that public safety and military leaders need to experience the front-line experience, then the supervisory tasks, to understand how to manage “military mindset” workforces. No credit allowed for equal or similar experience elsewhere.

Being schooled and working during the newly integrated and co-educational 1970s, I witnessed the huge ostracism which female peers faced from the “Good Old Boy” supervisors and managers in police, sheriff, fire and rescue departments. Back then, women entering public safety tended to be the daughters of crusty old police and fire captains, wanting to carry on their longstanding family traditions, just like their brothers. Tenacity persevered them through rigorous and unwelcoming rookie years.

GENDER EQUITY – THE NEW ERA

Corporate security, unlike public safety agencies or the military, is a private industry “hire at will” operation. As such, fully free to immediately hire under-40 leaders, be they managers or trainees, just like hotels, insurers, and other businesses. Pragmatically, corporate security should not be expecting under-40 security managers for a few more years. Realistically, female corporate security managers most likely will first come from the over-40 retired public safety or military officers. Why? Retired military or public safety officials come already trained in management and budget – No learning curve nor mentoring needed. Retirement salary already covers their basic living expenses, which is substantially more cost-effective for bottom-line industries.

ABOUT THE AUTHOR
Chief Donald E. White, CHSP, CHCM, CHEP, is the 17-year Director of Safety & Security at the Northern Virginia Mental Health Institute in Falls Church, Virginia. Chief White is a board-certified healthcare safety professional (CHSP), hazard control manager (CHCM), and healthcare emergency professional (CHEP). Chief White is also a Senior Member of the International Association for Healthcare Security and Safety (IAHSS), and a Public Sector member of the Virginia Police and Private Security Alliance (VAPPSA). Chief White’s award-winning security management articles have been published in several editions of the Journal of Healthcare Protection Management. Chief White’s 37-year public safety service spanned from private industry to government. Chief White’s law enforcement service included USDOT Special Agent, Deputy Sheriff, Maryland-licensed Private Investigator, and Virginia-commissioned Peace Officer. Chief White’s fire-rescue service includes Firefighter/EMT-B, Public Fire & Life Safety Educator-III, Fire Instructor-III, and award-winning American Red Cross Disaster Instructor.

by Col. Michael Angley, USAF

With so many service men and women returning home from active duty, it is a time of transition and decision-making for young heroes in this country. Throughout my 25-year USAF career, I’ve seen thousands of airmen go through this transition and face the unique challenge of re-entering the civilian workforce. When I retired, I made this transition myself and witnessed first-hand the uncertainty and anxiety inherent in leaving behind the comfort and security of a military career. Whether you are retiring with 20+ years of service, or leaving after your first hitch, this transition can be daunting.

Arguably, the top three challenges military members face when they hang up the uniform one last time are: understanding the private-sector culture, translating military experiences into civilian terms, and possessing the right education to land that perfect job. The various installation Transition Assistance Program offices do a great job in preparing troops for the first two challenges, but oftentimes education is overlooked in the process.

With the recent passage of the Post-9/11 GI Bill, there are now more education benefits available for service members than ever before. Eligibility begins for veterans with as few as 90 days of service after September 10, 2001, and quickly “maxes out” with 36 months of service. Tuition, books, and fees are covered within certain program caps, and in many situations vets are entitled to a monthly housing stipend and a relocation allowance. For military members willing to extend their service a little longer, these benefits may now be transferable to dependent spouses and children.

While the unfortunate events of 9/11 brought about this new GI Bill, they also ushered in a new focus on strategic security. The United States restructured major components of the intelligence and law enforcement communities (IC & LE), resulting in significant job growth in these arenas. Along with these new jobs has come a greater demand for a more professional, better-trained workforce.

This is an exceptional moment for former service members interested in careers in strategic security. If the new GI Bill provides the financial means, institutions across the country have delivered with accessible and exemplary degree programs in the field. Further, online degree programs – completely unavailable when I left active duty – offer an important alternative for military members with challenging schedules and deployments. Financial resources, greater demand for security professionals, and reputable online degree options have coalesced to provide unprecedented opportunity.

About Col. Michael Angley
Currently serving as a public relations officer for Henley-Putnam University, an online university focused on strategic security. Colonel Angley is the author of the Child Finder Trilogy (http://www.childfinder.us). He retired from the Air Force in 2007 following a 25-year career as a Special Agent with the Office of Special Investigations. Col. Angley has an M.A. in National Security Affairs from the U.S. Naval Postgraduate School, Monterey, CA, and a B.A. in Criminal Justice and Psychology from King’s College, Wilkes-Barre, PA. He is a former National Defense Fellow and Adjunct Professor of International Relations at Florida International University, Miami, FL, and is an honor graduate of the Defense Language Institute’s Korean language program.