liquid ban

This is my third year attending TechSec Solutions and I must say I always learn a lot during this event (and for transparency reasons, SDN is one of the media sponsors and educational organizers of TechSec).

On day one of the event, attendees heard from a variety of end users about how they’re solving real-world problems using IP technology. The keynote speaker, Gareth Webley, started the conference off by talking about the effort of National City Corporation, a large financial institution, to converge its physical security with its IT department. Here’s a link to the full story I posted, but I think this is an interesting initiative and probably a little scary for security practitioners, especially those who are uncomfortable with technology.

We also heard from Altantic Health, a large healthcare provider in New Jersey, about the risks they face and the challenges they face as an open environment. One of the more interesting points was their use of facial recognition technology to alert security when someone of interest enters the facility. The hospital also is able to vet people entering its hospital through Info-Corp, which is a database used by federal and local law enforcements. This technology checks driver’s licenses against the National Crime Information Center database, federal terrorist screening center watch lists and all 50 state’s department of motor vehicle databases. While the hospital can’t deny service to anyone, Errol Brudner told attendees that they notify their security team as well as local law enforcement when the system sends on an alert.

We also heard from Gary Smith from IBM about the organization’s effort to consolidate his control centers throughout the country. Gary shared with the audience about how he was able to talk to the financial department and come up with a formula to quantify savings of the system. Even if you weren’t in attendance, I would recommend checking out IBM’s white paper (which I don’t have a link to at the moment) which included his entire proposal and I think could really help the end users out there formulate their own plan.

Overall, it was a great conference and we got a lot of great feedback that people enjoyed the real-world based approach of TechSec this year. Be on the lookout for more end-user focused story on next week’s Newswire. Until then, I’m going to do my best to soak up the last of the sun down here ih Delray Beach, Fla.

So, I had a chance to sit down with Bob Hellmuth, the director of the department of school safety and security for Montgomery County Public Schools in Maryland. This guy has quite the job. He's in charge of ensuring that the county's 200 schools are protected and its 21,000 employees and 138,000 students are kept safe. I asked him about the biggest challenges he faces, which of course involved technology (we were at TechSec after all, so technology was on the minds of all in attendance) and funding issues, but the point I found most interesting and perhaps often overlooked was the challenge of working with the community. He said about half of parents and community members want to see more security in schools and think schools aren't doing enough to protect their children, while the other half doesn't understand why the school has to video tape their children. Hellmuth said trying to communicate with the public about his security program is a balancing act between addressing the security needs of the school system and the concerns of the community. Look for a video interview with Bob on sdnTVnews as well as a more comprehensive article in our newswire and April edition.

On Friday I attended The International Association for Healthcare Security and Safety's 2008 Security Training Conference in Lewiston, Maine. I love going to these local events and getting some quality face time with some of the security professionals in the region. It's so much better than meeting people at big trade shows - neither of you are nearly as overwhelmed by people or products.

I'll admit I was surprised by the turnout. I'm guesstimating there were about 60- to 70-people in attendance and a good mix of people ranging from security officers (calling them "guards" is apparently a huge faux pas these days) to security director's of Boston's larger and smaller hospitals.

There were three primary educational sessions over the course of the day-long conference. The first session presented by Dora Mills, director of Maine Center for Disease Control, was about the importance of security personnel being prepared to deal with a pandemic flu outbreak. The primary message was that security leaders need to have an emergency plan in place (and know it!). What will your department do when there is an outbreak and sick people start overwhelming hospital facilities? What is your procedure for turning away sick people in an emergency? How are you going to deal with an understaffed department when security personnel start getting sick? All questions worth asking and her certainty of a pandemic flu outbreak certainly made me start washing my hands obsessively.

The second session was about what to do in the case of an active shooter in a hospital setting. I thought it was interesting to hear what police have learned from Columbine and how they've changed their tactics to dealing with an active shooter. They call it "move to contact" which basically means they'll do anything and everything necessary to stop the shooter. Don't wait for backup, don't wait for the SWAT team to show up, don't stop to help the injured, find the shooter and stop him/her. If the shooter barricades him or herself in, that's fine. The shooting has stopped and the police have time to evaluate the situation. The message to security and hospital administration was the need to provide police officers with clear and concise information about location and the current situation, since police are often entering these situations completely blind. (For the full story search "In wake of security officer shooting, healthcare professionals learn about active shooter" at Security Director News).

The last session was about bomb detection and response. I learned you can make a bomb out of just about anything. The part that scared me the most was discussion about the power and freedom of lithium batteries and the reality that someone can drop a pipe bomb in a building under construction and it won't go off for 10 years. Yikes. That should certainly motivate the installation of analytic cameras on construction sites to watch for that kind of event.

All of this discussion about hospital security came in the wake of the Sept. 7 fatal shooting of a security officer at Mercy Hospital in Portland, Maine (and, consequentially just a few blocks from my apartment, which freaks me out). Several officers and administrators from Mercy were in attendance and you could tell the tragedy was still very fresh. It was certainly a reminder of just how important these discussions are.