Guard Force Management,-Individual-Wellness.aspxOrganizational Health, Individual WellnessGP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a43444652018-08-01T04:00:00Z, Lilly Chapa<p>​The Texas Medical Center is the largest medical complex in the world. More than 60 institutions operate within its 2.1-square-mile footprint in Houston, including The University of Texas Health Science Center, which produces the most healthcare graduates in the state, and the MD Anderson Cancer Center, a joint academic institution and cancer treatment and research center.</p><p>It's up to the University of Texas Police at Houston (UTP-H) to protect the 25,000-plus employees, 5,000 students, and 135,000 patients treated annually at the two institutions and across multiple cities—a Texas-sized job that requires the efforts of sworn officers, public safety officers, and civilians. The unique organization, which combines police and security operations under the same umbrella, serves a disparate community of patients, teachers, students, and healthcare workers. And a few years ago, the need for the ability to adapt and respond to an increasingly complex threat profile became apparent to UTP-H leadership.</p><p>"Don't get me wrong—we really did a great job of responding and mitigating threats, but we were response-</p><p>oriented," says UTP-H Chief of Police and Chief Security Officer William Adcox. "Frankly, we weren't able to take a systematic focus across the entire risk spectrum on an institutionwide basis."</p><p>To do so, UTP-H took inspiration from the industry it serves. "Prevention has always been a major tenet of healthcare, and we wanted to look at opportunities where we could contribute to the prevention piece within security," Adcox explains. "We saw the organizational value in shifting to looking at prevention, integration, and near-miss opportunities, to the point where we even looked at our traditional planning cycle and how we could become more agile and adaptive to the threats."</p><p>The department embarked on a three-year process to overhaul its operations to become a more adaptable, responsive force with a shared purpose of prevention, protection, and preparedness. </p><p>"We wanted to try and get upstream of harm—prevent incidents before they occur, and be prepared to deal with what is occurring," says Raymond Gerwitz, director of risk strategy and operational excellence at UTP-H. "We created a shared purpose around prevention, preparedness, and protection and are engaging everyone in the idea. It's no longer enough to protect and serve—we want to prevent too."​</p><h4>Building an Operations Center</h4><p>When approaching the department's overhaul, leaders adopted a business state of mind. Most of UTP-H's senior leaders hold MBAs and have been trained in business principles, and Gerwitz says that mindset—an unusual one for security organizations—has gone a long way to inform the department's operational strategy.</p><p>"We ask, 'How can we operate more like a business rather than a security group?'" Gerwitz says. "We looked at the strategies of communities we serve, took those principles, and adapted them to our environment. You won't find many police departments or security groups that have a strategy map—it's not a thing they think about. We took that from corporate America and blended it into how we do things."</p><p>UTP-H began its overhaul with an internal value analysis that assessed operations at a day-to-day level to determine whether they aligned with the department's updated goals.</p><p>"We look at different groupings of employees, every single task that they perform—how much time does it take, and what resources, and why they do it. Because there's a law or regulation? Or because there's an organizational policy? Or because it's historically done? Or because there's an executive directive?" Adcox says. "You break it out and that gives you a good picture of your internal value analysis so that you can look at those tasks that you can effectively quit doing and see what bandwidth you can pick up."</p><p>One result of the analysis was the transition from a traditional police and security dispatch center into a more forward-facing risk operations center. </p><p>"In the call center's case, there were opportunities there to retire some misaligned tasks and insert new responsibilities that bring the value we're looking to provide to the organization," Gerwitz explains. "In essence it becomes a mathematical formula—I can retire tasks that are limited in value and repurpose the staff to increase value without adding headcount." </p><p>Adcox says that it is important for employees to have both security training and a business mindset. "We really started placing priority on identifying members of our organization and people we would be bringing in that had a business acumen and were able to help lead us in new directions," he says. "We've been fortunate and able to recruit capable individuals who bought into the vision. It all starts with your people, and that's what's critical. Getting the right people in the right roles and then ensuring that there's a shared purpose—that's how we approached it."</p><p>The new department structure includes five service lines—healthcare security, investigative services, police services, risk management, and threat management—which often work together to respond to an incident. </p><p>"For the longest time, the face of the department was police services—the individual who wore the uniform, but now we have these five major service lines—the groups that set us on this journey of prevention," Gerwitz explains. "A big part of being engaged is understanding everyone's contribution—everyone has a role to play, even if it's in the background."  </p><p>Gerwitz notes that the approach has paid off. Thanks to a combination of training and monitoring how calls are addressed, the percentage of calls handled by a single team member has increased. These percentages are tracked monthly and shared with staff, encouraging open conversations about how calls are managed and keeping team members engaged.​</p><h4>Data-Informed Operations</h4><p>The switch in response protocol illustrates how UTP-H is achieving its goal of predictive policing by focusing more on analyzing calls and encounters. Adcox says that previously, as in many organizations, analysts would log the data of the encounter but not use it.</p><p>"That was our response—we'd handle it, log it, and move on," Adcox says. "We didn't know the basis for the suspicious person—what's the story? Now, we analyze and take data that comes in from multiple calls and visualize the data, and that better informs our officers of any trends, repeat offenders, potential threats that were averted, and what to look for. We now have an extended prevention opportunity on behalf of the communities we serve."</p><p>For example, the operations center team is now encouraged to handle call loads on their own without passing them along to another section to streamline the process. </p><p>"If they take care of a call on their own, they receive credit from a performance perspective on that," Gerwitz says. "If they hand it off to someone else downstream, then they don't. We monitor the percentage of things they are doing on their own on behalf of the organization without handing it off, because that generates efficiencies for us. And it empowers that group to try to handle things without having to go to others to get it done."</p><p>If a call comes in about a suspicious person on campus, the operator can look at surveillance footage and recognize that person as an employee. Operators may reach out to that employee's manager and ask why that person is in that area, but they don't send a resource out to respond because they know it's an authorized person who is perhaps in that area for a reason. </p><p>Gerwitz emphasizes how data visualization informs all aspects of the combined protection model.</p><p>"How do we want to go about creating a new shared purpose and engage the shift towards prevention? Let's find data we need," Gerwitz says. "We know the narrative, so what's the data that supports it? Now we have that data, so we create visuals to enlighten our staff and get them engaged in what we're all trying to do. For a long time, this information was kept in databases and didn't resonate with our managers."​</p><h4>Shared Purpose</h4><p>Part of any organizational restructuring often includes developing a strategic plan, but once changes become the new normal it can be hard to measure whether operations are still true to that plan. Adcox and Gerwitz say the department constantly checks whether the department's efforts point to its guiding principles.</p><p>"Three years ago, when we started this process, strategic planning was viewed as a necessary evil," Gerwitz says. "There's this perception that our efforts were a waste of time because we wouldn't really use it. We had to change that mindset and educate everyone that some of what we're trying to do will be unrealized, some will be impacted by emergent needs, or executive mandates, or in response to particular threats. It's okay not to do everything as planned, but there is value in planning."</p><p>Data analysis and visualization play a big part in both sticking to the plan and adapting where needed. UTP-H does not shy away from recalibrating or retiring components in the department if they do not show added value. </p><p>"Putting all these things in place is good but validating and proving that they are providing value intended is the most significant piece," Gerwitz says. "How do you show people that you're doing the things you say? Or, if you need to, how do you recalibrate your organization to do something more valuable? In today's security field you have to adapt to threats coming, you can't lay back and rely on the same strategies. We don't spend a lot of time on traditional analysis. We let the current predict the future."</p><p>All calls, incidents, and interactions are meticulously documented in a robust, interactive database that can be accessed by employees and managers alike. In a demonstration, Gerwitz was able to assess all slip and fall incidents that occurred in May—27 instances—and in a few clicks could drill down and view when and where the incidents occurred, who was the responding officer, and the final outcome.</p><p>"To be able to see this type of detail is very powerful for supervisors and managers, we ask them to go in and conduct management by visualization," Gerwitz explains. "It's easy for them to see what's going on in their teams, and they can adapt their strategies based on what they're hearing from the outside—if there are lots of vehicle and pedestrian hazards in a certain area, they can look and see whether we're in those areas or we need to adapt our patrol tactics."</p><p>Near misses are of particular interest to the department, because they signal both a looming threat and an area where predictive policing can be used.</p><p>"We're almost fanatical about failure or near misses," Adcox explains. "We're not interested in numbers—how many doors we check that have to be secured, that kind of thing. What we are interested in are the doors that should have been secured that were found unsecured, or individuals in a certain part of the hospital who don't belong or are lost—those are near misses. We'll see how often that's occurring or if it's the same individuals. We have got to get in front of something happening."</p><p>UTP-H relies on metrics to inform its tactics and mitigate negative trends before they affect the community.</p><p>"It might be how we view and put together video feeds, or we might put together a specific covert operation or put cameras in certain areas," Adcox explains. "It might be working within a specific group of employees, asking them to watch for certain activity and report a certain way. It's very proactive."​</p><h4>Empowering Employees</h4><p>All employees have access to performance and value visualization tools in the spirit of transparency and to understand the operations of the entire department and the impact their teams have in keeping the institutions safe. Gerwitz says that most employees don't view the information every day, but they are alerted when new resources are added. There has been a lot of thought put into how the data is accessed—the department is on its second iteration of the visualization tool, he notes.</p><p>"It's now much more graphic and in line with how people want to consume information," Gerwitz says. </p><p>Managers will also put together visualization boards specific to their teams, and in the case of groups like security officers who aren't often in front of computers, they will print them off and review them during meetings.</p><p>"It has been helpful in allowing people to straightforwardly show their value," Gerwitz explains. "Before we put this in place, it was hard for people when they were stopped to tell me how your team benefits what we're trying to do—it was hard for them to articulate that in a way that made sense to people. This program makes it easy. I think that's the biggest benefit to the department—now managers are able to adapt and show value at any moment based on what teams are doing. From an organizational perspective, the feedback we get from senior executives who use these processes themselves brings a lot of credibility to our team."​</p><h4>Connecting with Communities</h4><p>Adcox has worked with UT Health and MD Anderson for 14 years and is aware of the challenges of protecting the esteemed educational and healthcare facilities. Part of UTP-H's transition included opening more dialogue between the department and the institutions to ensure they are working towards the same goals.</p><p>"We bring in leaders from the institutions and walk them through our process and spend time on things they value," Gerwitz says. "If we bring in the clinical team, we'll spend a lot more time on issues they deal with in the clinics and how we adapt our training, versus meeting with the finance folks, where we validate our programs and show value."</p><p>One example of partnership between UTP-H and the institutions it serves is the approach to people experiencing a mental crisis. Beyond developing a trusted response protocol, the UTP-H threat management team strives to work with the school and hospital to predict potential personnel issues before they come to fruition.  </p><p>"You bring all these pieces of information together, so they can present to you a real picture of what the situation is," Adcox explains. "You're able to get people help in advance of losing their jobs or harming themselves or someone else. It's been very effective, and we have progressive data and use data visualization to show that."</p><p>If an employee, patient, or visitor is actively in mental crisis, the threat management team is trained on how to respond and follow up. Gerwitz says that 98 percent of UTP-H responders are certified mental health officers due to the unique stresses of the joint education and healthcare environment—most other law enforcement departments in Texas provide less than 10 percent of their officers such training, he says.</p><p>"That employee in crisis will be assessed using tools we have been trained on to screen for the person's mental state," Gerwitz explains. "So, say on a scale of one to 10, I'm an eight—I'm in a bad place, and the responders apply a strategy to bring me down. Following that event, through peer review or interacting with me as they continue to monitor my status, they reassess me, and now I'm a five—they measure that delta."</p><p>The team has a calculated goal for an average reduction of the intervention score and, using data visualization tools, can track how successful different intervention methods are and adapt intervention tactics based on those statistics across a variety of populations. </p><p>"It's a team effort across the institutions—there are others participating in this effort, such as human resources, employee health programs, supervisors, and we can track who all handled each case and its outcome," Gerwitz explains.  </p><p>Being able to map out the outcomes of police interactions with people in crisis has been impactful in promoting relations between the institutions and UTP-H, Gerwitz adds. Of the 98 threat intervention cases he mapped out, only two resulted in arrest. This statistic goes a long way in garnering trust with hospital employees who might be wary of involving police in a mental crisis.</p><p> "For a long time while implementing this, we had to break down the walls of thought that if you call the police, someone is going to get arrested," Gerwitz says, adding that the outcome statistic was well received by clinicians. "To me, this is the more high-level analytical, value-driven style, compared to performance monitoring that goes on in typical security operations."</p><p>Adcox agrees, noting that such data illustrates UTP-H's thoughtful approach to conflict in such a sensitive environment.</p><p>"In our business, our whole approach is an organizational health, individual wellness method," Adcox says. "It is not in any way a prosecutorial or criminal justice approach. Because we have a police component, you have that extra tool in your toolbelt if you need to bring a situation under control."​</p><h4>Partners in Business and Purpose</h4><p>Gerwitz says that another important culture shift has been thinking about the business success of the organizations UTP-H serves, not just its own success. </p><p> "Not only are these healthcare institutions and educators, they are also businesses," he says. "Part of the value we've been able to distill from all of this is that if you act like a business partner and are treated like a business partner, you can do better with your allocated resources and meeting the goals of the organization."</p><p>Adcox explains that UTP-H has assessed where its operations overlap with UT Health and MD Anderson and partners with them to share knowledge and training. In areas such as investigations and crisis training, the department can step in and share its own resources for the benefit of the entire organization.</p><p>"I cannot stress enough the importance of going into each of these places that perform these critical functions for these organizations and working with them," Adcox says. "Have a joint training, let us explain what we do and what our expertise is, and they'll teach you what's important to them, and then you have the trust factor and can start talking about how to integrate and help each other."</p><p>Since UTP-H is known for its high level of conflict resolution training, it has partnered with UT Health to train nursing students on handling people in mental crisis—everything from body language in the hospital room to handling a patient's family to deescalating conflict. Adcox says UTP-H also trains clinicians, physicians, and nurses working at the facilities in the same practices.</p><p>"We're able to bring that into play because of the expertise we've had to develop in being effective in our organization," Adcox says. "We also have an immersive simulation center so that you actually have practical, holistic experiences and not just the classroom. This technology is for the entire organization, not just us."</p><p>By aligning UTP-H with UT Health and MD Anderson's enterprise goals and overarching missions, the department is now seen as an equal and valuable partner—in business and protection alike.</p><p>"The struggle we have on the security and law enforcement side is that we're not accepted as legitimate business partners, we're a cost center that's a necessary evil," Gerwitz says. "You have to hold yourself to the same accountability and integrity and commitment to the organization as any other business unit. You're no different from the other teams working on behalf of the organization. This business approach is aimed at making sure we're being good stewards of the resources provided. When people believe you're doing that, they'll support you."  ​</p>

Guard Force Management,-Individual-Wellness.aspx2018-08-01T04:00:00ZOrganizational Health, Individual Wellness Balk on Bud,-Unarmed-Officer.aspx2018-04-01T04:00:00ZActive Assailant, Unarmed Officer the Force and the United Nations in the Workplace Are People First Technology with a Personal Touch a Professional Guard Force Education Sessions Address Security Challenges Thanks: National Security Officer Appreciation Week Kicks Off Color Theory 2 Peer Protection Guard Scheduling Conundrum¡PRESTA-ATENCIÓN!.aspx2017-07-13T04:00:00Z¡PRESTA ATENCIÓN! Role of School Resource Officers and Security: The Risks of Arming Security Officers Next Tase Phase Arm or Not to Arm? Five Design Considerations for Control Rooms

 You May Also Like... Panacea or Problem<p>Closed-circuit television (CCTV) is the most vibrant color on the security engineer’s and integrator’s palette, but it can also be the most wasteful.  It all hinges on whether you understand its limitations.  I’ve designed, specified, or surveyed hundred’s of CCTV systems and, in my opinion, from 25% to 50% of video cameras represent wasted money, depending on the application. In some cases, there are serious hidden legal liabilities.</p><p>CCTV sales exploded after 9-11.  No one has definitive numbers and industry-generated estimates vary wildly, but annual revenues from CCTV sales are likely to range from $1.3 to $2.4 billion.</p><p>According to Security Sales & Integration Annual Installation Business Report (2006), CCTV installations experienced the second highest increase ever recorded.  (The highest was in 2003, a little more than a year after 9-11.)  Moreover, companies reported average gross profit margins of 39%. That’s pretty good.</p><p>Schools are not the largest market by any means, but they are the most troubling. There is a virtual pandemic of schools installing video cameras willy-nilly in the aftermath of Columbine and Virginia Tech. The lay public, unfortunately, doesn’t understand the technology and ignorantly believes that the simple act of installing cameras stops crime.  Cash-starved high schools, in particular, may be choosing video surveillance over higher teacher pay, text books, or afterschool programs for students.  CCTV is a superb investigative tool after something terrible occurs, but then again, the identification of the shooters in the recent incidents at schools didn’t require video to identify the perpetrators.  With very few exceptions, it is almost a useless tool to prevent serious crimes in most schools because they rarely—if ever—have the staff to effectively monitor the cameras. Too often, the monitors are tucked beneath the counter at the main reception desk.</p><p>I recall a marketing interview I had with a major New England university.  I told their chief of security and the consultant selection committee that they were planning to buy many more cameras than they needed. I didn’t get that job. It’s not what he wanted to hear.</p><p class="MsoNormal" style="line-height:200%;"> <strong>Crime Prevention Pitfalls</strong></p><p>Video is ineffectual because it only has crime prevention value under two circumstances: a human continuously monitors it and can call on an almost instantaneous response when a crime occurs.  Few organizations (save the CIA and similar high-security facilities) have the resources to effectively implement these two prerequisites. </p><p>In addition to the potentially exorbitant costs of buying and installing a full coverage video system, the consequent life-cycle costs (labor, repair, and maintenance costs) are massive over time if the video system is properly managed. The alertness of security console operators peaks in 20 minutes, according to many studies.  It is necessary to change monitoring duties every two hours for optimal surveillance—hence, the very high labor costs.  Moreover, a human can’t efficiently and reliably watch more than 9 to 12 monitors—let alone the dozens of monitors that can be found at some security monitoring centers. There is a paradox at play. CCTV is potentially the most valuable security resource as well as the most misused and wasteful.  It is the familiar story of having too much of a good thing. </p><p>Getting back to cost, as a rule of thumb, each indoor camera averages $1500 (as a complete, installed cost, including power, wire, and conduit) and each outdoor camera, $3500.  If all the bells and whistles are added, per camera costs for outdoor, day/night units can easily approach $9,800 per position and up to $60,000 for very exotic capabilities and for very difficult locations. For a very large school, university, hospital, shopping mall, parking garage, or office building, the final costs for complete video systems can range from hundreds of thousands to millions of dollars. Sometimes these expenditures are like flushing money down a toilet.</p><p>To put what I have been saying into a useful context, a very short tutorial is called for.  CCTV serves three primary functions: perform surveillance; support post-incident investigations, including identification; and automate a function, such as at remotely controlled doors or vehicle entrances. It has momentous value for crime investigation.  Most organizations, however, purchase video systems with the generally unrealistic expectations that it will prevent crime. Often, they have little understanding of security console operations or ergonomics.</p><p>There are some interesting and growing secondary applications that are mostly benign.  The increasing popularity of “nanny cams” is well known. The use of CCTV to catch red light runners at busy intersections, to read license plates at tollbooths and airport parking garages, and to catch speeders is also common now.  Similarly, video cameras can reduce bad behavior on school buses. Cameras also work well for law enforcement sting operations. Police park a “bait” automobile in an area known for high incidents of car theft and car-jackings.  When the miscreant enters the vehicle, the police can remotely lock the doors and record the event on video. But as valuable as these various uses are, these kinds of applications rarely involve thwarting serious crimes. Moreover, they document a crime; they don’t prevent it.</p><p>The use of CCTV in conjunction with very sophisticated facial recognition software is an interesting case study.  Every city that has installed these extremely expensive systems, such as Tampa and Virginia Beach, eventually shut them down.  Facial recognition isn’t ready for prime time yet. This new technology fits the same pattern: the consumer does not understand the limitations of unfamiliar technology.</p><p class="MsoNormal" style="line-height:200%;"><strong>CCTV in Public Places</strong></p><p>The installation of massive video nets in public spaces is another mounting trend, especially in light of the remarkable success the British had on several occasions in identifying and then tracking suspected terrorists after an attack.  Bear in mind that the United Kingdom has 4.2 million CCTV cameras in place.  There is a camera for every 14 people and an average Londoner is seen on camera 300 times each day.  The United States isn’t even close to that kind of surveillance saturation on a per capita basis, but we’re catching up fast. City after city is embarking on public video surveillance programs. By some accounts, downtown Manhattan already has 4,200 public and private sector video cameras. The NYPD would like to install 3,000 new cameras by the end of 2008. Police departments in Baltimore, Hollywood, Houston, Memphis, Newark, San Diego, Tampa, Virginia Beach, Washington, D.C., and in many other cities are installing video cameras and connecting to feeds from private sector CCTV systems. This is a great idea if the objective is to support post-incident investigations. Whether these systems contribute to crime reduction is still controversial—and in my view, dubious.</p><p>With the recent Federal trend toward design-build contracts, government bodies at all levels typically uses companies that sell and install video systems to determine how much CCTV they need, rather than impartial security engineers and consultants. It’s not exactly a surprise that these companies want to sell and install as many CCTV systems as they possibly can. Moreover, this is a partial explanation of the exponential growth of citywide video systems. Yet another reason for this growth is the ever-mounting pressure from the Department of Homeland Security for more and more video. Bear in mind that the British didn’t prevent any of their terrorist attacks as a result of video surveillance.  Could it happen in the future? Sure, even a blind hog can find an acorn now and then.</p><p>The effectiveness of CCTV in public spaces to reduce crime is counterintuitive and controversial. It is not at all clear that crime rates are reduced. Some criminologists think that crime is only displaced by video systems.  When studies do claim CCTV does reduce crime, the reduction is usually marginal.</p><p>In 1995, a study was conducted to determine the deterrent value of various crime prevention factors for convenience stores. These variables included how much cash was kept on site, retreat distance, police patrolling, an armed clerk, and so forth. The researcher interviewed robbers and asked them to rank the most important factors in deciding whether or not to commit the robbery. Of 11 factors, a camera system ranked tenth and video recording, eleventh. These findings were compared to a similar study that was conducted in 1985: the rankings had hardly changed. The finding was also similar to the results from a study completed in the 1970s.  The top two reasons a robber would decide against holding up a store were too little money kept on site and a long or complicated escape route.</p><p>Another phenomenon that could be at play in determining if CCTV deters crime is something called the Hawthorne Effect (or variously, the Westinghouse Effect), a term coined by a study conducted in 1939 at the Hawthorne Plant of Western Electric Company. Efficiency experts wanted to determine the optimal working conditions for maximum production.  Among various techniques, the researchers found that increasing lighting increased production. But there was a surprise. When they later reduced lighting levels to bracket peak efficiency—to the point that workers couldn’t see (some even brought in lamps from home)—production still increased. The explanation is a variant of the famous Heisenberg Uncertainty Principle, well known to Star Trek fans. The Principle states that “the act of observing alters that which is being observed.”  This can occur in various ways. There may be direct interference. There can be unconscious bias in reading or collecting the data. There can be factors interacting with the situation that are undiscovered.</p><p>Washington, D.C., conducted a number of lighting studies following the city-wide riots in April 1968 following the Martin Luther King Jr. assassination.  They wanted to learn what type of lighting was best to fight crime: low-pressure sodium, high-pressure sodium, mercury vapor, metal halides, etc. The study seemed to demonstrate that all lighting reduced crime.</p><p>It wasn’t until years later when the results were scrubbed by social psychologists and criminologists that the results became suspect.  Was it the lighting or was it because squad cars were parked on every street to observe the effects? Or, were police officers subconsciously (or consciously) motivated to underreport crime if their performance was being evaluated?  Which played the greatest role? That notwithstanding, few authorities would dispute the conclusion that lighting (and CCTV) can effectively displace crime. </p><p>Displacement is a very good thing if you happen to live or work in a high crime area.  It’s not such a good thing if you live in the area the crime is moving to. The chief question is, “Does CCTV actually reduce crime?” City politicians are more than willing to glom onto crime statistics to suggest that this or that program they championed reduced crime. When crime reductions do occur, a pantheon of factors likely causes the decline. The state of the local and national economy, for example, plays a major role.</p><p><strong>Civil Liberty and Liability Concerns</strong>.There is another very important question that some people feel very strongly, if not fanatically, about. Does saturation video surveillance in public areas violate the right to privacy? Or, is it a Fourth Amendment issue, which governs against unreasonable searches and seizures? The U.S. Supreme Court  in United States vs. Knotts  put part of this matter to bed by determining that surveillance was constitutional when conducted in areas where there should be no expectation of privacy.  However, the other shoe still hasn’t dropped.  Does CCTV surveillance represent unreasonable search? Ever? Sometimes?  Most authorities believe that the Supreme Court will continue to rule in favor of public video surveillance, but it isn’t a dead issue.</p><p>Legal liability is yet another volatile issue related to video surveillance. In our ever litigious society being a crime victim (or faking it) can sometimes be like winning the lottery. Negligent security torts are common and increasing in frequency.  The lawsuits spawned by the 1993 attack on the World Trade Center in Manhattan were only finally settled earlier this year—14 years later. The defendants paid millions. Lawsuits pertaining to the 9-11 attacks are going to the courts now.</p><p>Sometimes lawsuits are, and will be, deserving, because there is true gross negligence at work. I know of one smallish company that couldn’t afford a complete video surveillance system, so they only purchased the cameras.  There were no wires or monitors.  The idea was that the sight of the cameras along the roofline watching a dark and unfenced employee parking lot would deter theft, robbery, and rape. If someone is assaulted in spite of the cameras, someone at that company should not only pay the future victims handsomely; they should probably go to jail.</p><p>Despite their many limitations and problems, CCTV systems can also be an extremely powerful weapon in the security arsenal.  It is of critical importance in a post-incident criminal investigation: sometimes it provides the only clues available to law enforcement. The British success in identifying and then finding terrorists is phenomenal. </p><p>Video can support other important uses as well.  Security guards can do virtual tours of a large building or outdoor area without leaving the guard booth. Some cameras can see in the dark.  If you are using an access card to unlock a door on a cold, rainy night, and if for some reason it doesn’t unlock, the availability of an intercom and a camera showing you to a security guard is priceless. License-plate readers have been a boon to toll booth operators and small towns needing more revenue from speeders and red light runners. Now that technology has taken us to digital video and IP-networked surveillance, the varying applications for CCTV are spectacular. The key for security managers is to understand the system’s limitations so they choose the right system for their organization, without squandering too many resources and without making grandiose claims that only create a false sense of security.</p><hr width="100%" size="2" /><p>John J. Strauchs, CPP, is Senior Principal of Strauchs LLC.</p>GP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465 Review: The Process of Investigation<p>​<span style="line-height:1.5em;">The process of investigation is relevant for a wide array of security professionals </span><span style="line-height:1.5em;">both in the private and public sectors, including corporate investigators, attorneys, loss prevention specialists, and law enforcement personnel.</span></p><p><i>The Process of Investigation</i> sets out to address the needs of today’s private sector investigative professionals. Through 24 chapters, the authors provide a practical guide to conducting comprehensive investigations. Five main sections take the reader through fundamentals, methods, building a case, applying strategies, and using technology and other specialized investigative techniques. Among the topics explored in detail are qualities of the investigator, surveillance, interviews, report writing, and targeted violence.</p><p>The book has something interesting for all readers who work with investigations or just want to know more about the art and science. There is a lot of information for people new to the investigative area, and there is also something for the more experienced practitioner. Examples from real investigations help readers place the theory into a practical context. A point well made is that investigative success often comes from “applying common sense and uncommon persistence.”</p><p>Although the book takes an American view of investigation, most of the material is applicable for international use, and it should find a well-deserved place on the investigative professional’s bookshelf.</p><p><em><strong>Reviewer: Poul Nielsen,</strong> PCI, is an intelligence analyst and OSINT consultant at The Copenhagen Police Department. He has previously worked as a robbery detective and investigative consultant for several international companies. He serves on the ASIS International Investigations Council.</em></p>GP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465 an Antipiracy Program <p>​The indicators are all over company balance sheets: counterfeiting and piracy are siphoning off incredible amounts of revenue from legitimate businesses.<br> <br>The Organization for Economic Co-operation and Development (OECD) in The Economic Impact of Counterfeiting and Piracy, released in 2007, estimated that international trade in counterfeit and pirated products could have reached as high as $200 billion in 2005. The estimate does not take into account the number of domestically produced and consumed counterfeit products nor does it include music, video, software, games, and printed materials increasingly being distributed online. The United States Chamber of Commerce estimates that Intellectual Property (IP) makes up more than one-half of all U.S. exports, driving 40 percent of the countryメs growth. Clearly, as manufacturing jobs move to developing countries, intellectual property becomes more critical to the economic survival of developed countries. The FBI estimates that the theft of IP costs the U.S. economy $250 billion per year and has resulted in the loss of 750,000 jobs. <br>The loss of jobs and both tax and corporate revenues results in less money for critical research and development and funding for much needed government programs  and is especially harmful during the current recession. Unfortunately, the economic impact is only part of the problem: counterfeiting discourages innovation and undermines good governance, provides real risks to consumers in the form of dangerous and unregulated products, and generates profits that go directly to fund organized crime and terrorism.<br> <br>The Argument for Strong IP Enforcement<br> <br>Security managers need to provide a business justification to develop a brand protection program in any company, so the broader arguments in favor of enforcement are worth considering.<br> <br>Public perception and attitudes towards piracy pose a challenge in that piracy and IP infringement are often perceived as victimless crimes.  However, international research and the 2007 report by the OECD provides evidence to the contrary and shows that the negative effects of piracy are broadly distributed among rights holders, consumers, and government.  In addition to the legal considerations reflected in copyright and trademark laws, counterfeiting and piracy have economic and social consequences in that they discourage innovation and inhibit economic and technological growth.  Innovators are less inclined to devote time, money, and intellectual capital to developing new products if their ideas are likely to be stolen or copied by someone else. Investment funds will not be forthcoming if the business climate doesnメt protect IP, resulting in little or no return on investment.  Ironically, developing countries that are often the source of counterfeits are hardest hit in the long run by failure to enact and enforce IP protection laws.  <br> <br>Research and historical trends show that countries with effective IP protection regimes enjoy stronger and more rapid economic development than those that do not. Furthermore, counterfeiters do not pay taxes, are often connected to criminal organizations, and operate in underground economies.   When IP is not adequately protected, rights holders suffer from decreased sales and diminished brand value resulting in a loss of consumer confidence and commercial viability.  Consumers have fewer choices and often must choose between either very costly authentic products or cheap and inferior knock-offs that not only perform poorly but also carry inherit risks to health and safety.  The ever-expanding list of counterfeit products that ranges from pharmaceuticals to car and airplane parts has increased consumer risk with the rise of the globally integrated economy. After-market car or airplane parts manufactured in China, often without appropriate quality control, can end up in the U.S.<br> <br>The U.S. Department of Homeland Security reported an 83 percent increase in the number of seized items for 2005-2006 and a total value of $196.5 million for 2007 seizures representing a 27 percent increase over 2006. Between 2000-2006, the European Union reported an 88 percent increase in the seizures of counterfeit goods.  The World Health Organization estimates that 7-10 percent of all pharmaceutical products sold in the world are possibly counterfeit, with a rate as high as 30-40 percent in some African countries. The Business Software Allianceメs 2008 Annual Report asserts that the worldwide PC software piracy rate was 38 percent in 2007. Clearly the trend is toward more counterfeiting which poses higher risks to the public and has a significant impact on legitimate commerce.  Lastly, the impact of counterfeiting, often controlled by organized crime, on governments in the form of corruption and weakened public institutions disrupts global commerce and erodes public confidence in government.<br> <br>Making the Internal Business Case <br>Corporate security directors are often presented with a host of challenges when it comes to brand protection and IP enforcement.  In many cases, CEO, CFOs, and other corporate executives do not see the need to fund antipiracy programs, regarding them as an unnecessary cost rather than a priority to protect the companyメs brand and recover lost sales.  In todayメs climate of limited budgets, security managers are under pressure to articulate a sound business justification and a return on investment (ROI) for all programs.  <br>Demonstrating that counterfeit items in the market represent a potentially displaced sale of genuine product requires reliable data. An impact assessment that examines market potential, the availability of counterfeits, and current sales of genuine products can help to provide such data.  For example, the software industry estimates piracy rates by looking at the number of new computers shipped versus the number of genuine software operating systems sold and activatedラthe discrepancy is an indicator of pirated software installations since in most cases software operating systems (Original Equipment Manufacture  versions) are installed at the factory.  A sudden decrease in sales of a genuine product in a given market is another indication that piracy may be a factor and is often pointed out by sales personnel or distributors. Aggressive IP enforcement is not only a necessary deterrent but can also be a potential source of revenue to fund anti-counterfeiting programs through civil asset forfeiture and out of court settlements, while at the same time preserving brand integrity.  <br> <br>Often the sudden appearance of a particular counterfeit product on the market, a dramatic drop in sales, or a major seizure by law enforcement alerts the corporate leadership to the need for greater antipiracy enforcement. Unfortunately, when such an incident occurs, people often react by reaching for very costly モBand Aidヤ solutions. Instead, having an effective antipiracy program in place that consists of sustained enforcement effort and consumer education is a much better corporate strategy in the longer term. An added benefit of this approach is that law enforcement agencies are more inclined to work with companies that have well-developed programs and demonstrate a serious commitment to antipiracy enforcement.  <br> <br>The Assessment Phase<br> <br>Because most managers need facts and figures to support budget and resource requests, an initial assessment is recommended to determine the scope and magnitude of the problem. Depending upon the type of product and the brand, on-site visits to sales outlets as well as Internet searches for the companyメs products are critical. The latter has increasingly become a means of モdirect- to - customerヤ sales and has changed the business model for counterfeiters, by eliminating the need for wholesale distributors. <br>One large organized crime group that operated from Russia sold thousands of モburnedヤ or copied CDs of software programs directly to retail customers in the U.S. via the Internet, thereby circumventing wholesale distributors. They used thousands of affiliate sites as well as spam tactics to generate sales.  Pirated or counterfeit software and games are sold in shops, flea markets, or so called swap meets, which are essentially the same as flea markets.   Pirated goods are also offered on the Internet through independent web sites or auction sites. An online search for cheap software will produce hundreds of results. Other types of products such as batteries, razor blades, or car parts are often available on business-to-business (B-to-B) sites, while counterfeit or unapproved generic pharmaceuticals are sold on both B-to-B sites and illegal online pharmacies.<br> <br>Many sites selling pirated goods are hosted in countries where cybercrime and IP enforcement are almost non-existent, making it very difficult to identify, much less go after the criminals.  There are many companies that perform Internet searches, often called モweb crawlingヤ, to help locate where the imposter products are being sold.  The searches are based upon specific search terms or logos or both provided by the IP rights holder. One often finds that spamming and the sale of counterfeit items and pornography on the Internet are ultimately controlled by the same organizations. It is important to find a search company with expertise and reliable baseline data in a specific industry to avoid the expense and time in the learning process.<br> <br>In order to get an accurate picture of the size and nature of your companyメs piracy problem you should have an experienced antipiracy investigator conduct a series of test purchases (TPs) from sales outlets and Internet sellers.  Based upon guidance provided by the brand owner, the investigator should gather specific information regarding the seller, the product, the make, the model, the design, the title, the version, and other key characteristics, including product authenticity. <br>Proper product authentication by the IP holder is critical, since sales are not limited to counterfeits. So called モgrey marketヤ items that have been diverted from the intended distribution channel are one of the many challenging issues in the brand protection domain.  The TP is designed to obtain samples and to determine origin, price, quantity, quality, accepted payment methods, shipping, and return policies.  Once there is enough information to permit a good sampling of the products most often pirated, an analysis and interpretation of the data should be conducted with an eye towards identifying commonalities and vulnerabilities. They may be in violation of laws other than those related to copyright and trademark infringement.<br> <br>For example, is the seller of your companyメs pirated product also liable for wire fraud and money laundering offenses or involved with the sale of child pornography? These additional factors often make them more attractive targets for a law enforcement investigation. But it is important to remember that the initial goal is to assess risk and damages and not to conduct an investigationラthat can come later.  Some key considerations one should consider: Is there a health and safety risk? Are the products high-quality copies designed to deceive or cheap knock-offs?  To what extent are they displacing sales of genuine products? What are the estimated losses of legitimate sales and which products and markets are most impacted? Are the products perhaps original equipment manufacturer (OEM) versions or stolen or fraudulently obtained genuine items?  <br> <br>If so, this may be an indication of an integrity problem within the distribution chain and with third-party manufacturers, distributors, or transporters and at some point a complete audit of manufacturing plants and distributors may be advisable. One company, for example, uncovered a huge problem with モleakageヤ of genuine products from its supply chain because they were leaving the plant marked as モscrap.ヤ An investigation revealed that several warehouse employees had been compromised by an organized criminal group. Thanks to good liaison and private-public cooperation with the FBI, the case was thoroughly investigated and the organized criminal gang was brought to justice.  In addition, the company recovered some of its losses by bringing civil action against a third party manufacturer.<br> <br>This case also pointed to an internal management problem. The account representatives for the third-party manufacturing plant had failed to conduct regular audits as prescribed in their vendor contracts. Such audits would have discovered that the use of raw materials did not correspond with the amount of finished product and that the plant had failed to properly account for the destruction of surplus goods.   In another case, during the closing of a plant, numerous master モstampersヤ for digital media, each with a value in the hundreds of thousands of dollars, had gone missing and were being sold for a high price on the illicit market. Thanks to an FBI informant and good liaison efforts the stampers were prevented from getting into the hands of counterfeiters.<br> <br>One of the challenges in the assessment phase is obtaining reliable information concerning counterfeiting or piracy. Sharing and comparing trend information with various internal corporate entities can often provide useful information and insights. An internal company survey might also surface good information about piracy and lets employees know that the company is protecting its valuable IP. Coordination with the legal, sales, marketing, product development, packaging, and manufacturing teams is highly recommended and is indicative of a holistic approach to antipiracy.  Corporate stakeholders can also become allies in the quest for executive support and budget for antipiracy operations. As the program develops, an antipiracy advisory board comprised of key company players and stake holders ensures that proper information sharing and coordination across the company are being accomplished.<br> <br>Building the Team and the Program <br>Once the assessment is complete and executive sponsorship and budget are obtained for an antipiracy program, the next step is to build a good in-house team or to have a combination of in-house experts and external consultants devise an antipiracy strategy. Antipiracy programs can be costly, particularly with regard to investigative and legal support, and will inevitably involve corporate attorneys as well as outside counsel to develop legal strategies. Finding the right talent is crucial; many security managers have expertise in a variety of areas but not necessarily for antipiracy strategies and operations. Outside consultants can help develop the program in the early stages. Ideally, an in-house team under the Director of Corporate Security consists of a senior manager for investigations or an antipiracy manager, an attorney with prosecution or civil litigation and asset forfeiture experience, investigators with a physical and Internet investigations background, a paralegal, and a business analyst. <br>The analyst plays a critical role in analyzing and interpreting the information collected from the investigations, performing trend analysis, and preparing briefing materials.  It is important to ensure that the teamメs goals and brand protection efforts are in keeping with the overall company strategy. A monthly scorecard of metrics, highlights, and trends that can be shared with company stakeholders is essential in maintaining internal support for your teamメs efforts.  Often good work goes unnoticed because it isnメt properly presented and consumed at the right executive level.  I was involved in one situation where millions of dollars were spent on Internet Piracy programs which were well-documented in monthly progress reports that were apparently never read by the senior executive in charge of the program.  Not only was he unable to articulate the return on investment for the company, but also his subordinates who managed the program were unable to ascertain if the program was achieving managementメs desired goals and objectives. We often felt as if we were on the proverbial rudderless ship.<br> <br>While AP investigations are not vastly different from other types of investigations, there are some unique challenges. For example, identifying and prioritizing high-impact targets, managing a test purchase (TP) program and vendors, and analyzing data are key components.  In addition, product identification, data and evidence collection and analysis, and coordination with attorneys and law enforcement authorities for criminal prosecution or civil litigation are all part of the continuum of an antipiracy program.  Coordination of all of these program components towards the goal of protecting the companyメs brand integrity is the main objective. <br>In my experience as Director of Worldwide AP Investigations at a large technology company, a multi-faceted strategy was very effective and reduced piracy by at least 10-15 percent over a four-five year period.  It was a highly integrated approach and involved law enforcement referrals and prosecutions, aggressive civil litigation, asset seizures, and cease and desist notices.  Web site takedowns, and robust consumer education and PR campaigns were also part of the strategy. In one case in California in November 2001, then U.S. Customs (now U.S. Customs and Border Protection) made the largest software seizure in history of a container load of counterfeit software and cigarettes worth more than $60 million.  <br> <br>Cases such as these are the result of extensive law enforcement liaison and training programs that not only assist officers in identifying the companyメs products but also help build those all-important relationships that facilitate cooperation.  Through this approach, we were successful in getting a broad range of law enforcement agencies such as the FBI; ICE; and many state, local, and foreign law enforcement agencies to investigate and prosecute our cases.  <br>In addition to traditional enforcement measures, other program elements, such as legislation, are critical to support the effort.  My company successfully supported a legislative initiative to close a loophole that allowed counterfeiters to break open software packages and sell the genuine components used to authenticate counterfeits. Internally we worked with product and packaging teams to adopt the latest security features and counterfeiting counter-measures and leveraged public relations opportunities and the company Web site to reach consumers.  By employing all of these strategies in an integrated manner, over a five-year period the company saw a dramatic drop in the availability of counterfeit products and a shift towards the sale of genuine products. There were indications that counterfeiters were moving towards the counterfeiting of competitorsメ products. Anecdotal information filtered back to us that the sellers and distributors were reluctant to sell counterfeits of our products due to our strong enforcement posture.<br> <br>Measures of Success<br> <br>Measuring effectiveness and success can be the most challenging aspect of an antipiracy program. As in law enforcement, it is often difficult to know if your efforts are truly having an impact. Can success be measured in seizure and arrest statistics? A qualified yes, if they are strategically targeted. <br>However, random seizures of counterfeit products have little impact.  Does an increase in the seizure of counterfeits indicate that the strategy is working or does it suggest a greater availability of illegal product on the market? Focusing enforcement efforts on certain products, organizations, and markets can result in an increase in legitimate sales and should be measured in individual markets.  Information campaigns surrounding enforcement actions can also be very effective as a deterrent and lets consumers know that the company is protecting brand integrity and consumer interests. <br>Consumer comment and feedback can also be a useful measure of effectiveness especially with regard to anti-piracy technologies.  However, one must be careful about too much negative publicity that can result in a lack of brand confidence and rapid migration to a competitorメs brand. This may be particularly true in the pharmaceutical industry where there are often similar choices. <br>For example, Viagra is one of the most common counterfeit pharmaceutical products offered by illegal online pharmacies. Overexposure of this issue may lead consumers to think that they automatically reduce their risk by purchasing another erectile dysfunction drug. Changes in consumer behavior and buying trends can be another measure of success. <br>Target qualification and identification, case prioritization, and enforcement outcomes can be hard to establish and even harder to measure. Referrals to law enforcement agencies do not always yield immediate results and require patient liaison efforts. While federal agencies have broader jurisdiction and authority than state and local agencies, they invariably take longer to conclude the investigation. I know of numerous cases that were very successful in dismantling counterfeiting organizations but took in excess of one year to complete. In the meantime, counterfeits continue to flood the market and company executives are looking for results.  <br>In addition, enforcement agencies often have other priorities and want to avoid being seen as working for one company as opposed to an entire industryラfor these reasons, good  law enforcement liaison is critical for success. When I managed a worldwide anti-piracy program our active law enforcement liaison and training program paid great dividends in terms of cooperation and our law enforcement colleagues knew that we were 100 percent committed to supporting them. <br>A good antipiracy program must also balance customer satisfaction and public image with strong security and enforcement measures. For example, while encryption and product activation keys are effective software antipiracy measures, they often create user frustration and inconvenience.  Another consideration is how will strong enforcement affect the companyメs image and brand reputation?  Will it be seen as モheavy handedヤ in going after infringers? In recent years the recording Industry understandably took a very strong stand against unpaid digital downloading of music, but in the process it created a public relations problem by alienating its own customer base--- young music enthusiasts. Targeting large-scale counterfeiters and distributors helps to avoid that perception and reinforces the point that strategic enforcement protects consumersメ interests. <br>Good data management and retrieval is critical to the conduct and the analysis of investigations as well as to the ability to measure success. One pharmaceutical company with which I am familiar had a very robust Internet antipiracy program; however, during the program evaluation by an independent management consultant, the success was difficult to quantify due to the inconsistency and unreliability of the data that was collected. In addition, the cost of モcleaningヤ the data so that consistency could be achieved was high.  If data isnメt accurate and reliable the entire process and results are distorted and program effectiveness will be difficult to determine.<br> <br>Globalization has impacted both legitimate and illegitimate commerce. Criminals operate across national borders, thus to be truly effective, investigations and strategies must be coordinated on an international basis and targeted on the source of the problem. Admittedly there are challenges in transnational cooperation and enforcement, not the least of which is a disparity in IP laws. Success, however, can be measured in terms of investigations, prosecutions, and convictions of major violators, closures of illegal plants, civil lawsuits, and forfeited assets. The money recovered through restitution and asset seizure can help finance antipiracy operations and cause a decrease in availability of the most frequently pirated products and an increase in your companyメs bottom line.<br> <br>Rich LaMagna, CPP, is the former director of Worldwide Anti-piracy Investigations for Microsoft and is the president of LaMagna and Associates, LLC, a Washington, D.C.-based consulting firm.<br> <br> </p>GP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465