Thursday, December 13, 2018

Home for the Holidays? Not So Simple for Correctional Facilities

Christmas tree made of barbed wire
For people in many industries, working during the holidays is inevitable. Hospitals, police departments and prisons are all among the entities that have important roles to serve while much of the rest of the country spends time with their families and away from work.

Working during Christmas is especially difficult in correctional facilities, where officers and inmates alike deal with the struggle of being away from families at a difficult time of year. As emotions run high, tensions can escalate, making it difficult to maintain morale and prevent lapses in security protocol that put your officers’ safety at risk. It’s important to make sure that an already difficult week doesn’t become a nightmare. Here are some tips to help your officers deal with working around Christmastime.

Address Stress Among Correctional Officers


Around the holidays, corrections officers’ occupational stress levels are amplified. Open a dialogue with your corrections officers about stress management strategies and watch for behavioral changes that could signal issues such as burnout, post-traumatic stress disorder or substance abuse.

Unfortunately, as the National Institute of Justice points out, policies and programs for supporting corrections officers’ well-being are lacking due to inadequate funding and research. However, some correctional facilities are borrowing strategies from law enforcement and offering peer-support groups and mental health treatment programs. If your facility offers any of these resources, make sure officers are aware of them and are encouraged to use them.

Bring Some Cheer to the Facility


Many people volunteer to help inmates feel that they aren’t quite so alone during the holidays, but your officers might still feel left out. Some ways you can alleviate this problem include allowing some holiday decorations in certain areas of the facility and perhaps having some special food brought in for those who are working on Christmas Day. For example, one Illinois prison throws a Christmas party for officers, and a prison in Washington holds an annual Christmas potluck.

Your officers still have jobs to do, but small touches can help the facility feel a bit more like a home away from home on the toughest day. Of course, it’s important to ensure that any decorations and celebrations you permit at your facility don’t interrupt your standard operating procedures.

Reinforce Standard Security Protocols


Help your employees help themselves. If your officers are feeling down or stressed around the holidays, it can lead to them slacking off and mentally checking out at work in the weeks before Christmas. However, in the corrections industry, slacking off can have some dire consequences, such as an attack, riot or a breakout attempt. While any of those can turn a random Tuesday into a volatile situation, it also creates additional work, stress and danger for your officers.

In the days leading up to Christmas, keeping your officers in the right frame of mind is critical to maintaining top-notch security and reducing employee risk. Take some time to reinforce the importance of following your standard security protocols. Whether it’s how you manage your keys or ensure kitchen knives are secured, officers need to follow the same procedures they do every day to keep everybody in the facility safe and avoid the added stress of a security breach.

While many corrections officers won’t have the luxury of being home for the holidays, following these steps can help their workdays be a little more merry.

Tuesday, December 11, 2018

Ensure New Condo Board Members Follow Key Control Policies

Board members talking in conference roomFor many condo associations, the board election season is approaching. If your association is welcoming new board members soon, it’s important to begin organizing your training to ensure that members are well prepared to fulfill their obligations to the community. Be sure your training includes key control policies and procedures — especially if your property uses an electronic key control system.

Key control issues that result in litigation are often due to the lack of checks and balances and employee accountability, so it’s critical that new board members follow the appropriate steps to protect keys from theft or inappropriate use. Here are three steps to set up your key control system for new board members.

Create New User Accounts


Don’t wait until a board member needs to use a key to set up their key control system user profile. Immediately after new members are elected, create new user accounts with the appropriate authorizations (more on that below). Don’t forget to disable former board members’ accounts as well. If you use a biometric fingerprint reader for login, scan each board member’s fingerprints and have them practice logging in using the reader.

Set up Checks and Balances


As a key control best practice, board members’ access privileges should be restricted to certain keys and certain purposes based on their responsibilities and powers. For example, you might set up the following parameters:

  • All board members have access to keys to common areas.
  • Only the board president can access the keys to the records room.
  • If it’s necessary for the board to check out the key to a resident’s home, have two members remove the key and provide a checkout reason.

To keep board members accountable, you could set up key control reports to automatically be emailed to designated members of the board at predefined intervals (daily, weekly, monthly, etc.).

Train Each Board Member How to Use the Key Control System


Once a new board member is elected, they’re responsible for familiarizing themselves with the property’s declaration, bylaws and articles of incorporation and for agreeing in writing to uphold those policies. To help them follow the association’s key control policies, board members need to be familiar with how your key control system works. Walk them through procedures for checking out and returning keys, running reports and other steps required for carrying out their duties. Also take advantage of any system training your key control provider may offer.

By following these three steps to help new board members follow your key control procedures, you can help ensure that you protect your property — and your board — from liability related to misuse of keys.

Thursday, November 15, 2018

How Secure Are Your Law Enforcement Department’s Radios?

Police officer speaks on radio
Imagine a scenario where one of your officers is pursuing a criminal and needs backup, but something is disrupting their radio signal and the call isn't being heard by anybody on your network. Without backup, this officer is facing even higher risk than normal in an already dangerous situation.

That scenario could have been a frightening reality for two law enforcement departments in Ohio. A recent series of raids on several homes in northeast Ohio resulted in the seizing of multiple cloned police radios that criminals had used to hack into the public safety radio system.

This wasn't simply a case of criminals being able to listen in on all department radio traffic, much of which someone can listen to with publicly available scanners if the traffic is unencrypted. When multiple radios are registered to the same system, a well-timed button push on a cloned radio can disrupt communication coming from the original, officer-held radio.

Radios play a critical role in everything your department does. Even a temporary breach of your ability to communicate — whether between dispatch and officers on patrol or SWAT officers coordinating a raid — can have serious consequences for your officers and deputies.

It's critical that you take steps to secure and account for your radios, especially when they're not actively being used for law enforcement purposes. Are you confident that none of your radios have gone missing or been cloned?

Here are some ways you can better manage your radios and keep your officers safe in the field.

Keep Radios Secure When Not in Use


Keep all radios in a secure location or in containers any time they are not in use. It's important to remember that your department's facility might not be as secure as you think it is. A radio left unattended on a desk or even a back room can be discreetly taken by anybody with access to the room, including any members of the public who have reason to be there.

To keep radios from landing in the wrong hands, keep them in secure lockers away from open areas, while still allowing the radios to be quickly and easily accessed by the officers who need them.

Hold Officers Accountable


However you chose to secure your radios, access should be restricted and tracked so the right people can easily retrieve the radios they need and so you know who took them and when. Tracking access also holds officers accountable for what they do with radios in the field since they'll know the radios need to be returned by certain times.

An electronic method of tracking access to lockers containing radios reduces the chance for mistakes or outright omissions in a manual log by recording transactions securely and automatically. It also cuts down on the time officers spend checking out a radio.


Secure Radio Charging Stations


After being stolen or going missing, the next worst thing to happen to a department radios is for the battery to go dead. You're probably well aware that a dead radio in the field is about as useful as a sidearm without ammo. However, how secure are the radio charging stations in your department?

You certainly want to keep your radios secure, but what good does that do if they must be transitioned to and from insecure charging stations? Consider moving your charging stations to the same secure area or lockers in which you store your radios. An even better solution would be to wire individual lockers with charging cords so plugging in a radio every time it is checked in is part of your department's processes.

No matter how you decide to store and secure your radios, be certain that you can trust the method to serve its intended purpose. Even assets secured by traditional locks and keys might not be as secure as you think if access is abused or the keys fall into the wrong hands.

Tuesday, October 30, 2018

Three Ways Healthcare Providers Can Prevent Security Breaches

Man's hand reaching for medical records on shelf
Updated October 30, 2018

The healthcare industry is no stranger to data breaches. In a two-year period, the OCR's Breach Reporting Tool, or "Wall of Shame," recorded 414 incidents involving 500 or more people. What's notable is that, according to the Verizon 2018 Data Breach Investigations Report, healthcare was the only industry where more data breaches were caused by insiders (56 percent) than by external threats (43 percent).

To reduce the risk of employees abusing their access privileges, digital security is crucial. However, those security efforts must be combined with physical security measures, such as strict key control. Think about how easily unauthorized key use could cause a data breach. One hospital, for example, lost control of the keys used to access locked bins holding patients’ information sheets waiting to be shredded. Only three employees were supposed to have access to these keys, but an audit revealed that more than 53 employees had key copies, with no record of how they'd acquired them.

If you're a healthcare provider, below are three steps you can take to tighten your facility’s key security.

1. Train employees.


One of the biggest security threats healthcare institutions face are staff members' mistakes. The 2018 Global Cost of a Data Breach Report by Ponemon attributes 27 percent of data breaches to human error alone. To help avoid costly errors, regularly educate your employees — especially those who have access to patient information — on privacy and security best practices. If a potential breach occurs, ensure they know the proper procedure for reporting it.

2. Find a key control system that holds employees accountable.


Your facility may have a key control policy in place, but if it's not enforceable, it's not effective. When it comes to key control, digitizing as many of those procedures as possible helps ensure employee compliance. It's important to find a key control system that minimizes manual steps. Instead of requiring staff members to issue keys, you can reduce the possibility of human error and manipulation by automatically tracking keys and user access.

3. Maintain a verifiable audit trail.


Keeping a verifiable record of employee key access helps you identify potential security breaches (e.g., an employee who regularly returns keys late or attempts to remove keys when they're not on the clock). If an incident does occur, the audit trail demonstrates that you've taken measures to protect patients and their information.

By increasing your key security, you can reduce your odds of an insider data breach and hopefully avoid a spot on the Wall of Shame.

Tuesday, October 23, 2018

Tricks to Look out for This Halloween

Man holding gorilla mask
Updated October 23, 2018

It's long been rumored that crime rates increase on Halloween. Some cities, like Boston, have stats to prove it. Other sources say it depends on the type of crime. For example, property crimes are more common on October 31 than on any other day of the year. Tampering with candy, on the other hand, isn't as common a crime as you might think.

Either way, it's important to remember that crime does happen on Halloween, so you need to take measures to protect your business. Here are a couple of "tricks" to look out for this Halloween.

Crimes in Costume


Kids aren't the only ones who like to dress up. For some criminals, Halloween provides the perfect opportunity to disguise their identity by donning a costume without looking out of place. Here are just a few examples:

Fortunately, there are ways to prepare your business for the threat of burglars in disguise.

What to Do: To protect your business this Halloween, double check your physical security measures, such as securing the premises by locking every entryway that isn't used regularly, restricting access to nonpublic points of entry and storing keys in an electronic key control system. Also make sure you educate your employees on how to prepare for and respond to armed threats.

Vanishing Vehicles


Halloween is one of car thieves' favorite holidays, with more than 2,500 cars stolen on Halloween alone in 2016 (the latest data available). Between trick-or-treating and costume parties, Halloween presents plenty of distractions, which criminals use to their advantage.

At one house party in Pennsylvania, for example, a thief tracked down a partygoer's unattended car keys, located the vehicle in the home's driveway and drove off. In Athens, OH, a thief simply hopped into an idling car and drove off in it.

Are you confident your employees are taking precautions to avoid these scenarios when driving company vehicles?

What to Do: Make sure your company's fleet vehicles are locked and, if possible, stored out of sight from the public. If you have employees who are using company vehicles on a long-term basis, remind them of vehicle safety tips such as not leaving the car unattended while idling, keeping track of the keys and storing valuables in the glove box or trunk.

By planning ahead, you can experience more tricks than treats this Halloween.

Tuesday, October 9, 2018

How Electronic Key Control Attracts Millennials to Your Service Department

Car in Front of Two Gates to Authorized Certified Auto Service
Millennials are about to reach a new milestone: the largest living adult generation. If your service department isn’t targeting this demographic, you risk losing millennial customers to independent mechanics.

It’s important to be aware that millennials are more cost conscious than older generations give them credit for. In fact, 73 percent of millennials say they create a budget and stick to it. This dedication to budgeting can be challenging to the service drive, since 64 percent of millennials are surprised at the cost of vehicle maintenance. However, the fact that millennials aren’t spendthrifts doesn’t have to be bad news — consumers of all ages are willing to pay up to 16 percent more for a quality experience. To get more millennials coming back to your service drive (and telling their friends and family about your dealership), you have to prioritize customer service, and key control is a big part of that.

What Is a Quality Customer Experience?


Speed and efficiency are the top factors that contribute to a good experience. On the flip side, lack of trust significantly contributes to a negative experience. For a service department, building trust is especially important because millennials are more emotionally attached to their vehicles than any other generation — 40 percent have even named them.

Why Key Control Affects the Customer Experience


Key control plays a pivotal part of the customer experience since it affects speed, efficiency and trust alike. If you keep keys to customers’ vehicles in an insecure place, such as on a pegboard, without an effective way to track who has them and when, that’s a customer experience disaster waiting to happen. Ask yourself the following questions about the key control practices in your service department:

  • How much time do you spend looking for lost keys?
  • Do employees handle keys responsibly (e.g., never leaving them unattended or inside the unlocked car)?
  • If an employee removes a key and drives a customer vehicle for non-work-related purposes, will you ever know about it?
  • How easy would it be for someone to get hold of keys and steal a customer vehicle?

If you don’t treat millennials’ vehicles with care and respect, you’ll lose their trust and they’ll never return.

How Mismanaging Keys and Vehicles Damages Customer Trust


Not having the proper controls in place is inefficient, and you risk breaking the customer’s trust in your dealership. Imagine having to explain to a customer why she saw a service employee speeding by in the customer’s own car or why a thief was able to steal the keys to a customer's vehicle while it was in service and total it. These are real scenarios that happened because the dealerships involved didn’t have the proper key control practices in place. As a result, they lost trust not only with the customers whose vehicles were stolen but also with other customers who read about the incidents in the news.

If you can provide a quality customer experience built on trust and accountability, however, you can win over millennials as loyal customers — even if you charge more than the independent mechanic down the street.

To learn how to solve customer experience issues related to key control in the service department and beyond, download our white paper “Three Unexpected Ways Your Dealership Alienates Next-Generation Buyers.”

Wednesday, September 19, 2018

Dealership Craigslist Scam: Is Someone Selling Your Cars out From Under You?

Scam Alert graphic
How would you like to sell more vehicles off your dealership’s lot? This proposition sounds like a no-brainer, but what if your salespeople aren’t the ones selling them? And what if you don’t even know the vehicles have been sold?

Online marketplaces such as Craigslist, eBay Motors and Facebook Marketplace give you more ways to reach potential customers before they set foot in your store, but they’ve also given scammers a whole new way to take advantage of unsuspecting victims — including your dealership.

Fraudulent online vehicle sales have become so common and costly that the FBI Internet Crime Complaint Center issued a warning to consumers. The warning describes how scammers will post photos of vehicles that aren’t in their possession and trick consumers into sending the money by providing a seemingly legitimate explanation of why the transaction is time sensitive. Of course, after the victim sends the money to the scammer, they never receive the vehicle they’ve purchased.

Now, some thieves are going to even greater lengths to carry out online vehicle scams.

How Thieves Sell Vehicles Right off a Dealer’s Lot


A man in Dallas, TX wanted to buy a truck. He started his search online and ended up purchasing a
truck he found on Craigslist. Unlike the victims of the scams described in the FBI’s warning, this man actually received the vehicle he’d purchased. The problem was it had come from a dealership in Huntsville, TX, and the dealership wasn’t aware the truck had been sold to the Dallas man.

The vehicle was one of several that had gone missing from the dealership’s lot, so the police conducted a surveillance operation. During the investigation, police uncovered the scam that led to the dealership’s vehicles being sold on Craigslist. Here’s how the scam works:

  • A thief lists vehicles from the dealer’s lot for sale on Craigslist.
  • The thief fields inquiries from interested parties.
  • After finding a buyer, the thief steals the vehicle from the dealership’s lot and sells it to the victim.

While this type of scam requires more effort on the thief’s part, it’s also easier for the scheme to go undetected. If a buyer never receives the vehicle they’ve paid for, they’ll know immediately that they’ve been scammed. If they receive a stolen vehicle, they often don’t realize it until later.

What You Can Do to Protect Your Dealership From Online Scams


There are two primary ways to protect your dealership from online vehicle sale fraud.

Protect Your Images

When consumers are searching for vehicles to buy, most prefer photos of the actual vehicle rather than stock photos. If thieves are able to steal photos of your inventory from your website or social media sites, that helps their listings look legitimate. There are a few steps you can take to prevent and detect photo theft:

  • Watermark your images.
  • Add a copyright notice.
  • Disable right click to prevent someone from downloading images (granted, this only works on your website, not on social media).
  • Do reverse image searches using Google Images to see if your photos are being used online without your permission. (To search by image, click the camera icon and either paste in the image’s URL or upload the file.)
Screenshot of Google Search by Image feature
Google Reverse Image Search

Of course, some of these steps are time-consuming and impractical. For example, your time is better spent selling vehicles than doing frequent reverse image searches of all your inventory.

Protect Your Keys

Key attached to key tag
Key Attached to Key Tag With Steel Ring
The most effective way to avoid vehicles being stolen from your lot is to make it more difficult for thieves to take the keys. Some thieves familiarize themselves with where your keys are kept or wait for someone to leave them unattended on a desk or counter, swiping them when the opportunity arises. Others use the key-swap scam, where they ask for the keys to a vehicle under the guise of inspecting or test driving it. They then hand the salesperson a dummy key and return later to steal the vehicle.

To thwart thieves, use an electronic key control method that allows only authorized users to access keys. Look for a system where keys are attached via a stainless steel ring to a system component such as a key tag to prevent a thief from swapping the key with a dummy key.

By taking these steps to secure your inventory, you can save your dealership thousands in inventory loss and help protect unsuspecting buyers from scammers.