Protos3 logo

Security Assessment Project for BIDMC Plymouth

Protus3 News, Security Assessment, Security Survey

Protus3 will conduct a Security Assessment for Beth Israel Deaconess Medical Center – Plymouth. This project will focus on the risk assessment of the Public Safety Department. Protus3 will also look at the overall security program at the hospital beginning with the identification of its most critical assets and the threats to those assets. Finally, Protus3 will review the overall …

HPG Employee Theft Article

From HPG – Guard against Losses from Employee Theft

Tasha D. Dyson Compliance, Embezzlement, Fraud, Security Program Development, Theft, Theft, Embezzlement, and Fraud

Employee theft costs companies billions of dollars a year. This poses a very serious threat to profitability if left unchecked. Therefore, every business needs to set up some internal controls to thwart this type of fraud. This article from Hughes Pittman & Gupton, LLP entitled “Guard against Losses from Employee Theft” looks at a few simple steps to take that …

technology rush

The Wild West of Bring Your Own Device (BYOD)

Tasha D. Dyson Compliance, Computer Forensics, Mobile Forensics

The Wild West When you think about the Wild West, what do you see? Do you picture unspoiled scenery, picturesque cattle drives, spacious farms, gold miners, unfettered individual freedom, rugged individualism, and no federal income taxes? This is definitely a “romantic” picture. Remember the darker side. Don’t forget about the lawless gangs of robbers, disputes settled by gunfights, and clashes …

bring your own device

Benefits and Disadvantages of BYOD

Russell W. Gilmore, CISSP, CISM, EnCE Security Planning, Security Policy and Procedure Development, Security Program Development

What is BYOD? BYOD is an acronym for “Bring Your Own Device.” It refers to the practice of employees using a personal device for work. With BYOD, a single individual has the capacity to affect himself, those close to him, the company, and potentially millions of other people. One unsecured device can harm millions of individuals and organizations who may …

High Stakes Cyber article

Companies Can be Liable for Failing to Maintain Adequate Cyber Security

Christine L. Peterson, CPP, ISP Compliance, Corporate Compliance, Intellectual Property, News, Security Policy and Procedure Development

How much customer data do you have? Is it secure? If so, you should read High Stakes Cyber as published in Security Management. In brief, the FTC can hold companies liable for failing to maintain adequate cybersecurity, even though the commission has not defined minimum cybersecurity standards through rules or regulations. Even in this case, the court did not articulate …

Campus Safety article on safety during investigations

Keeping the Campus Safe during a Title IX Investigation

Christine L. Peterson, CPP, ISP Civil Rights, Clery Act, SaVE Act, Title IX, Training, VAWA, Workplace Violence, WPV Support, WPV Threat Assessment, WPV Training

Should campus security conduct a behavioral threat assessment concurrent to a Title IX sexual violence investigation? Campus Safety’s feature on Threat Assessment Teams provides three steps to help maintain security during an investigation. Read more: 3 Steps to Keeping Victims and Campuses Safe During Title IX and VAWA Investigations

Campus Safety article about guns on campus

CCP Holders and Guns on Campus

Christine L. Peterson, CPP, ISP Crisis Management Planning, News, Security Policy and Procedure Development, Training, Workplace Violence, WPV Training

Should CCP holders be allowed to carry guns on campus? There are studies that show during times of great stress, a person will experience changes that affect their physiological, sensory and cognitive processes which can prevent appropriate responses in very serious situation. These responses can affect critical decision-making processes. For example, check out the eleven reservations of a “gun guy.” …

empty classroom

Reflections on Oregon Shooting

Christine L. Peterson, CPP, ISP Security Planning, Security Policy and Procedure Development, Security Program Development, Workplace Violence

The shooting at Umpqua Community College on October 1, 2015, made us think. Security events are deliberate actions by people to cause harm. There is no way that any organization can keep people who are adequately motivated and have access to the right resources from attempting to commit harm. What we can do is harden ourselves as targets. This will …

Policy and Procedure Flow Chart

A Company Model for Developing Policies and Procedures

Christine L. Peterson, CPP, ISP Compliance, Corporate Compliance, Security Policy and Procedure Development, Security Program Development

While attending the NCMS Carolinas Chapter meeting at Cisco Systems recently, I saw a presentation by Mark Whitteker, MSIA, CISSP, ISP. Mark comes out of the IT security world, so most of his presentation focused on IT security. He also presented a segment on Building a Comprehensive Security Architecture Framework that might benefit all of us. Mark shared with the …

locked computer

Data Security: Where There Is Data, There Should Be Policy

Russell W. Gilmore, CISSP, CISM, EnCE Business Continuity Planning, Compliance, Computer Forensics, Corporate Compliance, Crisis Management Planning, Electronic Data Recovery, Security Policy and Procedure Development, Security Program Development

The recent report by the Wall Street Journal about the Morgan Stanley data security breach scares me as an employee. Reportedly, Morgan Stanley terminated Galen Marsh, a financial adviser, for allegedly stealing account information from about 350,000 wealth management clients and posting some of it online. Federal law enforcement officials are focusing their probe on the possibility that Marsh’s computer …