empty classroom

Reflections on Oregon Shooting

Christine L. Peterson, CPP, ISPSecurity Program Development, Workplace Violence

The shooting at Umpqua Community College on October 1, 2015, made us think. Security events are deliberate actions by people to cause harm. There is no way that any organization can keep people who are adequately motivated and have access to the right resources from attempting to commit harm. What we can do is harden ourselves as targets. This will …

Policy and Procedure Flow Chart

A Company Model for Developing Policies and Procedures

Christine L. Peterson, CPP, ISPCompliance, Security Program Development

While attending the NCMS Carolinas Chapter meeting at Cisco Systems recently, I saw a presentation by Mark Whitteker, MSIA, CISSP, ISP. Mark comes out of the IT security world, so most of his presentation focused on IT security. He also presented a segment on Building a Comprehensive Security Architecture Framework that might benefit all of us. Mark shared with the …

locked computer

Data Security: Where There Is Data, There Should Be Policy

Russell W. Gilmore, CISSP, CISM, EnCECompliance, Computer Forensics, Crisis Management Planning, Electronic Data Recovery, Security Program Development

The recent report by the Wall Street Journal about the Morgan Stanley data security breach scares me as an employee. Reportedly, Morgan Stanley terminated Galen Marsh, a financial adviser, for allegedly stealing account information from about 350,000 wealth management clients and posting some of it online. Federal law enforcement officials are focusing their probe on the possibility that Marsh’s computer …

pink slip

Termination Guidelines

Julius Stanley Carroll, CPP, CFESecurity Program Development, Workplace Violence

Terminations are often a stressful situation, both for the terminated employee and for the individual responsible for conducting the termination. Listed below are some guidelines that could help diffuse volatile situations and make the process run more smoothly. Always plan the termination. Think it through. Always have two supervisors/managers present during the termination. The meeting should be cordial and professional …

power shift button

Held Hostage by a Dishonest Employee

Russell W. Gilmore, CISSP, CISM, EnCECompliance, Computer Forensics, Security Program Development, Theft, Embezzlement, and Fraud

I recently was involved in a case in which a company employee was discovered using a company credit card for personal reasons. This happens occasionally, and one would think that immediately terminating the dishonest employee would resolve the issue. But what happens when the employee is the one and only IT person for the company? Many companies have only one person …

pink slip

Terminating an Employee and Company Data

Russell W. Gilmore, CISSP, CISM, EnCECompliance, Computer Forensics, Theft, Embezzlement, and Fraud

Having to terminate an employee is never easy. To make the process even more difficult, consider the recent survey conducted by Harris Interactive on behalf of Courion which stated that 19% of employees age 18 to 34 would take company data with them if they knew they were about to be fired. Read the full story here. Depending on the …

Security Consulting

Security in the Office – A Checklist

Christine L. Peterson, CPP, ISPSecurity Program Development, Theft, Embezzlement, and Fraud, Training

How is your security? The following checklist illustrates the necessary aspects of security that must be addressed for a secure environment. Comply with and support your company’s safety and security program and regulations, and insist that others do the same. Protect wallets, keys, purses, and other personal valuables on the job. This especially includes smartphones and tablets. Challenge strangers in …

InfraGard logo

NC companies’ Secrets at Risk, Cyber Terrorism Experts Say

Amanda StricklandComputer Forensics, Electronic Data Recovery, News, Theft, Embezzlement, and Fraud

In this day and age, sometimes it is difficult to discern truth from fiction. Greg Baker is an expert in the area of cyber terrorism and a leader in developing public/private relationships that work. In the later years of his career with the FBI, he was the face of InfraGard North Carolina. InfraGard is an information sharing and analysis effort …

Lone Star College

Lessons from Lone Star College System

Tasha Dyson, CFENews, Security Program Development, Workplace Violence

On January 22, 2013, gunshots were heard on the North Harris campus of Lone Star College System. It was later learned that an altercation between two individuals (one of whom may have been a student) had escalated to gun violence. The shooters were injured along with an innocent bystander. Incidents such as this immediately bring to mind topics such as …

college students

Security Threat Assessments for Education

Amanda StricklandSecurity Program Development

In an ideal world, our schools, colleges, and universities would be immune from the threats and challenges that affect other businesses and institutions. Unfortunately, we do not live in an ideal world. Academic institutions are cross-sections of society and bear the same responsibilities for the safety and security of their populations and infrastructure. This cross-section brings with it all the …