Active Shooter – Post Incident Information Release

October 20th, 2015 Comments off

By now everyone in America, Canada and much of the world knows what happened on October 1, 2015 at Umpqua Community College in Roseburg, Oregon. Unfortunately we also know the name of the shooter and that becomes part of the problem. Yes, we should learn from these incidents by studying what preceded them and what, if any, possible predictive signs could have been spotted. We should also learn from the tactics used in the incident so that we can prepare first responders for future events. But, do we all really have to know the name of the offender if they were killed in the incident? Might this feed the misguided notions of potential assailants who are troubled and may be seeking equal notoriety? I know the media feels that we need to know, but do we really? Yes, we need to know what happened and what we can learn from it, but knowing ‘who’ is a double-edged sword.

I applaud the responding law enforcement officers in this case because they did not release any names. Authorities did not publicly identify the shooter, but anonymous law enforcement officials told multiple news organizations that he was 26-year-old “unnamed”. “Unnamed” had neighbors who told CBS News that he was a bit of a loner and kept to himself.

As CBS News and the Guardian reported, a blog apparently linked to “unnamed” showed an interest in mass shootings, including the shooting in Virginia this August that left two journalists dead. One blog post stated, “I have noticed that so many people like [the shooter] are alone and unknown, yet when they spill a little blood, the whole world knows who they are. A man who was known by no one, is now known by everyone. His face splashed across every screen, his name across the lips of every person on the planet, all in the course of one day. Seems like the more people you kill, the more you’re in the limelight.” That suggests a desire for fame, which experts feel is quite common among mass shooters.

So why exactly do we need to know their names? Yes, as individuals and organizations, we need to know how to react to these dangerous incidents. Yes, we need to know the value of reporting red flag behavior if observed, or read about. But why offer the enticing notoriety that might provide motivation for future tragedies. In my opinion – we shouldn’t!

For more information on how to react in an actual active shooter event check out AFIMAC’s free online course at http://www.imac-training.com.

Technorati Tags: , , ,

Social Media and Terminations

September 22nd, 2015 Comments off

Earlier this year I wrote a blog about two types of terminations that should be considered high risk. One is when aggressive behavior violates workplace violence policies or elevates to an unacceptable level and the person has to be terminated due to that behavior. The other kind can sneak up on you and many workplace violence prevention programs do not address it. With this type, the person has displayed continuously deteriorating work performance, in spite of corrective counseling, and this leads to a termination requirement. What makes this situation high risk is that the underlying cause(s) for the deteriorating work performance can also contribute towards that person’s potential to react violently during the termination itself, or sometime afterwards. Their termination can cause an extreme sense of desperation at a time when they are the most volatile.

Furthermore, you will never know how long the person harbors ill will towards your company, or specific individuals in your company, unless you take measures to monitor them some way. One way to do this is to see their social media posts. Granted, they might password protect certain information but those who are prone to act out violently usually have less concern with privacy than their interest in publicly letting everyone know how they have been unfairly treated. Social media is a vehicle for them to do just that. Use this to your advantage post termination on the high risk cases and you might find out that the problem you thought you solved through termination has only gotten worse. On the positive side, it could also tell you that the person has come to accept what had to be done and is moving on in their life. Either way it is worth the effort or cost to take such precautions.

The most recent horrific workplace shooting of the news crew in Roanoke, VA underscores the value of knowing what is going on with someone who has been let go and remains focused on something or someone in your workplace. Not to say this could have been prevented, but having an idea that a former employee is still focused on you, allows for some possibly preventative options such as police notification, restraining orders, sponsored counseling, etc. In some of these cases, there may be indications of stress induced aggressiveness which should then serve as a red flag. Human resource personnel and the corporate security team should work together and involve third party professionals to evaluate and monitor what is going on in this person’s life.

Violence is typically a process, not an isolated event. The violence process usually has behavioral red flags along the way. This is what thorough workplace violence prevention training often outlines but it also applies to how the individual leaves the workplace depending on the circumstances of the departure.  Not realizing the desperation that a person faces, and the volatility that they represent, could be dangerous and using every tool available to gather data is prudent. The job may have been all they had left to depend on!  They are now focusing on your company as the evil force that took away the one last thing that was important to them.

For more information regarding safely conducting a termination process for all types of high risk cases, check out the courses at www.imac-training.com. Also refer to www.afimacsmi.com for more information regarding social media investigations.

How Can Social Media Content Help Combat Bullies at Work?

August 26th, 2015 Comments off

Workplace bullying is often the first step in a developing workplace violence issue. One that can result in lost employees, lost productivity, law suits, and can lead to overt violence if left unchecked. What if the bully is a supervisor?  If aggressive tactics are tolerated as supervisory motivators, they will become the dominant form of management. This is an absolute path towards organizational failure. Fear has only a small place in supervision. Holding people accountable can be done in a very civil and subtle manner. There is often a blurred line between being held accountable and being pressured by a bully who says they are trying to motivate. The effects will often be: lower energy levels, no employee initiative, and manipulative behavior among employees to avoid the bully, health problems, and many others.

How can bully supervisors exist in some workplaces for so long without being dealt with? Bullying and inappropriate aggression will continue if they are ignored. Fear is usually what causes this tendency to ignore or deny the behavior. Either fear of harm or reprisal. The bully’s tactics are effective in that regard. It is easier to avoid the problem than to address it. However, ignoring is another form of tolerance. Tolerance is another form of acceptance. This perceived acceptance is why bullying, if allowed to exist for too long, will lead to a physical incident eventually.

There is another tool to help monitor/control this behavior. For example, a client requested to have a supervisor monitored, due to one brave employee’s concern regarding the supervisor’s aggressive and verbally abusive behavior. As a precaution, they wanted to monitor the supervisor’s open source social media “footprint”. They contracted a firm to monitor his various social media feeds for content using a number of keywords. The supervisor had posted statements that were somewhat troubling and suggested that he may act out in the future even more aggressively. Furthermore, factors outside the workplace were adding to the situation. Social media data was harvested, collected and stored for analysis.

Unfortunately, the performance improvement plan that the company put the supervisor on did not produce the desired results and the company decided to terminate the individual.  The company was confident with their decision, as they were armed with the individual’s potentially dangerous social media posts, adding to the lack of behavior improvement. Security measures were put in place to mitigate any termination risk. The event took place with a heated verbal outburst, however no physical violence occurred. The company opted to continue social media surveillance for an additional 30 days following the termination. The individual posted a number of statements expressing his displeasure, but none of them were deemed as threatening. After a few days, the individual’s posts returned to normal and the surveillance was discontinued.

Learn more about how to protect your workers from being bullied. Check out the “Workplace Bullying: Identification and Response” course on the AFIMAC online training site www.imac-training.com. Also, go to www.AFIMACSMI.com to see how to order social media investigative assistance discretely online.

Active Shooter Response Planning

July 24th, 2015 Comments off

With every news flash of a workplace active shooter incident, now almost monthly, it becomes increasingly evident that organizations/businesses/schools need an Active Shooter Response Plan. Furthermore, this is not a one size fits all challenge. Granted, the plan from one organization or institution to another may have some common reaction guidelines. Most of the active shooter response videos and training courses available promote a variation of the ‘run/hide/fight’ responses. However, the way your employees/occupants apply these concepts in an actual incident needs to be specific to the uniqueness of your facility.

Yes, in fact there are only three response choices for facility occupants to rely upon:

  • get out – exit immediately if possible
  • hide out – lock and barricade quietly in place if escape is not possible
  • take out – mass attack the shooter if you’re cornered and fight for your life

However to be practical and effective, tailored active shooter response protocols have to take into account several factors such as:

  • The type of facility in question –school, mall, office, factory, sports complex, etc.
  • The environment in which the facility is located –city, suburban, rural, remote, etc.
  • The type of communication system available – public address system, mass texting or email, audible warning, etc.
  • The occupants’ capabilities –employees or non-employees, age, physical abilities, etc.
  • Emergency responder availability/response time
  • Public occupants vs. employees only

These are just to name a few.

Other factors will influence the variations of how ‘get out/hide out/take out’ is applied and which of these response options are selected under what conditions. Having a generic plan which defines the three basic options is only the beginning. Accounting for the uniqueness of your facility and giving example circumstances to prepare each occupant to know specifically how they should react in a situation is the key to developing an effective active shooter response plan.

Then the plan must be tested and rehearsed. Include the local emergency responders in the refinement of your plan. Lessons learned from other incidents that have occurred, and from your own rehearsals, can be used to further modify and tailor your active shooter response plan; the one that might become part of your legal defense and your clear conscience. Facility management has a legal and moral responsibility to have an active shooter response plan that is practical and will give people a chance to survive. It’s the right thing to do.

For more detailed training regarding active shooter response guidelines see our course at www.imac-training.com.

Social Media Investigations

June 29th, 2015 Comments off

It always amazes me what people will post on their social media channels that they may not speak about while with a group of friends or associates. This even holds true for those that communicate about negative, unethical or even criminal activity. It is as if they think they speak in ‘code’ and nobody will notice or care except those they intend the post for. Maybe it’s the convenience, efficiency, and instant communication capability that the SM channels offer that cause this tendency. Or maybe it is just the ‘cool’ factor of being active on these sites. Whatever the motivation, this habit is one that we as corporate investigators, or public law enforcement, should not overlook.

In any investigation you must first ‘open all doors’ to assess what is happening or what has happened and who might be involved. Then once all potential individuals of interest are identified and the scope of the situation/crime is defined, you go through the process of ‘closing those doors’ and ruling out individuals that are not involved and narrow your focus on those who warrant closer scrutiny. Traditional investigative techniques (interviews, review of surveillance video, physical surveillance, document review, etc.) are typically used as the investigation becomes more focused but information available by mining social media channels can speed results throughout this process, as well as make it more thorough and cost effective.

Human Resource professionals should also be taking into consideration what potential applicants and even current employees are posting. It can be a reflection into someone’s abilities, character, interests, values, intentions, and past experiences. Often having internal personnel search for this information is time consuming and expensive, or you just may not have the staff or capability to complete it. However, through very inexpensive vendor services, this information can be gathered from publicly available sources. This process is known as open source intelligence (OSINT). It is out there for the taking and can be obtained very conveniently.

Using deep web harvester technology (powered by Bright Planet) AFIMAC has developed a specialized investigative service line with convenient online ordering, or corporate account status if desired, for fully automated social media ‘footprint‘ searches and social media surveillance/monitoring at very inexpensive rates. Check out our website for additional information.

https://afimacsmi.com/

Categories: Investigations, Social Media Tags:

High Risk Employee Terminations – Not Always Obvious

May 22nd, 2015 Comments off

There are two types of terminations that should be considered high risk. One is when aggressive behavior violates workplace violence policies or elevates to an unacceptable level and the person has to be terminated due to that behavior. The other kind can sneak up on you and many workplace violence prevention programs do not address it. With this type, the person has displayed continuously deteriorating work performance, in spite of corrective counseling, and this leads to a termination requirement. What makes this situation high risk is that the underlying cause(s) for the deteriorating work performance can also contribute towards that person’s potential to react violently during the termination itself. Their termination can cause an extreme sense of desperation at a time when they are the most volatile.

Most good workplace violence prevention programs will have educated the workforce, especially supervisors, to recognize the dangerous individual behaviors leading to the first type of high risk termination. The unacceptably aggressive behavior is the reason for the termination. It is therefore reasonable to expect some element of risk with the termination event itself, and precautions are often taken.

The second type may not contain the same aggressive behavioral indicators. However, in some of these cases, there will be indications of stress induced aggressiveness which should then serve as a red flag. Human resource personnel and the corporate security team should work together and involve third party clinical professionals to evaluate the underlying causes for the performance drop in otherwise good employees seemingly under stress. Those causes could indicate that if termination becomes necessary, precautions should be taken during the process. They can discuss with the individual what is going on in their life. They can also assess how those factors might affect the person’s response to the possible loss of their employment (often the last straw.)

Violence is typically a process, not an isolated event. The violence process usually has behavioral red flags along the way and this is what thorough workplace violence training often outlines. But the ‘under the radar’ cases that I have just described are especially dangerous because they lack those aggressive behavioral indicators. Therefore, your termination process protocols should not only address the obvious high risk terminations, but they should also account for those where there has been a dramatic drop off in performance so substantial and out of character that it results in the need for termination. Perhaps the real reasons for that performance drop off are so personally severe and so devastating, they could also represent a danger for a violent reaction to the loss of employment. Not realizing the desperation that this person faces until the time of the actual termination may be too little, too late. The job may have been all they had left to depend on!  They are now focusing on your company as the evil force that took away the one last thing that was important to them.

For more information regarding safely conducting the termination process for all types of high risk cases, check out the courses at www.imac-training.com.

Bullying and Its Effects in the Workplace

April 20th, 2015 Comments off

If you were lucky you didn’t have to worry much about being bullied in school. If you weren’t so lucky, then you remember the effects. The same human dynamics can apply in the workplace with adults. The tactics and their effects are sometimes not as obvious, but they are very real. Workplace bullying is often the first step in a developing workplace violence issue. One that can result in lost employees, lost productivity, law suits, and can lead to overt violence if left unchecked.

Why do women handle being victimized by a workplace bully differently than men? Men are taught throughout their upbringing to stand up to bullies. This will lead to confrontation eventually and if the tension has built up enough over time, ‘standing up’ may result in violence. Nobody wins. People are hurt or terminated; and sometimes the wrong people are terminated. The workplace becomes an unpleasant place to be. People leave. This all costs money, time, company reputation, and possibly clients.

What if the bully is your supervisor?  If aggressive tactics are tolerated as supervisory motivators, they will become the dominant form of management. This is an absolute path towards organizational failure. Fear has a rare place in supervision. Holding people accountable can be done in a very civil and subtle manner. There is often a blurred line between accountability and being pressured by a bully who says they are trying to motivate. The effects will often be: lower energy levels, no employee initiative, manipulative behavior among employees to avoid the bully, health problems, and there are many others.

Does this sound like an environment in which people will work extra hard to get things accomplished? Will it inspire good teamwork? Obviously no, but how can bullies exist in some workplaces for so long without being dealt with? Bullying and inappropriate aggression will continue if they are ignored. Fear is usually what causes this tendency to ignore or deny the behavior. The bully’s tactics are effective in that regard. It is easier to avoid the problem than to address it. However, ignoring is another form of tolerance. Tolerance is another form of acceptance. This perceived acceptance is why bullying can exist undeterred for too long. Bullies are transferred and can sometimes even be promoted just to get rid of them. This only reinforces the bully’s confidence in his tactics. Workplace violence prevention programs must address this developmental stage and that is truly what it is. It will lead to an incident! These are questions that plague many workplaces and effect otherwise productive happy workers. Don’t be a victim. Don’t allow such a toxic environment.

Learn more about how to protect your workers from being bullied. Check out the “Workplace Bullying: Identification and Response” course on the IMAC online training site www.imac-training.com

Does Domestic Violence Translate to Workplace Violence?

March 23rd, 2015 Comments off

Absolutely it does! First of all, your workplace violence policy should address the reporting of domestic abuse as a requirement, not just a suggestion. This includes the observation of it happening to a co-worker. The policy should give clear reasons why this is necessary, and perhaps list examples of cases where domestic violence exploded within the workplace. Did you know that 74% of the reported cases of domestic abuse also reported that some of the abuse actually took place in the victim’s work area? Consider if an abused spouse or partner secures a restraining order for the home, or if the victim moves, where is the next most predictable place to find that victim? The workplace; where now others are exposed to the abuser.

It used to be that companies did not want to get involved with domestic abuse experienced by one of their employees. There was a ‘check your personal problems at the door’ attitude. That demeanor now is unacceptable and flat out dangerous. The violent spouse or partner in a fit of rage seeking the victim at their workplace does not always confine the violence to just the victim. The company or organization has a moral and legal responsibility to be aware of such abusive activity and foresee that it could enter the workplace and become everyone’s problem. The courts will certainly look at it that way should an incident occur in the workplace and someone else is hurt.

Turning a blind eye and allowing the abuse to go unreported, is not a defense. If the victim’s co- workers are aware of the abuse, then the organization needs to be aware of it. Therefore, your policy needs to make all of your employees aware of their responsibility to report such a situation for a discrete investigation. Besides doing the right thing to help the victim employee, your knowledge of the abuse, and subsequent actions taken to protect that individual and the work environment, will become part of your defense. Options might include counseling or other Employee Assistance Program (EAP) intervention, relocating the affected employee within the office to a new work space, changing their schedule to avoid nighttime parking, or even transferring them to another facility if that would help. Make some accommodations that will either help with the direct problem, or reduce the likelihood that the problem will manifest itself at work in a violent manner. OSHA’s general duty clause maintains the expectation that the workplace be made safe from foreseeable dangers and this is one of them.

Please explore our online training courses available at www.imac-training.com for workplace violence prevention courses as well as other security disciplines.

Workplace Violence Policy – What Behavior Should it Include?

February 27th, 2015 Comments off

Workplace courtesy and safety should be a simple matter of applying those basic rules of behavior we all should have learned by the time we were 5 years old. It has however become a complicated issue, with social and legal consequences for both the offenders and their employers that fail to identify aggressive behaviors as violations. Is bullying a behavior that should be defined within the workplace violence prevention policy and included as unacceptable behavior? Is a domestic abuse problem the company’s business? Where does ‘aggressive management’ cross the line into the early stages of potential workplace harassment and create a hostile working environment in which people are prone to over-react.

Yes, these conditions do have to be very clearly spelled out in a workplace violence prevention program and in any written policy statements. If your policy is limited to actual physical violence, or threats of violence, it will fall short of recent standards. Such standards set by the Occupational Safety and Health Administration (OSHA – see directive CPL 02-01-052 dated 9/8/11) and ASIS/SHRM’s Workplace Violence Prevention and Intervention – American National Standard document define workplace violence with fairly broad language. In order for your policy to provide some hope of prevention, as well as a reasonable defense in court, the following types of activity and conduct must be addressed:

  • Criminal activity within the workplace
  • Customer/client/patient confrontations
  • Personal partner abuse/domestic violence spilling into the workplace
  • Aggressive co-worker issues such as abusive emails, verbal threats, hostile intimidation, and any other unacceptable behavior that invokes fear in the workplace
  • Bullying and cyber-bullying

Much of this conduct is subject to assessment of ‘degree’, especially bullying, but your policy should give clear examples of unacceptable conduct. Absent written directives forbidding such behavior often isn’t considered wrong and therefore goes unreported. This will not only assure its continuation, but will probably be interpreted as acceptance and lead to more drastic, or more aggressive conduct. If it seems like there might be some spill-over into other policies governing employee conduct, like into your Harassment Prevention Policy, so be it. You still want to address the unacceptable behavior, see that it is reported, and take action to stop it. If abusive or aggressive conduct is addressed by more than one policy, that’s fine.

To be effective, the Workplace Violence Policy has to be understood by the workforce and the only method for achieving that is through training. This training has to be done at the employee level for all. Employees actually have to be considered your first line of reporting responsibility. They should learn the behavioral red flags and the reporting requirements expected. Training also has to be done for the supervisors who are going to be your second line of responsibility to investigate the issues. Then, the designated Threat Assessment Team should be given even more specific training as to how the policy is to be applied and enforced. High risk terminations, for example, should always include an assessment by the Threat Assessment Team and the following of established protocols for the termination.

Check out our whole Workplace Violence Prevention series of training courses at www.imac-training.com.

Categories: Physical and Online Training Tags:

Are You Ready for a Data Breach?

January 22nd, 2015 Comments off

The threat of a data breach is becoming greater every day. Any business with POS (point of sale) data is a target. Therefore it is important to have a reactive solution on standby in the event of a breach or attempted breach. Research has shown that if there is a concise, turnkey data breach response plan in place, with trusted experts contracted, it is shown to reduce the negative financial impact of the breach by 22%. Thoroughly understanding the ‘scope of the breach’ is also important and can further reduce costs by 20% more by avoiding unnecessary notification.

Data breach threats in the Healthcare industry represented 42% of all data breaches reported in 2014 and are expected to get worse in 2015. Furthermore, a stolen medical identity sells for $50 on the black market compared to $3 for credit card information and $1 for a social security number. Breach protection goes beyond HIPPA compliance. It should include any PII and PHI (Personal Identifiable Information and Personal Health Information) as well as payroll/financial data, employee records, and intellectual property.

So let’s look at this problem both proactively and reactively. Of course minimizing the chances of a breach through proactive/preventive audits or assessments is much more prudent than just having a good response plan. You might already have your IT professionals internally doing periodic system checks but do they include the third party partners and vendors that touch your data for example or review employee behaviors that are causing exposure? These methods are how access is gained through no fault of your own systems security.

Proactively conducting holistic audits or assessments using investigative experience and technical evaluation to assess your real-world vulnerabilities is the key to minimizing your chances of a breach. You must identify your specific “Actual Threat Environment” leveraging a combination of computer forensic, IT, legal and investigative understanding to capture the entire scope of your vulnerability.

Reactively, in the event of a suspected breach, planned response measures should be quickly employed with a crisis management approach including:

  • initial triage/breach validation
  • quantification of the scope of the breach (necessary to determine need for notification at certain levels and prevents the organization from inappropriate or unnecessary response and resulting in harm)
  • call center support, mass notification guidance and assistance, credit monitoring and legal advice (if needed)
  • total forensic investigation to preserve evidence
  • rebuilding client/customer confidence

 

For more information on how AFIMAC can help you plan for such a situation please call 440.878.5114

Categories: Physical and Online Training Tags:
  • LinkedIn
  • YouTube