FSO SeriesA CL E A R A NCE JOB S SPECI A L R EP OR TThe Need for IT Convergenceby Jeffrey W. Bennett, Industrial Security ...
along business practices. These practices can include        provide feedback and evidence for use in analyzing andcampuse...
Training increases morale in many ways and creates a          all the above threats. Victims suffer greatly financiallyteam ...
Are our passwords easy to break? How much intrusionwould it take to stop our operations?                                  ...
Upcoming SlideShare
Loading in …5

FSO Security: Detecting and Preventing Fraud


Published on

Facility Security Officers can help mitigate theft, vandalism, workplace violence, fraud, and computer attacks. IT can provide a great benefit for identification, analysis, risk assessment operation security and prevention. FSOs and security professionals should continue to study their craft and learn ways to counter evolving threat.

Published in: Career, Business, Technology
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

FSO Security: Detecting and Preventing Fraud

  1. 1. FSO SeriesA CL E A R A NCE JOB S SPECI A L R EP OR TThe Need for IT Convergenceby Jeffrey W. Bennett, Industrial Security Professional (ISP), for ClearanceJobs.comFacility Security Officers (FSO) study their craft and preventing theft. For the internal threat, access can be controlled by badge or biometrics. These IT capabilitieslearn ways to counter evolving threat. Business can limit access by employee, time of day, and certainintelligence methods continue to keep up with days of the week. For example, employees that work intechnology to analyze and prevent the internal and the warehouse can access their warehouse doors, but cannot gain entry to the supply department. Those whoexternal influences that can ruin the enterprise. have janitorial privileges may only do so during work hours and not when the business is closed.Loss Prevention Other capabilities include closed circuit television (CCTV).The threats to enterprises include: theft, vandalism, This is a great deterrent and detection device for bothworkplace violence, fraud, and computer attacks. the internal and external threat. Current technologiesThrough a system of identification, analysis, risk allow the use of tilt/pan/zoom cameras that record andassessment operation security and prevention, FSOs can store digital data. This data can be entered into a datahelp to mitigate those risks. warehouse. Besides employee protection and assistance roles, this data can be mined to see patterns andThough FSOs primarily protect classified information, recognize traits of potential perpetrators. For example,they may be involved in more traditional security a supply bin in a warehouse may suffer shortage at eachdisciplines. For example, the costs of theft may affect inventory. The installation of CCTV would provide digitalhow the defense contractor charges for products and feedback of whether or not supplies are being stolen andservices and asking the customer to bear the cost of the who is involved.loss. The way to recover loss is to pass the costs on byincreasing the top line. Raising prices to recuperate loss is Sabotage is a reportable threat according to thea symptom of theft, but not a cure. National Industrial Security Program Operating Manual (NISPOM). Sabotage must be reported to the FBI. ForMany companies have invested in security staff internal protection, it can be categorized with workplacefocused on identifying and preventing loss. These violence, criminal trespass activities, and industrial“loss prevention” jobs are oriented on identifying risky espionage or in conjunction with a theft. Though rare,behavior, observing others, investigating theft, and costs are heavy and expense may fall on the companyfinding methods of reducing risk. In retail, they may or the customer. IT tools are available that providebe secret shoppers; in transportation they may be automated tracking of inventory and informationmonitoring cameras and patrolling as guards, or dressedin business suits advising in board rooms.Detecting and Preventing FraudInformation technology (IT) and lessons from businessintelligence (BI) can be applied to detecting and
  2. 2. along business practices. These practices can include provide feedback and evidence for use in analyzing andcampuses, apartments, retail, transportation, factories determining actions to prevent this behavior.and other industries. For classified information, the ITtool is the Information Management System (IMS). TheIMS is required by NISPOM and can be used to provide Occupational Fraudup to date status of classified information from reception Occupational fraud is another risk. Whether an employeeto dissemination or destruction. feels entitled to their fair share, is disgruntled or other reasons, this crime is costly. When involving classified information, it can be detrimental to national security.Workplace Violence This crime can be broken down into three categories:Employee workplace violence makes huge headlines Asset misappropriation, corruption, and fraudulentfor a very good reason. It is shocking behavior with statement. Examples of asset misappropriation includethe most serious events resulting in multiple deaths. fraudulent invoicing, payroll fraud, and skimmingThese incidents lead to law suits, low morale, a bad revenue. Corruption can involve bribery and conductionreputation for the company and leaves families and business laced with undisclosed conflict of interest.victims devastated. Not all violence in the workplace end In defense contracting International Traffic in Armsin death. Whatever the level of crime, innocent people Regulation or Federal Acquisitions Regulation violationsare attacked at the work place. The company has several could also fall under fraudulent activity.obligations. The first includes the legal responsibilityof the employer to protect and safeguard against Defense contractors face a level of fraud threat.preventable harm. This includes all those who work inor visit the workplace. The second responsibility is to Higher costs can occur at higher employeehandle incidents and investigations, discipline and other positions. For example, managers may not beprocesses appropriately. It is as important to respect the sticking product in their pockets and sneakingrights of all persons involved throughout the preventionand investigation processes. out the door. However, falsifying travel reports, creating false accounts, diverting payment andHuman resources managers in defense contractors mayunderstand the more serious discriminators that could other crimes are more impacting.be associated “non-hire” criteria. For example, onediscriminator that would prevent a person from getting Fraud is difficult to detect and many schemes can continuea job would be a history of violence. A highly accurate for long periods of time before they are detected.and timely pre-employment screening program is vital. Detection can be accidental, the result of a tip, an auditAnother would be specific questions about performance (internal, external or surprise), hotline or as referred to byduring the interview that might indicate propensity for law enforcement. Focus and discipline could be perceivedviolence or not being able to work well with others. as the best means to detect fraud. Paying attention to patterns, verifying paperwork and checking records is timeEmployeesʼ may not be the threat. Nature of customers, consuming, but must be performed.friends and family members could provide risk to thework place. These criteria could be identified as well. A sound method of detecting fraud involves the input ofEmployees who have abusive partners or spouses and employees. Training employees on fraud and awarenessemployees who perform in risky environments such as can help detect it early and reduce costs. Some of thisretail must be considered in the risk analysis and data training is already conducted during security awarenesswarehouse input. activities. However, instead of just training cleared employees, the FSO can help reduce fraud by tailoringSome additional mitigating factors for employee workplace the security awareness to uncleared employees as well.violence include traditional security methods. Additionallighting in darker areas, an armed guard, securitycameras and panic alarms do wonders to give employeesa peace of mind as well as help prevent violent behavior.Knowing security is in place deters the criminal element.These security measures could be linked in a network to
  3. 3. Training increases morale in many ways and creates a all the above threats. Victims suffer greatly financiallyteam like atmosphere. and productively.Information technology (IT) and lessons from businessintelligence (BI) can be applied to detecting andpreventing fraud. Employee and hotline tips are mosteffective. Computer links could be set up on corporatesites to allow employees to report fraud. Some methodscould include survey, direct question and answer, or just aspace for reporting.The audit, hotlines and tips are effective after or duringthe commission of the lengthy fraud period. These areall reactionary events. What about being proactive?Many companies have the capability to automate almosteverything. Time sheets, accounting, billing, productionand supply chain records are often on a server. Mostrequire supervisor approval or at the very least have the There are many existing security methods available tocapability of real time monitoring. This information can help companies take the offense against such attack.be integrated into a company version of a data warehouse Protection takes the coordination, input and involvementand be manipulated according to the input rules. Specific of all business units and departments in the organization.habits of employees can be pulled to look for and address It cannot given to the security department alone tofinancial inconsistencies. handle, however such actions should be accountable to one department. Other aggressive measures includeAccess control measures such as card scanners, code password protection, rules on internet use, firewalls andreaders and biometrics are increasingly effective. They internet access blocking. These can be regulated withleave a trail of employee activity and regardless of the convergence concept. Software already exists to helpposition all are required to enter information to gain generate and protect passwords on network and standentry. Computer keyboard activity can be limited by alone systems. These help ensure not only that authorizedpassword protection and all media should go through the users are accessing the systems, but they also provide asecurity department before introduction or removal. All of basis for auditing. Information technology can track whothis leaves a data trail. Besides employee protection and used which system to access which information. The userassistance roles, this data can be mined to see patterns leaves an automatic automated electronic trail.and recognize traits of potential perpetrators. Companies should have strong firewall capabilities to protect information from both leaving and entering theCybersecurity enterprise system. These firewalls help prevent hacking,Computer attacks are a huge risk to all businesses. The high-jacking and malicious viruses. The firewall needsthreat of hackers, malicious viruses, and phishing are to be updated regularly with updates. Most importantly,just a few serious events of which the FSO should be checking and running analysis identifying the threat isaware. Data can be destroyed, reputations can be ruined, vital. This identification should track where the threat isand lives can be stolen. These attacks can cripple an coming from, how often the defenses are probed, whatenterprise and could take months or years to recover. the threat using to probe the defenses is, and what timesBusinesses should have IT tools to detect and combat this of day are the threats the strongest. Analysis shouldtype of threat as soon as possible. identify strengths and weaknesses that the adversary is trying to exploit. When is the IT asset most vulnerable?Worms and viruses are quickly destroying years of input.These threats appear innocently enough in the beginningand when the right time comes, they activate. Threatscontinually knock at the internet portal trying to learnpasswords and the inner most secrets to exploit forespionage, theft or fun. Unprotected systems perpetuate
  4. 4. Are our passwords easy to break? How much intrusionwould it take to stop our operations? DETECT FRAUD BY:Internet discipline is also vital. An enemy doesnʼt have to • Focus and Disciplinebreak down defenses to wreak havoc, many times they • Paying Attention to Patternsare invited in by unwitting victims. When employees visitunauthorized websites, download unauthorized software, • Verifying Paperworktransfer data from a home computer or forward corrupted • Checking Recordsemail, they can cause just as much harm. Blockingwebsites, allowing only IT personnel to upload software, • Input From Employeesand screening all mobile media or preventing all media • Creating Fraud ʻHotlineʼsuch as CDs and other portable storage devices is crucialto protecting the enterprise.Protecting the enterprise with security in depth will solve also continue to keep up with technology to analyze andmany problems. This includes previously mentioned prevent the internal and external influences that can ruinbiometric or card reader access devices, alarms and the enterprise. The threats corporations face include:CCTV cameras. These are available IT devices that are theft, vandalism, workplace violence, fraud, and computerpopular and effective at monitoring employee movement attacks. The role of security to converge traditionaland activity. Vital risk assessment detail is captured in a physical protection with the capabilities of IT systemsdata warehouse to better analyze events and proactively is necessary. Tools of IT can provide a great benefit tomitigate risks before damage occurs. enterprise as a system of identification, analysis, risk assessment operation security and prevention, astuteTraditional methods of stove piping or traditional IT managers can mitigate risks. ★ ★ ★security do not produce effective results. Neither doessegmenting business units. When the one departmenthandles all internet activity, human resources execute the Jeffrey W. Bennett, ISP, is a former Army officer, FSO and islaying off offenders, finance department handle all payroll an accomplished writer of security books and periodicals.discrepancies and accounting performs all audits, the His books include ISP Certification-The Industrial Securityresult is a broken chain of incomplete activity. Professional Exam Manual. He is the owner of Red Bike Publishing (www.redbikepublishing.com).The willing participation and information sharing couldbe better handled in the form of a committee. Eachrespective department can do their day to day activities,but results can be presented to the entire group to helpdetect and determine any one of the threats addressed inthis paper.FSOs and security professionals should continue to makeit a point to study their craft and learn ways to counterevolving threat. Business intelligence methods should4101 NW Urbandale Drive • Urbandale, Iowa 50322 • 1.877.386.3323 • www.clearancejobs.com