todaystrainingblog

A great WordPress.com site

Month: April, 2016

Penetration testing & the reason for conducting them

Penetration testing  can mean several things, depending on who you discuss it with.;

  • It can be a computer test to see if your network is vulnerable to a hack attack. IT departments and consultants conduct these on a continual, supposedly, basis based on the current threat level for computer networks and the media coverage of such large scale breaches in recent years
  • The 2nd, and oldest, is the physical security kind, which is what I’m going to discuss. This is where a person, or team, attempt to penetrate your facilities security perimeter. And we do that by innumerable means, depending on the skill set of the ‘perpetrator’.

A short story of a successful test from 27 years ago; the assistant operations manager, Doug Dragert,  of Wells Fargo Guard Services in Kansas City, MO. was asked to conduct a test of a large corporate office building. The Director of Corporate Security, later the VP of security, told my friend that “This building is secure. You’ll never make it to the executive offices. My security staff is better than you may think” And then left to meet with the CEO on other issues.

After wandering like he belonged, he found an open door with several smokers. He walked passed them through the door which had been propped open. For the next 30 minutes he kept the security staff moving in random patterns all over the building. After that interval he showed up, pushed past the secretary and into the CEO’s office and held out his arm as if he had a pistol.

The security director was embarrassed and the CEO frightened enough to believe, practically, everything he was told about security. Their security budget nearly tripled over the next decade and they added officers to every single building they leased, more than 30.

And that’s why penetration testing is necessary. To show you the deficiencies in your security system. Many facilities can be easily breached even today despite workplace violence (WPV) & terrorism fears, many remain open to anyone and everyone. And no one confronts a stranger, generally, when they spot one.

So what are some of the direct reasons for a penetration test?;

  • Theft from office equipment, drugs, machinery, & other items
  • Destroying assets of all kinds from equipment to annoyance items i.e. glass
  • Terrorism events against a certain patient or group
  • Active shooter event including terrorism, WPV, or just plain chaos & mayhem
  • Disruptive individuals with mental issues or just upset by something

Those are just a few of the reasons to utilize & conduct a penetration test. But what are some of the things to think about during a test so as not to make it so disruptive to the work day or employees?;

  • Informing employees ahead of time there will be an exercise. Not the day or time, but that it will occur
  • Defining the goal of the exercise. Is it for one section, the entire facility or…
  • Setting operating guidelines. Is the consultant allowed to do, or not, something? Can they lie, cheat, damage (hopefully not), or whatever
  • Determining where and when the team will operate. Again, this is vitally important to the success of the test. Although they should be given the leeway to go outside the pre-set boundaries to give an objective observation and accurate assessment of what may happen
  • Involving the target site’s security team. If the client/facility already has security on-site, then they have to be informed along with the other employees that a test is going to occur. You may want to inform them of the day or shift as well, but that is not necessary
  • Assigning a challenge phrase for the target site’s security team. This will allow the facility security team to identify that the exercise is in effect and the individual is involved with it, so no mistakes can be made and someone else accidently allowed in
  • Setting a time for review and analysis of the exercise to discuss the deficiencies and successes. And it is necessary that it has to be as harsh as possible in order to be effective. Some things can never be fixed but that doesn’t mean it can slide and not be attempted.

 

The key in all of this is to ensure that you actually have a physical security program in place. If your program is only haphazard then this is likely to be a total Charlie foxtrot (ask a friend who was in the military, possibly 20 or more years ago). And if you have this many issues with your program it may well not be worth the trouble, without totally revamping it.

If you don’t test something, you’ll never know how effective it is. And whether the effectiveness is in the training, policies, procedures, observational or listening skills or the organizations communication doesn’t matter. What does matter is your analysis.

And that means being as objective and critical as possible. If you’re not critical or objective then you can be assured that when it is necessary to rely on your program, officers, employees, and etc. it will fail. And in today’s dangerous modern world that can lead to more than just a bad decision resulting in lost time or money. It can, and possibly will, lead to someone’s death or injury. And no one wants that.

 

Robert D. Sollars is a recognized expert on security issues, specifically workplace violence. He’s spent nearly 33 years in the security field. Visit his Facebook page, One is too Many, where you will read about other items related to security & WPV issues. Or be a twitter follower at @robertsollars2.

I May be Blind but my Vision is Crystal Clear

Should security be closer to Israel of ‘16 or the United States of the 50s?

Let me start out by making a derogatory statement towards the field that gave me my start; In the United States we are much closer to the security field of the 50s than we are to the proactive professional security of Israel. Providers, clients & companies who employ security officers and refuse to allow them to do their jobs.

They want their lowly, insert any derogatory term for officers here, to do nothing but observe & report. https://todays-training.com/2015/06/23/observe-report-is-obsolete/

That is the difference between the United States and Israel in the way security is handled. Here, all we want is someone to observe & report. Which for lack of a better phrase, it’s the 50s approach to security, and lazy.

In Israel, most officers don’t wait to just observe & report. They are proactive. Intently observing, listening, collecting information, and the like. Once they get a handle on a potential situation, then they act. It’s not just report to someone and let it go, as in the US.

The mentality of security in Israel is that it can be fatal not to react. In the United States it’s becoming that way as well with workplace violence & terrorism, not to mention being costly to everyone involved.  https://todays-training.com/2015/04/14/security-contractor-fined-47-million-over-wpv-incident/

Unfortunately it is a fact of life in one of the most strife ridden and war torn areas of the world at this moment in history. So why can’t we learn from the Israeli model of private security?  Let me give a few observations I have on the industry;

  • Stupidity because nothing bad will ever happen here!
  • It’s a cost center and returns nothing on the investment!
  • It’s a necessary evil so employees will feel safe and we get an insurance break
  • It’s a nuisance because they are always trying to enforce rules (that we put in place) that don’t work anymore
  • It’s a great insurance break, because they give us a break and we save thousands of $$$$$ by not using it on security!

Now let me answer those questions specifically. And I could post for weeks on those, but…

  • Stupidity – the rate of workplace violence, terrorism, theft, injury to a derelict, or something else is unlikely by statistics. But what would happen if it did?

Cost center – As a matter of fact Good security costs a lot of money. Security, if adequate, can save hundreds or thousands and no one will ever know

  • Necessary evil – “All they do is hinder employees, deliveries, and visitors from having easy & open access to the facility. But someone will act stupid and try to sue us if we don’t have them”
  • Nuisance – “All they can think about is ways to stop and prevent us from doing our jobs! They harass us to do this and not do that. They can be such a horrible thing to have around!”
  • Insurance break – It’s true that companies can usually get a good break on their liability and property insurance rates with security on site. The issue comes in when the extra money is added to the company coffers and not used for security. Back when I started, 1983, it was about $30,000 per year for a 75 hour per week account & the client got a $100,000 break.

 

We need to have our security officers more appropriately mirror those in Israel. No more of the 1950s observe & report mentality. We need professional security officers that think for themselves and the clients/companies.

Security officers in these days of workplace violence, terrorism, massive theft, bomb making chemicals in practically every manufacturing plant. Hospital, facility, & office buildings need to be just that. Professionals. And it all starts with OUR perception of them. They have to be called officers not guards.

Then comes the training, supervision, customer service, and the myriad of items that go into making a professional. None of us reading this post would like to be called a rent-a-cop, mall cop, wanna be cop, Barney Fife, or the innumerable derogatory names I’ve been called in 33 years (and those were the nicer ones)!

But as long as the C-suite and clients have the mentality that all they want is a warm body… And as long as the security company sales people insist on under cutting each other for pennies to garner another account…

This isn’t the dark ages where we settled things by running each other through or slitting another’s throat. But unfortunately, in the security business that is exactly what we do. Instead of focusing on what the real challenge is we only want to add to our company’s bottom line.

I think we need to begin to sell security and not just warm bodies that happen to fulfill a shift, post, or insurance requirement. It’s time we start acting like we are security professionals and begin to secure what we can…better and more professionally. Which also means getting the money from the C-suite to do what needs to be done to ensure better security.

 

To read more on the Israeli model and how it should relate to the security profession here in the United States I refer you to the Chameleon Associates blog of March 23, 2016 entitled Seeking to Engage, www.chameleonassociates.com

 

Robert D. Sollars is a recognized expert on security issues, specifically workplace violence. He’s spent nearly 33 years in the security field. Visit his Facebook page, One is too Many, where you will read about other items related to security & WPV issues. Or be a twitter follower at @robertsollars2.

I May be Blind but my Vision is Crystal Clear

I’m fat and I’ll admit it but…

First of all, I urge you to read the entire post before closing it out, I do have a good point about security to make. I’m normally a fairly realistic person. Pessimistic and fatalistic about most things but for the most part… That’s why I say I’m fat and I’ll admit to it. I try my damnedest not to be in denial because…

At this point I am trying everything I know of to lose the fat once again. Eating less and better. No snacking in the middle of the night or just before going to bed.  More exercise, sleeping at least 6-8 hours, not just 3-5, and a night. I’ve even considered surgery but that wouldn’t do the new/used kidney much good.

When I found out I needed a new kidney they told me I had to lose 80 pounds. And I did. Over the course of 3 years I lost not only 80, but over 100 instead. From March 2011 to September 2014 I went from 287 to 178 after the transplant! WOW I hadn’t been that low since high school, and that was a loooong time ago! But now I’m back up to 230 something.

I’m fat and I know it. If I can admit something that personal here in front of everyone, why do business leaders continue to deny the existence of workplace violence (WPV) within their company, industry, municipality, state, or region of the country? It seems to me to be, pardon me for being blunt, just plain idiocy, denial, or possibly delusional?

An owner I encountered said they don’t have a problem with it, but on the advice of their legal department, directly after San Bernardino, I conducted a workshop for the employees, supervisors, & managers, I stayed for an extra 2 hours to answer questions.

The owner may have been in denial. However, his employees were worried about…something.

It is still amazing to me, one of the few things that I do still get surprised about, is that people with all of this business acumen, expertise, MBA’s, and such deny that WPV can actually occur in their business. And then it happens and they say…”I didn’t think…”

And that’s exactly the point, they didn’t think. About anything but their own ROI and how the shareholders would react to spending financial resources on this kind of financial toilet. Security, and in this case WPV, doesn’t have a good ROI therefore it’s a cost center not a profit center. But is that really the truth? The unequivocal answer is No.

They say “Show me the statistics, facts, & figures and maybe…” Then the statistics, facts, figures, which they supposedly paying close attention to according to their MBA’s & the facts don’t lie, are right in front of them. And what do they say about the facts then? Nothing except the customary platitude “It can’t happen here, so why worry?”

It is true that a deadly incident of WPV doesn’t happen very often. It’s more likely to be in lost productivity, investigations, paperwork, & just plain time wasted on doing these things. And usually it’s because of a fist fight, bomb threat, harassment, or bullying.

So the key question to ensure that managers, owners, & those in the C-suite understand is this; Can you afford an insurance rate hike and the bad publicity that comes from an EEOC complaint, law suit over an incident of harassment or physical injury, lack of security, lack of training, supervisory negligence (read management), or inadequate security? Any and all of these are possible with an instance of WPV, which I will reiterate occurs 15 million times a year.

Do you, the manager, owner, or exec want to tell a fresh faced innocent little child that their mommy or daddy isn’t coming home because you tried to deny something that would cost money you had but didn’t want to spend?

Honestly, how many of us want to face anyone and answer those questions. I can guarantee you that only 1 in a million people will say they’ll do it. As hard-nosed, direct, blunt, & rough cut as I am I surely would not want to face that child and tell them that about their mommy or daddy. Would you?

 

Robert D. Sollars is a recognized expert on security issues, specifically workplace violence. He’s spent nearly 33 years in the security field. Visit his Facebook page, One is too Many, where you will read about other items related to security & WPV issues. Or be a twitter follower at @robertsollars2.

                                     I May be Blind but my Vision is Crystal Clear

Do employees need to be trained in how to prevent WPV?

“Why do I need to train employees on workplace violence (WPV)? I mean, they don’t need to know all that stuff. it’ll just clog their day. And I don’t think they need to know that nonsense, because they need to do their job & concentrate on making the business successful so they’ll have a job tomorrow!”

This is a true statement, albeit paraphrase, that I got from a business owner when pitching him a wpV workshop for him and his employees. I attempted to explain to him the reasoning why they needed to know what to look for and how it can affect the business. Unfortunately, not being a salesman…

Too many times the reasoning for not conducting training on WPV is financial & an attitude. Training costs money and lost productivity. If the training takes place during business hours then its lost productivity. If it’s done off hours they have to be paid so therefore it’s lost money.

Secondly, it’s the employer’s attitude that I mentioned above. And that attitude? Many companies don’t train their employees on protecting themselves and co-workers in WPV. And why? Because they have that one most dangerous attitude I’ve talked about before, numerous times. Chh, Can’t Happen Here.

The key to recognizing and preventing WPV is training. Employees need to know what to look for and why they need to report those items. Warning signs especially are something to train them on because this is the first step in preventing an incident from employees, or former ones.

I will venture a guess, by experience & observation, that most companies consider any training over and above the orientation session, on the employee’s job, is useless and too trivial to worry about. In some cases they may be correct, but not in this one. If you have an incident, do you want to have employees that are informed and know what to do or just run around in a sheer panic and make it worse for them and anyone else trying to help?

Is not re-fresher training on sexual harassment or their benefits necessary? Maybe changes in shift hours or conditions? How about a new machine or product line? You have to spend time to train them on these, so WPV shouldn’t be any different.

But what do you train your employees in, other than the 21 warning signs? Here is a short list of the things that they need to be trained on & avoid, hopefully, an incident.

  • Where WPV occurs. You have to remember it doesn’t just happen at a business. Sometimes the business follows them home
  • Attitudes that they, and others in the company, may have that may encourage an incident from customers or co-workers. No one is immune to these attitudes, remember CHH?
  • Customer service attitude. And yes, I know you teach this to everyone. But you don’t necessarily teach them how customer service can prevent an incident. And before you can guffaw it can very easily.
  • Run, hide, and fight. You’ve seen the video and red the materials. But I think it needs to be taught, including the fight aspect. Yes fight. One employee should tuck the customers away in the back, but if the employee or customer is in front of you fight back and distract them.
  • Situational Awareness. Your employees need to have situational awareness, what it is, and how to develop it. Without it they may be clueless to what is coming. And that could prove fatal for someone
  • Evacuation Plans. Your employees need to know where the exits are, even if the place is filled with smoke. If an (ex) employee comes in to the business and create havoc, they will know every evacuation door. So the employees need to be instructed to think out-of-the-box in these situations.

         Training for an incident of WPV should be like all other programs. It needs to be done on a continual and consistent basis. It does no good to train for anything for a few days and then drop the entire program because you don’t have the time, energy, or financial resources. You have to make the time, find the money, and the energy to do it.

How do I answer those owners or managers who ask me the questions above? As simple as I can, in my own blunt and direct manner, I tell them that one such incident can put them out of business because of the cost and that it can happen to anyone (business), at any time, any-where, for any reason. And while the frequency of deadly WPV may be low, it doesn’t negate the fact that it can literally kill their business.

 

Robert D. Sollars is a recognized expert on security issues, specifically workplace violence. He’s spent nearly 33 years in the security field. Contact him at 480-251-5197 or Visit his Facebook page, One is too Many. Here you will read about other items related to security & WPV issues. Or be a twitter follower at @robertsollars2.

              I May be Blind but my Vision is Crystal Clear

Be Klingon. Be aware

Okay, so I’m a Star Trek nut. But to be honest, which I usually am-not right but…, I’ve learned a lot from that denigrated TV show. And when in security it’s more important than ever to act like the fictional Lieutenant Worf, the security chief of ST:TNG on the USS Enterprise.

Let me say this before I continue. Most people in this world believe that Star Trek is a series of shows that can be highly entertaining for an hour, but beyond that it is sci-fi and fantasy. On the other hand, most people don’t look deep into the episodes and the issues, morality, & real life decisions that must be made on an every episode basis and easily translate to today’s world.

So how does Star Trek, Lt. Worf, & security relate? It’s very simple and relates not only to security but today’s modern world. And yes I am totally serious. Many of the episodes of the original series, ST:TNG and subsequent incarnations,  DS9 & Voyager, involve issues that are pertinent to terrorism, doing the right thing, &many other issues. I could easily name a bunch of episodes that speak to us today.

But being Klingon, as I have tried to model myself, is a matter of several things that we as security professionals need to do.  And why have I modeled myself after a fictional character? Simple, I believe that he is a consummate security professional from 30 years ago, and today. Here are some of the reasons;

  • We need confidence in everything we do. If we don’t exude confidence in a tense situation or when something new is being thrust upon us, then our subordinates will not buy-in. And then chaos will ensue or the situation becomes worse.
  • Inner strength. Something Klingons have in abundance. Should we have so much inner strength that we are arrogant and prone to getting upset and blowing up at someone? No, but inner strength is needed to overcome anything that comes our way, personal or professional.
  • We need compassion to be able to work with the people we supervise, manage, & try to move our way. And to understand what their individual situations are. And also we need it to be empathetic.
  • There are times when we have to be a ‘hard ass’, intolerant, bigoted, by-the-book, rigid, cop wanna be. But there are other times when we need to be the one to voice reason and tell people to step back and analyze the situation.
  • As I just stated we sometimes have to be that voice of reason, on both sides. On one side is convincing everyone that added security is a must to safeguard the facility or employees. On the next to calm everyone down when they want to slam the door and keep everyone out because they’re having a knee jerk reaction to an incident.
  • We need to be constantly training, both ourselves and our staff. And the c-suite should be included. But training them will have to be, for obvious reasons, be more subtle. If we continually train ourselves and staff, then we’ll be better prepared for anything that threatens… anything.
  • Preventive, not reactive, mindset. This is where being Klingon is probably most effective. WE as the security pros, need to be paranoid and think of the proverbially ‘what if’. If we can get into that mindset and relay that to the c-suite, production/office managers, vendors, visitors, and others then we will be on the way to creating the safest environment we can for our clients, companies, & employees.
  • Overcoming fear. This has to be grouped in with confidence. We have to overcome our fear of everything that happens and plunge in. Again, leading by example is what best defines this. If you are leading by example, and exhibit no fear in your dealings with officers, managers, clients, & the C-suite then it will be noticed by your subordinates or if you’re independent, the people you’re trying to sell your services to.

There is a lot more to being Klingon and acting that way while dealing with security. The traits of all Klingons is for honor, loyalty, stubbornness, honesty, fierceness, aggressiveness, tenderness towards others, and things that would take too long to go into here.

Suffice to say that if you act like a Klingon while completing your security duties it will be noticed. But like Lt. Worf it has to be tempered. He had to learn the intricacies of balancing both the Klingon way and the human way. And while it wasn’t all easily done he did an admirable job (which of course was the script).

So can you say the same thing? Will you rely on time worn and outdated ideas of the perfect manager? Will  you be a milquetoast? Are you up to the challenge of acting Klingon while on duty? For everyone’s sake let’s hope so. Q’apla (Success)!

And I am a Trekker, not a trekkie.  There is a difference in the definition. A Trekker is someone who knows far more than they should about any or all of the series’. A Trekkie is one who knows a lot but not nearly enough to challenge a Trekker.

All references to Star Trek, episodes, characters, & series’ are trademarks of CBS Interactive. All Rights Reserved.

STAR TREK AND RELATED MARKS ARE TRADEMARKS OF CBS STUDIOS INC.

 

Robert D. Sollars is a recognized expert on security issues, specifically workplace violence. He’s spent nearly 33 years in the security field. Visit his Facebook page, One is too Many, where you will read about other items related to security & WPV issues. Or be a twitter follower at @robertsollars2.

I May be Blind but my Vision is Crystal Clear

So you wanna be a writer? Use these tips to get started.

Practically everyone, at some point in their life, wants to be a writer. Whether it is when you’re 5 or 95, most people want to see their words in print. And I mean their words not just mentioned in an article. But most people never follow through with that ambition.

Usually it’s because life gets in the way; you’re too busy having fun, you’re raising a family, trying to survive financially, caring for a sick loved one, climbing the career ladder or something similar. There just doesn’t seem to be enough time, or energy, to sit and start writing your masterpiece.

Am I an expert in the writing field? Far from it. Have I sold gazillions of articles or books? No. I am successful in my own right doing articles for my work specialty, workplace violence/security. My blogs are written in my style, unpolished, blunt, direct, & unedited. For my last book…I hired an editor. It was the best money I spent. And as for my style of being blunt & direct? A reviewer compared me to your crusty old uncle, which suited me just fine!

I have some tips here for you when you finally decide to get serious and cross being an author off your bucket list. So without further ado…

  1. Your physical condition is no excuse or barrier to you writing. I’m totally blind and still write. With every disability there is a way around the issues to write, with few exceptions. I know of many people who say they want to write but use the excuse “I’m blind I can’t do that”. They then give up, enjoy doing nothing but socializing and existing. Disabilities are no excuse for not completing your dream of being a published author.
  2. Eat healthy & stay fit (as you can). This means eating everything you can to stay healthy and not be sick. Which in turn will lead to more energy and less disease. Which in turn leads to this next tip…
  3. Carve the time out to write. Doesn’t matter when or where it is make the time. Get up an hour earlier or go to bed an hour later. Taking an hour lunch or a 15 minute break? Use your free time, whenever and wherever you can.
  4. Take copious notes on anything you have for your vision. Use voicemail, yes voicemail, send yourself an e-mail, put it on paper (old school), and keep a notes file in the computer. When an idea or inspiration hits, get it down on paper before life gets in the way and the idea slips by like a greased pig!
  5. Don’t copy anyone else’s style. There will never be another HG Wells, Nora Roberts, John Jakes, Danielle Steel, Clive Cussler, or Jackie Collins. Be yourself. If you try to model your writing after someone else, then you’ll probably fail. Write in the same genre, but don’t try to copy them.
  6. Write, write, and write. And if it’s no good…so what? The idea is to get started and write. Pick your story, or genre, and get writin, or typin! And if you do this on a consistent basis then soon you can be published. And as for that nasty case of writers block you always see or possibly worry about…well that’s a different post.
  7. Don’t worry about grammar or spelling. That’s right don’t worry about dangling participles, verb usage, fragments, or any of that nonsense that you learned in high school or college. Why you ask? It leads into the next tip but first… In fiction you can get away with breaking some grammatical rules but in non-fiction, eh not so much. I’ve read so many articles since going blind I wish non-fiction writers would edit their work more efficiently but…
  8. Revise & edit. The writing world is not like it was 30 years ago and longer back. You can’t send a story to an editor and expect them to correct your mistakes. Now, most publications expect you to do most, if not all, of the editing & revising. Therefore you need to start early as a writer. But 2 little tips for your editing process; don’t start editing until you’re done with the piece. Usually what happens when you start revising & editing while writing is you get side tracked and never finish. #2 be ruthless in your editing. In both non-fiction & fiction every word counts, so if something doesn’t move the article/story forward then be like a meat cutter-cut the fat! As an example, I had a short story that I finished years ago that was about 4,000 words. Never submitted it because I didn’t think it was that good. I pulled it out this past winter and ruthlessly cut, cut, cut, & cut again and submitted to a contest in which the max word count was 3,000 words. Editing tip #3 don’t be in love with the words you write. Only the writers I named above can get away with telling publishers & editors not to edit their manuscript. Lastly, #4 don’t totally rely on spell check to help edit. Yes it’s slow going if you don’t let the computer do it but do you really want bear confused with bare, especially in a non-fiction piece?
  9. Observe manuscript style when submitting your work. This is an absolute must. I will again tell you a story I heard decades ago that was true, but don’t ask me for the names of the author or her novel; In the early 80s she had no money for a typewriter and only unlined colored paper to write. She wrote 1,000 pages in long hand and sent it to a publisher. It was accepted and published. Being so Avant garde’ doesn’t work anymore for the same reason I said about editing. The world has changed and publishers will file your manuscript in round file 13 for expediency.
  10. . Follow submission guidelines to the letter AND spirit of the magazine/newsletter/publisher. If you don’t do that then refer back to the last line in #9. If possible address your submission to the proper editor. Some won’t give you that option on their website but The sales process can be a long arduous process so…oops another post, sorry.

As I stated above, I’m not an expert by any means. I almost failed high school English classes. Never been to college or taken any college level courses in language or writing. Everything I’ve learned has been by the trial & error method. But I have published more than 70 articles, 2 books, a twice weekly blog, and formed 2 writer groups, one specifically for blind people and another for on-line collaboration/practice/short story writing.

New Security Course: Deviancy 101

I’ve been called a deviant by smirking friends & business associates. And I want you to join me & be a deviant as well. I think that everyone in business& security needs to be a deviant. There are of course sexual, criminal, ethical, and moral & the list could go on ad nauseum. But I want to discuss one very particular type of, and potentially powerful, deviancy.

I want to discuss you becoming a deviant in respect to your security practices. You need to break the rules in order to be successful in protecting your businesses. Best practices should be, as I view it, guidelines as to what needs to be accomplished.  Not the set in concrete, end all to be all items some think they are.

I delivered a workshop on workplace violence (WPV) a couple of months ago. One of the attendees told me afterward that she couldn’t break any rules when it came to human resources because she worked for a governmental agency. I said that the government and business would never get close to accomplishing its mission if it didn’t start.

In both business and the scientific world there are towering pillars of knowledge that have said, and conducted their business/research, break the rules. From Albert Einstein, Steve Jobs, Stephen Hawking, & Richard Branson have all said the same thing. My favorite business book is ‘If it ain’t broke, then break it! “ By Robert Krenzel. That book is what has inspired me for decades on breaking rules and not following conventional wisdom.

Let’s look at some ways to be a deviant in business or security with an explanation of each of them. And keep in mind these aren’t the only ways, but I hope to give you a head start on becoming a deviant;

  • Thinking out-of-the-box. Just because everything, and solution, is handed to you in one shape or another, what says you can’t go further? With all this newfangled technology, why not old school and use something from 10, 20, or even 30 years ago. Not necessarily technology but…
  • Ignoring best practices or using them as guidelines not gospel’. When something is considered gospel in the business world we are certain that we’ll get fired for trying something different, can you say sacred cows?

https://todays-training.com/2016/02/16/lets-grill-some-sirloin/

Use those best practices as guidelines only, and perfect them for your own organization not a total fix out of the box.

  • Bending out of shape or obliterating rules, policies, & procedures. Yes, you can do this as well. Will this get you into trouble and possibly get you fired? Of course it will. Will it solve problems and lead to better solutions for the company, client, & the field? Of course it will. Tell Steve Jobs or Thomas Edison not to break the rules.
  • Ignoring conventional wisdom. Taking the road from above, where would we be if Henry Ford had listened to conventional wisdom and not invented the assembly line for his cars?

The point of this is you can’t depend on conventional wisdom, best practices, or other sacred cows to conduct business or protect lives and property. If you do, then the criminal element and those who are in competition will run you down. And sooner or later when they run you down enough, you get ground into the mud.

We, as security owners/managers, can’t afford to sit and wait for the next biggest and greatest thing to come along. WE have to go out and either grab the brass ring or create the next one. That means becoming a deviant and thinking differently than the competition.

For an example, in the contract security field, despite the sales pitch and etc. There is little differentiation amongst the companies. Not a single one just stands out head & shoulders above the rest. Why, because they are stuck in the attitude of “This is the way business has always been done. Why change what works?” That is until someone breaks the rules and then everyone follows the new pied piper.

I will be the first to admit that the clients of these companies are partially responsible for this. In many, I would say most, instances they don’t give a rat’s patoot about the above, just the lowest rate they can get. But over and above that let’s refer back to the previous paragraph; “because they are stuck in the attitude of “This is the way business has always been done. Why change what works?” That is until someone breaks the rules and then everyone follows the new pied piper.”

So break the rules and don’t be afraid of what may happen. Can you get fired for breaking the rules? Of course! Can your business go bankrupt? Of course it can. But people get fired every day for things that are less innovative. And nearly 50% of all businesses will be out of it in 5 years anyway.

I want to put a ding in the universe-Steve Jobs

 

Robert D. Sollars is a recognized expert on security issues, specifically workplace violence. He’s spent nearly 33 years in the security field. Contact him at 480-251-5197 or Visit his Facebook page, One is too Many. Here you will read about other items related to security & WPV issues. Or be a twitter follower at @robertsollars2.

                               I May be Blind but my Vision is Crystal Clear

Are you asking the right questions in your meetings?

Dull & boring meetings are usually the bane of our business existence. They usually are great time wasters and, unfortunately, not much usually gets accomplished. And when it’s over everyone is thinking about a dream sequence in a movie “What the hell just happened?”

The key element, if not the main and only one, in any meeting is too learn about the issue/problem, present solutions for it, and then hopefully solve those problems. And if you are the facilitator in a meeting with either subordinates or other managers then you have to keep it on-track to ensure that it is productive.

The best way to accomplish this is to ask questions and also actively pursue the other participants to also ask or answer their own or others questions, using the Socratic method.

https://todays-training.com/2015/03/24/training-for-success/ That may sound a bit unusual, but it does work. The only issue is… asking the right questions of the participants.

The absolute first thing you need to establish is the intelligence level of your audience. If they are dull and plodding, communistic managers, with no creativity or original thoughts, then you may already be lost. On the other hand if you have a room full of Steve Jobs & Mark Zuckerberg’s then you may have an overabundance of people asking thought provoking questions, which could lead to over-thinking the problem to be solved.

Asking the right, and pulling the best, questions of the people in the room can either make or break the meeting. It can therefore lead to further success for both you & for the project, or the issue being described as a failure, which probably won’t do any of your careers any good. And the issue gets shuffled off to someone or somewhere else.

The issue with many meeting, and the authoritarian styles of management, is that they discourage questions and open engagement of the attendees. The decision for the meeting has already been made before they ever started. And the facilitator is not looking for 2nd opinions.

If the meeting is truly open ended and asking for solutions to the issue at hand then you need to not be embarrassed to ask your question. If you don’t understand something completely or if you don’t get it, ask! The fear of being judged as incompetent for asking will stop many people. In a group setting, other people have the same question. You can ask for all those who won’t, or who are scared to.

When you do decide to speak up and ask that question, then you must ensure that it follows the rule of being an educational question. Judgment questions are also acceptable in certain contexts. While it’s natural for both to be asked, educational questions are essential to facilitate results. Here are the differences between educational & judgement questions;

 

Educational questions will:

Focus on solutions

Will propose solutions

May be creative and out-of-the-box

Open-minded

Positive

Curious

Allows for the discussion of the proposed solutions by anyone

 

Those that are judgement questions are:

Much more negative

Focuses on problems that the issue has brought forth and that the solution may bring up,

Proposing solutions in a negative way instead of presenting them positively

Relies on ego

Argumentative on a proposed solution

Doesn’t give others a chance to present their solutions without shooting it down before fully explored

 

This is only a short list of the kinds of questions that should be asked. Remember that both kinds of questions can and should be asked. But as the meeting facilitator it is up to you to keep the meeting in line and on target. That may not be the easiest thing to do when you have differing opinions along with old dogs that refuse to learn new tricks.

Meetings can be used as a way for people to socialize and get away from work – to waste time. So how do you keep it on target? Fairly simple, I believe. If the conversation begins to wander off target steer it back to the original intention of the meeting. If you have to start at the beginning again, then… This will get their attention and get their minds focused back on the original issue. As the facilitator you need to ask open ended questions and have them think about their answers, much like you should train your employees or clients.

Asking open ended questions of the attendees will force them to think about the issue at hand and not wander off target. And if they insist on socializing, then simply ask “how does going out to dinner with the wife solve this problem of security…?” That will get their attention and possibly solicit a laugh which can also get your train back on the right track.

Treat your meetings as a training session and use the educational and judgement questions above to lead you and your team to a solution that hopefully will benefit everyone in the organization. And not all of your meetings need to be dull, plodding, & boring. Make them positive team building events and you’ll get much better engagement & solutions.

 

Robert D. Sollars is a recognized expert on security issues, specifically workplace violence. He’s spent nearly 33 years in the security field. Contact him at 480-251-5197 or Visit his Facebook page, one is too Many. Here you will read about other items related to security & WPV issues. Or be a twitter follower at @robertsollars2.

I May be Blind but my Vision is Crystal Clear

Workplace Violence (WPV) incidents for March

I learned of an incident in Baltimore at a facility of the Department of public Works, from the last week of February. 1 person was killed and the shooter gave himself up after 2 days and then committed suicide in his jail cell.

The new numbers for February:

February:   29 incidents   29 dead     40 wounded

 

Phoenix, AZ. March 1 (school)   0

Buckeye, AZ. March 2 (school)   0

Orange County, CA. March 3       2w

Newberg, OR. March 4 (school) 0

Philadelphia, PA. March 6            1w

Jacksonville, FL. March 7 1d 1w

Baltimore, MD. March 10              5w

Tampa, FL. March 12                       1w

Phoenix, AZ. March 13                   1w

Landover, MD. March 13               1d1w

Maricopa, AZ. March 17                 0

Jersey City, NJ. March 20              3w

Mesa, AZ. March 21(school)        4w

Studio City, CA. March 21             0

Phoenix, AZ. March 22                   0

Tucson, AZ. March 22                     0

Atlanta, GA. March 23                    0

Anaheim, CA. March 27                 0

Washington D.C. March 28           2w

Fontana, CA. March 30                   1d

Anchorage, AK. March 30 (school) 0

Richmond, VA. March 31              1d3w

March:  22 incidents    5 dead  23  wounded

 

Year-to-Date incidents: 74  Arizona: 26

37 Dead   82 wounded

 

You’ll notice that the numbers for the year are 42 incidents that I’ve counted. If you take the theoretical approach that means that I can count on more than 280 incidents of WPV this year. And the worst would be more than 130 dead and more than 325 wounded or injured, which of course doesn’t cover those psychologically traumatized for life.

With the Presidential election this year and contentiousness of the Republican, and increasingly on the democrat’s side, the number of reported incidents will slow down for the more interesting fiction of the candidates. If you follow the line drawn by the University of South Florida, 15 million assaults yearly, then you have to listen closely to the news to catch many of those, which would include arson, bomb threats, & the like.

 

Robert D. Sollars is a recognized expert on security issues, specifically workplace violence. He’s spent nearly 33 years in the security field. Visit his Facebook page, One is too Many, where you will read about other items related to security & WPV issues. Or be a twitter follower at @robertsollars2.

I May be Blind but my Vision is Crystal Clear

Donald Trump, security Professionals, & the GOP. Related?

This is not a political post, and let me also state emphatically that I do not support Trump. It is an interesting dilemma about the Republican nomination process, Donald Trump, & security professionals. The reason for this mix of subjects is that they are related in a sense of attitude.

Donald Trump is bringing up a few points that are hitting home with the American people and not the supposed establishment of the Republican Party. Let me elaborate what I have heard with rumor and innuendo, on several news channels.

#1 Trump is tapping into anger over the way politicians talk with talking points with the party line. And that line, can you then say corporate line? is not what the public and the grass roots of the party want to hear from a candidate. The grass roots want to hear genuine truthful, non-evasive words coming from their candidates. And that’s what he gives them, albeit not necessarily the whole truth.

#2 the grass roots are wanting a candidate that doesn’t say things for political expediency and just to get elected. They want one who will speak what’s on their mind, off the cuff, and not be politically correct. Trump does this, even if he has to back track and apologize on more than a few issues.

And every single candidate left in the field has their own flip flops to deal with, including Trump such as the abortion issue on MSNBC. Some can be attributed to a genuine change of heart. Others…eh not so much.

#3 the party is talking brokering the convention so that Trump is not the nominee. Basically this means that the party will continue on with an establishment candidate rather than what the people wants. Can we say a candidate that the establishment can control? Which is absolutely something they can’t do with Trump.

The question is, now that you’ve indulged me this far, is how does this equate to security? That point should be fairly easily made by the 3 points above. Security professionals, and those in the c-suite, do the same thing as the Republican establishment and against the grass roots. And sometimes it’s so obvious it’s painful when they try to deny it.

 

  • Too often security managers, or whatever their designation, speak with the corporate line talking points at all times. They are afraid to speak anything out of line with the corporate position. And this also includes the best practices, policies, procedures, & etc.
  • Security professionals rarely speak what’s really on their mind, especially if they are in a corporate job or in a security contractor. Why? Because they are afraid of, pardon the language, pissing off the clients and/or the C-suite.
  • And lastly, the last one feeds into the one directly above. Security professionals are at fault with this one, at all levels. I understand the need to control at all levels, but to control for simply controls sake… I don’t buy that excuse. From security officers to Facility leads/supervisors, Account Managers, Field Supervisors and further up the line…

 

Do you see the correlation now between Trump, the GOP, & the security profession? Far too many security professionals are in the mentality of the establishment. Or if you wish the 3 monkeys. ‘See no evil, hear no evil, and speak no evil’. This attitude is too prevalent in our profession. Whether we want to acknowledge it or not.

We follow conventional wisdom and do what we have to, to ‘not rock the boat’. And whether we work in a corporate environment, as a consultant, security company/contractor, or sales we all do what we have to do to get the sale and say what needs to be said to get what we want. And that isn’t necessarily the truth or what needs to be said.

If the security industry would start to speak what needs to be said instead of what the clients, c-suite, regional, or divisional level, want to hear we would all be in better shape. That’s how this post states what Trump, the GOP, & security pros say equates to each other.

If we have to say we’re sorry, so what? If we have to say we were wrong, so what? If we have to quote higher prices than what we did yesterday, so what? If we don’t follow the corporate line to a fault, so what? If we get fired or disciplined for doing something out of the norm and not following best practices, policies, or procedures., so what?

In today’s world we need to think about what may work and what may not. Terrorism, workplace violence, fraud, computer hacking & theft, and the myriad of other threats we face daily tell us we can’t be bound by conventional wisdom.

We need to think outside-of-the-box. We need to break the rules. Yes this means going against the policies, procedures, best practices, & guidelines at times and doing things that may go against the grain and rub the C-suite or legal department the wrong way.

But the question has to be this; does it accomplish the goal and does it get better appreciation from the employees or clients? And by doing these things, as Trump does will it come around to making money, whether directly or just adding to the bottom line.

You can’t run a business without taking risks

Richard Branson

 

Robert D. Sollars is a recognized expert on security issues, specifically workplace violence. He’s spent nearly 33 years in the security field. Visit his Facebook page, One is too Many, where you will read about other items related to security & WPV issues. Or be a twitter follower at @robertsollars2.

                              I May be Blind but my Vision is Crystal Clear