| 
"Bill Targets Abusive Educators"
Detroit News (06/14/05) ; Schultz, Marisa A raft of bills known as the Student Safety Initiative have been introduced by legislators in Michigan. One of the pieces of legislation would require employees of schools and day care facilities to report to their employers if they have been convicted of a felony or certain types of misdemeanors. In order to ensure that teachers are complying with the self-reporting requirement, the bill calls for a monthly criminal background check of teachers. Information in a state police database would be used to conduct the check. Those employees who fail to report that they have been arrested for a sex crime would face a two-year felony, and those who fail to report lesser crimes would face a one-year misdemeanor. The legislation, which aims to protect children from teachers and other employees who sexually abuse children, would prohibit sex offenders from working or volunteering at schools, day care centers, youth leagues, and playgrounds. Terms of the legislation also call for teachers with a sex offense conviction to have their teaching certification revoked, and the legislation would allow evidence of previous sexual assaults or child molestation to be admitted in court.
(go to web site) "Sometimes It Feels Like Somebody's Watching Me"
Baltimore Sun (06/12/05) ; Dwyer, Kelly Pate Over the past eight years, there has been a three-fold increase in the number of background checks run by employers on their employees. This increase has been fueled not just by security concerns but by the increasing ease with which background information can be obtained and by lower costs for the information. In addition, the background checks are not limited to new employees--many companies are re-checking their employees on an annual basis, says Background Information Services President Jason Morris. Background screeners typically charge between $25 and $200 for a background screen, and factors that affect the price include the employee's responsibility level and how much business the screener does with the client. If employers decide not to hire a job applicant because of information revealed by the background check, they are required by the Fair Credit Reporting Act to inform the applicant of this. However, Tena Friery of the Privacy Rights Clearinghouse says that many managers fail to comply with this requirement and instead simply tell applicants that they were not as qualified as another candidate. In cases where a job applicant has been denied a job because of incorrect information in their background records, they have no legal options unless they can prove that the background screening company or employer acted with willful conduct or negligence, says employment attorney Joe Harkins of Littler Mendelson.
(go to web site) "BJ's Lost Credit, Debit Information FTC Says"
USA Today (06/17/05) BJ's Wholesale Club and the Federal Trade Commission have reached an agreement for the retailer to tighten its security for credit and debit card information in an effort to settle allegations that it did not provide enough protection for consumer data. However, BJ's did not admit or deny wrongdoing in the matter. The retailer will have its security system audited every two years over the next two decades by an independent expert to ensure that consumer data is protected from hackers and other criminals. Meanwhile, BJ's has had to set up a reserve to settle claims of fraud and other charges related to its security breach, and legal experts estimate that there is $13 million in claims outstanding against the firm.
(go to web site) "Shoplifting Becoming Organized Robbery"
Springfield News Sun (OH) (06/09/05) ; Loew, Ryan So-called "group shoplifting," in which groups of shoplifters plan their actions ahead of time, boldly steal merchandise from a store, and run out of the establishment, is becoming a major problem both in Ohio and the rest of the United States, according to Gene Kelly, the sheriff of Clark County, Ohio. Security measures are of no concern to group shoplifters, and group shoplifting also comes with a greater likelihood of violence, Kelly says. "They have no regard for store security cameras, anything," he states, adding that the shoplifters are focused only on getting what they want and getting out of the store. On June 7, three women used group shoplifting tactics at a store located at Ohio's Upper Valley Mall. Video footage from surveillance cameras at the store shows the women running out with arms full of clothing and into a waiting car in front of the store. As the car roared off, it struck and killed a 49-year-old pedestrian. Kelly believes that stores need security guards--preferably armed off-duty police officers--to mitigate the potential for violence associated with group shoplifting. A representative of a local security company says that the best way to fight group shoplifting is to have more than one security guard on duty, including guards in the parking lots, and notes that female shoplifters tend to steal clothing and jewelry, while male shoplifters tend to steal electronics. "Some Hurting for Their Paycheck"
Bakersfield Californian (06/15/05) ; Vance, Christina Cab drivers are 10 times more likely to be killed on the job than the average worker, and security guards and police also have higher-than-normal chances of being murdered while working, according to the U.S. Bureau of Labor Statistics. The most recent statistics from 2003 show that there were 16 at-work homicides in the retail sales industry in California that year, the most of any profession in the state. Five of the 16 who were slain were cashiers. Also that year, 10 cab drivers in California were killed, as were six police officers and five security guards. The Bureau of Justice examined incidents of workplace violence from 1993 to 1999, determining that 11 percent of all attacks during that period were attacks on police. The bureau also determined that workers in the following professions were at higher-than-normal risk of being attacked at work: convenience store employees, teachers at junior high schools and high schools, bartenders, cab drivers, and nurses. Of the at-work robberies committed during that period, 40 percent were committed against transportation workers or retail sales workers, including taxi drivers and clerks.
(go to web site) "Diffuse Weapons of Morale Destruction in the Office"
Washington Business Journal (06/16/05) Vol. 24, No. 6, P. 43 ; Dalton, Francie Workplace attackers can hinder employee productivity, as they are hostile, angry, quick to criticize, and condescending. Workers who are attacked by their bosses would be wise to transfer to another position within the firm or seek employment elsewhere, as complaints to human resources and formal actions against the attacker are rarely successful. Those who are not as emotionally affected by the attacker as their co-workers could serve as the primary point of contact, fostering good relationships with colleagues who no longer have to deal with the attacker and creating a reputation among senior executives for being strong and secure. Attackers in lower positions threaten team morale, so supervisors would be wise to institute a 360-degree feedback process to make themselves aware of the attacker's actions. They should provide training to help team members deal with the attacker's behavior and change workflow so that they do not have to interact with the attacker. While termination may appear to be the best means of eliminating an attacker, many are top revenue generators, experts in their fields, and the best at forging loyal relationships with clients, note experts.
(go to web site) "HIPAA Opinion Clouds Health Privacy Liability"
BestWeek (06/13/05)No. 24, P. 1 ; Lehmann, R.J. Hospital and insurance-company employees are not directly liable for violations of the Health Insurance Portability and Accountability Act (HIPAA), according to Principal Deputy Attorney General Stephen Bradbury of the U.S. Department of Justice. Bradbury says health plans, health-care providers, health-care clearinghouses, and Medicare prescription-drug-card providers can be held directly liable, but employees of these entities are exempt unless the illegal action was "within the scope of their employment." Former Seattle Cancer Care Alliance phlebotomist Richard Gibson is the only person to be convicted of violating HIPAA's privacy rule, but the Bradbury ruling is pushing his conviction into the spotlight. According to Philadelphia-based attorney John Washlick, "If an employee was to prostitute protected health information--sell it, in some fashion, whether they gather it or use it--most likely, they're not going to be prosecuted, unless that person was an officer or director, where it would be under general criminal liability principles." The Health Privacy Project is concerned that the ruling will prevent patients from telling their doctors everything for fear of discrimination and stigma.
(go to web site) "When You Suspect Fraud"
Journal of Accountancy (06/05) Vol. 199, No. 6, P. 82 ; Wells, Joseph T. Business owners or managers who suspect that employees may be committing fraud may want to retain the services of a certified public accountant to provide expert testimony regarding how funds can be stolen from a company through accounting manipulation. The expert may be retained either directly or through an attorney, which is often preferable because any work an accountant performs through an attorney is protected as an attorney work product. An investigating accountant can determine how a fraudulent employee embezzled funds, gathering paper and electronic evidence and establishing patterns of behavior that enabled theft. Physical evidence is particularly important; the strength of such evidence is usually the determining factor in the case. The expert accountant's most important role, however, is generally to explain the mechanism of the fraud in a clear and concise manner that is easy for non-experts to understand.
(go to web site) 
"Administration to Seek Antiterror Rules for Chemical Plants"
New York Times (06/15/05) P. A18 ; Lipton, Eric Homeland Security Department Secretary Michael Chertoff has decided that the time has come for the federal government to regulate the U.S. chemical industry to ensure that chemical facilities across the United States are adequately protected from terrorism. One of Chertoff's top deputies, Robert Stephan, is scheduled to appear before both the House and Senate on Wednesday, where he will tell lawmakers that the department wants the chemical industry's security measures to be regulated. The department has concluded that chemical companies' voluntary efforts to increase security have been insufficient. "It has become clear that the entirely voluntary efforts of those companies alone will not sufficiently address security for the entire sector," Stephan says in testimony he will share with Congress. "The department should develop enforceable performance standards based on the types and severity of potential risks posed by terrorists." There is significant opposition to regulation within the industry, and a representative of both the National Petrochemical and Refiners Association and the American Petroleum Institute will testify that "chemical security legislation would be counterproductive." Sen. Susan Collins (R-Maine) said she is optimistic that regulation will be approved by the Senate by year's end.
(go to web site) "New Security Coming to County Airport"
Saratogian (NY) (06/14/05) ; Kinney, Jim All 500 small airports in the state of New York must submit a security plan with the state government and law enforcement agencies by late July in order to comply with terms of the state's 2004 anti-terrorism law. New York is the only state in the nation requiring aviation airports to submit security plans, according to state Department of Transportation spokesman Peter Graves. The airports must submit their security plans to the state police, state Homeland Security, and state Department of Transportation. Graves said that airports must ensure that hangar buildings are locked and that airplanes are double-locked both externally and internally, including hatches and cockpit doors. Saratoga County Airport's security plan calls for people, cargo, and baggage to be identified and for planes to be locked down. The airport's security plan aims to identify "who and what is around the facility," said county Public Works Commissioner Joe Ritchey, noting that the state would like Saratoga County to establish a neighborhood-watch-style program for the airport. Existing security measures at Saratoga County Airport include lighting and a sign-in procedure for out-of-town pilots, Ritchey stated. A computer-access gate might also be installed, he added.
(go to web site) "Airport Device to Ease Need for Pat-Down"
New York Times (06/16/05) P. A16 ; Lipton, Eric The Transportation Security Administration announced Wednesday that 162 air-puffing machines capable of detecting trace amounts of explosives will be installed at the 40 busiest airports in the country by the end of this year. The puffer machines will detect explosives as passengers pass through airport security checkpoints, meaning that airport security screeners will be able to dramatically reduce the number of physical pat-downs of airline passengers, officials said. Each machine is capable of handling about 180 passengers per hour, but only about 15 percent of all passengers--those who are asked to undergo a second round of screening--will need to walk through the puffer machines. Each machine costs about $140,000.
(go to web site) "State Tracks Use of Security Grants"
Fort Wayne Journal Gazette (IN) (06/11/05) ; Kelly, Niki The state of Indiana is in jeopardy of not being reimbursed by the federal government for some $23 million in homeland security funding because the money was not distributed to counties properly, according to Gov. Mitch Daniels. The $23 million may not be recoverable because the state advanced the funding to counties instead of waiting for the counties to make purchases and then reimburse them, a violation of federal rules. "People shoveled money out the door in direct disregard of a very obvious requirement that the federal government is not going to reimburse the state that money unless we can prove where it went and that it went for its appropriate purposes," said Daniels. The state is now requesting that all 92 of the state's county emergency management directors provide receipts for how they spent their share of the $23 million. Those counties that cannot produce the requested paperwork will be asked to refund any unspent money. If counties can provide a timeline and plan for spending their remaining funding, the state will give the funding back to the counties.
(go to web site) 
"Bluetooth Gear May Be Open to Snooping"
Wall Street Journal (06/16/05) P. B1 ; Winstein, Keith J. The Bluetooth wireless communication standard is vulnerable to being cracked by eavesdropping devices, according to a presentation unveiled by two Israeli researchers last week. The researchers made their presentation at the Association for Computing Machinery's mobile systems specialists conference. Counterpane Internet Security CTO Bruce Schneier, calling the Israeli researchers' presentation "really impressive," said that Bluetooth was designed sloppily with little regard for security. Bluetooth-enabled devices link together through identification of a special security code and set of randomly generated digits, but most of the top headset makers use the same unchangeable security code--0000--meaning that eavesdroppers need only find out the random digits to crack a device. The Israeli researchers said that eavesdroppers could use a special, disruptive signal that would require a Bluetooth user to retype the security code. This would create another random number that potentially could be captured by the listener and used in conjunction with the 0000 code to tap the connection. Handheld computers and other Bluetooth devices permit users to enter their own strings of security code, and the organization responsible for developing Bluetooth standards recommends that these strings consist of at least 16 numbers and letters. However, many device makers allow the strings to be composed of as few as four numbers, and the researchers noted that a PC can uncover such a string within one-tenth of a second.
(go to web site) "Companies Ramping Up E-Mail Monitoring"
CNet (06/08/05) ; Frauenheim, Ed A Proofpoint survey determined that 36.1 percent of companies employing more than 1,000 employees analyze outbound email, with another 26.5 percent planning to implement email analysis in the near future. The survey found among companies with more than 20,000 employees that email analysis is even more common with 40 percent of such companies employing staff to analyze email. The idea is to prevent staff from using email to leak intellectual property or trade secrets, prevent attackers from stealing valuable information, and ensure compliance with financial disclosure regulations. The survey also determined that over 30 percent believe email was responsible for a leak of important information over the last year, and over 20 percent of companies fired at least one employee for violating email security rules in the past year. A recent American Management Association and ePolicy Institute study determined that more companies are monitoring how employees spend their time at work, with 55 percent of surveyed companies admitting to monitoring employee emails. The increase in employee monitoring opens up the issue of privacy versus security.
(go to web site) "What to Ask When Evaluating Intrusion-Prevention Systems"
Computerworld (06/08/05) ; Walder, Bob When evaluating intrusion-prevention systems (IPS), which monitor corporate network traffic and stop viruses and other dangerous data from entering the network, companies must remember that quantity does not always mean quality and that although protocol decoders are useful in some situations, well-written signatures are often good enough and less expensive, writes Bob Walder, director of independent security testing facility the NSS Group. Companies need to be concerned about products that arrive with IP fragment reassembly or TCP segment reassembly disabled by default, because such a default is often a sign that the system is too slow. Walder says the most effective IPS products have signatures written to detect underlying vulnerabilities rather than specific attacks, so that a mutation of an attack can still be blocked by the signature without an upgrade. The number of expected false-positive reports is good to know, but even with well-designed tests, the true number of false-positive reports cannot be determined until a specific company implements the system and begins using it, explains Walder. Therefore, Walder warns that independent test reports are good sources of evaluation, but reliance on such reports is not enough. Companies need to spend the time and money on fully testing a wide variety of different solutions to find the best fit, he says.
(go to web site) Abstracts Copyright © 2005 Information, Inc. Bethesda, MD | 
2 comments:
buy valium 5mg valium to sleep - valium high dose
xanax without a perscription xanax vs ambien - xanax effects on blood pressure
Post a Comment