Helpful Links:

www.asisonline.org

www.fbi.org

www.snopes.com

www.aesrm.org

www.csoonline.com

www.ic3.gov/default.aspx

www.cia.gov

www.state.gov

www.asis-boston.org

www.mass.gov

www.isaca.com

www.infragard.net

www.cnn.com

www.linkedin.com

Chairperson’s MessageI got into this business almost 35 years ago. I was a third shiftsecurity officer at a hotel. It was 1974 and I had no idea what Iwas doing. There was no training provided, just a direction...“walk around and let us know if you see something. And, ohyeah, here’s how you use a Detex clock.” Thus was my entranceinto the world of security. Since then I have learned a lot. On oneside, I have learned about access controls, CCTV, night visionsystems, detection systems of all types, forensic tools anddevices, DVRs and NVRs, IDS for networks and all the other“techno-whizbang things” we get to play with. On the other side,I have learned about the value of relationships, understandingbusiness models, P&L statements, risk management, people

management, convergence of physical and logical security models, crisis communica-tion, disaster planning and business continuity and a host of other “business” things.” My professional development has been the wonderful confluence of on-the-job trainingand formal educational opportunities. It is something I still pursue everyday. I like tochallenge myself! There is just so much new to learn every day. Yet, some people Iknow see no value in questioning what they know. They’ve formed their ideas and opin-ions and when asked about most anything - the answers to them are obvious. I justcan’t help feel like they are missing something... The Boston Chapter of ASIS International is committed to helping you in your own pro-fessional development. Take a look at our Strategic Plan again at http://www.asis-boston.org/docs/2010_strategicplan.pdf. Goals 1, 2, 3, 5 and 6 are all aboutProfessional Development. This year our Chapter has once again offered a CPP classto our members and are looking at doing a second one in the fall. We have establisheda LinkedIn page where you can share ideas, ask questions or connect with another pro-fessional. We had three outstanding educational sessions at our April Security Expo. We have established a Placement and Membership Committee who are working on a Mentoring Program. Our Education Committee is going to be providing at least twoopportunities for specific professional development programs. Our newsletter has beenre-vamped to ensure specific educational topics as well as articles of general interestare included in each issue. No matter how brief or how long you have been in your field, there is always somethingnew to learn....or, perhaps, even an old lesson to learn anew. So, go ahead. Find some-thing you want to learn, something you want to do better, or just a skill set you want torefresh. Step out and challenge yourself and what you think you know. Maybe thissounds a little risky for you? If so, remember... it is only at the end of the limb where thefruit grows!

Dick Parry, Chairperson, Boston Chapter

2

Chairman’s Message 1ASIS National & Intl Events 2Upcoming Local Events 3Newletter Submissions 3Treasurer’s Report 3New Members 4New Boston Chapter CPPs 4Regional VP Message 4Members on the Move 5

IRC Update 5EXPO Review 6Career Opportunities 8CPP and PSP Review Questions 10Legislative Rewiew 12 Member Profile 13 Social Networking 14 For Security Practitioners 15 Leadership & Committees 17

Table of Contents

Upcoming ASIS National and International Events

ASIS

May 17 - 19 Organizational Resilience: Implementing and Auditing the Philadelphia, PAASIS American National Standard

May 17 - 20 APC II: Practical Applications Philadelphia, PA

May 19 Developing a Strategic Mindset: How to Become a WebinarTrusted Strategic Advisor

June 14 - 17 APC III: Functional Management Tucson, AZ

June 23 Cloud Computing and Software-as-a-Service: An Overview for Webinar Security Professionals

June 29 - 30 Securing the Pharmaceutical Supply Chain Cambridge, MA

June 30 Finding Franchise Fraud – Developing a Best Practice Review Webinar

July 12 - 13 Corporate Investigations: How to Conduct Proper and Chicago, ILEffective Internal Investigations

July 12 - 14 Physical Security: Advanced Applications & Technology Chicago, IL

July 14 - 16 Organizational Resilience: Implementing and Auditing the Chicago, ILASIS American National Standard

July 19 - 20 Executive Protection Charleston, SC

July 21 Realizing the Return on Security Investment – An Industry WebinarBest Practice

Sept 13 - 15 Organizational Resilience: Implementing and Auditing the San Diego, CAASIS American National Standard

Complete calendar of ASIS events: https://www.asisonline.org/store/calendar.xml?year=2010#04

3

Upcoming Local Events

ASIS

May 20 Dinner Meeting Boston Marriott Hotel Speaker: Rebecca Coburn, CPP, CHPA, Mass General Hospital Newton, MATopic: An International Medical Surgical Response Team

Insider’s Look at Haiti in CrisisJun 7 - 9 Facility Security Design Boston, MAJun 10 Public Safety Luncheon Lantana

Speaker: TBD Randolph, MAJun 17 Annual Manning Golf Tournament Wayland Country Club

Wayland, MAJun 29 - 30 Securing the Pharmaceutical Supply Chain Hyatt Regency

Cambridge, MA

Aug 13 Pawtucket Red Sox v. Buffalo Bison Pawtucket, RI

INCOME

Advertising . . . . . . . . . . . . . . . . .$200.00EXPO 2010 Guests . . . . . . . . .$2,760.00EXPO 2010 Vendors . . . . . . . .$16,904.00Raffle Income . . . . . . . . . . . . . . . .$79.00Meeting Income . . . . . . . . . . . .$1,003.69

TOTAL INCOME . . . . . . . . . . .$20,946.69

EXPENSESBank Charges

AMEX . . . . . . . . . . . . . . . . . . . .$184.13RBS . . . . . . . . . . . . . . . . . . . . .$49.94Other . . . . . . . . . . . . . . . . . . . . .$10.44

EXPO 2010 . . . . . . . . . . . . . . .-$5,036.33Meeting Expense . . . . . . . . . . .$2,681.52Web Site . . . . . . . . . . . . . . . . . . .$268.00

TOTAL EXPENSES . . . . . . . . .-$1,842.30

NET INCOME . . . . . . . . . . . .$22,788.99

ACCOUNT BALANCESPrimary Checking . . . . . . . . . . .$65,481.75Internet Account . . . . . . . . . . . .$16,292.90Manning Fund . . . . . . . . . . . . . . . .$152.15Goodman Fund . . . . . . . . . . . . . .$9089.60

Treasurer’s ReportMarch 2010Newsletter Submissions

Calling All Members The Boston Chapter is looking for news stories.

• Do you have newsworthy information that you'd like to share?

• Do you know of an upcoming event that others may have an interest in?

• Do you know any members who have been recognized for their professional accomplishments? Been promoted? Changed jobs? Graduated? Written a white paper? Attained certification?

Let’s share success! Forward all stories/leads to communica-tions@asis-boston.org. Content for the June edition must besubmitted by Monday, May 16th.

Cops For Kids With Cancer – 4th Annual BenefitThursday, May 6, 2010

Enjoy a night of good food, good entertainment and good friendswhile you support children with cancer and their families. Join usat the Florian Hall, 55 Hallet St., Dorchester, featuring comedianPaul D’Angelo. Cocktails from 6-7p.m. with dinner and entertain-ment to follow.Tickets are $40 per person. Make checks payable to: Cops ForKids With Cancer. For more information contact: Detective MaryMcInness, Boston Police Headquarters,at 617-343-4300 orRobert Faherty at 781-843-3904.

4 ASIS

Listing of New Boston Chapter ASIS Membersas of January 1, 2010 to March 31, 2010

New Boston Chapter ASIS CPPs as of1st Quarter of 2010

The Boston Chapter of ASIS Wishes to Welcome Our New 2010 Members Christopher Alonso Sovereign BankStephen D Arnold, Jr Vertex PharmaceuticalsKevin J Callahan New England Baptist HospitalJames Capone PfizerJohn R Carmichael IQinVisionLinda Clifford Clifford Investigative ServiceBrent L Davenport Infrastructure Design IncRyan F Fawcett National Security Prot SvcsCharles S Hanko Massachusetts State PoliceGreg D Hannes Schneider ElectricPaul F Harris MITDavid M Hillman Iverify.usKevin M Kropiwnicki Faneuil Hall MarketplaceJonathan Geribo Levis Electrochem SolutionsRobert W McGrath Staples IncTeri A McLaughlin Sanofi Pasteur BiologicsRalph Nerette Dana-Farber Cancer InstituteRaymond Roane Sanofi Pasteur BiologicsRichard E Smith Wakefield Police DeptThomas E Smith GTC Biotherapeutics LLCJohn E Thornton US Food and Drug AdminBrian H Webber Apollo Security

Frey J BombielaAndres A BurgosCorey K CottaPeter DiDomenicaKenneth P DubinskiLeo S EliassonElizabeth G EstienneKenneth J HansonTodd C KaplanGary KettleMatthew T Leclerc

David P. Corbin, CPP Faulkner Hospital Daniel C. Martin, CPP Lantheus Medical Imaging

Well, spring is finally here and many Chapters are beginning their spring and summer event calendars. Manygolf events will take place and will provide a great chance to raise funds for our scholarship funds. I look for-ward to attending as many events as I can.

Please use this time of year to help Region 18 of ASIS International by taking on a support role in Chapterevents. Once you take the leap, I am sure you will see how much fun and energy each chapter team has.

On August 13, 2010, we will host our 2nd annual Pawsox BBQ event for Region 18. This is a chance for allChapters to come together and network. I hope that again this year the members of the IAHSS will join us.Please feel free to reach out to other security professionals and invite them as well.

Let's continue to move ASIS International forward as a strong, solid security resource for our communities;Region 18 continues to be a leader!

Happy Spring!!!!!!Bob Johnson, RVP, Region 18

Message from Our Regional Vice President

IRC Update

The Jan-Feb listing of the new security resources added to the O.P. NortonInformation Resources Center (ASIS Library) Security Catalog/Database,has been released.Highlights include:“Careers in Corporate Security”A 2009 50-minute audio presentation hosted by Henley-Putnam Universitycan be found at http://www.henley-putnam.edu/594-238.htm "Using LinkedIn to Advance Your Career in Strategic Security"A 30-minute webinar led by Dan Sommerhttp://www.henleyputnam.edu/templates/hpu/downloadables/audio/Sommer_30Jun2009.wmv“Professional Practices for Business Continuity Practitioners”Published by DRI International in 2009, this document addresses manag-ing business operations under adverse conditions through the introductionof appropriate resilience strategies, recovery objectives, business continu-ity, operational risk management considerations and crisis managementplans. https://www.drii.org/docs/profprac_details.pdfAcademic Institutions Offering Degrees and/or Courses in Security Otherresources may be found online at http://www.asisonline.org/library/mem-ber-secure/acquisitions.xml.

Members on the Move

Phil Mooney, Loss Prevention Manager at Bose Corporation, took part in the Walk Festival on Sunday,May 2nd, to raise money for the Providence Ronald McDonald House. Bose Corporation matched dona-tions up to Phil’s fund raising target. Congratulations to Phil on his participation in the Sunday Walk Festival.

5ASIS

Let's All Go Out to the Ball Game. Please join with our ASIS International Region 18 colleagues for agreat night at McCoy Stadium. See page 16 for more info.

Team ALLIEDBARTON is riding to raise thousands of dollars for the Dana Farber Cancer Institute.AlliedBarton Security Services New England Management Team is very excited to be participating in its firstPan Mass Challenge. They have never done a bike ride across Massachusetts before -- in fact, two of theteam members need to buy bicycles -- but all are absolutely pumped for this ride. The Team Riders are:

Deo Arruda -- New England Vice President of OperationsPaul Caruso -- Senior District ManagerDean DaSuta -- Business Development ManagerMike Montuori -- District Manager

To support the DANA FARBER CANCER INSTITUTE & TEAM ALLIEDBARTON use this link:http://www.pmc.org/profile/TA0066/

EXPO 2010 Review

The Security Expo 2010 was a smashing success, filled with opportunities to connectwith colleagues, view the latest technology advances and learning from our renownguest speakers.Cybercrime InvestigationsJeffrey Bedser, the founder and Chief Executive Officer (CEO) of ICG, Inc., guided the audience through anabbreviated course that delineated how to approach internet and cybercrime investigations. He shared anumber of valuable tools used to conduct these types of investigations. Jeff cited two headline cases involv-ing social networking that illustrated the complexities and challenges associated with cybercrime investigations.Diversity of Violence PanelThe panel was comprised of three distinguished experts who spoke respectively on violence in the workplace,domestic relationships and in the school environment. Bonnie Michelman, CPP, CHPA, the Director of Police,Security and Outside Services at Massachusetts General Hospital, reviewed three significant workplace vio-lence incidents, providing an analysis of their impact on the business, as well as detailing the recoveryprocess. Dr. David Adams, Co-Founder and Co-Director of Emerge, discussed the latest domestic violencetrends and provided insights into convicted abusers psyche based on interviews conducted for his book enti-tled “Why Do They Kill? Men Who Murder Their Intimate Partners.” Guy Rossi, a former Police Sergeant andcurrent Program Coordinator of Curriculum Development for the Homeland Security Management Institute ofMunroe Community College, showed a YouTube video (http://www.youtube.com/watch?v=IMkoNePKfsE )

6 ASIS

Bonnie Michelman, CPP addressing the Security EXPO 2010 luncheon attendees

continued on page 7

EXPO 2010 Review

depicting a myriad of highly publicized school relatedshootings. Guy presented contributing societal factorsaffecting school violence and elaborated on activeshooter incidents and trends.Keynote Speaker - Greg Nelson, a nationally recog-nized leadership expert, delivered a thought-provokingand interactive presentation. He challenged us as lead-ers to control the aspects of our team that are in ourcontrol. Specifically, we can control our body languageor ‘personal attributes’ as well as our ability to createpositive team communications. He was entertaining andinformative. A link to his presentation will be availablesoon for attendees.

7ASIS

We service our clients best,when we serve our employees first.

100 CambridgeSide PlaceCambridge, MA 02141office: 617.621.2900fax: 617.621.2911

UMass students visiting one of 139 vendor booths

Jeff Bledser giving his talk on Cybercrime InvestigationsWorkplace Violence Diversity Panel

continued from page 6

8 ASIS

Career Opportunities

Account Executive - Security & Fire Under general direction, develops long-term customer relationships with assigned accounts such as contractors,consulting engineers or owners. Maximizes account penetration of assigned accounts by serving the full spectrumof needs of the accounts with the full spectrum of the Security and Fire offering. Seeks for Johnson Controls tobecome the preferred supplier of Systems and Services to the assigned accounts (“last look” with contractors,“default spec” with consulting engineers, “trusted advisor” with account owners). Ensures customer retention ofassigned accounts. Partners with other sales representatives and/or agents to maximize profit generation fromaccounts through influence on specifications (owners, consulting engineers) and market pricing (contractors).Utilizes sales tools to plan and document progress as well as increase business opportunity in accounts. Obtainsand closes sales on a monthly basis. Achieves annual sales plan and obtains and closes sales on a monthly basis.Principal Duties:1. Builds partnering relationships with the assigned accounts to drive the penetration of the Security and Fire

offering. Maintains frequent face-to-face contact with the customers who most directly influence penetration. Actively listens, probes and identifies concerns. Addresses concerns and performance lapses. Understands the customer’s business and speaks their language. Develops credibility, loyalty, trust and commitment.

2. With assigned contractors, consistently makes take-offs and bids the full spectrum of projects with the full spec-trum of Johnson Controls offerings. With assigned consulting engineers, consistently drives specifications of thefull spectrum of projects towards the Johnson Controls offering. With assigned owner accounts, consistently drives favorable specification.

3. Leads or teams with colleagues on individual projects based on account assignments. Honors the credit split guidelines.4. Develops relationships with internal operations and administrative staff to ensure customer satisfaction, and

effectively and efficiently address issues.5. Keeps management informed of progress and account status. Leverages management with accounts, when

and where appropriate.6. Manages receivables balances in line with Johnson Controls objectives and policies.7. Utilizes applicable sales tools effectively (SMIS, Account Management, Account Plan and TAS) to plan and

document progress as well as increase penetration of accounts.8. Leads the sales team by building and fostering team relationships to ensure customer satisfaction. Solicits

support from and communicates effectively with internal staff. Develops relationship with Solution and Service sales organization to exceed customers’ expectations. Owns and facilitates the customer relationship.

9. Assists in the development of the team sales and marketing plans and strategies. Aides in the implementation of these strategies and action plans. Targets new customers based on account management and market strategies.

10.Participates in professional organizations.Quantitative Measures:Sells the complete breadth of Johnson Controls Security and Fire offerings: Consistent in $2 million or more in salesAccount Management Expectations:

• Demonstrates superior Account Management skills • Manages 2-4 Target Accounts • Manages 5 Managed / Maintained Accounts • Handles Key Accounts

Bachelor’s degree in business, engineering, or related discipline required. MBA preferred. Excellent initiative, andinterpersonal communications skills. Demonstrated ability to influence the market at key levels. Ability to travel50%.Interested applicants please apply online at www.johnsoncontrols.com and job search # 46392.

Senior Account Executive Reports To: Sales Manager Primary purpose: Responsible for making regular and effective calls on end-users, general contractors,electrical contractors, engineers, design firms, and architects in order to meet and exceed $2,000,000 annualrevenue quota, and gross margin sales objective. The Senior Account Executive is responsible for identifyingand establishing new business relationships with Fortune 1000 type corporate accounts. Also, maintain andfurther develop established accounts. To be the customer's single point of contact for all integrated securitysolutions and support in a fast paced, multi-task environment. Qualifications:

• 5+ years experience selling enterprise level security, IT, or telecommunications solutions. • Self-motivated, results oriented and aggressive sales personality who enjoys the thrill of closing new business.• Consistently among top 20% of all sales representatives in past positions.• Previous experience selling to a business decision making influence that includes CEOs, CFOs, and

CTOs and top facilities and security management. • Solid job stability with average job tenure of 3 years or more. • Bachelors Degree or equivalent industry and sales experience.

How to apply: Email resume to csr@cglsecurity.com. Be sure to provide your email address and contacttelephone number.

Career Opportunities

9ASIS

Certification - Test Your Knowledge – Mark H. Beaudry, CPP

CPP and PSP Review Questions. 1.Holding evidence from the time of its recovery until presentation in court is best accomplished by:

a. two people b. the lead investigator c. few people as possible d. only police officers

2.What is the “theft triangle.” a. date, time, person b. motivation, desire, access c. motivation, attitude, risk d. motivation, opportunity, rationalization

3.The type of investigation that best serves the interest of the corporate organization is the: a. internal theft inquiry b. due diligence investigation c. fraud inquiry d. pre-employment background check

Answers on page 13

10 ASIS

It’s time again for golf,

fun, B-B-Q, and

camaraderie

with a little

competition

thrown in!!

• Four Person Scramble —allowing even new golfersto enjoy the day.

• Team Competition — puttogether a team or two and compete against each otherfor one of the top threetrophies.

• Individuals — we’ll team youup with others who aren’t ona team.

• B-B-Q — grilled steakand chicken in the airconditioned functionroom.

Wayland Country Club

121 Old Sudbury Rd.

Wayland, MA

June 17, 2010

The last fiveyears sold out so

don’t miss out!Book your spot

EARLY!

Registernow at www.

asis-boston.org

18th Annual J.P. ManningMemorial Golf Tournamet18th Annual J.P. ManningMemorial Golf Tournament

Boston Chapter

12 ASIS

Legislative Review

Biometrics Restriction Defeated by New Hampshire Legislature by Matthew Harwood

A bill that would have severely restricted the use of biometrics by private businesses and government agen-cies in New Hampshire was overwhelmingly defeated yesterday by the state legislature.

The bill introduced in January would have banned the use of biometrics in identification cards issued by thestate and private entities, except in the case of employee identification cards. The bill also barred a state orprivate group from requiring individuals to submit biometric information as a condition for doing business.

Biometrics refers to the practice of verifying a person's identity through biologically unique identifiers. Themost commonly used biometric is a finger print, although other biometrics include DNA, facial features, irisrecognition, and vocal patterns.

The bill sponsored by Republicans Rep. Neal Kurk and Rep. Daniel Itse was defeated 267-39 by divisionvote, which only records raw numbers. Prior to the vote, a representative from the Alexandria, Virginia-basedSecurity Industry Association traveled to Concord to lobby Kurk and other lawmakers for the bill's defeat.

“We are very pleased that New Hampshire residents will not be denied the use of this important security tech-nology,” SIA Director of Government Relations Don Erickson said in a statement yesterday. “This bill grew outof misperceptions regarding supposed threats to privacy, but biometrics can make people safer while, at thesame time, protecting their identities."

Erickson told Security Management that SIA opposed the bill on multiple grounds. He said the bill's languagewas too broad and would deprive businesses of providing their customers with a cutting edge technology thatpromotes security and privacy rather than eroding it. In January, Erickson issued a statement with similararguments, stating the bill would irresponsibly restrict the use of biometric identity verification by businesses,schools, colleges, hospitals, and government agencies. He contended the legislation "would expand thereach of state government into the decision making authority of local governments and private, tax-payingbusinesses."

Long term strategic concerns also factored into SIA's lobbying in New Hampshire. Erickson said SIA alsoworried that the New Hampshire bill could cause a domino effect to occur, with more and more states enact-ing similar legislation that could culminate in federal limitations

Lillie Coney, associate director of the Electronic Privacy Information Center, a digital civil liberties group inWashington, D.C., said the bill's defeat creates an opportunity for New Hampshire to discuss protecting per-sonal information.

"Policy decisions around the collection, retention, use, and sharing of personal identifiable information needthorough debate," she said. "Ultimately, when personal information is involved it should be protected by fairinformation practices." The Code of Fair Information Practices, according to Coney, outlines the rights individ-uals should have to their personal information .

"One of the things SIA members do very well with customers is they explain how the technology is used,how [information] is stored, how it's collected, and overall how it promotes privacy," Erickson said.

© 2010 ASIS International, 1625 Prince Street, Alexandria, VA 22314. Reprinted with permission from theMarch 2010 0nline issue of Security Management Magazine.

When Alan Snow greets you, a warm smile spreads across his face and itquickly becomes clear that he has a talent for connecting with people. As theDirector of Safety and Security for Boston Properties, his role is to lead byexample. Not surprising that the indispensable element that underlies thenotable Prudential Center security program is strong customer service skills.For the past 12 years, his role at the helm of security for Boston Propertieshas evolved with increasing responsibility and unforeseen challenges. Today,Alan oversees the security and safety of the Prudential Center, its retailspace, as well as 50 other properties throughout Massachusetts. Alan’sunpretentious management style and business approach gives insight to theorganization’s transformation from a traditional security program to a multi-dimensional prototype that incorporates three unique divisions each with dis-tinct skill sets - the highly specialized Patrol Division, the customer centricOffice Division and the state of the art Boston Properties Control Center.

Alan began his career in security at the age of 18. After attaining a BA in Criminal Justice from NortheasternUniversity, he moved on to Corporate Security at Bank of Boston where within a short period of time anopportunity presented itself for a Security Manager position. Alan convinced upper management that he wascapable of handling the responsibility. They agreed and he was promoted. He was 26 years old. As a youngsecurity professional, Alan recognized the value of becoming a member of ASIS in 1985 and obtaining hisCPP in 1989. Though it was a great personal achievement, Alan admits “At the time, no one outside theindustry knew what ASIS stood for or the value of the CPP certification. However today, the CPP is a recog-nized differentiator for top management”. In a career that spans over 30 plus years, Alan has seen the dramatic evolution of security, particularly post9/11, and like all security practitioners, he has had to adjust to the complexity of challenges faced by busi-nesses today. Alan’s perspective is simply stated, “There have been many impacts, but the two most signifi-cant can be summarized into technology advances and efficiency improvements. This has required securityprofessionals to keep abreast of best practices and updates on both sides of the technology equation, as wellas being prepared to put forth constant ROI justifications to keep up with the changes.” So what does Alan consider importantleadership traits for a Director of Securityto possess in order to be successful?“They need to embrace the concept ofcontinually managing and leading up andacross an organization…to be empathetic,responsive, decisive, and focused on pro-viding solutions and timely actions to con-tribute to their company’s overall goals.Most importantly, they simply need anabundance of common sense!” The mes-sage is definitely resonating with hissecurity team, as evidenced by one secu-rity officer’s unsolicited comment indescribing Alan’s leadership, “He’s anoutstanding guy!”

Allan Snow, Director of Safety andSecurity for Boston Properties

13ASIS

Boston Chapter Member Profile

Access ControlClosed Circuit Television

SystemsDigital RecordersAsset Protection

Intercoms

36 Jackman Street • Georgetown, MA 01833 • Tel.: 978.352.5232 • Fax: 978.352.2581

Answers for Certification Questions from page 101. c, 2. d, 3. d

Social Networking - Friend or Foe?

Social networking has created powerful new ways to communicate and share information. Business isincreasingly using social networking sites in its operations because they are efficient marketing tools, allow foralmost instantaneous information access, and reduce costs for marketing and travel. Your employees and co-workers find social networking sites beneficial on both personal and professional levels because of their sim-plicity to connect people with similar interests or goals and their potential to reach a huge network of peopleto promote themselves, a business or product with limited cost.

Boston-based IT Security firm Sophos released their Security Threat Report 2010 in February, which identi-fies some alarming trends that security professionals should be aware of in a business climate that hasembraced social networking: cyber criminals are focusing their nefarious attacks on users of social networks,such as Facebook, LinkedIn and Twitter, placing business infrastructures and their sensitive data at risk.How? Sophos’s 2010 Security Threat Report reveals that criminals identify potential victims on social net-works, and then attack them, both at home and at work. According to the Sophos report, there has an explo-sion in reports of spam and malware over the past 12 months:

• 57% of users report they have been spammed via social networking sites, a rise of 71% • 36% reveal they have been sent malware via social networking sites, a rise of 70%

While the threat of malware, spam, phishing, and identity theft on social networks appears to be increasing,companies appear to be relaxing their attitude to allow, and even encourage, participation on social network-ing sites via the corporate network. Sophos’s Threat Report reveals that 49% of firms surveyed allow all theirstaff access to Facebook, a 13% rise from the previous year. Survey respondents also identified which socialnetwork they believed posed the biggest security risk.

The Fall 2009 Application Usage and Risk Report published by Palo Alto Networks points out that organiza-tions need to strike an appropriate balance between the business benefit and the associate security risks ofusing social media. The report found, in many cases, the quick increase in usage is occurring without properconsideration for the associated business and security risks.

Employee use of Web 2.0, especially social networking such as Facebook, LinkedIn, and Twitter, presentscompanies with a variety of compliance, information security, legal and reputational risks, in addition to theproblem of lost productivity. To manage these risks appropriately, security professionals need to help theirorganizations create and monitor a comprehensive Internet use policy that covers employees’ personal use ofsocial media platforms and is customized to meet business requirements and support the culture.

Related Links Wikipedia.org - Enterprise Social Software Attacks on Social Networks Increase By 70 Percent CIOs Say IT Should Not Block Social Media Sites Keeping Tabs on Your Employees’ Facebook Activity

References Palo Alto Networks - Application Usage Risk Report Fall 2009 Sophos Security Threat Report 2010 While Companies Relax on Social Media, Threats Increase

14 ASIS

15ASIS

For Security Practitioners — Covering the Bases

As summer is quickly approaching, many of us will face the usual challenges of providing proper staff coverage tobalance vacation absences. In addition, some of us may have special events to manage or will see an increase invisitors to our facilities. Here are some simple reminders to help make your security functions run smoothly: Physical Security:❏ Have you inspected your site recently?❏ Are you sure all access control systems are operating properly?❏ Do you have a formal inspection procedure in place?❏ Can you account for all employee access cards including those issued to vendors, contractors

and subcontractors?❏ Do you know how to produce reports or camera footage?❏ Is access to sensitive areas properly limited?❏ Are post orders updated and reviewed periodically?❏ Are delivery procedures properly followed?❏ Are alarm notification procedures updated and checked periodically?❏ Do you have a Key Management system in place?❏ Do you have ongoing security discussions with property management staff?❏ Is there proper signage?❏ Do you conduct periodic security awareness training?Visitor controls:❏ Are visitors properly screened?❏ Are security logs kept and inspected periodically?❏ Are vendors properly vetted?❏ Are receptionists given proper security training?❏ Is security staffing adequate for large group visits?Information Security:❏ Do you have a formal policy?❏ Has it been communicated to personnel?❏ Are sensitive documents identified and properly secured-especially following meetings?❏ Are encryption protocols in place when sending information via email?❏ Are appropriate network security protocols identified and followed?Emergency Preparedness:❏ Are you plans up-to-date?❏ Does the plan also address safety and incident response procedures for on-site contractors,

subcontractors and vendors?❏ Is senior leadership aware of what is expected of them in an emergency?❏ Have you conducted training for key responders recently?❏ Have you conducted a drill or tabletop exercise within the past year?❏ Have you conducted an evacuation drill within the past year?❏ Do you include key suppliers in your Continuity Planning?❏ Have you conducted or updated a threat matrix lately?❏ Do you have a liaison with your local law enforcement?General Security:❏ Do you have a background screening policy? Is it followed in all cases?❏ Have appropriate security metrics been identified? Are they obtained and properly reviewed or analyzed?❏ Are you collaborating with other functions in your organizations i.e. Legal, HR, Risk Management, IT,

Operations, Executive Management?❏ Are your employee awareness programs effective? Hopefully these quick reminders will help us stay focused on our core functions despite the added demands we all face.

CONTACT: Bob Johnson atrjohnson@ribisecurity.com

$26.00 per personBBQ, 2 hours before the game!

PAWTUCKET RED SOX VS. Buffalo Bisons at 7:05pmFriday August 13, 2010

Let's All Go Out to the Ball Game.Please join with our ASIS International Region 18 colleagues

for a great night at McCoy Stadium.

17ASIS

SECRETARY

JEFF DIPRIMIO

Global Security OperationManager

Genzyme CorporationTel: 617 768-6122Jeff.DiPrimio@genzyme.com

VICE CHAIRPERSON

JENNIFER GOBA, CPP

Manager

Massachusetts GeneralHospitalTel: 617 724-3036jgoba@partners.org

CHAIRPERSON

RICHARD A. PARRY,CPP, CISM

Executive Director, GobalSecurity

Novartis Institute forBiomedical Research Tel: 617 871-3074dick.parry@ novartis.com

SENIOR REGIONAL VPJoseph Masciocco518 452-3505joem@securityintegrations.com

REGIONAL VPRobert E. Johnson Jr.401 413-1316rjohnson@ribisecurity.com

TREASURER

DENNIS CROWLEY III

Senior Vice President

Apollo Security Inc.Tel: 508 660-1197denny.crowley@apollose-curity.com

2010 ASIS REGION 18 LEADERSHIPASSISTANT REGIONAL VPGary Miville, CIPM413 732-8582gary.miville@securitasinc.com

MANNING GOLF TOURNAMENTCHAIRMichael Scott781 964-2020mscott@apollosecurity.com

MANNING FOUNDATION ANDSCHOLARSHIP FUND CHAIRMichael J. Pepe, CPP617 499-0082michael.pepe@dayzim.com

AWARDS COMMITTEE CHAIRRichard Zupan781 229-2750rzupan@idresources.com

CERTIFICATION CHAIRMark Beaudry, CPP978 399-5438mhbeaudr@us.ibm.com

LAW ENFORCEMENT CO-LIAISONHarold Murphyhfmjrna@aol.comTimothy Maher781 314-3152tmaher@police.waltham.ma.us

PLACEMENT CHAIRDavid Corbin617-983-7432dcorbin@partners.org

2010 BOSTON CHAPTER CHAIRPERSONSSERGEANT AT ARMSBob Michalski, CPPlockandsafes@comcast.net

COMMUNICATIONS COMMITTEEMarty Patnaude, CPP781 953-1810mpatnaude@americanalarm.comAdria Gallagher, CPP, CFE781 544-3736adria876@comcast.netStephen Malloy, CPP, PCI617 530-5302stephen.g.malloy@us.pwc.comHeidi Raffanello508-339-5451 x248hraffanello@creativeservices.com

LEGISLATIVE LIAISONBenjamin Levison617 665-8805ben.levison@comcast.net

EDUCATION CHAIRBonnie Michelman, CPP617 726-7979bmichelman@partners.org

MEMBERSHIP CHAIRRebecca Coburn, CPP, CHPA617 724-9649rcoburn@partners.org

PROGRAM CHAIRJim Healey, CPP, CFE781 953-0905jjhealey@verizon.net

CO-CHAIRPERSON -SECURITY EXPOBonnie Michelman, CPP617 726-7979bmichelman@partners.org

CO-CHAIRPERSON -SECURITY EXPOJim Healey, CPP, CFE781 953-0905jjhealey@verizon.net

EXHIBIT COORDINATOR -SECURITY EXPOJim Stankevich603 847-3080jstankevich@tycoint.com

NOMINATING COMMITTEECraig McQuate617 369-3252cmcquate@mfa.orgBonnie Michelman, CPP617 726-7979bmichelman@partners.orgMike Pepe, CPP617 499-0082michael.pepe@dayzim.com

ASSISTANT REGIONAL VPPhil Stewart, CPP978 354-2526pwstewart@partners.org

2010 ASIS BOSTON CHAPTER LEADERSHIP