On The Books - A recent survey revealed 70 percent of campus threat teams are meeting once or twice a week to review current situations. With mounting job responsibilities, finding time to get together in person and discuss is difficult.

On The Books

Centralized and secure record-keeping is key for Virginia colleges

By now, most colleges have taken steps to form a threat assessment team that investigates a range of concerning behaviors and potentially dangerous situations, including threats made by students, employees, faculty and others in the community.

Threat assessment teams typically include five to 10 members and should be multi-disciplinary, including representatives from college administration, law enforcement, mental health and legal counsel. Taking on the role of a threat assessment team member is an added and important responsibility. Lessons learned reveal the key to keeping assessment teams from becoming overwhelmed is to ensure the right processes are outlined and the right tools are used.

A recent survey revealed 70 percent of campus threat teams are meeting once or twice a week to review current situations. With mounting job responsibilities, finding time to get together in person and discuss is difficult.

Several colleges in Virginia have implemented Awareity’s threat assessment, incident management and prevention services (TIPS) platform to help manage and coordinate threat team efforts, saving valuable time and resources, while improving collaboration and information sharing.

THE FIRST THING TO DO

When a threat report is received, the first task of an assessment team is to collect as much information as possible to determine the potential for risk. Threat cases require an individualized approach, and the more information gathered the better. Gathering this information may include interviewing the individuals involved, speaking with faculty and friends, reviewing social media, and/or conducting a formal law enforcement investigation. Keeping track of the steps taken during this investigation and coordinating all actions and communications between team members is where TIPS delivers valuable advantages.

No longer do assessment teams need to find a time/place for everyone to meet, but team members can easily login and document their findings and case notes, set tasks for other team members, etc. and all other team members can review the investigation and ongoing updates in real-time, rather than waiting for their next meeting.

All actions are date/time stamped, providing legal-ready documentation and accountability, while also ensuring appropriate steps are taken to most effectively intervene and prevent a situation from escalating into something much worse.

Equipping your threat assessment team with a centralized platform is critical. Lessons learned reveal how organizations often fail to connect the dots. A working platform allows all team members to search related reports involving one or more people, review previous reports, investigations and actions, and assess a more comprehensive pattern of behavior. As we learned from the tragic Virginia Tech massacre, many people observed concerning behaviors prior, but these concerns were not routed to one central place to be connected and the seriousness of the threat(s) accurately identified.

KEEPING RECORDS

Threat assessment record-keeping can be difficult because records may include sensitive information or even criminal records that do not fit into previously established conventions, like student records systems. In fact, if your campus is currently placing threat records in your student conduct or student information system (SIS), you may be inadvertently putting this information at risk to unwanted exposure and liabilities.

This common misunderstanding about where to place and maintain threat records creates a disparity with FERPA and is costing colleges in numerous ways. Not only are threat records put at risk in an SIS, some assessment team members are not putting key information into the SIS, which means other team members are not seeing all details and are unable to make the right decisions. FERPA clearly identifies “law enforcement unit” records can and should be kept separate from SIS records.

The Virginia Threat Assessment State Law Guidance also recommends threat assessment teams keep threat records separate from student records and treat them as “law enforcement unit” records. These records should only be accessible to authorized team members and personnel.

The American National Standards Institute (ANSI) Workplace Violence Standard also clearly states that organizations should provide secure, “need to know” and anytime access to a centralized record keeping platform.

TIPS allows teams to be more efficient and track and document investigation notes in one place. Team members can, of course, still access SIS to locate information like class schedules or contact information, and share this information as needed within TIPS, but keeping the actual investigation details and assessment separate from your SIS is vital. Once the threat assessment process has been concluded or a resolution has been determined, for instance, suspension from campus, a summary can/should be recorded in the SIS, but all investigation prior should only be discussed between team members and documented in the secure centralized platform.

Of course, connecting the right dots means collecting all the dots first. How can threat teams ensure they are receiving information? Use of a comprehensive platform offers an anonymous incident reporting option. A TIPS reporting button is strategically placed on the campus website allowing anyone to securely report concerning behaviors. Campus threat teams can determine what types of incidents should be reported (sexual misconduct, threats to harm, weapons, drug/alcohol abuse, self-harm/suicide threats, suspicious persons).

Thomas Nelson Community College, the first Virginia community college to implement the TIPS prevention platform in 2012, had established a web-based reporting form, but the customization features available in TIPS provided significant advantages.

“Being able to determine what types of incidents could be reported and design the forms and questions based on our current procedures made the transition to TIPS simple,” said campus police chief Kelvin Maxwell. “The way in which reports from different locations and incident types could be directed to the appropriate staff, helped us ensure the right people were being notified so immediate and proactive actions could be taken.”

In addition to Maxwell, Thomas Nelson’s Threat Team also includes the vice president for Finance and Administration, Human Resources, campus police and student counseling staff. General counsel is also added to specific reports; with TIPS third-party resources law enforcement, mental health, compliance, etc. can become involved and added to individual reports in the system, if, and only when, their guidance is requested.

Campus-wide awareness and education regarding reporting of concerning behaviors is critical—all resident advisors, mental health counselors, academic advisors, faculty members, etc. need to understand how concerns should be communicated. Ongoing reminders should emphasize how everyone plays a role in keeping their campus safe and helping people in distress, whether or not a direct threat has been made.

At the beginning of the semester, Germanna Community College posted several awareness posters around campus with examples of the different behaviors to be reported.

“Students really appreciate that we are taking extra steps to involve them in safety efforts on campus,” said Pam Frederick, dean of student development at Germanna. “They really are our best eyes and ears on campus.

“TIPS allows anyone associated with the college community to come forward and anonymously share information with us,” Frederick said. “The information is immediately communicated to our team and proactively investigated so we can prevent situations from escalating.”

Once an investigation is determined to be “resolved,” it is also important to follow-up and monitor at-risk individuals. The follow up process may be as simple as checking in with the student (or parents, roommates, counselor of the individual involved) periodically and ensuring the situation is not escalating. TIPS provides a valuable reminder tool that ensures follow-up actions are taking place and no individuals slip through the cracks.

This article originally appeared in the January 2016 issue of Security Today.

Featured

  • Evolving Cybersecurity Strategies: Uniting Human Risk Management and Security Awareness Training

    Organizations are increasingly turning their attention to human-focused security approaches, as two out of three (68%) cybersecurity incidents involve people. Threat actors are shifting from targeting networks and systems to hacking humans via social engineering methods, living off human errors as their most prevalent attack vector. Whether manipulated or not, human cyber behavior is leveraged to gain backdoor access into systems. This mainly results from a lack of employee training and awareness about evolving attack techniques employed by malign actors. Read Now

  • Report: 1 in 3 Easily Exploitable Vulnerabilities Found on Cloud Assets

    CyCognito recently released new research highlighting critical security vulnerabilities across cloud-hosted assets, revealing that one in three easily exploitable vulnerabilities or misconfigurations are found on cloud assets. As organizations increasingly shift to multi-cloud strategies, the findings underscore significant security gaps that could provide attackers with potential footholds into networks. Read Now

  • Built for Today, Ready for Tomorrow

    Selecting the right VMS is critical for any organization that depends on video surveillance to ensure safety, security and operational efficiency. While many organizations focus on immediate needs such as budget and deployment size, let us review some of the long-term considerations that can significantly impact a VMS's utility and flexibility. Read Now

  • Paving the Way to Smart Buildings

    In today's rapidly evolving security landscape, the convergence of on-prem, edge and cloud technologies are critical. The physical security landscape is undergoing a profound transformation, driven by the rapid digitalization of buildings and the evolving needs of modern organizations. As the buildings sector pivots towards smart, AI and data-driven operations, the integration of both edge and cloud technology has become crucial. Read Now

  • The Cybersecurity Time Bomb

    If you work in physical security, you have probably seen it: a camera, access control system, or intrusion detection device installed years ago, humming along without a single update. It is a common scenario that security professionals have come to accept as "normal." But here is the reality: this mindset is actively putting organizations at risk. Read Now

New Products

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure.

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.