Employee screening is often misunderstood. People think that running a quick search of credentials through the normal hiring process is sufficient for all hires, despite the fact that most research finds that the majority of resumes and CVs contain falsities from minor to major.
The normal process of checking references on some of your potential hires is the thing that is relied on by potential hires who are fabricating their past. Even HR staff normally will go only so far as to ask a couple of questions to a "former employer" who may have nothing to do with actually ever having been the boss of someone.
While the lighter end of screening is not always a major concern, such as a Mc-Job hire, conducting the same level of scrutiny for professional organizations (which is what is occurring) can expose a company to many potential issues when hiring if the person is not legit. Poor performance, lack of training, mental health issues, criminality and opening up your organization to litigation are among the many risks associated to a bad choice in a hire.
A private investigator can help out with screening programs for sensitive personnel, particularly management and sensitive positions requiring specific knowledge. This includes things like executive hiring, scientific and technical trades, financial services and special access personnel, including things like night shift cleaners who often have free access to a building's interior while unsupervised.
Having a PI augment your internal HR services can be a relatively low cost option to running an internal program as it can be focussed on specific hires deemed at risk to fraudulent hires and allows you to not spend money on a full time in house investigator. Give a local PI a call to see how their screening services can help you.
Postings provided by Elemental Investigations: Private Investigator Edmonton
Friday 17 January 2014
Thursday 9 January 2014
New Year Outlook
Well, its good to be back from the Christmas and New Year's holidays. We're a little late getting to our New Year's outlook on the coming year, but to be honest, entime off was well deserved. With that in mind, we want to highlight a few things we see as being large or continued stories in 2014 in the world of privacy, investigations and security. Let's see what will shape the landscape on those topics in the coming year:
- Snowden will continue to make waves as the government tries to reign him in. He is holding on to enough juicy tidbits to keep this ball rolling throughout the year. Importantly, the big internet companies will see more action in court as they try and distance themselves from the appearance of being in cahoots with the NSA, and may out out some new encryption standards which have been developed without the special sauce provided by the NSA.
- Also related to Snowden, look to more operators offering "secure" online interactions. While interesting at the start, they will also lead to a greater level of attacks and sophistication in exploiting perceived protections. Think of Snapchat and Lavabit for those who know.
- On the security front as a whole, we will continue to see the sad march to automation and new standards designed to save mid-level managers the discomfort of taking 4 seconds to secure information. Federal Govenment et al, will see more major blunders as a result.
- On the economy, a stronger economic footing will allow us to enjoy reduced employee based crime as wages and stability help calm the masses. That being said, on the fraud front, managers will be granted relaxed fiscal controls, which will inevitably lead to something about hands and cookie jars. Also on this front, better economic conditions usually also lead to lessened rates of family violence and drug abuse.
- The investigations industry on the whole in Canada will strengthen we think. This will be due to economic factors which will allow business to tackle problems requiring outside help and the easing of purse strings will help outside of Canada. The push in jurisdicitons such as the UK and the US will also continue towards more regulation of the industry in terms of licencing and basic standards, which should be good news for local investigators and those of us trying to contract investigators in those countries for assistance with cases elsewhere.
That about does it for our outlook. We definitely are looking forward to 2014 and the new and exciting challenges it will bring. We wish all a happy and prosperous new year!
Blogging provided by Elemental Investigations: Private Investigator Edmonton, a Canadian Private investigations and security consulting agency.
Blogging provided by Elemental Investigations: Private Investigator Edmonton, a Canadian Private investigations and security consulting agency.
Tuesday 10 December 2013
Info Management
There has been a shift in the info management (IM) of business and organizations in the last few years to become a function of (either superior to or subordinate to) the IT side of things. Indeed, the creation of IM Managers and Chief Information Officers (CIOs) is the new sexy in hiring.
Unfortunately, this has taken a significant bite out of security managers and executives power, and in fact has left them holding the less sexy physical security bag, which has become woefully neglected.
The biggest problem with creating a second and third avenue of security responsibility in an organization is that it creates a fragmented approach where each department (2-3 of them) each try and secure their respective castles, with often only a thread of connectivity in the form of a corporate security policy which was likely not created to effectively coordinate separate departments.
The next biggest problem is that major resources tend to go to the sexy side (IT/IM), and the scraps are left to physical. This means that on top of the IT and IM folks likely enjoying the attention of the executive suite more than the physical guy, they also get the bulk of funds and resources and ignore the significant role physical lapses can result in which make IT and IM irrelevant.
Case in point. Super strong network security and a perfectly synchronized access plan (which never occurs by the way) will be easily outmanoeuvred by someone picking through the garbage, talking to staff after work or digging up some dirt and doing an old fashioned intelligence recruitment.
There has to be more to the IM and IT planning than just having strong capabilities in network security and managed information flows. The old fashioned approach of physical security should be the driving force still in the current security model, as things haven't actually changed, even though the pedlars of these systems may claim otherwise.
The most effective security model then is one which is drawn up by one sole security source (usually being the physical security guy), which then incorporates how information will be managed from physical to electronic and back to physical mediums. This will ensure unity of effort, reduced costs in terms of security staff, better understanding of the overall security picture by personnel and a more effective plan overall.
Blog courtesy of Elemental Investigations: Private Investigator Edmonton, which is a security and investigations agency in Ottawa, Canada. They are located on the web at www.elementalpi.ca
Unfortunately, this has taken a significant bite out of security managers and executives power, and in fact has left them holding the less sexy physical security bag, which has become woefully neglected.
The biggest problem with creating a second and third avenue of security responsibility in an organization is that it creates a fragmented approach where each department (2-3 of them) each try and secure their respective castles, with often only a thread of connectivity in the form of a corporate security policy which was likely not created to effectively coordinate separate departments.
The next biggest problem is that major resources tend to go to the sexy side (IT/IM), and the scraps are left to physical. This means that on top of the IT and IM folks likely enjoying the attention of the executive suite more than the physical guy, they also get the bulk of funds and resources and ignore the significant role physical lapses can result in which make IT and IM irrelevant.
Case in point. Super strong network security and a perfectly synchronized access plan (which never occurs by the way) will be easily outmanoeuvred by someone picking through the garbage, talking to staff after work or digging up some dirt and doing an old fashioned intelligence recruitment.
There has to be more to the IM and IT planning than just having strong capabilities in network security and managed information flows. The old fashioned approach of physical security should be the driving force still in the current security model, as things haven't actually changed, even though the pedlars of these systems may claim otherwise.
The most effective security model then is one which is drawn up by one sole security source (usually being the physical security guy), which then incorporates how information will be managed from physical to electronic and back to physical mediums. This will ensure unity of effort, reduced costs in terms of security staff, better understanding of the overall security picture by personnel and a more effective plan overall.
Blog courtesy of Elemental Investigations: Private Investigator Edmonton, which is a security and investigations agency in Ottawa, Canada. They are located on the web at www.elementalpi.ca
Friday 6 December 2013
Security Surveys
Security Surveys are a handy tool to assess the effectiveness of a security plan/system.
Contrary to some perceptions, security needs to be continuously reviewed and adapted to the changing environment, or else it risks becoming out of date and irrelevant.
The security survey should always be performed by a neutral third party, which ensures that corporate group think and egos stay out of the way of properly assessing the effectiveness of your security. The survey will look at things like current practices, how they are understood and are being followed by staff, technology changes, attitudes to the organization, threats to the industry and any other factor which could conceivably impact the security of your organization or operation.
This will allow managers and executives to look at the various weak points in a security plan and determine whether or not they will mitigate the issue or deal with it head on. It will also help assign resources to more effective areas, which can ease resource demands and even save some cash.
The security survey should be performed yearly for security sensitive organizations, and every 3-5 years for other organizations to keep them effective. These should be paired to the Threat Risk Assessments for your organization as well to give the most effective and comprehensive security picture of your organization to keep your staff and assets as secure as possible.
Blog content provided by Elemental Investigations: Private Investigator Edmonton, which is a security and investigations agency operating out of Edmonton Canada.
Contrary to some perceptions, security needs to be continuously reviewed and adapted to the changing environment, or else it risks becoming out of date and irrelevant.
The security survey should always be performed by a neutral third party, which ensures that corporate group think and egos stay out of the way of properly assessing the effectiveness of your security. The survey will look at things like current practices, how they are understood and are being followed by staff, technology changes, attitudes to the organization, threats to the industry and any other factor which could conceivably impact the security of your organization or operation.
This will allow managers and executives to look at the various weak points in a security plan and determine whether or not they will mitigate the issue or deal with it head on. It will also help assign resources to more effective areas, which can ease resource demands and even save some cash.
The security survey should be performed yearly for security sensitive organizations, and every 3-5 years for other organizations to keep them effective. These should be paired to the Threat Risk Assessments for your organization as well to give the most effective and comprehensive security picture of your organization to keep your staff and assets as secure as possible.
Blog content provided by Elemental Investigations: Private Investigator Edmonton, which is a security and investigations agency operating out of Edmonton Canada.
Monday 25 November 2013
Threat Risk Assessments
Threat Risk Assessments (TRAs) are a well known function in the security world, but often confused in the real world. Largely, I see TRAs associated to IT functions and information management (IM), and not a part of the whole security ecosystem of a business or organization.
This is unfortunate and is largely representative of the sad state of security planning as the TRA should overarch the IT/IM segment of a business and force it to conform to the security plan of the larger organization, rather than be treated as a separate issue.
The TRA is an analysis of the threats faced by an organization or business. This looks at all threats and threat vectors, including online, physical, financial, legal, etc. It then makes a determination of the likelihood of occurring given the current state of the world and the current security capabilities of the client organization. Lastly, it makes an assessment of the degree of harm to the organization should an attack occur.
Essentially, a TRA will allow you to understand what you should be most concerned about which will allow you to use security resources to their best potential, which has the added benefit of saving you money. How? Well, when you go direct to a security company, they will inevitably want to sell you the cadillac of security services. Nothing wrong with that and it is expected, but without actually knowing about your security threats and your own footing, you may buy the Cadillac when you only need the Hyundai and a little knowledge of how to mitigate your threats.
Many individuals offer TRA services, and you should always look to obtain the TRA from someone who is not aligned with the security systems provider. This will ensure you are getting the best information on what you need to protect before you look at the shiny gadgets to buy at a premium.
Blog post is courtesy Elemental Investigations: Private Investigator Edmonton, an Edmonton, Canada based private investigator agency. They can be found online at www.elementalpi.ca
This is unfortunate and is largely representative of the sad state of security planning as the TRA should overarch the IT/IM segment of a business and force it to conform to the security plan of the larger organization, rather than be treated as a separate issue.
The TRA is an analysis of the threats faced by an organization or business. This looks at all threats and threat vectors, including online, physical, financial, legal, etc. It then makes a determination of the likelihood of occurring given the current state of the world and the current security capabilities of the client organization. Lastly, it makes an assessment of the degree of harm to the organization should an attack occur.
Essentially, a TRA will allow you to understand what you should be most concerned about which will allow you to use security resources to their best potential, which has the added benefit of saving you money. How? Well, when you go direct to a security company, they will inevitably want to sell you the cadillac of security services. Nothing wrong with that and it is expected, but without actually knowing about your security threats and your own footing, you may buy the Cadillac when you only need the Hyundai and a little knowledge of how to mitigate your threats.
Many individuals offer TRA services, and you should always look to obtain the TRA from someone who is not aligned with the security systems provider. This will ensure you are getting the best information on what you need to protect before you look at the shiny gadgets to buy at a premium.
Blog post is courtesy Elemental Investigations: Private Investigator Edmonton, an Edmonton, Canada based private investigator agency. They can be found online at www.elementalpi.ca
Wednesday 20 November 2013
Insurance Fraud
Insurance fraud hurts us all is the sad refrain of insurance companies and while most people tend to view these companies as organizations which are largely unworthy of sympathy, it really does hit everyone in the pocket book, and not just the big insurance companies in the form of higher premiums and stricter guidelines.
Insurance fraud really exists everywhere insurance itself exists, after all, one usually needs to prove only harm or loss and they can get a cheque cut to them. The fraud types are varied across these spectrums, from the slip scam in the grocery store, to the rear end scam where someone is goaded into running into the rear of another car, to the workers insurance scam where a false claim of workplace injury is presented.
These examples are but a tiny tip of the iceberg, but they show the prevalence of them as we all know exactly how these scams work, yet they still persist and remain effective ways of scamming the system.
Largely it is the insurance company which will launch an investigation as it balances the need to find out what happened with the costs of litigation or settling. This is happening a bit more now days as the previous policies of settling rather than fighting claims in court has largely failed as the claims were not only paid out, but encouraged scammers to put in more claims as they knew they would not be challenged. Private individuals and companies have also begun doing their own investigations as well though, as organizations such as workers compensation, which are often government run or managed tend to be overloaded with cases and cannot respond effectively to all claims needing investigation.
When this occurs, Private Investigators (PIs) have always been the go to folks to look into these scams and present evidence as to the actual state of the individual making claims. Surveillance, history and interviews all come into the investigative process to give the interested parties the information needed to assess whether or not a false claim has been made, then pursue it in court.
Call a local PI today to find out what kind of services they can provide you!
Blog post is courtesy Elemental Investigations: Private Investigator Edmonton, an Edmonton, Canada based private investigator agency. They can be found online at www.elementalpi.ca
Insurance fraud really exists everywhere insurance itself exists, after all, one usually needs to prove only harm or loss and they can get a cheque cut to them. The fraud types are varied across these spectrums, from the slip scam in the grocery store, to the rear end scam where someone is goaded into running into the rear of another car, to the workers insurance scam where a false claim of workplace injury is presented.
These examples are but a tiny tip of the iceberg, but they show the prevalence of them as we all know exactly how these scams work, yet they still persist and remain effective ways of scamming the system.
Largely it is the insurance company which will launch an investigation as it balances the need to find out what happened with the costs of litigation or settling. This is happening a bit more now days as the previous policies of settling rather than fighting claims in court has largely failed as the claims were not only paid out, but encouraged scammers to put in more claims as they knew they would not be challenged. Private individuals and companies have also begun doing their own investigations as well though, as organizations such as workers compensation, which are often government run or managed tend to be overloaded with cases and cannot respond effectively to all claims needing investigation.
When this occurs, Private Investigators (PIs) have always been the go to folks to look into these scams and present evidence as to the actual state of the individual making claims. Surveillance, history and interviews all come into the investigative process to give the interested parties the information needed to assess whether or not a false claim has been made, then pursue it in court.
Call a local PI today to find out what kind of services they can provide you!
Blog post is courtesy Elemental Investigations: Private Investigator Edmonton, an Edmonton, Canada based private investigator agency. They can be found online at www.elementalpi.ca
Thursday 14 November 2013
Identity Theft
With increased collection of online data, coupled with ever increasing interactions by individuals online, the potential for identity theft has also increased. These new interactions and data storage make it easier to obtain someone else's personal information, and more importantly, allow for rapid deployment of damaging methods across a wide spectrum with the added benefit of making it much more difficult to prosecute an issue.
In the old days, identity theft still occurred, however basic logical issues such as location, physical presence and direct human monitoring made it more difficult for someone to get away with something for long, and simple data manipulation was not sufficient alone to fool safeguards. For example, if you were a senior citizen and went into a bank to get a mortgage, the banker would expect to see a senior citizen in the correct town or city, asking for things generally in line with expectations. If something seemed off, added scrutiny would kick in.
Nowadays, the theft of personal information and the automation of many things makes the theft and quick exploitation of that data child's play by comparison. The most common form of identity theft is based on financial theft, where the data is used to either exploit existing financing such as credit cards, lines of credit and bank accounts, or to establish new forms of credit , relying on general good credit to obtain what can be created. These schemes are set up to run across international boundaries, making the tracing of material to make arrests that much more difficult. They are also set up to scoop up large amounts of info, use them for their intended purpose of extracting whatever real money possible, then dumping the identity for the next, maximizing profit while minimizing risk.
The other popular form of identity theft (albeit a distant second in terms of usage), is the targeted form of identity theft. This form can be significantly more damaging to an individual as malice is the motivating factor as opposed to financial gain. This type of identity theft can also focus not just on financial (and often ignores financial completely), but will focus on social and online interactions to discredit an individual's reputation and relationships.
Tracing identity theft can be a complex and expensive affair. Law enforcement may be able to conduct an investigation, but due to limited resources, they will normally only be able to look into severe or referred cases without investigation ahead of time. This is where a private investigator can come in and provide consulting assistance, and conduct the investigation to usually stop, and in some cases bring down those responsible. Give a local PI a call to see how they can help out!
Blog post is courtesy Elemental Investigations: Private Investigator Edmonton, an Edmonton, Canada based private investigator agency. They can be found online at www.elementalpi.ca
In the old days, identity theft still occurred, however basic logical issues such as location, physical presence and direct human monitoring made it more difficult for someone to get away with something for long, and simple data manipulation was not sufficient alone to fool safeguards. For example, if you were a senior citizen and went into a bank to get a mortgage, the banker would expect to see a senior citizen in the correct town or city, asking for things generally in line with expectations. If something seemed off, added scrutiny would kick in.
Nowadays, the theft of personal information and the automation of many things makes the theft and quick exploitation of that data child's play by comparison. The most common form of identity theft is based on financial theft, where the data is used to either exploit existing financing such as credit cards, lines of credit and bank accounts, or to establish new forms of credit , relying on general good credit to obtain what can be created. These schemes are set up to run across international boundaries, making the tracing of material to make arrests that much more difficult. They are also set up to scoop up large amounts of info, use them for their intended purpose of extracting whatever real money possible, then dumping the identity for the next, maximizing profit while minimizing risk.
The other popular form of identity theft (albeit a distant second in terms of usage), is the targeted form of identity theft. This form can be significantly more damaging to an individual as malice is the motivating factor as opposed to financial gain. This type of identity theft can also focus not just on financial (and often ignores financial completely), but will focus on social and online interactions to discredit an individual's reputation and relationships.
Tracing identity theft can be a complex and expensive affair. Law enforcement may be able to conduct an investigation, but due to limited resources, they will normally only be able to look into severe or referred cases without investigation ahead of time. This is where a private investigator can come in and provide consulting assistance, and conduct the investigation to usually stop, and in some cases bring down those responsible. Give a local PI a call to see how they can help out!
Blog post is courtesy Elemental Investigations: Private Investigator Edmonton, an Edmonton, Canada based private investigator agency. They can be found online at www.elementalpi.ca
Subscribe to:
Posts (Atom)