In Connecticut and New Jersey, DHS conducted a simulated terrorist-attack exercise called TOPOFF.

Guards in New York City buildings are woefully unprepared, according to the city's public advocate.

For information on how this issue of digital image admissibility is evolving in U.S. courts, link to an article by Rebecca Levy-Sachs and Melissa Sullivan of Robinson & Cole.

Everyone agrees that certain sectors of society—energy, telecommunications, water supply—are critical infrastructures. But what about monuments and icons? Key industry buildings? Sports stadiums and other large gathering places? More and more sectors are being included under the rubric of critical infrastructure, according to a review of presidential orders and directives, federal statutes, and government reports. The various documents mentioned here are on SM Online.

In an expansive 160-page report written for the U.K. Home Office, which is responsible for domestic issues, Professor Martin Gill and Angela Spriggs did not find conclusive proof of CCTV’s beneficial effect on crime in town and city centers, parking areas, hospitals, and residential zones. Read the report.

Surely you’ve heard of the University of Berkeley, Hamilton University, St. Regis University, and the American University of London. Or have you? In fact, these schools are suspected “diploma mills”—colleges and universities offering worthless degrees that require no work. They use familiar sounding names intended to make prospective employers mistake them for real institutions, such as the University of California at Berkeley, Hamilton College, Regis University, and the American University in London. The problem came to the fore when it was found that many government workers, including staff in the Department of Homeland Security, had these phony credentials, prompting Congress to hold a series of hearings.

College students are many things, but cautious isn’t usually one of them. And when the emotional tinder swirling in young adults mixes with physical tinder, such as paper and cheap furniture, in population-dense dorms, the combination can be highly combustible. That may be one of the reasons why about 1,300 fires occur in U.S. college and university dormitories every year. Unfortunately, in most dorm fires, no automatic sprinkler system is there to douse the flames.As part of a U.S. Fire Administration initiative to improve fire safety in college housing, the National Institute of Standards and Technology (NIST) conducted fire experiments in abandoned dorm rooms in Arkansas. Link to NIST via SM Online to get the free DVD .

The Department of Homeland Security has released its Interim National Preparedness Goal, which “establishes readiness priorities, targets, and metrics.” For more information go to SM Online.

In 601 pages of exposition, the Commission on Intelligence Capabilities of the United States Regarding Weapons of Mass Destruction laid bare the serious problems in the U.S. intelligence community. The commission’s report is packed with recommendations on topics such as management, collection, analysis, covert action, and counterinelligence. Read the report.

Businesses concerned about workers’ compensation scams can turn to a video released by the Coalition Against Insurance Fraud. The video, just under 12 minutes long, explains to workers the harm done by fraud against workers’ compensation, health insurance, automobile insurance, and other types of insurance. SM Online shows you how to get the video.

How well has the FBI aligned itself with post 9-11 priorities? The National Academy of Public Administration (NAPA) says that the FBI “is making substantial progress in transforming itself into a strong domestic intelligence agency and has the will and many of the competencies required to accomplish it.” But the report makes 37 recommendations for change. Read the  report.

The Customs-Trade Partnership Against Terrorism (C-TPAT). Green lanes. FAST (Free and Secure Trade) lanes. The Container Security Initiative. Smart containers. Automated Commercial Environment. These various cargo security programs and elements launched by the federal government may seem like a morass of overlapping parts. A new document by Customs and Border Protection (CBP) clears up much of the confusion as far as C-TPAT is concerned.

In any tabletop exercise involving multiple authorities and jurisdictions, it’s virtually certain that some of the lessons learned involve the need for better coordination, clear lines of authority, and improved information sharing. And so it has been with Coast Guard exercises on port security, says the Government Accountability Office (GAO). According to GAO auditors, 59 percent of the 82 exercises studied raised communication issues, including problems with interoperable radio communications, failure to share information with other agencies, and difficulties in accessing necessary classified information. Almost as many exercises were plagued with resource problems, including poor facilities or equipment. Forty-one percent of the exercises raised concerns about the participants’ ability to coordinate a command and control system, for example. Part of the problem, acknowledges the GAO, is that the National Response Plan, launched in January, wasn’t in place during the exercises. That plan supercedes all existing federal interagency emergency response plans. SM Online takes you to the report.

Contending with bad breath and nervous patients, dentists and hygienists have plenty of challenges. One university is also training them to stop abuse by reporting broken jaws and suspiciously chipped teeth—signs of family violence. Because 60 percent of abuse cases involve head and neck injuries, which dental professionals are uniquely suited to identify, the University of Minnesota’s School of Dentistry and the Program Against Sexual Violence created a training program to deal with patients affected by family violence. The program discusses the dynamics of abuse, teaches dental students and professionals how to intervene in and report violence, and shows how to identify community service providers and establish office protocols.A report by the Justice Department’s Office for Victims of Crime indicates that the training “made a significant, positive impact in teaching dental professionals how to identify and report cases of abuse.” The report urges that this training be integrated into dental schools, dental hygiene programs, and dental associations. Read it on SM Online.

A federal appeals court has ruled that an off-duty crew member of a cruise line was acting within his scope of employment when he raped a passenger who had gone ashore. The court also determined that the cruise line,as a common carrier, is liable for crew member assaults on passengers. (Jane Doe v. Celebrity Cruises, Inc., U.S. Court of Appeals for the Eleventh Circuit, No. 03-15321, 2004)

A federal appeals court has ruled that an employer is within its rights in seeking the HIV medical records of an employee.(Douglas Gajda v. Manhattan and Bronx Surface Transit Operating Authority, U.S. Court of Appeals for the Second Circuit, No. 04-0608-cv, 2005).

A new rule proposed by the Nuclear Regulatory Commission (NRC) would expand the categories of information considered by the agency to be sensitive. Such data would be added to a special category of sensitive unclassified information, termed safeguards information (SGI), that would be protected from unauthorized disclosure.Current SGI includes data on power reactors, research and test reactors, and spent-fuel storage installations. Under the new rule, information such as engineering or safety analyses, emergency planning procedures, or scenario training materials relating to facility protection would be considered SGI. Also protected would be information concerning the tactics and capabilities required to defend against attempted radiological sabotage or theft of nuclear material. @ To read the full text visit Security Management Online.

A bill (S. 306) introduced by Sen. Olympia Snowe (R-ME) that would prohibit genetic discrimination by employers and insurance providers has been approved by the Senate.

A bill (S. 308) introduced by Rep. Frank Lautenberg (D-NJ)would require that homeland security grants be given out only based on assessments of risk, threat, and vulnerability.

IIntroduced by Sen.Russell Feingold (D-WI), a new bill (S. 317) would protect the privacy of individuals by limiting government access to the records of libraries and booksellers.

A bill (H.B. 1392)introduced in the Arkansas Legislature would allow nursing home residents to have CCTV cameras installed in their rooms at the discretion of family members. The bill, called the Willie Mae Ryan Act, was named for a murder victim—an 81-year-old nursing home resident who was beaten to death in her room in August 2003.

A federal appeals court has ruled that an employer did not violate an employee’s Fourth Amendment rights when it required her to submit to a psychological evaluation even though the evaluation was two hours long and required that the employee divulge details of her personal life. The court ruled that the company had the right to do so, even without a stated reason. (Greenwalt v. Indiana Department of Correction, U.S. Court of Appeals for the Seventh Circuit, 2005).

A federal appeals court has ruled that a woman who was fired approximately a month after she gave birth to a disabled child can pursue her claim of discrimination. The decision overturns a lower court’s summary judgment in favor of the company, which prevented the woman from taking her case to court. The judge ruled that the timing of the termination and the birth along with the woman’s successful 12-year career and excellent performance reviews were sufficient to move the case forward. (Strate v. Midwest Bankcentre, Inc., U.S. Court of Appeals for the Eighth Circuit, No. 03-4039, 2005).

One of the most ballyhooed differences is security; IE has been famously prone to flaws, while Firefox has remained largely outside of the virus and worm threatscape in part because it has fewer flaws and in part because it has fewer users and is not yet attracting the attention of hackers. That's subject to change, of course, as more people adopt it. Firefox has some differences that truly make it more secure, however. For example, it doesn't automatically load ActiveX controls, tiny programs that have been the cause of many of IE's security holes. Pros. Better security and the ability to precisely customize it to your wants and needs make Firefox a pleasure to use. Cons. Since Firefox doesn't automatically load ActiveX controls, there are some pages that simply won't load in the browser, or won't work properly. For these pages, you'll have to open IE. Where to get one? The browser is available for free from Mozilla's Web site.

One card that works across the government as an ID and for access is a step closer to reality. In accordance with Homeland Security Presidential Directive (HSPD) 12, the National Institute of Standards and Technology (NIST) has released a standard specifying the architecture and technical requirements for a common identification standard for federal employees and contractors, such as a smart card with embedded biometric data. The first part of the standard gives minimum requirements for a personal identity verification (PIV) system that meets the control and security objectives of HSPD 12, while the second part provides the technical requirements, such as card elements and system interfaces, to support the control and security objectives as well as to maintain interoperability. PIV-I mandates, for example, that a detailed background investigation be completed before ID credentials are issued. It also requires that the applicant appear in person at least once during the process and that he or she present two forms of identification in original form. The Federal Information Processing Standard 201, Personal Identity Verification of Federal Employees and Contractors, is available at SM Online.

The Center for Democracy and Technology (CDT) is a leading advocate for privacy in a technological age where fears of terrorism are cited as a rationale for government and law enforcement to have greater access to data. Over the past decade CDT has fought spyware, opposed greater use of wiretaps by the FBI on wireless phones and VoIP, and looked for a balance between protecting intellectual-property rights and allowing consumers fair use. No matter where you stand on these issues, it is helpful to understand the perspective of privacy advocates, such as the CDT. @ You can get to the CDT's Web site via SM Online.

The Information Security Forum (ISF), a U.K.-based nonprofit group of more than 260 international corporate members from Adobe Systems to Zurich Financial Services, has released an updated version of The Standard of Good Practice for Information Security. This comprehensive standard allows organizations to measure the effectiveness of their security posture against an international benchmark. The latest version has added guidance on patch management and on mitigating threats posed by instant messaging. It has significantly updated sections on outsourcing, virus protection, and Web server security. Unlike most of ISF's 200 or so publications, which are available only to members, @ The Standard of Good Practice is available to the public for free.