January 2008 Archives

The NOVA Chapter of the NPMA is hosting the third annual Contract Property Seminar on March 31 and April 1, 2008 in Fairfax, VA.

Topics to be discussed include:

• Developments in the world of UID
• Realities of implementing the new FAR 45 and related clauses
• Relationship between property management and contract management
• Technology and property management
• DCMA organization and initiatives
• Enterprise Asset Management
• Managing IT Assets
• ASTM Standards for Property Management

Industry leaders from NPMA, the Department of Defense, Civilian Agencies, DCMA, and government contractors will be presenting and participating in panel discussions on the latest issues and opportunities facing the contract property industry.  Detailed conference information is available on the seminar flyer linked above.

The Washington Post reports today that employees from the D.C. Office of Property Management were instrumental in helping the Chief Technology Officer for the District of Columbia crack down on violations of the D.C. government's computer use policy.  Nine District employees were using work computers to view a high volume of inappropriate content-over 200 times per day.  The CTO's office launched the investigation that uncovered these abuses after receiving a tip from the Office of Property Management.

This is a concrete example of the critical role that property managers can play in promoting information security and policy compliance in their organizations.

The 2nd Annual Asset Management Expo has come to a successful conclusion here in Atlanta.  There were a number of great topics discussed today.  Lisa Collins, an IT asset disposal expert from Global Investment Recovery, Inc. who delivered a great presentation on the challenges needs of IT asset disposal.  IT assets must be disposed of with great care- many monitors and computer parts contain materials such as mercury and lead that pose a threat to our environment.  Furthermore, information on hard drives or other devices that store memory can fall into the wrong hands if these devices are not properly destroyed.

We also heard a great panel discussion about some of the challenges and opportunities of selecting and implementing a new property system from AssetSmart's Robert Kaehler, Sunflower Systems' Jeffrey Polyak and IBM's Mary Bunzel. 

It was great to see so many participants at this conference from so many companies and organizations that span the asset management spectrum. 

We've just finished up a great first day of the Asset Management Conference & Expo here in Atlanta, GA.  The focus of the conference so far has been about the use of technology to facilitate Enterprise Asset Management.  RFID, in particular, has been a hot topic today.  We've heard from RFID experts from IBM and MIT, and also many professionals from the supply chain and logistics industries who are using this technology to improve their processes.

The property management profession is beginning to explore ways to bring the benefits of RFID into the personal property arena.  Particularly, there is an emerging shift in focus from simply collecting as much asset data as possible to collecting the data that managers need to make decisions and track progress against metrics.  It is no longer sufficient just to manage the asset portfolio; the asset portfolio itself must be connected to mission objectives.  RFID can facilitate this trend by moving beyond simply answering "what stuff do I have" to answering "is my stuff where I need it to be when I need it to be there?"

More to come after the second day of the conference tomorrow.

There are certain functions where property managers and acquisition personnel (i.e., requisitioners or buyers) should interface. One of the more obvious ones relates to receipt of purchased property and subsequent payment. Organizations continue to make extensive investments to integrate their purchase order, property receipt and invoice payment processes. However, the function of internal screening is one that organizations have struggled with. Internal screening is essentially the consideration of property items deemed unneeded by one business unit to be potentially reused by other units within the organization. FAR 45.602 outlines the various inventory disposal schedules property items should be placed through. The disposal schedules, also known as screening periods, outlined in FAR 45.602 include guidelines for internal reutilization and GSA screening. So why has the function of internal screening received such little organizational attention? Who is responsible for instituting internal screening processes? How can organizations invest in and is there any return on investment by strengthening internal screening process? These are literal questions and I would like hear from organizations that have made strides in strengthening their internal screening processes.

What I have observed in many organizations is that property managers do not believe there are internal procurement policies, processes and/or tools to enable the internal screening period. Thus, the internal screening cycle is typically skipped and the property is either directly screened for GSA or donation disposal. Conversely, procurement officials do not believe they have been provided the mechanisms to evaluate property to be reutilized. How can property be considered to be reutilized if is nothing known about it, such as its condition? Procurement officials cannot put their programs at risk by possibly providing inadequate property. So the question remains, if there is no internal mechanism to advertise the property's information and if no one is reviewing internal property for reuse, has it been truly internally screened?

My guess if that instituting policy needs to be the first approach organizations should use to position themselves to comply with FAR 45.602. To be successful, the policy needs to be jointly established within both the property management and procurement offices. It is moot to organizationally approach implementing internal screening processes in a stovepipe manner - no gains can be made unless procurement and property management embrace internal screening as a joint initiative. After instituting policy, organization needs to assess for themselves the value that can be achieved through the reutilization of property. Understanding the value should drive the extent each organization invests in their internal screening processes. Avoiding unnecessary acquisitions and reducing disposal costs are just two cursory examples of its benefits. Some potential initial investments or combination of investments may come in the form of process re-engineering, resources activities and/or technology. I am curious to hear what drivers have lead organizations to refine their internal screening processes. I am also interested in hearing what obstacles or deterrents have kept organizations from making strides.

It seems in this day-and-age there are many incentives to avoid disposing of property unnecessarily. Green initiatives, cleansing sensitive/confidential property, and rising logistical costs (e.g., fuel) are just a handful of reasons that come to mind that should drive an organization to refine their internal screening processes to reflect the guidelines outlined in FAR 45.602.

We've all heard the horror stories: a laptop, hard drive or other piece of IT equipment is stolen from a government agency, university or large company, placing the personally identifiable information (PII) of thousands at risk.  These unfortunate incidents are usually not the work of hackers or determined thieves, but rather are crimes of opportunity that result from lax physical accountability for the assets that store an organization's most sensitive data. These tales of woe are all too common in today's technology-saturated environment; a glance through the Chronology of Data Breaches for the past three years shows that virtually no organization is safe from information security lapses. 

To be certain, protecting PII and other sensitive data is everyone's responsibility, but property managers are uniquely situated in many organizations to have a significant impact on information security.  Property managers, the guardians of physical asset accountability,  often act as gatekeeper between the organization's IT department- responsible for making information available- and property custodians or end users of the devices that store sensitive data.  While the IT department is responsible for ensuring the use of data-level security efforts (encryption, VPNs, etc.) property management is responsible for ensuring the physical security of these assets.

Flash drives, external hard drives and laptops have become ubiquitous in today's office environment due to their decreasing cost and increased storage capacity.  Many of these items fall far below traditional property accountability thresholds, and many property managers are reluctant to place a barcode tag on something as tiny as a flash drive.  Yes, accounting for these devices may be challenging, but the risks of a data security breach make these measures well worth the effort.  The theft of PII can be as dangerous to the public as the theft of weapons or hazardous material.  Consider what could have happened to the identities, security and livelihoods of the 26.5 million Americans affected by the May 2006 data security breach at the U.S. Department of Veterans' Affairs.

So what can property managers do?  Here are some steps that you can take to increase data security in your organization and protect your colleagues and customers:
 

• Maintain records for all organization-issued property capable of storing computer-readable data in your property control system- accurate records can help recover stolen assets in the event of a theft
  
• Flag these sensitive data storage devices as sensitive in the property system to quickly distinguish them from other kinds of property and to provide a complete picture of your organization's exposure to risk from sensitive assets
• Issue and check property passes for all data and storage devices taken out of a secure organization location
  
• Conduct physical inventories of sensitive assets more frequently than inventories of non-sensitive assets to ensure the prompt discovery of missing items.
  
• Sensitive assets that are not found during inventory should be subject to a formal internal inquiry process before being written off.
  
• File a police report in the jurisdiction of the theft as soon as reasonably possible if an asset is reported lost or stolen by an employee.
  
• Overwrite, degauss or destroy hard drives or flash drives prior to donation, sale, or abandonment.
  

In today's world, the nature of sensitive assets has changed, but the mission is still the same: provide accountability and control for the proper use and care of property. Property professionals now have the opportunity to provide a crucial line of defense against a devastating leak of sensitive data. We must do more than simply keep our organizations out of the headlines. Our obligation is to protect the well being of thousands of people who depend on us to keep their information safe. Protecting property is necessary, but protecting people is the most important responsibility of all.

The first major property management event of 2008 is just a few days away.  The Asset Management Conference & Expo is taking place at the Sheraton Atlanta Hotel on January 22-23, 2008. 

Topics to be covered include:

• Asset Visibility and Tracking
• Equipment Life-Cycle Management
• Asset Reliability
• Maintenance, Repair and Overhaul
• Information Sharing Between Enterprise Applications
• Technologies such as EAM, CMMS, mobile computing, active and passive RFID, bar coding and data collection

You can find a complete conference agenda and list of speakers at this link.

Look for daily conference wrap-ups from Atlanta here on AssetCentric on January 22nd and 23rd.

Welcome to AssetCentric, a new online destination for the property management community.  The goal of this blog is to provide a frequently updated source of content for all things property including:

• Sharing industry news and articles of interest
  
• Live blogging from key property management events
• Analysis of property management issues
• A forum for discussion of property challenges, ideas and opportunities
  

If you are interested in writing entries or otherwise contributing to AssetCentric, please contact the site editor via email at bkriner@sunflowersystems.com. Readers are encouraged to discuss the posts in the comments section of each entry- a lively discussion will benefit the entire community.

Please bookmark this site and check in regularly for new content.  Or better yet, subscribe to our RSS feed!

We're looking forward to sharing and discussing all things property on this site!