The Food Safety Modernization Act (FSMA) has prompted grain handlers and feed manufacturers to adopt a proactive approach in preventing foodborne contamination. Pathogens and sanitation concerns aside, one fundamental consideration to any food safety or HACCP plan must take general security into consideration, i.e., the intentional or unintentional contamination of foodstuffs by internal or external entities.
“Anyone along the supply chain who has access to the food product or an ingredient is a potential threat,” says Mark Powers, vice chair of food defense and agriculture, ASIS, an organization for security professionals. “It is unlikely a terrorist is going to come to the United States and attempt to infiltrate a manufacturer in order to introduce a contaminate into the food supply. The scenario playing out every day in the United States is the disgruntled worker who doesn’t understand that the actions they take will have greater consequences than they may intend.”
Powers, who has worked in counterintelligence at Fort Knox, draws his expertise from a 25-year career in corporate security — having spent the last 10 years specializing in food defense for two of the largest U.S. food and beverage companies.
According to Powers, the danger of a disgruntled worker employee lies in the fact that they likely know more about a company’s systems, processes and weaknesses than management.
Identifying internal threats
One way to screen for potentially troubled employees is to conduct thorough background checks on all new hires. Powers suggests that a criminal background check isn’t enough. “In addition to making the standard reference calls and conducting drug screenings, performing a two-tier reference check, one where you ask the original reference for additional names, will give you a better idea of what the individual is like,” he explains.
Once hired, the consistency of management’s enforcement of policy and their approach to discipline dictates how employees act. For example, if management creates an environment in which any behavior out of the norm is not tolerated, troubled employees will likely expose themselves or will be reported by their peers. He suggests companies should provide a mechanism that allows employees to feel comfortable reporting violations, and when an incident occurs, employers should take swift action to demonstrate their commitment to maintaining standards.
“In my experience, companies who have quickly addressed issues have fewer incidents overall; however, sites that are more lackadaisical in their enforcement of policies find themselves on a slippery slope and they subject themselves to more risk,” Powers says. “If you interview employees after the fact, some may have known what was going on, but chose not to report it because past complaints had been ignored.”
Disciplinary challenges such as sloppy work, hostile behavior, tardiness issues, etc., may indicate that an employee is a risk; and these actions should be analyzed in total. Proper documentation and coordination with human resources can help management make decisions on employee issues as a team before they become a problem.
If an incident does result in a criminal investigation, investigators will ask for records and inquire about employee behavior to determine who may be the perpetrator.
“If you’ve ignored the red flags, you’re putting the company in a bad position,” Powers explains.
“Site security is not always about electronic wizardry or spending a lot of money to get a lot of return on your investment,” Powers says. “It’s about having the right processes in place to ensure the steps you want to take or have taken to protect your product or ingredient are consistently implemented.”
For example, a feed mill’s policy may cite that all visitors on the property must register to enter. This process may require visitors to provide a valid ID or sign in at a checkpoint or in the office.