Are Your Employees the Biggest Threat to Your Cybersecurity?

Posted by: Admin  :  Category: Web Hosting

Linux Cpanel shared hosting: 600 GB disk space, 6 TB bandwidth, free domain, unlimited databases and ftp accounts, web hosting cheap and pro at Hostony

Rather than concerning themselves with malicious hacker groups like Lizard Squad, business owners may want to learn from federal agencies and look at their insiders and employees as the next threat to their company’s cybersecurity. Bumping up company cybersecurity may not be very effective if your employees aren’t well educated on how they can both reinforce and hamper security.

Facts and Figures

SolarWinds is an IT software management company that conducted a survey with Market Communications in 2014 that shed new light on the true threats to the digital security of the military and federal government. For instance, insider data leakage and theft was named by nearly 30 percent of respondents as the largest liability to cybersecurity. Roughly 40 percent of breaches were the result of poorly trained and careless insiders.

An online survey conducted earlier this month by Stroz Friedberg revealed that senior management might be the biggest vulnerability to a company’s cybersecurity. In the survey, more than 50 percent of senior managers confessed to having sent sensitive information to the wrong address, much lower than the 25 percent of employees who confessed to the same blunder. If that wasn’t bad enough, more than half of surveyed senior managers admitted to taking company files with them when they left their positions. Now may be a good time to get in touch with your old employees to see if they took more than just their desk plants with them on their last day.

The Reason Behind the Risk 

Employees and insiders aren’t going out of their way to leave gaps and cracks in federal agency, military and company cybersecurity. There are instances where survey respondents simply didn’t have the money required to beef up security. Competing priorities was another reason for lax cybersecurity, in addition to complex internal environments. While it’s entirely possible for users to set up their own cybersecurity measures, many of them may not truly understand just how intricate digital security is, or how their online and electronic environments truly work.

While the rate at which technology is advancing is all well and good, it can also be a unique liability for users who don’t realize just how outdated their software is. There’s also the fact that not all users give their cybersecurity the degree of time and attention it truly deserves. There may be an ongoing problem or vulnerability users have no idea exists, which means that employees, insiders and management may not be aware they need to take action. Any of these liabilities can lead to a company or federal agency operating at a higher-than-necessary level of avoidable risk.

Rectifying the Situation 

Proper education is one of the most powerful and effective methods of boosting cybersecurity no matter if you’re protecting your personal files and information or the personal and classified data of federal employees. In October of 2014, the Department of Energy realized just how many gaping holes there were in the infrastructure of its cybersecurity. Rather than repeating the DOE’s mistakes, you can instead learn from them and use them as a cautionary tale.

Make sure that your information security staff receives proper and regular training on the full scope of their responsibilities. The identity of anyone who logs in to or out of any system should be recorded in order to easily identify where and how a potential security threat may have started. Officials should also keep a close eye on anyone who either deletes or alters any information. Not only should cybersecurity policies for system use be established, but employees should also be made aware of what those policies entail and if they ever change.

Other things you can do include taking regular inventory of technology equipment and creating reports for any stolen or lost assets. All of this might sound tedious and time-consuming, but these methods could also keep your sensitive information safe and in your hands where it belongs.

The True Cost of Recovering From a Cybersecurity Breach 

Even the smallest of data breaches can result in major expenses if the stolen information was particularly sensitive. In many states, companies are legally required to inform their customers if they even suspect their cybersecurity was in any way compromised. Not only does this take time away from regular day-to-day business activities, it can cost as much as $ 30 to properly notify each customer. This cost can mount even further if it turns out the suspected cyber attack was an actual attack. When the Department of Energy fell prey to a cyber attack in 2013, it was reported that more than approximately $ 4 million was spent on the cost of recovery.

Linux Cpanel shared hosting: 600 GB disk space, 6 TB bandwidth, free domain, unlimited databases and ftp accounts, web hosting cheap and pro at Hostony

In addition to a loss of finances and resources, companies and federal agencies also have to worry about a loss of confidence. Current customers and potential customers are sure to think twice about dealing with or entrusting their private information to a business or organization that has sustained a cyber attack in the past. This ripple effect can last for months and possibly even years to come, spreading to shareholder value, financial performance and corporate stability.

The truth is there’s really no way to determine for sure how much a potential or actual cyber attack can cost, no matter if the culprit is an employee, insider or hacker. It’s common for companies to underestimate how vulnerable they are to a security breach, regardless of how sophisticated and up-to-date their security measures might be.

Account for Every Contingency

Even if you already have an insurance policy that covers data security, there’s a chance it’s limited to only certain exposures and includes dedicated limits. As you’re upgrading your security and making sure your employees and insiders are well informed on new and current security measures, talk with your insurance provider to see how protected you actually are from a cyber threat. It’s always best to have more insurance and assurance than you think you may need.

No matter how busy companies, federal agencies and individuals may get, it’s essential they all take time out to learn about major threats to their cybersecurity that exist interiorly and exteriorly. Keep your digital kingdom safe behind gates reinforced with education, preparation and preservation.

Top image ©GL Stock Images

whg_banner.new.10k

Web Hosting Geeks’ Blog

Linux Cpanel shared hosting: 600 GB disk space, 6 TB bandwidth, free domain, unlimited databases and ftp accounts, web hosting cheap and pro at Hostony

Hey, We Are Employees Too! (Why Is There a Resentment for IT Pros?)

Posted by: Admin  :  Category: Web Hosting

In the company I’m working in and the companies I’m providing consultancy services, I always feel a little bitterness both from the management and from the end users. I can safely say that government tax officials are more welcome than myself, no matter how I behave or what I wear. Really, am I the only one feeling like this? No. I have spoken this issue with many colleagues and they admitted that they feel the same when they leave their inn and join other employees. It seems that non-IT personnel simply sees us as people that do not belong to where they belong. It seems like we are not considered as yet another employee; say an accountant’s first impression on a marketing person is way positive compared to the impression on an IT person.

The IT pro image on people’s minds are shaped with the 80’s/90’s movies, where geeks are sitting in a dark rooms in front of monitors(green text over black background), typing commands furiously in incomprehensible languages and breaking into systems, fueled by coke/beer and potato chips/pizza. This image still keeps. No matter what an IT pro becomes, no suit or business jargon can erase this image. We are bunch of geeks hiding our secret craft from the mere mortals, speaking in a sci-fi language. I doesn’t matter if we sit down in the same cafeteria, eat the same meals, use the same public transports, we are incommunicable geeks.

This image is complicated further by the fact that almost all of the world’s businesses depend on information technologies and IT pros are the side effect. Even if you are running a one-person shop, you still need a computer somewhere to perform some tasks and you need an IT pro to keep your computer up and running and to keep your data safe. On the other hand, IT pros are generally types that do not want to rely on somebody else. This creates a one-way relationship and causes avoidance on the non-IT side at the very best.

The reliance on IT pros, especially in terms of data, no doubt gives IT pros the power. In an enterprise all the databases, personal and shared files, emails, archives, backups are managed by the IT department. It is the IT department who accesses and controls such data. This access to and control of the data and the information is unparallelled in the enterprise. Knowledge is power and IT controls it. That makes IT too big and too intrusive.

IT professionals are also seen as a threat to employees’ jobs. It is the IT pro who disables a person’s account when his employee contract is terminated. This makes people see the IT pros as the one who terminates their job while the truth is IT pro is no different than a human resources personnel who sign the termination papers. The other departments involved in the termination process – the boss, manager, human resources, personnel, security – are not blamed as much as IT.

The expectations from the IT professionals are sometimes much more than any expectation placed on any other profession. The ultimate expectation is an immediate resolution of an impossible problem. And this happens daily, a couple of times. A secretary’s broken down computer has to be repaired ASAP. It does not matter if you have other support incidents and requests in the queue. It does not matter if you are in the critical stage of a process. That computer needs to be fixed now. No response time is fast.

And this support must be provided over the telephone without any diagnosis: “I told you it is not working” is all that an IT pro needs to know to solve the issue. IT Pros are expected to understand and solve the problems over the telephone with the information supplied by a person who has no or little understanding about the issue. As expected, the level of support provided will vary from mediocre to impossible. The support person needs to see the problem, which almost always involves having direct access to customer’s hardware. It does not matter if the support person is well trained, dedicated and persistent. Working with no information is simply not possible. It is interesting to note that no doctor is expected to diagnose a patient over the telephone without seeing him, but people cannot think the same for the IT professionals (including my dad).

Once people realize that you get a hold of gadgets (read: servers, operating systems, access points, switches, remote connections), the line between IT support and personal support diminishes. BYOD has also contributed to this blurring line. Yes, we have to solve your connection issue on your tablet as per the company’s policy but we don’t have to understand why this game crashes from time to time on your shiny new smartphone. On the other hand, the knowledge gap between the customer and the IT pro is widening every day. Once the users knew how to find their ways with their gadgets, now they are “simply tapping it and it is not happening.” Both this gap and the blurry line works against the IT pros’ image.

Finally, we are expected to make the impossible. We are expected to provide 24/7/365 support and 24/7/365 availability of the systems. It does not matter if we are operating in a complex environment with different hardware and software vendors, grift application infrastructures and complex equipment. Gmail can be unavailable, that is fine. Outlook.com can be unavailable, fine, you can try a few minutes later. Company’s email system is unavailable? What is the IT people there if they cannot keep the mail server up and running? When will it be fixed? Still they didn’t find out the issue? Bah, they are paid so well but cannot manage a simple email system.

These are our findings about why IT professionals are considered as “the other ones.” Looking at the issues from the other side’s perspective, I cannot say they are at all wrong. My personal experience says these perspectives come to normal when we, the IT pros, have our coffee with the employees on the non-IT side and tell them a little about our problems. Not in an our regular jargon, but in a way that can be understood by everyone. Be sure that the bridges will be built.

Featured Image:

Web Hosting Geeks’ Blog

Are Your Employees Killing Your Business?

Posted by: Admin  :  Category: Web Hosting

While the world seems to be watching Honey Boo Boo to see what outrageousness comes next, I love tuning into Restaurant Stakeout and Bar Rescue and even the latest non-food, see-how-your-employees-are-destroying-your-business show that does the same makeover with tattoo parlors. I love it because bad employees and horrid managers are caught in the act of destroying the owner’s business and usually fired on global television.

The premise is simple; some clueless restaurant owner can’t figure out why business is so bad and they’re teetering on the edge of bankruptcy, so they contact the show producer and one of the show hosts, a man with many years of experience, usually owning their own successful restaurant or bar (or tattoo parlor) plants cameras and microphones all over the establishment for a week and occasionally sends in fake customers to test the staff and make personal observations.

While the business owner watches the video and listens to the audio from a remote location, we witness things everyone hates about dining out; rude waitstaff, horrid food, dirty tables, etc. While the hapless owner sits in horror at how his/her business is being run in his/her absence, the host of the show screams at them about allowing such behavior and keeping such bad employees.

Once the owner is steadily retching up on the floor of the remote location, the host takes him/her into the establishment, rounds up the staff and informs them all that they have been on camera for a week and faces go pale white. They know they’ve been caught and there’s no lie convincing enough to dispel the poof of witnessing it all first hand via modern technology… although Candid Camera did it over fifty years ago.

The palm-to-forehead moment is when a terrible employee keeps their job. In one show, a bartender is stealing $ 200-$ 1,000 a night from the bar. The owner, who is about to lose his business, car, house and life savings is told by the expert host to fire the man as an example to other employees that stealing and waste will not be tolerated. The owner, instead, tells the bartender that he is getting a second chance. The other employees’ mouths drop open, almost to the floor.

The host convinces the bar owner that he has to fire this worker and the owner finally does so (after the show is over, subtitles tell of how business has increased in these eateries/bars but in this one show, it notes that the owner hired back the fired bartender).

Amazing Truths

This really isn’t so odd for any business – large or small. While working for a small design firm, owned by a husband/wife team, key employees were roadblocks to success. The business ran on top-level design ability in the market and had a great name within the industry. A steady stream of regular customers kept everything afloat and everyone well paid. With all of the incoming traffic, the sales manager didn’t have to work very hard. Come in late… just before the bosses, read the paper and chat on the phone with her boyfriend or her sister, wait for the bosses to leave and then skidaddle for the day.

When the owners would take four-day weekends, the sales manager would disappear into one of their offices and sack out on the couch for a little nap for most of Friday and arrive by noon the following Tuesday, just before the owners would traipse in, rested and relaxed, ready to yell at certain employees for not working hard enough… but never the sales manager. Then business started dropping off.

As it became harder to meet salaries and pay bills, the owners got nastier and the screaming got louder, usually echoed by the sales manager with fingers pointed at all other employees. Some employees left. The rest of us went to one of the owners to tell tales of afternoon naps, newspaper reading and nothing being done to actually bring in new clients. We were dismissed as liars because no employee could act in such a disgraceful way. We took photos of the sales manager sleeping on the couch. We mounted a clock behind her desk and took photos of her reading the paper, noting the clock time in the shot. The owner was indifferent. Had smaller video cameras or cell phones been around at the time, it would have made for better evidence, if only the owner would want to see it.

To make a long story short, the owner was finally forced to let the sales manager go when things were too late to be saved and the studio closed, happily ever after.

The same thing goes on at large corporations, too. The larger the company, the easier it is to hide incompetence within a larger number of employees. At one former employer, a large, global corporation, there were tales of the late owner, who had built the company from humble beginnings of products held in shoeboxes. With careful and involved leadership, the company grew and grew but stories of him walking hallways, visiting departments, sitting in every meeting he could told of an owner who was involved in every aspect of his life’s blood. When he passed away, his son took over and due to the size of the company, managers and human resources were trusted to stand watch over a growing number of employees. As you can guess or have witnessed for yourself, human nature also took over. Favoritism, jealousy, backstabbing and other judgments not based in business decisions for success will promote stagnation and downfall no matter what the size of a company.

In an article appearing on CarerBuilder.com, the following advice is given on the cost of a bad employee:

Many managers are uncomfortable addressing the issue of a “bad employee.” It is a fact of managing people that not every employee will be excellent at every job. The first challenge is separating your employees into the following groups: star players, good employees, and bad employees. If your company is larger than 10 people, there is a really good chance that you have at least one bad employee.

While debating whether to continue investing in an employee or to let him go, the writer of this article had a very enlightening conversation with a co-worker. The co-worker asked, “What would happen to your team’s efficiency and effectiveness if you replaced your bad employee with someone as good as your star player?” The answer will be different for every manager who reads this article, but for me it had three parts: 1) it freed up my time to become a better manager 2) it showed the rest of my team that good performance was recognized 3) the bad employee’s replacement increased our team’s throughput by three times.

When cancer enters the body, it spreads grows and spreads throughout if gone untreated. A bad employee can be like cancer within a company. Strong negativism, a poor attitude, backbiting, and incompetence can spread quickly within any organization. Co-workers of a bad employee notice the issues and typically try to fight off resist catching the negative traits. However, such traits are contagious and can severely hurt or even kill a company. A bad employee will eventually affect your employees, customers, and product/service’s quality.

If you have ignored a bad employee, and the “cancer” has spread in your company, you can correct the problem. First, you need to get rid of your bad employee. After the dismissal, you must address your remaining staff. Not being candid about the firing can cause a fast wave gossip to spread throughout your company. Identify a few key reasons for the dismissal, that should have been obvious to their co-workers, and hold a meeting. Briefly share your thoughts and give your employees a chance ask questions. Be sure to give honest answers. NOTE: It is very important that you do not bash the bad employee in this meeting. Be respectful of him/her as a person and let your remaining staff, who may have an after-hours relationship with him/her, know that you hope he/she quickly finds a great job where he/she can excel.

MSN has a more frightening outlook on the cost of a bad employee, and rightfully so when you see their figures:

They may not have experienced the type of public-relations nightmares that Netflix experienced from its ill-conceived decision to launch Qwikster, or that Yahoo saw after firing CEO Carol Bartz over the phone, but two-thirds of American companies say they’ve made business mistakes this year that they wish they could take back. Many of those mistakes, according to a new survey, came in the form of bad hires, the results of which ended up costing them more than just bruised egos.

According to a new CareerBuilder survey on the cost of a bad hire, 69 percent of employers reported that bad hires lowered their company’s productivity, affected worker morale and even resulted in legal issues.

Forty-one percent of companies estimate that a bad hire costs more than $ 25,000, and 25 percent said it costs more than $ 50,000.

While some mistakes are beyond the hiring manager’s control, there are ways to avoid hiring the wrong person. “The more thoroughly the candidates are vetted, the less likely they will be a poor match,” says Rosemary Haefner, vice president of human resources at CareerBuilder.

Haefner advises employers to allow job candidates the opportunity to meet as many employees in the department as possible, especially if they will work closely together. Also, candidates should provide ample evidence to show they have the skills and work experience required for the position.

Hiring mistakes happen – but why?

When asked to give a reason for the bad hires, 34 percent of employers said sometimes things just don’t work out. However, a rushed decision topped the list of reasons companies gave for making a bad hire.

  • Thirty-eight percent of employers said they needed to fill the job quickly.
  • Twenty-one percent say not knowing enough about job candidates contributed to bad hiring decisions.
  • Eleven percent didn’t perform reference checks.

The price of a bad hire adds up in a variety of direct and indirect ways. For example, 9 percent of companies said bad hires resulted in legal issues and 11 percent said they resulted in fewer sales. The most common effects of a bad hire are:

  • Lost worker productivity: 41 percent
  • Lost time to recruit and train another worker: 40 percent
  • Costs associated with recruiting and training another worker: 37 percent
  • Damage to employee morale: 36 percent
  • Damage to client relationships: 22 percent
  • How bad is bad? Characteristics of a bad hire

When it comes to what makes someone a bad hire, employers reported several behavioral and productivity-related problems:

  • Failure to produce the proper quality of work: 63 percent
  • Failure to work well with other employees: 63 percent
  • Negative attitudes: 62 percent
  • Immediate attendance problems: 56 percent
  • Subject of customer complaints: 49 percent
  • Failure to meet deadlines: 48 percent

The Bard’s Lesson

But if you can’t count on the checks and balances of managers, performance reports and human resource investigations, then what can you do?

In Shakespeare’s Henry the Fifth, on the eve of battle, Henry, sensing there is trouble among his belleagered troops, dresses as one of his men and walks among them to find out what they think of him and his plans. In Mark Twain’s A Conneticut Yankee in King Arthur’s Court, King Arthur dresses as a peasant and suffers indignities he didn’t know existed among his people.

While Twain may have borrowed the lesson from Shakespeare, former New Jersey Governor, Richard Codey, dressed as a homeless man to discover what was wrong with homeless shelters in the state. Many newscasters as well as writers and filmmakers have taken to experiencing problems of people and places by becoming an insider. Often the problem is discovered but never, unfortunately, acted upon quickly enough. People will tell you the “Henry Investigation” is too difficult for modern corporate CEOs to pull off.

There is one other TV show I enjoy; Undercover Boss. Another Arthurian adventure being one of the workers except the premise puts the emphasis on not what the employees may be doing to hurt the company but how the company’s policies hurt engaged and dedicated workers. It does show that it’s still possible for a business owner, albeit with a little makeup, false moustache and being dressed down, can see first hand where problems may lay in their company. In a worst case scenario, there are investigative firms that specialize in planting people among employees in a company to gather information on why there may be low employee engagement and spot problems.

The only stopping block after that is to ignore their findings, but that would be bad business. Sometimes, no matter how many bad employees may be causing problems, it always falls on those in upper management to stop killing their own business.

Images ©GL Stock Images


Web Hosting Geeks’ Blog