November 24, 2015 by The GLS Team
With the holiday season quickly approaching, and with Black Friday and Cyber Monday waiting patiently on everyone's collective doorsteps, businesses need to prepare for the onslaught of heightened cyber activity. There is no doubt about it: the holidays are a risky time for businesses, in more ways than one.
Security Relating to Online Shopping:
Online shopping is increasing in popularity for many reasons, many of which relate to simplicity and ease of use. Unfortunately, this can become problematic for business owners whose employees tend to use the company's network for their own personal use. Unfortunately, cyber criminals have access to sophisticated technology, allowing them to use even the smallest snippet of information as a weapon against small and medium business owners.
1. Encourage employees who may go on an online shopping spree on Cyber Monday to avoid using their debit cards and remind them the company’s network is not for personal shopping.
2. It is also of utmost importance to use personal email addresses rather than those used for work purposes. Using work email addresses indiscriminately could potentially open up the company to malicious cyber attacks from hackers who connect the employee to the business, sending fake invoices or receipts that contain malicious code.
3. Of course, and this is key, employees shopping online should, under no circumstances, repurpose their work-related passwords when signing up at any e-commerce store.
Security Relating to Behavior in the Workplace
Email security and general online security can become problematic over the holiday season. This is not surprising, considering the fact that people are more active online during this period. In addition to the usual antivirus and antimalware installations, business owners need to keep a finger on the pulse of online activity in general. More often than not, employees use their smart devices and computers both for work and personal purposes, as few people can afford both. If the correct security practices are in place, the chances of a breach substantially decrease.
4. Holiday scams have no borders, as globally individuals are being sent fraudulent gift cards from “anonymous” senders labeled “secret admirers.” In addition, coupons that seemingly come from trusted companies continue to lure in individuals with offers that are too good to be true. A few months ago, PCWorld reported on malware spreading across Android devices in text messages that promised free Amazon gift cards but instead delivered spam to everyone on the device’s contact list.
Furthermore, delivered through emails, text messages, and social media posts, these scams are hard to separate from legitimate gift cards or coupons. Encourage employees to stay vigilant and to not click on offers or download any attachments that come from unfamiliar senders. If they believe the gift to be legitimate, encourage them to contact the recipient via the traditional form of communication at his or her trusted email address or phone number, verifying the gift was from them.
5. In some cases, employees tend to do a fair amount of traveling over the holidays. For this reason, it may be a good idea to register employee devices with a tracking system that is able to locate lost or stolen devices, and remotely shut them down as necessary. If a device that is linked to the business network falls into the wrong hands, malicious attacks become a very real threat for the business.
These five tips, whether they seem simple to you or not, are useful to remember. Modifying digital interactions in the workplace by even a small amount can make a world of difference.
Find out how to keep your employees safe this holiday season contact us to learn how.
November 19, 2015 by The GLS Team
Technology is constantly evolving and as the evolution continues, everyday people require an increasing amount of personal property to be shared with other people and businesses’ electronic devices. This is exemplified through the dependency our culture has developed with our smartphones. Objects that were once used simply for placing and receiving phone calls have become vehicles for text messages, tools to keep us organized with lists and reminders, and to also help us retrieve our email messages while granting us access to the Internet. Cellular phones keep us connected to the world and have become part of the Internet of Things (IoT).
The IoT goes beyond obvious devices such as phones and tablets and extends to any machines that engage in machine-to-machine (M2M communication) such as heart monitoring implants, car sensors, and biochip transponders. All of the available information surging through our devices requires us to act with prudence and enact a set of best practices to follow in order to make sure our identities and information remain safe.
The FBI put together a list of some additional IoT devices:
• Security systems, including video monitors in nurseries
• Wearable fitness devices
• Smart refrigerators or TV’s
• Fuel monitoring systems
One of the best courses of action, before you begin using any IoT device, is to make sure it is secure and will not harm your system or information. The FBI also pointed out, “devices with default passwords or open Wi-Fi connections are an easy target for cyber actors to exploit.”
Be sure to password protect all devices with strong passwords.
In addition, Dell suggests the following four strategies to make sure you are safe and secure while accessing IoT devices.
Put security first
As with all Internet activity, it is vital that everyone acts within the framework of keeping information secure; IoT is no exception to this rule. When IoT is developed, security is rarely a major consideration. So, it is incumbent upon the users to make sure their information is secure. Anyone who uses an IoT device should make sure their information is encrypted from either the data center or the cloud all the way through to the end point. Using a holistic approach that includes addressing endpoint security, network security, and identity and access management. People who utilize IOT devices should also be aware of the devices they use to collect data to make sure they are secure and not accessible by hackers.
Research your devices
Before you use any IoT device for accessing your system, make sure you research it thoroughly. Don’t use any device before you know what it does and how it does it. Knowing what the devices do and understanding how they access information is an important aspect of remaining safe. It is also vital to know who the ultimate owner of the information collected from the device is.
Audit your network
It is important to have a strong grasp on how your network is running. Perform an audit of your networking system to know exactly what is accessing the system, when it is doing it, and what it does when it sees data. This will allow you to make any changes that are necessary to increase your security. Although this step is of utmost importance for a business, any individual using a network of devices is advised to audit that network as well.
Compartmentalize your traffic
The best way to keep every device safe is to employ a “no-trust” policy. All IoT devices should be on a separate network rather than someplace where they can interfere with corporate data.
The Federal Trade Commission also emphasizes the importance of data security when dealing with IoT devices. They suggest taking these additional actions as a course of best practices when using IoT devices:
Both businesses and consumers need to be careful about the amount of data that is accessible through the use of IoT devices. Companies need the flexibility to maneuver around new uses of data, but it must be balanced with limiting security risks to both the company and its customers. Minimizing the amount of data that is collected and used through IoT devices helps to preserve the privacy of customers and also helps to prevent a data breach.
Notice and choice
It is within the best interests of a company to provide customers with disclosures and choices in regards to the information for which they ask. However, it is important for consumers to be cognizant of what is being asked of them and understanding about why the information is requested and for what purpose it is being used.
Modern technology is going to continue to advance, and we, as a culture, must advance with it. As we progress with technology, we must be aware of how we access information through electronic devices can affect us. As long as we use the Internet of Things, it is important to be mindful of the security risks involved and know how to combat them.
November 03, 2015 by The GLS Team
Ethics in the workplace starts with the law, and with a firm compliance to all relevant business regulations and legal frameworks - but it doesn’t stop there. Sound workplace ethics are based on a fundamental understanding of what is right and wrong, and a commitment to making the right decisions in the workplace arena. Ethics are all about a system of morals, and workplace ethics is about how to apply morality at your job. As a business owner or manager, there are few things more important to a functional workplace than a sound understanding of ethical issues.
Without a proper focus on workplace ethics, any office can quickly become bogged down with ethical issues, which tear teams apart and set businesses up for failure. But, through an effective workplace ethics training program, you can address morality as it relates to employment law and practices - protecting your workplace’s future moral standing. Here are just a few examples of ethical issues in the workplace that a proper training program can help your business tackle.
Ethical Issues in the Workplace
Potentially uncomfortable subjects like workplace harassment need to be covered, and a strict prohibition on any behavior that makes others feel unsafe needs to be stressed. Larger systemic issues like workplace discrimination need to be acknowledged and tackled head on, and a firm line in the sand needs to be drawn to emphasize that such unsavory behavior will not be tolerated. All of these larger workplace regulatory issues are crucial to address. However, a good ethics training program needs to reach beyond just the letter of a law.
In the 21st century workplace, there are more ethical pitfalls in the workplace than ever before. For starters, the presence of powerful technologies in the workplace makes a firm understanding of technological etiquette crucially important. Employees need to know what is appropriate when using the internet and email services in the workplace. They also need to be instructed on how to avoid potentially dangerous malware and other technological issues. Beyond just awareness, ethical training needs to focus on how something as seemingly small and harmless as a misuse of the Internet can effect a company, and doing the right thing means doing the right thing all the time - even as the temptations of technology can overwhelm employees’ better judgements.
Beyond just focusing on proper workplace email and internet ethics, ethical workplace training in the 21st century needs to focus on how these technologies make it easier than ever to compromise the security of important confidential business information. Employees need to be instructed on the importance of keeping confidential business information secure. They also need to be informed that doing the right thing means being highly aware of the security of workplace information systems. There are hundreds of ways that important, confidential business information can be compromised if employees aren’t careful.
How Can Workplace Ethics Training Help?
For starters, workplace ethics training helps employees clearly understand what is right and wrong in the workplace. Issues like internet and email usage may feel vague to some employees. But, after a workplace ethics training, there should be no question about what the right thing to do is.
Additionally, workplace ethics training stresses the consequences of making the wrong decisions at work. Those consequences can be big picture, like damaging the company you work for if confidential information is leaked. They can be smaller and more individual, involving disciplinary action.
Workplace ethics training helps provide a safe and healthy work environment, protect information technology resources, avoid conflicts of interest, form appropriate relationships with others, effectively and ethically connect with customers, and play fairly with competitors. It is driving awareness to ethical business practices to ensure your employees are aware of best practices and representing your organization in an ethical manner.
Through the various training programs offered by Global Learning Systems, companies can effectively invest in the human capital of their workforce in an effective manner that better prepares workers for the evolving workplace challenges of the 21st century.