Category Archives: Business

Keep your network secure

Are you tiring of users continuously badgering you to get corporate network access for their mobile devices?  Does your corporate management want to buy tablets for the sales team? If so, your small- to medium-sized business (SMB) needs to start proactively addressing mobile security breaches such as malware.

 

Modifying your existing security policies and protocols, establishing new policies and educating your mobile workforce are economically sound frontline solutions for securing your corporate enterprise and trade secrets.

Here are some tips on how to address mobile device security breaches beforethey happen:

  • Establish corporate information access guidelines. It’s important to pre-determine how mobile device users will access corporate information. Will users download data to devices? Will they access the data remotely? The answer will vary from company to company, so be sure to consider your situation uniquely.  If your company has to be in compliance with a regulatory body like PCI Data Security Standards (DSS) or the Health Insurance Portability and Accountability Act (HIPAA), then consult with your auditor before enabling network access to mobile devices.
  • Establish device control policies. Bring Your Own Device (BYOD) can be full of benefits like saving on corporate hardware purchases and increasing productivity for your mobile workforce and SMB. However, the negatives can outweigh all those positives when a BYOD device brings malware into your network. Create a policy that governs how your corporate IT staff can gain control over a personal device, while maintaining your network security. Include information about how to keep personal information private (e.g., via a mobile device backup strategy that doesn’t touch personal data) and define corporate ownership over data and applications.
  • Enforce device-level security.  Both corporate-owned and personal devices should have secure passwords and screen locks; document this requirement in your mobile device policies. In addition, make sure it’s clear that both personal and corporate mobile devices maintain up-to-date corporate-approved (and preferably corporate-managed) antivirus and security software installed to guard against malware and other security risks.
  • Develop and deliver mobile workforce security training. Education can be just as powerful a security tool as technology. Develop and deliver mobile workforce security training built around keeping your mobile workforce productive and prepared to be the first line of defense against malware and other security threats to their mobile devices. Spell out your corporate policies and include a participant sign-off stating that they understand and will abide by the policies.
  • Determine deal breakers for your mobile device policies. In establishing mobile security policies – regardless of your industry – there are going to be deal breakers when you have to deny certain user requests.
    Deal breakers might include devices not running the current version of its OS, or they may be jail broken. There should also be a defined escalation path for deal breakers so the denial can be dealt with in an official manner with reasons formally documented in your mobile device security policies.

Cloud for Superior Customer Service

Along with enduring root canals and eliminating malware, dealing with customer service call centers probably ranks near the top of the “most painful experiences in life” list for many people.

Causes for the discomfort include: complex telephone trees that require a preposterous number of key presses to get anywhere; interminable hold times; agents who lack all but the most child-like expertise; and, most maddening: when a customer finally connects with someone who might actually help — they are frequently disconnected.

 

There has to be a better way. And, there is… in the cloud.

Cloud-based services and applications are making headway into reducing this customer service mess, allowing small business owners to affordably improve the customer experience with cool features that people love, including social media and mobile device interfaces.

 

The importance of customer service management (CSM)

According to a ClickFox survey

  • More than 50 percent of disgruntled customers will spread negative information to others in their social circles.
  • More than one-third of unhappy customers will completely stop doing business with a company that has wronged them.
  • Even worse, 60 percent of those people exposed to these negative comments in social media are influenced by them, meaning most people will avoid you if their friends say you stink.

Not only does this represent lost revenue from these particular customers, but it can wreak havoc on SMB marketing efforts (and budgets) that now have to overcome not just their competitors’ advertising messages but also the negative perceptions and bad word-of-mouth caused by these unpleasant customer service experiences.

 

Cloud solutions

Placing your customer service in the cloud better meets the expectations of customers who are increasingly connected to the web via mobile devices and, therefore, expect instant answers. Rather than deal with a call center, many even prefer self-service answers for their support issues, searching online to bypass traditional help desks altogether.

Businesses can enable this migration of customer service functions with an ever-increasing list of services, including Zendesk, Service Cloud, Desk.com, Parature, and Zoho. Most provide not only traditional phone, email and chat functions, but also integrate with social networks such as Twitter and Facebook to offer robust self-service options.

Mobile-specific CSM apps include Gripe, available for both iPhone and Android, which enables consumers to vote positively for a company with a “cheer” or complain with a “gripe,” both of which get posted to their Twitter and Facebook accounts while also messaging the company’s customer service department for quick resolution.

Managers Give Performance Reviews

In their current format, performance reviews are considered a waste of time by most managers and employees, new research finds. A study from Adobe found that more than 60 percent of both employees and bosses believe that performance reviews are outdated ways of managing performance. In addition, nearly 60 percent of employees think traditional reviews have no impact on how they do their job and are a needless HR requirement.

Currently, nearly 90 percent of the U.S. office workers go through structured performance reviews, which include written reviews, often with rankings and ratings, on a required timeline. [See Related Story: Forget Performance Reviews! This Works Better]

For managers, the traditional evaluation process can be quite time-consuming. The research found that, on average, managers spend 17 hours per employee preparing for a performance review.

“The findings from this survey show how time-consuming, cumbersome and demotivating performance reviews are for many employees,” Donna Morris, executive vice president of customer and employee experience at Adobe, said in a statement.

The study discovered that the current performance review structure used by many organizations causes a tremendous amount of stress among employees. Nearly 60 percent of employees said performance reviews put them in competition with their co-workers, and 61 percent believe that their ratings and rankings cause their boss to play favorites.

Reviews were found to be especially tough on younger employees. More than one-third of millennials surveyed reported crying after a performance evaluation, while 47 percent said they have looked for another job after a review. Another 30 percent said they have quit a job because of a performance review.

If employers don’t change how they conduct evaluations, they could have a hard time holding on to their youngest workers. More than 60 percent of the millennials surveyed said they would move to a new employer that didn’t have formal performance reviews, even if their pay and job level remained the same.

 

Endpoint Security Strategies

For those reluctant to say goodbye to signature-based malware protection, read on for the first of a four-part series that delves into why small and medium-sized businesses should rethink their current solutions and explore cloud-based strategies for endpoint protection.

 

We are gathered here today, with not-quite heavy hearts, to say farewell to a constant companion. Our “friend” was part of our daily lives, popping up at the oddest times, seemingly just to say “hi,” or – as in any other high-maintenance relationship – demand we drop everything to give it some attention right now.

Imperfect, needy and often intrusive, we nonetheless tolerated its presence as a necessity in this cruel, crazy world full of bad guys – until something radical came along that made our “friend” a casualty in the unceasing conflict that can be called “The Malware Wars.”

The radical new element in the fray? The cloud. So, join us in saying, “Rest in peace, signature-based antivirus program,” and, “Hello, cloud-based endpoint security strategies.”

 

The changing world of web threats

Signature-based antivirus protection arguably peaked in the late 1990s and has been playing catch-up with the blackhats ever since. File injection and other basic virus types were mostly supplanted by Trojans, worms, backdoors and other stealthier nasties, which the big antivirus companies responded to slowly, as these threats did not fit their model of a virus.

Demonstrating how ineffective some solutions are to this day, the notorious 12-year-old Back Orifice 2000 Trojan is still infecting machines, and one out of three web malware encountered in 4Q 2011 were zero day threats, which are completely undetectable by signature-based schemes.

Hackers are also increasingly using social media scams and phishing, with even LinkedIn notifications becoming fair game for delivering exploits. It is clearly a more complicated world in the security space, and only getting worse.

 

New devices, greater risks

Apart from this ever-present development of increasingly sophisticated malware, endpoint security strategies must take into consideration the proliferation of mobile devices used to access workplace email accounts, enterprise Wi-Fi connections and even corporate VPN tunnels. From a security viewpoint, this is a nightmare, especially because mobile devices are fast becoming the number one target for hackers, with both the iPhone and Android devices being compromised in greater numbers.

As downloading antivirus software and updating signatures on every single employee-owned device by IT personnel can prove impossible even for SMBs, it demonstrates that the signature-based approach is broken, and any solution needs to be easy to implement on both current and future endpoints for it to be considered viable.

 

How does the cloud fit in?

Cloud-based endpoint solutions protect devices by installing a small agent on them while keeping all of the detection algorithms on the cloud provider’s hardware. They protect against viruses, rootkits, zero-day threats, packet and port sniffing, and other intrusions by auto-detecting suspicious behavior and delivering a preemptive strike against exploits rather than react to an already-infected situation.

Closing the Door to Diversity

On the surface, it seems that using staff recommendations when recruiting would benefit both you and those being hired. However, research suggests that while using referrals does result in a lot of positives, it can hurt employers in the long run. A new study published in the IZA World of Labor journal found that continuously tapping into “job-referral networks” can pose problems for employers who are trying to build diverse workforces. Ian Schmutte, the study’s author and an assistant professor at the University of Georgia, said workers who get hired through referrals almost always keep their jobs longer. This suggests that these kinds of recommendations improve the match between worker and employer, Schmutte said.

So referrals lead to better jobs, where both sides are happier and the jobs last longer,” Schmutte said in a statement. “For firms, it’s more profitable, because they don’t incur the cost of turnover. For employees, there is some evidence [that] those hired through referral earn higher wages.” However, since employees typically refer those who look and act like themselves, this type of recruiting practice can stymie diversity, the study said.

“If this is how most people find jobs, it means that they’re relying on social networks, which tend to be constructed on the basis of social and economic hierarchies that can be based on historic patterns of racial or class stratification,” Schmutte said. “As a result, they can perpetuate inequality or have an ‘old boys’ club’ character to them.” The use of referrals attracts many employers, because they believe it is the most efficient way to hire new employees. “If you’re an employer, you don’t have all of the information you want about a potential worker. You want to know about their character, if they show up to work on time, or are they going to be good at this particular type of task, are they going to fit in with the team, that kind of thing,” Schmutte said. “Referrals can answer some of those questions and reduce the information problems, so economists tend to think that makes the labor market more efficient.” The research argues, however, that while good employees often know and refer other good workers, their networks are often confined to fairly similar social circles.

Family Friendly Workplace Policies

Many employers are realizing that if they want to attract top employees, they need to create a family-friendly environment, new research suggests. Overall, about half of employers have taken steps recently to ensure their employees can spend quality time with their spouses and children, according to a study from the staffing firm OfficeTeam. Specifically, over the last five years, 49 percent of organizations have made changes to workplace policy to better accommodate working parents, while 51 percent have not made any extra effort to make it easier for employees to spend time with their families. “With half of companies offering more family-friendly benefits in recent years, the onus is on organizations that have not kept pace to revisit their policies,” Brandi Britton, a district president for OfficeTeam, said in a statement. “Employers should actively promote their programs in this area to attract and retain top workers.”

One problem employers may have is that they put their resources into perks that don’t influence a working parent’s decision to join a company. The research shows that while 79 percent of employees named flexible hours as the family-friendly perk that would best convince them to work for an employer, just 68 percent of employers actually offer that option.

Conversely, the study revealed that just 3 percent of employees said maternity and paternity leave policies would influence where they decided to work, but nearly 80 percent of employers offer those policies. Additionally, just 2 percent of workers said they want their employers to offer childcare programs. However, 18 percent of the organizations surveyed offer those options. Employers also put resources into adoption benefits, but this area doesn’t affect whether employees want to work for a company, either. The study discovered that 35 percent of businesses offer some sort of adoption benefits, but none of the employees surveyed said the feature would entice them to work somewhere. “Having extra time with family can be a game changer for staff,” Britton said. “Perks like flexible schedules and telecommuting are attractive to all employees, because everyone appreciates work-life balance, whether that means being able to take care of obligations at home or pursue personal interests.”

Recruiting Strategies for Hiring

Recruiting employees can get pretty complicated. According to a report by recruiting platform Jobvite, 95 percent of HR and recruiting professionals think that the process in 2017 will be just as challenging, if not more so, than it was last year. In the 2016 Recruiter Nation Report, 69 percent reported that their company’s hiring has increased in the last 12 months. Thirty-three percent of recruiters surveyed expect to fill at least 100 positions within the next year, compared with 26 percent last year. Additionally, 86 percent do not predict layoffs in their companies.

Because of this, recruiters are offering more incentives, such as salary raises, monetary bonuses, flexible hours and a casual dress code, to make their organizations more attractive to candidates. “Job creation has been steadily increasing ever since the recession, forcing recruiters to double up their efforts to fill positions with quality candidates. But there simply aren’t enough educated, talented and qualified candidates to keep up with the demand,” Dan Finnigan, CEO of Jobvite, said in a statement. “As a result, recruiters must now go above and beyond by creating a compelling employer brand and an exceptional candidate experience to keep their companies growing.”

“Because demand for qualified tech professionals is high and the market is favorable for job seekers, another important step employers can take to reduce turnover is to make sure their staff isn’t overworked and compensation is on par with the market,” he said, noting that long hours are common in the IT field. “If businesses want to retain their most valued staff members, they need to ensure those employees won’t be tempted to jump ship if a job offer comes along.”

Employee Holiday Gifts Ideas

Short on cash, but big on love for your employees this holiday season? Rather than get them coffee mugs or desktop Zen gardens, think outside the box and offer an intangible “perk” gift that will give them warm, fuzzy feelings about your business the whole year long. Gifts that focus on demonstrating your deep gratitude for your employees and their efforts don’t have to cost a lot (or anything at all), but chances are, they’ll appreciate those gifts more than something you spent money on. Here are a few ideas. Offer a bonus day off Give your staff members an unexpected paid day off to finish holiday shopping, spend time with their kids or do absolutely nothing. Lots of research shows that when employees take time off, it leads to an increase in morale, higher productivity and retention, and even better overall health. In fact, according to a recent GfK survey, 72 percent of managers agree that encouraging their employees to take time off makes these workers more willing to put in longer hours when needed. If you can’t afford to give employees a whole day off, allow them to leave early the day before a major holiday or work from home for a day.

While you are at it, do your business a favor and give yourself some time off, too. The GfK report also cites a 2011 Intuit study that showed that 82 percent of small business owners who took a vacation experienced an increase in job performance when they returned to work. Create a nap space Give your employees the gift of being well-rested by officially endorsing workplace naps. Transform an out-of-the-way corner of the office or clean out a never-used storage room. Equip it with the office sofa or a sleeping bag, a pillow or two, and even a white noise machine, and make it acceptable for employees to take a short nap when their energy is running low. This may be a hard sell, since being sleep-deprived is a point of pride for some people, but as the Harvard Business Review and many others have reported, there is a growing body of evidence that emphasizes the importance of getting enough sleep and its impact on work performance. Once employees take their first cap nap, they will never look back. Plan fun events that celebrate your employees’ interests According to a 2013 study by Deloitte, 75 percent of employed Americans have felt the need to hide at least one facet of their personalities when they’re in the workplace, with 51 percent saying that doing so has affected their sense of commitment to their employer. It can be exhausting and stifling to be all business, all the time. To avoid creating such an environment, offer workplace opportunities for your employees to express their interests and unique personalities. Events like a pajama day or in-house Trivial Pursuit competition don’t cost anything to coordinate, but they let employees know that you value them as individual people, not just as cogs in the wheel of your organization. Take the time to find out what interests your employees and try to work it into an office theme day. Maybe your staff of animal lovers would enjoy a “bring your pet to work day,” or your sweet-tooth employees would prefer a sundae bar one Friday afternoon. Be the reason your employees relax and connect with each other and with you over interests, hobbies and shared experiences.

How to Retain Your Tech Talent

Employers who are not attuned to the needs and frustrations of their IT staff may be facing an increase in turnover in 2017. A recent study released by Spiceworks, a social network for IT professionals, suggests that personnel losses may be imminent for companies reluctant to increase IT budgets and keep pace with technological change. Of the 476 respondents participating in the study, a sizable percentage (37 percent) said they plan to begin searching for a new employer this year, while 26 percent are gearing up to accept a new job. For many IT professionals, the prospects for career advancement at their current place of employment are slim. Fifty-nine percent of those surveyed believe that they’re underpaid, and fewer than 1 out of 4 expects a salary increase greater than 5 percent. Only 12 percent are anticipating a promotion this year, and many are frustrated by the lack of support they receive from company leaders when it comes to prioritizing and funding critical IT projects.

Although a substantial number of organizations anticipates revenue growth in 2017, the Spiceworks study shows that IT budgets will, for the most part, remain flat. Specific concerns emphasized by respondents include data security, up-to-date IT infrastructure, and timely upgrades to end-of-life software and operating systems. Staying on the cutting edge Other than being motivated by higher salaries and the prospect of career advancement, IT professionals are gravitating toward employers that provide opportunities for skills development and IT certification. Cybersecurity expertise is seen by professionals as a vitally important skill set to acquire, with 62 percent saying they plan on pursuing training in that area. A majority of employers, however, do not view the issue with the same degree of urgency. In its 2017 Tech Career Outlook, Spiceworks reports that 55 percent of organizations do not currently employ or contract with a cybersecurity expert, and that companies are often hesitant to invest in security training for IT staff. The good news for IT job seekers, however, is that the tide seems to be turning. CareerBuilder, an HR management and software company, recently characterized the hiring outlook for 2017 as being “the best the U.S. has seen in a decade,” and listed information technology recruiting as a top priority for companies preparing to add personnel. Retaining IT staff Spiceworks’ IT analyst, Peter Tsai, says many IT professionals do not get the hands-on training they need to advance their careers, and that’s one of the leading reasons people are considering changing jobs this year. “One important step employers can take to reduce turnover,” he said, “is to encourage IT pros to always keep learning.” Employers can do this “by offering to pay for the training that IT pros clearly desire, in the form of technical courses, certification exams, or attendance to tech conferences,” Tsai added. Tsai believes that monetary incentives will go a long way toward retaining talented IT staff, but he says other key factors need to be considered.

Mobile Device Management That You Need

Visions of kicking back and working from the beach with a piña colada in one hand and an iPad in the other are no longer just flights of fancy for many workers. Businesses are finding that it really is possible for employees to work remotely on their own devices without losing any productivity.

 

As a result, many companies are measuring the benefits of employees working remotely against the logistical issues inherent in developing a mobile device management plan.

There are many tangible benefits of BYOD (Bring Your Own Device), including:

  • Reduced equipment costs
  • Increased employee satisfaction and efficiency
  • Decreased IT staff burden (since employees maintain their own equipment)
  • Reduced office space square footage (as workers are mostly off-site)

The risk in BYOD is that these devices can potentially expose security vulnerabilities not directly supervised by IT staff or addressed by corporate antivirus solutions. This is where the need for mobile device management comes in.

 

A new landscape of threats

Tablets and smartphones are arguably less secure than desktop PCs and laptops because they lack pre-installed malware protection. Most computers include at least a trial version of an antivirus suite, but for the newest mobile gadgets, individual users and IT managers are on their own to search for and install mobile endpoint security management.

This vulnerability has not escaped the attention of hackers, who unleash creative new threats like SMS text messaged-based attacks on a daily basis. The old-school virus, while still annoying, does not hold a candle to the damage caused by these new approaches in cybercrime, which include more sophisticated Trojans, keyloggers, phishing attacks and malicious apps than ever before.

 

Maintaining security while not breaking the bank

Enforcing a ban on these devices is a near impossibility, but there are options for businesses on a tight budget to maintain security:

  1. The first cost-effective step is to immediately establish protocols regarding these devices in the workplace, including guidelines for acceptable use, forbidden applications and how to avoid dangerous activities, such as browsing certain questionable sites while connected to the company’s Wi-Fi.
  2. Next, evaluate your current solutions to see if they can be modified to protect BYOD devices through password enforcement, remote wiping or other protective measures.
  3. If the quantity of devices or sensitivity of data requires a more robust solution, explore whether the use of Mobile Device Management (MDM) software makes sense. MDM provides a centralized platform to manage all BYOD devices and is recommended if IT personnel are spending an inordinate amount of time securing tablets and smartphones – or if the sheer variety of devices and new threats tests their expertise.