The Sexy Side of IT Security

Did we get your attention? The topic of informational technology (IT) security is boring, but so important. Most of the statistics are downright scary:

  • 52 percent of people email documents from work to home via personal email account
  • 66 percent of people that take work-related information home do not take time to delete or erase
  • 51 percent of companies have an IT security policy that is not strictly enforced
  • 65 percent of smaller organizations say that, in general, their organization’s sensitive or confidential business information is not encrypted or safeguarded by data loss protection technologies

 

When it’s done right, IT security can be sexy. Why? Confidence is sexy. If you are confident in the protection of your data, that’s attractive. Here are a few ways to get that confidence factor:

What are your employees downloading (and potentially taking home)

Think about how easy it would be to put a thumb drive in one of your office computers or printers and download confidential data. Do your sales people have their own cell phone versus a company phone? If yes, then they have an automatic database of clients. You can purchase software that detects downloading activity and alerts you.

What is your risk potential

Do you keep social security numbers, health or credit card information? Can employees open attachments to or click links embedded in spam? Do they leave their systems unattended? Do they not change their passwords frequently? Do they visit restricted sites? If you answered yes to any or all, your business data is at risk. There are very specific laws out there – especially for credit cards and health info – with which you must comply.

Do you have any policies?

Even the best security technology can be defeated by bad practices and human error. A security policy stipulates what should and should not be done. It addresses three security properties: confidentiality, integrity and availability. Many employees do not even comprehend that the work they create at work is not their own. If it is work done on company time and equipment, it belongs to the company. Reviewing what your employees do and do not have access to is critical.

Are you assuming your provider has it?

Your IT department or contracted service can monitor and initiate IT security controls for you. Our employees cannot access certain sites that have to do with hot buttons like alcohol, as our IT administrator has blocked content.

The basic assumption is you’re compromised. You have to assume somebody is on your network right now, sitting there and learning and watching what you’re doing. What will you do today to be confident and sexy in your IT security management?

Written by Jim Annis, President/CEO of The Applied Companies, which provide HR solutions for today’s workplace. Celeste Johnson, Tom Miller, and Suzanne Chennault, Applied’s division directors, contributed to this article.

February 2014 HR Brain Teaser

Brain Teaser Courtesy of EPLI Pro™

You Have to Give Me the Day Off!

An employee informs you that he has just converted to a new faith. His new faith prohibits him from working on Xday. He tells you that he'll be in need of a religious accommodation starting this Xday and from now on.

You reply, "Wait, you agreed to cover that day when I hired you; if you're not available, I'll have to pay overtime which I can't afford."

He replies, "It's required by my faith."

What should you do?

A.  Require him to bring you written proof from a religious authority, that he's a member of this new faith, and that his faith requires him not to perform any work on Xday.

B.  Grant the request - you have no choice!

C.  Talk to him to see if there's another option, other than not reporting to work, that would allow him to satisfy his religious belief.

D.  Deny the request.

Answer: C     Federal law and many state laws require employers to reasonably accommodate a “bona fide religious belief or practice”, unless doing so would cause undue hardship. You should look for ways that you can accommodate, rather than having your initial response be that it’s an “undue hardship” or not possible.

Unlike many leave regulations, there’s no right to confirmation of a “bona fide religious belief or practice”, nor does it have to be a mainstream religion. So you may not ask for written  confirmation.

You need to talk with your employee and determine what it is that his faith requires. If you determine that there are other ways to accommodate his needs rather than just taking the whole day off then you should propose those to him and discuss the options. Maybe he can trade shifts with any qualified employee who voluntarily agrees to cover your shift without requiring the business to incur overtime expenses. In the end, you need to accommodate him.

Explore the alternatives, and seek the advice of a human resource professional or employment law attorney if you have questions.

Applied Staffing Solutions Applied Business Solutions
Divisions of The Applied Companies
We Have All Your Employment Answers

Sure There Is Plenty of Time To Get Your Job Done

So, how are things going? Although the common response in the past was “fine,” we more often hear “busy” as a response. Culturally, busy has become a more attractive term than fine. Perhaps the recession taught us that if we were busy, we were doing okay. Even if we weren’t busy, we wanted the perception to be that we were because that equated to being successful. This trend recently prompted a viral New Year’s resolution on Facebook not to use the word “busy” at all in 2014. When you think about your life – work and home – is it true that you are busy all the time? Here are some ideas to ponder:

The workday

It is truly a job to be in control of my time. I’ve been saying for years that multitasking – including email – is highly inefficient. We have more time than we think we do. When you say, “I don’t have time for this,” truth is you have not made the time for it because people on average work 5.5 or 6 hours out of an 8-hour day.

To schedule or not to schedule

Sometimes we find ourselves in what feels like a perpetual meeting all day long. Ask yourself, “Do I really need to be there?” Set your priorities and make a choice. Be sure you can trust others to attend meetings and debrief you. If you keep your calendar in 15-minute increments, you’ll think about how precious those 15 minutes are.

Leave me alone

Down time is important. Whether you are catching up on industry news, or getting organized, understanding the impact on the rest of your team is crucial. Do they have authority if you are not available? Is delegation an expectation that you have of each other under certain circumstances?

It is not due to incompetence

If there is someone on your team who has a hard time getting their “job done” maybe the work process is wrong. Maybe they have too much workload, especially since companies are still relying on part-timers to do a full time job.

It sparks creativity and creates new opportunities

Work processes may be more involved than they need to be. Being in control of your day allows time to simplify. Exploring is part of good management. For example, we just implemented better staffing software, which should allow 20 percent more business with the same number of people.

As we get organized, we become more efficient. I recently went back to the “new” old Franklin Day Planner and cannot wait to be more in control of my day in 2014. When was the last time you felt there was plenty of time to get your work done?

Written by Jim Annis, President/CEO of The Applied Companies, which provide HR solutions for today’s workplace. Celeste Johnson, Tom Miller, and Suzanne Chennault, Applied’s division directors, contributed to this article.