1500 Lake Shore Drive, Suite 400, Columbus, OH 43204
614.481.4300
Monthly Archives

January 2016

Is There Any Such Thing as a Virus-Proof Device?

By Cyber Security Awareness | No Comments
app-1013616_960_720

Is there any such thing as virus-proof? Although devices aren’t typically advertised as being “virus-proof,” many developers certainly enjoy the extra profits that come with being “commonly known” for being virus-proof. The question remains as to whether any device or operating system can ever truly be impervious to infection. Let’s do some myth-busting:

Linux

When people sing the praises of Linux, un-infectability usually makes the list. Without judgment, it’s fair to say that there’s an elitist bent to a lot of Linux communities. It’s not the operating system you install on your grandma’s laptop, it’s an OS for techies. If you’re technically inclined, then it does offer a ot of benefits over Windows and Mac operating systems, but is it virus-proof?

Well, according to the official website: No.

Put simply: Any computer attached to the internet is at risk. So scratch Linux off the list.

Mac Devices and Computers

Apple has been something of a holdout in the push towards open design, which has made it difficult to develop security software for. A great op-ed from back in 2012 does a good job of explaining the company’s mentality. It boils down to: People think Apple products are virus proof only because there aren’t a lot of iOS viruses out there right now. It’s easier to create viruses and worms for Windows, and Windows has been around longer. But more recently, we’ve seen that iOS is anything but impenetrable.

Android

The Android is known to have been designed from the ground up to be virus-resistant, from hardware to operating system. This isn’t the same thing as being virus-proof. Unfortunately, the Android’s permissive app-approval process is a double edged sword, allowing developers to pack apps with all the viruses they like. In short: Android doesn’t make the list, either.

There is essentially no such thing as virus-proof. Some devices and operating systems are more resistant to viruses than others, but as long as you’re using the internet or USB drives or any other sort of data-input, you’re at risk.

Finding Privacy in Public

By Cyber Security Awareness | No Comments
notebook-886532_960_720Ideally, you and your staff are never going to be looking at any sensitive data anywhere but at the office, on a closed, secure network, or at home. But that’s not always practical. We have deadlines to meet and we might have to meet them while at the airport or on the subway heading into work. A bugfix might not be a big enough project t justify a whole trip to the office. When you absolutely have to work on a sensitive project in public, keep these tips in mind:

Invest in a Privacy Screen

If your laptop didn’t come with a privacy screen installed, it may be a good idea to invest in one. These screens block visibility from odd angles to ensure that nobody can see what’s on your laptop but you.
Check for WPA or WPA2

As a general rule, you shouldn’t trust any public wireless network that isn’t encrypted with WPA or WPA2. If a network doesn’t use one of these encryption methods, then any other user on that network can see what you’re up to on any unencrypted website.
Use Mobile Websites, Not Apps, for Transactions on Public Networks

Tech researchers have found that many mobile apps encrypt data incorrectly. It’s generally safer to use a company’s mobile website rather than trust an app.
 
Don’t Use Public Computers for Private Business

If you find yourself at the library without a working laptop or device, avoid the temptation to use a public computer. Even if nobody is looking for vulnerabilities in the network, you’re going to spend the rest of the day wondering if you remembered to sign out of everything before you left. It’s a little like thinking you left the stove on at home.
It’s best not to engage in any sort of sensitive activity in public in the first place, and most tasks can wait until you get home. But, if you are forced to check sensitive data in public, there are ways to play it safe.

6 of the Weirdest Computer Viruses

By Cyber Security Awareness | No Comments
binary-823336_960_720We’ve all caught one of those viruses that bombards us with pop-up ads for knock-off Viagra or just slows our computer to a crawl. Some computer viruses are a little… stranger than that.

The MacMag Virus

The MacMag virus was known for being considerate. MacMag was developed by Richard Brandow. The virus delivered a message of world peace for Mac users, and then deleted itself automatically. If it did any lasting damage to the networks on which it proliferated, we still don’t know about it.
The Pikachu Virus

The Pikachu virus used an image of Pikachu to entice children to spread the virus so that it could delete vital Windows files… but the coder behind the virus wasn’t such a brilliant hacker, and Pikachu accidentally asked for permission before deleting any files.
Stoned

Created by a New Zealand college student in 1987, Stoned would render your computer “hungry,” “paranoid” and “sluggish.” “Legalize Marijuana” can be found in the code of the virus.
Ita-tako

Ika-tako was a Japanese virus created in 2010. The virus was disguised as a music file that would replace your files with images of a cute little cartoon squid. The virus spread over file-sharing networks and infected tens of thousands of computers.
 
Ping Pong

Ping Pong was developed at the University of Turin in the late eighties. After booting from an infected floppy disk, the virus would show a ping pong ball bouncing around the screen.
Skulls Trojan Horse

The Skulls trojan horse was the first virus known to exclusively target mobiles, infecting Nokias in 2004 and replacing applications with icons of skull and crossbones.
These oddities may help us to understand why some people create viruses: Because they’re pranksters. They want to see if they can create a virus that replaces your Nokia apps with pirate flags, or make your computer get “stoned.” If only more virus developers were this creative.

 

Cyber Security Myths We Believe Thanks To TV and Movies

By Cyber Security Awareness | No Comments
code-820275_960_720We know that hackers aren’t really a bunch of black-leather-clad badasses who look like supermodels and sneak into government buildings to steal information on thumb drives, but there are a lot of subtle myths that people tend to believe about hacking.

Any Website is a Valid Entry Point for Hackers
In movies and television, a hacker only needs access to a public-facing website to break into any system. If you can figure out the password to an ex-FBI agent’s personal blog, you can break into the government’s mainframe and shut the whole system down. Truth is, there’s not much to hack on most websites. If you can figure out somebody’s Paypal password or bank account information, you can do some damage, but the vast majority of websites aren’t connected to any sort of “mainframe.” It’s just some code, text and images hosted on a server somewhere.
 
Hacking is Heavily Skill-Oriented

Hacking is based on luck more than anything. The only talent any con-artist really possesses is the ability to not worry about the damage that they’re doing when they rip people off. When you find someone’s ATM card in the machine, you take it to the tellers so they can give it back to its rightful owner. A hacker pockets it. Even the rudimentary computer skills that can make it easy to crack passwords can be learned in about a week’s time.
Hacking is Highly Illegal

Stealing is illegal, blackmail is illegal, there are a lot of crimes that can be facilitated by hacking, but hacking itself isn’t illegal. In fact, Google regularly pays hackers bounties for discovering gaps in their security. In other words, hacking is not only legal, it’s actually encouraged by the biggest website on the internet.
Most hacking myths can be dispelled with one simple question: If data-thieves are so talented, why don’t they make more money and take less of a risk putting those skills to use working for Microsoft?

How to Reduce Your Business’s Internet Safety Risks

By Risk Management Bulletin | No Comments
computer-767776_960_720Doing business online is fairly common for most businesses. However, you do face Internet safety risks whether you email customers, take credit cards over the phone or use an online payroll company. Learn how your business can reduce your risks and use the Internet safely.

Wireless Internet

Anyone can access the information you send over an unsecured wireless Internet connection. Change your connection to secure or private immediately. When you do connect to a network, make sure it’s password-protected and encrypted especially when you send, receive or download sensitive, confidential or financial data. You can also use routers with Wireless-N security for better protection. In cases when you do need to use a public wireless network, don’t send or receive sensitive data. Set your laptop to ask permission before connecting to an open wireless network or save those transfers for when you’re back on your secure network in the office.

Passwords

Common passwords are easy to hack. Instead, use a mix of random capital and lowercase letters, numbers and characters, and be sure each account you use has a different password. Change your passwords at least once a month, too, and encourage coworkers to do the same when you put the task on the company calendar. Remember not to share passwords with anyone as you keep them safe.

Links and Attachments

When sending or receiving links and attachments via email, you also risk sending and receiving viruses. Check the sender’s email address and the file name before you open any attachment. Avoid opening anything that looks or seems fishy.

Website Security

Your business probably uses several websites to manage customer accounts or banking details. Be sure each website is secure before you use it. Look for the lock icon in the URL box whenever you use a website to manage business data.

Software Updates

Software developers and operating system manufacturers constantly make improvement to their products. Check regularly for updates on all the software you install. Security patches and other fixes keep your computer safer and ensure your software is operating properly. Choose automatic update or manually update your desktops and laptops at least once a week. Be sure to restart your computers to complete the changes, as well.
Internet safety requires several precautions. Make sure all your team members understand the risks and the ways to avoid these risks. You should also contact your insurance agent for a liability policy. It can cover you in case your careful Internet safety precautions are ever compromised.

How To Hire An Internal Control Consultant

By Risk Management Bulletin | No Comments
consultant-779590_960_720What 2016 New Year resolutions are your making for your company? Consider hiring an internal control consultant to help you reach your goals.

What is an Internal Control Consultant?

As a company insider, you may not be objective about your company’s performance, weaknesses or areas of need. You also may not have the resources or authority necessary to make successful long-term changes.
An internal control consultant will look at your company from the outside and view your situation and needs from an objective point of view. He or she will also walk with you as you implement plans for change.
 
A consultant can help you perform tasks related to: 
  • Research and Development
  • Information Technology
  • Wage and Salary Administration
  • Sales and Marketing
  • Product Distribution
  • Manufacturing
  • Financial Planning and Control
  • Human Resources Management and Labor Relations
  • Administration
  • Organizational Planning and Development
  • Strategic and Business Planning
  • Incentive Compensation

How do you Hire Internal Control Consultant?

Your attorney, accountant or banker may be able to suggest possible consultant’s for your particular business and needs. Check out your trade organization and the Institute of Management Consultants USA for referrals, too.
During the hiring phase, look for candidates who are experienced in handing cases like yours. Their references should back up their track record and experience claims. Additionally, ask if the consultant handles situations with honesty and tact. You also want to find out how well the consultant works with others, if he or she is a team player and whether or not the consultant can build rapport with you and your team.

How Much will an Internal Control Consultant Charge?

The fees for assistance vary based on the task and the consultant’s knowledge, skill and experience. Typically, a consultant whose sole job is advisory in nature will charge a flat fee per hour or job. A consultant who’s doing an extensive project for you will often require a retainer and regular payments throughout the project or as goals are met. Before any specific discussions take place, agree on a fee schedule and get the arrangement in writing.
When you need additional knowledge, skill, authority or ability to make changes that last, hire an internal control consultant. This person can help your company become more successful, overcome a current problem or assist in making essential changes. Consider hiring an internal control consultant this year as you implement your 2016 New Year resolutions.

First Aid Checklist for the Workplace

By Risk Management Bulletin | No Comments
first-aid-908591_960_720Accidents can happen in any business environment. Be prepared with a stocked first aid kit. This way, you and everyone in the office can handle emergencies when they arise.

The First Aid Kit Box

Any box or soft bag can hold your first aid supplies. However, consider a container that features the international Red Cross symbol, a white cross on a red background. That way, employees can quickly grab the right box when they respond to an emergency.

Bandages and Gauze

A variety of sterile adhesive bandages and gauze pads handle minor scrapes, burns and cuts. Stock an assortment of sizes along with at least 10 yards each of one-inch-wide cloth tape and four-inch-wide gauze.

Medical Tools

In addition to surgical scissors that cut tape and gauze, stock tweezers, a splint, scalpel and tongue depressors in your first aid kits. Be sure each tool is sterilized and sealed.

Gloves and Masks

Surgical rubber gloves and surgical masks reduce the spread of infection and protect your employees. Stock sealed gloves and masks in the first aid kit.

Medication and Ointments

Several medications and ointments ease pain and reduce infection. They include anti-inflammatory medication, aspirin, antibiotic cream or ointment, burn ointment and antiseptic ointment. You may also consider stocking items medications that combat diarrhea, nasal congestion and sore throats.

Eyewash Station

A portable eyewash station includes sterile supplies that flush chemicals, paint or other materials out of your eyes. Stock portable eyewash supplies with your first aid kit along with your OSHA-recommended permanent station.

Other Supplies

In addition to these supplies, stock a blanket and resuscitation equipment near your first aid kit. These items can be lifesaving as you wait for professional help to arrive.

First Aid Manual

You may be prepared to handle any medical emergency, but your coworkers may not be as skilled in this area. Include a first aid manual in the kits. The first responders may use the manuals as references until trained help arrives.

Emergency Numbers

Near your first aid kit, include emergency numbers for your local medical facilities, fire department and police station. Update the list when a contact number or provider changes.

Other Considerations

To be compliant with OSHA guidelines, take several considerations into account. First, businesses with three employees must stock at least two of every item in their first aid kits. At least one kit should be placed on each floor. Keep accurate records of injuries and illnesses if you employ more than 10 people.
Staying safe at work is a top priority. Discuss first aid kit details with your OSHA representative. Make sure your insurance is updated, too, as you maximize safety this year.

Risks of Starting Your Own Business

By Risk Management Bulletin | No Comments
office-594132_960_720If you dream of being your own boss, maybe you’ve also considered starting your own business. The idea of setting your own hours, working from home and selecting only projects that interest you is appealing. However, According to the U.S. Small Business Administration, up to 50 percent of all small businesses fail within five years. Starting a business includes risks you should understand before you take the plunge.

Starting the Wrong Business

Maybe you want to start a bakery because you like cookies. Are you prepared to bake for several hours every single day? Have you researched the local area to find out how much competition you have and what will set you apart? Do you have potential customers who want the types of cookies you bake? Are your cookies tasty?
Evaluate your personality, skills, education and interests as you decide which business to start. By choosing one you’re passionate about and skilled to do, your chances of staying interested in your work and pushing through despite setbacks increases.

Finances

Owning your own business means you hold the financial responsibility for its success. You could turn to Kickstarter, private loans or investors for start-up capital, but you also need financial smarts to keep your business going.
Financial success starts with a solid business plan. Ask a trusted advisor or a successful business owner from SCORE to assist you in creating a plan that works. Remember to create a growth plan, too, that outlines when you’ll repay debts and reach financial milestones. Finally, keep up with your paperwork so you know how much money you’re spending and making. Successfully complete these steps, and you’re on your way to financial success with your new business.

Family Relationships

Even though you may start a small business in part because you want to be home more, you’ll put in long hours as you establish your business. Working from home also means that your office is easily accessible, and a quick phone call after dinner can easily turn into hours of work.
Be sure your family supports your decision to start a business. Then establish firm office hours that protect your family time as you limit the risk of damaging your family relationships because of your business.
Owning your own business can be rewarding and fun. Make sure you understand the risks and are prepared before you take the plunge, though. Discuss your endeavor with people you trust, including your accountant, lawyer and insurance agent. This way, you’re covered for liabilities you may face and increase your chances of finding long-term success.

Alone and At Risk

By Workplace Safety | No Comments
home-office-1034939_960_720Technically if you have a telecommuting employee who works from home or another non-office location, you’re still liable for their injuries as the employer. Of course, the burden of proof is on the employee, and these types of situations can get tricky fast. Obviously as an employer, you can’t be sure of what your employees are up to 100% of the time, but particularly when an employee works from home you may feel entirely powerless. However, there are a number of concrete actions you can take in order to ensure a healthier and safer employee.

Get Involved

It will inevitably be the point where you start thinking that you can be entirely hands-off when disaster is sure to follow. This is frustrating because your employees enjoy the freedom and autonomy of working on their own, but can become annoyed if they think they’re being ignored. The best way to hit a better balance is to take what you already know and then experiment from there. It may also help to visit their space either physically or virtually. This way you can see how they’re operating, make suggestions and document your continued interest in their well-being. You won’t know exactly how they operate at all times, but you can get a sense of their level of responsibility to their home when they interface with you. Also, check in with your employees. It doesn’t have to be a heart-to-heart conversation, but ask them how they’re getting along. Some people work well on their own, but others don’t. You want your employees to have a certain level of job satisfaction to get the most productivity out of them, and coming up with solutions now can be your best way to avoid problems in the future. The good news is that new studies (http://nymag.com/scienceofus/2015/01/people-who-work-from-home-get-more-done.html) suggest that people can often stay focused more at home than in an office.

Set Up the Guidelines

You should have policies freely distributed that comply with your state’s regulations. Every employee should have easy access to safe practices when working. Also, they’ll need a set schedule since they could be using the same room/equipment during non-working hours, and if they injure themselves during those times they may try to blame it on you. Regardless of when you need the work by, make sure that they know when their breaks, lunch and working day starts and ends. To a court, their hazards look like your hazards, so ensure that your employee understands what’s expected of them. If you start to feel as though they aren’t being careful in their work or the social isolation is distracting them, make the change before it’s too late.

Telecommuter Ruling In Illinois

By Workplace Safety | No Comments

ipad-649499_960_720Earlier in December 2015 there was a controversial case in Illinois that shook a lot of people up. The courts decided that a police officer technically qualified as a telecommuter and was therefore eligible for a workers comp package, even though the cop was not on duty. His story was that he lifted a bag full of equipment and injured his back. He was in uniform at the time, but it was definitely not on his pre-approved shift. The jury ruled that since the bag of items was issued by his employer, then the employer assumed the liability of any problems which would arise from using it. Whether you agree with this view or not, you need to take note of this ruling so you’re not subject to the same terms in your own state. While you can’t entirely prevent this kind of problem from occurring, we’ll give you a better idea of the type of person you do want telecommuting or otherwise working in generally unsupervised terms. This precaution may be just the key to keeping yourself out of this type of no-win situation that the police force is finding themselves in currently.

During your first interview, have the person take you through a general day. See how much they get done and how they feel about that. The more disciplined a person is in their daily life, the more likely they won’t have the personality to do what the cop did. A highly motivated person just wants to do their job well, and they’re not interested in trying to swindle a buck out of someone. It will be pivotal to call their old employers as well to get a second opinion as to how much they accomplished, how well they responded to authority and a general sense of their time management skills. Everyone who works from home also needs to have a clear line of command if they have problems or need questions answered. This decreases resentment and further reduces the chances of an issue. For the employees you currently have, you should know how their lives relate to their jobs. If they’re going through a rough time at home and that’s also where they work, then that’s a potential time bomb. You’ll have to truly step outside the box and challenge how you see your employees if you’re going to have them telecommute. It’s much easier in this case for both people to feel no connection and thus free to act in a way they wouldn’t if they were face to face. You might not be prepared to face the consequences if there’s an extreme case suck as the one in Illinois.