Most security breaches are the outcome of human error. Several attacks in the past are the result of mistakes caused by an insider. Your organisation cannot be safe against a cyber-attack until every individual in the company participates in understanding their roles and responsibility.
The common issues which can be faced by employees or their organisation are:
- Vulnerability in sensitive information,
- Intellectual property burglary or
- Malware attacks.
To protect yourself against all these threats you need to examine your security and adopt all these strategies:
Understand Threats and Train Yourself:
The world of internet is full of threats and insecurities. Until you are fully prepared from your side, you cannot stay safe on the world wide web. Several cyber threats are hovering over your personal as well as business-related sensitive information.
You can achieve the best level of security only if you are aware of the methodology or type of attacks used for hacking into your system. There are numerous platforms available over the internet offering you to protect yourself from cyber-attacks. You can participate in outstanding cybersecurity training offered by them as its curriculum is designed by professionals to keep you updated with trending protection methods and information.
Introduction to safety-related training is imperative to make your employees cyber aware. These programs help them to understand how and why hackers can compromise their data.
Antivirus and Firewall Protection:
Antivirus is a software program which helps to detect and remove malware from your system. Installation of antivirus software helps you to achieve security from threats such as ransomware, worms, trojan horse and other malicious programs. You can get paid antivirus application from various security vendors available over the internet.
Antivirus is not enough to provide satisfying security to your system. The use of a firewall is very beneficial as it controls all the incoming and outgoing traffic on the basis of elucidated rules. It creates an obstacle between your system and incoming un-trusted traffic.
Generally, people use passwords which are easy to remember while making transactions such as net banking, social signing in etc., over the internet. Using such common passwords puts them towards higher risk of security breaches because hackers use brute force technique to discover a user’s password, and sometimes they become a success in achieving the information. So always try to select a distinctive and unique password for your login details and change it on a regular basis to achieve maximum security.
If you are providing any sensitive data to a website which does not contain any secure socket layer (SSL) certificate, there are chances that your data can be compromised. The primary motive behind the inclusion of SSL in websites is to provide prevention from man-in-the-middle attacks. SSL works on the transport layer of the HTTP protocol pledging authentication of in and out data on the server.
Backup and Recovery:
Data is the central pillar of any organisation. Here, data refers to all the sensitive information including bank details, customers’ information and so many other useful dossiers. Data insecurity is one of the widespread issues because data can be the main motive of hackers behind the attack.
So, creating multiple safe back-ups for future use is the best practice for keeping your data secure.
You can store your information over public or private cloud depending upon your need.
Cloud Service Providers offer a variety of managed services such as cloning, recovery, monitoring, creating snapshot etc., to provide security for your data with a minor investment. There is a probability of losing data in case of accidental loss. You can recover data from your backup devices to use them again for your business operations, see here.
Most websites have implemented multiple layers of security to provide a safeguard to their users. You must use three-layer authentication protections such as one-time password, authenticator etc., for acquiring a powerful security boost to your credentials.
Considering Intrusion Detection System (IDS):
IDS is a software application for monitoring your network against malicious activities. Whenever it detects such events, it triggers an alarm to central management for acknowledgement to take immediate actions. Installing IDS in your system is very helpful for monitoring threats.
Walking a holistic path with these tiny procedures can get you towards a safe base of security. These small investments can save a significant amount and time for a secure tomorrow.
About the Author
Danish Wadhwa describes himself as “a Growth Hacker & Digital Marketing Consultant with an Entrepreneurial instinct”.
He is an IT graduate, formerly from India, who landed in digital marketing by will. Being an avid writer, he took everything he learned in his career to help SMEs learn from his Growth Marketing Blog at Fly.Biz/Blog
A more positive approaches to corporate governance could add greater value. Too many boards focus upon compliance rather than business development.
Many boards could contribute much more to business growth and development if they adopted a different approach to corporate governance according to Professor Colin Coulson-Thomas, the author of Developing Directors. Speaking in Singapore he told Asian directors, board chairs and company secretaries that his recent investigations have identified opportunities for boards to add greater value by shifting the focus of their attention.
He finds: “In seeking to avoid interference in operational matters many directors are overlooking areas that are properly the responsibility of the board.”
According to Professor Coulson-Thomas: “The approaches to corporate governance adopted by some companies are excessively negative and are inhibiting innovation, entrepreneurship and responsible risk taking. Directors need to understand that competitive success can require both prudence and creativity, and practical and cost-effective approaches are available that can reconcile the two. For example, building checks into performance support tools can make it easy for people to comply and difficult for them to act in ways that cause quality, commercial, regulatory and other problems while exploring different solutions, bespoking responses and developing new options. ”
Hoping for the best is no longer enough
Coulson-Thomas’ evidence of what more effective directors do differently reveals how much more value boards could contribute if they shifted their questioning to areas such as ensuring executives focus on better supporting those work-groups that contribute the most to key corporate objectives: “Handing demanding objectives to a CEO and senior executive team and hoping for the best is no longer enough when one can challenge the expensive, time-consuming and disruptive approaches being adopted when quicker and more cost-effective options exist. Boards need to be aware of approaches that avoid traditional trade-offs and allow the simultaneous achievement of multiple objectives. They should champion quicker routes to high performance organisations.”
The Professor mourned the lack of innovation and diversity in board practices: “There are so many options for operating boards today and a variety of different ways in which they can discharge their responsibilities. The prevalence of corporate governance codes, a focus upon compliance and the practice of resorting to advisers and consultants who have climbed aboard the corporate governance bandwagon appears to have produced a dull uniformity of practice. Too many directors are doing just enough to comply rather than thinking through what form of board structure, composition and practice would be best suited for the situation a particular company is in, its stage of development, its priorities, the nature and geographic scope of its operations and the challenges that it faces.”
Coulson-Thomas suggests: “With vested interests and well meaning people calling for ever more detailed reporting and governance requirements we are in danger of losing sight of their purpose. What happened to relevance, economy, simplicity, proportionality, adaptability, flexibility, diversity, innovation and business development? Human nature is such that shareholders need protection but it is not unreasonable for the owners of companies to expect that the directors they appoint to look after their interests will also be diligent in stimulating, encouraging, enabling and supporting the profitable and sustainable growth of the businesses for which they are responsible.”
Professor Coulson-Thomas has just returned from India where he spoke at events in Mumbai and Bengaluru. His presentation on “What’s keeping boards awake and what should they do about it?” was delivered to the Bangalore Chapter of the Institute of Directors of India at the Hotel Royal Orchid Central.
About the Author
Professor Colin Coulson-Thomas, author of Winning Companies: Winning People and a new report on talent management and creating high performance organisations, is an international consultant who has helped over 100 boards to improve board and corporate performance. He is chairman of Adaptation, process vision holder of complex transformation programmes and a business school academic at the University of Greenwich. Reports covering his investigations are available from www.policypublications.com
Tel: + 44 (0) 1733 361 149
Fax: + 44 (0) 1733 361 459
Guest Blog by Sonia Blizzard
Accountants are used to dealing with complex sets of data and recognise the sensitivity of the information they hold on behalf of clients. As with other professions, technology is presenting challenges which require careful consideration by accountancy firms.
In this guest blog, internet security expert and MD of Beaming, Sonia Blizzard, talks through a few of the ways you can make sure you can make your security add up.
Security vs Flexibility
The first of these is security versus flexibility. Most accountants [and other professionals too] like to have the ability to access their systems from clients’ sites or working from home, as this is efficient for their company, and they want to achieve this safely.
Remote working solutions such as Terminal Services or Citrix and hosted software platforms achieve this, as long as the company knows the servers are based in a secure location in the UK and if in a shared data centre, that this data centre complies with the highest security standards.
Ultimately the accountancy firm is responsible for the data they hold on their client and it is their duty to know where it is held and that it is safe. Under no circumstances, do they want to become the weakest link in the chain of their client’s defence against online criminal activity.
Added to this there is the more basic issue of connectivity. In our experience, firms often look at the speed at the server location but forget about the experience at their office location, if different. It is pointless investing in technology if you cannot access it. A broadband connection aimed at the residential market is not going to deliver an efficient way of working and what happens to the office if there is a fault when it takes days, rather than hours, to fix? What would happen if this was towards the end of January when last minute tax returns are being filed? In the same way that accountants are highly familiar with the regular software upgrades which need to take place for accountancy software, partners should routinely review their systems and connectivity to ensure that they have the correct network in place.
Protecting against threats on each site
For larger firms, with a number of locations, there may be a range of solutions to consider and when doing so, with the recent increase in cyber hacking in mind, security should be paramount. Each site should be protected against such threats and this can soon add up in terms of cost of hardware, but how about a private network where there is only one route in and out to the public internet?
This saves on the cost of equipment and it can also consolidate any historically different ways of working at each site to those under one arrangement, which will bring huge benefits when it comes to managing staff.
Changing attitudes towards data security
The second challenge is managing clients’ attitude to data security and technology. In our experience, accountants are, on one hand, dealing with clients who have suffered from online fraud or system failures, and on the other, those who are nervous about the security of their financial information but do not know what is best practice. They turn to their trusted professional, their accountant, for advice. Those accountancy firms who have invested in their own solution to this problem and who are confident about the advice they can give will have the advantage. Imagine as well if a firm was to be compromised or to lose its systems for days. What would happen to its client base?
Accountancy firms work alongside external parties, such as bookkeepers. The trusted relationship between accountant and bookkeeper should also include an evaluation of how seriously each party takes security of the shared client’s data.
Data storage and back up
Another challenge that faces accountants is data storage and backup. By the very nature of what they do, accountants hold large amounts of historic paperwork, all safely under lock and key. For those who have moved to a paperless solution, this still needs to be safe. Data backup is then the solution.
Offsite backup is essential. This is an easy piece of advice which accountants can also give to their clients. It does not require them to become IT experts or have a forensic understanding of how the client runs their systems. With the right kind of offsite backup, such as Beaming’s DataChest which holds seven copies at a time in an encrypted form, if the client is compromised by ransomware such as Cryptolocker or loses their key financial information due to a system problem, the backup files will not be overwritten and they will be able to restore the files and ultimately continue to trade. That’s good for them and good for the accountant.
Sonia Blizzard is the MD of Beaming (www.beaming.biz)
Beaming is a company that provides secure internet connectivity and data back-up services to a number of businesses across the UK.
“No change, no point.”
Seth Godin emphasized in one of his blog posts last year that a presentation that doesn’t intend to create change is a time-waster. All factors involved – topic, audience, venue, etc. – should be tailored to attain a desired effect; otherwise, you fail as a presenter.
But how do you make that change possible within a short talk? Let’s summarize what authorities say on how to improve your presentations.
10, 20, 30
Guy Kawasaki, a Silicon Valley speaker and Garage Technology Ventures’ co-founder, popularized the 10/20/30 PowerPoint rule.
- 10 refers to the optimal number of slides to be used in a presentation. It can’t go beyond that number because ordinary people can’t absorb more than 10 main ideas in a meeting or talk.
- 20 denotes the ideal length of a presentation. If you have a one-hour time slot, you can allot the rest of the time for discussion with your audience.
- 30 stands for the font size of your text. Each slide should only contain salient points, not paragraphs of text squeezed to fit the available space.
Understandable, Memorable, Emotional
Carmine Gallo, author of The Presentation Secrets of Steve Jobs, explained to MBA students of Stanford Graduate School of Business what makes a presentation successful:
- Understandable. Presentations should have a short, clear and simple message. He encourages using a Twitter-friendly headline, a technique awe-inspiring communicators apply when speaking in front of a crowd.
- Memorable. The audience should remember the main points of a presentation; otherwise there is no impact created. The most effective technique for achieving memorability is the Rule of 3. Limit your presentation to three sections, because the short-term memory can’t take absorb more numerous concepts in a short time period.
- Emotional. Add an emotional component to your presentation. And excellent way to do this is with a moving and relevant story. It is stirred emotion, not analytic thinking that prompts people to take action after your speech.
3 P’s for a Presentation
Apart from the actionable tips above, we would like to add three more concepts you can integrate into your presentations.
- Prepare. If you organize your thoughts at the 11th hour, you will most likely end up with a lame presentation. Preparation, regardless of your knowledge and experience, is a priority. That means researching your audience, structuring your ideas, preparing your audio-visual aids, and practicing for comfort, confidence and perfection.
- Perform. Consider your presentation as a work of art on stage. Be knowledgeable, be natural, and be yourself. Pay attention to your body posture and movement; exude confidence and expertise and you’ll more easily persuade people. Establish rapport, build trust, and adjust your style according to your audience’s response. You definitely do not want to come across as a robot. Be yourself, and don’t be afraid to ad lib and interact.
- Ponder. A technically well-crafted speech won’t necessarily be an effective one. Effectiveness all boils down to the question, “Did I achieve my main objective?” If your presentation introduced your university in order to increase the number of enrollees, find out how many applications are submitted. If your goal was to have a proposal approved, gather some feedback from the management. Whatever your objective may be, come up with a way to evaluate whether you achieved it or not.
More Presentation Tips
To learn more actionable techniques for improving your presentation skills, visit Slideshop.com, a provider of pre-customized PowerPoint templates. It blogs about attention-grabbing slide designs, advanced PowerPoint tricks, and other tips that will help you be a great presenter.
About the author:
Toke Kruse is the CEO of Slideshop.com, a leading provider of pre-designed PowerPoint templates. Toke is a graduate of Copenhagen Business School and has launched nearly a dozen companies since entering the world of entrepreneurship at the age of 18.