Why secure your home network?

The number of connected devices in South African homes are expected to increase exponentially.

Smart TVs, connected appliances, online fitness devices, entertainment and gaming systems, smart cars, connected water and power meters, climate control systems and online home security systems are all available. Many home networks also include things like wireless medical devices, and tools designed to track and monitor children or elderly family members.

All of these devices are being connected to the Internet through a home Wi-Fi system, or increasingly, a Home Area Network (HAN) combined with Network-Attached Storage (NAS) and Cloud-based applications that are accessible from any device in any location. And we are now starting to see interconnectivity being developed between these devices, as well as connectivity to other systems and networks to enable information and entertainment sharing with friends and family, or data collection by device manufacturers and service or utility providers.

And as the number of remote workers able to work from home increases, your corporate offices are being regularly linked to these hyper connected and often poorly secured home networks. The implications are significant.

Some companies are stepping up and offering user awareness training programmes for remote workers, especially for employees with access to sensitive data. But learning how to avoid phishing and social engineering attacks does not address the relatively new problem of hyper connected home networks.

As our work and social networks expand into the home, and the potential threat footprint in our homes continues to grow, it is critical that we take a fresh look at how we are protecting ourselves from the growing number of networks we interact with. Our personal, financial and medical information, as well as our work assets are all at risk from increasingly sophisticated malware and financially motivated cybercriminals.

For the enterprise, we recommend a three phase approach to security based around learning what is on your network, dividing the network into separated segments, and then implementing appropriate security that provides critical protections without compromising functionality and interoperability. Of course, large organisations have financial and technical resources that most homeowners cannot duplicate. But there are strategies and techniques that individuals can borrow from enterprises to secure their increasingly complex and sophisticated home networks.

1. Learn (discover)

Information is critical to a security strategy.

Know what is on your network:

With the increasing number of portable IoT and other devices being installed or used by family members and friends visiting your home, it may be difficult to know exactly what is on your home network at any given time. Even harder is controlling what they are allowed to do.

There are a number of security tools on the market today designed for the home that can identify devices looking to connect to the Internet through your Wi-Fi network. Many of them can be easily configured to provide them with access to your guest network, while restricting and monitoring the kind of traffic they are generating, the applications and home resources they are able to access, the amount of time they can be connected online, and the places on the Internet they are allowed to connect to.

Do your homework:

Before you buy a device that wants to connect to your network, ask some questions. Not every device that wants to connect to the network needs to. Do you really need to be able to look inside your refrigerator from the store? Does your coffee maker need to be able to order its own filters? What does a connected stove do?

Next, research these devices with an eye towards security. Are there known vulnerabilities? Many connected devices include vulnerable software or back doors that make them potential targets. And far too many of these devices cannot be hardened, patched, or updated. Can you add passwords? Can they be updated if a vulnerability is detected?
This sort of research is particularly important before you add connected home healthcare devices that monitor patients or regulate medicines.

2. Segment

Many organisations are implementing some sort of network segmentation strategy in order to protect their resources. Visitors and unauthorized devices are connected to a guest network. Critical resources, such as financial data, are isolated from the rest of the network. And sensitive communications are encrypted.

Homeowners can do many of the same things.

• Buy separate wireless access points to separate things like gaming systems and IoT devices from your PCs and laptops.
• Set up a wireless guest network for visitors or new devices. Most access points allow you to restrict access, set up things like firewalls, and monitor guest behaviour.
• To protect your critical resources, consider purchasing a separate, inexpensive device, such as a Chromebook, that is only used for things like online banking. You could also set up a separate virtual device on your laptop or PC for banking online.
• As much as possible, keep your work and personal devices separated. Set up a separate connection for work, only connect through a VPN tunnel, and consider encrypting sensitive data travelling back and forth between your home and corporate networks.

3. Protect

Home networks and devices tend to become infected because security is notoriously lax. Here are a few security tips for your home network.

• Keep a list of all the devices and critical applications on your network, including the manufacturer. Set up a weekly routine to check for updates for physical and virtual devices, operating systems, applications, and browsers. Of course, this is easier said than done. Browsers like Google allow you to set up automated searches that can alert you when news on a topic is found, or simply provide you with a daily email with discovered links.
• Get antivirus and anti-malware software, keep it updated, and run it regularly. But FIRST, do your research. A number of products pretending to be security tools are actually disguised malware. Also, remember that no software is 100% effective, so set up a regular schedule, say once a month, where you use a second or third security solution to scan your device or network. Many solutions provide a free online version or let you run a free demo for a period of time.
• Get a firewall. Most home security packages include a firewall option. Turn it on. Even the default settings are better than doing nothing.
• Use good password hygiene. Change your passwords every three to six months. Use an encrypted password locker to store passwords. Use different passwords for different kinds of things. Don’t mix your personal and work passwords. Increasingly, many social media and online services, such as Facebook, Yahoo, and Gmail, provide options for stronger authentication, including two-factor options.
• Here is a good tip for selecting a strong password. Think of a phrase or a song lyric or a line from a book or a poem. Use the first or second or last letter from each word to create a password string. Replace some of the letters with numbers and special characters.
• New services, such as LastPass have been developed to help manage all your passwords, and all you need to keep track of is a single master password. This technology will also automatically create strong random passwords for each application you need to access, and store them in an encrypted format.

For additional ideas and tips on protecting yourself and your network, review this checklist provided by the Online Trust Alliance. You can also use this link to see if you have an account that has been compromised by a data breach.

Given the rate at which technology is changing, you can no longer afford to simply load an antivirus tool onto your laptop and think you are going to be protected. As we begin to use and interconnect more and more devices, and blend our personal, social, and work lives, security is increasingly important. It is critical that you begin to develop a strategy now for learning, segmenting, and protecting your network, resources, data, and privacy.

Paul Williams is the Country Manager, SADC at Fortinet.

What is key to the fight for female talent?

To mark International Women’s Day (IWD) last Wednesday the 8th March 2017, PwC has released a new report ‘Winning the fight for female talent: How to gain the diversity edge through inclusive recruitment’ which looks at what employers can do to attract and retain female talent and underscores the importance of embedding diversity and inclusion into the employer brand.

PwC surveyed 4,792 professionals (3,934 women, 845 men) with recent experience of the jobs market from 70 countries and from different organisations to find out about their career aspirations and employer diversity experiences and expectations. In parallel, PwC surveyed 328 executives with responsibility for diversity or recruitment strategies in their respective organisations to explore current diversity trends and practices within employer attraction and selection activities. In South Africa, 191 respondents took part in the survey.

Female and male respondents ranked opportunities for career progression among the top three employer traits, along with competitive wages and flexible work arrangements. Female career starters and female millennials identified this as the most attractive employer trait, as did women overall in Brazil, China, France, Hong Kong, India, Ireland, Luxembourg, Poland, New Zealand, Russia, South Africa and the UAE. The report also found that women who had recently changed employers said a lack of opportunities for career progression was the top reason they left their former employer (Global: 35%; South Africa: 43%).

Worldwide, organisations still have some way to go on the journey to gender-inclusive recruitment. In most countries around the world, women still remain underrepresented at every level in the corporate pipeline, with the gap becoming more pronounced at each level of seniority. It is despairing that the rate of progress has been so slow, and even more alarming that it will take 170 years for gender equality to be achieved in the global work force at the current rate of advance, according to World Economic Forum estimates.

Despite these statistics, women make up a vital talent pool in the work force. CEOs and business leaders are increasing their efforts toward greater female recruitment in an effort to win the war for talent and plug the gaps and in today’s skills crunch, as well as gain competitive advantage.

The good news is that 80% of employers have aligned their diversity and recruitment strategies. This is critical, as diversity efforts operated in a silo will not help to achieve established diversity goals. To achieve this, they will need instead to be aligned and embedded within the critical people and business activities across the entire organisation.

According to the report, organisations are using innovative programmes to attract key female talent. For example, returnship programmes are proving to be a successful bridge for talented professionals to return to work after an extended career break. Over a quarter (28%) of employers have already adopted a formal returner programme, and a further 25% are currently exploring this opportunity, suggesting employers are recognising the potential of these programmes.

In South Africa, the most significant barriers to increased levels of female hires in the market are: the impact of gender stereotypes in the recruitment process (44%), concerns over the cost of and the impact of maternity leave (41%), and some females said their industry was not viewed as attractive to women (21%).

An inclusive talent brand: not an option but an imperative

The survey revealed that just over three quarters (76%) of employers have incorporated diversity and inclusion into their employer brands and this rises to 88% of companies with more than 10,000 employees.

But the report also highlights that just talking about diversity as part of an employer brand is no longer enough. When deciding whether or not to work for an employer, over half (56%) of women are looking to see active diversity progress. This rises to 61% for female career starters. Meanwhile, 61% (South Africa: 59%) of women and 49% (South Africa: 50%) of men look at the diversity of an employer’s leadership team when deciding to accept their most recent position.

The survey results show that 67% of women explored if their employer had positive role models who were similar to them when deciding to accept their most recent position, rising to 76% for female career starters. This factor was particularly important to women working in sectors that are widely regarded as relatively male-dominated, such as FinTech (85%), Engineering and Construction (82%) and Asset Management (78%).

The message is clear: organisations should walk their diversity talk or face contending with increased difficultly attracting talent, particularly female talent.

An escalating fight for female talent  

The report highlights we are seeing organisations across the world inject greater urgency into their gender diversity efforts. Explicit hiring targets have emerged as a core driver in fulfilling these ambitions with 78% of large organisations around the world saying they’re actively seeking to hire more women, especially into more experienced and senior level positions. As organisations fight to attract female talent, particularly at levels and in sectors where they’re currently underrepresented. We’re now seeing competition for female talent escalate to a whole new level.

To win the fight for female talent, it is not enough for employers to have an attractive talent brand: it is also vital that they have an inclusive talent brand. Understanding how the organisation is perceived in this regard is the first critical step. Employers need to recognise the fact that diversity and inclusion raises reputational risks they cannot afford to ignore and that their diversity record is under close and constant scrutiny, not only from the talent they need to attract and retain, but also from customers, investors, stakeholders and increasingly governments and regulators.

This is why an inclusive talent brand is no longer a nice-to-have option but an imperative for business success.

Dion Shango is the CEO and Nana Madikane is the Diversity and Inclusion Leader of PwC Southern Africa.

Say hello to flexible working

The world over, savvy businesses are rapidly moving beyond shared desks to flexible workspaces, which is having a profound effect on job satisfaction and staff turnover.

The hot desk concept is on the wane.

Many more people have higher expectations for their working lives now want to be able to work in a more flexible way. Offices are adapting to meet that need. A bonus and a pat on the back is no longer enough to retain staff.

Recent research by a UK social research charity The Joseph Rowntree Foundation found that almost half the UK workforce would like the opportunity to work in a more flexible way. Job search firm CareerBuilder’s research revealed that 56 percent of employees who describe themselves as satisfied in their jobs cited work/life balance as a key factor.

Only 39 per cent cited salary as the root of their job satisfaction.

Rather than setting up rows of traditional desks, each with their own power point and telephone, firms should consider shared spaces with work benches and social hubs where staff can work in a group or on their own in a more informal setting.

Companies are seeing rewards from a more flexible approach. US retailer Best Buy adopted flexibility at its headquarters, resulting in a reduction in staff turnover of 45 per cent.

As technology develops to enable access to corporate systems, services and applications from any location at any time, employees are increasingly questioning the need to sit at a particular desk in a specific office at set times each day.

The future of flexible working can be divided into three areas – space, location and time.  

Flexible space

Flexible work spaces have the advantage that they don’t “belong” to any individual or team, meaning staff are less likely to get territorial over a particular place. They are also a great use of space for businesses looking to get the most value out of building costs, as they can be used in different ways – from a short meeting to an employee needing to focus on a particular project away from their team.

A clear-desk policy is a must when considering any of the above, ensuring that staff don’t reserve a certain seat or desk even when they’re away from an office.

Flexible location

Remote working is being embraced by many businesses to allow staff to work while travelling or offsite. Whether it’s letting staff head home after an external meeting to carry on working, or a more formal arrangement enabling workers to be at home for certain days per week, employees are increasingly demanding these opportunities. Enterprises that fail to offer flexible working policies and options will soon find they are unable to compete with larger companies when it comes to recruiting and retaining talent.

Flexi time

The most radical of the three options, but it’s one already widely practised by micro businesses, startups and entrepreneurs. However, we have yet to see a real shift to flexible hours among larger enterprises.

Most companies expect their staff to work set days and hours, even if they happen to be working at home or from a hot desk. As offices decrease in both size and number of people on the premises at any time, as more of us choose to work remotely, so the need for staff to all be working the same days and times decreases.

The most forward-thinking firms will start considering roles and functions in their organisation by employees working their own chosen hours – whether that’s compressed hours, weekend or night-time working – rather than those dictated by the business.

It might be that only one or two of these three options are feasible for your organisation at present, but for all firms it is worth assessing pilot programmes to try out the trio of different approaches.

Richard Andrews is the Managing Director of Inspiration Office.

How to run a cost-effective payroll

Employees who are paid efficiently, accurately and on time are productive and profitable, which is why payroll administration is a high-return investment for every organisation.

But payroll administration needn’t be expensive. By taking some sensible steps, organisations can reduce inefficiencies and save money in the long run.

Although some new organisations might manage their payroll using a combination of paper forms and spreadsheets, this translates into wasting money on unnecessary labour costs, double-checking input and calculations, or correcting errors. Invest in specialised payroll software that does all the background work for you. It seems pricey, but it pays dividends in speed, accuracy and compliance.

The cost of legislative penalties and fines resulting from non-compliant payrolls could impact a company hugely as infringements are not tolerated by legislatively authorities. How confident are you therefor that your systems and processes have fully incorporated legislative obligations?

Go for quality

Utilising freeware or open source systems in order to save money is warned against. Inevitability, you will suffer from the lack of support, while viruses will also take their toll. Always choose a well-known package. You’ll realise savings through ongoing development and professional support.

Companies are also advised to use software to its maximum effect by configuring the latest tax tables and other rates, which will allow for calculations that once took hours to complete, to be done in minutes. In addition, any available templates, business rules or automated procedures, like approval processes, escalations, alerts or automatic report transmission should be used. Check your package’s capabilities with your payroll software consultant, and stay abreast of the improvements that software providers continuously add to their solutions. It could trim hours off your monthly workload.

Set rules

The larger an organisation’s payroll, the more administrators it will need to stay ahead. To run cost-effectively, a strong set of payroll rules must be implemented and adhered to. Policies and procedures ensure the payroll team’s work is right the first time, every time, and aligns with organisational requirements.

However, complications may also arise from incorrect configuration of such pay rules. It is therefore highly recommended that companies engage the services of an external professional to conduct a full payroll audit, to identify potential risks and areas of exposure to the business. This gives an opportunity to take action and to remedy the situation.

As a company’s workforce grows, policies and procedures may no longer be appropriate or efficient. It is therefore advisable to review systems once a year to ensure the organisation can scale with the growth. Important points to consider include whether the current software in use is still appropriate; where excessive costs can be trimmed from processes and how these can be simplified. All of which could potentially hold notable savings for a business.

Get support

A good payroll consultant has worked with many companies and has learned how the best payrolls are run. They’ll assist a company in creating the most cost-effective system possible and stay compliant. Consultants may also assist with payroll audits, and can advise on efficiency improvements and irregularities.

Perhaps most importantly, companies are urged to avoid managing payroll with unqualified staff. It might seem cost effective initially, however, errors, inaccuracies and non-compliance will snowball. Employ qualified payroll administrators from the start. Their knowledge, experience and dedication will create cost-cutting efficiencies.

Robust reporting

Companies should further ensure that they have robust reporting and legislative submission mechanisms in place. This will support meeting the critical legislative deadlines and avoiding penalties.

More than a server crash, organisational leaders fear a late or error-ridden payroll run. Therefore, never scrimp on this business-critical function. By using the correct software, processes and talents, you can lower costs while protecting your payroll integrity.

Lavine Haripersad is the Director at the South African Payroll Association (SAPA).

When is it time for a different approach?

Much like marriage, systems or organisational models evolve through stages moving or growing from me to we to it. Put another way the whole is greater than the sum of its parts.

Essentially organisations comprise teams, typically with leaders at the top and other employees filling up the middle and lower structures. The interactions between the levels and individuals create the team dynamic.

Looking at dominant thinking perspectives, two opposites with linear at one end of the spectrum and systems at the other are described.

Linear views aspects with separate parts while a systems approach sees connections and aspects as interdependent, making up the whole. A linear view is a straight line between two points as the most efficient way to get from one place to another. A systems approach applies multiple starting points from which one can apply logic to a problem.

However, the balance of the relationship can be threatened when confronted by obstacles. Among the most common team challenges are building trust, breaking silos, toxic behaviours and resistance to change.

The response is intelligent teams. In the Relationship Systems Intelligence (RSI) model interconnectedness is at play.

The RSI system awareness is the ability to interpret oneself as an expression of the system. What happens is not only personal, it also belongs to the system.  

These systems are intelligent characterised by the ability to adapt, self-organise and be self-regulating and survive by a tethering of interconnectedness and interactivity. RSI stresses the importance of addressing the whole system. In the third and team entity, we look at how we can shift from me to we to it. The focus is on the third entity.

A third entity or team focus is created when groups come together e.g. a band; the focus is not on individual personalities but on the whole entity. Likewise, the team is the third entity.

In an organisation there are various role players that create the functionality with all its parts. People become equivalent to the role.  

Outer roles have an executive function and serve to maintain the externalities of the system and are filled by CFOs CEOS and other C-suite executives and managers.

Inner roles maintain the emotional function and internal structure of the relationship. These emotional needs must be met for the system to self-regulate.

A diversity of roles is at play with personality types manifesting as worker, rescuer, trouble maker, devil’s advocate, implementer, peace maker, scape goat. A system needs all role players.

The ghost role, although amorphous, is a powerful one nonetheless. This is in the form of an invisible third party that impacts the emotional field. These can be the voice of the mother-in law, traditionally relied upon frames of reference, for example, “I’m black”, “I’m disadvantaged”, or “we did it like this 20 years ago,” stemming from the influence of an ex CEO. These ghost roles haunt the individual’s relationships within the organisation. We are often unconscious of them.

Lastly, secret roles stem from aspects of self at a psychological level that influence behavioural patterns. We are many selves, many parts of us can come to light. As individuals, we need to be aware of these various selves as they impact our relationships.

There is confusion and discomfort when roles are not fulfilled. This can arise for several reasons. These may be role confusion, poorly occupied roles, role fatigue or the elimination of old roles and the need for new roles. Players within the system are seen and heard as the voices for the system.

A system relies on roles for organisational structure and effective execution. It is required of the organisation to manage change.

For the edge theory was looked at.

The primary edge involves “what are we leaving behind” The secondary edge involves “what do we want to become as individuals as a team, as an organisation”?

Each team has its on unique entity and knows when to cross from primary to secondary. Each individual has his or her own edge. You must admit to your own edgy qualities and try new behaviour.

Among the many benefits of the systems approach are that it creates a learning and positive work environment, assists the onboarding of new employees, manages conflict, builds resilience and increases performance and productivity.

In addition, it increases employee motivation, ensures effective management and aligns teams and employees to achieve organisational goals.

To consider the relevance for RSI right now and its subsequent challenges Moloto set up the scenario for 2017 and beyond.

Millennials have become the majority of the work force, forcing previous generations to rethink how they lead teams. A system must be creative and adaptive changing its behaviour to respond to the changing environment. Adaptive change is what creates effective teams to produce results.  

Systems are wired to emerge. You cannot stop growth. Change is constant. Systems are in a constant state of emergence, ever evolving towards their next evolutionary stage.

The role for organisational development stakeholders, is to adapt with resilience and authentic courage. Pay attention to unfolding signals and notice what’s going on.

In conclusion, it is required of you to challenge the status quo, be change agents, know what you stand for, have courageous conversations, tell the truth and know what you stand for.

Tumi Moloto, TM Change Consulting.

Written by Iza Grek, A word or 2.

Your Cart