Monthly Archives: November 2015

Legal Losses: 4 Steps to Better Internal Security

Legal Losses: 4 Steps to Better Internal Security

When people think of “cybercrime,” they imagine a hacker finding an exploit in an unsecured system and taking advantage for their own gain. While this is a growing concern in the legal world, it isn’t the only security threat that firms must consider. A 2015 Data Breach Investigation Report by Verizon found that 20.6 percent of all data breaches are caused by individuals inside the industry, whether accidentally or intentionally. These breaches can be notoriously hard to detect, given that internal data leaks are less obvious with immediate consequences less than hacker access. IT security has traditionally been challenging for legal firms—clear corporate policies must be implemented to protect privileged information from both hackers and illicit employee actions.

1. Increase Awareness

Legal Losses: 4 Steps to Better Internal Security

A 2015 Data Breach Investigation Report by Verizon found that 20.6 percent of all data breaches are caused by individuals inside the industry, whether accidentally or intentionally.

The first step in decreasing incidence of cybercrime both within an organization and without involves increasing awareness. Companies must create a corporate culture of transparency and honesty with their employees, and train them in data handling practices. Employees should know what to do if they detect a security issue, with clear policies in place for the assessment and removal of emerging threats.

2. Detection/Data Loss Software

Implementing software to monitor data transfer is another method of preventing data loss. Legal firms can optimize their IT security with programs that track detection points of data transfer to highlight potential vulnerabilities. If a breach occurs, these programs offer hard evidence and digital trails for investigators to follow.

3. Implement Warnings

A simple way to increase data security is to let employees know that their actions are being tracked. Employees are much less likely to engage in illicit or illegal behaviors when they know that their computers are subject to searching. This deterrent can be powerful, particularly when employees understand the weaknesses of their business’s IT infrastructure.

4. Monitor Communication

Proper tracking of employee behaviors is necessary to prevent internal losses of information. Forensic analysis of employee communication and behaviors provides visibility into the exchange of information across digital platforms and offers insight into suspicious behaviors in a breach. Investigators can monitor key variables when data is compromised to identify trends and establish the source of information loss.

IT security in the legal world is a never-ending battle. Legal firms must realize that they are vulnerable internally and externally, and take the precautions to keep client data safe.

Desh Urs iBridge LLC

Written by Desh Urs

As a Vice President of Global Sales, Services, and Marketing at Silicon Graphics, Inc., Urs managed engineering and non-engineering functions, developing solutions in sciences, telecommunications, manufacturing, media, business, and defense intelligence, for companies with revenues of several billion dollars. During his tenure as Vice President at Think Tools AG and Brio Technology, Inc., he ran business development and alliances providing solutions in Business Intelligence and Decision Cycle Management to Global 100 corporations worldwide. In the late 1980s, Urs founded Indus Systems, Inc., which he profitably sold to a systems integration company.

Urs serves on several Advisory Boards, as well as many company Boards, in the United States and India.

iBridge NewsletterLaw Firms and Cyber Attacks iBridge LLC

Cybercrisis Management: Effectively Recovering from Data Breach Fallout

Cybercrisis Management: Effectively Recovering from Data Breach Fallout

Crisis management and planning for the unexpected is public relations 101, but navigating your public image through a disaster in the digital age can be difficult. The modern corporate landscape is built on shared data, remote connectivity, and the promise of cyber security, which makes implementing an effective cybercrisis management strategy essential when something goes wrong.

Surviving the fallout from a data breach disaster can make or break an organization in the eyes of both shareholders and the general public. Finding yourself in a crisis whirlwind due to bad planning and poor implementation can be devastating.

Cybercrisis Management: Effectively Recovering from Data Breach Fallout

Image courtesy of Stuart Miles at FreeDigitalPhotos.net

Timing and Communication

The most detrimental misstep organizations take immediately after a data breach or similar cybercrisis is delaying and often miscommunicating important information. Timely, transparent communication is vital to maintaining tight control of the message. It’s easy for the public, the media and internal personnel to jump to conclusions and create misinformed opinions about a situation when the information being shared isn’t authentic and honest. Timing is everything in the digital era, and a flawed social media message, ambiguous statement or postponed response can all add fuel to an already burning crisis fire.

Consider these six steps pre-data breach and utilize them post-breach to minimize damage during a cybercrisis:

  1. Put victims first – Empathy with those affected by a data breach must be part of all crisis management communications.
  2. Communicate sooner not later – Remember, timing is everything.
  3. Prepare for a moving target – Opinions and perceptions can be easily swayed, and it’s important to adapt and progress in the face of criticism and accusation.
  4. Be transparent about not being transparent – Authenticity, even when you’re not able to provide specifics, resonates with the media and the public.
  5. Validate your strategy through opinion research – Corporate jargon and internal investigations aren’t as effective as trusted opinion research people can trust and validate.
  6. Work as a team – Above all else, everyone within the organization must be informed and on your side during implementation of a cybercrisis management plan.

Staying ahead of bad publicity and course correcting after a crisis requires commitment to transparency and a clear understanding of your audience. Preparing for the worst is the best thing you can do, and creating a crisis management team that’s ready and trained to implement a strong communication strategy when a breach occurs can be invaluable.

Desh Urs iBridge LLC

Written by Desh Urs

As a Vice President of Global Sales, Services, and Marketing at Silicon Graphics, Inc., Urs managed engineering and non-engineering functions, developing solutions in sciences, telecommunications, manufacturing, media, business, and defense intelligence, for companies with revenues of several billion dollars. During his tenure as Vice President at Think Tools AG and Brio Technology, Inc., he ran business development and alliances providing solutions in Business Intelligence and Decision Cycle Management to Global 100 corporations worldwide. In the late 1980s, Urs founded Indus Systems, Inc., which he profitably sold to a systems integration company.

Urs serves on several Advisory Boards, as well as many company Boards, in the United States and India.

iBridge NewsletterUnderground eBook CTA

5 Ways BPO is Critical to Your Business

5 Ways BPO is Critical to Your Business

Business Process Optimization (BPO) is no longer optional for companies trying to compete in competitive markets. The systematic process of evaluating, reporting, and implementing better organizational efficiency is necessary for nearly every business. While this reviewal can be managed through in-house means, the most effective BPO strategies come from outsourced professionals who bring new ideas to the table. These include:

1. Staying Competitive

The economic landscape is constantly changing. Businesses can’t afford to let their business practices go stagnant. BPO consultants help businesses stay competitive in an evolving economic environment by reviewing policies and procedures to determine their effectiveness. This assessment provides feedback on which strategies are generating acceptable returns, which need streamlining, and which should be scrapped altogether in favor of more competitive or up-to-date practices.

picjumbo.com_HNCK8991

2. Focusing Attention

Letting an expert handle the complex details of your BPO strategy frees up your attention and lets you direct your focus where it’s needed most. Your BPO consultant will identify weaknesses in your current business practices and give you concrete goals to work towards. Your BPO strategy provides more than a mere process assessment; it provides peace of mind and the assurance that your business is running efficiently.

3. Gaining Perspective

Sometimes, those entrenched in results-focused businesses cannot identify which practices inefficiently meet corporate goals. A third-party appraisal of your strengths and weaknesses can offer a fresh perspective on the state of your business practices. An outsider will have industry knowledge on best strategies for success, experience assessing your business from a top-down perspective, and competitive insight into how your procedures stack up against the industry.

4. Resource Optimization

At their most basic, BPO consultants are here to save you money. Their experience helps you determine the most efficient ways to reduce spending, maximize overhead, and receive better returns across the board. While the cost of hiring a consultant may deter businesses in the short-term, the long-term economic gains and organizational improvements make it a worthwhile investment in future success.

5. Increasing Efficiency

But BPO benefits aren’t limited only to performance indicators and resource planning; optimizing your business practices can affect your worker productivity. Bringing a BPO consultant on board means receiving a thorough assessment of where effort can be leveraged for maximal gain. This translates to better organizational efficiency, direction of employee manpower, and foresight into what skills may be required.

Desh Urs iBridge LLC

Written by Desh Urs

As a Vice President of Global Sales, Services, and Marketing at Silicon Graphics, Inc., Urs managed engineering and non-engineering functions, developing solutions in sciences, telecommunications, manufacturing, media, business, and defense intelligence, for companies with revenues of several billion dollars. During his tenure as Vice President at Think Tools AG and Brio Technology, Inc., he ran business development and alliances providing solutions in Business Intelligence and Decision Cycle Management to Global 100 corporations worldwide. In the late 1980s, Urs founded Indus Systems, Inc., which he profitably sold to a systems integration company.

Urs serves on several Advisory Boards, as well as many company Boards, in the United States and India.

iBridge NewsletterBack-Office eBook CTA

7 Barriers to Cloud-Based Big Data Adoption

7 Barriers to Cloud-Based Big Data Adoption

The concept of “big data” is all the rage these days. Healthcare industries are constantly on the lookout for new ways to aggregate and apply the wealth of information available to them. One of the most common solutions involves a shift towards digital enterprise and cloud-based applications. Unfortunately, adapting the healthcare infrastructure to accommodate big data poses several challenges:

Transition to the cloud

As the cost of physical data center locations becomes more expensive, many healthcare facilities are electing to move their data centers into the cloud. This is a costly move, and requires top-down organizational changes to the way data is collected, stored, and analyzed.Cloud

Security compliance

While cloud-based infrastructure is convenient, it’s also more vulnerable to unauthorized access. Hybridizing physical data centers with cloud systems creates a nightmare of security challenges. The healthcare field is a prime target for hackers, and increasingly complex data storage centers create more openings to be exploited.

Job requirements

Reliance on a cloud-based infrastructure requires different skills for healthcare employees. Skills that focus on application are taking precedence over physical transmission and security. The changing datacenter is more agile and complex than ever before, meaning that employees trying to keep up must diversify their skillsets to stay efficient and competitive.

Global connectivity

Managing a local data center is challenging, but nowhere near as difficult as attempting to manage a cloud-based enterprise that spans multiple geographic regions. As technology improves and barriers to international business are reduced, healthcare facilities must know of the regional challenges, legal restrictions, and resource commitments that take place when operating on a global level.

ERP applications

The changing digital landscape affects how all information is processed, including the resource planning applications that drive the healthcare industry. The transition to the cloud creates the need for ERP applications that aren’t just optimized for on premise installation, but are also integrated into virtual platforms.

Automation

Automating data analysis in the healthcare industry can streamline production, reduce complexity, and facilitate a more efficient use of resources. However, this process can be costly to implement and requires integration with unique software-defined networks.

Disaster recovery

While doomsday scenarios aren’t usually included in budget allocation, the shift towards digital healthcare enterprise provides an extra level of security for healthcare facilities that only have physical locations. Moving data to the cloud protects it if a natural disaster occurs or server malfunction, giving healthcare administrators a fallback option and better peace of mind.

Dean Van Dyke iBridge LLC

Written by Dean Van Dyke, Vice President, Business Process Optimization

Dean Van Dyke is the Vice President of Business Process Optimization for iBridge. He brings more than 18 years of customer relations, business process outsourcing, lean six sigma, program/project management, records management, manufacturing, and vendor management experience to iBridge. Mr. Van Dyke was the former head of Microsoft’s corporate records and information management team, and served honorably for over fourteen years in the U.S. Navy and Army National Guard. He received his Bachelor of Science in Business Administration from the University of South Dakota and his Master’s in Business Administration from Colorado Technical University.

iBridge NewsletterUnderground eBook CTA

Cooperation over Confrontation: The Value of Listening

Cooperation over Confrontation: The Value of Listening

The “Chief” in the title of CTO has a strange effect on executives. When given full charge of a project or department, many leaders believe that their insight is all that’s required to successfully run their enterprise. Unfortunately, this trend creates inefficiency and poor communication about what improvements are needed in a business setting.

Open Your Ears

Identifying areas of inefficiency and improving technological procedures form the core of what a CTO does—goals only possible with cooperation from employees across every administrative level. Trying to enact meaningful change behind closed doors is a recipe for failure. Transparency is essential when updating business practices to ensure that the initiatives set forth are relevant and feasible for the entire team.

Cooperation over Confrontation: The Value of Listening

Image courtesy of Stockimages at FreeDigitalPhotos.net

 

To accomplish this cooperative endeavor, CTOs must balance their own instincts with direct feedback from their workers. Improvements not informed with the right knowledge can be detrimental to time and budgetary concerns, making the gathering of insight critical for improvement success. When determining the best way to improve your system, who can provide better feedback than the actual team members working with the affected system? Top-down organizational changes must be implemented with everyone on board, as each administrative level will have different experiences and unique perspectives. It’s this 360 degree view of their workplace that allows executives to implement changes that flow well with the established infrastructure of their business environment.

Essential Networking

But even with feedback, CTOs are taking risks when updating their systems. There are few guarantees that any changes made will yield positive returns on an investment, and poor decision making can compound pre-existing issues. To prevent improvement efforts from doing more harm than good, additional industry insight is sometimes necessary. CTOs looking for information can connect with similar business to learn what improvements they’ve implemented and where they have found success. Utilize online tools like social media (LinkedIn groups), business-to-business publishing, and local networking opportunities to discuss concerns with executives facing similar challenges.

Interacting with other industry professionals can provide competitive knowledge about the state of their business, with giving executives another opportunity to elicit feedback from others. Building a business that prioritizes communication does more than just inform your IT improvements—it fosters a culture of cooperation that contributes to the long-term success of a people-focused enterprise.

Dean Van Dyke iBridge LLC

Written by Dean Van Dyke, Vice President, Business Process Optimization

Dean Van Dyke is the Vice President of Business Process Optimization for iBridge. He brings more than 18 years of customer relations, business process outsourcing, lean six sigma, program/project management, records management, manufacturing, and vendor management experience to iBridge. Mr. Van Dyke was the former head of Microsoft’s corporate records and information management team, and served honorably for over fourteen years in the U.S. Navy and Army National Guard. He received his Bachelor of Science in Business Administration from the University of South Dakota and his Master’s in Business Administration from Colorado Technical University.

iBridge NewsletterBack-Office eBook CTA

Cybercrime: Redefining Security in an Unsecured World

Cybercrime: Redefining Security in an Unsecured World

Online security in the digital age may be a myth.

A survey by the Aspen Institute and Intel Security found that 50 percent of security professionals once believed that their organizations were “very or extremely” vulnerable in early days of cybersecurity, yet only 27 percent believe that their organizations face the same level of risk in more recent years. Despite this increased confidence, 70 percent of respondents admitted that cybersecurity breaches are a growing threat to their industry. And security firms aren’t the only ones who need to worry—cyber-attacks have become commonplace across nearly every digital enterprise.

talk-talk-logo-_1361791a

The highly-publicized Ashley Madison leak in July brought online privacy and cybersecurity into the public domain, though cyber-attacks can strike anywhere. The web hosting service 000Webhost suffered a data breach in March that potentially exposed 13.5 million customer records, a significant loss of information and authority for a high-ranking web hosting service. Most recently, the UK-based phone and broadband provider TalkTalk was the victim of an unauthorized breach, with 4 million private customer profiles possibly exposed.

Areas of Vulnerability

The proliferation of cybercrime is made easier by inefficiencies in website system architecture. Regardless of what security policies or privacy measures are in place at the enterprise level, shoddy and inefficient website development code creates openings that savvy hackers can exploit. This problem is compounded by many web developers not rewriting website code (a costly and time-consuming process) and instead “paper over” any problems that are noticed. This habit creates multilevel vulnerabilities in the coding infrastructure hard to notice by security personnel, yet remain vulnerable to those seeking them out. The 000Webhost breach is one example of this trend, with unauthorized access gained from an exploit found in an old PHP version of the site.

These inefficiencies combined with the growing ingenuity of cyber criminals create a system where “privacy” may no longer exist. If criminals cannot exploit system vulnerabilities in the site’s structure, they employ social engineering and manipulation to gain access to the information they want. At its core, security problems revolve around people—from the coders who develop site structure to the employees who manage the phones, the only chance businesses have at gaining comprehensive security is with efficiency and rigorous training for all employees across every part of their infrastructure.

Desh Urs iBridge LLC

Written by Desh Urs

As a Vice President of Global Sales, Services, and Marketing at Silicon Graphics, Inc., Urs managed engineering and non-engineering functions, developing solutions in sciences, telecommunications, manufacturing, media, business, and defense intelligence, for companies with revenues of several billion dollars. During his tenure as Vice President at Think Tools AG and Brio Technology, Inc., he ran business development and alliances providing solutions in Business Intelligence and Decision Cycle Management to Global 100 corporations worldwide. In the late 1980s, Urs founded Indus Systems, Inc., which he profitably sold to a systems integration company.

Urs serves on several Advisory Boards, as well as many company Boards, in the United States and India.

iBridge NewsletterUnderground eBook CTA

Why Patient Care and Healthcare Spending Rely on Accurate Reporting

Why Patient Care and Healthcare Spending Rely on Accurate Reporting

Rising healthcare spending in the US has sparked a push for more demonstrable improvement metrics by both patients and providers. A report by the Kaiser Family Foundation revealed that while healthcare quality in the United States is improving, it remains inadequate when compared to countries of similar wealth. A lack of efficient and productive reporting standards may be to blame for this trend.

Assessing US Healthcare

It’s difficult to measure the quality and impact of healthcare initiatives accurately. A lack of data and inability to measure return on investment for healthcare practices creates an environment where healthcare efficiency can only be measured in fragmented pieces.

Why Patient Care and Healthcare Spending Rely on Accurate Reporting

Image Courtesy of Baitong333 at FreeDigitalPhotos.net

The US has improved in several measurable areas, including preventable mortality, vaccination rates for children, and hospital-acquired infections. These metrics reflect some benefit to the vast spending that characterizes US healthcare, but do not offer insight into system-level performance. A comprehensive assessment is necessary to understand how each aspect of healthcare improves the quality of life of each patient. The US still falls short in several important healthcare areas when compared to countries of similar wealth, including infant mortality, cost of healthcare access, and total estimated years of life lost because of poor health. A disconnect exists between the healthcare priorities of the US and what spending initiatives are being prioritized.

An All-Encompassing Perspective

This problem is compounded by the limitations of data collection in healthcare reporting. Broad survey data offers the most inclusive perspectives on overall population health, yet is subject to countless confounding variables and social factors that make the data difficult to apply in meaningful ways. Conversely, focused and individualized health assessments apply at the patient/provider level, but fail to offer insight into the larger spectrum of societal healthcare.

Comprehensive assessments to determine the actual impact of healthcare on an individual’s quality of life are still prohibitively difficult. Current metrics provide a cross-sectional view of healthcare practices, but fail to report meaningful data that would allow for a systemic assessment of every piece of the puzzle. This reporting will be necessary as healthcare spending continues to rise, particularly in societies where healthcare plays a significant role in entrepreneurship and enterprise. Determining more encompassing metrics for healthcare assessment will become an essential step in the fight for reduced healthcare spending and better patient quality of life.

Dean Van Dyke iBridge LLC

Written by Dean Van Dyke, Vice President, Business Process Optimization

Dean Van Dyke is the Vice President of Business Process Optimization for iBridge. He brings more than 18 years of customer relations, business process outsourcing, lean six sigma, program/project management, records management, manufacturing, and vendor management experience to iBridge. Mr. Van Dyke was the former head of Microsoft’s corporate records and information management team, and served honorably for over fourteen years in the U.S. Navy and Army National Guard. He received his Bachelor of Science in Business Administration from the University of South Dakota and his Master’s in Business Administration from Colorado Technical University.

iBridge Newsletter7 Things About Medical Identity Theft Healthcare Executives Need to Know