There is no such thing as free Wi-Fi

Posted on : 15-01-2020 | By : kerry.housley | In : Uncategorized

0

Every day thousands of business travellers arrive at their destination searching for the “free Wi-Fi” sign so that they can stay in touch. What most people don’t realise is this creates an excellent opportunity for the cyber criminals to get their hands on your personal information and sensitive corporate data. We are all familiar with some high profile hacks – Sony and Talk Talk to name just a few but there isn’t a week that goes by without another hitting the headlines.  It is all too easy to see cyber security as problem only for large corporates and not something that we mere mortals have to deal with.  An expression very familiar to most cyber security experts is; “why would anyone be interested in me or my information…”

If you have a device with information stored on it, and/or you send information over the internet this is exactly what the cyber criminals are looking for! 

Remember the phrase “one man’s trash is another man’s treasure”!

Why Do Cyber Criminals Want Your Information

So why are cyber criminals so keen to get their hands on your information?  They want your personal details, your clients or suppliers’ details, your trade secrets, or simply a list of email addresses. All of these details are highly valuable when traded on the dark web. The value of a laptop maybe $600 but if you have confidential merger plans on the disk then the PC could be worth millions of dollars to a criminal or business rival.

Even if you think you don’t have any of this information you may still be of interest.

You may be a target as the weakest link and the way in to a more valuable target further up the supply chain.

How Do They do It?

One of the most common way for hackers to steal your data is to use software to intercept the Wi-Fi network at which point they can see everything on a fellow free Wi-Fi user’s screen. They can then see all the traffic travelling to and from to extract important information.

Another popular method used by hackers is to set up rogue Wi-Fi hotspots in areas where large numbers of users are likely to be searching for a connection. These hotspots can use generic names like “free Wi-Fi” to cause trusting users to connect, at which point their personal information can be collected.

The easiest way for thieves get their hands on your data is get the device itself. Home Depot and Pfizer suffered from huge data compromise due to laptops holding confidential information that had been stolen from laptops left in the back of a taxi. A recent study found that nearly half of all executives have lost a device in the past year!  It is estimated that over 2 million laptops are lost or stolen in the US each year.

It’s nearly impossible to secure against an opportunistic thief or simple forgetfulness, so it’s important to take precautionary steps..

 

 

What Steps Can You Take to Protect Your Devices And Your Information

There are a number of steps that you can take to protect your information when you travel.

Before You Go

Back Up

Save all the information on the devices that you are required to take on your trip.

Do You Need The Device/Data for the Trip

Think about the device you are taking and what information is on that device. Ask yourself are you travelling with data that you cannot afford to lose?

Be suspicious of emails you receive

Before you travel especially if they are linked to large international events.

Do not post your travel plans on any social networking site.

Many of the CEO email scams where scammers impersonate the CEO email to defraud the company happen while the executives are out of the country.

 

Whilst Travelling

Protect Your Device

Never pack it in the hold, or leave it on a hotel table while you grab a coffee.  If you do need to leave it behind then lock it away in the hotel safe. Always pin code/ password your device. Last year a report found that 50 per cent of executives had lost their device.

Install Anti-Virus Software

There are a number of mobile device security software solutions available. Install on all your devices for added protection.

Disable Bluetooth Access

When you allow access to a device via Bluetooth connection, once connected this connection stays open and data can flow freely with very little or no user confirmation. How often have you connected your phone to the Bluetooth in a hire care, when you connect your phone you can see details of the previous which if still in range would enable access to their data.

Don’t Use Public Wi-Fi

Public Wi-Fi networks are available everywhere these days. The traveller should use with extreme caution as they are often poorly protected and easily imitated by cyber criminals who set up their own “hotel” networks. The names of Wi-Fi networks are manually created so anyone can set up using any network name. Criminals might set up a network called “official hotel Wi-Fi”.  Once you click and connect to the scammers rogue network they have their hands on all of your data. Always verify with the hotel, café, airport lounge etc. that you are connecting to the official network and check that it has the padlock sign in the top bar. If possible avoid using any public network.

Don’t Use Shared Computers

Often hotel lobby’s will have some shared computers with internet access.  You have no idea how safe the network is so again avoid using wherever possible.

Don’t Do Any Financial/Sensitive Transactions

Take extra precautions whilst connecting to Wi-Fi. Do not send any financial information or business critical information whilst abroad and save it until you are back in the office safely within your secure network.

 

When You Return

Change all your password in case they have been stolen.

Look out for any suspicious emails

When The Unthinkable happens – What to Do If Your Data Is Lost Whilst Travelling

Assess – What has happened, what is the potential impact?

If your laptop has been stolen with company data on then; if it was password protected, encrypted and you have the ability to track and remote ‘wipe’ the disk then you are probably in a reasonable position. The cost will be a new laptop not a new career.

Conversely if you had sent your corporate takeover plans to Dropbox, uploaded them onto your personal un-protected iPad and lost that then the significance of loss is much higher.

Inform – Relevant people about what has happened.

Depending on what has been lost this could be your IT department, management, bank, customers, suppliers, partners, police, insurance firm and potentially shareholders.

Forward looking firms have a policy explaining what to do in this situation with contact and help points. The main point is to make sure relevant people are aware and so can help make the right decisions to minimize the consequences of loss.

Remediate – Resolve the problem as quickly and effectively as possible

Change your passwords immediately. This may help prevent criminals accessing your emails and sensitive information.

Disable the lost device if possible and wipe data from it. Track it and keep law enforcement and your IT department informed.

If you think banking/financial information may be compromised then inform your bank and accounts department.

Monitor activity. It may be useful to explain to customers/suppliers what has happened so they can monitor too. An all too common fraud is to imitate a CFO and give customers new bank account details to send their payments to.

Replace compromised, lost equipment

Review policies and ensure they are communicated and enforced

 

Losing information whilst travelling be very worrying, the main thing is not to panic. Having a clear understanding of how to protect yourself helps significantly to reduce this and the likelihood of loss in the first place.

 

Raising Awareness

The most important tool in the battle against the cyber criminals is awareness. Training is crucial in helping people to understand what the issues are, what is at stake and the simple steps they can take to drastically reduce the risk.

Develop a cyber security culture that becomes a part of everyday corporate life whether in the office or on the road.

Are you ready to make digital transformation a success?

Posted on : 15-01-2020 | By : kerry.housley | In : FinTech, Innovation

Tags: , , ,

0

Digital Transformation is a phrase that businesses are all too familiar with but there are many interpretations of what it means. Companies large or small feel this is an opportunity that they cannot afford to miss!

All too often a decision is made at the top when an executive says we must do “more digital” with little understanding of what this involves and how this will affect their daily business operations. Companies are under huge pressure to get onboard with this process, they fear that if they do not, they will be left behind and watch their competitive edge slip away

Traditional organisational change failure rates are already reported to be 60-80 %, when it comes to digital transformation the story is much worse. A Bain survey reported that just 5% of companies involved in digital transformation achieved or exceeded the expectations that they had set themselves. Many of these companies had settled for very little return on investment and mediocre performance.

There are many reasons for such poor outcomes but one of the reasons is that many firms jump on this bandwagon far too early without thinking it through at a higher strategic level.  Often the starting point is “we need to go digital”, looking for areas of the business to implement the technology, usually this is a strong pain point that they want to fix.  Digital transformation is not about fixing isolated pain points but more about finding ways in which a company can improve their customer journey and provide the best level of service they can. Companies overlook this and go straight ahead putting digital solutions into various parts of the business rather than thinking of this as an enterprise wide initiative.

Another reason for failure is a total lack of investment in areas outside the digital arena. In order to successfully implement any change, there must be a clear reason for doing so. This message must be communicated throughout the organisation from the Board level at the top through to the workers on the frontline. It is here that many companies fail to invest the time and money required, and without the understanding and buy-in of all involved success will very difficult to achieve.

Technology is constantly improving, and companies are keen to be seen as the leaders in their field. There is no doubt for those who are successful in their digital transformation the rewards are immense in terms improved customer service and increased revenue. The problem is that not every company needs or indeed will benefit from digital transformation. Technology is not a one size fits all. Often, companies are so keen to be seen as innovators so they rush into it and buy the “next big thing” without any clear idea how they will use it and what the benefits might be.

Introducing traditional change into an organization is no easy feat, and digital transformation with all it entails is a far greater challenge.

The operating model is a crucial starting point, what does it look like and how can technology work within this model to give the best results. Many organisations are operating based on models that are out of date with their business goals and not agile enough to keep up with the fast pace of customer expectations and technology change.

All the business departments must work together to confirm the business processes and look at how these processes can benefit from digital intervention.

In the Broadgate office we often talk about people, process and technology and it is the people part here which will ensure that the innovations proposed will benefit what is actually happening in the business on a day to day basis. These are the people who have the understanding to see how a process can be improved and they are the people who can ensure your success. As we said earlier, investing heavily in the planning process and getting the culture and the environment ready for change cannot be underestimated but is often overlooked.

From the boardroom to the post room everyone must understand the business, what your business is trying to achieve so that everyone can understand the benefits of the digital change.

Digital transformation is not a one-time project but an ongoing improvement strategy.  Organisations should always be thinking how they can keep improving their business and how they can offer their customers the best experience.

Is your business ready for digital transformation?

  • Is your operating model ready?
  • Are your business processes ready?
  • Is your board ready?
  • Are your employees ready?
  • Is your company culture ready?

If the answer is yes to all the above, then you have a good basis on which to start and might just be in with a chance of success!

Is it time to reconnect offshore?

Posted on : 15-01-2020 | By : john.vincent | In : General News, Innovation

Tags: , , , , , , ,

0

At the end of last year I travelled to India to assess the capability of a potential supplier for our clients. Over the years I have always both enjoyed and been impressed with my trips India. The culture, capability of the people I meet, their client focus and general level of friendliness have always made my trips ones that I look forward to.

This trip was no different and reconfirmed my views. However, I did return with one nagging question;

Why do many corporations not extend their technology services operating model to include partnerships with offshore providers?

Our Broadsheet publication has discussed the changing face of sourcing models many times over the years. Through the late 90’s and over the subsequent 20 or so years much of the focus was on cost reduction. As the efficiency agenda bit into available budgets, many leaders looked towards the labour arbitrage benefits that India could offer, either through their own captive operations, or via sourcing partners to help address the squeeze.

Offshoring business cases often paid lip service to the potential added benefits in areas such as access to skills, quality of delivery or agility, and innovation was often not mentioned at all

So companies transformed their operating model to offshore delivery models throughout this period. Initially the focus was on Business Process Outsourcing (“BPO”) and Information Technology (“ITO”) with back office operations roles and development forming the lion share of the skills transfer. As the model matured, more sophisticated roles in each were shifted offshore in more “value add” areas such as research development and production, as well as infrastructure operations to manage the emerging cloud delivery models through Google, Amazon and Microsoft platforms.

However, with the acceleration in technology innovation over the last few years in areas such as Artificial Intelligence, Machine Learning and Automation, there does appear to be a huge opportunity to harness the talent that the offshore providers have developed?

The first movers in the India offshore business have both an advantage and disadvantage in the new digital  economy. Labour arbitrage largely fuelled wave one of the model, enabling companies like TCS, Infosys, Cognizant and HCL to grow their workforce dramatically (TCS now employ c.425k staff at the top end and HCL have c.120k at the lower). However, whilst this is growth has been good on one hand it also means that these organisations will have a difficult transformation to go through with their own operating model through areas such as automation. Their capability is without question, but they now face the same challenges as their clients in how to introduce the new technology without eroding their core business.

So let’s look at the next tier of offshore providers. Here we find companies such as MindTree, UST Global and Zensar, all of which still have significant staff numbers, but sub 30k. Naturally these providers have focused their service offerings around digital rather than increasing headcount.

In my view, this puts them at a significant advantage when it comes to engaging with clients for the delivery of new disruptive technology. By building new platforms to automate operations they can take on new clients without the need to hire at the rate required by the previous Indian offshore pioneers, thus limiting the challenge of what to do with what may become a significant surplus of skills.

So what about tapping into this capability for new technology? Offshoring is something that still divides opinions a lot. Yes, there are probably as many tales of woe as there are of delight. However, this is something that we also find with the more traditional onshore models. In truth, when both sides enter into the model as a partnership and understanding what needs to change in the engagement, roles and responsibilities, strengths and weakness and a shared ambition, then it can really benefit both the client and offshore partner tremendously.

One of the key success factors is to set up the operating model with a common shared interest, irrespective of organisational and geographic boundaries

One of the things that struck me on my visit was just the depth and scale of the talent in new technology, not only within the providers I visited, but also in the very visible growth for big name companies, consultancies and technology mainstays. AI, Dev Ops, Cloud and ML are core to this revolutionary growth.

In our view, the next few years will bring opportunities to develop partnerships, or even new “captive” type models, with those organisations that are on the pioneering end of the digital growth. Organisations should ask themselves “Why build the capability themselves?”. Often the answer to this question has been coloured by the perceived overhead of managing service provider delivery, through vendor management, security oversight, service delivery management etc.

However, organisations should take a “green field” thought approach to tapping into the offshore provider capability. Core platforms can be delivered by technology and service providers with business services layered on top. Also, this should not be structured as a linear end-to-end service chain, coupled together with hand-offs between the parties, but through a Joint Product Led team. This helps to drive efficiencies, a more agile delivery and an end product aligned more closely with expected business outcomes.

We should say something about the wider macro considerations to using Indian offshore talent. Firstly, from a security perspective there is a noticeable increase in the level of physical security when entering almost all establishments (in response to events over the last 10-15 years). This used to be consigned mainly to corporate access, but this is now visible at hotels, shopping malls and the like. Not an issue, just an observation.

Secondly, India is under pressure to retain its offshore status not just from the nearshore providers, but also from areas such as the Philippines and most notably China. However, this is simply a natural evolution and the competition will provide more choices.

It certainly seems like this decade will bring further opportunities to tap into this offshore digital talent for those that chose to look for it.