Category Archives: Security

5 reasons there is no security in any job and where to find it anyway

“I can’t find a job”

“I have a great Job”

“I’ve been let go from my job”

“I hate my job”

“I need a job”

“I was laid off from my job”

“I lost my job”

“I didn’t get the job”

We have all heard these statements and more like them regarding that thing we all love to hate, a job.

A job can provide the income and benefits we all need. A job provides a sense pf pride when we do well.  And it provides a sense of identity for what we do. All of the are good things.

And many times we look for security in a job.  But, in reality, those who are ‘let go’ understand that there is no security in a job. What feels like a great secure job one minute can quickly be eliminated by corporate changes or economic events. 

So why are jobs at their core really no security at all?

It’s not you it’s them

Job by definition means “someone else”.

If you have a job someone else is paying you. Someone else is managing you.  Someone else is setting the agenda. Someone else is deciding the larger issues of employment. Someone else is taking the risk to provide goods and services to the market place. Someone else is in control.

Someone else.

Not you.

Granted, you can quit. However, if you still need a job, you are in the same boat as before, relying on someone else.

5 Truths about jobs

  1. Jobs exist to benefit the company
  2. Jobs exist to help the business make money
  3. Jobs exist to further the company goals
  4. Jobs exist because the owners want them to be
  5. Jobs are not there for you.

Certainly you benefit as a byproduct of doing a good job through salary, bonuses and other benefits. If you do well you can get promoted to a new job. 

However, you are not the purpose of the job. You are the doer of the job. And if you don’t do it, someone else will. We are all replaceable.

Job Value Equation

A job is an equation that has to be balanced. It goes something like this:

(Real Value you deliver to the company) > X * (Your total cost to the company)

Where rarely X is 1. Many times it is much greater.

If a salesperson simply makes their equivalent salary in sales for the company they won’t be around long.

If that equation fails to balance then you may be invited to attend work elsewhere.

So where does the job security come from?

So if you can’t trust a company to provide job security then where does it come from?

Well, it comes from you.

Employment security is derived from your inate abilities, skills and attitudes that are valuable to any employer. Those are the things inside you that will get you another job.

What are they?

  • Your skills
  • Your mindset and attitude
  • Your ability to Learn
  • Your work ethic
  • Your work culture acumen
  • Knowing and growing your value

Takeaway

Ultimately we are the stewards of our own selves. One of the best job related investments you can make is in yourself.

Invest in your training, self improvement and growth.

As William Earnest Henley said in the classic poem Invictus:

“I am the master of my fate,
      I am the captain of my soul.”
 

You are the captain of your self and you are responsible to do those things to grow and improve. The world won’t do it for you.

In this, you take steps toward building your own security. 

So captain, where are you sailing?

7 deadly sins of IT

I happened to overhear yet another conversation where some non-IT folks were discussing how they could get around IT. They were justifying their actions based on the lack of responsiveness of IT in general to their needs.

This is a common theme I have seen. Technology vigilanties bending the rules to get around the very team that supposed to help them solve technical problems.

Much of this attitude comes from the 7 deadly sins of IT.

Tech speak is not your first language

Nothing communicates implicit condescention more than using vocabulary and phrases that are are unknown to your audience. Technology is filled with words and acronyms that non tech professionals and employees don’t know or understand.

If you are fluent in tech speak and your immediate customer is not you can confuse them quickly and easily.

I have seen IT folks deliberately tech speak to the non-initiated for their own fun and sport.

The deadly sin here is that instead of being a problem solver and technical guide, the IT personnel who engage in this behavior lose influence with their customers. Their customer can’t understand them. What customers can’t understand they won’t value. Customers will find other ways around IT to get their problems resolved. Hello shadow IT.

Would you like IT attitude with that?

Most IT folks are pretty smart. After all they are dealing with computers and networks and software which can be pretty complex stuff. It can be a pretty heady vocation.

Being smart as evidenced by your sagacious problem solving and astute solutions is one thing. But having the attitue that you (as an IT worker) are smarter than everyone else because you are in IT is another deadly sin.

The thing is most employees bring their own type of ‘smart’ to their job. Just because they don’t know tech stuff per se doesn’t mean their smart is less valuable. It’s just different.  A business requires different types of ‘smart’ in order to succeed and grow. IT smart is just one of them.

Ignoring the customer

Another deadly sin is creating solutions while all the time ignoring or not involving the customer.

Too many IT groups still operate under an “IT knows best” pattern. This leads to ignoring the customer in the pursuit of solutions that IT deems necessary.

The result is that the customers needs are not met, and they are forced to look elsewhere to get the solutions they need. More shadow IT.

Means and not the end

IT is a means to an end and not the end. Unless the revenue generating product is IT, then, of course, IT is the end.

In most companies IT is needed as a means to an end, such as to improve productivity, or speed production or aid compliance. IT is a utilility that helps the business get it’s job done, faster, cheaper and with higher quality.  And it should be a responsive utility to get the best results.

Too many times entrenched IT interests believe themselves to be the end. This deadly sin results in empire protecting and dedicated adherence to the status quo. Both of which are suffocating to a business. This jurrassic mindset will go extinct just like the dinosaurs, hastened by a flood of easy to use, online, inexpensive and disruptive services.

It’s the paradigm stupid

IT camps can also fall victim to the sunk cost fallacy. Unchecked this deadly sin can yield the ‘we have to do it this way’ attitude.

Your business needs may call for new thinking or a different solution. But, because of previous investment in systems and personnel, you try to meet that need with what you have always done. Even if that’s not what will work.

When all you have is a hammer everything looks like a nail, the old saying goes.

We have high standards

Standards are necessary. They reduce variation, expenses and help with more consistent results and experiences. We all need standards. We all get it.

The deadly sin comes in when IT uses standards like Wonder Woman used her bullet bracelets. Too many times IT teams do not respond to needs because they are outside of ‘standards’. In these environments standards are used to deflect requests, dodge opportunities and dampen ideas.

Standards end up being static snapshots in history. And in the wrong hands are used to stifle innovation and responsiveness.

Indecent exposure

The capability of technology we have today is really amazing. Modern software, mobile phones, the internet and all of its technology are unbelievable tokens of progress. Sometime just getting a technogy to work correctly is an amazing feat.

And IT has its share of amazing feats.

The deadly sin comes in when we don’t also consider security while doing amazing technogy.

We all see the news stories. There are lots of bad actors that take advantages of lax security and wreak havoc on businesses. Malware, ransom wear, data breaches, identity theft, internet disruptions are all the work of bad folks taking advantages of systems that have flaws uncorrected leaving the users of that technology exposed and vulnerable.

 

The seven deadly sins exist in many IT teams. If they remain unchecked they can damage business. Don’t let that happen to your business. What will you do about it?

5 ways BYOD could impact a small business purchase

BYOD, or “Bring Your Own Device” is a phenomenon that is currently the rage in many companies. But it could completely derail a business purchase.

BYOD is where an employee uses their own mobile phone, tablet or laptop to access company email, data, networks or applications. It it perceived to allow the employees to be more productive and responsive by accessing job related information and applications on their own device, which they have with the all the time. Companies perceive BYOD to be a way to spend less on hardware for employees.  Everybody wins? Right?

BYOD can be a necessity for small businesses that need to deploy scarce capital for product development. They simply can’t afford spending those resources on phones, and other devices even though they are needed to run the business. BYOD can be a positive for larger companies in terms of impact to budget, improved customer response time and better data for real-time decisions.

What about BYOD when it comes to a business purchase?

When it comes time to purchase  a business, what should an acquirer be looking for reading BYOD that could create problems in the deal?

Here are 5 areas that an acquiring company should consider when it comes to BYOD concerns.

1. Access to company systems

BYOD means that employees are able to login to corporate systems easily. Systems such the payroll or accounting system, maybe your sales or customer applications like salesforce. This includes access to corporate websites for monitoring and publishing content or social media posts. Many employees setup their devices to remember login id’s and passwords so that they don’t have to login to a service overtime they check it. This means that if there phone is stolen and unlocked, the thieves could potentially access those corporate accounts in the same way the employee does.

2. Confidential data

BYOD offers access to corporate systems. This means that for some applications you can download data that may be confidential to the company. Email attachments such as sales reports or contracts, files that are accessed from corporate data servers and documents and spreadsheets can all be stored locally on employee devices. Companies that have intellectual property records and documents would need to pay special attention to this.

3. Customer records

BYOD brings a big advantage to employees for dealing with clients and prospects. By having access to up-to-date, real time customer data and records the employee is able to have more relevant conversations with the client or prospect. This access can help close deals and increase revenue. However, if the device were lost or stolen this same customer data could be available to perpetrators. Corporate data breaches are now commonplace and very expensive.  Acceding to the 2015 IBM Cost of Data Breach Study the average consolidated total cost of a data breach is $3.8 million.

4. Departing employees

Acquiring a business sometimes means existing employees are re-assigned or let go, and some may choose not to stay with the new owners. Acquirers needs to carefully analyze the BYOD impacts of a departing employee. Make sure their access is removed and any locally stored data, or copies of data are deleted. Otherwise they could be walking out the door with the keys to the kingdom, or at least part of it. This is a particularly crucial step for departing IT system administrators. They usually have capability in their access to have full control over systems, data or servers. It is imperative that these aspects be clearly walked through for any departing IT or software development employees.

5. BYOD policy mismatch

Prudent companies use BYOD where it makes sense and helps the company objectives. Part of this prudence is spelled out in the BYOD policy the company should have. These policies should try to balance  employee access and convenience with liability and privacy concerns. The acquiring company needs to investigate the policies in place and determine if they are compatible with their own current practice. If not changes will need to be made, communicated, trained and enforced as part of the transition.

Conclusions

These are some of the basic impacts. Certain businesses may have additional concerns when it comes to HIPPA, manufacturing controls and other specialty applications. It is important to consider these aspects in the deal making phase and investigate them thoroughly during due diligence so that deal risks and impacts are known. An acquirer may need to enlist the services of an IT professional to fully investigate the risks and sues. Knowing before the deal is signed helps make the best decision possible.