Practise privacy-safe surfing: How 21st century parents can set an example for their kids

Practise privacy-safe surfing: How 21st century parents can set an example for their kids by Daphne Guerrero.  Available from<http://www.northumberlandnews.com/community-story/6953466-practise-privacy-safe-surfing-how-21st-century-parents-can-set-an-example-for-their-kids/> [Nov 10, 2016]

Why wouldn’t you want to share that hilarious video of little Liam lying about stealing cookies from the cookie jar when the evidence is all over his face?

And that priceless photo of Emma celebrating her first potty training success? It’s just the sort of milestone that attracts kudos and cheery chatter on your social media page.

But what will Liam and Emma think when it’s rediscovered by their peers when they hit high school? Or what if it ends up on some blogger’s viral top 10 list or is discovered by a prospective future employer?

Sharing personal mementos online with family and friends in the 21st century requires some serious forethought.

“The Net never forgets,” said Daniel Therrien, privacy commissioner of Canada. “Once you’ve posted something online, it can be very difficult to get it back.”

Recognizing that children and teens are an especially vulnerable group when it comes to the reputational harm that could come from sharing personal information online, Therrien’s first bit of advice is for parents to lead by example.

“You can’t expect your children to think before they click if you don’t,” he said. “Those funny photos of your child can be copied, shared and stuck online forever. Posting them is not unlike a friend tagging you in an unflattering or compromising photo without your permission.”

Commissioner Therrien is also urging families to create their household do’s and don’ts for surfing the web and downloading and using mobile applications together. The Office of the Privacy Commissioner of Canada recently unveiled House Rules, an interactive tool aimed at helping families do just that. The template can be downloaded from the OPC’s website.

The tool offers simple tips parents and children can customize into their very own house rules that can be printed off and posted in a common area as a reminder of how to protect privacy online.

“The House Rules tool is a great way to open a dialogue with your children about online privacy and the potential perils of oversharing personal information, whether it’s about yourself or somebody else,” Therrien said. “A key component of digital literacy is the ethical and responsible use of technology and knowing how to protect your privacy and exercise control over your personal information. It’s also about respecting the privacy of others by not sharing their photos or personal information without permission.”

Ontario’s information and privacy commissioner, Brian Beamish, tells kids and their parents to be proactive and to think before they post. Nothing is ever deleted from the Internet.

“When going online, kids should think about ‘the 7 Ps’,” said Beamish. “Parents, police, predators, professors, prospective employers, peers and pals can view their online posts. They should think about whether they are comfortable with the information they are sharing. Privacy is about freedom of choice and people can control how much personal information they post online and who has access to it.”

Another helpful resource is the OPC’s graphic novel aimed at tweens and younger teenagers. Social Smarts: Privacy, the Internet and You was created to help young Canadians better understand and navigate privacy issues in the online world.

Developed with feedback from youth, it tells the story of a brother and sister who learn — sometimes the hard way — about the privacy risks related to social networking, mobile devices, texting and online gaming.

Parents will also find a handy discussion guide that accompanies the graphic novel, which can be used to kick off a conversation about safe surfing.

Of course there’s no reason to wait until your kids are older to teach them about online privacy. A number of activity sheets available for younger children seek to explore privacy issues through mazes, colouring, connect-the-dots and other fun, hands-on activities.

“By better understanding privacy communications, children will be able to make more informed choices about the websites they visit, the apps they use and the games they play,” Therrien said. “These are skills that will benefit them well into adulthood.”


12 QUICK PRIVACY TIPS FOR PARENTS

It can be tough raising kids in a digital environment. Many of them use the Internet effortlessly, and easily adapt to new devices that connect to it. For many of us, these tools have become a routine part of our children’s lives, as they use them to chat, surf, post, play and learn. The Internet has become one of the most powerful tools they have to connect with friends and make new ones.

Many kids, however, don’t fully understand the impact that some online activities may have on their privacy. Below are 12 tips to help you limit the risks to your children’s personal information, while allowing them to make the most of their time online.

1. TALK TO YOUR KIDS.

It’s important to know the Internet spaces your kids frequent and the devices they use to go online, to help you understand the nature of personal information they may be sharing. Technology changes rapidly and many children are ahead of adults in adapting to new options. Talk with them often about their online activities to keep up with what they are doing and interested in.

2. TRY IT OUT.

It’s not enough to know what online spaces and devices your kids are using. To understand the nature of the personal information they are sharing, you should know how they are using and experiencing them. So, dive in. Try out the family web cam if you have one, play the online games they love, create a profile on the social networking sites they frequent, and download some music.

3. KEEP UP WITH THE TECHNOLOGY.

Many mobile devices, like smartphones, tablets and gaming consoles, can connect to the web and have video cameras. The lines between devices are blurring, and it is important to know what kind of device your child has, so that you know whether they are merely playing a game, or if they are using the Internet and sharing personal information.

4. MAKE RESTRICTING PRIVACY SETTINGS A HABIT.

Most social networking sites have extensive privacy options that children should learn to use. For each site where your kids are posting information about themselves, their family and their friends, sit down with them and review that site’s privacy policy. Then modify the privacy settings of their account, and have them consider how the information they are posting could be used — or misused — by others.

5. MAKE PASSWORD PROTECTION A PRIORITY.

Children need to understand that their online information will be better protected if they use passwords. They should use different passwords for different sites and they should change them regularly. Encourage them to ensure their passwords are strong (eight characters or more and a variety of letters and/or numbers), to change them regularly, and to never share them with anyone.

6. EMPHASIZE THE IMPORTANCE OF PROTECTING MOBILE DEVICES.

The first thing anyone should do with a new mobile device is activate the password protection. Talk to your kids about this, and the importance of protecting the device itself — not just because it may be expensive, but because it may contain their personal information. A device that gets into the wrong hands could result in embarrassing or even malicious videos or pictures being posted online by someone else in your child’s name.

7. REMIND YOUR KIDS THAT WHAT THEY POST ON THE INTERNET IS NOT ALWAYS PRIVATE.

Your kids should understand that once they post content online, they no longer have control over it. It can be forwarded, copied and pasted, manipulated, printed out or saved — it can remain online, in some form, potentially forever. They should know that even password-protected pages are not totally secure, and that deleting information doesn’t mean that it’s gone forever.

8. TEACH YOUR KIDS TO THINK BEFORE THEY CLICK.

It can take only seconds to snap a photo and post it to the Internet, or to post a comment. But it can be nearly impossible to permanently delete that comment or photo once it’s posted, as it can then be downloaded or archived by others. This is why it’s so important for kids to think twice about every piece of personal information before they post it to the Internet. They should only post things that they would be comfortable with the whole world seeing.

9. STRESS THE IMPORTANCE OF KNOWING YOUR REAL FRIENDS.

Kids need to know that, online, they can’t be 100 per cent sure of who they’re talking to, so they should never accept friend requests from people they don’t know in real life. Online friends can end up accessing online photo albums, reading personal comments, copying and pasting information, knowing what you’re doing and where you are. Remind your kids that a “friend of a friend” of a real-life friend is really just a stranger.

10. TEACH YOUR KIDS THAT THEIR PERSONAL INFORMATION IS VALUABLE.

Kids need to know that many people and companies want their personal information to sell or market things to them in the future. New and exciting technologies are emerging daily, but often personal information is the cost of admission. Review the personal information they often need to surrender in order to play online games, fill out an online survey or quiz, join virtual worlds or even just shop online. Discuss potential ways to limit that information, for example, by completing only required fields, using pseudonyms, and using incomplete information.

11. LET YOUR KIDS KNOW THAT YOU ARE THERE IF THEY MAKE A PRIVACY MISTAKE.

Stay calm if your child makes a mistake, like posting something they shouldn’t have. Help them remove the post, where possible, and talk with them about how they can avoid a similar mistake in the future. If you “freak out” or deny access to them, they may not come to you for help when they really need it in future.

12. SET A GOOD EXAMPLE.

Remember, those cute potty training or bathing photos of your own child that you are tempted to post can also be copied and shared, and remain online forever. Just as you would respect your friends when posting photos or other items that contain their personal information, respect your kids’ personal information too. Set a good example when you’re online so your kids have a good role model to look to if they’re wondering what kind of information is OK to post.

Practise privacy-safe surfing: How 21st century parents can set an example for their kids by Daphne Guerrero.  Available from<http://www.northumberlandnews.com/community-story/6953466-practise-privacy-safe-surfing-how-21st-century-parents-can-set-an-example-for-their-kids/> [Nov 10, 2016]

IoT Security Tips to Protect Your Small Business

IoT Security Tips to Protect Your Small Business by Drew Robb.  Available from<http://www.smallbusinesscomputing.com/tipsforsmallbusiness/iot-security-tips-to-protect-your-small-business.html> [Posted November 07, 2016]

This article examines the recent Internet of Things (IoT) attacks and offers expert tips on how to secure IoT devices.

Last month on October 21, millions of people could not connect to websites like Twitter, Netflix, Spotify, Airbnb, Reddit, Etsy, SoundCloud and The New York Times—due to what’s known as a distributed denial-of-service (DDoS) attack. The culprit? Tens of thousands of Internet of Things (IoT) devices that contain wireless sensors to connect to the Internet. Hackers compromised cameras, coffee makers, web cams, DVRs, surveillance cameras, routers, anything they could get their hands on. And they used these devices—without their owners knowing—to unleash a flood of overwhelming Internet traffic that took down all these sites.

“The latest DDoS attack used connected devices such as smart refrigerators and thermostats,” said Frank Scavo, president of Computer Economics. “They flooded the network with a large number of transactions, until these websites were unable to process legitimate transactions.”

Understanding the Need for IoT Security

The IoT is the subject of tremendous hype of late. Analyst firm Gartner predicts that by 2020, more than twenty billion devices will be connected to networks worldwide. The vision behind this includes: smart traffic lights that don’t leave you idling at a junction for several minutes when nothing is coming the other way; coffee makers networked to the front door or to your phone so coffee is ready and waiting upon your arrival; and fridges that send reminders to order grocery items in short supply.

The problem is that every wireless sensor and each networked device represents a possible entry point for an attacker. And if hackers can use them to bring down the Web, how difficult do you think it will be to use them to infiltrate a small business network?

Unfortunately, most of these IoT devices contain little in the way of security features. If even when they do, they’re neglected. People never change the factory set password—such as 0000 or 1234—when they are installed, so millions of devices end up with the same easy-to-hack password.

For example, a security conference called Black Hat Europe recently discovered a security vulnerability between IoT devices and Android phones. Belkin home automation devices—such as electrical switches, cameras, light bulbs, coffee makers, and air purifiers—could be used access the phones that program and control the devices.

“Hackers can use the IoT device to hop right into the network,” said Chris Coleman, senior engineering manager at VeeDog, a small business ransomware-prevention vendor. “Anyone using such devices in a small business could find their servers suddenly overcome by malware.”

He said that wireless Internet routers in small businesses are particularly prone to attack if they’re not well protected. But there are also known cases of business cell phones being hacked via the office coffee maker.

“A lot of devices out there have intelligent connections to the Internet that represent a real and persistent danger to your business,” said Coleman.

IoT Security Tips

We spoke to security industry experts who offered their best IoT security tips to help you prevent your business from falling victim to an IoT attack. Here’s what they had to say:

  • Software Updates: Keep the software for your computer network, servers, laptops, desktops, network switches, wireless routers, and any other devices up-to-date, particularly with the latest manufacturer security updates.
  • Strong Passwords: Never use default passwords for devices once you set them up. Change them and keep them secure. This means no sloppy password construction: like using your name, the actual word “password,” or other easy-to-hack terms. Remove Post-It notes stuck on screens or cubicles that serve as password reminders.
  • Wireless Security: Wireless devices use certain security methods, and some are easier to hack than others. Coleman recommends disabling Wi-Fi Protected Setup (WPS) and using only Wi-Fi Protected Access 2 (WPA2).
  • Home Security: Make sure that you and your employees take safe practices home, especially if any of you conduct business from home. The bad guys like to comprise home computers. They find the ones that connect to business networks, capture passwords, and quietly move into the business. From there, they can wreak havoc.

    “Hackers rely on security ignorance, and they take advantage of your business by mining for choice nuggets [e.g., data, usernames, passwords] in home computers,” said Coleman.

  • Data Backups: Invest in a data backup strategy, and make sure that you or designated IT person/team—knows how to restore your data in the event of disaster. If you lose a computer or a server that’s critical to your company survival, proper backup and restore procedures will help you turn a potential disaster into a mere nuisance.
  • Get IT Help: Hackers rely on ignorance. If you have an IT person in your business, hold her responsible for security and encourage her to gain expertise—fast. If you have enough personnel, appoint someone to solely look after IT security and justify it by the fact that the bad guys are hitting everyone right now. If you don’t have enough staff or in-house expertise, hire outside help to handle that responsibility.

    “Network consulting firms, security consulting firms, and managed service providers will assess your network, your website, and any connected devices that you have,” said Scavo. “They can help you decide what security measures you need to take to protect your company.”

  • DDoS Protection: If your website lies at the heart of your business, and it makes you a lot of money, consider securing additional protection against a Distributed Denial of Service attack. Attackers can either target you directly or you may just get caught in the crossfire when they go after your Internet Service Provider (ISP).

    “If you want to be sure you website cannot be shut down by a DDoS attack, your website needs to be hosted by special Internet hosting companies that specialize in DDoS mitigation,” said Stu Sjouwerman, CEO of security awareness training vendor KnowBe4. There is an industry that does this, but it’s not cheap. If you can’t afford it, call your ISP and ask how they mitigate against DDoS attacks. Find the ISP that has the best measures in place.

  • Credit Cards: Small business owners have complained about being forced to buy the latest credit card payment machines that include a chip reader. But the Smart Card Alliance believes this adds another layer of protection against hackers. Every IoT device serves as a potential entry point onto the network, and that includes credit card machines and bank accounts.

    “These recent DDoS attacks, one of which was more than four times the size of the largest reported attack last year, are comparable to the massive payments data breaches that have been in the spotlight over the past few years,” said Randy Vanderhoof, executive director of the Smart Card Alliance. “This is just the latest example of the IoT vulnerabilities that exist today, and it demonstrates why IoT security is so critical.”

  • Physical Security: Amir Sharif, co-founder and vice-president of business of Aporeto, a cloud security company, pointed out that even with all of the above safeguards in place and with top-of-the-line security practices in force, a business could still become a victim due to one insecure IoT point.

    Hackers could use an innocuous device sitting in the corner to unlock a company’s physical doors remotely. They could then send in a local person to install sophisticated snooping devices that map keyboard strokes, record voice data, steal video streams off of computers, and so forth. With that information they can silently siphoned bank accounts over a long period with what would appear to be a series of legitimate transactions. “Buy IoT devices only if you have a good business need for them,” said Sharif. “Buy devices from well-known companies that stand behind their product and provide some indemnity.”

  • Video Cameras:Surveillance technology has become incredibly affordable, and it’s been deployed by many small businesses. Increasingly these devices can connect to the Internet, and that poses a threat. “You should keep Internet-enabled devices—like video cameras—on a separate network from the primary business network that deals with customer financial transactions, like point of sale systems, intellectual property, or any form of regulated data,” said Chris Morales, head of security analytics at Vectra Networks.

    Mat Gangwer, chief technology officer at Rook Security, takes this a step further. He advises small businesses to keep all IoT devices off the corporate network except those that are absolutely needed. “It doesn’t require a huge IT budget to make an organization a little more secure, to make it a more difficult target,” said Gangwer. “Most hackers go after the really the easy targets.”

  • Security Technology: Of course, small businesses still need the usual security technologies place: anti-virus, anti-malware, firewalls, encryption and, especially these days, ransomware protection. VeeDog, for example, is designed for small businesses. It monitors the network data flow, flags suspicious files, and analyzes them for destructive or malicious intention. It disables any file verified as malware, and then it submits the malware file to the customer’s anti-virus provider so that it can distribute a fix to all their customers.
  • Educate Employees:Most breaches, hacks, and ransomware result from human error; someone somewhere within the organization got sloppy or lacked proper security education—or both. And it’s shocking how easy it is to trick employees. One company hired an outside organization to pretend to be its IT department. It sent employees emails asking for their user passwords. Out of 200 employees, 113 their passwords immediately.

    Opening email attachments or links from unknown or unverified senders is a poor practice, yet it remains an easy, viable way to gain unauthorized entry. Employees need training on how to spot suspicious emails.

    How can you tell if the email is NOT from your bank or from the IT department? Hover your cursor over the name shown as the sender. Hackers can make something look like a legit email yet when you put the cursor there, the actual email address shows up as something along the lines as nasty.hacker@aol.com.

    Security experts agree that ransomware attacks will only increase, which makes security awareness training a sensible defense. Employees learn the various tricks of the hacking and ransomware trade so they don’t get conned. Training programs also send out spoof email links to see how many employees click on them. They track the percentage, and the training helps to reduce the number over time. It’s shocking how many people, including bosses, get fooled.

Don’t Let IoT Fear Paralyze Your Business

Yes, our highly connected world can seem much too scary. One in 40 small businesses is at risk of a cyberattack, according to a Symantec report. This translates directly into dollars lost—the National Small Business Association found that, on average, cyberattacks cost small businesses more than $7,000.

“Businesses that have connected devices, such as smart-factory or smart-warehouse equipment, need to be aware of the threat and to make sure their devices have security protection,” said Scavo. “Otherwise criminals could take down your factory or your warehouse and demand ransom to get it back up and running.”

Such possibilities could cause some business people to yearn for the good old days when they never had to worry about hackers and malware. But it’s really not much different than moving from a tiny community where no one locks their doors to large city—where you have to change your habits and take sensible precautions.

“The risk is relatively small if a business takes basic steps to protect its network,” said Mike Bergman, senior director of technology and standards at the Consumer Technology Association.

Mankind successfully made the transition from a lower-crime agrarian existence into a higher-crime industrial world. The same can be done with the Internet of Things. Just as the benefits of industry were found to outweigh the many drawbacks, so it is with a more connected world.

“At the end of the day, we’ll see that the benefits IoT provides to the small business owners outweigh the cost,” said Sharif. “Life will go on.”

IoT Security Tips to Protect Your Small Business by Drew Robb.  Available from<http://www.smallbusinesscomputing.com/tipsforsmallbusiness/iot-security-tips-to-protect-your-small-business.html> [Posted November 07, 2016]

Top 11 tech tips for non-techies

Top 11 tech tips for non-techies  by Michael LaVista.  Available from <http://www.chicagonow.com/un-tech/2016/11/top-11-tech-tips-for-non-techies-and-my-mother/> [November 08, 2016]

If you’ve ever had a VCR blink 12:00 for months at a time, this post is for you.

For many, technology is a necessary evil, albeit an appealing one. Back in the day, you liked the idea of recording Magnum P.I., but you just didn’t have the time or inclination to figure out how to do.

More than ever before, technology is designed to make your life easier, but it takes some doing to get it working for you. Here are some things you can easily do today to get technology working for you, and to avoid some pitfalls even if you’re a little scared off by it.

Get your important documents in the cloud. Have you ever wondered what “The Cloud” really is? It’s just the new marketing term for the internet. If you use Gmail, your email and attachments are on servers that Google runs. That’s it. There’s really no reason to use Microsoft Word to create docs and save them to your desktop. My mom recently lost all of her documents because they were saved to her computer – and only to her computer. That meant when the hard drive died, so did her documents.

The easiest solution is to use Google Drive. It’s free, and has web-based programs that are more or less equivalent to Word, Excel and Powerpoint. They don’t have all of their functionality.  But if you’re like me, the last time you used Mail Merge in Word was for your wedding invites, and you only pretend to know what a Pivot Table in Excel is.

The best part?  Once they are in Drive, you can access them anywhere from any computer.

Get your photos in the cloud, too. I’ve met multiple people who lost their phones, and with them, all their photos. What? It’s really easy to have a backup plan. If you’re an iPhone user, just go into Settings and iCloud and turn Photos on. Voila! Your phone will start pushing your photos to the cloud. You can even go to iCloud.com and look at them. It might cost a few bucks depending on how many you have, but it’s probably worth it.

And when you get a new phone one day, the moment you activate it, all those photos will start flowing in.

Switch your email to something not tied to a service you pay for. I’m looking at YOU, people with comcast.net and sbcglobal.net addresses. What happens when you switch to Uverse? That old email goes away. Don’t tether yourself to your cable provider. Get an account on Gmail or Hotmail.

Don’t click on links in emails from people you don’t know. Here’s a tip on how to see if the link is legitimate. If it looks like an email from Wells Fargo, look at what’s up in the browser address bar when you click it. Does it say wellfargo.com? Or does it say login.banksite.ru? If it’s not the one you expected, what’s happening is that you put your correct user and password in the box and the fake site records the info, but returns an error that says that’s not the correct password. So you enter it again. They save it again. In the background, they now are able to log in to the real site as you.

Never. Ever. Download an attachment from somebody you don’t know…and if you get an email from a friend that is worded strangely as an attachment, don’t download it either. Email them back and tell them to change her email password because their account just got hacked.

A quick note–what does it mean to be “hacked?”  Most people think that when their emails get hacked that there is some person out there reading your emails now. That’s hardly ever the case. Generally speaking, and this is surprising to many, there are millions of programs out there just running through emails and passwords to try to guess it so they can a) get access to your contacts (to send an spyware attachment to them as you) and b) get into your account to send more spam.

Here’s a quick tip–Is your password “I love you” or “password1”? If so, you’re not alone. A study showed those are the 2 most likely passwords. Think you’re pretty clever with the old “child’s name birthday combo?” Yeah – they know about that one, too.

Log out. Ever check your email the hotel? Logged in to your friend’s computer to see pictures? If you don’t log out, the next person to show up on that computer is able to be you on the internet for long as they want.

Just Say No…to Email Requests.  When a store asks you for your email address during checkout, say “I prefer not to give it.” It might take practice – try it at home a few times. Do you really need marketing email from all those stores?

Advancing Googling. Did you know there are additional tools for Google? Try clicking here:

You can get results in a date range. This is useful if you are looking for something that would have more relevant results for last week versus last year.

You can also search only on a given site by adding “site:” and the site in front. If you want to see which pages on cubs.com are about tickets – search for this: site:cubs.com tickets.

Most of all, don’t be afraid to click around and try things. Most sites have advanced features like that. You can’t break them. Click around and find the hidden gems!

Top 11 tech tips for non-techies  by Michael LaVista.  Available from <http://www.chicagonow.com/un-tech/2016/11/top-11-tech-tips-for-non-techies-and-my-mother/> [November 08, 2016]

Why your company needs a social media policy

Why your company needs a social media policy by .  Available from <http://www.techrepublic.com/article/why-your-company-needs-a-social-media-policy/> [November 2, 2016, 4:00 AM PST]

Only 51% of employees report that their workplace has rules about social media use at work, according to a recent Pew Research Center survey—which means half of the workforce is potentially at risk for litigation and security breaches.

A social media policy is just as necessary for companies as discrimination, leave, and vacation policies, said Daniel Handman, a labor and employment litigator and a partner at Hirschfeld Kraemer LLP. Legal problems can arise for businesses if employees say something negative about the company, reveal confidential information, or say something positive about the company without disclosing their affiliation, he said.

“The most important issue is when an employee says something negative, which has been the subject of a tremendous amount of litigation,” Handman said.

The largest government player in social media law is the National Labor Relations Board (NLRB). The National Labor Relations Act, passed in 1935, allows all employees the right to engage in “concerted activities” for the “mutual aid and protection” of coworkers, which the board extends to social media activities. Therefore, any policy that prevents employers from their right to express such concerns would be considered invalid.

“If you work at McDonald’s and say, ‘The hamburgers are terrible,’ that’s not protected,” Handman said. “But if you say, ‘I’m getting lousy tips because the kitchen sucks,’ that is protected,” because it relates to a working condition that impacts coworkers, he said.

Risks and benefits

Seven out of 10 employees use social media at work, according to a recent report from Bambu by Sprout Social. Half of employees report using social media for up to an hour per day at work.

Full-time and part-time employees reported going on social media for a number of personal and professional reasons, the first of which were to take a mental break from their job (34%), and to connect with family and friends (27%), according to the Pew Research Center survey. But many also used social media to make or support professional connections (24%), get information to solve problems at work (20%), and build relationships with coworkers (17%).

While having an official social media presence can enhance an organization’s communication, recruitment, research, and client base, using social media at work for either professional or personal involves the following risks, according to SHRM:

  • The possibility for hackers to commit fraud and launch spam and virus attacks.
  • The risk of people falling prey to online scams that seem genuine, resulting in data or identity theft or a compromise of the company’s computer security.
  • A potential outlet for negative comments from employees about the organization.
  • Legal consequences if employees use these sites to view or distribute objectionable, illicit or offensive material.

In a recent survey report from Smarsh, nearly half of respondents cited social media as the communication channel with the highest level of compliance risk.

“Concerns about electronic communications policies, policy enforcement, and retention gaps remain high, indicating many firms are vulnerable to undetected fraud, errors, and potential regulatory enforcement penalties,” the report stated. Less than half of respondents said that they are mostly or completely confident that their current strategies will identify risks for the organization, the report stated.

Some experts also blame social media on falling workplace productivity. But these platforms are not the root cause, according to Aliah Wright, a social media expert at the Society for Human Resource Management (SHRM) and author of A Necessary Evil: Managing Employee Activity on Facebook, Twitter, LinkedIn…and the Hundreds of Other Social Media Sites.

“Companies need to treat the people they hire like adults,” Wright said. “You trust them to do the job you hired them to do. If their productivity slacks off, that’s a productivity issue, not a social media issue. If people are always at the coffee maker, you don’t get rid of the kitchen. Social media is not the problem—the problem is with time management, which can be corrected.”

Creating a policy

Company leaders should generally allow employees to use social media during work hours, said Wright. “Social media is ubiquitous for us—it’s our new telephone, and it’s not going anywhere,” Wright said. “Social media is the way in which we connect not just with friends, but with our Rolodex.”

But policies can make a difference in how often employees use these platforms, the Pew study found: At companies that do have a social media policy, 30% of workers said they use social media while on the job to take a break—compared to 40% of workers whose employers do not have such policies.

Many companies devised social media rules based on Walmart’s policy, Wright said, which the NLRB gave a stamp of approval to in 2012.

Social media policies should align with the company’s culture and industry, Wright said. Organizations should tap different divisions, including public affairs, legal, and marketing when composing social media policies, she added.

Wright recommends a social media policy include the following:

  • Names of those in the company who are allowed to speak on the company’s behalf on these platforms. If an employee is contacted via Facebook with a question or concern about the company, should they forward it to a certain company representative?
  • Guidelines for how inappropriate postings, which may include discrimination or threats of violence, will be responded to.
  • Training procedures, including informing employees what information is allowed to be shared. Since many people do not log off of social networks, informing them about multi-factor authentication options can also help protect information, Wright said.

Company leadership must ensure strong cyber protections are in place to secure data, Wright said. “If you’re not teaching employees about proper password hygiene, that could be blamed on you as a company,” Wright said.

Legal monitoring

About half of states now have laws on the books preventing employers from requesting passwords to personal social media accounts to get or keep a job.

However, “an employer can under the law monitor an employee’s use of technology, email, or the internet, so long as they advise the employee that they’re doing so,” Handman said. He recommends consulting with a lawyer before taking punitive action against an employee based on something that occured on social media, he said.

Some 32% of employees reported that their employer has policies about how employees should conduct themselves on the internet in general, according to the Pew survey.

But monitoring employee social media activity on a regular basis is unusual, Wright said. “I don’t think a lot of companies have time to play Big Brother,” she added. Some employ programs that monitor their brand and what employees post to promote it. “I don’t know any company that has enough dedicated staff to spy on employee social media,” she said.

Why your company needs a social media policy by .  Available from <http://www.techrepublic.com/article/why-your-company-needs-a-social-media-policy/> [November 2, 2016, 4:00 AM PST]

Grow Your Business: Using Social Media and Traditional Marketing

Grow Your Business: Using Social Media and Traditional Marketing by Dan Arens, Business Growth Advisor.  Available from <http://www.insideindianabusiness.com/story/33572146/grow-your-business-using-social-media-and-traditional-marketing> [Posted: Nov 02, 2016 4:59 AM CST  Updated: Nov 02, 2016 8:39 PM CST]

Who can forget the epic commercial of the tiny little Chihuahua saying “I think I need a bigger box?” That advertisement ushered in a new era of marketing for Taco Bell. The year was 1998. Since then, with the advent of social media, the world of branding has changed forever. How did it happen and what can we do about it?

Several decades ago a few television networks, film companies, magazine corporations, and newspaper publishers virtually controlled what consumers saw and heard. Consumer marketing companies had to ‘pay to play’ in the market if they were looking to introduce, secure, or build their product. If you wanted to market your product, it usually involved some form of media in order to establish your brand in the marketplace. Traditionally, advertising was the vehicle of choice. All of that has changed.

As technology advanced in the form of devices like the digital video recorder, the consumer began making a turn toward more selective viewing by skipping ads, which resulted in giving them the power to select what they wanted to see. The internet itself gave the consumer the opportunity to avoid having to read anything that was hardcopy related, such as a newspaper or a magazine. Branding was undergoing a sea change in the shifting of power from the consumer marketing companies to the ultimate decision maker, that of the individual consumer or customers themselves.

According to Douglas Holt, the author of How Brands Become Icons: The Principles of Cultural Branding, social media has played a pivotal role in our culture. It has taken society away from mass marketing to having a direct impact on societal groups, via social networks. The members of each social network have become the individual influencers for product purchases. Holt calls these individual groups crowdcultures.

As Holt points out, metrics compiled over the past ten years support the position that standard branding approaches are failing to deliver in the social media arena. He says “In YouTube or Instagram rankings of channels by number of subscribers, corporate brands barely appear. Only three have cracked the YouTube 500. Instead you’ll find entertainers you’ve never heard of, appearing as if from nowhere.”

Red Bull, a well known energy drink is a seemingly successful story of bridging the gap between traditional marketing and the utilization of social media. They are maintaining their presence with standard branding techniques, while they are also ranked number 184 on YouTube with slightly under five million subscribers. As a means of comparison, author Holt points out that Dude Perfect, a YouTube phenomenon that shows “trick shots and goofy improvised athletic feats” does much better than Red Bull. Dude Perfect is in position 81 with about 8 million subscribers.

Holt believes ‘crowdcultures’ are now the influencers and innovators in the branding process. With amateurs and individuals producing their own quality video content, consumer marketing companies are unable to compete. He cites Dove soap as an example of a company that used ‘crowdcultures’ and social media for initiating campaigns that supported cultural change in the beauty industry. Dove soap took the position of supporting “real beauty” as Holt says, they “tapped into this emerging crowd culture by celebrating real women’s physiques in all their normal diversity- old, young, curvy, skinny, short, tall, wrinkled, smooth. Women all over the world pitched in to produce, circulate, and cheer for images of bodies that didn’t conform to the beauty myth.” For a glimpse of what the crowd culture can do, go to www.YouTube.com and use the keyword Dove Soap.

While the traditional branding model was more from the top down in the use of advertising to promote and solidify a brand strategy, the social media approach is more along the lines of a bottom up approach for branding. The creativity developed by consumers (with or without the help of a marketer) appears to be a key in the success of a social media strategy.

It is clear the dynamics of product branding are very fluid at this time in the social media arena. It is also quite obvious that most businesses are being challenged with how to get involved. From a business growth perspective, author Holt suggests that you identify your current culture, look at alternatives that will “open up an opportunity”, identify some ‘crowdcultures’ that might work in your industry, strive to get the word out in that industry, and then continue to change your message as the culture changes.

Grow Your Business: Using Social Media and Traditional Marketing by Dan Arens, Business Growth Advisor.  Available from <http://www.insideindianabusiness.com/story/33572146/grow-your-business-using-social-media-and-traditional-marketing> [Posted: Nov 02, 2016 4:59 AM CST Updated: Nov 02, 2016 8:39 PM CST]