Posted by: on November 26
Innovate. Innovation. Innovative. These words get thrown around a lot these days. As far as our organization's self-image is concerned, we'd all like to think of ourselves as innovative. After all, it implies a progressive, forward-thinking view of the world and a willingness to challenge the status quo and embrace evolution (and the occasional revolution).
Reality, however, often tells a different story. While it's convenient to tack on the word "innovative" to our marketing materials, actually cultivating a culture and value system of innovation is easier said than done. Every company with even a semblance of success faces a harsh reality: the gravitational pull of success tends to make us change less and not more. Oddly, companies often need to be in serious trouble to start to think innovatively.
What can you do to cultivate and spawn innovation within your company? There are many approaches, but one is deceptively obvious: put in place and institutionalize real mechanisms for cultivating, measuring, and rewarding innovation. Innovation is an amorphous, easily-abused concept. By laying down real avenues for sharing, discussing, and recognizing ideas, your company can elevate innovation from catchphrase to a bona-fide company trait.
Rich Ziade
Partner
Arc90
New York
Posted by: on November 25
When we think about IT saboteurs, the majority of us picture a professional hacker bent on stealing highly confidential information or wreaking havoc with our business. In such cases, the perpetrator is usually an outsider who breaches the data network of a company with malicious intent, be it financial, political, or otherwise. To protect themselves from this threat, businesses have implemented layers of physical and IT security around the perimeter of their organizations. What they have overlooked in the process, however, is a threat which, according to Forrester Research, is responsible for 70% of all data theft: the insider attack.
Internal threats most often come from people who, at one time or another, were on the payroll of the organization and have knowledge of how to navigate the system to gain access to critical data. According to the Ponemon Institute and ArcSight, the average cost to a company for an insider data breach is an astounding $3.4 million. That figure alone is enough for any business take notice.
The rising number of insider attacks may be the result of businesses focusing an increasing amount of their efforts on thwarting external threats while forgetting to protect from within. In today's world, if you haven't done so already, good business practice dictates that you begin shifting your focus inward.
There are many places to find information on how to move forward in this area. One guide that might be helpful is the third edition of "Common Sense Guide to Prevent and Detection of Insider Threats," published by the U.S. Secret Service and Carnegie Mellon University's Software Engineering Institute. The guide outlines 16 best practices to help organizations avoid insider threats. It serves as a perfect checklist for those businesses not sure of their preparedness for such an attack. Some points include:
• Implement strict password and account management policies and practices.
• Log, monitor, and audit employee online action.
• Use layered defense against remote attacks.
• Track and secure the physical environment.
• Use extra caution with system administrators and technical or privileged users.
• Deactivate computer access following termination.
David Ting
Founder and Chief Technology Officer
Imprivata
Lexington, Mass.
Posted by: on November 24
How many times have you flown to a meeting to help close a deal, build relationships with partners, or connect face-to-face with a customer? Without dismissing in-person interaction, there is something to be said for today's technologies that enable fast, affordable interaction without the travel.
But do you miss out on something by not traveling and, therefore, not seeing people in person? Below I've listed a few common concerns about not being there for meetings:
Myth 1: You always need to be in front of your customer in order to take care of business.
In a recent study by Wainhouse and InterCall, 56% of respondents felt that if more in-person meetings were replaced by conference calls, both parties would be able to get more done. Conferencing allows you to stay in your comfort zone and conduct meetings with anyone, anywhere. Being there can simply mean dialing a couple of numbers and making a few clicks.
Myth 2: Bringing a new technology to the workplace will slow down employees. Conferencing is extremely easy to use, which is why it's such an invaluable tool. Conferencing tools can be as simple as a light switch. Most conferencing providers also offer free training so you can get up and running quickly.
Myth 3: It's going to require a lot of time and energy to enact companywide travel alternatives. You don't need to hire a private consultant to conduct a cost-benefits analysis. A great conferencing provider should have expert meeting consultants who can help you determine exactly what you need and exactly how you'd benefit.
When looking to manage costs without sacrificing customer relations or profit margins, small businesses should strongly consider reducing travel with conferencing. You'll quickly start to realize that it's O.K. to not be there.
Kathleen Finato
Senior Vice-President for Marketing and Business Development
InterCall
Chicago
Posted by: on November 23
Business owners with experience know that doing international business isn't as simple as selling your product in another country. A key consideration when buying and selling overseas is how to best leverage the foreign exchange (FX) market, which is the largest financial market in the world, with trillions of dollars worth of currencies changing hands every day. Here are three tips to keep in mind when conducting international business and dealing in foreign currencies.
1. Streamline all FX information within your finance department, so you can best determine your next steps. By streamlining all FX information in the same location, finance executives will be able to leverage the best FX strategies for all currencies.
2. Carefully evaluate what currency is best when invoicing in a particular country, and recognize the benefits and how they will affect your sales and bottom line. Often companies will want to make purchasing the product as easy as possible in international markets and that means pricing in the local currency. Make sure you understand how the exchange rates will affect your profit and whether if you should implement a hedging strategy.
3. Don't do it alone. Partner with a FX expert to capture the best FX payment options, help you define risks and develop strategies that are optimized for your unique exposure and risk needs. Corporate foreign exchange is a niche skill within the corporate finance department. It is OK not to understand the finer points of FX and it is wise to ask for help in effectively managing it.
Now more than ever reaching out to global customers is within the small business owner's reach. However, the importance of balancing the cost and complexity with an appropriate FX strategy cannot be underestimated.
Ryan Gibbons
Managing Partner
GPS Capital Markets
Salt Lake City
Posted by: on November 20
Today's typical user has about a dozen systems they need to access with a user name and password. While passwords are an important and almost inevitable part of our everyday lives, they can put your organization at risk of financial and reputational damage if they are mishandled or compromised. Thus, it is important to be careful when choosing a password and logging in. Here are the "ABCs" of password management, with advice on how best to protect yourself when accessing your small business’ information—and your own:
1. Always be confidential. You should never share your password with others, period. Anyone else who has your passwords can impersonate you—accessing information and making transactions without your knowledge and leaving you to deal with the resulting problems. If employees want your password to access a given service, have them contact your IT department and get their own accounts. Nor should you reveal existing passwords when getting computer service; your help desk should be able to change your password for you or log on with its own account. And always be aware of your environment, watching out for ‘shoulder surfers’ who might watch you access your systems.
2. Be current. Make sure the computer you are using is up-to-date with the latest security software from one of today’s main vendors. Be sure, too, that you have an active subscription to updates and have regularly scheduled automatic scans of your system. Antivirus software alone is not enough, so look for a complete client-protection package from the leading vendors, including anti-spyware, anti-malware, host-intrusion prevention, and a desktop firewall. Unless you are properly protected, software can be installed on your system to watch keyboard input and easily steal your passwords without you noticing anything,
3. Consistently break consistency. Don’t use the same password for all systems. If your Gmail password is the same as your Chase Online Banking password, someone who compromises one system would logically and successfully attempt to use that password on all of your other systems. Separate any work passwords from personal banking passwords, and keep these distinct from your personal e-mail and social networking accounts. This limits your risk exposure.
Jared Beck
Senior Security Architect
Dimension Data
New York
