Jun 17, 2013 | IT
Is your business safe from modern hackers?
The world has been stunned in the last couple of weeks by news of the death of Barnaby Jack, the famous hacker who made ATMs spit out money without so much as a bank card (an action since named ‘Jackpotting’), resulting in the upgrade of software by many big banking corporations. He also demonstrated his ability to deliver an electric shock from 50 foot away to someone wearing a pace maker and deliver a potentially fatal dose from an insulin dispenser within 300 feet without the need for a serial number. He was sadly found dead in his apartment just as he was due to attend the 2013 Black Hat conference. He was to give a presentation on the vulnerabilities of various pieces of medical devices and give safe demonstrations of attacks.
While Jack’s intentions were noble, his work illustrates the level of threat to all modern day businesses and individuals. Even major companies in the technology industry have not escaped modern day hackers. PlayStation and Apple are but two of the major organisations that have experienced major breaches of their secure data. The breach of PlayStation compromised over 77 million accounts and Apple’s ‘downpocolypse’ is at the very least an embarrassment: very scary stuff and certainly something you do not want for your own company.
The good news is that there are a number of policies you can put in place to safeguard your data and reputation. Last year, writer Mat Honan was famously hacked and his digital world dissolved. His Twitter account was hijacked and used to publish racist and homophobic comments and all data was deleted from his Cloud account, resulting in the loss of family photographs spanning the lifetime of his child as well as preventing him from regaining access to his account. The hacker’s motive had not begun as an attack on Mat’s personal information but on his Twitter account purely to create havoc. Mat, himself admits that had he followed some simple security advice the intrusion would have stopped here and his personal and professional data would have been kept safe.
The even better news is that every one of your employees can help to protect your company’s security. As it turns out, the most common breaches of security are not caused by super-hackers but by people with much intent but little technical knowledge. With some basic training from you in the IT department you can stop these intruders in their tracks.
Social Engineering
Social engineering is one of the most common ways through your security. This is a particular danger in large businesses with a high staff turnover and believe it or not it involves employees simply handing log in names and passwords to the attacker. The methods and stories vary, of course, but the usual method is for the intruder to pretend to be from the technical support team in your own IT Department. They will claim that the individual’s computer is causing a problem on the network and request the log-in name and password. More often than you would believe, the information is simply handed over.
Are your colleagues aware that this information would never be needed by the technical staff who will already have this access, and if such information is requested it should be reported immediately to the IT department?
Phishing Emails
Phishing emails come in many disguises. They appear to have come from a reputable organisation such as a bank and may tell you that your account has been suspended and request your password as verification to reactivate your account.
There are many ways of spotting a phishing email and most people these days are quite savvy at detecting them. However, some can be remarkably deceptive. Do your colleagues know to look for misspellings, subtle differences in company logos and broken English in the text? Most importantly, they should know that reputable companies would never ask for such personal information via email.
Email Attachments
The age old problem of personnel receiving an email with an attachment containing a virus or Trojan horse: when the attachment is opened, the Trojan horse will create a security hole allowing remote access to your network.
The problem here is that even attachments from trusted senders could be infected if their own security has been breached. Do you have a policy that states that no unexpected attachments should be opened until the sender has been contacted to verify the legitimacy of the document?
Weak Passwords
While it seems obvious that passwords should be highly confidential and secure, as well as hard to guess, it is still extremely common for people to use passwords such as, well… ‘password’, or even simply a repetition of their user name. In these cases it will not take more than a few moments to gain access to the network. There are a number of ways you can combat this issue.
- Best password policy. Passwords are essentially an outmoded method of securing a network and all of them can potentially eventually be cracked. A 100 character password would take a life time to guess but would be extremely impractical. The good news is that a 12 character password containing different cases, numbers and symbols is considered a strong form of defence. However, do you have different passwords for each account? Mat Honan himself admits that had all his accounts not been ‘daisy-chained’ the effects of being hacked would not have been nearly so great.
- Two Factor Authentication: The concept behind the use of ATM cards: The security is created by a combination of what the user has (the card) and what the user knows (the PIN number). This method can also involve a thumbprint or facial recognition. The key is that as well as a password, some other form of information is also required to access a network. A common method is the use of a smart card in combination with a password.
- Password Managers: once considered a bit of a risk as one password could unlock all the passwords for a user, there are now useful password managers on the market. They come in many different guises, from Cloud based software to mobile devices and are a way of being able to use many long effective passwords while only having to remember one extremely strong combination of characters.
It’s a great idea to practice self-auditing of your security. Why not ask one of your IT team to attempt to access various accounts across your business with extremely limited information? This should give you an idea of how secure your network is.
There are plenty of ways to be proactive about protecting data from basic staff training through to the use of technology and your expertise. If you need help in implementing any of these methods perhaps we could help you to hire an IT contractor who could devise a security policy as part of a project or to cover existing work whilst an expert from your own team heads the project up.
Have you got any further ideas on this topic? Have you been hacked or stopped a potential hack? We’d love to hear from you. Why not give us a Tweet @itrecruitment
Finally let us remember the important work of Barnaby Jacks which has prevented many security breaches and has potentially saved lives. In the words of security expert Dan Kaminsky, ‘Nobody caused such hilarious trouble like @barnaby_jack.’
Jun 10, 2013 | IT
Google used to use questions like this a lot in their interviews, but they have recently banned this practice as a “complete waste of time”
The question is raising its head again – what is the best way to identify the best candidate for a role by simply interviewing? Interviewing is such an important part of the selection process and getting it wrong can prove not only costly, but can also have an impact on your team, service delivery and reputation, all of which can take an awful long time to rectify.
Google say that brain teasers serve only to make the interviewee “squirm”, they don’t prove or predict anything. Our candidates state that no matter how much they prepare for the interview, they are never completely ready when a brain teaser does pop up and this can leave them feeling that they have “fluffed” the interview. Would you discount a strong candidate if they slipped up on the brain teaser? What does it tell you? Some may say it shows the logical and problem solving ability of the candidate.
If you simply ask a list of questions with yes or no answers, are you just testing the candidates knowledge or are they simply giving rehearsed answers? Does this really give you an insight into the candidates ability or how they would integrate into your existing team?
Since past behaviour predicts future behaviour, one thing that many agree with is to ask scenario based questions of things that really relate to the role. Asking candidates to explain how they have dealt with certain situations can really give the interviewer a window into how the candidate will perform “on the job”. However, this is all very well if the interviewer has actual experience in the role that they are interviewing for or are a seasoned interviewer, but what if you are neither of these?
Consistency is the key when it comes to selection or shortlisting after first round interviews –
- Set questions to ask all the candidates
- Consider introducing a scoring mechanism to form part of the selection process
- Use scenario based questions based on recent issues or situations you or your colleagues have experienced
- Prepare a list of prioritised and measurable criteria
- Be prepared to justify the use of any required employment “test”
- Facilitate open communication
Even if this is not your area of technical expertise, to completely understand the role and what the technologies used actually do, asking the right probing questions will not only enable you to evaluate the candidates communication skills, but also, by the time you have completed two or three interviews, you should also have a good understanding, from a layman’s perspective, of the more technical side of the role. It is not always necessary to be able to undertake a role to successfully interview for it, but simply have the confidence that you understand it.
Although now most consider brain teasers a no-no in an interview situation, I’m sure they will be back in vogue someday soon. However, there is still very much a place for this technique in open training sessions and such like.
May 24, 2013 | IT
Increasing your bottom line – is it time for a Digital Makeover?
How long has it been since you had a digital makeover? Is your business match fit for the 21st Century? Research by the Federation of Small Business (FSB) suggests that even minimal expenditure of less than £3k on upgrading hardware can see your turnover increase by 35% within the year and those spending the same amount on software, can see increases of up to 40%.
Investing in technology doesn’t need to break the bank, but can have positive effects on how companies communicate with existing customers and also in targeting new customers.
So what positive steps should you take to optimise your use of and investment in technology? Where should you start?
The obvious place to start is your window to the world – your website. A recent report by the BBC found that approximately 20% of UK businesses don’t even have a website, let alone an engaging one. In this technological age, customers expect you to at least have a website and with the increase in gadgets, they expect to be able to view it on any device. If your website has not kept up with technological advancement, it may not be compatible with the latest web browsers or easily viewed on mobile devices. With Adobe Flash no longer being supported by Google Android and Apple devices unable to view websites built using Flash, keeping abreast of technologies has never been more important to ensure your website is responsive. You need to be using the latest versions of programming languages, HTML5, CSS and Java to make websites accessible across all platforms and devices.
It goes without saying that as well as your website, you also need a presence on social media – Facebook and Twitter should be a bare minimum for consumer-facing companies. Social media has become a foundation in the way businesses and brands connect with consumer with 74% of consumers citing relying on social media to make purchasing decisions and over 50% of people recommending companies and products on Twitter.
But what about your back office?
The FSB is also reminding companies to apply the digital makeover to their back office as well as the customer facing elements. “Improving your back office processes – is one of the best things businesses can do to improve productivity”. However, whilst great deal of progress has been made in optimising paper flow, little or no effort has been invested in ensuring that back-office departments have the right number of employees, with the right skills, to do the right job, at the right time. Even with the best workflow operations, people are still needed to process transactions – it is just as important to invest in human capital as well, changing the behaviour of employees and developing their IT skills.
Apr 24, 2013 | IT
Active, looking and in your area
An actor has an agent, a writer has an agent, a gym fanatic has a personal trainer and candidates have agents too!
After reading an article which says we should be changing the way we do recruitment and finding the candidates not the positions, we at Langley James were very pleased with ourselves as we have been working this way for years!
Typically, recruitment agencies find the position, then find the suitable candidates. Yes at Langley James we do work this way too but in recent years we have also been doing the opposite. We find suitable candidates that are active, not passive and looking for work in your area then let you know about them. You may well have seen them -they get delivered right into your Inbox either in the form of a Top 5 which can have a variety of candidates from IT Support, Project Managers and Developers or a single candidate.
We contact people we think are superstars, find out where they want to travel to, what industry, skill set and much, much more and then tailor-make a search to find the companies that tick all their boxes. So, if one of these candidates lands in your Inbox, you know they are interested in a company just like yours – don’t forget you check your spam, you don’t want to miss out!
Some say what cupid is to love, we are to candidate’s careers!
By working this way, we ensure that we keep the candidates best interest at heart. It’s no mystery that the recession has left a number of talented individuals who are brilliant at what they do without a job.
Our huge internal database includes over 100,000 candidates including permanent and contract IT Support staff as well as developers, built over decades and is continually growing with the best talent.
Out there in the job hunting world there are at least 20 main job boards, how does a candidate choose which ones to register with? Typically a candidate will register with just 3 and if your position is not advertised on one of their chosen sites, you may never see their CV. At Langley James, we use the top rated job boards which include Jobsite, Monster, Reed, JobServe, Total Jobs, LinkedIn and Indeed to ensure we always find the best candidates.
If we can help you find a candidate for your position or if you would like to receive our top candidates, contact us on 0207 788 6600, join the conversation on our Facebook page (www.facebook.com/langleyjames) or on Twitter (@ITrecruitment)
Feb 10, 2013 | IT
How to be an Undercover Boss
I’m sure you’re aware of the TV programme sweeping across the UK and America, Undercover Boss. If you haven’t yet seen it, each week a Managing Director goes undercover in their own company as a trainee to see the flaws, turn them around and improve – the sky’s the limit.
Not a bad idea if you know how to fix the flaws and are willing to put the weight on your shoulders. We are all aware of the flaws within our own company or team and I can guarantee everyone wishes that they could speak about the issues and have them resolved, but don’t know where to turn.
Employee satisfaction is a major part of running a successful team or business, keeping moral high and motivation flowing is an essential part of getting the most out of your employees. There is a multitude of ways to do this which may include team nights out, prizes for recognition, or competitions in the office to name just a few. Unfortunately this may keep moral up but it will not address underlying issues your employee may be worrying about. You never know, an idea that has been brewing in their mind may be just the answer you have been looking for!
One idea is an anonymous suggestion box where employees can write down any thoughts and ideas with the confidence that their manager won’t know it was them. However, if you are a master of recognising hand writing or have a small team, you could always create an email account with an anonymous email address and let your employees email to you instead.
You never know what you may discover in the inbox, but small simple changes could make all the difference.
Keeping hold of members of your team is important and even more vital in the current climate. The main reasons cited by candidates looking to change job are, lack of recognition, lack of training and development and too much workload.
You may discover that members of your team are feeling stress or pressure due to the workload and hiring a new employee may just be the answer. A contractor would be ideal if you have a project coming up and need an extra pair of hands or a brand new employee to join your team if you are continually feeling the burden of more to do. You’ll be amazed at how much a manageable workload can improve motivation and output within your team.
If so, all the lovely people at Langley James are here to help with your recruitment needs – and any other advice you may be looking for!
We will recruit someone worth recruiting, whether it be for your IT Support Team or Development.
To find out more about how we can help with IT recruitment needs, give Langley James a call on 0207 788 6600, join the conversation on our Facebook page (www.facebook.com/langleyjames) or on Twitter (@ITrecruitment).
Feb 7, 2013 | IT
Six Quirky Questions Asked During Interviews
Competition between candidates for IT vacancies and specific IT roles is at an all time high. As a result, employers can afford to be picky about the IT contractors and IT staff that they eventually choose to fill each position. Companies are now going to astonishing lengths in order to determine the stand out candidate for their vacant role.
Every candidate is familiar with the most common interview questions and, for many, an essential part of preparing for an interview will involve rehearsing answers to standard questions such as; what do you know about our company? Why did you leave your last job? What would you consider to be your biggest strength?
But how would you react if the person interviewing you asked you one of the following questions?
What song best describes your work ethic?
If we came to your house for dinner, what would you prepare for us?
Can you calculate the angle of the hands of a clock when the time is 11:50?
If you could pick two celebrities to be your parents who would you choose?
What is your favourite song? Can you perform it for us now?
What sort of kitchen utensil would you be?
Those are just a small selection of the bizarre questions candidates have faced when being interviewed for a new role. Some questions are designed to test logic and reasoning under pressure, some to give an indication of a candidate’s personality and some questions are designed to test creativity.
Interviewers have a relatively short period of time during which they must make an important decision about which candidate they wish to hire from a selection of seemingly identical applicants. Posing a peculiar question provides a way to distinguish between candidates, assuming the interviewer knows what sort of answer they are looking for. Conversely, candidates can learn a lot about potential employers from the questions they are asked during interviews.
The decision regarding whether or not to include such questions in interviews remains controversial, what do you think? Do obscure interview questions serve any purpose? What is the most bizarre question you have ever faced, or asked, in an interview? Join the conversation on our Facebook page (www.facebook.com/langleyjames) or on Twitter (@ITrecruitment).
To find out how Langley James can help you to streamline your IT recruitment process please contact us on 0845 124 9555 or langleyjames@langleyjames.com
Recent Comments