I.T. Management - the good and the bad.
Not too long ago and thanks to our hosts at Wallenstein Feed and Supply(WFS), folks came together to talk about I.T. Management. Everything from how I.T. is used to manage Logistics & Warehousing to Cyber Security was discussed along with some not so good experiences and the lessons learned were shared amongst the participants.
At WFS, there is an immense amount of traffic that comes with all sorts of inherent challenges. I.T. is required to control the pass of formulae to the mills, maintain the security and robustness of their programs, keep software updated and provides the tools for dispatch to optimize their service routes to reduce their carbon footprint, shorten delivery times and increase customer satisfaction. Both effective I.T. and Logistics Management are equally important in being able to run WFS operations smoothly.
I.T. Management encompasses many areas that are equally important to manage such as:
Integration(Network, File Sharing)
Cybersecurity(Protection & Privacy)
Storage( Disaster Recovery & Backup)
Mobility(phones, tablets, remote workers, access means, limits and security)
Training(Department growth and hiring, Policy development)
There is very low tolerance for downtime and high regard for safeguarding against cyber attacks in order to keep running the business at optimal levels. This is a hot topic for most manufacturers today.
Two key areas of concern are:
Ransomware: When your hard-drive is kidnapped - Ransomeware is a type of malicious software designed to block access to a computer until a sum of money is paid. A computer can be infected by ransomware in a number of ways, but most commonly, victims click on a malicious link or attachment received through a phishing email. Once infected, victims will see a "ransom" note which is often designed to scare or extort the victims into making a payment.
Business Executive Scam: Don't follow this boss' orders - Sometimes referred to as the Business Email Compromise scam, this fraud starts when a potential victim receives an email that appears to come from an executive in their company who has the authority to request wire transfers. In some cases, the fraudsters create email addresses that mimic those of the CEO or CFO. In other cases, the fraudsters have compromised and subsequently used the email account belonging to the CEO or CFO. Often, the email will indicate that the "executive" is working off-site and has identified an outstanding payment that needs to be made as soon as possible. The "executive" instructs the payment to be made and provides a name and a bank account where the funds, generally a large dollar amount, are to be sent.
Hopefully, you have not encountered these scenarios, yet know that this can happen to you and has happened to EMC members before.
How do you know if you are being attacked? - If it sounds odd or uncharacteristic type behavior from the sender - check into the scenario further directly via phone or other email initiated by you with the source whose name is being used in the communications. Never open links or open attachments in unsolicited emails.
What are cyber thieves looking for? - They are looking to steal private personal information about consumers, employees to turn around and sell it for financial gain or use it for extortion purposes.
What to do if you suspect that you have been hacked? - Here is where having a safe and fear of speaking up environment works in your favor. People make mistakes and they may not report it to their Managers if fear exists of being punished or ridiculed for their oversight. They may “waste” precious time to try and fix the problem themselves when more resources that are necessary to fix it are not made available to them. They may not speak out because of fear of repercussion. On a higher level, their reputation or that of the corporation itself may be put at risk should the news get out that security has been compromised with their systems in front of their customer and the public. Yet not getting things under control right away is not the best course of action.
Staying Cyber Safe! The best way to fight the fraud activities is to report fraud to the Canada Anti-Fraud Centre, the Competition Bureau or the RCMP. Complaints help in gathering evidence in order to better protect consumers and businesses.
This next step will require your trust - Link here for more information and source for much of the information in this article: Fraud Facts 2017—Recognize, Reject, Report Fraud
In case you have been of victim of a cyber security breach or attack already; I hope that this article alleviates some of the concern you may have in knowing that you are not alone and that this can happen in any size business and not just in your organization. I also hope that it encourages everyone to take proactive measures to protect your business data and I.T. systems as well as encourage you to have the necessary dialogue that creates awareness of these issues and open communication in the workplace in what to do in case an incident arises.
Until the next time,