Monthly Archives: December 2016

McDonald’s restaurant employees rally after walking off the job to demand a $15 per hour wage and union rights during nationwide ‘Fight for $15 Day of Disruption’ protests on November 29, 2016 in Los Angeles, California. (David McNew/Getty Images)

As the labor union-backed Fight for $15 begins yet another nationwide strike on November 29, I have a simple message for the protest organizers and the reporters covering them: I told you so.

It brings me no joy to write these words. The push for a $15 starter wage has negatively impacted the career prospects of employees who were just getting started in the workforce while extinguishing the businesses that employed them. I wish it were not so. But it’s important to document these consequences, lest policymakers elsewhere decide that the $15 movement is worth embracing.

Watch on Forbes: $15 Minimum Wage, What We Can Expect

Let’s start with automation. In 2013, when the Fight for $15 was still in its growth stage, I and others warned that union demands for a much higher minimum wage would force businesses with small profit margins to replace full-service employees with costly investments in self-service alternatives. At the time, labor groups accused business owners of crying wolf. It turns out the wolf was real.

Earlier this month, McDonald’s announced the nationwide roll-out of touchscreen self-service kiosks. In a video the company released to showcase the new customer experience, it’s striking to see employees who once would have managed a cash register now reduced to monitoring a customer’s choices at an iPad-style kiosk.

It’s not just McDonald’s that has embraced job-replacing technology. Numerous restaurant chains (both quick service and full service) have looked to computer tablets as a solution for rising labor costs that won’t adversely impact the customer’s experience. Eatsa, a fully-automated restaurant concept, now has five locations—all in cities or states that have embraced a $15 minimum wage. And in a scene stolen from The Jetsons, the Starship delivery robot is now navigating the streets of San Francisco with groceries and other consumer goods. The company’s founder pointed to a rising minimum wage as a key factor driving the growth of his automated delivery business.

Of course, not all businesses have the capital necessary to shift from full-service to self-service. And that brings me to my next correct prediction–that a $15 minimum wage would force many small businesses to lay off staff, seek less-costly locations, or close altogether.

Tragically, these stories—in California in particular–are too numerous to cite in detail here. They include a bookstore in Roseville, a pub in Fresno, restaurants and bakeries in San Francisco, a coffee shop in Berkeley, grocery stores in Oakland, a grill in Santa Clara, and apparel manufacturers through the state. In September of this year, nearly one-quarter of restaurant closures in the Bay Area cited labor costs as one of the reasons for shutting down operations. And just this past week, a California-based communications firm announced it was moving 75 call center jobs from San Diego to El Paso, Texas, citing California’s rising minimum as the “deciding factor.” (Dozens of additional stories can be found at the website FacesOf15.com.)

A crowd of about 350 protesters stand on Broadway in front of a McDonald’s restaurant, Tuesday, Nov. 29, 2016, in New York. (AP Photo/Mark Lennihan)

Other states are also learning the same basic economic lesson: Customers have a limit to what they will pay for service. Voters in Washington, Colorado, Maine and Arizona voted to raise minimum wages on Election Day, convinced of the policy’s merits after millions of dollars were spent by union advocates. In the immediate aftermath, family-owned restaurants, coffee shops and even childcare providers have struggled to absorb the coming cost increase—with parents paying the cost through steeper childcare bills, and employees paying the cost through reduced shift hours or none at all.

The out-of-state labor groups who funded these initiatives aren’t shedding tears over the consequences. Like their Soviet-era predecessors who foolishly thought they could centrally manage prices and business operations to fit an idealistic worldview, economic reality keeps ruining the model of all gain and no pain. This brings me to my last correct prediction, which is that the Fight for $15 was always more a creation of the left-wing Service Employees International Union (SEIU) rather than a legitimate grassroots effort. Reuters reported last year that, based on federal filings, the SEIU had spent anywhere from $24 million to $50 million on the its Fight for $15 campaign, and the number has surely increased since then.

This money has bought the union a lot of protesters and media coverage. You can expect more of it on November 29. But the real faces of the Fight for $15 are the young people and small business owners who have had their futures compromised. Those faces are not happy ones.

via:  forbes

Information Security is a moving target. Once you “think” that you have it figured out, boom, here comes another new threat to knock you back on your heels and question just how strong your Information Security program is. That’s the bad news. The good news is that we are going to give you 5 Information Security Tips that will help reduce the chances (notice I did not say eliminate) of an Information Security incident from taking place.(These can apply to both individuals and organizations as well):

1. Install Antivirus and AntiMalware – Sounds simple enough but the key is to make sure that you update the definitions for both programs on a regular basis. If you have these programs on your system but they haven’t been updated in 3 months, that could lead to trouble. I know that there is a lot of talk out there in the Infosec world about the death of antivirus and while some of that might be true, it still plays a valuable role in your overall Information Security Program.
2. Passwords, Passwords, Passwords – I get it, we are inundated with the need to create thousands of passwords for all the “stuff” we have to log in to. But, that doesn’t mean that you can use terrible passwords (like Password1) and you shouldn’t use the same password across sites/systems. Passwords are getting easier to crack so you need to be more complex in your passwords. Use longer (more than 10 characters), more complex (combination of uppercase, lowercase, numbers, and symbols), and not words. Get a password manager that generates passwords for you and this will help resolve the issue. Bonus: The password manager will save the passwords for you too! Just don’t use a weak password to login to the manager!
3. Avoid Unsecured, Public WiFi – This would be like going to the mall during the holiday season, putting all the gifts you just bought in your car, and leaving the car doors unlocked while you go back to do more shopping. Either you are very trusting of others or you’re not that smart. Same rules apply when using that free WiFi that Starbucks offers you so you can sit there for 3 hours and consume 45 Pumpkin Spice Lattes. Use a VPN to secure your connection so hackers can’t intercept what you are doing over that very public, very open WiFi connection.
4. Be Careful on Social Media – Social Media is great for many reasons but it can be a nightmare for many reasons too if you aren’t careful. Sharing that you are going on a trip with your family for 10 days and nobody is watching your house is an invitation for criminals to see just how good your security system might be (if you even have one). Don’t post a ton of personal information and if you do, make sure that your profile is locked so only you can choose who sees what you post. Oh, and finally, don’t accept friend requests from people you don’t know. If you don’t know them and don’t have any mutual friends in common, now might not be the time to develop that electronic friendship
5. Secure Your Laptop and Smartphone – It’s almost 2017, if you don’t have passwords and encryption on both your laptop or smartphone, you are at a significant risk of suffering some form of a breach. In fact, if you need proof of this specific to the healthcare sector, head on over to the Department of Health and Human Services Office of Civil Rights “Wall of Shame.” This outlines all breaches reported affecting over 500 individuals as well as the reason for the breach. You will be amazed at how many are due to the theft/loss of a laptop or other electronic device.

These seem like simple things to put in place and in all honesty, they are. But, people get busy and sometimes these small things can fall through the cracks and increase your risk of a breach and the resulting fines associated with various compliance regulations. By implementing good security, you reduce your risk and simplify the process of complying with various Federal, State, and Industry Regulations.

via:  compassitc

The recent reports of rising cyber-attacks throughout the world have many businesses and people investigating ways that they can improve the cybersecurity of their work and home environments. Since the inception of the 802.11 protocols nearly 20 years ago, WiFi has become more prevalent in everyday life, and yet many people still are unaware of the security issues that arise when implementing a WiFi device into their environments. Below are 5 tips on how to secure WiFi at either your home or office:

• Change default Service Set Identifier (SSID) name
• Change default password
• Ensure that strong passwords are created
• Ensure that strong encryption is used
• Review devices connected to your environment

Change default Service Set Identifier (SSID) name

There have been multiple times when I was searching for available wireless networks and saw “LINKSYS,” or some other default SSID. SSIDs are preconfigured by the manufacture of the router and can reveal important information about the router that someone who is looking for an easy target to break into can obtain with little effort. When I see a default SSID, I often wonder if the person that installed the device left the default administrator credentials also. An unauthorized user that wishes to gain access, could do so with an easy web search, to discover the default password for the administrator’s password, just by knowing the make and model of the router. Changing the default SSID so that it does not reveal the make or model will help in securing your wireless router.

Change default password

Like default SSIDs, default passwords are preconfigured by the manufacture and gives access to the router’s management console. One of the first things that should be changed before implementing a new wireless router into an environment is the default password. Depending on what the wireless router will be used for will dictate the length and complexity of the password. As a best practice, the administrator password should not be the same as regular users. Additionally, passwords should not be easily guessed and should not be found in the dictionary or published online. A list of the 10,000 most used passwords can be found here.

Ensure that strong passwords are created

Many people think that just having a password will protect their devices, this could not be farther from the truth. One of the easiest ways to protect your wireless router is to create a password that is long as well as complex. Hackers have access to files with trillions of passwords that have been cracked and can crack passwords within minutes if length and complexity are not used. An example of this would be the password “abcd1234”, using password cracking software would take 0.29 milliseconds to crack. However, the password “AbCd1234” would take approximately 7 months and the password “AbCd1@3$” would take more than 14 years to crack. Ensuring that passwords have complexity (upper and lower case letters, numbers and symbols) and length (longer than 8 characters) greatly reduces the chances that the password will be hacked. A simple/fun tool to see if your password is strong enough can be found here.

Ensure that strong encryption is used

The most common forms of WiFi encryption are:

• Wired Equivalent Privacy (WEP)
• Wi-Fi Protected Access (WPA)
• Wi-Fi Protected Access II (WPA2)

WEP was officially retired in 2004. Despite this, WEP continues to be the most used type of encryption used worldwide, due mainly to its age, its ability to be backwards compatible, and it being listed first on most drop down menus. WEP’s successor was WPA, which directly addressed the security vulnerabilities that WEP could not. WPA used Temporal Key Integrity Protocol (TKIP) which was significantly more secure than the fixed key used by WEP, but TKIP was later superseded by Advanced Encryption Standard (AES). WPA eventually became vulnerable to intrusions and WPA2 officially superseded WPA in 2006. The most significant change in WPA2 was the mandatory use of AES and Counter Cipher Mode with Block Chaining Message Authentication Code Protocol (CCMP) as a replacement to TKIP. WPA2 is currently the industry standard for WiFi encryption and the known WPA2 vulnerabilities are limited almost entirely to enterprise level networks.

Review devices connected to your environment

Most routers will have a list that shows the wired and wireless devices currently connected. This list should be reviewed periodically to ensure that devices that are connected are allowed. Years ago, the list would only show the IP address, MAC address or hostname.  Newer routers have all of this information to include an icon of the device type that is connected. Additionally, some routers are releasing mobile apps that will allow you to remotely see who is connected to the network and send you a notification when a device connects.

Not only is securing your WiFi an important security initiative, it is also, in many cases, a compliance requirement for various Federal, State, and Industry Regulations. This is a great example of how taking care of the IT Security initiatives and building a culture of security can assist you in achieving your compliance initiatives as well.

via:  compassitc