Archives: Blog

Hiddren Threats to your Corporate Training Program

3 Hidden Threats to Corporate Training Programs

Let me ask you a question. Are you conducting your corporate training through an e-learning channel, like Blackboard or Moodle? It’s funny. Companies know they need to train their employees on security protocol, but often they communicate that protocol in some rather un-secure ways.

According to a recent survey from Trustwave, a majority of companies have either no system in place or a partial system in place for monitoring and tracking their sensitive data.

Moreover, what we have found at eServe is that many companies are unaware of what kind of data they even need to protect! Is that you?

Think about it. Any training session you conduct for a new hire or seasoned employee would (and should) include data about your company’s processes, products, customers, strategies, goals and more. They are not just casual blogs or press releases – training materials contain proprietary data. That is data your competitors would love to have and that you should do everything in your power to keep from getting out!

You don’t have to be in a government agency or big tech firm to worry about this either. Whether your data is intentionally hacked or just mishandled, you would be surprised at who might be interested in using it to their advantage – or where it might end up. Corporate training leaders in every field – from medicine to the culinary arts- has company secrets to protect.

And it is often only after those secrets have become vulnerable that they realize what that information means in the wrong hands.

Here are 5 hidden threats to putting your training information online.

corporate training1. The Threat of Hacking to Corporate Training

Remember Julian Assange of Wikileaks? His goal was simple – expose the hypocrisy of the U.S. and other governments. As an expert computer programmer, he was able to achieve this goal. But you don’t have to be a political organization or nation to be threatened by a motivated hacker. You just need one company wanting to mirror your company and with the know-how to go after your information. Don’t let sticky fingers threaten your bottom line.

corporate training2. The Threat of Careless Employees to Corporate Training

I bet if you were to survey your staff members you would find that at least 50% (if not more) write their password down on a sticky note and attach it to their monitor. Or, maybe they forget it altogether and use the password of their cubicle mate or neighbor. But who’s to say their neighbor is privy to the same information they are?

Also, who’s to say that sticky note doesn’t end up in the wrong hands? Or, what if the slides you presented during a WebEx conference aren’t saved on a staff member’s laptop that was accidentally lost or left behind?
An employee does not have to be disgruntled to leave your proprietary information in the wrong hands.

They just have to be human. If you’re sharing any secure information with your staff, always keep that in mind.

corporate training3. The Threat of Upheaval to Corporate Training

Another e-learning threat has nothing to do with the exposure of data – in fact it is quite the opposite. For some industries, such as medicine or finance, the rapid dissemination of information is crucial to the success of their operations. Many times, it can literally mean life or death.

Think about it like this. What if a medical organization in Florida scheduled a seminar titled “Zika Virus: Our response to the Threat & Treating Pregnant Women.” In 2016, the Zika crisis was a real and urgent threat for South Florida families. Getting the right information in the hands of professionals who needed it most was an urgent concern. Similar situations would be training for security institutions that contract out to the TSA or other government bodies.

Updates and training sessions are often ad hoc and almost always must go on without a hitch. Any threat to the system these sessions are conducted on could mean putting people and possibly whole areas at risk.

No matter where you fall on this spectrum or which threat concerns you the most, there is a solutions! Always secure your training sessions. Avoid putting your valuable knowledge in the wrong hands by setting up the right security infrastructure and protocol from the get-go:

• Only allow registered invitees to join meetings
• Create specific passwords for each meeting rather than the same password for all your meetings
• Coach your trainers to choose wisely who they let in the training rooms
• Create rank-based permission levels (i.e., Tier 1, Tier 2 and Tier 3 access levels)
• Track and analyze who accesses your data (when, where and how long)

Want to gain greater peace of mind with your corporate training content? eServe is a content delivery platform that helps you empower your staff with the freedom to train and learn on their schedule, while also providing you with the power to protect that information.

In the digital age, both security and flexibility are key to mastering corporate e-learning and digital document management.

 


eServe - Digital Age of Enterprise Learning

Introducing the Digital Age of Enterprise Learning. Introducing eServe.

In the enigmatic words of Bob Dylan, “the times, they are a’changin’.”

The Internet has revolutionized the world in all spheres – from the way we communicate and shop to the way we learn and train. Thankfully, this has also opened up plethora of new avenues for education. With eLearning, Internet technology is being employed in a way that makes learning anywhere, anytime and at any speed.

Isn’t that such an exciting concept? No matter where you are at in the world or in the learning cycle, education can meet you where YOU are – not the other way around.

Also, while companies worldwide adapt and grow with e-learning applications, so do the applications and products themselves. There are tools to manage administration, automation, certification and micro-credentialing. Now, there are tools to manage content creation too!

Both the LMS and LCMS are enterprise wide-applications which enhance the flow of information from learning development teams to staff and new learners worldwide.

On that note, we are exciting to announce the development of our very own LCMS (Learning Content Management System). While the LMS (Learning Management System) manages people, the LCMS is a platform manages the content they consume.

And just like the flexibility of the LMS, the LCMS works anywhere, any time and at any speed – allowing you to cater the content to YOUR organization’s needs, rather than the other way around.

Want to know more?

Watch this introductory video to eServe – a tool designed to bring enterprise learning into the digital age.


BYOD

BYOD – Do you know where your content is?

blog images byod

When employees improperly use mobile devices, they put their companies at risk for data breaches. This includes leaving lots of sensitive data on the devices—which can pave the way to leakage of data, plus other issues.

Mobile device use in workplaces is increasing—and so are the associated security risks. Current security measures are lagging behind the increased rate of mobile device use in the corporate realm.

One study not only showed that a lot of company information was left on handsets, but personal information as well was left on, putting employees at risk for personal compromises.

This small study demonstrates a clear need for improved guidelines and policies governing smartphone use and security of the devices. This becomes even more relevant as businesses turn more to cloud storage for data.

Non-approved software-as-a-service (SaaS) apps, used by employees, is widespread, according to a McAfee study. These apps are not approved by the company’s IT department. Employees can easily bypass the IT department by using the cloud. The study showed:

  • Over 80 percent of survey participants reported using unauthorized SaaS apps.
  • About 35 percent of SaaS apps used on the job are not approved.
  • About 15 percent of users have had a security problem using SaaS.

Employees may not realize that their chosen SaaS apps are poorly safeguarded. Such employees aren’t malicious; they’re just trying to be more efficient. Businesses need to find the right balance of protecting themselves yet allowing employees to use apps for increased productivity.

An ideal situation would be to monitor SaaS apps and apply policies that do not inhibit employees’ ability to be productive.  The content itself could have been wrapped in a security blanket.

This would have offered the ability to:

  • Digitally stamp the script with dynamic watermarking identifying the viewer by name and email address (to prevent workarounds such as screenshot-taking);
  • Restrict viewing access based on receiver’s email address, geographical location, or device used (laptop, mobile phone, tablet, etc.);
  • Control sharing, saving, printing capabilities via custom settings for each intended receiver; and
  • See exactly who viewed the script, when (and for how long) they accessed the material, what device they used to look at it, whether or not they forwarded or printed the material (if that permission was granted to them by the sender.)

The Bring Your Own Device movement is no longer a small consideration – it’s something
your business needs to address. Fortunately, there is a lot of expertise being generated about the best way to deploy and manage BYOD in enterprises. From data ownership considerations to online industry survey, here are a few key item to keep in mind on BYOD.

BYOD Devices are Expected to Double by the end of 2014

According to Computer Weekly, device usage is going to double in the next year. However, they also; point out that only 5% of the smartphones and devices have the necessary security software installed, underscoring the need for a content security solution before you implement BYOD.

Are you Considering or Implementing BYOD? Then ask you self these questions.

Is your organization prepared to address?

Support cost – Even your tech savvy employees may not know exactly how to make business applications work properly, or how to utilize maintenance techniques. Thus causing big problems for you and your IT team.

Hardware Compatibility – Is the device capable of handling the task required of the job.  Along with ensuring the hardware is capable of holding tough, make sure you handle which device you will even allow used.  Managing different smartphones can be tricky.

Legal Risk – When your employees bring personal devices into work, what happens if the device gets lost, with your customers critical data on the device?   What if the device brings virus into the company’s network? Or worst your clients’ network.

BYOD Solutions Require Mobile Data Management 

Adopting a mobile device management solution as a stop gap – instead of a strategic move – is a bad idea for CIOs. Research the mistakes IT Department that embrace BYOD early on made and what worked when shifting from one location management to multiple mobile devices offsite. 

When BYOD is Used Who Owns the Data?

When personal devices are used for business purposes, there’s a blending of personal data and business data – so who owns that content?  You have blended data on the device, are there ways that enterprises can protect their data without infringing on personal property.

Make Sure Your BYOD Policy is Complete

BYOD policies help keep your organization and your employees safe. But navigating the ins and outs of policies can be difficult, particularly if your organization is new to allowing personal devices for corporate use. There are many essential elements that go into a successful BYOD policy, do your research!

 


Dunno

WHAT IS THAT?

A nostalgic look at tools used every day in the graphics industry.  Let’s just say in a time NOT so long ago…  If you were involved with printing you knew about hot type vs. cold type, what galleys and headline type were.    Do you know what CompuGraphics machines were used for, or when you would use Pro White?  Usage of letter press vs. offset. Or that offset required everything to be pasted down, with rubber cement until waxers were state of the art.  Type galleys, headlines and position only (PO) photos where adhered to boards to be shot by a production camera, which exposed the film which were developed into negatives. The negative where stripped into forms/flats. Photo where shot separately, photos needed to be shot with screens placed at precise angles.  Different screens created different dot size and resolutions. These screened negatives were used to replace the PO images on the flats.  The flats where used to transfer the images to plates. The plates hung on the presses, which using an offset process to move ink from a plate to a cylinder to the paper.

Business forms were pre-printed with carbon paper tipped (glued) between multiple copies.  Organizations would buy the forms at an office supply stores and then take them to a printer for imprinting their company information centered at the top of the form.  Creating a custom form with even consistently, spaced lines took talent and skill, now its copy and paste.  A presentation for a large group meant creating a set of 35mm slides, each one shot from reflective artwork created and colored by hand, now its pick a PowerPoint template and go.  With this in mind I thought I’d share a few images and see how many followers know what they are and if they have used them for creating finish works.

Have these images got you reminiscing for the good (not so) old days?  Share your thoughts with us, over the next few weeks I’ll post more images.  I hope you enjoy looking back.  Please share your images and stories with us, you photos will be included in the follow up post.

Jump back to 2014, DocuServe is a Digital printer, with a state of the art Electronic Pre-Press Department to handle all your production requirements.   DocuServe has been packaging customer content for since 1994.  Re-engineering its deliverables as commerce changed over the years.  Consistently pushing it’s digital print engines beyond what’s expected,  DocuServe grew into media: CD then DVD to USB drive.  To publishing online via PDF file.  Now we can take those stogie PDFs and make them in to user friendly e-Books.  This e-book can be Web based or delivered off line, all dependent on your organizations requirements.

Cloud-Based Content Control Opens Up Opportunities for Publishers in All Industries

With eServe, your organization can experience all of these benefits without risking theft, loss or damage to your intellectual property.

eServe is an ideal solution for:

  • Traditional publishers who need to embrace secure digital publishing to court new readers.
  • Organizations that want to deliver marketing materials across platforms in a more readable and accessible form.
  • Researchers who are looking for a convenient, and secure, way to deliver content.
  • And more!

Docuserve is a Digital printer, with a state of the art Electronic Pre-Press Department to handle all your production requirements.

 


Security

Secure Digital Content: How It’s Done

A few weeks ago, I surveyed a technical writing group on LinkedIn about the importance of security for technical publications and received feedback from more than a dozen industry professionals on this issue. Unilaterally, the responses were in the affirmative.

Document security is a requirement for doing business in government and healthcare, along with many others. The range of answers was broad, and by several accounts, inconsistent. Some companies broadly distribute their user documentation on corporate websites and deem it another form of marketing material.

Joe Hauglie, a Human Performance Consultant for a large equipment manufacturer, said  “There are all types of security, from password-protected PDFs and documents are stored on a secure server, behind a firewall. Companies should have guidelines in place that indicate what should be private or otherwise. I think that all content should be evaluated before it is categorically released. “

While our survey shows that many larger companies have internal processes in place, small and mid-sized businesses are a bit behind in identifying what should be secure and how to secure it. In our experience, this is a bigger issue than protecting pdfs with a simple password, as the passwords can be shared along with the document to anyone without detection.

Some of our clients have asked us for parameters involving security by IP address, controlled web portal, timed access, and view only access. Requirements come in all shapes and sizes with secure digital content. We’d love to hear more stories about how your company solved the document security challenge including the costs in dollars and internal resources.  What’s your experience with digital delivery of secure content?

 


Spies, UNsecured

The Pitfalls of Unsecured Digital Documents

Over the last few years, I have seen dozens of conversations in professional training forums about digital content delivery strategies, including what formats are most effective, what is required to deliver them, and how these digital formats can be securely encrypted.

Questions like:

Is there any value in a do-it-yourself solution to remix existing third-party material and custom content for delivery to any tablet or mobile device?

What are the benefits of timed content delivery?

I’m researching delivery options for a new learning curriculum. Can anyone share any lessons learned on different delivery models?

Is there content that can be taught most effectively only through a certain medium, such as elearning using mixed digital content vs. traditional classroom training, for instance?

While training professionals should understand these issues and create learning experiences in appropriate mediums, delivery considerations often distract them from what they most need to focus on: creating the content. While many enterprise companies have brought this function in house, small and mid-sized businesses are often without a reliable solution and are winging it. These companies often create simple, easily broken password-protected PDFs and call it a day, leaving their intellectual property up for grabs by their competitors.

When asked about these practices, my colleagues share stories that would give the company legal department pause. If your company’s content and people are what gives you the market edge, why would you leave your playbook in the other team’s locker room? The main response is about time and money. When there are so many options to consider- from ebooks formats and timed- access, to print and sharing considerations, many training professionals don’t have time to wade through the options and develop an organizational strategy.

If the resource isn’t in house, and your company values content security, it makes sense to find a partner who can help you develop an approach to content delivery and security, doesn’t it?  What’s your strategy?

Topics: Secure Content


Twitter: @Docuserve

Facebook: @Docuserve