This is one of the fundamentals of business: being able to adapt to changing situations, and having multiple plans in place, ready for any eventuality.
Brian Armstrong, MD of Telkom Business, offers this insight:
“Early in my career I was fortunate to have a mentor who used to say that the more strategic a business issue is, the more important it is to have plans B and C in place as there will be factors beyond your control. This is a systematic approach to identifying what can go wrong in a situation and being prepared with plans, strategies and approaches for avoiding, coping or even exploiting them.
“For example, when I was at British Telecom, we were growing the African market by buying companies in various countries to achieve our objectives. We always had to ensure that we had a plan in place in case things did not work out as we hoped.
“Today, at Telkom Business, we have issues around regulatory and policy uncertainties, yet we have to manage the business and ensure that we deliver value for our customers. The best way to ensure we can do that is to always respond coherently to unplanned events.
“I also remember the president of the CSIR telling me before a presentation that he heeded the seven Ps – Proper Planning and Preparation Prevents Particularly Poor Performance. Whether I am in meetings with customers or shareholders, or speaking at an event, I always make sure that I am properly prepared. No matter how confident you are, when your personal and corporate brands are on the line, it’s important to be properly equipped.”
How do I keep the “Heartbleed Bug” from crawling into my computer?
What is the “Heartbleed” bug and why are sites asking me to change my passwords? Am I at risk?
By now you’ve probably seen a number of sites issue warnings and suggesting (or in some cases demanding) that you reset passwords. While it’s not uncommon for sites to ask users to update security details if they are concerned about a security breach, for so many to do so at the same time suggests there was a major incident affecting a lot of sites.
There was – That incident was Heartbleed.
This article will explain the incident, but if you’re in a hurry, skip to the end for some practical tips to improve your online security.
What is “Heartbleed”?
Heartbleed is not a virus, it’s a description of a flaw which many attackers are already using to steal information. In a nutshell, the Heartbleed security flaw allows attackers to steal information from Internet servers. As many as two thirds of all websites may have been vulnerable, and operators have been frantically updating to more secure software and notifying users.
Among the most common pieces of information at risk of being stolen are user credentials: Usernames, passwords, banking PIN codes and so on.
Because these are such high risk, many web site operators who found their systems to be vulnerable simply assumed the worst and told their users to change their passwords, whether or not they had any report of a breach.
What’s the risk, really?
The individual risk is relatively low, but the impact could be high, so this is worth taking seriously. Having your passwords stolen can lead to identity theft, fraud… a whole battery of online nastiness.
The risk is compounded by the fact that a lot of people reuse passwords across many sites, so a leak at any one could compromise many more.
If I haven’t been asked to change a password, am I safe?
No. Not all sites operate responsibly: Some haven’t issued password notification; some may not even be aware they are vulnerable. You should assume almost any credentials could have been exposed, and get cracking on updating them.
The only exceptions would be a password you definitely haven’t used elsewhere, and where the operator has confirmed that their systems were never vulnerable.
Why bother? I’m not a target for criminals.
Unless you’re a high-profile individual, you may not be targeted specifically. But hackers don’t actually work like that: They often use attack tools which scan large chunks of the Internet looking for vulnerable users. Some of these tools even conduct the attacks automatically too, only ‘lighting up’ when they have completed the exploitation.
As with any online security issue, you might not be a target, but you may well be in the firing line anyway. And identity theft is a truly horrible experience.
In short, there’s no reason NOT to take steps to reduce the risk.
So what can I do?
It’s not game over just yet, but the basic principles of keeping yourself safe online have become a bit more critical. In this case, since passwords are the main risk, it’s the question of password management.
Here are five key tips you can use to keep yourself safe (well, less unsafe):
- Change your passwords now if you haven’t already. I really mean it. Yes, it’s a pain, but it’s also an opportunity to get better passwords in place.
- Don’t reuse passwords. Even if you just vary them a little from site to site, that will thwart many attacks. If you’re struggling to remember passwords, write them down on a note in your wallet. Security experts will be aghast that I’m suggesting this, but since most people protect their wallets much better than their passwords, the risk is much lower than if you used the same password everywhere.
- Use long passwords. Forget all that stuff about using complicated symbols – length is what matters. Choose phrases you’re likely to remember – favourite lines from a song, perhaps – and you’ll be a lot more secure. Anything shorter than 12 characters is probably too short.
- Consider using a password manager like LastPass or KeePass. These will generate secure passwords for you and save you from having to remember all of them. I personally use LastPass and don’t even know most of the passwords for sites I use. All I know is they’re very long, practically uncrackable, and never reused from site to site.
- Use two-factor authentication for any service which offers it. This is a massive improvement on just a password, and key service like a Gmail account (which can be used to compromise many others via email-driven password resets) should definitely have two-factor enabled: Go to the security settings in your Google account page to turn it on. If you do nothing else after reading this article, do this.
Do I need to have written agreements with my friends?
Doing business with friends can go awry if everything isn’t put down in black and white.
I and a couple of your friends have an informal agreement whereby they supply me with goods and I pay them when you receive payment. Is it really necessary to have an agreement in writing?
A quick visit to the world wide web would confirm for you the absolute importance of having everything in writing in a business relationship. Many personal relationships such as marriage are underlined by written agreements.
So, if some of us would sign ante-nuptial agreements before entering into an apparently loving marriage, why would we not put a written agreement in place for our business dealings?
Putting a service level agreement in place:
You are friends, right? You are working together and mutually benefitting. What could go wrong?
Consider the following clauses to a service agreement and ask yourself what would happen in your case if there was no signed agreement in place to address these matters. Additionally, consider the legally binding nature of disclosing these points in writing:
• Effective date – when did we start doing business together? Did a problem arise within our working relationship prior to or post this date?
• Obligations – Who is responsible for what? Imagine there is a problem with the product/service delivery. Whose fault is that? If a loss is to be born, who will bear that loss? You? Your friend?
• Payment terms – What happens if you don’t get paid and your friend presses you for payment. Can you blame your client for not paying you? How long do you have to settle the account?
• Delivery – What happens if your friend does not deliver the product that you have promised to your client within the agreed time lines (even if the reasons are legitimate). Your client will claim from you.
• Termination/duration of agreement – Things are not working out, but your friend is dependent on your business, can you simply stop working together. Do you need to give your friend notice? How much notice? What if they don’t agree with this?
• Ownership right – Your client doesn’t pay you but has the goods. Do those goods belong to you or your friend?
• Disputes – Goods have been paid for, but your client has an issue and returns them… who is liable? Your friend says it’s not his problem. Do you carry costs? Does your friend? Who now owns this item?
Get your agreements in writing. All good business relationships should have defined boundaries – this will provide clarity and ensure that all parties are protected.
Why do I need a business continuity plan?
Having the right managers in place is key to business continuity.
I run a fairly small business and am worried about what would happen if I were to become ill. I also find it difficult to take leave because I’m concerned about the impact that my absence would have on my business. What changes can I make in my business that will allow me to step away from the business occasionally?
Sustainability in your business is key to ensuring that it will survive a crisis, should one occur – or even just your absence on holiday. While employing capable management is a step in the right direction, it’s important to be able to delegate tasks so that they are empowered to run the business in your absence.
By hiring the right people and giving them the training and information that they need, you are ensuring that your business will carry on as usual should you need to step away from it, whatever the reason.
Read the full article here.