Human Resource Information System and other key technologies to improve your business.

Is the paperless office right for your company?

The paper-free office is becoming more and more popular. The idea of going paperless or having a work environment which eliminates or greatly reduces paper can be overwhelming to think about. Probably the most difficult part of transitioning to a paperless environment is setting up the needed infrastructure and getting employees on board with making the switch. Once those two items are addressed, the benefits far outweigh the initial burden.

We live in a digital world and most business is conducted via the internet, email and digital document sharing already. Making your documents readily available in the format you need to increase your productivity and ability to operate efficiently in a digital world is key.

According to the CompTIA CDIA+ Certification Handbook 2016:

  • The average office worker makes 50 trips per week to the fax machine, copier or printer.
  • On average, 6 minutes are wasted every time a document is retrieved and then refiled.

There are multiple business benefits from going paperless but the number one reason is cost reduction. You can reduce the costs associated with paper, printers, copiers, fax machines, ink and toner. You can also reduce or eliminate the need for filing cabinets and additional office space to hold them, off-site storage and the cost related to organizing paper files. Other examples include hanging file folders, folders, labels, shelving, storage boxes, not to mention the manpower related to moving and archiving files.

Obviously, there are cost related to a paperless office, but they are controllable and significantly less. Cloud storage space is very inexpensive looking at overall costs. Services such as Dropbox, OneDrive, Amazon Drive and Google Drive are just a few products that offer free, instant online storage which is often a good starting point until you determine how much space you need. Take care that any digital storage solution you choose is secure for storing sensitive documents.

Once you decide to go paperless, don’t get bogged down with archiving existing paper files. At some point you might choose to scan and digitally archive key documents such as employee files, customer contracts or tax returns, but often you will not find the need to archive all paper files and eventually many can be purged after a certain period.

Start by breaking down your operations and consider which processes rely heavily on paper. Pick one or two key functions in these processes that you can start digitizing. Choose a specific date to start (i.e. the beginning of quarter) so you have a reference date of how to look for data in the future. Then, create a digital storage policy and structure, train your employees and set about saving important information digitally. After you have mastered digitizing one process, move to the next until your entire operation, or much of it, is paperless.

Ready to make the switch? Contact BCN Services and we will can help you with the basics and how to get started.

David Pilon, Controller

One employee, one email, one click can cause big issues for employers

The cyber security landscape has changed drastically in the last decade. We hear it all the time with the databases of large, trusted companies being hacked: Yahoo with 3 billion user accounts, Marriott International with 500 million customer accounts, credit reporting agency Equifax with 143 million consumers and TJX Companies with 94 million credit cards exposed.

These are only the data breaches that we see in the headlines. What about all the small- to medium-sized companies that never make the headlines? Could your company be next?

Consider this scenario: It is a normal day at work and you see strange file extensions as you scan through your emails. You open one of these files and a strange message appears on your screen demanding payment with a timer counting down to your companies’ network demise. How did this happen? A malicious phishing email and it only took one employee, one email and one ill-fated click.

What is Phishing?

A phishing scam, or phishing attack, occurs when a cyber criminal sends an email posing as someone else to entice or lure you to provide sensitive personal or company information. They try to extract sensitive information such as usernames and passwords, credit card information, personal identifiers and account information. They attempt to elicit fear, a sense of urgency, or curiosity causing you to open an attachment or click on a link which may install malware, spyware or a virus on your computer.

“Phishing attempts have grown 65 percent in the last year,” according to PhishMe’s Enterprise Phishing Resiliency and Defense Report. Verizon reports that “93 percent of cyberattacks originate via phishing, with a total yearly cost to U.S. businesses of $500 million.”

Here is an example of a recent phishing attempt published on Apple’s website:

While this looks legitimate, the point of the scam is to have the user click on the link to cancel the subscription. Once they click, they will be asked for a range of sensitive information. While most of us would catch on to the scam at some point, some do not. Admittedly, it is a convincing email.

More recently, there is an increasing amount of targeted attacks referred to as “spear phishing.” This occurs when a criminal uses a more personalized approach to lure its victim. These attacks can be highly effective because the perpetrator uses language tailored to the targeted individual. The email may appear to be coming from a client, your boss, an internal department or a vendor. Imagine, for example, if your boss invites you to attend a webinar and asks you to confirm your attendance by logging into your outlook account. Using a malicious link in the email, the spear phishing allows criminals to go after your sensitive information and, if credentials are gained, the possibility of causing significant damage to your business.

Three ways to keep your business safe

There are a number of steps that employers can take to lower the number of problems with security breaches. Increase employee training and make it a part of your company culture. Continuous security awareness training, on average, provides 37 times the return on a company’s investment.

Invest in a security awareness and a phishing defense tool. There are several companies that offer tools (free and paid) to filter and provide a defense in phishing email attacks against your organization: Phishme, KnowBe4, Webroot, Barracuda, and Duo are just a few. Do the research and find a tool that best fits your company’s needs and reduce your likelihood of a successful attack.

Make sure you have successfully implemented the following authentication methods in your domain. These are standards that will help validate your email and are designed to protect your email from potential spammers and phishers. Research and implement these:

  • SPF (Sender Policy Framework) validates that your email address is coming from your mail server by authorizing your sending email address to your company’s internet domains IP (internet protocol) address.
  • DKIM (Domain Keys Identified Mail) proves that the contents of an email have not been tampered with, that the headers in the email have not changed since the original sender sent the email, and that the sender of the email owns the domain or is authorized to send the email by the owner of the domain.
  • DMARC (Domain-Based Message Authentication) is an added authentication method that requires both SPF and DKIM to pass, determining that at least one of them is aligned. This prevents accepting malicious emails that are pretending to be someone else. Google recommends this method for bulk email senders, plus Gmail and Microsoft are quickly adopting DMARC into their filtering methods.

It’s time to get in front of these threats. Become knowledgeable on how to install the proper tools and educate your employees in security awareness to protect your business. Contact us at BCN services to find out how we can help or for more information on this topic.

Marcus Merillat, IT Manager

May the 4th Quarter be with you

The fourth quarter of the year is upon us and with it comes a myriad of images: football, fall leaves changing colors before giving way to snow, holiday parties and last-minute purchases. It also brings business opportunities ranging from back-to-school marketing to the holiday season and everything in between.

As we start the fourth quarter of 2018, it is a good time to make a list of your most important initiatives for the remainder of the year. This might mean moving projects to next year that have no chance of completion in the short timeframe. In addition to a robust work schedule, there’s also the added family pressures of the impending holiday season around the corner. Staying focused and structured will increase your productivity and allow you to maximize resources as the year ends.

What are your goals for the coming year?

The fourth quarter is a natural time to reflect on, and analyze, your business. Assess whether the business is where you want it to be, its prospects for the future, and what can be done to increase business in the upcoming year. As you reflect, set goals for the year to come.

Have you reviewed your cybersecurity recently?

This is a great time to review and improve your company’s cybersecurity procedures. Select a password manager that can secure your online accounts and help you avoid password fatigue. Clean up your digital footprint by deleting old accounts that may publicly reveal sensitive information. Be on the lookout for scams, such as phishing emails. The end of the year is a common time for cybercrime, as businesses are often understaffed, and tired employees are more likely to let their guard down and open a suspicious email.

Are you ready for holiday bonuses and year-end performance reviews?

Your employees are vital to the success of your company. The fourth quarter is a good time to prepare for end-of-the-year employee evaluations, so each team member knows where they stand and what you expect from them in the coming year. Keeping good records puts everyone on the same page, and it can also help you avoid the cost and hassle of employment disputes in the coming year.

End-of-year or holiday bonuses are a great way to boost morale and keep employees happy. However, it’s strongly recommended that bonuses are given in connection to performance reviews. If not, you miss an opportunity to reward performance and the bonus can quickly become a pay expectation. If all employees receive the same bonus, there’s a good chance that the higher-performing employees will be disappointed with the “fairness” of the process.

Are you feeling festive?

The fourth quarter is full of fun and seasonal festivities. Customers are visual and love businesses that get into the spirit and let their “seasonal personality” shine. You can add seasonal graphics to your website, decorate your storefront, and use holiday imagery in your promotions and posts. Help customers get that warm feeling (you know the one) when they enter your store or jump on your website. Take care, however, not to bring religious themes into the mix, as there is a diversity of beliefs out there. Be sensitive to this in your seasonal planning.

Finally – what can BCN help you with?

BCN Services has an experienced staff to help with the variety of day-to-day situations. Our objective is to help you, our valued client, to focus on your business needs and key priorities by freeing up time spent on employment issues and administration. We handle more than 150 Human Resources employment tasks, products, and services and strive to provide outstanding customer service and resources.

Contact BCN Services at 1-800-891-9911 if you have questions or need assistance.

ThomMoore_1002_4x6_10-2018

Thom Moore, Partnership Manager

Companies: Consider up-to-date tech tools for your employees

Most company owners and managers agree that recruiting costs have increased, high-quality employees are in high demand and short supply, and employees are their biggest asset. But companies often fall short when providing valued employees the tools and technology that they need to help them be successful. This is something that should be high on an employer’s priority list.

Today’s employees want to work in digitally savvy organizations and employers needing to attract and retain employees must provide the up-to-date technologies and tools that employees need, and want, in order to perform their jobs well.

While the average employer isn’t ready to have an artificial intelligence receptionist greet guests or have employees sign up for health care open enrollment at a kiosk, employers must implement technologies for a more connected, efficient and modern workplace.

Consider user-friendly systems

The market is saturated with software and technology “solutions” designed to perform whatever task a company desires. However, employers must vet these systems to ensure that their use doesn’t burden employees. If the systems aren’t user friendly, employees won’t use them.

This leads us to training. Many software systems boast “intuitive” solutions, but don’t let this claim lead you to skimp on training. Training is an important part of helping employees to feel connected to the systems and to each other. It is an employer’s responsibility to ensure that an employee is successful in using any technology.

The ability to share screens is a great way to demo a product, to show off your website or train your employees. Slack, Webex, and GoToMeeting are all relatively inexpensive technology programs that can close a logistical distance by allowing employees to connect online.

Skype and Facetime are interactive programs that originated with personal use technology and have widened the possibilities of how people connect during the workday. What’s better than a face-to-face when you’re having a meeting with a remote client, employee or job candidate?

Tools needed to keep employees efficient

Keeping your employees engaged and enabled in today’s business requires that they have the tools and technology to make that happen. Fortunately, doing so is easier than it has ever been for the small employer.

Do you need help with employee training or with ideas for improving your business efficiency? The experts at BCN Services are here to help. Contact us for more information.

MarcusMerillat_6692

Marcus Merillat, IT Manager

Bring Your Own Device: Consider a policy before allowing personal tech in the workplace

Employers need to carefully consider the pros and cons before instituting a “Bring Your Own Device” (BYOD) to work policy, which can include laptops, tablets and smartphones. Once decided, employers should clearly communicate their policy to employees. Asking, or allowing, employees to bring their own devices into the workplace can keep company costs down, but it also raises many questions and concerns regarding legal compliance and security. Consider these advantages – and disadvantages.

Advantages to allowing personal tech

  • Most employees seem happiest using the mobile devices they prefer and are most comfortable using their own, preferring not to switch to a company issued device.
  • As technology constantly changes – and individuals love to get the latest and greatest – personal devices are usually more up-to-date than those issued by the company’s IT Department.
  • Individuals spend many “off-work” hours on their personal devices. When they are checking social media and personal email, that often means they are checking work email too. Employers can expect an increase in employee productivity when an employee’s ability to “work” is with them and in their hands even during leisure hours.
  • Employees take more initiative and responsibility in maintaining and keeping track of their own devices. This means less stress and strain on IT.

Disadvantages: Security, security, security

  • Whether your employee is an account representative, a warehouse supervisor or a portfolio manager, chances are that they have access to company information that you don’t want to be lost, stolen, or accessed by unauthorized individuals.
  • Malware, viruses and fake apps may still be a problem on your IT department’s “to do” list if employees have tech problems and are unable to work from their device.
  • In a work environment where employees use their cell phones at their desks, in meetings, and walking down the hall, it’s virtually impossible to tell how much non-productive personal time is happening at work.

So, do advantages outweigh the disadvantages? Your executive management team will have to make that decision based on your specific workplace needs.

At a minimum, all personal devices should require a password for access, have anti-spyware and anti-virus software installed, and use an approved operating system to access corporate resources. A policy with specific “Dos and Don’ts” is also highly recommended.

If you – or your employees – have already adopted a BYOD practice, be sure to get your policy in place. The BCN professional staff can assist you with sample policies or with customizing a policy to your specific needs.

MarcusMerillat_6692

Marcus Merillat, IT Manager

It’s all about the employee and a focus on tech and digital trends

In 2017, organizations focused on the well-being and satisfaction of their employees. Business leaders looked to build a better environment for their workforce and invested in strategies to help recruit and retain top talent. Buzzwords like ‘culture’ and ‘engagement’ were in the forefront of business discussions.

The year 2018 will bring a fresh set of trends that may significantly impact the way businesses operate. Leaders will look for ways to provide employees with the tools they need to thrive and develop.  Key trends will focus on technology and digital integration, collaboration and the employee experience.

There will be a focus on collaboration, including the use of social networks. Another popular prediction includes innovative work arrangements allowing work to become more adaptive and less formal. Interested? Read on for more.

Digital Integration and Artificial Intelligence (AI)

Alexa. Siri… Hey Google…

Technology continues to transform the way employees go about their daily activities. Digital tools have become more user-friendly than ever before. With these advances, investment in digital tools and strategies is expected to reach an all-time high in 2018.  Artificial Intelligence (AI) is seeping into every industry and profession. While AI can take many forms, in 2018 we will most likely see a sharp increase in recruitment using the AI-enabled ‘chatbots’ to match candidates with jobs.

Cisco forecasts that by the end of 2018, 82 percent of all consumer Internet traffic will be video. Live and recorded video, as well as video ads, increasingly dominate our feeds across Facebook and Snapchat and even on Instagram, Twitter and LinkedIn. It’s estimated that nearly half of businesses are implementing social videos, with another 25-30 percent planning to implement them in 2018.

The Employee Experience

Culture and employee engagement were top priorities in 2017.  The ‘employee experience’ is quickly becoming the new focus for 2018. Susan Peters, Senior Vice President of HR at General Electric, defines this as, “seeing the world through the eyes of our employees, staying connected, and being aware of their major milestones.”

With the growing influence of younger generations and the increasing transparency of the digitalization age, employees are expecting a more engaging and enjoyable work experience.  This will be a year where leaders develop the ‘employee experience’ to include engagement, culture and performance management.

We can expect to see more businesses move away from traditional, structured training programs leaning towards more self-directed, social, informal learning platforms. Social connectivity will also help create an environment of user-generated content and shared ideas, making learning more digestible and engaging. In place of fixed, formal content, this will lead to a more organic workplace learning environment with a viral-like impact.

In 2018, companies will increasingly turn to existing employees to fill open positions, offering training and encouraging employees to seek promotions. With fewer new employees expected to enter the workforce in the coming years, employers are seeing the advantage of investing in people that are already familiar with, and loyal to, their company.  Businesses can no longer rely on a one-size-fits-all approach to talent management if they want to attract and retain top talent. Tailored and personalized learning opportunities for employees of all types will become the norm. Continuous learning will be a hot trend this year. Digital training is an increasingly attractive option because it gives employers the ability to measure employee productivity through user data. It also allows for a more collaborative experience between departments. As a result, work-from-home and other flexible workplace options are expected to become more and more common place.

ThomMoore_4x4 (1)

Thom Moore, Partnership Manager

When disaster strikes, employers must be prepared with a solid plan

A disaster can be defined as an accident, or natural catastrophe, that causes great damage or loss of life.  Certainly, there have been several, large natural disasters recently ranging from hurricanes to earthquakes.

On a smaller scale, a disaster could also encompass issues isolated to your office causing a disruption in business, such as an office fire or broken water pipe.

It is important for your business to develop and implement a detailed disaster recovery plan for a variety of situations. But with such a wide array of potential disasters, it can be difficult to know how to start the planning process.  Below are a few starting points as well as additional resources to aid you in the process:

  • Form an emergency planning team comprised of managers and staff who understand business operations and can brainstorm worse-case scenarios. The team should develop an emergency action plan based on its findings for each scenario.  Employees should then be trained on how to carry out the plan.
  • Protect business operations by involving your technology staff. They can develop an infrastructure with cloud-based backups or off-site servers to ensure continuity of your operation. You should also have a contingency plan outlining how you will access this data and continue operations if you lose access to your physical place of business.
  • Review insurance policies for adequate coverage that will pay for direct and indirect costs of the disaster. Speak with your insurance agent to determine if any additional policies are needed based upon your emergency action plan.  This may include cyber insurance or business-interruption insurance.
  • Develop a communication plan in the event of a disaster. Consider how you will notify employees when a disaster occurs and how you will continue to keep them updated.  Also, consider how and what you will communicate with your customers. As part of your plan, have language in place that can be readily used for emails or other types of communication both with your staff and your customers, if needed.
  • Finally, because business operations, employees and relationships change over time, it is important to have a periodic review of your emergency plans and make changes as necessary.

If you need additional resources or help developing your plans, OSHA is available to provide training and support including their publication, “How to Plan for Workplace Emergencies and Evacuations”.  Other free resources are offered by The American Red Cross (http://www.redcross.org/get-help/how-to-prepare-for-emergencies/workplaces-and-organizations) and the U.S. Department of Homeland Security and Federal Emergency Management Agency (https://www.ready.gov/business). The experts at BCN Services are also available to consult with you and guide you through this process.

 

AliciaFreeman_6679

Alicia Freeman, Operations Manager

Watch out for identity thieves during tax time

This is the season for identity thieves to run rampant.  It is important to protect your identity, as well as your employees’ identities, throughout the year, but the threat increases this time of year as the April 18 tax deadline approaches (the traditional April 15 falls on a Saturday and Emancipation Day is observed in Washington, D.C. on Monday, according to IRS.gov).  Following are a few steps you can take in order to keep this information private:

  1. Never send an e-mail that contains full Social Security numbers.  If it is necessary to send this information, password protect the sheet you are sending.
  2. Always verify who is requesting the information and who you are sending information to.
  3. Never give out information to a person that contacts you via email or phone. If they are authentic, they will already have that information on hand.

The IRS warns of multiple phishing scams that they are currently aware of at these links:

If you have any questions about how best to protect yourself or your employees or if you are contacted by someone that doesn’t feel right to you, please contact BCN Services and let us help you through this process.

AmberHeckamanIMG_0592_4x6

Amber Heckaman, Sr. Staff Accountant

Fight cyber threats: Take action to ensure your emails and data are secure

Yahoo just announced this week that more than 500 million accounts had information stolen in what news reports say is one of the largest cyber-security breaches in history.  Yahoo has reported that a “state sponsored actor” was behind the breach.

What does this mean to you and your business?  It is important to make sure that your data, email, and online accounts are secure.  Below are several steps you can take immediately to ensure an increased level of security.

  • Change your passwords frequently: People are generally bad at selecting and creating passwords.   Create random passwords, make them long and use different ones for each account.  If you have problems remembering randomly generated passwords (everyone does!) consider a password manager such as  LastPass, Dashlane, KeePass, 1Password, and RoboForm.
  • Update your account information: Take time to review your most important account information for accuracy.  Make sure your email address, phone number and contact information are correct.  You will have a better chance to recover information if those items are accurate.
  • Consider two-factor authentication for your most important accounts: Adding a second level of authentication for the services you care most about will decrease your security risk.  This can be done by adding a text message code, a security key, randomly generated passwords, or even a phone call.  Search the help or support pages on your account web pages to find how you to implement multi- or two- factor authentication for each.
  • Review your privacy settings on your social network accounts: Are you sharing data and information with only whom you intend to?  Take the time to review privacy settings and err on being conservative.  If you are unsure of what you are allowing others to see, turn it off.
  • Have a good antivirus and firewall protection: Check that these systems are up-to-date and functioning properly.  There are several sites that can help you choose the best protection for you.
  • Pay attention to security alerts and suspicious links:– Browsers are now equipped with warnings to alert you if you attempt to visit a dangerous site. Don’t ignore these warnings.  Be aware of suspicious links and never download a file that your antivirus software or browser says is malicious.
  • Minimize the damage: Even the best practices may be susceptible to a hack.  If your account is hacked, be aware of what help is available.  Avoid storing unnecessary account information.   Make sure you have a good backup of your valuable data.  Hardware failures, accidental deletions, viruses and malware can destroy your data.  Have an automatic backup solution that works for you.   Also, take the additional step to test your backup system regularly so that it is working when you need it.

 

If you need help, contact the Human Resource experts at BCN. We are here to help, whether it is about  your employment policies or everyday decisions that impact your bottom line. Visit us at www.bcnservices.com or call us toll-free at 800-891-9911.

MarcusMerillat_6692
Marcus Merillat, IT Manager

Does texting belong in your workplace?

Chances are, technology and communication trends have advanced more swiftly than your company policies. Do your managers give work instruction to employees via text message? Are your employees reporting a work absence using text messaging? Is this communication happening on personal devices or work devices? Does it matter?

Our Human Resources Department has seen an increase in complaints from employees who are reporting bullying, sexually explicit photos, and racial slurs sent by text messages from co-workers or supervisors. Even more alarming is the group text, which may start out with work-related content and digress into a conversation that wouldn’t be, and shouldn’t be, spoken aloud in the workplace.

Set your policy and tell employees

First and foremost, employers should make their position on texting known. A company’s silence on the matter may be viewed as acceptance of this type of behavior. Even if your employee handbook states that employees are to call their supervisor if they will not be reporting to work, a practice of accepting text messages makes this your new, unwritten policy. (Anybody familiar with a “Code Red” from A Few Good Men where extrajudicial punishment was used causing a character in the movie to die)

At a minimum, your anti-harassment policy should be updated to include all forms of harassment and all forms of communication.

Text messages are documentation

Your supervisors and managers need to be aware that any text messages they send to employees can (and will) serve as documentation. Promises of money, work performance critiques and requests for dates verbalized in the past and viewed as passing comments are now documented and available to be produced on demand.

However, this street runs both ways. In the matter of U.S. District Court case of Enriquez v. U.S. Cellular Corp., an employee sued because her supervisor sent her inappropriate and, what she claimed were, offensive texts. However, evidence was presented that the employee had in turn sent the texts on to other employees indicating that she did not find them offensive. Judgement was found in favor of the employer in this case.

What about texts sent between members of your management team? Is there an expectation of a response whether or not it was sent during business hours? What about when that manager is on vacation or out sick?

Regardless of whether or not you decide to use texting as a part of your regular business communications, make sure your expectations are clearly understood by your employees. Our Human Resources professionals at BCN Services are available to discuss policy options and assist in updating your employee handbook and communicating with your employees. Contact us at 800-891-9911 anytime for assistance.

 

SueKester_6669

Sue Kester, HR Manager