Bullying is a threat to business. Part 2

Bullying – organized harassment of one or more employees, a distinctive feature of which is the presence of a pronounced leader. According to the latest research, there are no companies left in the modern world that are completely free from various forms of pressure.

In the previous article, we talked about the general statistics of “victims” of violence in the office. Today we will talk about the numbers: how much does bullying “cost” for the average organization?

Axiom: any harassment means a drop in productivity. For example, a victim who fights off attacks from colleagues spends at least 7 hours a week in vain. And this is without taking into account the general decrease in work efficiency, which leads to a constant stay in a stressful situation. Over the course of a year, including sick days (the frequency of which is inevitably increasing), and going on vacation, without which an exhausted employee simply can not do, the number of “underworked” hours can accumulate from 200 to 400.
It is extremely difficult to estimate how much time the “beaters” spend on merciless harassment, but it is obvious that part of the day paid for by the employer is also spent on such “entertainment”.

The damage in money amounts to about $ 8,800, per victim per year. This is the amount that the company simply spent on an employee who is unable to perform their duties due to bullying. Business owners should not forget about the collateral damage, such as: failed transactions, broken deadlines, and endless reworking of the same tasks. Such problems can at one time lead to losses of tens and hundreds of thousands of dollars.

Another problem is employee turnover. The victim, sooner or later, resiresignsm the company. And the memories of the employer will not be the rosiest. For the business owner, this will result in two difficulties. Firstly, we will have to urgently plug the holes, and search for and train a candidate for the vacant position. And, secondly, to correct the image in the information field. After all, the anger and resentment experienced during the period of humiliation will definitely spill out on the forums and in all sorts of “black lists”.

You can avoid losing valuable financial and human resources and avoid a number of problems by identifying “non-statutory” working relationships in a timely manner. Do not expect the employee to come and tell you everything. Walking around the office, confidentially looking into the eyes of the staff in the hope of hearing the truth about the team, is also not the best solution.
It is much more effective to use modern personnel monitoring systems. They will not take up too much time from the manager, dragging their heads into local scandals, intrigues and investigations. And they will quickly provide objective information that is not clouded by emotions and biased personal attitude.

The first stage of studying the situation in the team is the search for deviations and the analysis of behavior patterns. Sudden or gradual changes in the algorithms of personnel actions clearly indicate the presence of danger. It’s not necessarily about bullying. But if an employee suddenly starts to work worse, he is clearly affected by some external or internal factors. Don’t want to bring the situation to a crisis? Understand the root causes as soon as possible.

The second stage is a detailed study of possible risks. This will help the analysis of correspondence in mail and messengers. Hidden or pronounced hostility is a clear marker of the beginning of bullying. It is important not only to find the “leader-instigator”, but also his accomplices. To identify the bullying cell, “Connection Graph” will be suitable, which will quickly detect active communications between “aggressors” within the company.

The third stage is the study of the psychological state of the staff. Under pressure, any person falls into stress, which can be recorded by analyzing the keyboard handwriting. The threat is not only bullying: all reactive states are extremely dangerous, both for the health of employees and for the business as a whole. After all, they can lead to all sorts of emergencies.
A normal, healthy atmosphere is the key to effective work of the company. Unfortunately, the manager is not an all-seeing deity and cannot physically keep track of all the staff. The only way to avoid financial damage and a number of undesirable problems is to use modern tools for analyzing the actions of employees. Such digital systems, without significant material and time costs, will control all areas of employees ‘ life, identify a risk situation in a timely manner and nip it in the bud.

Effective remote work: a myth or an optimal solution to the personnel issue?

Who works more efficiently: remote employees or office staff? This difficult question excites the minds of bosses around the world. The company “Mirobase” does not stay away from the hot-button issues related to working productivity. After all, our mission is to help the business develop and reach new heights.

And while the work on studying statistics and actual data are in full swing, we decided to raise one of the philosophical questions: why is remote work the thing of the future, and what are the basic benefits that businesses will get by implementing this form of work?

The company needs to expand its competencies

Probably, somewhere there is a region that is lucky to be “average” in the best sense of the term. The cost of living in such a location is not too high, the prices for services are available, and the choice of specialists in the labor market is for every taste.

Unfortunately, such a place is utopian in its nature. After all, the same universities – which produce future employees, are concentrated in large cities. And in a megalopolis, life can not be cheap. If you play out the chain further, it turns out that professionalism is not only a diploma but also experience. Which can be obtained only by working in specialized organizations, and they also tend to migrate to large regional centers.

For the province, this means the following: there are practically no narrow-profile specialists because no one trains them. And if a provincial university provides a good starting base, thanks to which a potential candidate becomes a trainee, there is no guarantee that he will not wave goodbye and go to conquer the capital. At least because there are much more career prospects there.
Those who decided to stay have long felt like kings of local importance: after all, regional companies are fighting for them, offering salaries that will make the native of the capital city salivate. Business needs a pro, the choice is limited, and there are no other options.

In the capital, the situation is different. Candidates with different skill levels are a dime a dozen. But everyone wants a high salary that allows them to experience all the delights of life in the megalopolis. Of course, this is not a bad thing and we are not talking about working for food and slaps on the head. But is such work profitable for the employer company if the costs per employee exceed the theoretically possible profit?

Remote work removes all restrictions, opening up local personnel markets for enterprises located in any geographical point. A provincial business needs a specialist who can’t be found in the home region? It doesn’t matter – you can “headhunt” the cadre personnel from the neighbors.

Remote work erases boundaries, allowing you to solve current business problems as profitably and efficiently as possible by hiring staff with the right competencies and realistic requests. At the same time, employees themselves respond with great enthusiasm to such offers, since they exceed their expectations formed by the labor market of their hometown or country.

Social responsibility of the brand

As soon as the business grows to medium or large, and turns into a brand, the question of social responsibility arises. After all, if certain actions help not only earn money, but also solve a number of social problems – the company will benefit and promote a positive image.

Today, issues of equality are more relevant than ever. With the development of high-speed Internet and technology, people with disabilities have a chance for a successful career and professional development. For business, this is an opportunity to get a highly motivated employee into the team with minimal risks.

Another category of potential candidates that should not be overlooked is women who have chosen motherhood. Let’s not be deceitful: at many interviews, representatives of the fair sex, who are not married or have children, are refused. Employers are afraid that such employees will quickly get married and run away to the decree, and these are the expenditures for training, plus a new search for a candidate for a temporarily vacant position. Or they are afraid of employee absenteeism, because small children are unpredictable and require attention. One research suggested that 56% of women in the high-tech industry were forced to quit in the middle of their career development. And 51% of working mothers claimed that it was difficult for them to move up the corporate ladder because of having a child.

An adequate solution to the problem is a flexible schedule and the ability to work remotely. By planning her day so that the children are happy and the work is done, the employee will be able to realize herself as a mother, develop professionally and career wise, as well as bring profit to the company, without the harm of the task performance quality.

How the bad apple doesn’t spoil the whole barrel

All of the above makes no sense if the remote staff “relaxes” in the atmosphere of home comfort and ceases to perform tasks in a timely and high-quality manner. And such employees are about 30%. In the office, even if the chief is absent, you will not spoil much: colleagues who diligently perform tasks and achieve high KPIs are not only a silent reproach, but also competitors to the lazy person. But at home, in the atmosphere of pillows, a blanket and a cup of tea, the stopcock does not work and the employee decides that everything is possible.
The only effective solution to the problem is monitoring and controlling remote personnel. At the same time, one of the main tools is time tracking, which allows you to estimate the amount of real time worked.

After overcoming endless breaks, and coping with the factors that distract the attention of the staff, it is worth paying attention to the issue of efficiency.
The analysis of the work models of the most productive “remote workers” will allow you to form job descriptions and recommendations that significantly increase labor productivity. This means that while reducing the cost of equipment and office space, the business will be able to significantly increase its profitability by forming a professional, highly motivated team.

Mythbusters in HR: how not to fire a “star”. Part 2

It is difficult to imagine a human resources management system without a human resources manager. Competent HR is not only a “nanny” for employees but also a loyal assistant to the head. The fate of personnel, line managers, and even entire departments often depends on his words and advice.

But what if the HR manager is wrong? What if HR went to the “dark side of the force” and turned into a gray cardinal: he began to lobby for the interests of some employees and “betray” others in favor of his personal desires?

In the previous article, we told which categories of employees HR managers want to get rid of and how to check the objectivity of such decisions. This material will complete the topic.

Liars and gossips

Liars and gossips are the quintessence of harm to the company. Firstly, distorting the facts and trying to avoid responsibility causes a significant blow to the efficiency of the business. And, secondly, the spread of false information destroys the normal working atmosphere in the team.

But, before you cut all the staff that fell into this category at one fell swoop, it is necessary to make sure that the unflattering characteristics are true.

The easiest way is to analyze employee communications. Distortion of information and distortion of facts is very easy to find by studying the correspondence of the staff.
Monitoring communication in popular messengers, such as Skype, will help to detect gossip. Usually, it is difficult for them to keep the “latest news” to themselves for a long time and they need to “share the secret” with the widest possible audience as soon as possible.

If the accusations are confirmed and the liar-gossip is found, it is worth going further and studying the circle of his contacts in the company. People who are prone to this behavior prefer to gather in small flocks, and the most effective solution for the head is to say goodbye to the entire group as a whole.

Bored loafers

Perhaps this is the simplest and, at the same time, the most complex group.

It is extremely easy to detect loafers. It is enough to monitor the activity of the staff and analyze how much of the time is spent on fulfilling work needs, and how much is spent on counterproductive activity.

But, if the company has not yet implemented a personnel control system and does not analyze the time management of employees, you should be ready for the fact that it is the accusations of laziness and inefficiency that will become an occasion that will help get rid of the unwanted.

Most often, such incidents occur during the “war for the chair”, of which HR also becomes a part due to a misunderstanding or as a result of collusion. There are two most common patterns of action.

The first is that an employee with higher motivation, professional knowledge and leadership qualities appears in the department. Naturally, sooner or later, he will become a threat to his immediate supervisor. To keep a warm chair, it is important for the head of the department to sabotage the work of a subordinate: to make him guilty of all failures and miscalculations. Such plan is very vulnerable, because the truth can come out. The support of the HR manager will strengthen the position: in addition to the reports of the conspiratorial head, the HR’s characteristics appear in the case. As a result, a TOP manager or business owner will receive a low assessment of the professional skills and personal qualities of the employee who is trying to survive. And this is at least two negative reviews against the words of one employee. The situation is likely to end with the dismissal of a promising specialist.

Biometric identification: an easy way to forget about passwords

Trust is an important aspect of a relationship. Communication within the company, the exchange of information with customers and partners, any business interactions involving two or more individuals, in one way or another, are based on the trust of the participants in the process to each other.

If we are talking about the “consumer-company” relationship, then not only the cost of the product or service, but also the reviews about the company play a key role in the client’s behavior model. The abundance of negative comments in the Internet is a bell which signals that it is better to look for another place to make a purchase.

Inside the business, the scheme works the same way. A request to pay a bill from an unknown person, who was hired only yesterday, is perceived as a risky operation that requires additional validation – confirmation of the leader. At the same time, the exact same request from a colleague from a neighboring department, with whom more than one cup of coffee was drunk – a self-evident task that does not cause suspicion.

The study of basic behaviors is at the heart of social engineering: why ram thousands of dollars on equipment and attract high-quality technical specialists in hacking, if it is possible to put pressure on the most vulnerable link of the security perimeter – on a person.

Phishing and other popular methods of data theft necessarily involve the use of disguises that inspire confidence in the victim, because it is the easiest way to force an employee to make a transaction or send confidential information pretending to be his head, colleague or representative of regulatory authorities. Of course, it is possible to create a virtual identity that suits better the situation. But this method does not guarantee success: an attentive employee can expose the substitution.

To help the attackers who are concerned with the “correct” disguise, the darknet is always ready to come to the rescue: you can buy stolen accounts in it for a mere penny. According to statistics, only in 2017, more than 16.7 million usernames and passwords were stolen in the United States, which were later put up for sale on hacker forums. If you extrapolate the statistics to the whole world, the disaster will amaze with its scale.

Of course, the darknet is not a panacea, because the necessary disguise may not be there. Therefore, multi-pass operations come to the rescue. During the first phase, the attackers need to steal the personal or work account of someone from the company’s staff. In the second stage, the disguise will help convince the victim of the legitimacy of the social engineer’s requests.
Every year, the effectiveness of such schemes is steadily increasing. For example, in 2018, the number of illegal financial transactions carried out thanks to stolen digital accounts increased by 55%!

The reason for the growth of cybercrime is the weak protection of accounts, because simple usernames and passwords are not enough barriers for attackers. Modern hacking tools and proven social engineering schemes make it easy to bypass authorization forms and steal a “digital identity”.

Large foreign companies and experts in the field of information security have come to the conclusion that the only effective tool to reduce risks is authorization by biometric parameters.
Bright examples of such technologies, which have already become widespread, are right next to you, just remember the AppleID face recognition system or the Amazon Echo voice. And additional biometric authentication of personnel is already being implemented everywhere in international corporations, banks and large production facilities. Such innovations allow to solve a whole range of security service tasks.

Employees no longer need to remember long passwords and, moreover, write them down on a piece of paper glued to the monitor. Face recognition authorization will prevent illegal access to the work machine, even if the access codes were stolen.

If the enemy is inside the company, systems similar to FaceID will not let the insider go beyond the operating system loading screen, and the Security Service representative will be able to record an attempt to access the data and conduct an investigation.

Today, access codes consisting of symbols are gradually turning into a vestige of a past era. They are too easy to steal, which means that they do not protect valuable information, but only create the illusion of security. Following the trends, modern security systems are abandoning the remnants of the past, gradually switching to more reliable methods of authentication using biometric parameters. The simplest and the most reliable is face recognition. Web cameras are available on almost all office computers, so setting up and implementing software systems that distinguish one employee from another will not require additional financial investments or excessive labor.

Biometric authentication software modules are a logical step in the evolution of security systems. Identification of users’ faces not only increases the reliability of protection, but also helps to solve a number of business problems. For example, to control the implementation of the “four eyes principle”, to determine the author of the document, or to control the atmosphere in the team. Analyzing the facial expressions of the staff, which the systems are gradually learning, will help you understand how satisfied the team is with the current tasks and working conditions. But the quality and efficiency of work largely depend on interpersonal relationships in the office.

Information security: basic principles of risk management in small and medium-sized businesses

Many chiefs believe that medium and small businesses are well protected from data leaks. What kind of attacker would like to spend money and effort on a company of 50 people? And in a company with 10 employees, there will definitely not be an insider: after all, everyone is under the supervision of the boss.

This view is fundamentally wrong. The statistics are stubborn: 43% of cyberattacks target small firms. And 60% of small and medium-sized businesses that were “lucky” to encounter a data leak were closed six months after the incident.

Risk management will help you cope with the challenges of the modern digital age. Predictively identifying “bottlenecks”, the chief will protect the company as much as possible and, at the same time, not only avoid possible losses from leakage, but also be able to save money by implementing exactly the protection tools that are necessary for specific business conditions.
The basic plan to minimize risks is simple, and consists of only 3 points.

1. Identity management: managing information about users and processes of corporate networks

The main task of the chief is to segment the information by the degree of importance and restrict access to it. It sounds very simple: gave the employees a complex username and password, hid the databases from public use, and the rule was fulfilled. In real life, this approach is more harmful than helpful.

It would be better to start with an analysis of business processes, which will help to understand exactly what information is most valuable, who among the staff should access it as part of their job responsibilities, and what will happen if the procedure becomes much more complicated. Mindless bans will slow down the work of employees, reduce efficiency, and provoke violations. For example, one of the managers will start “sharing” their access codes, only because the endless matching of requests to the database of customers or suppliers can lead to the failure of transactions due to inadequate deadlines for processing applications.

Putting efficiency at the forefront, and setting bans on mass access to sensitive data based on current operational processes, the chief will significantly increase the level of information security without reducing labor productivity.

In addition, as part of the measures to delimit access, you can always use the “cheat code” – biometric identification systems. For example, authentication using face recognition systems is much more reliable than using multi-digit usernames and passwords that employees stick to the monitor or store in files on the desktop. The authorization process itself, in the presence of such systems, is significantly simplified and accelerated, since you no longer need to remember complex combinations and type them on the keyboard. But time is money.

2. Management of backups and updates

“Holes” in outdated software, critical incompatibility of old and new applications — the basis of most leaks.

A key factor in reducing risks is timely software updates. And it’s not just about security systems, you need to keep track of the latest updates of all sorts of “office” programs.

In companies, it is not uncommon for the security system to control a new version of accepted software, and employees still use the old one. This approach is a direct invitation for hackers.
The rule works the other way around: if the manufacturer has released a fresh security system integration, which takes into account the features of the latest versions of “office” programs, and the company holds off to update its “shield”, you should be prepared for the fact that some of the options of the new software will be out of control.

And, of course, do not forget about regular backups: if an emergency still occurred, the information will have to be restored. The absence of a backup can deprive a business of a place in the market in one second.

3. Monitoring

The more elements that are monitored – the less risk there is. Monitoring of installed programs and hardware in the PC will help to detect infection with viruses and miners, to conduct an inventory of “software” and its versions, to prevent the theft of “hardware” – discrete video cards,” slats ” of the core memory and hard drives. Tracking the geolocation of laptops will allow you to catch a thief and prevent the “leak” of information to third parties.

And, of course, the main task is to monitor the most vulnerable link of any business – personnel. The control of the “human factor” is a key element of modern risk management. Banal errors, such as sending data “in the wrong window”, saving working information to a flash drive or sending data to a personal email-a potential source of serious problems and losses. Special attention should be paid to insiders, who can appear even in a company consisting of 3 people . Their malicious actions always lead to serious financial damage, up to bankruptcy.

Using the principles of risk management and following simple rules, the business owner will not only significantly increase the level of information security and avoid a number of emergencies, but also save money by implementing only the most effective and necessary security systems.