GM Plans to Launch Hands-Free Driving by 2016

Originally posted by  CNET on September 7, 2014.
General Motors has announced it plans to introduce Cadillac models in two years that incorporate hands-free driving and Wi-Fi-enabled vehicle-to-vehicle communications to exchange traffic information with similarly equipped vehicles. GM's "Super Cruise" semi-automated technology will automatically keep a vehicle in a specific, properly equipped freeway lane, making necessary steering and speed adjustments in bumper-to-bumper traffic or long highway trips.

"With Super Cruise, when there's a congestion alert on roads like California's Santa Monica Freeway, you can let the car take over and drive hands-free and feet-free through the worst stop and go traffic around," said Mary Barra, GM CEO. "And if the mood strikes you on the high-speed road from Barstow, California to Las Vegas, you can take a break from the wheel and pedals and let the car do the work."

However, unlike the driverless vehicle being tested by Google, GM's system will require drivers to remain attentive and ready to resume control of the vehicle.

To see the full article, go to: www.cnet.com/


Bluetooth Sensors Constantly Check Car Tire Pressure, Send Alerts

Originally posted by CNET, on September 11, 2014.
"Always check your tire pressure." It's something parents teach kids during early driving lessons, and it's something most kids quickly forget. Now, a new invention making a run on Indiegogo could play the role of a nervous parent for thousands of drivers out there by continuously monitoring tire pressure and relaying that information via Bluetooth to a smartphone or in-car receiver.

To use the system, drivers would unscrew the little black caps on their tires' fill valves and replace them with round Fobo ("For Our Better wOrld") tire sensors. Each sensor continuously monitors the pressure in its assigned tire, then uses Bluetooth to relay that information via smartphone app or to an in-car receiver. Because Bluetooth is a low-energy technology, the creators say the sensors will last about two years before the batteries need to be changed. Cost for the sensors will be around $90.

The creators are working on a lock nut that can only be removed with a special wrench that will help make the sensors as theft-proof as possible.

To see the full article, go to: www.cnet.com/


U.S. Dept. of Transportation Unveils New, Free, Online Search Tool for Recalls

U.S. Department of Transportation unveils new, free, online search tool for recalls using vehicle identification number.

Originally posted August 10, 2014 by U.S. Department of Transportation's National Highway Traffic Safety Administration.

Every year, millions of vehicles are recalled in the United States due to safety defects or noncompliance with federal safety standards. To help car buyers, owners and renters know that their vehicles are safe and their safety defects have been addressed, the U.S. Department of Transportation's National Highway Traffic Safety Administration (NHTSA) has unveiled a new, free, online search tool consumers can use to find out if a vehicle is directly impacted by a recall.

The new tool is available on www.safercar.gov/vinlookup and provides consumers with a quick and easy way to identify uncompleted recalls by entering their Vehicle Identification Number (VIN). All major light vehicle and motorcycle brands can be searched.

To see the full press release, go to:www.nhtsa.gov/


Knowing Your Cyber Risks

Originally posted October 20, 2014 on www. Travelers.com.

To better understand the unique risks facing companies today, Travelers recently launched the Travelers Business Risk Index, a survey of business leaders from organizations of all sizes and industries. With repeated news of data breaches arising in the media, it is no surprise that American businesses large and small agree that technology-related dangers are among their top risks.

The survey polled more than 1,100 business decision makers to better understand what they believe poses the gravest threat to their business. Many leaders reported the risks they identified as their biggest concerns are also the issues their businesses are least prepared to address.

In fact, more than half (53 percent) of business leaders cited computer, technology and data-related risks as a major concern, with a particular focus on computer viruses and hacking. The top four risks survey respondents reported keeping them up at night are:

  • Viruses infecting computer systems;
  •  Security breaches by a hacker
  • Unrecoverable loss of the stored data
  • Potential theft or loss of customer and client records.

With thoughtful planning, businesses can prepare for and often avoid these risks. Some quick and easy steps a business can take include:

  • Working with an independent agent to ensure all manageable exposures are covered.
  • Ensure that employees are exhibiting behaviors that limit cyber risks.
  • Utilizing resources such as Travelers.com/cyber to help understand and navigate the growing threat of cyber risks.

The amount of coverage a business or organization needs depends on its level of risk. Travelers understands the complexity of cyber threats and has solutions to help protect businesses of all sizes, across all industries. To learn more, talk to your independent agent or visit Travelers.com/cyber.


Survey Says ... HR Tech Spending on Rise

Originally posted October 9, 2014 by Kristen B. Frasch on www.hreonline.com.
Sierra-Cedar Vice President of Research and Analytics Stacey Harris says more than 50% of survey respondents reported that they will increase spending next year.
The Sierra-Cedar HR Systems Survey points to a stronger economy, including increased spending and cloud and mobile adoption continuing. A total of 1,063 organizations participated in the survey.
The survey also indicated continued increase in cloud core human resource management system deployments and plans for such deployments to overtake licensed, on-premise or hosted deployments by 2015.
To read the full article, click here.

The Interesting Balance Between Man & Machine

Is technology the American worker's friend or foe?

 
Turns out the answer is a bit of both and is pretty much under continuous debate. Some workers largely depend on technology to do their jobs, while others find themselves being replaced by it. And the tech sector is responsible for some of the country's most robust job creation (giving birth to entirely new job categories, in fact), while it's also responsible for the demise of certain types of work.

 
So, which side of the debate do most Americans favor? To find out, the Pew Research Center canvassed nearly 1,900 professionals from a variety of industries between November 2013 and January 2014. Overall, these respondents were surprisingly evenly divided: 52% responded that technology will not displace more jobs than it creates by 2025, and 48% held the opposite opinion.

 
A 2014 CareerBuilder national poll of nearly 2,200 hiring managers and HR professionals found that 68% of companies that have replaced workers with technology also said the adoption of this technology created new positions at their firms. More than a third said that they ended up creating more jobs than the company had prior to adopting the technology. Interestingly, 35% of companies that replaced workers with technology said they hired people back because the technology didn't work out.

 
These professionals also identified the functional areas most likely to be affected by the adoption of technology within the coming decade. They include (in descending order):

 
  1. Customer Service
     
  2. Information Technology
     
  3. Accounting/Finance
     
  4. Assembly/Production
     
  5. Shipping/Distribution
     
  6. Sales
     
One of the most recent -- and most trending -- tech stories is focused on "wearables," i.e., devices, accessories, clothing and jewelry that incorporate computer and advanced electronic technologies (smart watches, Google glasses, etc.). Naturally, this new technology development holds a host of as-yet unexplored implications for employers.

 
However, one company recently made news by taking a firm stand regarding wearable technology. USAA (a provider of home, life, and auto insurance) has issued a wearables ban in its workplace. According to a Forbes article published in June, USAA identified several potential risks posed by wearables, including employees inadvertently recording inappropriate audio or capturing sensitive images in the workplace, as well as infringing on the privacy of other employees.

 
If the past few years have shown us anything, it's that technology will continue radically altering our work and our workplaces. In other words, the sometimes uncomfortable but always interesting balance between man and machine goes on.

 

Hackers bypass online security at 34 banks

Originally posted July 23, 2014 7:40 a.m. ET on http://www.marketwatch.com

Cybercriminals are sneaking past security protections to access online accounts across 34 banks in Switzerland, Sweden, Austria and Japan. And in doing so, experts say, the hackers are defeating what’s often touted as one of the more effective online security protocols.

The attack can get past two-factor authentication, which requires customers to type in a code sent to their cellphone or inbox to ensure the user is who he or she claims to be, by convincing customers to download a malicious smartphone app, according to a report released Tuesday by the security firm Trend Micro. The researchers dubbed the technique “Emmental” — like the Swiss cheese — because they say it shows the security flaws in online banking. So far, funds “in the seven figures” have been taken from bank accounts, according to Trend Micro spokesman Thomas Moore.

In typical form, the attack begins with realistic-looking phishing emails that install malware to give hackers control. Then the malware deletes itself, leaving no traces, and users are redirected to malicious servers when using banking websites. The website asks users to log in, and then install a special mobile app to receive the security code to log on. Instead of fostering more secure transactions, the app intercepts customer data.

Two-factor authentication, hailed as an essential second gatepost for online accounts, can sometimes prove to be an empty promise. Experts have found that the text messages that banks send customers can be intercepted, or in other cases, the hackers can scrape peoples’ screens to know the answers to extra security questions. Last month, PayPal said it was working to fix a flaw in its two-step authentication that virtually made the extra layer useless.

“This is a threat that’s going to migrate west,” says Tom Kellermann, Trend Micro’s chief cybersecurity officer, adding that European banking security is more stringent and “if this attack code is viable against those institutions, then it will be even more prevalent here in the U.S.”

The researchers said they found Russian slang in the app’s code, including the phrase “Obnilim rid,” which translates to “set to zero.” They also found connections originating from Romania, according to the report.

“This shows technical sophistication on par with the intelligence community,” Kellermann says.


Hackers put a bull's-eye on small business

Originally posted August 12, 2013 by Robert Strohmeyer on http://www.pcworld.com

When Pamela (not her real name) sat down at her desk one recent weekday morning, online security was the furthest thing from her mind. Sure, she had a basic knowledge of common-sense security practices. She wasn’t the type to use insecure passwords or download dubious content from the Web. As chief financial officer for a small Chicago-based manufacturing company, she regarded her PC as a no-nonsense work tool. Still, somewhere along the way, a little snippet of malware slipped onto her PC, and it would soon threaten her company’s survival.

According to Brian Yelm, CEO of Chicago tech services provider Technologyville, Pamela’s malware did one nefariously simple thing: It caused her browser to redirect all bank URLs to a set of phony sites that looked just like their legitimate counterparts—a technique called phishing. When Pamela logged in to the look-alike site, a message prompted her to call customer service about a problem with her company’s account. She dialed the number on the screen, and after a few simple questions from the agent on the line, every single penny in her company’s account disappeared. More than $300,000, gone in minutes.

Pamela and the company were lucky. They immediately discovered the missing funds and pulled out all the stops to recover the money from their bank. And with Technologyville’s help, they traced the IP addresses and phone calls back to a hacker group in Eastern Europe. Justice was served. The money was recovered. Pamela’s company survived.

 

Not every company that gets hacked is so lucky. According to the National Cyber Security Alliance, one in five small businesses falls victim to cybercrime each year. And of those, some 60 percent go out of business within six months after an attack.

Now let’s pause for a moment, and restate that another way: You’ve got a 20 percent chance of being hacked, and if it happens there’s a good chance your business is finished.

Of course, not every small business is equally likely to fall prey to cybercrime. Attackers don’t generally discriminate by company type, valuation, or any other characteristic of the business itself. Instead, they look for one thing: vulnerability.

“Most small business owners still don’t get security, don’t think it’s an issue, and are pretty defenseless,” says Neal O’Farrell of Think Security First, a security consultancy based in Walnut Creek, California. “They assume hackers would need to pick their business out of 27 million others, not realizing that the attacks are automated and focused on discovering vulnerabilities.”

Smaller companies are increasingly attractive targets for attackers, too. Symantec’s latest annual Internet Security Threat Report found that companies with fewer than 250 employees constituted a staggering 31 percent of targeted attacks in 2012—a massive jump from 18 percent the year before.

Why the huge increase? Smaller companies are simply easy pickings, and they don’t fight back like bigger companies.

“Small businesses represent low risk and little chance of exposure for thieves,” says O’Farrell. “They typically lack the monitoring, forensics, logs, audits, reviews, penetration testing, and other security defenses and warning systems that would alert them to a breach.”

And just because a company is small, that doesn’t mean it can’t net huge payoffs for attackers. Often, a breach against a small fry can yield useful data for attackers seeking to target bigger fish. So a series of easy attacks against more-vulnerable small businesses can ultimately enable a hacker to orchestrate a much bigger attack elsewhere, while uncovering plenty of valuable spoils—ranging from employee data and cloud logins to customer data and banking credentials—from the smaller players along the way.

No experience required

Meanwhile, finding victims has gotten easier for criminals. “The tools used by hackers and cybercriminals have become cheap and easy to acquire,” says JD Sherry, vice president of technology and solutions at security software maker Trend Micro.

Worse still, these hacking tools have become so easy to use that one need not necessarily be a bona-fide hacker to use them. Instead, with minimal input from the user, a hacking app can initiate a series of scripts to probe many thousands of IP addresses across the Web, seeking out open ports on endpoint PCs; planting spyware or Trojan horse software on websites using widespread weaknesses in technologies such as Java and Flash; or firing off thousands of phishing emails with the aim of getting a few people to click through and receive a small nugget of malware that will leave their PC vulnerable to further attacks.

Yelm concurs: “You don’t have to be very smart to do this.”

But small-business owners do need to be smart, and that starts with understanding that the security landscape has changed. Small companies can no longer rely on security through obscurity, because automated hacking tools from all over the world are constantly scouring the Internet for vulnerable machines. Meanwhile, every company of any size now has an overwhelming abundance of connected devices and cloud-based services that present a feast of opportunity for attackers.

 

Unsecured mobile devices—especially Android phones and tablets—used as BYOD (Bring Your Own Device) business equipment make it all too easy for a cybercriminal to slip malware onto a device and collect usernames and passwords for social networks, business networks, and even banking systems. Once a cybercriminal gets a single sales rep’s CRM login, he can wreak havoc with customer accounts.

According to the Ponemon Institute, which tracks data surrounding digital privacy and security, recovering from an attack on a customer database can cost an average of $194 for every compromised customer record. Those are just remediation costs, and that number doesn’t account for additional costs due to reputation damage, lawsuits, and lost business. No wonder so many small companies go bankrupt after an attack. If the hackers don’t siphon hundreds of thousands from your account, you may have to pay it out anyway just to fix the problems they cause.

What you can do

Safeguarding your company against security threats doesn’t necessarily mean hiring a full-time IT security pro for your small business. There are four simple steps any small company can take to protect against cyberattacks.

1. Use protection on every device: Regardless of the platform, use secure passwords and encryption on every device that touches your business, from phones and tablets to laptops and desktops. If the device supports third-party anti-malware apps like those from McAfee, Symantec, or Trend Micro, install one.

2. Run business-grade unified malware protection: Consumer antivirus apps aren’t sufficient to secure a business’s tech infrastructure. Business-class security suites offer multidevice protection that includes ensuring that all devices get regular updates and security patches. This is key, since 90 percent of attacks exploit outdated software bugs on unpatched computers.

3. Train your staff (and yourself) to practice good digital hygiene: Don’t use the same password on multiple accounts. Don’t follow links in email. Learn to spot phishing threats. Make sure everyone on your staff knows this stuff, and remind them often.

4. Get a security audit and heed its findings: One of Technologyville’s clients learned this lesson the hard way last year when its financial services website fell prey to a teenage hacker who exploited open ports on the site’s server to take control of the company’s online presence. The security consultants had identified those threats in an audit for the company a year earlier, yet the company chose not to act until it was way too late.

The unfortunate truth about digital security is that protecting your business from online threats isn’t a one-time expense or a set-it-and-forget-it solution. It’s an ongoing process and a necessary part of running any business that relies on data and the Internet for its survival. Your website, your desktop and laptop computers, your mobile phones, and all the online services you use to manage every aspect of your business are all potential entry points for an attack. And if you don’t protect them, or if you put security on the back burner as a future project, your company may not survive to get a second chance.

 

 


Handling "Bye" With "BYOD"

Originally posted by United Benefits Advisors, LLC (UBA)

BYOD stands for bring-your-own-device and it's a concept that's gaining in popularity among most major companies, especially those that allow telecommuting. Most employer policies on BYOD cover productivity and ensuring the employees are using the right laptops, tablets, smart phones and relevant software to perform necessary tasks.

Understandably, these same employees will use their devices for personal use as well as business use. By doing this, the employee opens up the possibility that corporate data may be inadvertently shared, or worse -- hacked. By having a solid BYOD policy in place, employers can better protect themselves not only while an employee is with the company, but also once an employee leaves the company.

According to an article on Workforce.com, many companies have not thoroughly determined how to recapture company information once an employee walks out the door for good. If the technology isn't already in place, then the risk of the data being unrecoverable is fairly high. Even worse is if a former employee still has access to the company's intranet and abuses that access. Employers need to have policies and technology in place with BYOD employees and then regular audits to ensure that these policies are being enforced in order to keep data and network access secure.

Access to sensitive data can be restricted in many ways depending on the level of security a company wants, but one thing that should definitely be considered is technology that can remotely "wipe" this data instantly in real time. This technology could even be set up so that it's triggered automatically if a device is lost or stolen. However, while wiping can delete company data, it can also delete personal data. Legally and politically this is a delicate situation and the BYOD policy should explicitly state how that will happen. One way to keep company and personal data separate is by use of partitioned sections. That way, only data within that area is deleted.

There is definitely a balance between what data an employee can have on his or her device and what is considered off limits. A good BYOD policy that is strictly enforced will go a long way in ensuring that sensitive and valuable company information is kept as secure and protected as possible.


Mobile Device HR Apps

Source: United Benefit Advisors (UBA)

Most people today have at least one -- if not more -- mobile devices. Smartphones, full-size tablets, mini tablets, "phablets" (smartphones that are usually larger in size and can do more functions than a typical phone), hand-held computers, and wearable technology are fully integrated into most people's lives. Desktops and even laptops are considered relics nowadays by the up-and-coming college graduates.

This is why more and more employees are utilizing human resource applications (HR apps) as their preferred way of accessing information.

For example, they can view:

  • Pay stubs
  • Tax statements
  • Time off requests
  • Attendance and time on the clock
  • Benefit information
  • Retirement accounts

Companies and their HR departments should begin providing apps as a new channel to satisfy the next generation of this wirelessly connected workforce. In addition to how employees benefit from these HR apps, employers also benefit by providing the latest human resource information quickly, efficiently, at any time and from any place. Furthermore, mobile applications are an easily scalable platform for any size business.

In a SHRM: Society for Human Resource Management article, the ability of employers to meet the expectations of members of the behavioral demographic known as "#GenMobile," will determine whether they can obtain and retain top talent. After all, the perception among this demographic is that if a company is not adopting the latest technology, then they're behind the times and will consequently be surpassed by companies that are more technologically advanced.

The article also shed light on the evolution of HR communications from face-to-face, to kiosks, desktops, laptops, and now to mobile devices. No matter the role of the staff member, from white-collar employee to construction worker, that person no longer needs to be tethered to a physical location in order to get relevant HR information.