Archive for Secrets to improving an I.T. Services Practice

5 Tips To Prevent Insider Security Threats – MSPU Review

 

Insider Security Threats

As a Trusted Advisor and Business it is your responsibility to be aware of new security threats to ensure your clients remain protected at all times. And I’m not talking about electronic security threats – this is about human beings. One bad employee can ruin your company’s good reputation.  There are simply some things a computer cannot do, including judging an individual based on the information provided.  Here are five tips to help you avoid insider security threats.

1. Background checks and employee pre-screening – The first and most obvious way to avoid hiring a person whose ethics may be questionable is by investing the time, energy and money in full background checks as well as other forms of employee pre-screening. Each potential employee should be vetted according to the position they are applying for within the company. Positions which carry larger responsibilities as well as exposure to sensitive information should require a more in-depth background check. Employees should understand that they have to pass a background check in order to be awarded the position – and keep it in the future. Background checks should include, but not limited to financial and criminal history.

2. Initial and periodic drug screening – You certainly don’t want to hire an employee that fails a drug test – and periodic screening of all staff can identify potential issues before they become problems.

3. DISC and PIAV behavioral profiling – I remember clearly how hit-and-miss our success at hiring the right staff used to be before we discovered the value of utilizing DISC behavioral profiling in our hiring process. Based upon the groundbreaking work of William Moulton Marston Ph.D. (1893 – 1947) in the (then) emerging field of psychology, DISC measures four dimensions of normal human behavior:

 

    1. Dominance – relating to control, power and assertiveness (how we respond to problems or challenges)
    2. Influence – relating to social situations and communication (how we influence others to our point of view)
    3. Steadiness (submission in Marston’s time) – relating to patience, persistence, and thoughtfulness (how we respond to the pace of our environment)
    4. Conscientiousness (or caution, compliance in Marston’s time) – relating to structure and organization (how we respond to rules and procedures set by others)

We have not only been able to significantly improve our success rate at hiring the right staff since implementing DISC behavioral profiling, but we have used DISC profiles to help in team-building efforts.
The Personal Interests, Attitudes and Values Profile (PIAV) shows why a person works. It describes the traits that drive a person to work; that motivate action or create resistance.

The PIAV Profile ranks a person’s attitudes based on the following six core motivators, which reflect a person’s primary interests:

 

  1. Theoretical–Truth, knowledge, objectivity.
  2. Utilitarian–What is useful, what will work, what will make money.
  3. Aesthetic–Expression, experience, harmony, beauty.
  4. Social–People, relationships, nurturing.
  5. Individualistic–Advancement, getting to the top, assertion of self.
  6. Traditional–Finding the highest values in life, living according to an unquestioned set of rules.

 

A person’s attitudes play a major role in motivation. The PIAV profile describes the major categories of motivation in terms of interests, attitudes and values. The insights gained through the PIAV profile show us why people are moved to work hard, or not, on the job. Understanding these motivators helps managers handle employees in a more productive manner in order to get the best possible work out of them.
~
Integrating DISC and PIAV behavioral profiles into your hiring process will provide you a with insightful information to insure you not only get the right people on the bus, but also in the right seats on the bus – to borrow a phrase from Jim Collins. Visit MSP University to find out how to get a complimentary DISC behavioral profile for yourself.

4. 2-Factor Authentication Tokens – Implement a 2-Factor Authentication solution for all staff requiring access to sensitive internal, as well as client network and data access. Assigning tokens to your staff that support this functionality allows you to avoid providing them the administrator passwords of any devices and services supporting this ability (most newer devices and operating systems do). Review Scorpion Software for more information.

 

5. Make these actions a part of the company policy –  Running background checks, drug screens, behavioral profiling and requiring secure authentication for potential new hires and existing staff is not the beginning and end of your responsibility as an employer.  It is imperative that your company have a detailed policy which explains the rights and responsibilities of your organization as well as those of each employee. There should be no grey area as to what information is off limits or highly sensitive.  The policy should also list what the repercussions are of crossing these boundaries.  Security must be a part of the culture of the company.

Train managers to spot risky behavior-  Managers must be in tune with the staff in order to spot changes in behavior that might indicate a security risk.  While it is important for managers and employees to have an open and hopefully friendly relationship, close personal relationships should be avoided.  Small companies have the advantage of fewer employees, yet any size company must make it a point to pay attention to changes in the behavior of their workers. Recognizing personal, financial and emotional problems in employees may be the best way to address and eliminate a security risk before it becomes a major problem.

 

Technology improves each day and in many cases makes our lives much easier; however at the end of the day, the human factor remains the one thing that technology cannot control.  Therefore it is up to the owners and management team to create an atmosphere which stresses the need for security and the consequences should employees fail to meet that requirement.  It is also important to remember not to treat your employees in such a negatively security-conscious manner that it creates disgruntled and unsatisfied employees who then become the very thing you are trying to avoid – an insider security threat.

A happy workplace with specifically documented policies messaged consistently will create happy employees and happy employees are less likely to risk their job and their freedom with risky behavior.

Erick Simpson
MSP University
Subscribe to my blog here
Subscribe to our Newsletter here
LinkedInIconFacebookIcon TwitterIcon

Join MSP University FREE for all things 
Managed Services

Posted in: General Business, MSPU Review, Secrets to improving an I.T. Services Practice, Security

Leave a Comment (0) →

MSPU The August 2009 MSP University Boot Camp is in the Books – Review!

Group Pic Wave with Border

More Pictures Here

Held in Orange County, CA on August 12th-14th 2009, our most recent MSP University Boot Camp hosted over 100 solution providers and nearly 30 of our sponsors’ staff members.

These 3-day events keep getting better and better, providing direct, actionable training and tools to help our attendees implement business improvement and transformation strategies the moment they return to their organizations.

We’ve expanded our Boot Camps to deliver 3 valuable tracks:

  1. CEO Operations
  2. Sales 101
  3. Service Delivery

We kicked off Day 1 with CEO Operations covering critical topics for Business Owner/CEOs such as:

  • Structuring Your Organization for Successful Growth
  • Key Performance Indicators and Fundamental Profitability Benchmarking with Paul Dippell of Service Leadership

  • DISC, PTSI and SSI Behavioral Profiles for Hiring Right the First Time

  • Hiring Sales and Technical Staff for Managed Services Sales and Delivery Success

  • Identifying Critical Staff Roles and Creating Win-Win Compensation Plans

  • IT Sales Engineering and Project Management Best Practices

While these sessions were in full force, attendees to our Sales 101 track were instructed in The Proper Attitude for Sales Success, Secrets to Effective Telemarketing and Appointment-Setting, Prospecting and Preparation, Warm-up and Qualifying, and began an intensive role-playing schedule that would continue for the duration of the Boot Camp. Sales 101 attendees role-played the 7-Step Sales Process delivered over 3 appointments to close IT Solutions and Managed Services business.

Watch an example role-play here

We rounded out the first day of Boot Camp with an incredible presentation from Paul Dippell of Service Leadership and Keynotes from our Platinum Sponsors, ConnectWise and ARRC Technology / Chartec, then it was time for the ConnectWise-hosted Cocktail Reception and homework to prepare for the next day.

Day 2 of our Boot Camp kicked off our Service Delivery track, which ran concurrently with our CEO Operations and Sales 101 tracks for the balance of our Boot Camp. This track delivered valuable sessions to improve efficiencies, cut costs and increase bottom-line revenues in our attendees’ service delivery units. Topics included NOC Operations Best Practices, Service Desk Best Practices, Incident Management Best Practices, Service Dispatch Best Practices, Onsite Service Delivery Best Practices and Running Your IT Service Delivery Business by the Numbers.

View a complete agenda of our August Boot Camp here

On behalf of all of us at MSP University, I’d like to take a moment to thank all of our Sponsors:

Platinum Sponsors:

ConnectWise www.connectwise.com
ARRC Technology / Chartec www.chartec.net

Gold Sponsors:

eFolder, Inc. www.eFoldering.com
Own Web Now Corp. www.ownwebnow.com
Tigerpaw Software www.tigerpawsoftware.com
Xerox www.office.xerox.com
Service Leadership, Inc. www.service-leadership.com

SilverSponsors:

Asigra www.recoveryourcool.com
MANAGEtoWIN www.managetowin.com/mspu

Bronze Sponsors:

bitRail www.bitrailnet/mspu.php
Cornerstone Backup www.cornerstonebackup.com
Kaseya www.kaseya.com
Synergy Global Solutions www.synergy.gs

Sponsors               

Our next MSP University Boot Camp is scheduled for October 21st-23rd, 2009 in Dallas, TX. For information on how you can attend absolutely FREE, visit www.mspu.us.

Attend MSP University’s next Boot Camp for FREE!

Erick Simpson
MSP University
Subscribe to my blog here
Subscribe to our Newsletter here
LinkedInIcon FacebookIcon TwitterIcon

Join MSP University FREE for all things 
Managed Services

Posted in: Boot Camps, Events, General Business, Sales, Sales & Marketing, Secrets to improving an I.T. Services Practice, Service Delivery

Leave a Comment (0) →
Page 73 of 77 «...5060707172737475...»