Kronovia

Most employers would agree that curiosity is a characteristic they value in their offices.

But let’s not forget what curiosity did to the proverbial cat.

Our late feline friend found out the hard way, but IT departments are, too. No one in the building sees the necessity of risk management APIs more clearly than IT.

 As personal devices, social media, outsourcing and cloud computing permeate the work atmosphere, IT knows just how lethal curiosity can be to a company’s corporate secrets, brand and reputation.

Here’s a jaw-dropping case in point:

Researchers from Carnegie Mellon recently conducted an experiment in which they scattered memory sticks on sidewalks and parking lots outside government offices, then waited to see what would happen.

Most of the workers who found the sticks must’ve had their share of curiosity, because an amazing 60 percent of the sticks ended up getting plugged into office computers, the Financial Times reports. If the sticks were marked “U.S. government”, however, the percentage was even higher — 90 percent.

So, while employers might assume staffers — however curious they might be — would have the training and judgment to know not to stick something they’d found on the street into their computers, management is apparently misjudging human nature.

Hackers seem to understand it a little better.

They know — as the scattered memory-stick experiment points out — that your technique doesn’t even need to be all that sophisticated. In fact, Carnegie Mellon says, some of the most unsophisticated attacks have resulted in the greatest amount of damage to businesses.

Sophisticated or not, the Poneman Institute LLC, a Michigan-based research organization, pegs the annual cost of cyber attacks to U.S. industries at $8.9 million.

That adds up to 8.9 million more reasons to contact us.

The cycle of social risk management includes four steps. This allows an organization to address any of the risks that may be faced in the future and how to properly respond.

Identify Risks

These risks can include anti-business campaigns to protect your organization to discredit or issues that may lead to flame wars on social media sites. This is a risk that can affect the reputation of a brand and needs to be quickly identified. This can be done by constant monitoring and by creating a crisis plan to put in place for a social media site.

Risk Assessment

Risks that have been identified then need to be assessed, evaluated and prioritized to determine if their potential impacts. This needs to be done before it begins to affect an organization. This will allow risks to be properly evaluated to determine their significance and to deploy the proper resources. Any of the risks can then be prioritized based on thelikelihood of their occurrence.

Mitigate and Manage

The controls for addressing identified risks need to be inventoried to ensure they can be deployed once there is a need. This can be done by developing new policies, technologies to use for compliance and a training program for employees. Proper training of employees allows the use of social media sites to be an asset for an organization. Your organization also needs to have a privacy policy in place and to have a proper use policy.

Monitoring and Evaluating

This is a technique used by organizations to keep current with changes that occur with social media. A regular review of the control process and identification of new social media risksis needed. This is the best way for an organization to stay current with their mitigation methods and to develop new types of control processes to counter these changes.

Additional Information

If you have any questions about the steps required for social risk management, then contact us for more more information.  

Automakers aren’t the only ones seeing an increased demand for hybrids — developers of compliance APIs are, too.

But the hybrids API developers are building don’t come with airbags or GPS.

It’s another effect of the cloud, industry experts say. As cloud services spread, more companies are asking their internal IT departments to incorporate external APIs.

It’s not just enterprise APIs and open APIs anymore, developers need to build in flexibility. They need to make sure their APIs are designed to fit into the larger scheme of their clients’ businesses, or they’ll be reworking things down the road.

“The core problem is that APIs are services, which are typically used in the context of a service-oriented architecture,” Blue Mountain Labs founder and CTO David Linthicum writes in a blogpost for InfoWorld.com.

“But SOA is not as cool as it was 10 years ago,” he adds. “To properly design services, you have to consider how resources should be used in service-oriented ways, including how well they work and play within infrastructure and application architecture.”

According to Linthicum, most APIs and public services are “too fine-grained” for larger structures.

Designers, then, have to shift gears and focus on being more precise about things like data, formatting — even time zones.

Whew. Maybe it’d be easier to build the kind of hybrids that come with tires.

It’s key shift, but it’s one that should benefit companies in the long run, giving them more control over their proprietary data and more security for their brands, reputations and compliance with regulations.

Contact us when you’re ready for a test drive.

Forbes issued a major new white paper about corporate risks: Aftershock: Adjusting to the New World of Risk Management recently and while it covers all of the risks that you might expect, it also covers some risks that are new on the scene

Because they are so new, the risks are less known, but it’s clear that social media compliance is now a regular part of the risk landscape.

In a post from another branch of Forbes, called, “Social Media Risk Is Like Wildfire. Where’s the Fire Engine?” the writers make it clear that social media is creating all kinds of risk, calling it the fourth-largest source of risk.

This puts social media on par with financial risk. Executives interviewed for the report indicated that the social media risk is rising, and they worry about cyber attacks, breaches of confidentiality, fast-spreading malicious rumors about the company, as well as financial disclosures. “Everybody is walking around with a smartphone, and things can be captured and digitized instantaneously. Once digitized, social media can spread information like wildfire,” says Rick Kulevich, senior director of ethics and compliance at CDW.

While the story and the white paper both have lots of stats about the level of the problem, it doesn’t present a lot of solutions. It says that about one in five of the organizations surveyed continuously monitor social media for issues, but it doesn’t have details about how they are doing that monitoring.

So the question remains: if this is a wildfire situation, where is the fire truck? One answer may be Kronovia, which is an API that developers can install in corporate systems that can add risk management controls that work in real time. If you’d like more information, please contact us.

Big Brother. These two words are enough to make many people very nervous about their information and privacy. But it doesn’t have to be the looming presence of the government that makes people unsettled, it can be corporations that millions if not billions of people use every day. Earlier this year, Google was sued by EPIC (Electronic Information Privacy Center) for upcoming changes to their privacy policy.  This is not the first time EPIC has sued either, and even if Google settles out of court or merely changes the privacy policy to appease EPIC, the costs in terms of re-editing and dealing with bad press could be very damaging to a company not as prolific as Google.

So how can regulated companies make absolute certain that their customers do not breach the myriad of laws about information and ethics? Policies are a good start, but you would be hard pressed to find a customer who can define SOX, HIPAA, FINRA, GLBA, SEC and others. A least a few of your employees may not even be able to tell you what those acronyms means. The next step might be to train them.  It’s only a few work days, that’s not so bad, right? But while that’s better than having to deal with a lawsuit, you have to train regularly to keep everyone up to date, and you have to train new customers too. Are you able to do this in house? Or do you have to pay an outside instructor? And even with updated training, there is no guarantee that one of your customers will forget or make one small tweet that someone find offensive or even controversial. The laws ar e complex, and sometimes open to interpretation depending on the customer.

Kronovia makes it easy to keep your company on the safe side with their risk management API. For regulated companies, this API can do all of the work for you. Easily downloaded, the risk management API controls what can be accessed and what secure systems a customer may prefer. This risk management API can prevent compliance and brand issues, stop social media accidents, and allow users to control content and relationship policies between companies. Best of all, most of the work is done behind the scenes, which means Kronovia will update itself regarding new policies, but the customers still have control. This isn’t information lockdown like 1984, it’s simple security that your customers can personalize and still allow you to protect them from themselves.

This is a perfect answer to those who worry about avoiding lawsuits. Contact us if you would like to get started before someone somewhere makes an innocent but costly mistake.

At times, technology’s evolution surpasses the users’ clear understanding of its lasting impact. Gone are the days when a comment or gesture might stop with the first person told. Social media does not work that way, rather it is infinite in its reach. Consequently, individuals and businesses must assure that what they send forth into the social media stream is worthy and wholly representative of the reputation they wish to achieve. Social risk management is the best line of defense to prevent your organization or your customers from eliciting the long-term negative attention that stems from spur-of-the-moment poor judgment.

Risk management practices are designed to control, transfer, or mitigate risk through a variety of means, although the crux of this process is focused on prevention. As a result, risk management works proactively by predicting possible problems, assessing their impacts, and planning mitigation should that issue arise. Advanced social risk management, however, notes that not every risk can possibly be foretold. Consider some of these recent cases that show precisely how unpredictable many of these risks can be:

1. The California Supreme Court has deemed it legal for your employer to read your texts sent on a company pager or phone.

2. TEKsystems, an IT staffing firm, sued an ex-employee because she violated the company’s non-compete provision when she solicited her former co-workers on LinkedIn.

3. Contrary to popular belief, online writers do not work under the same 1st Amendment umbrella of rights as journalists. “Thus citizen journalist, and entire organization, are exposed to lawsuits for defamation of character for posting derogatory information about anyone, anything, and everything.”

More cases like these are exposed each day, but it is not becoming any easier to decipher the law’s interpretation of each. Areas that currently garner the most concern fall around privacy, intellectual property, identity theft, defamation, and self-incrimination. In fact, legalities pertaining to social media’s implications to these very topics are being determined in court rooms all across the US today.

Do not leave your customers unprepared for such a catastrophic event. Please contact us today so that we may work with you to add safeguard for your enterprise clients.

Who would have imagined that social media could be such a double-edged sword for business? At its inception, business owners dreamt of the multi-faceted connections that such media would provide in their quest to better serve their clientele. No one had any idea that a storm was indeed brewing. It sadly did not take long for many ill-conceived, poorly thought antics to ensue. In order to stop stupid social communications, business leaders must help their employees better understand the alternative meanings of the word social.

If you look up social in the dictionary, you will find many definitions, with the most common being, “living together in communities.” If your employees stick to that meaning, then they can focus their efforts on the notion of association and belonging. Creating a community between your business and your customers will be nothing but beneficial to your sales because a mutual trust and respect will be nurtured. Your employees will make certain that all correspondence is professional and elevated, so your hard-earned reputation stays intact.

On the other hand, if your customers employees resort to the, dare I say, college days’ connotation of the word, then they might be marked with pictures of Ned kissing a mule or Sally cha-cha’ing on the table at the party. When many people are asked what social means to them, their first thoughts wander to friends and social gatherings, neither of which possesses the level of formality dictated by the professional setting.

A recent rash of poorly thought-out post topics have touched every industry known to mankind. Even education is not immune as teacher Stacey Snyder discovered when she lost her job after a “social” photo of her was posted to a Facebook account. According to the National Education Association, “Thanks to Facebook and MySpace, what used to be private is now very public. And that’s the problem, particularly for young teachers: Some seem oblivious to the devastating consequences of posting really stupid things in cyberspace.” Such scenarios are also found in the business world as such powerhouses as CNN, IBM, and Cisco Systems scramble to create social media policies after suffering similarly awkward posts by their employees.

In a CNN interview, Anthony DeRosa, social-media editor for Reuters news service, explains that “…it’s about striking a balance. He [DeRosa] works mainly with people who are, themselves, professional communicators, so he wants them to have fun and be themselves while using networking sites. At the same time, however, they must remember they represent the entire organization.” If your customers employees do not currently understand the dangers associated with social media, such embarrassments could be looming on the horizon.

Please contact us at Kronovia today so that we may help regulate the social media created in your application. Your company’s reputation may just depend it.

The social networking of the 21st century offers much opportunity to businesses of every genre. With such interconnectedness, however, comes greater responsibility. Technology evolves at such a quick pace that we do not always possess the ability to foresee all of its implications. As a result, problems must sometimes be combatted after the fact. In order to prevent businesses from falling prey to the very tools that best serve them, they must operate with a savvy comprehension of social media compliance. A lack of care for these guidelines could result in a company’s loss of revenue and public trust.

Today the financial, health care, and pharmaceutical industries are finding themselves under the most arduous scrutiny. According to the Securities Technology Monitor, of the 900 financial advisors surveyed, 51.4% of the individuals purported to employ social media for both personal and professional reasons. Alarmingly, however, only 11.7% of that same demographic said they operated with any expertise about social media compliance. The difference between these two percentages leaves a lot of room for human error that can cost businesses loss of revenue and public trust.

Kronovia offers businesses the protection they need when that expertise is missing from within their own organizations. Our compliance cloud centralizes control over content and relationships; securely utilizes the social CRM platform that the business prefers; breaks down compliance analytics by company, office, or user; and archives the media across all social CRM applications.

No matter the industry, businesses must focus on their specialties. Worry about social media compliance is a very scary and overwhelming concern for them that takes the focus off of their passion. Fortunately, social media compliance is our expertise at Kronovia. We take pride in alleviating the stress from businesses everywhere.

Please contact us at Kronovia to see just how easy social media compliance can become.

You start out thinking your social media compliance policy and some hands-on training will be enough.

You know your staff — they’re good people. Hard workers.

They mean well.

You circulate the policies and heads nod in affirmation. They all make sense, everyone agrees.

So why did Ted in sales save all those exchanges about the second-quarter numbers to Google Documents, where company secrets might become fodder for Facebook posts?

Well, he meant well …

Beeeeep.

You don’t have to be a shifty-eyed corporate spy to sell out your own company. Anybody can do it unintentionally in a thoughtless moment.

That’s why employers are increasingly relying on technology to seal up information that could aid competitors, betray patients, fuel lawsuits or at the very least embarrass everyone from the security guards to the CEO.

But social media compliance poses some extra twists — not the least of which includes social networking’s friendliness with personal mobile devices.

And that, in turn, has set off a rush to make mobile access secure.

Just recently, Integrating Healthcare Enterprise — which promotes access to electronic health records — rolled out proposed new guidelines keeping health data available via mobile, eweek.com reports.

The backbone of the plan? An API that limits access to authorized users, explains Jim St. Clair of the Health Information Management and Systems Society.

“While mobile devices are growing increasingly sophisticated,” St. Clair tells eweek.com, “they still have certain technical constraints in their ability to exchange information securely, yet as ‘richly’ as with larger systems.”

Whatever you’re trying to secure, you need to realize that policies alone aren’t enough.

Contact us if you’re ready for solutions that work.

Our home page illustration lists four abbreviations: SOX, HIPAA, FINRA and GLB.  So what’s with all those acronym-cum-abbreviations, and why do your clients need Kronovia’s compliance API? Why should you care? Read on…

SOX.  Named for the Sarbanes-Oxley Act of 2002, this federal law followed close on the heels of Enron and other corporate scandals which cost investors billions and harmed public confidence in our country’s securities markets. The act is all about corporate accountability and it puts company heads (CEOs and CFOs) in the center of the accountability target.

HIPAA – No, this abbreviation has nothing to do with Alcoholics Anonymous, but you could be driven to drink if one of your employees accidentally discloses private medical information in a Tweet.  HIPAA is all about health information privacy. It is a set of rules that arose from the 1996 Health Insurance Portability and Accountability Act.  Among other things, the act gives patients much more control over information in their health records and sets definite boundaries on how that information can be used and released.

FINRA – This stands for the Financial Industry Regulatory Authority, Inc. FINRA is a private corporation that is sometimes mistaken for part of the US Government. This agency is in charge of financial regulation and oversight for member brokerage firms and US stock exchange companies. It is subject to the regulations and controls of the Securities and Exchange Commission (SEC).

GLB – This is short for the Gramm-Leach-Billey Act of 1999. Rather than tightening regulations, it removed restrictions in the banking, securities and insurance market. When the act passed, commercial and investment banks, insurance companies and securities firms were allowed merge and consolidate. One important provision of this law is that US banking and financial institutions must both protect, and certify that they protect, confidential consumer records.

Let Kronovia’s Compliance API protect your customers.

The previous descriptions of the “alphabet soup” of laws that your clients need to be aware of touch only the basics. Rather than worrying about compliance and the need to keep up with new or ever changing regulations, download our API Datasheet from our main web page. See how we can take the guesswork out of protecting your customers in all kinds of regulated industries. To find out lots more about what we can also do to safeguard your clients from posting SPAM, Virus, phishing, pornography and other unflattering or illegal content thru your application, contact us.