Connect with us

Strategies

7 Steps to plan for re-opening your biz

The COVID-19 pandemic has presented new challenges and created questions about what life in your biz will look like going forward.

Published

on

Photo by @morningbrew from Unsplash.com

Many biz owners are asking the same questions: How do we effectively plan, communicate and execute new guidelines that follow health and government guidelines for all our establishments and employees when we are all experiencing different stages of this pandemic?

CRB USA shares its approaches to re-opening to help those looking for guidance during this time. The plan is outlined in a three-phased approach to cautiously enter the “new normal”.

  • The Restricted Phase is the most stringent as we re-learn the safe use of offices with physical distancing and new standards for cleanliness. Among other guidelines, conferencing rooms will not be available, no guests will be allowed, and masks will be required. The good news: this is expected to be the shortest phase.
  • The Controlled Phase brings back some office amenities and we potentially re-work seating plans to bring teams together, flexibly and safely. In time, clients may be allowed to visit the offices again. The duration of this phase is uncertain, and we are planning for it to extend at least through the end of 2020.
  • The Unrestricted Phase means that things are mostly getting back to normal. To enter this phase, it seems that guidance from the global healthcare community would be a prerequisite.

This guide is primarily focused on preparations for the first phase of re-entry, which we have identified as the “Restricted Phase.” Below you will find a step-by-step approach that serves as a guide to inform local leaders as they prepare for re-entering the workplace.

Step 1: Establish your team

Establish a re-entry task force. When establishing your team, considering creating a multi-disciplinary task force. Members could include architects, human resources, marketing, safety and management. This task force is responsible for developing the specific approach to re-entering the workplace and communicating it across the company.

Tip: Create a roles and responsibilities matrix. This matrix should identify members of your “workplace re-entry team” and outline individual responsibilities.

Photo by Dylan Gillis from Unsplash.com

Step 2: Check governmental guidance

Adhere to applicable governmental guidelines. These can be found at the federal, state, county, city, and metro level, and vary by location. These guidelines change frequently and are expected to do so as the coronavirus pandemic continues.

Tip: Assign an internal resource to keep an updated database with governmental guidelines for re- opening. When you are ready to begin preparing your office to enter the workplace, schedule a meeting to review the most current updates.

Step 3: Supervisor training 

A top priority during this pandemic is making employees feel comfortable as we begin to re-enter the workplace. This situation creates different personal challenges for employees. Effectively returning to the workplace requires strong leadership, collaboration and engagement from everyone. Use your in-house Human Resources Team to provide guidance and training for supervisors to follow as they support employees during the transition back to the office.

Tip: Create a roadmap with reminders, checklists and helpful tips for supervisors to print and keep at their desks.

Step 4: Set up your health station

Consider re-tooling your office reception areas as health stations. This is where employees check in and out, complete health checks, learn about using the office safely, and receive supplies. The use of a health station is a necessary upgrade to ensure offices can maintain safety controls and contact tracing.

Tip: Especially during their first days back, re-entering the office can be stressful for some employees. Having a clear process can help them build up their own comfort and sense of confidence.

Step 5: Plan your space

To use the existing layouts and furniture, occupancy reductions, circulation paths and assigned seating can be modified to accommodate physical distancing recommendations.

  • Occupancy Reductions: Gather information about current office capacities and reduce occupancy based on guidelines. Create capacity graphs to allow a quick side-by-side view of the current office capacity, in comparison to updated reduced occupancy per local guidelines.
  • Identify Circulation: Establish the direction of foot traffic and identify two-way vs. one-way circulation, mark circulation in a clockwise direction where possible.
  • Assign Workstations: Apply a checkerboard pattern to workstations and coordinate with supervisors to implement a shiftwork pattern to ensure physical distancing while employees are seated at their stations.
  • Apply Signage: Create signage and decals to indicate one-way circulation path, standing points for physical distancing and desk decals to reflect shiftwork.

Tip: Engage a consultant with space planners or architects on staff to help adjust current layouts to fit these new guidelines.

Photo by Bethany Legg from Unsplash.com

Step 6: Clean your space

With what we know about this virus, cleanliness needs to be top of mind for organizations during this process. While most organizations have cleaning services in place, we all now have an individual responsibility for keeping the office and community amenities clean.

  • Determine what surfaces are cleaned and how often
  • Establish a list of necessary cleaning supplies to meet the required level of cleaning in each office.
  • Setup cleaning substations
  • Maintain a cleaning log that is updated daily
  • Declutter by evaluating what items can be moved or removed completely to reduce frequent handling or contact.
  • Establish shared appliance allowances for this first phase and how to properly sanitize after each use.

Tip: Maintain a cleaning log daily to ensure all cleaning requirements are met.

Step 7: Coordinate with landlord

Many offices are located within a multi-tenant commercial office building. These professional environments include shared elevators and stairwells, gyms and cafés, other tenants, and building systems – all of which employees encounter through the course of a normal working day. Landlords and their property management teams are critical partners in maintaining safe, clean workplaces.

Tip: Issue a questionnaire to gather key information about each landlord’s response to the coronavirus pandemic. The questionnaire can cover topics such as: tenants and guests, people circulation, janitorial and maintenance, building systems, and emergency preparedness.

As plans commence for the return to normal, hopefully these processes will support others with business continuity and ensuring the safety of workers everywhere. General guidance abounds, but every office space is different. Get started by working through these steps to have solutions in place for your re-opening day.

CRB’s Re-Entry Task Force’s contributors: John Schwaller, Andi Feeley, Jay Marshall, Vince Corden, Steve Pianalto, Jesse Taborsky, Audra Augustin, Danielle David, Rebekah Hunter, Shoshana Marske, Pam Rezzelle, Patti St. Vincent, Marilou Wilson, Robert Brady, Karla Chiarelli, Jamie Nelson, Debra Reed, Tracy Stanfield, Viktoriya Lupareva, Lauren Candelora, Kelsey Monahan, Kevin Kuzma, Nicole Lane, Madi Olberding, Lindsay Kenney, David Keith, Chelsea Stramel 

Strategies

People willing to pay more for coffee that’s ethical and eco-friendly, meta-analysis finds

Overall, ecolabelling worked as intended: people were willing to pay for socially responsible coffee.

Published

on

Photo by Nathan Dumlao from Unsplash.com

Lesson for coffee biz…

Beyond how much cream and sugar to add to their morning brew, coffee lovers also face more serious decisions: one of those is whether or not to buy ecolabelled coffee, which advertises itself as more ethical and environmentally friendly. But whether customers are willing to pay the extra price for these perks remains an unanswered question.

In a study publishes in the journal Heliyon, researchers combined data from 22 studies to conclude that in general, people are willing to pay $1.36 more for a pound of coffee that’s produced in an eco-friendly way and are especially partial to coffee that’s labelled “Organic.”

“We hear in the media or sometimes read in the newspaper that there is an increasing number of ecolabelling logos in the market, and that these logos are sometimes related or even look alike. This may reduce consumers’ trust and willingness to pay over time,” says first author Nizam Abdu, a Ph.D. candidate and research assistant at the University of Tasmania in Australia. “However, our results show that coffee consumers in some selected countries are still willing to pay a positive and significant premium for ecolabelling.”

As many people’s go-to beverage, coffee’s enormous social, cultural, and economic influence makes it an ideal candidate for ecolabelling, a system that identifies and certifies certain products with ethical and environmental benefits. Common coffee ecolabels include Organic, Country of Origin Labelling (COOL), and Fairtrade (a certification that workers are given fair wages and safe working conditions) and aim to help consumers make informed choices on food safety, health, and environmental impact. However, it’s possible that having too many ecolabel options will instead confuse buyers, causing them to avoid buying ecolabelled coffee.

Many previous studies have tried to quantify the public’s opinion on different types of coffee ecolabelling. But the studies have varied dramatically in their estimates of how much consumers are willing to pay: some found that people are willing to pay more, while others suggest that people actually are less willing to pay for ecolabelling. As a result, it’s been challenging to present a standardized conclusion on the overall effectiveness of ecolabels.

Abdu and his co-author set out to address this gap. They combined data from 22 studies over the past fifteen years, forming an overall dataset of 97 observations across Europe, North America, Africa, and Asia. With their meta-analysis, they wanted to understand what factors give rise to the large range of price estimates and determine once and for all whether consumers are willing to pay more for coffee ecolabelling.

The researchers found that the variation in previous studies came down to a few factors: the region or country under study, surveying methods, types of ecolabels, and publication bias, the tendency for only studies with the desired outcome to be published. For example, there was a noticeable effect on the studies’ results when survey participants made yes/no choices about which coffee they’d buy versus when they were given trade-offs and budget constraints.

After taking these things into account, however, they found that overall, ecolabelling worked as intended: people were willing to pay for socially responsible coffee.

“In general, consumers are happy to pay a premium price of $1.36 for a pound of ecolabelled coffee. In particular, we clearly see that Organic is the most crucial coffee attribute,” says Abdu. The specific ecolabels of Fairtrade, COOL, and Organic all had values significantly larger than zero, but Organic ecolabelling had the highest value of the three – people were willing to pay an additional $1.14 per pound of coffee for just the Organic ecolabel.

That said, consumer attitudes still varied depending on factors like location. For instance, compared to other regions, people were less willing to pay more for ecolabelled coffee in North America, which may suggest that preference for such a labelling system varies across the regions. The researchers were also surprised to find that while people did care where their coffee came from, they didn’t necessarily prefer coffee that was produced near them. “I was expecting consumers would prefer locally produced coffee,” he says.

The authors say, however, that their finding still suggests a clear preference among consumers for certain types of ecolabelling. Abdu says, “Our findings are a good indicator that the policy of coffee ecolabelling is working in the global coffee market.”

Continue Reading

Strategies

10 Security misperceptions that need to be addressed immediately

The list is based on the experience of Sophos Rapid Response, a team of expert incident responders who deliver fast assistance in identifying and neutralizing active threats such as malware infections, compromised data, or unauthorized access, among others.

Published

on

Photo by Mimi Thian from Unsplash.com

With June marking National ICT Month in the Philippines and the Department of Information and Communications Technology (DICT) adopting the CHIP (Connect, Harness, Innovate, and Protect) framework for digital transformation and underscoring the value of protection,  Sophos compiled   a guide for Filipino businesses so they can avoid  today’s most commonly held security misperceptions.

The list is based on the experience of Sophos Rapid Response, a team of expert incident responders who deliver fast assistance in identifying and neutralizing active threats such as malware infections, compromised data, or unauthorized access, among others.

Misperception 1: We are not a target. We are too small or have no assets of value to an adversary 

Sophos Advice: Many cyberattack victims assume they are too small, in a sector of no interest, or lacking the kind of lucrative assets that would attract an adversary. The truth is, it doesn’t matter. If you have the processing power and a digital presence, you are a target. Despite the media headlines, most attacks are not perpetrated by advanced nation-state attackers. They are launched by opportunists looking for easy prey and low-hanging fruit, such as organizations with security gaps, errors, or misconfigurations that cybercriminals can easily exploit. 

Misperception 2: We don’t need advanced security technologies installed everywhere 

Sophos Advice: Some IT teams still believe that endpoint security software is enough to stop all threats or don’t need security for their servers. Attackers take full advantage of such assumptions. Any mistakes in configuration, patching, or protection make servers a primary target, not a secondary one, as might have been the case in the past.

Based on the incidents that Sophos Rapid Response has investigated, servers are now the number one target for attacks. Attackers can easily find a direct route using stolen access credentials.  Suppose your organization relies only on basic security without more advanced and integrated tools such as behavioral and AI-based detection and a 24/7 human-led security operations center. In that case, intruders will likely find their way past your defenses.

Misperception 3: We have robust security policies in place 

Sophos Advice:  Having security policies for applications and users is critical. However, they need  to be checked and updated constantly as new features and functionality are added to devices connected to the network. Verify and test policies using techniques such as penetration testing, tabletop exercises, and trial runs of disaster recovery plans. 

Misperception 4: Remote Desktop Protocol (RDP) servers can be protected from attackers by changing the ports they are on and introducing multi-factor authentication (MFA) 

Sophos Advice: The standard port used for RDP services is 3389, so most attackers will scan this port to find open remote access servers. However, the scanning will identify any available services, so changing ports offers little or no protection on its own. 

Further, while introducing multi-factor authentication is essential, it won’t enhance security unless all employees and devices enforce it. RDP activity should occur within the protective boundary of a virtual private network (VPN). Still, even that cannot fully protect an organization if the attackers already have a foothold in a network. Ideally, unless its use is essential, IT security should limit or disable RDP internally and externally.

Misperception 5: Blocking IP addresses from high-risk regions such as Russia, China, and North Korea protects us against attacks from those geographies 

Sophos Advice:  Blocking IPs from specific regions is unlikely to do any harm, but it could give a false sense of security if it’s the sole means of protection. Adversaries host their malicious infrastructure in many countries, with hotspots in the US, the Netherlands, and the rest of Europe. 

Misperception 6: Our backups provide immunity from the impact of ransomware 

Sophos Advice: Keeping up-to-date backups of documents is business-critical. However, if your backups are connected to the network, then they are within reach of attackers and vulnerable to being encrypted, deleted, or disabled in a ransomware attack. 

Storing backups in the cloud also needs to be done with care. The standard formula for secure backups to restore data and systems after a ransomware attack is 3:2:1. Three copies of everything, using two different systems, one of which is offline. 

Having offline backups in place won’t protect your information from extortion-based ransomware attacks, where the criminals steal and threaten to publish your data instead of or as well as encrypting it. 

Misperception 7: Our employees understand security 

Sophos Advice: According to the State of Ransomware 2021, 22% of organizations believe they’ll be hit by ransomware in the next 12 months because it’s hard to stop end users from compromising security. 

Social engineering tactics like phishing emails are becoming harder to spot. Messages are often hand-crafted, accurately written, persuasive, and carefully targeted. Your employees need to know how to spot suspicious messages and what to do when they receive one. Who do they notify so that other employees can be alerted? 

Misperception 8: Incident response teams can recover my data after a ransomware attack

Sophos Advice: This is very unlikely. Attackers today make far fewer mistakes, and the encryption process has improved, so relying on responders to find a loophole that can undo the damage is extremely rare. Automatic backups like Windows Volume Shadow Copies are also deleted by most modern ransomware and overwriting the original data stored on disk, making recovery impossible other than paying the ransom. 

Misperception 9: Paying the ransom will get our data back after a ransomware attack 

Sophos Advice: According to the State of Ransomware survey 2021, an organization that pays the ransom recovers on average around two-thirds (65%) of its data.  A mere 8% got back all of their data, and 29% recovered less than half. Paying the ransom even when it seems easier and covered by your cyber-insurance policy is therefore not a straightforward solution to getting your data back. 

Misperception 10: The release of ransomware is the whole attack – if we survive that we’re OK 

Sophos Advice: Unfortunately, this is rarely the case. Ransomware is just the point where the attackers want you to realize they are there and what they have done. 

The adversaries are likely to have been in your network for days if not weeks before releasing the ransomware, exploring, disabling, or deleting backups, finding the machines with high-value information or applications to target for encryption, removing information, and installing additional payloads such as backdoors. Maintaining a presence in the victim’s networks allows attackers to launch a second attack if they want to. 

Continue Reading

Strategies

Use rewards effectively to boost employee creativity

The choice of rewards fostered creativity by raising the employees’ belief in their ability to be creative. Alternative rewards also had a powerful impact on boosting the creativity of employees who earlier had scored high on an assessment of creative personality characteristics.

Published

on

Photo by Roberto Nickson from Pexels.com

To boost employees’ creativity, managers should consider offering a set of rewards for them to choose from, according to a new study by management experts at Rice University, Tulane University, the University of North Carolina at Greensboro and National Taiwan Normal University.

The study, co-authored by Jing Zhou, the Mary Gibbs Jones Professor of Management and Psychology at Rice’s Jones Graduate School of Business, is the first to systematically examine the effects of reward choice in a field experiment, which was conducted in the context of an organizationwide suggestion program. An advance copy of the paper is published online in the Journal of Applied Psychology.

“Organizations spend a lot of resources and exert a great deal of effort in designing incentive schemes that reward the employees who exhibit creativity at work,” Zhou said. “Our results showed that the effort may be a bit misplaced. Instead of discovering one reward type that is particularly effective at promoting creativity, what is more effective is to provide the employees with the opportunity to choose from several reward types, if they submit one or more ideas that are among the top 20% most creative ones.”

Workers in the study were given a range of options: a financial reward for the individual employee or their team, a self-discretionary reward such as getting priority to select days off, or a donation the company made to a charity selected by the employee. Those choices had positive, significant effects on the number of creative ideas employees generated and the creativity level of those ideas, Zhou and her co-authors found.

The researchers arrived at their findings by conducting a quasi-experiment at a company in Taiwan over the course of several months. Then they conducted a second experimental study that included employees from 12 organizations in Taiwan to replicate the first study’s results and compared the results with a control group.

The studies also found that rewards aimed at helping others, such as making a donation to a charity, might be especially powerful. But for less-creative employees, alternative rewards that benefit those in need might actually lower creativity and should be avoided, the authors said.

The researchers also found that the choice of rewards fostered creativity by raising the employees’ belief in their ability to be creative. Alternative rewards also had a powerful impact on boosting the creativity of employees who earlier had scored high on an assessment of creative personality characteristics.

Zhou co-authored the paper with Greg Oldham of Tulane, Aichia Chuang of the University of North Carolina at Greensboro and Ryan Shuwei Hsu of National Taiwan Normal University.

Continue Reading
Advertisement
Advertisement

Like us on Facebook

Trending