Sep 29, 2011

The Amazing Race: Confucius Meets Twitter

The Amazing Race came back with yet another exciting season premier this weekend.  From the start we saw a lack of preparation by ‘the showgirls’ that almost landed them a trophy for the shortest lived contestants on The Amazing Race.  It all started when Kaylani didn’t secure her passport, dropping it at a gas station less than an hour after the race began.  Luckily, a passerby Tweeted that he had found a passport belonging to an Amazing Race contestant and got convinced by his followers to hand deliver it to LAX.  Strangely, this was a harbinger of the upcoming challenge in which contestants played a game of ‘telephone’ at the Taipei Confucius Temple where they had to listen to a recorded saying by Confucius and then repeat it precisely for their next clue.

Confucius said, “In all things success depends on previous preparation.  And without such previous preparation, there is sure to be failure.”

Even though Confucius spoke nearly 2,500 years ago, his words are as applicable in this digital century as they were when he first spoke them.

In this week’s episode, we saw firsthand what can happen if a team fails to prepare.  But for the kindness of strangers connected to Twitter, Kaylani and Lisa would have been sure to fail.  And therein lies the amazing facets we find in the season premier of The Amazing Race.  Every aspect of our life is interconnected through and into the digital world.  Every step we take online has some type of impact on our footprints in the real world.  With each step we must ask ourselves, “Are we preparing for future success when acting in the present moment?”

When you post a photo on Facebook, can it affect how a future employer might perceive you to be resulting in a lost job opportunity?  When you get a security update, do you hit Remind Me Later, leaving all your personal bank information at the mercy of a hacker?  When you sign into Facebook, Twitter, or Gmail, do you use the same password, setting yourself up for a major phishing attack?  When you register for a new site, do you skip the privacy set-up process, letting others you would never share with see all your personal thoughts.  When you store your private photos, do you put them in a folder clearly marked private, making them highly visible and desirable for others to open?

Every act we take online impacts our safety, security, and privacy.   Take a moment to consider how your actions today will impact your future success.  This was true when Confucius lived in a world without an Internet just as much as it is true today in a world than can’t survive without an Internet.

For more information about online safety, check back here every week or visit my website.

Sep 27, 2011

Don’t Remind Me Later

Imagine a bunch of scammers and hackers sitting around in a dark room together. They’ve just created brand new viruses that will invade your life by invading your computer to steal your banking information, take all your passwords, send threatening emails to all your friends, make all your personal photos public, and….. And, they’ve devised a simple and yet genius way to get it into your laptop or smartphone that’s always connected to the Internet using some of the hundreds of software pieces that run on your computer.

Amazingly, software providers have also just figured out a way to block these viruses. But the only way this will work is if you update your laptop or smartphone with the latest security updates they have just sent you. And out of sheer courtesy, they are asking you if you want to update now or “Remind Me Later.”

What are you going to do? What do you do nearly every time you see that nice “Remind Me Later” button looking so sweetly at you while you’re busy updating your Facebook or sending an IM or working on a work email? We all do it. We all tell our friends who are trying to protect us to come back another time. You’re OK leaving all the doors and windows wide open for the bad guys to break into your life. You’re OK with giving your life away to some stranger in a dark room on the other side of the world.

This scenario might sound dramatic, but, it’s really not. The “Remind Me Later” button is not your friend. In fact, it is probably the most dangerous ‘button’ you can push.

Let’s put this in perspective. If robbers had figured out how to turn off your home alarms or break into your house, would you fix it right away or put a note in your calendar to “Remind Me Later?” Similarly, we don’t ask someone to remind us to lock our car later if we know we have left it unlocked. The same is true for every security measure we take in our real lives.

And yet, we hit that “Remind Me Later” button as quickly as we can, like we’re playing whack a mole at an arcade.

Some people complain that security updates take too long, are too cumbersome, and bog down their computers. That was true…about 10 years ago. With today’s high speed systems, security updates can run quietly in the background. Kind of like the locksmith who can do his thing, while you’re busy doing yours in the house.

Hackers are literally creating and launching new viruses every day. That means that these invaluable updates are needed frequently. Every time a software provider figures out a way to block the bad guys, they send out an update. They have effectively put a new lock in an existing door, ensuring the safety of your personal life.

So, next time the dialogue box appears asking if you want to run a security update now, just remember the “Remind Me Later” button is not your friend.

Sep 13, 2011

When Hackers Attack, Earthquakes Follow

Hackers of the world have gone wild, infiltrating a variety of sites such as those of the CIA, PBS, and just the other day, NBC.  Supposedly “secure” servers of companies as notable as JP Morgan Chase and Sony have been hacked to get credit card or customer information.

In fact, hacking has had such a substantial effect on the business world that Rupert Murdoch was recently forced to close an English tabloid as a result of the paper’s hacking of celebrity phones. Stories of massive and embarrassing hackings are popping up everywhere letting us know that these hackers mean business.

And if you’re a business, being ready means more than having an IT emergency response plan.  In today’s hacker environment, a company’s response plan must be holistic in nature, agile in execution, and grounded in reality.  The right response must include technical, legal, educational, and public affairs components.  Each area has a significant role to play and one that if executed incorrectly can make the difference between disaster and recovery.  And we’re talking just security.  The problems compound when you throw in safety and privacy as well since the three are interconnected and not mutually exclusive.

Having been at the forefront of safety, security, and privacy (SSP) crises many times over in my previous roles in corporate America, and now as the founder of an online security consulting company, I can tell you that many company executives often think of the public relations (PR) aspect of responding to a hacker crisis as ‘fluff’ or coming from the ‘group that spins’.

In fact, PR is at the epicenter of this type of crisis and how it is handled can make the difference between minor aftershocks or more devastating quakes.

The right PR team will have to navigate with agility, acumen, and diplomacy while still grounded in relevant experience with safety, security, and privacy.  The challenges presented are far ranging and come in multiple forms.  Questions abound such as:

-who should be the spokesperson

-what is better, a reactive or proactive media strategy

-when should the affected consumers be informed

-where is the place to release information

-how should employees be informed about what is happening

-when should a safety, security, and privacy crisis plan be implemented

-who makes the final call on what goes out

Given the sudden onslaught of hackers, traditional PR firms are facing quite the challenge in helping clients respond.  The problem – many of these firms aren’t yet equipped or experienced to handle the unique challenges SSP PR brings even if they have handled other types of crisis in the past.

If your company is at risk of falling victim to a SSP PR nightmare, begin internal discussions ASAP to see if you are equipped to handle such an event holistically.

The more you read about the pain and suffering other companies have gone through, the more daunting the problem may appear.  But, it is one that can be overcome with the right kind of planning, team, and program in place.  Having worked closely with several clients to put in place SSP PR strategic plans, we have seen the positives that come from doing it right the first time.

If there is one thing to keep in mind it is this – hackers don’t follow traditional fault lines.  At any time, you can be the flashing red dot marking the epicenter of a major SSP earthquake.