• About Us
  • Services
  • Training
    • Sessions
    • Webinars
    • Clear Path Store
  • Contact Us
  • Blog
  • About Us
  • Services
  • Training
    • Sessions
    • Webinars
    • Clear Path Store
  • Contact Us
  • Blog

What an HR Professional can learn from Sony Hacking Scandal

12/29/2014

0 Comments

 
Picture
Set expectations on electronic communications

​News headlines have been dominated in recent weeks by the ongoing saga related to Sony Pictures Entertainment's controversial film "The Interview." It is alleged that North Korea led a cyber attack on Sony's computer servers as a response to their plan to release the film whose plot involves the assassination of leader Kim Jon-un.

For several days, a group calling itself the "Guardians of Peace" released a series of confidential and often embarrassing data leaks from the company, including Sony employee salary details and Social Insurance Numbers. They also released the content of internal emails that severely damaged the reputations of those involved, including a thread that contained racist jokes directed at President Barack Obama.

After things escalated beyond data hacks to the threat of violent attacks if the film debuted as planned, Sony first decided to delay the release of the film. After Sony received criticism from numerous sources, including President Obama, they decided to release it in any theatres willing to show it as well as on-line. Read more (Source: Business Insider).

The idea of an external person breaching your company's internal data and sharing confidential information with the world should send a chill down the back of every HR professional and business owner. 

Many business owners might be wondering if their data can ever be truly safe. While there are cases for and against storing your data in "the cloud," ultimately each business must decide for themselves if they want to take the plunge. Services like DropBox, Google Apps for Business and Microsoft’s SkyDrive and Office 365 make moving to the cloud seem relatively easy and pain free.

But what can you, as the HR professional in your organization, do? There are several steps you can take. While you may not have any control over your company’s data after it is sent to the cloud, you are able control how data is handled within your company.
Picture
As a way to try to avoid the embarrassing release of emails or texts that contain content that you would not want published in the press, develop an appropriate use of email communications policy and ensure that you entire workforce (including senior executives) follow it.

Some elements that policy should contain include:
  • Staff members are expected to ensure that all communications sent on behalf of the company will be created using a consistently high level of professionalism.
  • Ensure that all messages use appropriate language. Inappropriate language found in communications may result in disciplinary action up to and including termination of employment.
  • Use an appropriate and professional tone in the creation of email messages. It is often very difficult to determine when a person is using humour, sarcasm, or irony in an email. Please note that emails that include humour may be misunderstood, and the effects negatively impact our business.
  • Remember that when you send an email, it creates a permanent electronic record. Whatever is written in your email, including content and form will be on the record for all time. Ensure that all messages sent are appropriate, and accurate in their content.
Picture
Bring your own device policy 

Another focus should be a Bring Your Own Device (BYOD) policy. With smart phones becoming nearly ubiquitous, many companies are allowing their employees to use their own devices, rather than provide them through the company. The trade off is a reduction in equipment cost, but a potentially higher risk of data vulnerability/loss. A BYOD policy means you can set out the terms of employees having access to company data through their personal equipment.  This policy can also be applied to employee laptops, for those employees that use their own laptop or work remotely on occasion.
Picture
A policy that outlines access to data should also be developed. With many cloud storage solutions, there is often a desktop version available. This allows the documents to be stored on each employee’s computer which, while convenient, can lead to disaster if an employee decides to leave and has a copy of your most valuable data on their hard drive. You must decide if the convenience is worth the potential loss of security, or if you want to insist your data is to remain in the cloud only.
Picture
How will the data be accessed? 

​Employee procedures:

Another item in your arsenal should be to include a definitive procedure to follow when an employee leaves your organization.  This could be a checklist that runs through all the steps that must be taken when an employee moves on, regardless of the circumstances. Forgetting a simple thing like having keys returned means your office could be vulnerable.

Things on your list should include: removing the employee’s passwords, alarm codes (if applicable) ensuring the return of any company property –i.e. keys, laptops, etc. 
A good time to review these steps would be when you first hire an employee. While it may be a bit awkward during hiring process to review the policies and procedures regarding an employee that is leaving the organization, this helps ensure that the employee understands and agrees to the terms of employment.
Need helping developing policies? Let the team at Clear Path put their expertise to work for you.
We'd love to connect with you! 
0 Comments



Leave a Reply.
    Picture
    Learn how Clear Path can help you manage your HR and Claims Management challenges

    RSS Feed

    Categories

    All
    AODA
    Bill 168/Workplace Violence
    Clear Path
    Equality
    Events/Occasions
    Health & Safety
    Hiring/Firing
    HR Topics
    Mental Health & Wellness
    NEER
    Policies
    Social Media
    WSIAT
    WSIB

    Archives

    July 2017
    June 2017
    May 2017
    April 2017
    November 2016
    September 2016
    July 2016
    June 2016
    May 2016
    April 2016
    March 2016
    February 2016
    January 2016
    December 2015
    November 2015
    October 2015
    September 2015
    July 2015
    June 2015
    May 2015
    April 2015
    March 2015
    February 2015
    January 2015
    December 2014
    November 2014
    October 2014
    September 2014
    August 2014
    July 2014
    June 2014
    May 2014
    April 2014
    March 2014
    February 2014
    January 2014
    December 2013
    November 2013
    October 2013
    September 2013
    August 2013
    July 2013
    June 2013
    May 2013
    April 2013
    March 2013
    February 2013
    January 2013
    December 2012
    November 2012
    October 2012
    September 2012
    August 2012
    July 2012
    June 2012
    May 2012
    April 2012
    March 2012
    February 2012
    January 2012

Clear Path Employer Services
295 Thompson Drive, Unit 2
Cambridge, Ontario  N1T 2B9

T:  (519) 624-0800
T:  (888) 336-0950
F:  (519) 624-0860
E:  info@clearpathemployer.com
Website created by:
Absolutely Business
Copyright 2017
Staying Connected:
  • Subscribe  to our Emails
  • Careers/Job Openings ​
​ Hear More About Us: 
  • ​Testimonials
​Spread the Word:
  • ​Referral Program
    Services:
  • ​WSIB/WCB Claims Management
  • HR on Demand​
  • Workplace Health & Safety
  • Legislation Compliance​​
  • Training Sessions

Policies and Information:
  • Training Cancellation Policy
  • Privacy Statement
  • Terms and Conditions​​
✕