Emotional Intelligence – The Online Training For The Future Of Business

Emotional intelligence is the way forward for business, or so it seems considering every individual major national and global company seems to be jumping on the bandwagon. More important than education at the moment, the concept of emotional intelligence has been around since Charles Darwin first invented and commented on the term in 1872. However, it was not until Daniel Goleman published several articles on its uses in business that the concept of online emotional intelligence surveys caught on. Today, if you work for a large company the likelihood is that you will be confronted with an emotional intelligence survey and consequent training at some stage.

Emotional intelligence is completely different to intellectual intelligence in that I relates to your own self-awareness. To be emotionally intelligent, you should be firmly in control of your emotions as a result of your own self-awareness as well as being sensitive enough to pick up on the moods of others. Intellectually intelligence relates directly to your academic and technical thoughts and abilities. As a result, they are completely the opposite.

To be emotionally intelligent, you do not have to be intellectually intelligent. In fact, research has found that individuals with exceptionally high intellectual intelligence levels are far more socially inept than individuals of average intelligence and thus have a low emotional intelligence score. However, the results are calculated on an individual basis via a survey.

Businesses have started to use emotional intelligence surveys to identify training needs and the weak links in a team in the hope that identifying them and reacting accordingly will actually make the workplace more harmonious and productive. Although it does not always work like that, the survey does go some way to helping! However, this only applies if all individuals answer honestly instead of answering in the manner that they believe the company wants them to answer.

Everybody can benefit from emotional intelligence surveys and training. The training associated with the survey can really highlight problematic areas and attempt to solve them through team building days and training courses. The way we all relate to people can reflect on the individual business and attract consumers as well as repel them. This obviously has a major impact on the individual business and can make or break it, which is why all employees should be assessed on a regular basis.

The surveys are often conducted online and the results are returned online. As a result, more and more businesses are actually formulating online computer based training events that can enable an employee to connect with his or her co-workers. Online training is easier to administer, keeps costs down and can enable employees to track their progress to ensure that they are actually benefiting from training. They can also then feedback on the nature of the training so that their opinions can help to formulate the next training tasks.

In terms of employees stressing about an emotional intelligence survey or assessment, it is possible to actually improve a score and so the first few results should pose no immediate concern, as long as the results do improve on a consistent basis.

Emotional intelligence training is the ultimate in online training activities and the various types available are now amongst the most popular surveys and training programs requested every year. Of all the people that undergo some sort of training, the highest percentage actually participate in emotional intelligence based training. As a result, every individual should attempt to learn a little bit about it all in preparation.

File Integrity Monitoring – Use FIM to Cover All the Bases

Why use FIM in the first place?

For most people, the answer is ‘because my auditor/bank/security consultant said we had to!’ Security standards like the PCI DSS mandate a requirement for regular file integrity checks, including log file backups/archives, and this is the initial driver for most organizations to implement FIM.

Unlike anti-virus and firewalling technology, FIM is not yet seen as a mainstream security requirement. In some respects, FIM is similar to data encryption, in that both are undeniably valuable security safeguards to implement, but both are used sparingly, reserved for niche or specialized security requirements.

How does FIM help with data security?

At a basic level, File Integrity Monitoring will verify that important system files and configuration files have not changed, in other words, the files’ integrity has been maintained.

Why is this important? In the case of system files – program, application or operating system files – these should only change when an update, patch or upgrade is implemented. At other times, the files should never change.

Most security breaches involving theft of data from a system will either use a keylogger to capture data being entered into a PC (the theft then perpetrated via a subsequent impersonated access), or some kind of data transfer conduit program, used to siphon off information from a server. In all cases, there has to be some form of malware implanted onto the system, generally operating as a Trojan i.e. the malware impersonates a legitimate system file so it can be executed and provided with access privileges to system data.

In these instances, a file integrity check will detect the Trojans existence, and given that zero day threats or targeted APT (advanced persistent threat) attacks will evade anti-virus measures, FIM comes into its own as a must-have security defense measure. To give the necessary peace of mind that a file has remained unchanged, the file attributes governing security and permissions, as well as the file length and cryptographic hash value must all be tracked.

Similarly, for configuration files, computer configuration settings that restrict access to the host, or restrict privileges for users of the host must also be maintained. For example, a new user account provisioned for the host and given admin or root privileges is an obvious potential vector for data theft – the account can be used to access host data directly, or to install malware that will provide access to confidential data.

File Integrity Monitoring and Configuration Hardening

Which brings us to the subject of configuration hardening. Hardening a configuration is intended to counteract the wide range of potential threats to a host and there are best practice guides available for all versions of Solaris, Ubuntu, RedHat, Windows and most network devices. Known security vulnerabilities are mitigated by employing a fundamentally secure configuration set-up for the host.

For example, a key basic for securing a host is via a strong password policy. For a Solaris, Ubuntu or other Linux host, this is implemented by editing the /etc/login.defs file or similar, whereas a Windows host will require the necessary settings to be defined within the Local or Group Security Policy. In either case, the configuration settings exist as a file that can be analyzed and the integrity verified for consistency (even if, in the Windows case, this file may be a registry value or the output of a command line program).

Therefore file integrity monitoring ensures a server or network device remains secure in two key dimensions: protected from Trojans or other system file changes, and maintained in a securely defended or hardened state.

File integrity assured – but is it the right file to begin with?

But is it enough to just use FIM to ensure system and configuration files remain unchanged? By doing so, there is a guarantee that the system being monitored remains in its original state, but there is a risk of perpetuating a bad configuration, a classic case of ‘junk in, junk out’ computing. In other words, if the system was built using an impure source – the recent Citadel keylogger scam is estimated to have netted over $500M in funds stolen from bank accounts where PCs were set-up using pirated Windows Operating System DVDs, each one with keylogger malware included free of charge.

In the corporate world, OS images, patches and updates are typically downloaded directly from the manufacturer website, therefore providing a reliable and original source. However, the configuration settings required to fully harden the host will always need to be applied and in this instance, file integrity monitoring technology can provide a further and invaluable function.

The best Enterprise FIM solutions can not only detect changes to configuration files/settings, but also analyze the settings to ensure that best practice in security configuration has been applied.

In this way, all hosts can be guaranteed to be secure and set-up in line with not just industry best practice recommendations for secure operation, but with any individual corporate hardened build-standard.

A hardened build-standard is a pre-requisite for secure operations and is mandated by all formal security standards such as PCI DSS, SOX, HIPAA, and ISO27K.

Conclusion

Even if FIM is being adopted simply to meet the requirements of a compliance audit, there is a wide range of benefits to be gained over and above simply passing the audit.

Protecting host systems from Trojan or malware infection cannot be left solely to anti-virus technology. The AV blind-spot for zero day threats and APT-type attacks leaves too much doubt over system integrity not to utilize FIM for additional defense.

But preventing breaches of security is the first step to take, and hardening a server, PC or network device will fend off all non-insider infiltrations. Using a FIM system with auditing capabilities for best practice secure configuration checklists makes expert-level hardening straightforward.

Don’t just monitor files for integrity – harden them first!

Diesel Fuel Theft Is Higher As Fleet Fueling Raises

With truck driver spending unsupervised and fleet fueling prices rising, fuel theft should come as no surprise. Some companies are well aware of the problem and others are not. It takes a solid fleet fuel card with controls and audits to truly know if your company has been the victim of diesel fuel theft.

When your driver has a company fuel card, there is great potential to damage that company’s piggy bank, unless proper fueling controls are put into place. We could tell you hundreds of stories of erroneous diesel fuel charges on the company’s dime as a result of no one closely watching the fuel transactions.

Here is a small example: If your company buys its diesel fuel over the road you probably use some type of fuel or fleet credit card. These fleet fuel cards have controls, but are only effective if you, or the fleet manager, have put them in place correctly.

If you have a bulk fuel tank that doesn’t have a card system and your drivers are writing down the number of gallons that go into their trucks, there’s a great possibility of fuel theft, and good luck with tracing that! Of course this can happen anywhere in your corporate chain, but one phrase always sticks in my head, “They don’t respect, what you don’t inspect.”

Let’s look a little closer at the numbers that could be sucked out of your fuel system. A normal truck could guzzle up to 1500 gallons a month, if you miss 1% of that, its 15 gallons on average, per truck. With diesel fuel prices and gas prices now over $4.00, their highest in several months, you could lose $60.00 a month, for every truck you own. If you have 100 trucks in your fleet, you’re losing $6,000 a month or $72,000 a year.

Usually fuel fraud is more than 1%. Some people put that number at more than 2%. I would say, based on what we have seen during fleet fueling audits, the real number might be as high as 3% on average, with some companies exceeding those numbers.

In this type of economy, companies cannot afford to lose that much profit in a month, let alone throughout a year. There is one solution companies of all sizes are turning to, hiring a fuel management company. A company solely dedicated to reviewing, line by line, its entire fuel card transaction list.

Consider that 1% loss – $72,000 is possibly a 2% loss – $144,000 or more realistically a 3% loss – $216,000. That will have a profound negative effect on a company’s budget. Imagine being able to recapture those costs and put an end to company theft in your fueling budget.

As diesel fuel prices get higher, fuel theft amounts will increase because there is more money to be made. They are still stealing the same amount of gallons but at a much high cost per gallon.

Most companies have found that their best defense is a good offense with a solid fuel management or fleet management program. A team of people, reviewing fuel transactions, with a very active fleet or fuel manager who makes sure you are not losing money because of fleet fueling fraud or diesel fuel theft.

Companies outsource driver compliance logs, I.F.T.A. filings and many other items. Some people might not even consider these services as “outsourced” anymore. If you wanted someone to deal with law issues, you would contact a lawyer and if you need help with your taxes you would consult a professional tax firm. The idea here is the same. If you want help controlling the many variables that effect your fuel cost you should want to contact a fuel management professional who makes it their business to cut fuel costs.