Author: Andy Miller

How Business Emails Are Vulnerable

Posted on by Andy Miller

Research by digital risk management and threat intelligence firm Digital Shadows has revealed that company credentials and emails that can be easily accessed on the web are making it easier for cyber-criminals to target businesses with attacks.

What’s Are The Problems?

According to the research, businesses may be suffering targeted attacks because several key problems that are caused by the results of previous hacks and breaches, and by current poor security practices. These problems are that:

  • Around 12.5 million company email archive files are publicly accessible due to misconfigured archive storage drives e.g. FTP and Amazon S3 buckets. Business emails contain sensitive personal and financial information e.g. the research uncovered 27,000 invoices, 7,000 purchase orders and 21,000 payment records. These things are valuable to cyber-criminals as they help them to target attack methods such as phishing.
  • Improper backing-up of email archives has contributed to their exposure online.
  • Criminal forums e.g. on the dark web, now contain some 33,568 finance department email addresses that have been exposed in third-party breaches, 27,992 of which have passwords associated with them. These forums also contain large numbers of the business of email access credentials, some of which are reported by the research to be worth $5,000 for a single username and password pair to cyber-criminals.
  • Email hacking services can be purchased for as little as $150, with results available in a week or less. The researchers were even offered a 20% share of the proceeds that could be harvested from exploiting email vulnerabilities.

What Does This Mean For Your Business?

Business email credentials have a high potential return on investment to cyber-criminals, and therefore have a high value, which is why many cyber-criminals feel that it is worth looking for them and paying substantial amounts for them on criminal forums. The high value may mean that criminals may even collaborate to target larger organisations. Hacks and breaches over time, together with the subsequent buying and selling of the stolen email credentials may mean that many businesses are exposed to multiple types of email attack such as phishing, and man-in-the-middle attacks without even knowing it.

One thing the research does show is that by tightening up email security practices, businesses could reduce the risks that they face. Measures that companies could take to help reduce such risks include:

  • Including business email compromise (BEC) in business continuity planning and disaster recovery planning.
  • Strengthening wire transfer / BACs controls by e.g. building-in manual controls and as well as multiple-person authorisations to approve significant amounts.
  • Improving staff training to enable them to follow practices that minimise company email and other security risks.
  • Continuously monitoring for any exposed credentials (particularly those of finance department emails), and conducting assessments of executives’ digital footprints e.g. using Google Alerts to track new web content related to them.
  • Preventing email archives from being publicly exposed e.g. by making sure that archive storage drives are configured correctly.
    Being very careful where contractors back-up emails on network-attached storage (NAS) devices is concerned. Making users have passwords, disabling guest / anonymous access, and insisting on NAS devices that are secured by default could help.

Goodbye Skype Classic, Hello Blockchain-as-a-Service

Posted on by Andy Miller

Just as November will see Microsoft asking Skype users to switch from Skype Classic to version 8, tech commentators are predicting that Microsoft and other companies will be looking to start reaping the financial benefits of offering blockchain as a service (BaaS).

Skype Classic Replaced By Version 8

Microsoft has announced that it will be moving all users of the Classic version of its Skype video call software to version 8 of the software from 1st November for desktop, and 15th November for mobile and tablets.

The company says that it will be sending out notifications to those using the older versions of Skype by the end of October to warn them that they may lose functionality if they don’t switch to version 8.

Why?

The reason for the move is to ensure that users of desktop and smaller screens i.e. tablets or mobiles have the same experience of the program. This is because version 8 applications have been optimized to work in conjunction with modern, mobile-friendly cloud services architecture.

Fewer Features, For Now

Microsoft has admitted that the newer version of Skype won’t offer the same features as the previous versions, but the company has said that it plans to re-introduce some of those features.

Meanwhile, Skype’s Insider community is able to access and test the new ‘Skype 14’ via the Microsoft Store.

Making The Most of Blockchain

Tech commentators have noted that Microsoft and many of the other big tech companies, including Amazon and Oracle, are now looking to make the most of the growing blockchain as a service (BaaS) market. Microsoft was one of the first software vendors to offer BaaS on its Azure cloud platform as far back as 2015, but the predictions are that from the end of this year onwards, the market (estimated to be worth $7billion) will start to grow rapidly.

What Is Blockchain?

Blockchain, the open-source, free technology behind crypto-currencies like Bitcoin, is an incorruptible peer-to-peer network (a kind of ledger) that allows multiple parties to transfer value in a secure and transparent way. Blockchain’s Co-Founder Nic Carey describes blockchain as being like “a big spreadsheet in the cloud that anyone can use, but no one can erase or modify”.

Why?

The BaaS market is likely to take off in a much bigger way because it offers enterprises the chance to deploy distributed ledgers without the cost or risk of deploying it in-house, and without needing to find in-house developers.

Big Tech Companies Well-Placed

Tech commentators have noted that as well as Microsoft, big companies who look well-placed to have the resources claim a major stake in the BaaS market include Amazon, Oracle, Salesforce.com, and VMware.

It is also believed that large online real-estate/mortgage companies such as Redfin, Zillow, and LendingTree could benefit from using blockchain-based online services in the transfer of property.

Real-World Blockchain Examples

The benefits of blockchain technology are already being in enjoyed by many companies, and some of the ways that it is currently being deployed include:

  • Walmart’s pilots where the time it takes to trace a food item from shop to farm was reduced, through the use of blockchain, from 7 days to just 2.2 seconds.
  • A pilot project between car-maker BMW and start-up Circulor with a view to eliminating battery minerals produced using child labour. In that project, blockchain is being used to help provide a way to prove that artisanal miners are not using child labour in their cobalt mining activities.
  • Using the data on a blockchain ledger to record the temperature of sensitive medicines being transported from manufacturer to hospital in hot climates. The ‘incorruptible’ aspect of the blockchain data gives a clear record of care and responsibility along the whole supply chain.
  • Using an IBM-based blockchain ledger to record data about wine certification, ownership and storage history. This has helped to combat fraud in the industry and has provided provenance and re-assurance to buyers.
  • Shipping Company Maersk using a blockchain-based system for tracking consignments that addresses visibility and efficiency i.e. digitising a formerly paper-based process that involved multiple interactions.
  • Start-up company ‘Electron’ building a blockchain-based system for sharing information between those involved in supplying energy which could speed up and simplify the supplier switching process. It may also be used for smart grid processes, such as local load-balancing of supply and demand.

Launches

It has also been reported that Hewlett-Packard Enterprise (HPE) has launched a BaaS flexible charging offering, and SAP has also launched BaaS on its Leonardo digital software platform.

What Does This Mean For Your Business?

The fact that we now use mobiles devices more than desktop computers for work and leisure made it more or less inevitable that Microsoft would want to make changes to Skype to make the mobile experience of the program a priority.

The benefits of blockchain technology are just starting to be realised and exploited by many different companies around the world. The BaaS market is, therefore, still at the beginning of the curve, and it makes sense that big tech companies are well placed to be in the market early with their enterprise offerings. BaaS offers businesses the opportunity to harness the power and unique benefits of blockchain without the costs, and difficulties of trying to develop their own in-house offerings. Blockchain has already proven itself to be a technology that can save time and costs, provide fast and secure traceability, visibility and efficiency, and provide a real competitive advantage for companies that are willing to investigate how it could be used to add value to their particular business.

Even governments and cities around the world have realised the benefits and are committing considerable resources to the use of blockchain. For example, Dubai has committed to putting all of its documents on blockchain in the next few years and has founded a public-private initiative called the Global Blockchain Council to foster the development and use of blockchain technology in and between local government teams, local businesses and international start-ups.

Tech Tip – Disable Flash in Edge to Speed Things Up

Posted on by Andy Miller

Adobe Flash may be a way to make websites more exciting and engaging, but it can contain bugs, security holes, and it can really slow things down when you’re waiting for Flash-heavy pages to load. In Windows 10 you can quickly and easily turn off Flash in the Edge browser. Here’s how

Go to Settings and scroll until you can click “View Advanced Settings”.

Toggle “Use Adobe Flash Player” to off.

Facebook Hack Keeps Getting Worse

Posted on by Andy Miller

As if the recent Facebook hack of 50 million user accounts that was discovered on 25th September wasn’t bad enough, it became apparent that it could also affect “Facebook Login” service, which allows other apps to use people’s Facebook account to login.

What Happened?

On Tuesday 25 September, Facebook engineers discovered that hackers had used a vulnerability in Facebook’s “View As” feature (which lets people see how their profiles appear to others) to steal digital keys known as “access tokens” from any accounts of people whose profiles were searched for using the “View As” feature. This meant that hackers were able to move from one Facebook friend to another, taking control of all those accounts along the way. It is estimated that the staggering number of 50 million user accounts were compromised in this way.

It has been reported that Facebook had noted a spike in the number of people using the “View As” feature in relations to Facebook’s video uploading feature for posting “happy birthday” messages (a known, year-old vulnerability), but didn’t put two and two together at that point. Even though the hack was reported to have been discovered by Facebook on Thursday 25th September, It is now thought that the hack actually took place on 16th September.

Reporting Problems

Even though less than 10% of the 50 million Facebook accounts affected by the security breach were in the European Union, this is still a significant number, and required a report within 72 hours of discovery of the breach to comply with GDPR. It has been reported, however, that Ireland’s Data Protection Commission (DPC) has said that Facebook’s initial notification to the regulator about the breach (on Thursday) didn’t have enough detail, and this could lead to an official investigation and possibly some (substantial) fines. Facebook’s discovery of the breach on the Tuesday, and notification to Ireland DPC on the Thursday meant that, at least it kept within the 72-hour disclosure deadline required under GDPR.

Worse – Other Services Using Login By Facebook Could Be Affected

One of the things that has made the breach even worse than was previously thought is that, if you use Facebook to log into other services, such as Instagram (owned by Facebook), Tinder, Spotify and even Airbnb, the attackers could also use the stolen access tokens to gain the same level of access to any of these, and may have been able to steal all of your profile info, photos, private messages and more. The fact that the hackers have stolen tokens means that they don’t need to enter a username and password to access a site because the token is a signal that they’re already logged in.

Fixed, Says Facebook

Facebook has reported that it has now fixed the flaw by logging everyone out of their accounts and suspending the “view as” feature.

What Does This Mean For Your Business?

This hack was on a massive scale, and was the biggest in Facebook’s history, coming not long after the revelations about Facebook’s sharing of its customer data with Cambridge Analytica for political purposes. This has undoubtedly dealt another blow to Facebook’s reputation but more importantly, it could lead to further problems for Facebook’s users. The fact that the hackers were able to steal tokens, thereby rendering strong passwords and multi-factor authentication useless (which is frightening in itself), means that the attackers could use any personal data and information that they may have harvested from Facebook and other Facebook login sites to target users in future cyber attacks. The information taken could, for example, be used in phishing attacks, fraud, and even blackmail. The information used for blackmail (photos, private messages, etc) could even cause damage to personal and work relationships.

Once again, it seems, we can’t trust a major tech company to adequately protect our personal data and information, even after it has gone to the trouble, over the last few months, of spending large amounts on advertising campaigns to tell us how much it can be trusted. Even though the initial crime appears to be a large-scale hack, the fact is that users could find themselves being the victim of cyber attacks in future because of the information that has been stolen.

Apple Making One-Quarter Of Its Revenue From Deal With Ad Giant Google

Posted on by Andy Miller

Figures from Goldman Sachs appear to show that, even though Apple may publicly take the moral high ground and criticise digital advertising businesses, it may actually be making $9 billion this year, one-quarter of its estimated total revenue, from a deal with digital advertising giant Google.

Opposition and Irony

Apple has been famously vocal about its high regard for user privacy and its opposition to the idea of harvesting user data to feed online advertising. For example, in a TV interview in April (Recode’s “Revolution” TV special with MSNBC) Apple’s CEO, Tim Cook said that Apple had elected not to “make a ton of money” from customers by not monetizing them, and that “we’re not going to traffic in your personal life”. Also, Apple investors and financial commentators have witnessed what they saw as a transformation of the business that they may have believed was based purely on the products.

It is ironic, therefore, that something that Apple appears to be opposed to is quietly responsible for a large chunk of the company’s growth.

Services Segment

It is true to say that iPhone sales are still the biggest contributor to Apple’s growth, but something called the ‘Services Segment’ is the second biggest contributor to Apple’s revenue growth. This segment includes ‘licensing’ as a sales growth driver in this segment, which actually refers to Apple’s collecting of money from its search contract with Alphabet Inc.’s Google, as well as other sources.

The Google deal means that Google pays Apple $9 billion this year (and an estimated $12 billion next year) to remain the default search engine in iOS devices such as iPhone and iPad. Goldman has been reported as saying that it is likely that this revenue is charged based on the number of searches that users on Apple’s platform originate from Siri or within the Safari browser.

Criticism

The figures from Goldman have attracted some criticism online from investment and tech commentators who have pointed out that, even though Apple appears to be publicly opposed to systems that harvest personal information for advertising purposes, the deal with Google means that it actually makes one-quarter of its services revenue from enabling such a system by Google, while not having to be accountable for the negative aspects of it.

What Does This Mean For Your Business?

Advertising is a necessary part of marketing for many businesses, and tech giants such as Google and Facebook offer advertising services to businesses. In our lives as consumers, however, we have become increasingly worried about our privacy and how our personal data is being used and sometimes shared, and there is no doubt that data harvesting is used to target advertising. The fact that Apple appeared to be publicly against the idea of harvesting of data for advertising, and yet makes billions per year by enabling Google to do just that while being able to distance itself from any flack about it (until now) is likely to be another blemish on the reputation of the trillion dollar company.

Some investors and investment commentators may also find themselves believing a little less in the idea of Apple’s transformation and success being purely down to its products and may be surprised that such a large chunk of Apple’s revenue simply comes from a browser deal with Google.

Chrome Extensions Get Security, Privacy and Performance Boost

Posted on by Andy Miller

Following the introduction last month of Google Chrome 69’s better password protection, Google has announced that Chrome 70 will bring trustworthy extensions by default.

What Are Extensions?

The Chrome extension system, introduced to the browser nearly a decade ago, has enabled the introduction of 180,000 different extensions which are small, bolt-on software programs that allow Google Chrome users to customize their browsing experience through functionality and behaviour that suits their individual needs or preferences.

Extensions are typically built using HTML, JavaScript, and CSS and are available in the Chrome Web Store. Google says that the dual mission of its extension team is to “help users tailor Chrome’s functionality to their individual needs and interests, and to empower developers to build rich and useful extensions”.

What’s Been The Problem?

One of the main problems with Chrome extensions has been that remotely hosted code in some extensions can be changed, used to manipulate websites, and used for criminal purposes. For example, Chrome extensions have increasingly been used to hide malware, even when they’ve been downloaded from the official Chrome store, and Google has reported a 70% increase in malicious extension installs over the last two and a half years.

For Google, this has created a lack of trust among users, has led to worries about transparency and the scope of their extensions’ capabilities and data access, has generated bad publicity, and has made Google’s own extension review process more complex, costly, and time-consuming.

Improvements

Google says that it has already addressed some of the security, privacy and performance concerns through the launch of out-of-process iframes, the removal of inline installation, and advancements in the detection and blocking of malicious extensions using machine learning.

New code reliability requirements also mean that Chrome Web Store will no longer allow extensions with obfuscated code. This is essentially code that’s difficult to understand and can be used to hide malicious code, and its complexity makes Google’s review process more difficult.

Google has also announced that further improvements will be made to Chrome extensions in Chrome 70 that should go even further in addressing these issues. For example, improvements will include:

  • Better controls for host permissions. This means giving users the choice to restrict extension host access to a custom list of sites, or to configure extensions to require a click to gain access to the current page.
  • Required 2-step verification (in 2019) for Chrome Web Store developer accounts, in order to improve security.
  • The introduction of Manifest v3 to make the writing of a secure and performant extension much easier.

What Does This Mean For Your Business?

Google Chrome is the most widely used browser, favoured by 60% of browser users. Bearing in mind the 70% increase in malicious extension installs over the last two and a half years, some would say that these mainly security-based improvements to extensions are certainly necessary, and are long overdue. Bad extensions have proven to be the weak link in a strong browser and have provided a loophole that has been exploited by cyber-criminals enabling them to link computers to botnets, steal personal details, and enable crypto-currency mining on a large scale.

Businesses using Google Chrome should now get some reassurance that Google is plugging the security holes that some extensions have created, which should mean one less thing to worry about for the time-being in the ongoing battle with evolving and potentially costly cyber threats.

Company Fined £150k For Nuisance-Calling People Who Had Opted-Out

Posted on by Andy Miller

Manchester-based Oaklands Assist UK Ltd has been fined £150,000 by the ICO for making approximately 64,000 nuisance direct marketing calls to people who had already opted out of automated marketing.

Serious Contravention of UK Law & EC Directive

The monetary penalty by the ICO was delivered under section 55A of the Data Protection Act 1998 (DPA) due to a “serious contravention” of Regulations 21 and 24 of the Private and Electronic Communications (EC Directive) Regulations 2003.

The law states that live calls must not be made to any number registered with the Telephone Preference Service (TPS) unless they have specifically consented to the call. It appears, however, that Oaklands Assist UK Ltd completely ignored this, and continued to call those who had opted out via the TPS.

Complaints

It has been reported that Oaklands Assist UK Ltd was one of the most complained-about organisations in June 2017, clocking up 59 complaints. It is understood that the nature of the calls related to questions about accidents that call recipients may have had.

The complaints ranged from reports of:

  • Callers being abusive when asked how they got recipients details and using profane language when hanging up.
  • Callers becoming angry and aggressive when asked to remove recipients details from the call list (when the recipient was on hands-free in the car, with children present).
  • Callers making repeated and often silent calls, and even call recipients complaining of stress, exhaustion and depression as a result of receiving and trying to avoid multiple calls.

No Response

According to the ICO, Oaklands Assist UK Ltd ignored requests for information from the ICO that had been made six months earlier, and only responded when threatened with criminal proceedings by the ICO. Even then, the company was reported to be “vague and obstructive” in their answers.

Tried To Escape

It has also been reported that the ICO had to intervene to prevent Oaklands Assist UK Ltd from being struck off the Companies House register, which is thought to have been a bid by the company to escape the sanction.

Moves are also now afoot by the UK government to make directors of companies personally responsible for penalties such as ICO fines to stop them from evading penalties by dissolving the offending company and simply starting up again under a different name.

What Does This Mean For Your Business?

If you’ve ever had your time wasted and / or perhaps even experienced abuse from callers asking you about the accident that you (haven’t) had, then this action by the ICO will be music to your ears. Of course, you can register with the TPS not to receive unwanted marketing calls but in this case, the company concerned simply ignored that service, and ignored any rules and regulations surrounding making outgoing marketing calls.

Unsolicited calls can be a major disruption to businesses, even if the calls are not abusive or relating to fake accidents or PPI. For example, Ofcom data shows that UK consumers received 2 billion+ calls and texts from claims firms in 2017, and Aviva data shows that this is the equivalent of 6 million calls and texts per day, (mainly aimed at people aged 65 and above). Not only does this disrupt any businesses that receive the calls, but it also makes it more difficult for direct marketers who do play by the rules, and makes consumers simply want to dismiss all marketing calls, favouring non-interruptive communications.

GDPR was introduced to give us more rights where the use of our personal data is concerned, and gives us the right to be forgotten. As consumers, this may make us feel as though it has given us more power, but for businesses it has also created a lot of work in preparation for GDPR, has required extra costs of hiring / appointing / training an in-house DP expert, as well as creating the fear of fines or other problems though not being able to fully comply with the extensive detail of the Regulation. Companies should, however, be more re-assured by recent comments from ICO Deputy Commissioner James Dipple-Johnstone who was quoted as saying that businesses that take their data protection responsibilities seriously “have nothing to fear from an ICO inspection or investigation” and that the real norm of the work of the ICO relating to GDPR is simply audits, advisory visits and guidance sessions.

Elon Musk – World’s Most Expensive Tweet!

Posted on by Andy Miller

Tesla’s CEO Elon Musk’s tweet(s) about taking the company private using ‘secured’ funding has cost him not just his role as Chairman for 3 years, but also a $20m (£15m) fine, and some damaging fraud accusations.

What Happened?

Back in August, the South African-born, 25th richest person in the world (Forbes), and Chairman of American multinational corporation specialising in electric vehicles ‘Tesla’ made a short series of tweets that put him on the wrong side of the US financial regulator Securities and Exchange Commission (SEC) rules.

In the tweets, Mr Musk said that he was considering taking the electronic car maker Tesla off the stock market and into private ownership, stated that he had “funding secured” for the deal, and that Tesla shares would be valued at $420 each.

The tweets resulted in a lawsuit being filed against Tesla last week (although Tesla was not actually named in it) by the SEC, and allegations of fraud brought midscale negative publicity.

The tweets also caused problems for money market investors as the company’s share value fell due to lack of confidence, and $7 billion was wiped from Tesla’s market value, down 14% at the end of last week.

What’s The Problem?

The 9 separate issues (allegations) with Mr Musk’s announcements via Twitter, according to the SEC included the facts that Mr Musk had not agreed upon any terms for a going-private transaction with the Fund or any other funding source, and that he had never discussed a going-private transaction at a share price of $420 with any potential funding source. In short, the SEC has said that Mr Musk’s stated intentions had no basis in fact, and that said the market chaos following the announcement hurt investors.

Reached Agreement

It has now been reported that a deal has been reached between the regulator and Tesla whereby Mr Musk has 45 days to leave his role as chairman (or face another large fine), and can’t be chairman of Tesla for 3 years, although he can stay on as Tesla’s Chief Executive Officer. This will mean that a new independent chairman will need to be appointed to preside over the company’s board. Tesla and Mr Musk will also have to pay a $20m (£15m) fine.

What Does This Mean For Your Business?

Bearing in mind the damage done to the market value of the company (and investors), and the fact that Tesla faces a large fine, Mr Musk still remaining as the CEO means that he still got off more lightly than some had wanted or predicted. For example, agreeing to this SEC deal means that Mr Musk still retains influence but not as much power, and can avoid receiving the potentially more damaging punishment of being barred from serving any publicly traded company as an officer or director. Some commentators have also said that the only reason that Mr Musk wasn’t stopped from being CEO too is the fear of a stock collapse.

This story is an example of how a person’s style, power, and ability to grab headlines may be an asset to a company in boosting its rapid growth, but could become a liability later on, particularly if they appear to wield too much power and / or act in a way that appears not to take account of regulations or investors.

As the SEC puts it, this is essentially a case of misconduct by the person at the top, and is an example of why big companies need strong corporate governance and oversight in order to protect investors.

Tech Tip – Use ‘Near Share’ To Share Files

Posted on by Andy Miller

Windows 10 has a “Near Share” / “Nearby Sharing” feature, similar to Apple’s AirDrop, that allows you to share (by Bluetooth) files, links, photos, and more to nearby Windows PCs that also have the feature enabled. You can enable Nearby Sharing from either Windows 10’s Share dialog, or in Windows 10’s Settings app. Here’s how:

From the Share dialog –

– Click a “Share” button e.g. the “Share” button on Edge’s toolbar, or right-click a file in File Explorer and select the “Share” command.

– In the Share menu, click / tap the “Tap to turn on nearby sharing” option.

From the Settings app –

– Go to Settings > System > Shared Experiences.

– Turn on the “Nearby Sharing” toggle.

Nearby Sharing files are saved to the Downloads folder by default, but this can be changed in the Settings app.

Mobile Working Causes Absenteeism

Posted on by Andy Miller

Research by B2M Solutions has concluded that instead of saving costs, mobile working could be costing UK businesses £1.18 billion per year, as 40% of mobile workers attribute time taken off work to stress and anxiety caused mainly by reliability issues with mobile devices.

The Research

The B2M Solutions ‘Mobile Impact Survey’ gathered the opinions of 200 mobile workers in the US and UK who said that the mobile device they used at work was a critical tool that they needed to complete their work tasks, and that device reliability was of the uppermost importance.

What’s The Problem?

According to the B2M Solutions research, there are several elements involved in causing stress and anxiety-related ailments in mobile workers including:

  • Not offering employees the resources they need. The research indicates that although businesses are giving more responsibility and arguably more freedom to their employees, there is a lack of investment in tools to ensure that the critical mobile devices needed to perform these new tasks are operating correctly, and can be depended on. When the devices don’t perform as they should, this creates frustration and stress in users. The B2M research showed, for example, that device issues in the field like battery failure (40%) or poor Wi-Fi coverage, and crashing apps, led to 16% of mobile workers taking at least one day off work in the last year. This figure includes the 7% who took six or more days sick leave as a result.
  • Always being connected to work and switched-on. The blurring of lines between work time and your own time, and always being reachable by employers / colleagues makes it difficult to escape an underlying level of stress.
  • Being unable to complete tasks, as well as customer anger and rudeness as a result of mobile device failure causing increased stress and anxiety levels.

Didn’t Tell Managers

The research also revealed that a quarter of mobile workers haven’t told their managers or IT departments that their equipment is failing because they didn’t think that anything would be done about it.

Huge Cost To Business

In addition to the human suffering caused by stress and anxiety, the cost to businesses, many of which are unaware of the problems because their employees haven’t told them and / or because they haven’t checked, is estimated to be huge. For example, according to the research, if the findings are applied to the entire US mobile workforce, the cost of sick leave from stress or anxiety caused by device reliability problems to the US economy is around $8.6bn per year. If you add this figure to the UK research results, the coat to both economies is $10.2bn.

In fact, even the ‘True Cost of Ownership’ figures from the research don’t include additional potential financial impacts e.g. paying overtime to remaining workers to pick up their sick colleagues’ excess work, any financial penalties for missing customer deadlines, any brand reputation damage, insurance claims or even the cost of out of court settlements for some workers who can’t return to work.

What Does This Mean For Your Business?

It is likely that we all have some experience of the frustration and stress that technology failures and hold-ups can create, particularly when we are against the clock and a customer / colleague / boss is waiting. The cumulative effects of this kind of stress over time, coupled with a feeling that you’re on your own i.e. nothing will be done even if you report it, is bound to be demoralising, and it is no surprise that absenteeism from stress and anxiety and the knock-on financial impacts on the company are the results.

In the light of this research, businesses may benefit from taking more proactive steps to predict and prevent mobile related issues before they impact the mobile worker. Also, the fact that many businesses are unaware of the impact that mobile device issues actually have on productivity and worker health suggests that better device monitoring is needed.