Trust is an essential ingredient of a successful business. If you can’t trust your boss, your coworker, your employee, your vendor, your customer, what’s the point?
Having great IT systems in place can contribute significantly to that infrastructure. Our current working conditions with pandemic-related remote working have underscored how important they are to being able to continue working productively.
And laying a groundwork of trust in a company’s culture is always an important goal, but doing this now, when your staff is working from home, has become more challenging. The covid-19 pandemic has reshaped the way we’re all working, and requires even more intentional building of trust.
Why The Remote Work Environment Can Erode Trust
The sudden transition from having employees physically work in the office to working remote has revealed an ugly truth: Most companies fail in building trusting work relationships.
As pretty much everyone has been required in some fashion to restructure and work remotely during the Covid-19 pandemic, companies have become more aware of how much or how little trust actually exists within their organizations. Remote working has tested that trust.
Staff members at every level of the organization have a similar challenge. They’ve been required to co-mingle work and home life, in the place where they live. If there are other household members present, they’ve had to manage a blended situation, rather than having a full focus on the workplace during work hours.
Nobody who has family members or roommates in their work space is exempt from this, no matter what level they hold in the organization!
It’s no small feat to manage. Especially if there are small children involved, and no childcare.
One consequence of these disruptions that’s emerged is the struggle managers experience in working with employees who are out of sight. Managers who rely upon being with their staff on-site to gauge the progress of their teams have felt ill-equipped to monitor that progress off-site.
When they attempt to gauge progress without being present with workers, they can be perceived as micromanaging or controlling. Further, they can be perceived as uncaring, worried only about productivity. They may seem insensitive to the other things the remote worker must juggle that didn’t used to be part of the work scenario.
The micromanaging or insensitivity can go even further. It can become actual distrust that the worker is doing what they’re supposed to. Since the manager isn’t there to see what’s happening, they may use online meetings to try to evaluate if the worker is actually doing their job. This can further accentuate any “us and them” feelings that might exist between the company and the staff.
What if your worker is not doing their work? How much loss will that equate to? How do you relate around this in a trust-building way?
Building trust is tough to do, because it requires vulnerability. Companies must work on building trust into the culture.
Building Distrust Within Your Company Is Important, Too
Yet in today’s world, there’s a kind of distrust that actually does make sense. The place to become more distrustful, on purpose, is online.
Forbes magazine presented the top 10 tech trends from the current global pandemic. “Covid-19 has accelerated digital trends, … as the virtual is replacing the physical, everywhere, … and the network becomes the town square.”
As doctors, hospitals, offices of large corporations and small businesses shift from face to face communication to online conversations, just about any kind of conversation can be held anyplace, anywhere, anytime.
And, just as fast as businesses regroup to offer services online, the cyberhackers regroup to take advantage of all this online activity.
So while you’re working to build trust through quality relationships, agreements and actions, make sure you’re not simultaneously tearing it down by allowing a breach in your cybersecurity.
These are the company’s assets that must be protected with certain measured distrust online:
- The workforce itself
- Company relationships
- Building and infrastructure
- Intellectual property & trade secrets
- Data in general
- Hardware & software
Phishing is One of the Worst Offenders For Misplaced Trust
One of the most disturbing ways these assets can be in jeopardy is through someone on your staff trusting, and clicking on a phishing email.
This type of fraud does not use sophisticated hacking techniques. Instead, it depends on clever deceptions such as the use of a real email address that is deceptively similar to one that would be used legitimately.
Phishing scams and schemes are becoming more creative every day as businesses and individuals find themselves the targets of new tactics. Here are stats, per the SSL Store:
- 32% of confirmed data breaches in 2019 involved phishing
- Overall phishing down 42% in 2019, but the tactics got sneakier
- 86% of email attacks are “malwareless”
- 9% of untrained users fail phishing tests
- 90% of verified phishing scams discovered in secure email gateways
- Apple is the #1 most imitated company
One of the most common modern approaches is through ‘spear phishing’, the fraudulent practice of sending emails ostensibly from a known or trusted sender to induce targeted individuals to reveal confidential information. These fraudulent emails can affect every work relationship and destroy trust as well as cost the company financially.
- Between boss and employee. Employee clicks and spends money accidentally, while thinking it was approved.
- Between team members. One employee accidentally clicks and it spreads through the whole system.
- Between company and customer. An infected system spreads the infection to the customer base.
- Between company and vendor. Similarly, an infected system spreads to a vendor.
Two Phishing Stories
Here’s a story of a well-meaning accounting manager who wasn’t distrusting enough and almost wired $187,000 to an overseas bank. They’d received an email ‘from their CEO,’ who was out of the office that day. They’d prepared the wire transfer, and were just about to send it off, when by happenstance, the CEO unexpectedly made a quick stop at the office. The accounting manager told the CEO the wire transfer was ready. “What wire?” said the CEO. Fortunately, there was still time to stop the wire from going out.
And here’s another story about the employee who didn’t question the instructions they received by an email. Rather than wiring money overseas, this scam involved an email ‘from the CEO’ giving instructions to buy and activate fifty $100 iTunes cards and mail them to an address. The employee was proud she’d been able to locate fifty cards, which required her to shop for them at several stores. When she happily let her boss know she’d been successful in locating the cards, it was the first he’d heard of it! They were stuck with $5000 worth of iTunes cards, but at least they still had the value of the cards.
You can see how this can happen “innocently enough” but averted with the right kind of distrust.
Knowing this kind of breach is possible, and that it’s human to accidentally fall for one of these scams, what can a company do to protect themselves and their staff from them?
We recommend building your solution into your day to day activities, using an anti-phishing scenario.
The best way we’ve seen to prevent clients from trusting bad links and emails is one which both provides fun, effective training for your staff, but also lives within your regular employee activities in an ongoing way.
We’ve seen great results as we’ve worked with clients to incorporate these safeguards that have become increasingly important during this change in workplace related to COVID-19. We love hearing clients who are celebrating the ease of recognizing phishing attacks after they’ve implemented our training, and they go out of their way to let us know how much safer they feel!
How they work
What we’re really talking about here is remote employee security. Anti-phishing programs provide a way to avoid a security incident by preventing remote workers from inadvertently providing names and passwords that allow cyber attackers to get into your company’s cloud-based data.
This ensures three things:
- Your existing in-office protections and capabilities now function in your newly required remote environment
- All of your users are aware of the threats and how to identify them
- Your organization will have implemented security best practices for remote work
Having this kind of security in place makes sure you’ve created the proper policies, security measures and employee awareness needed to keep your organization safe. And it makes sure you’re not an ideal target for cybercriminals.
How They Help
Using this approach, your remote staff becomes aware of the possible breaches to company security and is inspired to stay alert and not click where they shouldn’t. Your employees also become more engaged in the process even though they are in different locations and on different networks, through the interactive design of the program.
Using this approach addresses both of the issues we have been discussing here. It helps you build the confidence, awareness and quality of relationship among your workers. It’s fun and engaging, so there’s a contribution to morale. It protects them from blunders, which brings peace of mind for everyone.
This will contribute to building the rapport and relationships inside your company, even when everyone’s offsite, and will increase the wellbeing of the company, including your external relationships.
Contact Us For Anti-Phishing Protection
If you haven’t already put such a mechanism in place in your company, call and set up a consultation with us. We’re available to help you implement, and we’d love to help.
We all need to protect against accidental dangerous clicking!