Connect with us

Politics

Four Ways to Mitigate Fraud Risk During a Recession

Published

on

Ari Jacoby


We’ve talked so much about recession in recent months that it’s hard to believe it’s still on the horizon and not in the rearview mirror. But most experts agree that we’re sliding into an economic lurch right now — and need to prepare for all the struggles for individuals and businesses that come with any backward slide in the economy. Let’s discuss four ways businesses can mitigate fraud risk during times of recession.

Fraud Spikes During Any Recession

Fraud spikes during times of recession. When an economic downturn begins or drags on, it gets harder and harder to continue your lives as you have before. Unemployment rises, people take on more debt, and the price of necessities inflates. It’s harder for many to pay bills, keep food on the table, and generally stay above water. As a result, the idea of easy money via fraud or theft becomes more enticing to those struggling.

At the same time, businesses feel the recession largely through a decrease in demand for their product or service — which makes each sale harder to secure than ever.

As companies look to tighten their spending, they inevitably analyze their tech stack. Anything ancillary gets put to the wayside when times are tough — including fraud prevention software. And in some cases, there’s a temptation for businesses to shirk normal security and privacy responsibilities to usher in additional sales.

Online merchants make a conscious decision to dial back fraud prevention to maximize transactions during peak buying seasons such as Black Friday and Cyber Monday.

The Perfect Storm — Higher Fraud Risk and Reduced Fighting Power

This combines to form a perfect storm of higher fraud risk and reduced capabilities for businesses to combat it. Fraudsters are likely aware of the fact that companies will have lowered security thresholds and will be looking to take advantage of that fact.

Fraud can attack from multiple directions, making it difficult for businesses to keep their eye on the proverbial ball.

Potential Entry Points for Cybercriminals

In addition to fraud from external sources, the risk of internal fraud or third-party fraud (originating from a vendor or partner) also increases during a recession. Management and integration tools installed at businesses in the last decade to increase efficiency and speed up workflow both within a company may not have been secured. Parties connected to each new resource, exacerbated by Covid work-from-home necessity, are also potential entry points for cybercriminals to perpetrate fraud.

A highly interconnected company is efficient — but it also has more area to secure.

Four Potential Fraud Avenues a Company FaceS During Any Recession

Let’s look at four potential fraud avenues a company might face during any recession, as well as tactics to cut bad actors off before they have the chance to damage the business.

1. Internal Threats

Employees are working faster to try and hustle, missing things they’d normally catch like fraud perpetrated through phishing and other email methods, made even harder due to remote working conditions.

Stress and heightened expectations to perform to make up for the economic downturn might make for disgruntled employees that aren’t doing their utmost to keep the company secure.

Security can become lax as a result of fewer resources or through attempts to woo more customers by skirting security checks. Fraudsters will be working overtime to take advantage of any holes made apparent through lowered security thresholds.

Security Awareness — Authentication and Firewall

Prioritizing regular security awareness and training and only give employees access to systems and information they need to get the job done.

Begin with employee onboarding to ensure that there is enough awareness to keep your company and your systems safe. This effort will help keep those vulnerabilities from surfacing and reduce the chance that human error winds up being costly.

Employ a zero trust access policy and implementing continuous authentication within the company’s firewall can also help prevent rogue activities.

2. Staffing Changes

Employees leaving is the nature of business, but the fraud risk associated with these exits is real, especially if the cause of the employee’s departure is a reduction in force.

Password Changes on Systems (Including Your Office Door)

If passwords don’t change, for example, after an employee leaves, the data hidden behind that password may be compromised. A study found that 49% of employees have logged into a work account after leaving the position. All accounts and systems should become inaccessible the moment an employee leaves — that day. It should be someone’s job to handle this part of your operations.

Insider fraud is a real thing, but it becomes even more likely after the employee leaves the company—especially if they were terminated or did not leave on the best terms.

Remember — the difference between an employee “poking around where they shouldn’t be” and “selling your data” is not as wide as many think.

Offboarding Plans and Responsibilities

Make sure you have an “offboarding” plan in place to ensure your company stays protected as employees exit. Remove access to all crucial documents, disable email inboxes, revoke credentials, and account for all potentially connected devices.

Make a checklist for what needs to be done in each offboarding scenario, and make sure each item is completed. If there’s a wave of layoffs, that checklist will be especially handy.

It’s easy to miss one small step for one of the individuals that could have significant ramifications.

3. Account and Login Fraud

When it comes to securing employee accounts, there are many options. However, when it comes to selling to customers, they cannot be reasonably subjected to the same stringent security restrictions without there being a direct impact on the bottom line.

Dummy accounts, hacked accounts, application fraud, and synthetic identities are all used in defrauding companies from the very point of access normally given to legitimate customers.

Many businesses that sell on their websites or apps use multiple security checkpoints like multi-factor authentication (MFA) to make sure people are who they say they are, but this has the side effect of providing an irritating experience for the vast majority of users that are there legitimately, to simply buy from a business.

Can Your Business Identify its Network?

Engaging with a real-time identity network allows companies to better identify their visitors – businesses can verify an identity once and then keep the roadblocks out of the way the rest of that session. But of course, some fraudulent activities have legitimate aspects to them; even an account set up the right way might be used for nefarious purposes.

Identity networks allow companies hooked into their network to receive a warning on sketchy behavior even before the newly arrived user has done anything on their site or app.

With real-time user data, collected (and then anonymized) from all sorts of sources—more and more as the IoT connects devices to make a more encompassing picture of a person’s activities—security can remain high without making user experience miserable for the average user.

4. Vendor-Based Risks

Just like an outgoing employee represents a risk that needs to be addressed before it gets out of your control, the end of a vendor relationship can create problems if there are security shortcomings.

Even when the relationship is solid and ongoing, the connection between companies means that there will be some number of individuals at a vendor that has access to your company’s information. Unless you have safeguards in place, there’s not much you can do to control their actions.

Negotiate with vendors from the beginning of a relationship to retain as much control over what is shared to maximize your protection.

For vendors already in place, bring this up during contract renewals. And just like with employees, make sure that your internal team members have a plan in place when vendor relationships end to ensure that there aren’t loose ends or gaps in security that add fraud risk from a vendor contact.

Staying Fraud-Free

The recession doesn’t need to be a field day for fraudsters. By putting in place security practices around current and outgoing employees, identifying your web and app customers, and staying engaged with vendors to prevent vulnerabilities from being exposed, businesses can keep from being an easy payday for the new would-be criminals out there.

There will still be a recession to contend with, so one less thing to worry about — especially a big thing like fraud at your expense — will be a welcome situation for businesses.

Featured Image Credit: Tima Miroshnichenko; Pexels; Thank you!

Ari Jacoby

As the founder and CEO of Deduce (www.deduce.com), Ari Jacoby is a successful serial entrepreneur and thought leader who’s on a mission to democratize access to critical fraud data after spending nearly two decades bridging the intersections of data, privacy, and security. Prior to founding Deduce, Ari led companies including Solve Media/Circulate (acquired by LiveRamp) and Voicestar (acquired by Marchex), to successful exits. He is now dedicated to protecting businesses and their consumers from identity fraud threats while simultaneously creating more secure, frictionless experiences. Ari attended Georgetown University, where he received a BA in Government & Economics.

Politics

A Quick Guide to Understanding Your phpMyAdmin Area

Published

on

phpMyAdmin


If you use a WordPress website, it probably uses a MySQL database. Another one that it might use is called MariaDB.

Every website needs one of those to store information like passwords, posts, and user data. When WordPress can’t connect to your MySQL database, your website probably won’t be accessible.

There are a handful of reasons why it’s important to understand how it works. Here are a few that I can think of.

  •   You may need to delete old data or tables
  •   You may need to update the titles of a ton of different posts at once
  •   An individual database table might need to be imported or exported

In order to get to the area we’re going to talk about, click “phpMyAdmin” from your website’s control panel. It may say “Access PhpMyAdmin” or some similar variation like mine does below.

Image Source: Bob Buckley; Thank you!

The next screen you should see looks like this:

Image Source: Bob Buckley; Thank you!

On the left-hand side, click the database that corresponds to your website. In my case, it’s “backupweathersite” below “New” in the tree. Then, you should be at the screen we’re talking about:

phpMyAdmin

Image Source: Bob Buckley; Thank you!

The menu highlighted in red has some useful tabs on it for doing the types of things I mentioned above. Starting with Structure, here’s what you can do with each one.

Structure

Structure is probably the most important of all the tabs because it lists the tables of your database. Each table has its own set of options, like emptying it if you want to delete all the data. You can also drop the table if you want to get rid of the entire thing completely.

Be very careful with that. Instead of deleting everything, you can clear out things like old posts by running SQL queries.

SQL

Selecting SQL will give you this screen:

phpMyAdmin area

Image Source: Bob Buckley; Thank you!

There, you can run SQL queries. For example, on one of my sites, I need to remove expired jobs pretty often. If I don’t, the database fills up even if the jobs are deleted on the frontend. This causes the site to slow down a lot, and I can’t add new posts or other data.

The solution? Running this query: delete from `wp_posts` where `post_status` = ‘expired’

That takes care of thousands of old jobs in about a second, which is pretty nice!

As a side note, the screenshots in this article are from a local WordPress installation I have for a different project.

Search

Search does what it sounds like it would. When you put something in the main search field, it will automatically go through the entire database, looking for anything that’s a match. 

Here’s a tip that might also help: you can choose to include or exclude searching specific tables if you want so it doesn’t search everything.

phpMyAdmin

Image Source: Bob Buckley; Thank you!

Query

The Query tab essentially does the same thing that the SQL tab does, except it offers guidance for creating the query. You can select the table that you want the query executed in from a dropdown and then click “Update query” to see it in the window below.

phpMyAdmin screenshot

Image Source: Bob Buckley; Thank you!

Export

Image Source: Bob Buckley; Thank you!

Export allows you to download all of the tables from your database. This is useful if you want to do manual backups periodically (although there are some great plugins that can handle that). You can export the tables in a bunch of different formats, too.

These include SQL, PDF, CSV, XML, and a handful of others that you’ve probably never heard of. Mainly, Texy! Text and YAML.

Import

The import function allows you to bring in outside database tables to yours.

phpMyAdmin

Image Source: Bob Buckley; Thank you!

You can only import a table if it doesn’t exist in the current database. If the table exists already, you will get an error, and the import won’t finish, according to DreamHost.

The file can be compressed or uncompressed in a few different formats. Those include bzip2, gzip, or zip files. Something you may not be used to is the compressed file name.

It needs to be structured like “.[format].[compression]”. An example of a common one is “.sql.zip”.

Image Source: Bob Buckley; Thank you!

 

You can choose from a handful of different formats. These include CSV, ESRI Shape File, MediaWiki Table, OpenDocument Spreadsheet, SQL, and XML.

There are also a number of different SQL compatibility modes. The compatibility mode setting will dictate how MySQL works. We won’t go into each one and talk about the differences, but your options for those are ANSI, DB2, MAXDB, MYSQL323, MYSQL40, MSSQL, ORACLE, and TRADITIONAL.

Operations in phpMyAdmin

This tab gives you the ability to perform a handful of different operations, like creating a table and renaming the database. In order to create a new table, just put in a name, and the number of columns, and click Go.

Siteground has a great tutorial for creating tables since things can get kind of complicated. Below that, you can rename the database. The check box that says “Adjust privileges” is there because MySQL does not adjust the original privileges related to the database on its own.

When you check that box, phpMyAdmin adjusts the privilege table, so users have the same privileges on the new items. If you do that, the privileges for all the database-related elements are also adjusted to the new name. That includes things like tables, columns, or procedures.

Image Source: Bob Buckley; Thank you!

This section also allows you to do things like copy the database to another one and change table collations. A collation is a set of rules that defines how to compare and sort character strings.

You probably won’t ever need to mess with things like collation, but it’s nice to be semi-familiar with that, just in case.

Image Source: Bob Buckley; Thank you!

 One other thing is that you can’t really rename a database. When you do that, phpMyAdmin will create a new one (example below) and drop the old.

phpMyAdmin area

Image Source: Bob Buckley; Thank you!

Routines in phpMyAdmin

The Routines section looks like this:

Image Source: Bob Buckley; Thank you!

“Filters” won’t do anything unless you actually select a database to search. Putting a word into the “Containing the word:” section will find all of the tables containing that word in your database.

Routines are procedures and functions that do various things, like the job data cleanup function mentioned earlier. You can add one there, and it will be displayed under that tab.

Events

In the event scheduler tab, you can create and run tasks automatically based on a schedule. The schedule can vary a lot, like running a task every couple of seconds to every few weeks. In order to use it, you will need to manually turn it on by clicking where it says “off” in the picture and then clicking “Add event”.

Image Source: Bob Buckley; Thank you!

Triggers in phpMyAdmin

A trigger is a named database object that is associated with a table and that activates when a particular event occurs for the table. You could use a trigger to perform checks of values to be inserted into a table or to perform calculations on values involved in an update.

Image Source: Bob Buckley; Thank you!

Privileges in phpMyAdmin

Image Source: Bob Buckley; Thank you!

The Privileges section allows you to make changes to current user privileges or export them to a new database. There are a handful of options for editing the privileges:

Image Source: Bob Buckley; Thank you!

Designer

The Designer tab can be kind of a mess, as you can see (it’s in the “More” dropdown):

Image Source: Bob Buckley; Thank you!

The Designer feature is a graphical way of creating, editing, and displaying phpMyAdmin relations. These relations are compatible with those created in phpMyAdmin’s relation view.

To use this feature, you need a properly configured phpMyAdmin configuration storage and must have the $cfg[‘Servers’][$i][‘table_coords’] configured. It’s unlikely you’ll ever need to do anything in this tab.

Wrapping Things Up

Going into the phpMyAdmin area for a WordPress site can be pretty daunting. If you find yourself in that position, it’s important to be familiar with all the different aspects of the dashboard. Understanding the basics of what each section does will help you navigate and get things done a little quicker with less of a headache.

Featured Image Credit: Provided by the Author; Thank you!

Bob Buckley

Continue Reading

Politics

How to Help Women in Business Get Past Gender Barriers to Management

Published

on

Free Your Money: Strategies for Keeping Your Money In The Best Place Possible - ReadWrite


According to a recent Women in the Workplace study from Lean In and McKinsey, the most significant barrier women face in business these days isn’t the glass ceiling. Instead, it’s the floor—the barrier to entry-level management positions.

Although women now own 4 out of every 10 businesses in the U.S. and are making great strides at the top of the career ladder, they’re still missing from entry-level and middle management positions. That’s something companies of all sizes need to address.

Women in business means greater success

It’s not just about diversity (although that’s a worthy goal in itself). Statistics suggest that hiring women for positions of leadership helps your company succeed. For example, one study from Peakon revealed that when a company’s management includes 50% or more women, its employees feel more loyal to the company and its products or services.

2017 Morgan Stanley report echoes these findings, suggesting that gender diversity in a company translates to enhanced productivity, more significant innovation in product and service design, improved decision-making, and decreased employee turnover, with an associated higher level of worker satisfaction.

Try implementing these three strategies to fix that broken rung at the bottom of the career ladder and get more women into entry-level management roles.

1. Start from the ground up.

As the Women in the Workplace study suggests, the first task for any business committed to helping increase the number of women in leadership positions is to hire and promote women more often.

Your job is to make your workplace more attractive to diverse candidates. Start with neutralizing your job notices and ads. Go over every ad line by line before you release or publicize an open position. Avoid potentially off-putting terms like “rock star” and “ninja.” Some of the more qualified female candidates might interpret those as code for “male candidates preferred.”

Also, consider following the example set by Buffer. Based on the understanding that women are far less likely than men to apply for a job if they don’t precisely match the image created by the ad, Buffer encourages all candidates to apply, even if they feel they don’t meet every single qualification.

If you want to reach more women candidates, consider going where they are. For example, open up your job search by sharing the job notice on platforms and websites with audiences with a significant female component.

2. Commit to taking action

Set actionable goals for both hiring and promoting women into first-level management. Clear establishment of metrics and a commitment to meeting those metrics can help foster positive change for your company as you seek to diversify its management.

For example, if there are two candidates, one male, and one female, the female candidate has a 50% chance of winning the job. However, if there are three female candidates and one male candidate, the possibility that one of those women will win the job goes up to 67%.

However, if you reverse that scenario, with three men and one woman, her chance of winning the job plummets. One way to combat this kind of unconscious bias is to set a concrete goal of advancing an equal number of men and women to the final round of evaluation. Creating this type of rule helps you see beyond mere lip service to the ideals of “promoting the qualified candidates” to truly evaluate your candidates based on their qualifications without unconscious bias.

Finally, seek to establish clear, neutral evaluation criteria. Ensure your hiring and promotion evaluation criteria are based on the actual duties required in the position, not on some outdated assessment that hasn’t been standardized and edited for gender neutrality.

3. Get to the root of unconscious bias.

Training evaluators and supervisors to spot and combat unconscious bias can help root out the obstacles to promoting women to leadership positions in your company. But how do you identify a bias when it’s not consciously held?

One way is to test your systems. For example, the next time your company is hiring for a potential leadership or feeder position and a female candidate is weeded out at a pre-interview stage, consider advancing her to the next round regardless. If she proves herself qualified at the interview based on the feedback you get, you might have some bias at work in your processes.

Additionally, implement committed-based evaluation processes. Groups with balanced representation can help root out and neutralize individual biases. At the same time, they can help provide a more robust assessment of each candidate’s strengths and challenges.

Published First on Due. Read Here.

Featured Image Credit: Photo by RODNAE Productions; Pexels; Thank you!

Due

Know exactly how much money you will have going into your bank account each month. No tricks, no gimmicks. Simple retirement for the modern day human.

Continue Reading

Politics

Simplifying AI Can Optimize Your Entire Business

Published

on

Simplifying AI Can Optimize Your Entire Business


Artificial intelligence is becoming less of a futuristic technology and a more integral aspect of today’s business landscape.

The usage of AI across the business universe is revolutionizing every industry, and Gartner reports that at least 75% of organizations use deep neural networks today.

In financial departments, AI is automating menial tasks and reducing errors in traditional manual workflows.

AI’s unfounded fears

There’s no doubt that businesses utilizing the right AI for the right reasons are seeing exponential benefits. Unfortunately, not every business unit is as excited about the available AI solutions that finance departments are gifted with. Change management is a significant component of failure when implementing any transformative technology.

Many humans still have unfounded fears about it gaining sentience or replacing them, and workers are wary of becoming obsolete once their daily tasks are automated.

But that’s never been the point of AI, machine learning, and automation because they augment human intelligence.

Humans are still very necessary

Take OpenAI’s GPT-3 and Dall-E 2 text- and image-generating models for example. Although they can generate a 1,000-word blog post with images within seconds, there could be a lot of legal liability issues if you were to publish raw content generated by one of these models directly on your website.

The content is never 100% accurate; human interaction is still essential to train, implement, and use AI across the business.

Simplifying AI for the average worker

AI data sets and outputs need to remain accessible, and making them accessible means tapping into everyone throughout the organization to apply their professional judgment to the data sets. This provides the machine’s velocity, variety, and veracity as it learns.

AI in financial departments

AI’s use in financial departments is so successful because payroll, compliance, accounting, taxes, etc., is complicated — especially when you’re a multinational corporation or utilizing the remote global workforce unlocked by the pandemic.

Expansive data sets

But you can import expansive data sets into AI to make it more useful. Streamlining all of this and optimizing processes not only reduces errors, but it frees up human workers to perform more advanced analytics that are closer to the reason they got into the industry in the first place.

How simplifying AI can open up usage possibilities

Simplifying AI for the average worker means they can focus on less menial, more innovative tasks and accomplish much more in less time.

GPT-3 and Dall-E 2 may not have flawless, production-ready outputs, but they utilize neural networks on large datasets of about 175 billion parameters across 45TB of text data. As a result, they’re perfect for ideation and conceptual work to get a firm visual image of the final product to work from.

Pass it around

Although their outputs seem wildly different (text versus images), both of OpenAI’s creations work similarly. While it seems like AI leads to faster advancements, what really happens is we discover one important concept that opens the door to new possibilities.

This is why getting the technology in as many hands as possible is important to see how others find use in the outputs it creates.

How AI brings more value to a business

As the quality of content-generating AI debate rages in the media and online forums, the technology’s uses for internal business functions are even more remarkable.

New ways of looking at things — skilled data scientists

AI across the business continues to open new ways of looking at things and allows skilled data scientists to develop complex models to predict anything you need to know — from machine health to possible market conditions and forecasting.

AI across the business can and will go beyond personal assistants, voice-to-text, and personalized recommendations to bring value to the roles of individual employees.

Better use of time

Leveraging specific AI technologies throughout the business keeps human workers at every level working only on tasks that cannot be automated. This includes processing exceptions to the rules (which there will always be), analyzing AI-generated outputs, and more.

Instead of spending our days manually putting together reports, we will be analyzing pre-generated reports and making advanced intelligent decisions.

Embracing artificial intelligence

When GPT-3 and Dall-E 2 were released, both writers and designers feared for their jobs. However, those fears were relieved as they tested the tools and got more comfortable with them. These tools can generate amazing work to assist writers and designers, but it still requires skill to understand how to prompt it for the desired results.

A professional can edit and polish it throughout the process in a variety of ways that will always require human instinct.

And an experienced photographer or graphic designer will get higher-quality outputs and know how to fix them in posts.

Focusing on higher priorities

Familiarizing yourself with these types of tools helps to better understand what they’re truly capable of and how they can be implemented into existing workflows while seeking better, faster, and more optimized ways to do things. That’s how finance departments leveraged AI to accomplish the most laborious and error-prone aspects of their jobs so they can focus on more important things.

And it won’t be long before AI transforms every aspect of every business.

Featured Image Credit: Sergey Zolkin; Unsplash; Provided by the Author; Thank you!

Melissa Chan

Director of Customer Success at MindBridge

Melissa Chan is Director of Customer Success at MindBridge. She has made it a mission to innovate accounting and auditing.

Continue Reading

Copyright © 2021 Seminole Press.