tag:blogger.com,1999:blog-55408062024-03-13T00:12:47.268-04:00linking INTEGRITYIntegrity - use of values or principles to guide action in the situation at hand. <P>Below are links and discussion related to the <em>values</em> of freedom, hope, trust, privacy, responsibility, safety, and well-being, within business and government situations arising in the <em>areas</em> of security, privacy, technology, corporate governance, sustainability, and CSR.Unknownnoreply@blogger.comBlogger397125tag:blogger.com,1999:blog-5540806.post-13068083086752382052008-06-24T06:34:00.000-04:002008-06-24T06:34:55.843-04:00Rolling WiFi hotspots<a href="http://www.itwire.com/content/view/18956/53/">iTWire</a><br />Chrysler is set to unveil the UConnect Web System on Thursday, and rolled into production vehicles next year. Turning a car into a moving broadband WiFi hotspot it will enable Internet access direct from the dash. With support from Microsoft, the system could see speedy success.<br /><br />OK, so in car technology is a hot potato at the moment and it's easy to get over excited about relatively straightforward developments. The <a href="http://www.syncmyride.com/" target="_blank">Microsoft powered Sync</a> system which brings voice activated iPod and mobile phone integration into new Fords being one such over hyped example.<br /><br />However, with the forthcoming announcement from <a href="http://www.chrysler.com/en/" target="_blank">Chrysler</a> we may have a 21st Century automotive technological advance worth shouting about. The UConnect Web System promises to deliver instant Internet access on the move courtesy of combined 3G mobile and standard WiFi connectivity.<br /><br />Expected to be available on 2009 Chrysler, Jeep and Dodge models, the in-vehicle wireless Internet connectivity is as advanced as they come. In effect it will provide all the convenience of a fully functional WiFi hotspot wherever you want it, wherever your car happens to be.<br /><br />With broadband in the dash, it will be possible to make high speed data transfers while driving at high speed. In theory at least. How the system copes with connectivity stability remains to be seen, but considering that trains here in the UK can provide a stable Internet connection at speeds of up to 125mph it should be perfectly possible.<br /><br />Chrysler reckons that its rolling WiFi hotspot technology will bring the ability for your passengers to check email, download music and even play games on the move. The driver can join in, of course, when the vehicle has parked up safely.<div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-5540806.post-9690492705509213132008-05-20T07:48:00.005-04:002008-05-20T08:11:58.207-04:00Does Being Ethical Pay?<p><a href="http://online.wsj.com/article/SB121018735490274425.html?mod=2_1573_topbox">Wall Street Journal</a></p><p><strong>Companies spend huge amounts of money to be 'socially responsible.' Do consumers reward them for it? And how much?</strong></p><p>By REMI TRUDEL AND JUNE COTTE May 12, 2008</p><p><a href="http://www.beneaththebrand.com/wp-content/uploads/2008/01/go-green.jpg"><img style="FLOAT: right; MARGIN: 0px 0px 10px 10px; WIDTH: 190px; CURSOR: hand; HEIGHT: 187px" height="252" alt="" src="http://www.beneaththebrand.com/wp-content/uploads/2008/01/go-green.jpg" border="0" /></a>For corporations, social responsibility has become a big business. Companies spend billions of dollars doing good works -- everything from boosting diversity in their ranks to developing eco-friendly technology -- and then trumpeting those efforts to the public.<br />But does it pay off?<br /><a class="p11" href="http://link.brightcove.com/services/link/bcpid1127798163/bclid572028407/bctid1545110844"></a><br />Do companies need to tread carefully to avoid a backlash from overhyping their ethical credentials? June Cotte speaks with the Journal's Erin White.</p><p>Many companies hope consumers will pay a premium for products made with higher ethical standards. But most companies plunge in without testing that assumption or some other crucial questions. Will buyers actually reward good corporate behavior by paying more for products -- and will they punish irresponsible behavior by paying less? If so, how much? And just how far does a company really need to go to win people over?</p><p>To find out, we conducted a series of experiments. We showed consumers the same products -- coffee and T-shirts -- but told one group the items had been made using high ethical standards and another group that low standards had been used. A control group got no information.</p><p>In all of our tests, consumers were willing to pay a slight premium for the ethically made goods. But they went much further in the other direction: They would buy unethically made products only at a steep discount.</p><p>What's more, consumer attitudes played a big part in shaping those results. People with high standards for corporate behavior rewarded the ethical companies with bigger premiums and punished the unethical ones with bigger discounts.</p><p>Finally, we discovered that companies don't necessarily need to go all-out with social responsibility to win over consumers. If a company invests in even a small degree of ethical production, buyers will reward it just as much as a company that goes much further in its efforts.</p><p>Below, we'll look at these tests in more detail. But first, a definition -- and a caveat.<br />For our purposes, "ethically produced" goods are those manufactured under three conditions. First, the company is considered to have progressive stakeholder relations, such as a commitment to diversity in hiring and consumer safety. Second, it must follow progressive environmental practices, such as using eco-friendly technology. Finally, it must be seen to demonstrate respect for human rights -- no child labor or forced labor in overseas factories, for instance.</p><p><strong>GOOD BUSINESS?<br /></strong><br /><strong>• The Question</strong>: Companies spend billions of dollars doing good works -- such as developing eco-friendly technology -- and then trumpeting them to the public. But does it pay off?<br /><strong>• The Test: </strong>In a series of experiments, consumers were shown the same products -- coffee and T-shirts -- but one group was told the items had been made using high ethical standards and another group that low standards had been used.<br /><strong>• The Result:</strong> Consumers are willing to pay a small premium for ethically produced goods. But they'll punish an unethically made product even more harshly, by buying it only at a steep discount.</p><p>Now the warning, which may not come as much of a surprise. Even though we think ethical production can lead to higher sales, not all consumers will be won over by the efforts. Some may prefer a lower price even if they know a product is made unethically.</p><p>With that in mind, here's a closer look at our results.</p><p><strong>HOW MUCH ARE ETHICS WORTH?<br /></strong>Our first experiment asked two questions. How much more will people pay for an ethically produced product? And how much less are they willing to spend for one they think is unethical?</p><p>To test these questions, we gathered a random group of 97 adult coffee drinkers and asked them how much they would pay for a pound of beans from a certain company. We used a brand that's not available in North America, so none of the participants would be familiar with it.</p><p>But before the people answered, we asked them to read some information about the company's production standards. One group got positive ethical information, and one group negative; the control group got neutral information, similar to what shoppers would typically know in a store.<br />After reading about the company and its coffee, the people told us the price they were willing to pay on an 11-point scale, from $5 to $15. The results? The mean price for the ethical group ($9.71 per pound) was significantly higher than that of the control group ($8.31) or the unethical group ($5.89).</p><p>Meanwhile, as the numbers show, the unethical group was demanding to pay significantly less for the product than the control group. In fact, the unethical group punished the coffee company's bad behavior more than the ethical group rewarded its good behavior. The unethical group's mean price was $2.42 below the control group's, while the ethical group's mean price was $1.40 above. So, negative information had almost twice the impact of positive information on the participants' willingness to pay.</p><p>For companies, the implications of this study -- albeit limited -- are apparent. Efforts to move toward ethical production, and promote that behavior, appear to be a wise investment. In other words, if you act in a socially responsible manner, and advertise that fact, you may be able to charge slightly more for your products.</p><p>On the other hand, it appears to be even more important to stay away from goods that are unethically produced. Consumers may still purchase your products, but only at a substantial discount.</p><p><span style="font-size:85%;"><strong>REWARD AND PUNISHMENT</strong><br />What consumers were willing to pay for a pound of coffee based on what they were told about the company's production standards</span></p><ul><li><span style="font-size:85%;">Ethical standards . . . . . . . . . . . $9.71 </span></li><li><span style="font-size:85%;">Unethical standards . . . . . . . . . $5.89 </span></li><li><span style="font-size:85%;">Control (no information) . . . . . $8.31 </span></li></ul><p><span style="font-size:85%;"><em>Source: Remi Trudel and June Cotte</em></span></p><p><span style="font-size:85%;"><strong>A MATTER OF DEGREE</strong> </span></p><p><span style="font-size:85%;">How much consumers were willing to pay for all-cotton T-shirts based on what they were told about the proportion of ethical production</span></p><ul><li><span style="font-size:85%;">100% organic cotton . . . . . . . $21.21 </span></li><li><span style="font-size:85%;">50% organic cotton . . . . . . . . .$20.44 </span></li><li><span style="font-size:85%;">25% organic cotton . . . . . . . . .$20.72 </span></li><li><span style="font-size:85%;">Unethical behavior* . . . . . . . . $17.33 </span></li><li><span style="font-size:85%;">Control (no information) . . . . $20.04 </span></li></ul><p><span style="font-size:85%;">*Production harms environment</span></p><p><span style="font-size:85%;"><strong>ATTITUDE ADJUSTMENT </strong></span></p><p><span style="font-size:85%;">Consumers with high ethical expectations of companies doled out bigger rewards and punishments than consumers with low expectations. What each group was willing to pay for a pound of coffee based on production standards:</span></p><p><span style="font-size:85%;">Consumers with high expectations: </span></p><ul><li><span style="font-size:85%;">Ethical standards . . . . . . . . . . $11.59 </span></li><li><span style="font-size:85%;">Unethical standards . . . . . . . $6.92</span></li></ul><span style="font-size:85%;"><p>Consumers with low expectations: </span></p><ul><li><span style="font-size:85%;">Ethical standards . . . . . . . . . . $9.90 </span></li><li><span style="font-size:85%;">Unethical standards . . . . . . . .$8.44</span></li></ul><p><strong>HOW ETHICAL DO YOU NEED TO BE? </strong></p><p>Our next test looked at degrees of ethical behavior. For instance, are consumers willing to pay more for a product that is 100% ethically produced versus one that is 50% or 25% ethically produced?</p><p>To find out, we tested consumers' responses to T-shirts from a fictitious manufacturer. We divided 218 people into five groups and presented them with information about the company and its product. One group was told the shirts were 100% organic cotton, one group 50% and one group 25%. Another group -- the "unethical" one -- was told there was no organic component. The control group got no information.</p><p>In addition, all the groups but the control were shown a short paragraph detailing the detrimental effects of nonorganic cotton production on the environment.</p><p>Then the participants were asked how much they were willing to pay for the shirts on a 16-point scale, ranging from $15 to $30. As in the first test, we found that people were willing to pay a premium for all levels of ethical production, and they would discount an unethical product more deeply than they would reward an ethical one.</p><p>But consumers didn't reward increasing levels of ethical production with increasing price premiums. The 25% organic shirts got a mean price of $20.72 -- not much different from the 50% ($20.44) and 100% ($21.21).</p><p>It seems that once companies hit a certain ethical threshold, consumers will reward them by paying higher prices for their products. Any ethical acts past that point might reinforce the company's image, but don't make people willing to pay more. (Of course, if 100% ethical becomes expected among consumers, anything less may be punished.)</p><p><strong>WHAT EFFECT DO CONSUMER ATTITUDES HAVE?<br /></strong>In our final experiment, we looked at the attitudes people bring to the table. If consumers expect that companies will behave ethically, will that change how much they reward and punish behavior? What if they expect that companies are just in it for the money, maximizing profits and not taking ethics into account?</p><p>Once again, we tested coffee drinkers -- 84 this time -- and split them into groups that received positive, negative and no ethical information about the manufacturer and its methods. But first we measured the people's attitudes toward corporations and labeled them high-expectation or low-expectation.</p><p>Once again we found that -- regardless of their expectations -- consumers were willing to pay more for ethical goods than unethical ones, or ones about which they had no information. Likewise, negative information had a much bigger bearing on consumer response than positive information. People punished unethical goods with a bigger discount (about $2 below the control group) than they rewarded ethical ones with premiums (about $1 above the control group).</p><p>So, what effect did consumer attitudes have? People with high expectations doled out bigger rewards and punishments than those with low expectations. Those with high expectations were willing to pay a mean of $11.59 per pound for the ethical coffee, versus $9.90 for those with low expectations. And the high-expectations group punished the unethical coffee with a price of $6.92, versus $8.44 for low-expectations consumers.</p><p>The lessons are clear. Companies should segment their market and make a particular effort to reach out to buyers with high ethical standards, because those are the customers who can deliver the biggest potential profits on ethically produced goods.</p><p><em>--Mr. Trudel is a doctoral candidate in marketing at the University of Western Ontario's Ivey School of Business. Dr. Cotte is the George and Mary Turnbull faculty fellow and associate professor of marketing at the Ivey School. They can be reached at </em><a class="times" href="mailto:reports@wsj.com"><em>reports@wsj.com</em></a><em>.</em></p><div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-21599606889602351472008-05-01T06:58:00.001-04:002008-05-01T07:04:08.737-04:00Aligning Form and Substance to Create an Ethical Business Culture<a href="http://3.bp.blogspot.com/_XUVPWccXwPc/SBmjaFWfoGI/AAAAAAAAEKM/gDHbi1cyWSg/s1600-h/preberEthics200.gif"><img style="float:right; margin:0 0 10px 10px;cursor:pointer; cursor:hand;" src="http://3.bp.blogspot.com/_XUVPWccXwPc/SBmjaFWfoGI/AAAAAAAAEKM/gDHbi1cyWSg/s320/preberEthics200.gif" border="0" alt=""id="BLOGGER_PHOTO_ID_5195363313657028706" /></a><br /><a href="http://knowledge.wpcarey.asu.edu/article.cfm?articleid=1588">by Bradley Preber</a><br /><br />Published: April 09, 2008 in Knowledge@W.P. Carey <br /><br /> <br />Bradley Preber’s recent talk on business ethics and culture could not have been more relevant or timely. The partner-in-charge of Grant Thornton's Forensic Accounting and Investigative Services practice spoke before a group of W. P. Carey MBA Executive students the same day that an independent report commissioned by the U.S. Department of Justice found that the auditing firm KPMG is allegedly linked to fraud at New Century Financial Corp, a subprime mortgage lender. KPMG denies any wrongdoing, but the incident raised some interesting ethical questions during the discussion, part of the school’s Thought Leadership Series. <br /><br />The New York Times reported that "New Century Financial … engaged in 'significant improper and imprudent practices' that were condoned and enabled by auditors at the accounting firm KPMG, according to an independent report commissioned by the Justice Department." The report also pointed out that some auditors raised concerns about New Century, but were ignored because of fear that the firm would lose an important client.<br /><br />Preber would not speak specifically about the auditing company, adding that he thought this would be unethical because they are a competitor of his firm. But when the news was raised by students and other speakers he noted that any company that continues having pervasive and systematic behavior problems with its employees must look at its culture to see if it could be partly what drives that unethical behavior. And if the recurring problem stems from upper management then this will have repercussions for the rest of the company. <br /><br />Preber added that culture is a factor that can be used to predict fraud and evaluate a company's ethics. He asked his audience to consider some companies that have been in the news for ethical situations and to free associate:<br /><br />Prompted with Enron they offered "greed," "putting profits before people," "arrogance." <br /><br />When asked about Microsoft, they said "competence," "market dominance," even "innovation." <br /><br />PetSmart, the pet specialty retailer, fared well with the group. PetSmart had recalled contaminated pet food and replaced their customer's purchases, Preber said. "This tells customers that the company is there to look after their pets and will rectify any errors made."<br /><br />Culture played an important role in forming the students' impressions. <br /><br /><B>Form of culture and substance of culture must align</B><br /><br />When companies take quick action, as PetSmart did, they foster an ethical business culture. But fast and appropriate reflexes are not enough. <br /><br />Preber argued that the form of a company's culture must align with the substance of the culture. Form, Preber said, includes standards and values that can be verbalized or written down. He stated examples such as policies and procedures, compliance officers, industry norms and laws and regulations. Substance, however, is the action that grows out of acceptance of the form, by the company, its managers and its employees. Actions could include the way employees talk about their bosses, establishment of an anonymous complaint line for employees and rewards for good behavior. <br /><br />If substance and form align, Preber explained, then desirable and acceptable workplace behaviors are more probable. When unethical behavior surfaces and is tolerated, it is because form and substance of culture are unaligned. <br /><br />"This is when attitudes deteriorate and the incentives for unethical behavior rise," Preber said. <br /><br />Ethics wane, the accountant thinks, when form is placed over substance. Form over substance results in rationalization, living with bad decisions, cheating and fudging the system. When asked how to avoid unethical clients, Preber suggested operating only with those that share your ethics. <br /><br />"It's not my job to correct clients' ethics. If their ethics don't mesh with yours, always walk away."<br /><br /><B>Avoiding the gray area</B><br /><br />Marianne Jennings, a professor of legal and ethical studies in business at W. P. Carey School of Business, frets about stories like KPMG. Author of "The Seven Signs of Ethical Collapse: How to Spot Moral Meltdowns in Companies … Before It's Too Late," Jennings noted that previously, scandals only surfaced every decade. <br /><br />"Enron and the Sarbanes-Oxley Act of 2002 -- which tried to reform American business practices -- were only five years ago, so we are seeing scandals more frequently and the same pattern over and over," she said. <br /><br />Jennings pointed out that KPMG settled tax shelter fraud allegations with a fine, and just a few weeks ago paid to settle for its role in the Xerox accounting fraud. The New Century Financial issues came after these two problems. <br /><br />"The pattern seems to suggest that KPMG needs that exercise of seeing whether the client's values are the same as their values, or they have not yet come to grips with the importance of ethics and values over the retention of clients and keeping the revenues," Jennings commented. <br /><br />In her book, Jennings writes that "all unethical organizations are alike; their cultures are identical and their collapses become predictable." She identifies seven warning signs that a company culture is unethical: pressure to maintain numbers; fear and silence in the ranks and leadership; young and inexperienced executives and a bigger-than-life CEO; a weak board; conflict; pressure to produce constant innovation; and a penchant for philanthropy that assuages guilt for questionable decisions. <br /><br />When a sufficient number of the seven signs have infected the culture, Jennings writes, intelligent and otherwise upstanding people may do things that are at least unethical, and often illegal. <br /><br />Things start to become slippery, Jennings said, because that gray area can include unethical actions that are not technically illegal. "If we want change, then it is the ethics within this gray area that must be studied more."<br /><br />To keep out of trouble, Jennings suggested asking oneself: "Why is this area gray to you? If you are there, then you are probably already in trouble, looking for a way around a rule." <br /><br />Asked what professors and mentors can do to help prevent poor business behavior, Jennings said that teaching ethics has never been more important. Giving business students continual case studies showing the risks and costs of living in that gray area, and giving them the gumption to act when they feel uncomfortable is essential, she said. <br /><br />"Creating change means driving this home." <br /><br /><B>Bottom Line:</B><br /><br /><ul><li>Brad Preber, an accountant dealing with fraud and litigation cases, says that we can learn a great deal about a company's ethics through its culture. <br /><li>He also thinks that when the form and substance of a company are out of whack, attitudes deteriorate and incentives for ethical behavior wane. <br /><li>Jennings' seven warning signs that a company culture is unethical: pressure to maintain numbers; fear and silence in the ranks and leadership; young and inexperienced executives and a bigger-than-life CEO; a weak board; conflict; pressure to produce constant innovation; and a penchant for philanthropy that assuages guilt for questionable decisions. <br /><li>If you find yourself in a gray area, you are probably already in trouble, Jennings says. </ul><br /><br /><B>Additional Reading</B>: <a href="http://knowledge.wpcarey.asu.edu/index.cfm?fa=viewarticle&id=1127">"Executive Role Models Crucial in Building Ethical Workplace Culture"</a><div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-13218054174621544932007-10-29T17:21:00.000-04:002007-10-29T17:30:59.780-04:00Ethics in IT: Dark secrets, ugly truths -- and little guidance<a href="http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=304308&source=NLT_PM&nlid=8">Computer World</a><br /><P>What Bryan found on an executive’s computer six years ago still weighs heavily on his mind. He’s particularly troubled that the man he discovered using a company PC to view pornography of Asian women and of children was subsequently promoted and moved to China to run a manufacturing plant. <br /><P>“To this day, I regret not taking that stuff to the FBI,” says Bryan. <br /><P><img src="http://www.chac.ca/resources/ethics/fr-ethics_guide.jpg" hspace=5 vspace=5 border=1 align=right><br />It happened when Bryan, who asked that his last name not be published, was IT director at the U.S. division of a $500 million multinational corporation based in Germany. <br /><P>The company’s Internet usage policy, which Bryan helped develop with input from senior management, prohibited the use of company computers to access pornographic or adult-content Web sites. One of Bryan’s duties was to monitor employee Web surfing using products from SurfControl PLC and report any violations to management. <br /><P>Bryan knew that the executive, who was a level above him in another department, was popular within both the U.S. division and the German parent. But when the tools turned up dozens of pornographic Web sites visited by the exec’s computer, Bryan followed the policy. “That’s what it’s there for. I wasn’t going to get into trouble for following the policy,” he reasoned. <br /><P>So he went to his manager with copies of the Web logs (which he still has in his possession and made available to Computerworld for verification). <br /><P><br /><P><B>Power and Responsibility </B><br /><P>Bryan’s case is a good example of the ethical dilemmas that IT workers may encounter on the job. IT employees have privileged access to digital information, both personal and professional, throughout the company, and they have the technical prowess to manipulate that information. <br /><P>That gives them both the power and responsibility to monitor and report employees who break company rules. IT professionals may also uncover evidence that a co-worker is, say, embezzling funds, or they could be tempted to peek at private salary information or personal e-mails. But there’s little guidance on what to do in these uncomfortable situations. <br /><P>In the case of the porn-viewing executive, Bryan didn’t get into trouble, but neither did the executive, who came up with “a pretty outlandish explanation” that the company accepted, Bryan says. He considered going to the FBI, but the Internet bubble had just burst, and jobs were hard to come by. “It was a tough choice,” Bryan says. “[But] I had a family to feed.” <br /><P>In theory, ethical behavior is governed by laws, corporate policy, professional ethics and personal judgment.<br /><P><a href="http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=304308&source=NLT_PM&nlid=8">Continue reading</a><div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-57481671488955811842007-09-14T15:21:00.000-04:002007-09-14T15:21:43.821-04:00When ethics and IT collide<a href="http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9035481&source=NLT_WK&nlid=2">ComputerWorld</a><br /><P>It still weighs heavily on Bryan's mind, what he found on that executive's computer, especially when he thinks of his own daughters. He's particularly troubled that the man he discovered using a company computer to view pornography of Asian women and of children was subsequently promoted and moved to China to run a manufacturing plant.<br /><P>"To this day, I regret not taking that stuff to the FBI," says Bryan.<br /><P>It happened six years ago, when Bryan, who asked that his last name not be published, was IT director for the U.S. division of a $500 million multinational corporation based in Germany. <br /><P>The company's Internet usage policy, which Bryan helped develop with input from senior management, specifically prohibited the use of company computers to access pornographic or adult-content Web sites. One of Bryan's duties was to monitor employee Web surfing using SurfControl and report any violations to management.<br /><P>Bryan knew that the executive, who was a level above him in another department, was popular both within the U.S. division and the German parent. So when SurfControl turned up dozens of pornographic Web sites visited by the exec's computer, Bryan figured "my best course of action was to follow the policy." <br /><P>"That's what it's there for," he reasoned. "I wasn't going to get into trouble for following the policy." He went to his manager with copies of the Web logs in question (which he still has in his possession and made available to Computerworld for verification). <br /><br /><P><a href="http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9035481&source=NLT_WK&nlid=2">Continue reading the article on ComputerWorld</a>. The article is long and intensive, followed by a strong discussion forum.<div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-40924566544782455662007-09-13T18:00:00.000-04:002007-09-13T18:02:17.336-04:00Hacker / security expert charged with massive credit card theft<a href="http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9035818&source=NLT_VVR&nlid=37">Computer World</a><br /><P>A California man who served jail time for hacking hundreds of military and government computers nine years ago was charged yesterday with new computer crimes: stealing tens of thousands of credit card accounts by breaking into bank and card processing networks. <br /><P>Max Ray Butler, 35 of San Francisco, a.k.a Max Vision, and also known by his online nicknames of Iceman, Digits and Aphex, was indicted Tuesday by a federal grand jury in Pittsburgh on three counts of wire fraud and two counts of transferring stolen identity information. Arrested last week in California, where he remains, Butler could face up to 40 years in prison and a $1.5 million fine if he is convicted on all five counts.<br /><P>According to the indictment, Butler hacked multiple computer networks of financial institutions and card processing firms, sold the account and identity information he stole from <img src="http://www1.istockphoto.com/file_thumbview_approve/349458/2/istockphoto_349458_computer_hacker.jpg" align=right width=200 vspace=5 hspace=5> those systems, and even received a percentage of the money that others made selling merchandise they'd purchased with the stolen card numbers. The U.S. Secret Service ran the investigation into the hacks and resulting scams, which took place between June 2005 and September of this year. <br /><P>Butler was charged in Pittsburgh because he'd sold data on 103 credit card accounts to a Pennsylvanian who was cooperating with authorities. <br /><P>He and others also operated a Web site used as a meeting place for criminals who bought and sold credit card and personal identity information. "As of September 5, 2007, Cardsmarket had thousands of members worldwide," the indictment read. Although the site was still online as of Wednesday morning, the forums had been deleted. A message posted by a forum administrator identified as achilous said he had erased the threads when news of Butler's arrest broke. <br /><P>"Everybody who hasn't already done so, I would strongly advise that you delete all PMs you have saved," achilous advised. "Also, any unsecured data you have, now would be the time to make sure it is very strongly encrypted. These precautions seemed justified given the severity of the situation. It may only be a matter of time before a government agency takes over this forum, and I did not want them to get the raw SQL database containing all the threads and posts." <br /><P>Although some documents in the case remain sealed, including one or more affidavits, news reports cited grand jury witnesses who had told of Butler selling tens of thousands of stolen credit card accounts. A former partner who had been arrested in May reportedly claimed that Butler supplied him with a thousand numbers each month for more than two years, according to the Pittsburgh Tribune-Review.<br /><P>Achilous called Christopher Aragon, 47, the Californian named in the Tribune-Review story, a "rat" for fingering Butler. Aragon was arrested with another man, Guy Shitrit, 23, in Newport Beach, Calif. on May 12 at a local shopping mall after buying more than $13,000 worth of Coach handbags using counterfeited American Express, credit cards at Bloomingdales. Police found more than 70 bogus credit cards on the pair. <br /><P>After he was arrested, Aragon was banned from the Cardsmarket forums, said achilous, for "security" reasons. <br /><P>Prosecutors in Pittsburgh said that Butler used high-powered antenna in "war-driving" style attacks to hack wireless access to computer networks at organizations that included the Pentagon Federal Credit Union and Citibank. <br /><P>Butler is no stranger to the judicial system. In 2000, he pleaded guilty to charges that he hacked military and other government computers three years prior, including those belonging to the U.S. Air Force, U.S. Navy, and NASA. He was also accused of breaching the network of id Software, developers of the PC games "Doom" and "Quake," and stealing several <img src="http://homepage.mac.com/g3head/hackerssm.jpg" align=right width=200 vspace=5 hspace=5> hundred access passwords to a California Internet service provider. <br /><P>Butler pleaded guilty to one felony count, even though he continued to proclaim his innocence, saying that he had found an unpatched vulnerability in government networks then written software to scan for the hole and close it. Prosecutors at the time, however, said Butler also added a "back door" to every system his software penetrated, giving him secret access to the networks. <br /><P>Ironically, Butler, then 28, was a well-known security researcher before his arrest, frequently posting to security mailing lists. He had also created arachNIDS, a once-popular open source collection of attack signatures used intrusion detection systems. During court hearings in 2000, it also came to light that he had been an FBI informant for at least two years, and perhaps as many as five years, before his arrest. <br /><P>Butler was sentenced in May 2001 and served 18 months in federal prison and three years' probation.<div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-6166776035917769342007-09-10T11:57:00.000-04:002007-09-10T11:59:24.657-04:00Why We Aren't as Ethical as We Think We Are<a href="http://hbswk.hbs.edu/item/5763.html">HBS</a> (pdf)<br /><P>People commonly predict they will behave more ethically in the future than they actually do. When evaluating past (un)ethical behavior, they also believe they behaved more ethically than they actually did. New research discusses why.<div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-21856425202964803572007-08-14T08:00:00.000-04:002007-08-14T08:00:34.433-04:00Flash mob DDOS<a href="http://reviews.cnet.com/4520-3513_7-6761400-1.html?tag=txt&tag=nl.e757">CNET</a><br /><P>Flash mobs may have been responsible for those denial-of-service (DoS) attacks in Estonia last May. So says Gadi Evron, security evangelist for Beyond Security, who gave a thorough presentation last week at Black Hat and then again at Defcon, recounting in detail the events surrounding the attack, some of which he experienced first-hand, surrounding the attack. Although he originally joked that the KGB was to blame--and quickly explained that the KGB no longer existed--Evron said could not prove conclusively that the Russians were behind the events. <img src="http://www.staysafeonline.org/images/company_clip.jpg" vspace=5 hspace=5 align=right border=0> Yet he did call it the first true cyberwar, if only that the commerce and day-to-day functions of one country were interrupted significantly. Evron said we can all learn by what was done. Unlike the United States and many other countries, Estonia's 1.4 million people are among the most wired populations in the world, so for several days, ordinary people were unable to pump gas, buy bread, or pay their bills because of a nationalistic dispute with another country. And remember, this was just a small attack, a taste of what's to come.<br /><P>[...] there was some forensic evidence that suggested a part of this attack was organized. For example, the initial inciting spam. There was also at least one bot agent written specifically to wreak havoc [...]<br /><P>[...] What's significant is that the denial of service attacks affected the Estonian economy. This wasn't just an attack on the government; it affected the average person on the street. Many Estonians rely on the Internet for basic services such as paying for food, water, and gas. By shutting down access to banks, these services could not be paid. "The more technology there is within a country, the more dependent the country is on technology" he said, "and therefore, the more vulnerable." He said the same applies to the Internet. What happened in Estonia, Evron said, could happen somewhere else, perhaps on a larger scale, in the future.<br /><P>Evron said we also need to rethink what we consider our critical assets our in light of this. "The critical infrastructure was not what we expected; it was (not the government, but) the private and business sectors." Evron said ISPs, banks, and even the media need to be protected against such attacks. The media, he said, are necessary to get information out in a time of crises. <br /><P>[<a href="http://reviews.cnet.com/4520-3513_7-6761400-1.html?tag=txt&tag=nl.e757">read the full article</a>]<br /><br><a href="http://www.us-cert.gov/cas/tips/ST04-015.html">On preventing DDOS attacks -- CERT</a><div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-25252221540294226262007-08-14T07:18:00.000-04:002007-08-14T07:29:26.998-04:00Social strategy helps break through ad clutter<a href="http://thechronicleherald.ca/Business/852795.html">Nova Scotia News - TheChronicleHerald.ca</a><br /><P><img src="http://csrr.threemilecanyonfarms.com/images/csr_field.jpg" align=right hspace=5 vspace=5 border=0> Social strategy helps break through ad clutter KAREN BLOTNICKY 7:35 AM ADVERTISEMENT THERE IS a lot of advertising on the street. Consumers are subjected to literally thousands of cues on a daily basis. Advertisers are all seeking the same thing: the consumer’s attention. With so much advertising it is becoming tougher to break through the clutter.<br /><P>Social strategy is an innovative business strategy that goes beyond advertising and into the heart of the business. Social strategy requires that businesses focus on the impact they have on society as a whole, with the goal of making positive contributions in a proactive and ethical way.<br /><P>At first glance, social strategy sounds more like a company mission than a marketing strategy, but the two are intricately connected. Research shows that today’s consumers expect businesses to deliver the entire package: a brand that is both ecological and ethical, and that is based in a company whose primary motives are just as pure.<br /><P>Today’s marketers must be more than creative minds with the ability to create a performance surrounding a product: they must be an integral part of the organization and they must play an important role in pulling together the soul of the company and its public persona. <br /><P>Today’s shoppers are much more cynical than their parents and grandparents were. They do not trust most of the promotional messages that they hear. Social strategy is the key to success that helps honest firms get their point across. <br /><P>A recent study of 1,200 Canadians revealed that the majority of consumers are willing to pay a premium for products that are environmentally friendly: not just in their application, but also in their manufacturing. Women were more strongly inclined to support such products than were men.<br /><P>Women also demonstrated stronger leanings towards social responsibility as they grew older, while men tended to remain consistent in their attitudes towards social responsibility. These are important considerations when dealing with an aging population. <br /><P>The majority of both male and female shoppers were more likely to support brands that contributed something back to the community. They were also more willing to support companies that were socially responsible, and that were making real contributions to the betterment of society and community.<br /><P>Women were more strongly supportive than were men and there were stronger pockets of support in different age groups. For example, 90 per cent of women between the ages of 35 and 54 years were more likely to purchase a brand that contributed to the community. These trends are important when considering that the female head of household controls most of the family budget.<br /><P>Promotional messages featuring such products and firms were more likely to impact consumers. The study also indicated that support was higher among consumers who were higher educated, or had higher incomes. <br /><P>Consumers appear to be linking trust and meaning to broad social activism and then equating that activism back to individual brands, and companies. The core value behind the company must be as strongly targeted and as relentlessly pursued as the personality attached to individual company brands.<br /><P>The most successful brands are able to link corporate mission and motive to the values of customers in a highly impactful and transparent way. <br /><P>Many of these companies are quite large, but they have grown as a result of their socially responsible core values. Examples of such firms include The Body Shop, Mountain Equipment Co-op, and Vancouver-based Vancity Credit Union. <br /><P><img src="http://csrr.threemilecanyonfarms.com/images/manure_pile.jpg" hspace=5 vspace=5 align=right border=0> Vancity is somewhat unusual when compared to other socially responsible firms, which tend to deal with consumer package goods. As a service provider, Vancity has the added complication of having to make a complex service easier to understand and purchase. However, Vancity has created a social strategy based on a triple bottom line based on financial, social and environmental returns. <br /><P>Making core values actionable can be a challenge for some firms. Vancity makes its triple bottom line real to consumers by contributing one million dollars annually to organizations that support projects that contribute to the economy, society or community.<br /><P>They also offer interest rate breaks for hybrid car loans and environmentally friendly home mortgages.<br /><P>Small businesses need to seriously examine their strategy to see if a social strategy can work for them. This process must start with examining the firm’s environmental impact, and determining how social goals will resonate with customers. No firm is too small to consider a triple bottom line approach. <br /><P>Finally, the business must be able to effectively communicate its social strategy, as well act on it. <br /><P>Using a social strategy involves a level of commitment that goes far beyond the marketing campaign, and it is a win-win approach for the business, its customers and community. <br /><P><em><a href="mailto:kblotnicky@herald.ca">Karen Blotnicky</a> is president of TMC The Marketing Clinic and a professor at Mount Saint Vincent University.</em><div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-7442657349994289322007-07-19T17:20:00.000-04:002007-07-19T17:23:35.916-04:00Creating an Ethics Curriculum<a href="http://accounting.smartpros.com/x58429.xml">Working Values</a><br /><P><img src="http://www.gazette.rcmp-grc.gc.ca/images/content/vol67issue3/man_silhouette.jpg" vspace=5 hspace=5 border=1 align=right>Companies can dramatically improve their ability to effect behavior change when they develop an ethics training curriculum aimed at building ethical leadership and culture building skills throughout the organization. The training should focus on developing ethical decision-making skills, promoting open communication, encouraging role modeling and communicating with respect.<br /><P>Recent Ethics Resource Center (ERC) data shows that an increasing number of companies have ethics programs and provide training:<br /><ul><li>Written standards of conduct are up by 19 percent. <br /><li>Training on ethics has increased by 32 percent. <br /><li>Mechanisms to seek ethics advice or information are being instituted at an increase of 15 percent. <br /><li>Means to report misconduct anonymously is up by 7 percent. <br /><li>Discipline of employees who violate ethical standards is up by 4 percent. <br /></ul>However, the ERC reports that this increase in training has not improved outcomes:<br /><ul><li>In 2005, 52 percent of employees observed at least one type of misconduct taking place. <br /><li>Employee willingness to report misconduct declined in 2005. Of employees who observed misconduct at work in 2005, just over one half (55 percent) reported it to management. This represents a 10 percentage point decrease since 2003 and demonstrates backsliding to levels similar to those in 2000. <br /><li>There is little change in pressure to compromise standards in 2005 -- 10 percent of employees feel this pressure always or fairly often, a level similar to that reported in the earlier year.</ul><br /><em>Source: Ethics Resource Center, National Business Ethics Survey</em><br /><P>The data suggests that while incidences of misconduct persist, employees are less apt to report them, despite an increase in ethics training and reporting mechanisms in the workplace. Why is there so little correlation between the implementation of ethics programs and an employee's willingness to speak up when they observe or suspect a violation?<br /><P>For most companies, ethics training is still predominantly a "check the box" program focusing on compliance with the law. It's crucial that companies ensure compliance, but making sure that employees know the rules is no guarantee they will follow them. Building a culture that institutes, promotes and helps employees maintain ethical behavior in the workplace necessitates a different method of training – a differentiated curriculum targeted at specific audiences within the organization and training on specific skill sets for these audiences.<br /><P>This kind of training demonstrates that ethics is valued at all levels of the organization. Senior leaders can be trained in five-minute increments or modules to facilitate ease of use and the efficient use of time for learners who are chronically short of time. Skills should include open communication and specific behaviors for modeling tone at the top.<br /><P>Managers need to be trained in open communication and skills and competencies to support a culture of ethics within their departments and teams. They need to learn how to demonstrate specific behaviors for modeling ethical behavior in the workplace.<br /><P>Employees can be trained to use a company-wide decision making process or model to help them remember and practice where and how to provide feedback to managers or supervisors. The model can also direct employees on where and how to report workplace issues. Training in specific listening and communication skills help to promote open communication with managers, supervisors and peers.<br /><P>A company-wide discovery process should be undertaken to understand the specific culture within the organization and articulate its business objectives in relation to ethical behavior. After the discovery process, the findings can be woven into the ethics training curriculum to meet the particular needs of that organization.<br /><P>Organizations can build an ethics curriculum that will:<br /><ul><li>Build ethical leadership skills and at all levels of the organization -- not just teach policies and procedures; <br /><li>Reflect the culture of the organization; <br /><li>Be engaging and immediately applicable to learners; <br /><li>Connect business objectives to ethics training; <br /><li>Promote open communication and teach the skills necessary to achieve it; and <br /><li>Provide tools for integrating learning into the workplace.</ul><div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-21013201757526401752007-07-11T19:24:00.000-04:002007-07-11T19:27:20.732-04:00U.K. commissioner blames CEOs for data breaches<a href="http://news.com.com/U.K.+commissioner+blames+CEOs+for+data+breaches/2100-1029-6196022.html?part=dht&tag=nl.e433">CNET News.com</a><br /><P><a href="http://news.com.com/U.K.+commissioner+blames+CEOs+for+data+breaches/2100-1029-6196022.html?part=dht&tag=nl.e433"><img align=left vspace=5 hspace=5 border=0 src="http://news.com.com/i/ne/pg/fd_2007/people2_120x90.jpg"></a>The United Kingdom's information commissioner is calling on chief executives to take the security of customer and staff information more seriously. <br /><P>'The roll call of banks, retailers, government departments, public bodies and other organizations which have admitted serious security lapses is frankly horrifying,' Richard Thomas wrote in a report. 'How can laptops holding details of customer accounts be used away from the office without strong encryption? How can millions of store card transactions fall into the wrong hands?' <br /><P>The Information Commissioner's Office (ICO) received almost 24,000 inquiries and complaints concerning personal information, and it prosecuted 16 individuals and organizations in the past 12 months, according to its annual report for 2006 and 2007. <br /><P>'Be sure you are not the business or political leader who failed to take information rights seriously.' <br /><blockquote>Richard Thomas, information commissioner, United Kingdom: <em>'My message to those at the top of organizations is to respect the privacy of individuals and the integrity of the information held about them, to embrace data protection positively, and to be sure you are not the business or political leader who failed to take information rights seriously.'</em></blockquote><br />The ICO received complaints under both the Data Protection Act and the Freedom of Information Act.<br /><P>More than half of Data Protection Act cases required the ICO to simply provide advice and guidance, while a breach was likely to have happened in more than a third of cases, of which a further 77 percent resulted in remedial actions such as correcting an individual's record or training staff. <br /><P>The ICO received almost 6,000 complaints under the Freedom of Information Act and has closed more than three-fourths of those. <br /><P>Public awareness of data protection rights has increased to 82 percent, with more people understanding that personal information must be handled appropriately, according to the report. <br /><P>The information commissioner's plea follows a number of security breaches over the last year, including 12 U.K. banks found to be in breach of the Data Protection Act, following complaints about the disposal of customer information. <br /><P>U.K. bank Barclays is facing an ICO investigation over allegations of customer privacy breaches, and telecommunications provider Orange and retailer Littlewoods were also found to be in breach of the Data Protection Act by the ICO this year.<div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-67945819809401067132007-04-15T07:19:00.000-04:002007-04-15T07:19:02.498-04:002006 Operating System Vulnerability Summary<a href="http://www.omninerd.com/2007/03/26/articles/74">OmniNerd</a><br /><br /><P><strong>Overview</strong> <br /><P><img src="http://www.omninerd.com/articles/attachments/VnutZ79/a74/thumbs/OS_Share.png" hspace=5 vspace=5 align=right border=1 ALT="Estimated Operating System market share for 2006"> Computer security is a precarious business both from a product development and administrative standpoint. Operating system vendors are forced to constantly patch their software to keep consumers protected from the latest digital threats. But which operating systems are the most secure? A recent report by Symantec hints that Windows currently presents fewer security holes than its commercial competitors.1 To that, a typical consultant would respond "well, that depends," as security auditors generally take such statements with a grain of salt. It depends on the configurations of the hosts, the breadth of the included binaries and the scope of what "commercial competitors" entails. Differing opinions on this interpretation lead to different conclusions. SecurityFocus, for instance, shows that various overall vulnerabilities surged in 2006 while ISS (Internet Security Systems) reports that operating system specific exploits declined.2,3<br /><P> The summarized coverage of 2006 vulnerabilities by SANS showed the most prevalent attack vectors were not directly against the operating systems themselves.4 However, this article approaches the operating system as an entity in and of itself for analysis of only the vulnerabilities of core features. As such, vulnerability scans were conducted against 2006's flagship operating systems in various configurations to determine weakness from the moment of installation throughout the patching procedure. From Microsoft, testing included Windows XP, Server 2003 and Vista Ultimate. Examinations against Apple included Mac OS9, OSX Tiger and OSX Tiger server.5 Augmenting Apple's UNIX representation, security tests were also performed on FreeBSD 6.2 and Solaris 10. Rounding up the market share, Linux security testing included Fedora Core 6, Slackware 11, SuSE Enterprise 10 and Ubuntu 6.10. Before delving into the specifics of the vulnerabilities, it is helpful to understand the security scene of 2006. <br /><P><a href="http://www.omninerd.com/2007/03/26/articles/74">read full report</a><div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-34164336987480790972007-04-15T06:58:00.000-04:002007-04-15T07:01:49.379-04:00Control and track your car from the net<a href="http://www.autoblog.com/2007/03/17/you-are-big-brother-control-and-track-your-car-from-the-net/">Autoblog</a><br /><P><b>YOU are big brother</b><br /><P><img src="http://www.blogsmithmedia.com/www.autoblog.com/media/2007/03/inilex.jpg" hspace=5 vspace=5 border=1 align=right width=350 ALT="dashboard"> The world is certainly not lacking devices that allow you to track and control your vehicle from afar. The newest breed of these systems was developed by Inilex, which allows a subscriber/user to do everything from unlock their doors, start their vehicle, sound the alarm, disable the engine or give the location of their ride. The system can be used by logging on to Inilex's website via a PC, calling a toll-free number or using a PDA with access to the internet.<br /><br /><P>Aside from providing a bit more convenience and protection, the major draw for some users, namely parents, is the ability to not only track the movements of the vehicle, but also be alerted via text message or email if the kiddies stray from set boundaries or operate the vehicle during certain times of the day or night (no more ditching school or sneaking into the love interest's window at 3 AM).<br /><br /><P><a href="http://www.inilex.com/wf_CommercialFleet.aspx">Inilex</a> demo.<div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-35123933343193275072007-03-25T09:43:00.000-04:002007-03-25T09:48:40.451-04:00Network Security Is Top of Mind for Executives(EIU research white paper entitled "<a href="http://www.corp.att.com/emea/insights/whitepaper/network_security4.html">Network Security: Protecting Productivity</a>".)<br /><br /><p>AT&T Inc. <a href="http://www.att.com/gen/press-room?pid=5097&cdvn=news&newsarticleid=23560">announced</a> today that network security is regarded by executives as the single most important attribute of their network, according to the results of a global survey conducted by the Economist Intelligence Unit (<a href="http://www.eiu.com" alt="The Economist Intelligence Unit (www.eiu.com) is the business information arm of The Economist Group, publisher of The Economist. Through its global network of over 500 analysts, the Economist Intelligence Unit continuously assesses and forecasts political, economic and business conditions in nearly 200 countries. As the world's leading provider of country intelligence, the Economist Intelligence Unit helps executives make better business decisions by providing timely, reliable and impartial analysis on worldwide market trends and business strategies.">EIU</a>) for <a href="http://www.att.com" alt="AT&T Inc. is a premier communications holding company. Its subsidiaries and affiliates, AT&T operating companies, are the providers of AT&T services in the United States and around the world. Among their offerings are the world's most advanced IP-based business communications services and the nation's leading wireless, high speed Internet access, and voice services. As part of its three-screen integration strategy, AT&T is expanding video entertainment offerings to include next-generation television services such as AT&T U-verseSM TV. In domestic markets, AT&T is known for the directory publishing and advertising sales leadership of its Yellow Pages and YELLOWPAGES.COM organizations, and the AT&T brand is licensed to innovators in such fields as communications equipment. Additional information about AT&T Inc. and the products and services provided by AT&T subsidiaries and affiliates is available at www.att.com.">AT&T</a>. The research reveals that a majority of executives (52 percent) now believe that having a converged network gives their companies better deference against IT security breaches. Furthermore, nearly 70 percent feel that IP helps ensure business continuity following an emergency.<br /><br /><p><a href="http://www.1000files.com/screenshot_18098.html" border="none" alt="full size poster from 1000files. Network Security Map Poster by Javvin Company."><img hspace="5" src="http://www.javvin.com/pics/SecurityMapM.gif" width="300" align="right" vspace="5" /></a> The survey of 395 senior executives called <em>'Network Security: Protecting Productivity'</em> also shows that, at the same time, network security concerns remain at the top of the list of barriers to implementing a converged IP network. IP convergence, although it may increase vulnerability in some ways, promises to take the network defences to new levels of sophistication and reliability, and today organizations are equipped with incomparably better tools to protect the network than they were even in the late 1990s.<br /><p>The EIU white paper shows that, increasingly, executives feel especially <strong>concerned about the growing volumes of customer data they hold and manipulate</strong>, and 45 percent say that the holding of sensitive customer data on their network makes them feel "extremely" vulnerable from an electronic security perspective. Another 41 percent say the process of analyzing and acting upon detailed customer data also significantly increases their vulnerability.<br /><br /><p>Among the worst security threats cited by nearly half (49 percent) of executives is <strong>hackers</strong>. Protecting against <strong>viruses and</strong> <strong>worms</strong> also remains top of mind for companies but emerging as one of the most feared threats is <strong>identity theft</strong> -- mentioned by one-third of executives -- and their concerns are set to rise over the next three years.<br /><br /><p>The EIU research has also highlighted the <strong>importance of the chief security officer</strong> (CSO), and although typically the CEO remains the primary decision- maker for electronic security decision (with the exception in Europe where the CIO is more likely to hold this role), the role of the CSO is rising, with 12 percent of companies confirming this as the main decision-maker.<br /><br /><p>"Security is becoming more and more important in today's collaborative environment", comments Lloyd Salvage, AT&T's vice president in the U.K. "We are constantly talking to our customers and helping them to re-evaluate their requirements to ensure that their businesses are adequately protected at all times."<br /><br /><p>The white paper is the second of a series of thought-leadership papers in the Network Convergence series written by AT&T in co-operation with the Economist Intelligence Unit. Subsequent papers in the series will explore how companies are addressing the challenges of managing applications integration and enterprise mobility.<br /><br /><p><strong>Survey and Research Methodology</strong><br /><p>As part of the research for the paper, the Economist Intelligence Unit conducted an online worldwide survey of 395 senior executives across 51 countries and over 20 industries. The majority of respondents came from Western Europe (32%), Asia Pacific (30%), and North America (30%). Other respondents came from Eastern Europe, Latin America, the Middle East, and Africa. 63% of those polled hailed from large firms with annual revenue of more than US$500 million. The top five industry sectors represented by the survey respondents were professional services, financial services, manufacturing, IT and technology, and healthcare, biotechnology and pharmaceuticals. In addition to the survey research, the EIU conducted a series of one-to-one in-depth interviews with senior executives and analysts.</p><div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-44284609789429281702007-02-19T10:55:00.000-05:002007-02-19T11:04:59.567-05:00Outrunning the Regulators<a href="http://www.strategy-business.com/resilience/rr00041?pg=all">Strategy + Business</a><br />In banking, as in other heavily regulated industries such as utilities and health care, keeping abreast of federal regulatory requirements is of paramount importance. <strong>To avoid an endless cycle of reacting to new regulations, banks [and business in other regulated industries] must anticipate the regulatory fallout from problems</strong> such as identify theft, and implement solutions that address existing and longer-term security issues. Leaders should consider decentralized security structures to enable a faster response to new rules. Making customers aware of new security measures is also vital and can help mitigate risk.<br /><br /><center>. . .</center><br /><br />[...] Companies in heavily regulated industries, a group that includes pharmaceuticals, health care, and utilities, often act as though the regulations that besiege them are irritating trivialities. However, new requirements can offer companies an opportunity to escape the cycle. For instance, <strong>instead of maintaining an ad hoc approach to foiling invasions and complying with regulations, banks should craft an overall public-facing security strategy</strong>. Although it can be difficult to persuade senior management to invest in long-range plans, there’s no better time to do it than when they are in the shadow of an imminent regulatory deadline — especially one that is disrupting the entire organization as the company marshals its resources to deal with it.<br /><br /><a name=gif><img xxwidth=400 src="http://www.ccip.govt.nz/about-ccip/about-ccip-images/risk-mitigation-cycle.gif" align=left hspace=5 vspace=5 boder=1></a>For example, in aiming to go beyond regulatory compliance and achieve security excellence, banks can institute a mechanism for self-analysis and self-improvement that allows them to <strong>anticipate their future security needs</strong>. In doing so, they will meet their current burden of compliance, lessen the impact of any future regulatory guidance, reduce their risk exposure, and address customers’ concerns about the security of online banking.<br /><br />[...] The second element is an effective organizational structure to manage the initiative. A common roadblock to implementing new security standards is a decentralized company, which can lead to inconsistent approaches to IT security across the enterprise, along with incomplete monitoring and accountability. However, piecemeal fixes will not work. Grafting a centralized security program onto a decentralized organization often results in the corporate equivalent of organ rejection.<br /><br />How might banks address this issue? They can create a hybrid centralized–decentralized model, in which critical compliance activities and governance oversight are centrally managed, while less critical functions remain with the business units. Alternatively, banks can construct enforcement mechanisms that shift the burden of compliance to the heads of the business units, rather than keep it centralized at corporate headquarters. Regardless of the specific solution, banks can manage risk exposure and regulatory compliance in a uniform fashion only if they have the requisite organizational structures in place.<br /><br />The final element of a robust risk-mitigation program, customer awareness, can be a key component of a company’s defense against fraud and identity theft. A well-educated bank customer can more easily spot phony come-ons, like phishing e-mails, and avoid being deceived. In fact, many banks are finding that educated consumers are their front line of defense in reporting phishing and other fraud attempts. One basic but effective measure is to advise customers to always type the bank’s Web address into their Internet browser rather than click on a link in an e-mail, because the e-mail may be fraudulent.<br /><br />Furthermore, making customers aware of enhanced online security is a key differentiator in the marketplace. In a 2005 survey by Deutsche Bank Research, “security offering” was far and away the most important feature to prospective online banking customers, with 87 percent calling it their top priority. A well-publicized security program could prove a significant lure to new customers in the highly competitive banking environment.<br /><br />Any highly regulated industry will face similar vicious cycles of its own and should be thinking about approaches for leaping ahead of regulatory requirements. The common thread is that simply responding to regulatory guidance will never be enough. Anticipatory thinking is the only way to avoid being caught in the middle of an endless series of provocation and regulation.<div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-80952996606117945032007-02-07T08:08:00.000-05:002007-02-07T08:10:18.131-05:00Hackers Attack Key Net Traffic Computers<a href="http://sfgate.com/cgi-bin/article.cgi?file=/n/a/2007/02/06/national/w125503S29.DTL">SFGate.com based on an AP feed</a><br /><br />Hackers briefly overwhelmed at least three of the 13 computers that help manage global computer traffic Tuesday in one of the most significant attacks against the Internet since 2002.<br /><br /><a href="http://www.public-root.com"><img hspace="5" src="http://www.heise.de/ct/00/25/066/bild2.gif" width="300" align="left" vspace="5" border="1" /></a>Experts said the unusually powerful attacks lasted as long as 12 hours but passed largely unnoticed by most computer users, a testament to the resiliency of the Internet. Behind the scenes, computer scientists worldwide raced to cope with enormous volumes of data that threatened to saturate some of the Internet's most vital pipelines.<br /><br />The Homeland Security Department confirmed it was monitoring what it called 'anomalous' Internet traffic.<br /><br />"There is no credible intelligence to suggest an imminent threat to the homeland or our computing systems at this time," the department said in a statement.<br /><br />The motive for the attacks was unclear, said Duane Wessels, a researcher at the Cooperative Association for Internet Data Analysis at the San Diego Supercomputing Center. "Maybe to show off or just be disruptive; it doesn't seem to be extortion or anything like that," Wessels said.<br /><br />Other experts said the hackers appeared to disguise their origin, but vast amounts of rogue data in the attacks were traced to South Korea.<br /><br />The attacks appeared to target UltraDNS, the company that operates servers managing traffic for Web sites ending in "org" and some other suffixes, experts said. Officials with NeuStar Inc., which owns UltraDNS, confirmed only that it had observed an unusual increase in traffic.<br /><br />Among the targeted "root" servers that manage global Internet traffic were ones operated by the Defense Department and the Internet's primary oversight body.<br /><br />"There was what appears to be some form of attack during the night hours here in California and into the morning," said John Crain, chief technical officer for the Internet Corporation for Assigned Names and Numbers. He said the attack was continuing and so was the hunt for its origin.<br /><br />"I don't think anybody has the full picture," Crain said. "We're looking at the data."<br /><br />Crain said Tuesday's attack was less serious than attacks against the same 13 "root" servers in October 2002 because technology innovations in recent years have increasingly distributed their workloads to other computers around the globe.<div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-1169118019444655152007-01-18T06:00:00.000-05:002007-01-18T06:02:47.426-05:00Phisher Convicted, Faces 101 Years In Prison<a href="http://www.techweb.com/wire/196901446">TechWeb</a><br /><P><a href="http://www.antiphishing.org/index.html"><img src="http://www.antiphishing.org/phishing_archive/12-23-04_AOL/12-23-04_AOL_email.jpg" ALT="From the archives of the Anti-Phishing Working Group ~ http://www.antiphishing.org" vspace=5 hspace=5 border=2 width=200 align=right></a> In the first jury conviction under the Can-Spam Act of 2003, a California man has been found guilty of operating a sophisticated phishing scheme that attempted to dupe thousands of AOL users. <br /><P>Jeffrey Brett Goodin, 45, of Azusa, Calif., was found guilty of sending thousands of e-mails set up to appear to be from AOL's billing department to the company's users, prompting them to reply with personal and credit card information. He then used the information to make unauthorized purchases, according to the U.S. Attorney's Office in Los Angeles. <br /><P>Goodin is scheduled to be sentenced by U.S. District Court Judge Christina A. Snyder on June 11. He faces a maximum sentence of 101 years in federal prison.<br /><P>The evidence presented during the week-long trial showed that Goodin used several compromised Earthlink accounts to send the fraudulent spam. Users were urged to update their AOL billing information or risk losing service. The e-mails, according to the U.S. Attorney's Office, referred people to one of a list of Web pages where they were directed to input their personal and financial information. Prosecutors contend that Goodin controlled the Web pages, and he subsequently collected the information and then made charges on people's credit or debit cards. <br /><P>Goodin also was found guilty of 10 other counts, including wire fraud, aiding and abetting the unauthorized use of an access device (a credit card in this case), possession of more than 15 unauthorized access devices, misuse of the AOL trademark, attempted witness harassment, and failure to appear in court.<div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-1163718745944129862006-11-16T18:12:00.000-05:002006-11-16T18:15:36.986-05:00Five-step check for nano safety<a href="http://news.bbc.co.uk/2/hi/science/nature/6153814.stm">BBC NEWS</a><br /><br><em>A team of experts has drawn up five 'grand challenges' in order to evaluate the safety of nanotechnology.</em><br /><P><img src="http://newsimg.bbc.co.uk/media/images/42321000/jpg/_42321176_carbtubes203.jpg" vspace=5 hspace=5 align=right border=1> The field's potential could be compromised unless the scientific community can implement a programme of systematic risk research, they warn.<br /><P>Writing in Nature journal, the team says that fears about nanotechnology's possible dangers may be exaggerated, but not necessarily unfounded.<br /><P>The five challenges are designed to be completed over the next 15 years.<br /><P>"The threat of possible harm - whether real or imagined - is threatening to slow the development of nanotechnology unless sound, independent and authoritative information is developed on what the risks are and how to avoid them," author Andrew Maynard and his colleagues write in Nature.<br /><table width=100%><tr><td widht=60%>The five grand challenges include developing instruments to evaluate exposure to engineered nanomaterials in air and water and developing methods for assessing their toxicity.<br /><P>The group of experts says that if the global research community can take advantage of the safety infrastructure already in place for biotechnology and computing, then nanotechnology has a rosy future.<br /><P>But Dr Maynard, from the Woodrow Wilson International Center for Scholars in Washington DC, and colleagues say that the way science is carried out means it is ill-equipped to address novel risks from emerging technologies.<br /><P>Research into understanding and preventing risk often has a low priority in the world of technology development, research funding and intellectual property, they say.</td><br /><td><strong>NANOTECH'S FIVE CHALLENGES</strong><br /><ul><font size=-1><li>Develop instruments to assess exposure to engineered nanomaterials in air and water within next 3-10 years<br /><li>Create and test ways of evaluating the toxicity of nanomaterials in 5-15 years<br /><li>Generate models to predict their possible impact on the environment and human health over the next 10 years<br /><li>Develop ways to assess the health and environmental impact of nanomaterials over their entire lifetime, within the next five years<br /><li>Organise programmes to enable risk-focused research into nanomaterials, within the next 12 months</font></ul></td></tr></table><br /><P>"Without strategic and targeted risk research, people producing and using nanomaterials could develop unanticipated illness arising from their exposure," the authors warn in Nature.<br /><P>"Public confidence in nanotechnologies could be reduced through real or perceived dangers and fears of litigation may make nanotechnologies less attractive to investors and the insurance industry."<br /><P><strong>Safety studies</strong><br /><P>Recent studies on nanoparticles in cell cultures and animals show that a variety of factors influence their potential to cause harm. These include their size, surface area, surface chemistry and ability to dissolve in water.<br /><P>This should come as no surprise. Inhaled dust has been known to cause disease for many years. Small particles of inhaled quartz can lead to lung damage, with the potential for progressive lung disease. But the same particles with a thin coating of clay are less harmful.<br /><P>Long, thin fibres of asbestos can also lead to lung disease if inhaled, but grinding the fibres down to shorter particles reduces their harmfulness.<br /><P>In May, the UK's Royal Society called on industry to disclose how it tests products containing nanoparticles.<br /><P>A joint report by the Royal Society and Royal Academy of Engineering two years ago said there was no need to ban nanoparticle production.<br /><P>But it said tighter UK and European regulation over some aspects of nanotechnology - manipulation of molecules - was needed to ensure its long-term safety.<div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-1163501586896272012006-11-14T05:53:00.000-05:002006-11-14T05:53:07.436-05:00Nearly half of Canadians find security laws intrusive: study<a href="http://www.cbc.ca/technology/story/2006/11/13/surveillance.html">CBC</a><br />Americans are more likely than Canadians to be concerned about the intrusiveness of new laws aimed at protecting national security in the wake of the Sept. 11, 2001, attacks, new <a href="http://www.queensu.ca/sociology/Surveillance/?q=media">Canadian research</a> suggests.<br /><br /><p><a href="http://www.queensu.ca/sociology/Surveillance/"><img alt="The Surveillance Project" hspace="5" src="http://www.queensu.ca/sociology/Surveillance/themes/default/logo.gif" align="right" vspace="5" border="0" /></a>In what is believed to be the first cross-cultural study of its kind, Queen's University researchers surveyed 9,000 people around the world about their experiences with surveillance and privacy. The study was released Monday.<br /><br />'We are seeing a high level of concern in many parts of the world about the intrusiveness of these post-9/11 laws. Fifty-seven per cent of Americans and 47 per cent of Canadians said that these laws are intrusive,' Elia Zureik, lead researcher, said in a news release.<br /><br />"These findings resonate with the recent Ontario Supreme Court ruling about the unconstitutionality of parts of Bill C-36, the anti-terrorism legislation in Canada."<br /><br />Researchers examined attitudes toward data collection by governments and employers, and via technologies such as personal computers, biometrics and global-positioning systems. They wanted to better understand how much people trust corporations and governments to handle personal information.<br /><br />Highlights from the study include the percentage of respondents who:<br /><ul><li>Believe surveillance laws are intrusive (U.S. 57 per cent, Canada 48 per cent, Spain 53 per cent, Mexico 46 per cent, Brazil 41 per cent and France 40 per cent). <li>Worry about providing personal information on websites (China 54 per cent, Canada 66 per cent, Brazil 70 per cent, Spain 62 per cent and U.S. 60 per cent). <li>Believe the use of closed circuit television deters in-store crime (Mexico 88 per cent, U.S. 80 per cent, Canada 79 per cent and France 73 per cent). <li>Rejected outright the premise that airport authorities should give extra security checks to visible minority passengers. About 60 per cent of Chinese, Hungarians, Brazilians, and Canadians but only a third of Americans found such practices unacceptable.</li></ul>The survey also found some striking cultural differences. In China, 63 per cent of respondents said they trust the government to protect their personal information. That compares to 48 per cent of Canadians and 20 per cent of Brazilians.<br /><br />About 30 per cent of Canadians, Americans, Spaniards and Hungarians felt they had complete or a lot of say in what happens to their personal information. But Chinese and French respondents felt differently, with 67 per cent and 60 per cent, respectively, reporting they felt in control of the use their information.<br /><br />The survey was funded by the Social Sciences and Humanities Research Council of Canada and included nearly 50 questions on participants' attitudes toward consumer surveillance, racial profiling at airports, national ID cards, media coverage of surveillance issues, workplace privacy, knowledge of privacy regulations, control over personal data and public trust in government.<div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-1162492996165343602006-11-02T13:43:00.000-05:002006-11-02T13:43:16.403-05:00A Security Disconnect<a href="http://www.conference-board.org/">Conference Board</a><br />There’s a serious security disconnect going on at our nation’s largest and most vulnerable companies: <em>"The most supportive executives [such as CIOs] were not the most influential, and the most influential executives (senior C-suite managers) were not the most supportive</em>." That’s the key finding from a new <a href="http://www.conference-board.org/">Conference Board </a>report on security entitled “Navigating Risk—The Business Case for Security.” <br /><br />The study measures the influence of security managers among senior executives; the Board surveyed 213 senior corporate executives not specifically responsible for security or risk matters and not CIOs, at companies at especially high risk: “critical infrastructure industries (including energy and utilities, chemicals, and transportation), large corporations, multinationals with global operations, and publicly-traded companies.”<br /><br />The study found:<br /><br /><blockquote>there is a strong disconnect between the level of support for security<br />initiatives and the level of influence over security policy within the companies<br />surveyed. “Security directors appear to be politically isolated within their<br />companies,” says Thomas Cavanagh, Senior Research Associate in Global Corporate<br />Citizenship at The Conference Board and author of the report. “They face a<br />challenging search for allies when they need to gain support from upper<br />management for new security initiatives.”<br /></blockquote>It also found that while security is seen as aligned with operational risk, it’s not viewed as well-aligned with company strategy:<br /><br /><blockquote>Companies reported less alignment of security with long-range strategic<br />objectives of the firm. For example, among senior executives, 56% see their<br />company’s security operation as effectively aligned with the need to keep pace<br />with competitors, and half of the sample believe security has been effective in<br />reducing insurance premiums. Much lower proportions saw security as contributing<br />toward enhancing the value of the brand (44%), managing the supply chain (36%),<br />or pursuing new business opportunities (35%).” The results “suggest that<br />security remains a function that is mired in operations in the eyes of senior<br />executives,” says Cavanagh.”<br /></blockquote>Measures of the effectiveness of corporate security are less sophisticated than even the measures for IT or HR effectiveness. The focused on how much a problem costs, not on contribution to strategy:<br />The most helpful measures were the cost of business interruption, (cited by 64%); vulnerability assessments (60%); and benchmarking against industry standards (49%). Another group of helpful metrics was explicitly related to insurance costs, such as the value of facilities (44%), the level of insurance premiums (39%), and the cost of previous security incidents (34%). The choice of metrics varies widely across industries.<br /><br />Our own <a href="http://www.cioinsight.com/article2/0,1540,2023321,00.asp">security survey </a>has also found that <a href="http://www.cioinsight.com/article2/0,1540,2043454,00.asp">management support for security </a>is a problem (Finding 1.2). But while our survey finds there is a trend toward greater <a href="http://www.cioinsight.com/article2/0,1540,2042909,00.asp">integration of IT security with risk management</a> (Findings 6.1 and 6.2), the Conference Board study suggests that IT security's part in the overall risk picture is not as well-understood or supported as IT executives think. It helps explain why so many IT executives complain that their company takes too <a href="http://www.cioinsight.com/article2/0,1540,2042909,00.asp">tactical </a>an approach to security (Finding 6.3). CIOs can't take support for security for granted. Maybe they should enlist the help of those anxious chief marketing officers who were surveyed in the <a href="http://blog.eweek.com/blogs/research_central/archive/2006/10/13/Marketing_Study_Cries_Out_For_IT_Security.aspx">CMO Council's study </a>on security.<div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-1162474525678505782006-11-02T08:35:00.000-05:002006-11-02T08:35:26.040-05:00Ethical Advocates Can Build Significant Goodwill For Companies<a href="http://www.ipsos-na.com/news/pressrelease.cfm?id=3244"><img src="http://www.ipsos.com/images/logo.gif" border="0" /></a><br /><p>Based on its research, Ipsos has developed a Corporate Responsibility Roadmap with eight model behaviors that can help companies stand out and appeal to Ethical Advocates. These behaviors are:<br /><ol><li>The company provides <strong>quality products and services at a reasonable price</strong>, i.e., it doesn’t come across as making excessive profits at the expense of the consumer;<br /><li>The company provides <strong>universal access</strong> to its products and services, i.e., it doesn’t discriminate against sections of society because of their wealth, age or geography. This is especially pertinent for financial service, telecommunications and pharmaceutical providers;<br /><li>The company <strong>treats its employees well (both at home and abroad)</strong>;<br /><li>The company’s activities are not detrimental to the <strong>environment</strong>;<br /><li>The company <strong>communicates clearly</strong> about its business, products and services so the consumer is able to make an informed choice. Companies with an overarching corporate brand, especially those in consumer goods, are expected to create awareness of their product portfolio;<br /><li>The company is <strong>smart and respectful</strong> in its sales, marketing and advertising, i.e., it doesn't adopt aggressive sales techniques, excessive mailings or irresponsible advertising that targets children;<br /><li>The company <strong>supports the local economy</strong> by sourcing US products and labor (especially so for the retail and automotive sectors);<br /><li>The company is committed to <strong>innovation</strong> (particularly if it is in technology or pharmaceuticals).</li></ol>Annabel Evans a Vice President with Ipsos Public Affairs and author of a study exploring the corporate reputation of 30 major U.S. businesses from a variety of sectors published the results in a special issue of the magazine, <a href="http://www.ipsos-pa.com/pa/us/reputation" target="_blank">Ipsos Ideas</a> . “Companies that are perceived to be socially and environmentally responsible, and good communicators, are highly regarded,” says Evans. “The opposite is true for companies that don’t perform well in these areas.”"<br /><p>Ethical Advocates regularly choose products that have some social or environmental benefit, such as those made with recycled content or produced via a fair trade arrangement. They also take personal steps to be more environmental and socially responsible. Most Ethical Advocates, for example, recycle, donate money to charity and make efforts to be energy-efficient.<br /><p>Among the behaviors Ethical Advocates consider when judging companies are: quality products and services at a reasonable price, fair treatment of employees at home and abroad, support of the local economy, respect for the environment and the ability of consumers to make an informed choice. </p><div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-1162227406721403642006-10-30T11:56:00.000-05:002006-10-30T12:00:33.870-05:00The Quiet Leader—and How to Be One<a href="http://hbswk.hbs.edu/item/2766.html">HBS Working Knowledge</a><br /><span style="color:#990000;">Lagace</span>: You write that one inspiration for your new book was the unusual course you've been teaching for MBA students on moral leadership in organizations. What is a quiet leader? Is quiet leadership a topic you had been thinking about prior to the MBA course?<br /><br /><span style="color:#000099;">Badaracco</span>: I don't think I really started thinking about it until just a few years ago. There were two things that prompted me to do so. One is that I had written a book called Defining Moments: When Managers Must Choose Between Right and Right (HBS Press, 1997) which is about big deal, high-stake, traumatic decisions. And there was a natural question: 'Is this all there is to writing about difficult ethical decisions?' Or put differently, what happens in between the big decisions—which don't come along very often? For some people they come along very, very infrequently. Does this mean these people are on vacation the rest of the time?<br /><br />There's the age-old myth of Icarus trying to fly too close to the sun, and there is the suggestion that there is something dangerous about the pursuit of greatness. And at the same time while you read books and plays—Death of a Salesman is such a clear example, where Willy wants to be a great salesman and he wants his sons to be leaders of men. He pushes so hard he ends up committing suicide, is very disappointed in his kids—there are other characters, I noticed, who were what I came to call quiet leaders.<br /><br />You also end up defining quiet leaders almost through a series of negatives. They're not making high-stakes decisions. They're often not at the top of organizations. They don't have the spotlight and publicity on them. They think of themselves modestly; they often don't even think of themselves as leaders. But they are acting quietly, effectively, with political astuteness, to basically make things somewhat better, sometimes much better than they would otherwise be.<br /><br />Sometimes a few people were aware of what they did; sometimes nobody is aware of what they did. There aren't medal ceremonies and often the people involved don't think they would deserve one if the medals were being given out. But often they're people, I found…in the cases I looked at carefully, who find that some situation or problem or difficulty affecting a person, affecting an organization, is really bothering them; it gets under their skin. While other people would say, "Hey, why are you getting carried away about this?", they care about it. They commit themselves and keep working tenaciously, so that over a period of time they find some ways to get stuff done.<br /><br /><blockquote><p>If you look behind lots of great heroic leaders, you find them doing lots of quiet, patient work themselves. —<em>Joseph L. Badaracco Jr.</em></p></blockquote><br /><a href="http://hbswk.hbs.edu/item/2766.html">continue reading</a><div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-1161952101396842062006-10-27T08:27:00.000-04:002006-10-27T08:28:21.413-04:00Fearful of Feds, Companies Investigate Themselves<a href="http://www.cfo.com/article.cfm/8097611?f=alerts">CFO.com</a><br /><P>More than half of companies surveyed hired independent counsel in the past year to help with internal investigations, a move widely believed to reduce any punishment regulators might later mete out.<br /><p>A majority of companies have hired outside counsel to help with an internal investigation in the past year – a sign that companies are concerned about how their handling of problems will be perceived by regulators and the public.<br /><p>About 63 percent of over 400 U.S. and international companies surveyed by law firm Fulbright & Jaworski undertook at least one internal investigation with the help of outside counsel.<br /><p><a name="1"><img alt="investigator" hspace="5" src="http://www.artofact.nl/images/investigator.gif" width="200" align="left" vspace="5" border="0"></a> The act of engaging outside counsel at least makes the investigation appear more rigorous. "[If] there is a concern that you appear as credible as possible, hire outside counsel to conduct [an investigation] so they can discuss their results with the Department of Justice or others and tell them what the corporation itself has found," explained Layne Kruse, a senior litigation partner at Fulbright & Jaworski. Layne says the current number of outside counsel engagements is much higher than usual.<br /><p>All regulatory agencies have their own list of factors to consider when determining what type of penalty to give the company, notes William McLucas, former head of the SEC's enforcement division, and now a partner at Wilmer Cutler Pickering Hale & Dorr. Both the Department of Justice's "Thomson Memo" and the Securities and Exchange Commission's "Seaboard Report" outline the credit given to public companies when they cooperate with the government. Both of those documents "include the extent to which companies self-report and self-investigate," explains McLucas. (For CFO's analysis of the SEC's Seaboard Report, see "<a href="http://www.cfo.com/article.cfm/3804652?f=related">The Limits of Mercy</a>."<br /><p>Additionally, in this Sarbanes-Oxley era, companies are hiring outside, independent counsel to investigate all types of business issues from accounting to disclosure, observes McLucas. "The issue relates to the increased responsibility that audit committees have under Sarbanes-Oxley," he said. It also underscores the "overall heightened sensitivity of board members to the company's exposure to harsh government enforcement proceedings as well as the risk that the board itself could be subject to enforcement proceedings," added McLucas.</p><p>[<span style="color:#33cc00;">CLB: Somehow this implies that the old-fashioned role of an external auditor wasn't sufficient, or that it is reborn anew. After Arthur Anderson, has anything actually changed?</span>]</p><div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-1160899135288478992006-10-15T03:58:00.000-04:002006-10-15T03:58:58.530-04:00Corporate America’s Pay Pal<a href="http://www.nytimes.com/2006/10/15/business/yourmoney/15pay.html?_r=1&th&emc=th&oref=slogin">New York Times</a><br /><P>"For more than 20 years, Frederic W. Cook has developed innovative methods for creating lottery-size pay increases for top company executives. <br /><P>You may not know Frederic W. Cook, but if you are a shareholder or employee who has watched executive pay rocket in recent years, you are likely to be acquainted with his work.<br /><P>[<font color=green>CLB: This is a fascinating editorial, and recommended.</font>]<div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-5540806.post-1160052641616368682006-10-05T08:50:00.000-04:002006-10-05T09:02:44.353-04:00Spy games and a lack of ethical guidance<a href="http://www.theglobeandmail.com/servlet/story/RTGAM.20061004.whp1004/BNStory/Technology/?cid=al_gam_nletter_newsUp">globeandmail.com</a><br /><P>Former Hewlett-Packard Co. chairwoman Patricia Dunn and four others are facing criminal charges in California, including identity theft and conspiracy, for their role in a covert hunt for a boardroom mole.<br /><P>The charges, filed Wednesday by California Attorney-General Bill Lockyer, mark the latest blow for the venerable computer maker, which is also facing investigations by the U.S. Justice Department, the Securities and Exchange Commission and Congress.<br /><P>“One of our state's most venerable corporate institutions lost its way as its board sought to find out who leaked confidential company information to the press,” Mr. Lockyer told a press conference last night. “In this misguided effort, people inside and outside HP violated privacy rights and broke state law.... Those who crossed the legal line must be held accountable.”<br /><P>In addition to Ms. Dunn, who ordered the search for a director suspected of leaking secrets to reporters, California has also charged HP lawyer Kevin Hunsaker, the company's ousted chief ethics officer, and three outside private eyes — Ronald DeLia of Boston, Joseph DePante of Melbourne, Fla., and Bryan Wagner of Littleton, Colo.<br /><P>The legality and ethics of corporate espionage has become a hot-button issue in both Canada and the United States in recent weeks.<br /><P>Recently released court documents show that executives of WestJet Airlines Ltd. engaged in electronic spying in 2003-04 to get an edge on rival Air Canada.<br /><P>The five defendants are each facing four charges: use of false or fraudulent pretenses to obtain confidential information from a public utility; unauthorized access to computer data; identity theft; and conspiracy to commit those crimes.<br /><P>All four counts carry a maximum prison sentence of three years. The maximum fine for each of the three underlying felonies is $10,000 (U.S.). A conviction for conspiracy to fraudulently obtain phone records, or conspiracy to unlawfully access and use computer data, carries a maximum fine of $10,000. <br /><P>Conspiracy to commit identity theft can bring a maximum fine of $25,000.<br /><P>HP has admitted that its investigators impersonated board members to get their telephone records — a practice known as “pretexting” — spied on them, dug through their trash and planted spyware on reporters' computers during a covert operation to find the source of several boardroom leaks.<br /><P>Last week, Ms. Dunn, 53, told a congressional committee that while she ordered the probe in 2005, she assumed investigators were acting within the law and didn't know what pretexting was until the scandal broke.<br /><P>Appearing before the investigations subcommittee of the U.S. House of Representatives energy and commerce panel, Ms. Dunn said she's sorry for what happened, but denied responsibility for any of the tactics used by HP investigators.<br /><P>It's been rough week for Ms. Dunn. <br /><P>Her lawyer disclosed Wednesday that Ms. Dunn, who has survived breast cancer and melanoma, will begin chemotherapy treatments for advanced ovarian cancer Friday at the University of California, San Francisco.<br /><P>Two other key figures in the corporate spy scandal have so far escaped legal jeopardy — chief executive officer Mark Hurd and Ann Baskins, HP's general counsel.<br /><P>HP eventually identified director George Keyworth as the source of a leak to a CNET Networks Inc. reporter. <br /><P>Mr. Keyworth resigned after the scandal broke in early September.<br /><P>[<font color=green>CLB: For Ms. Dunn and others interested in pretexting, here is a 1999 article published by <a href="http://www.denverpi.com/news/news_199908.html">Rick Johnson Private Investigators: Pretext Investigations - Deception for Profit </a>. In my search for a graphic to add to this captured article, 99% of the images pulled from the <a href="http://images.google.com/images?sourceid=navclient&ie=UTF-8&rls=GGLJ,GGLJ:2006-05,GGLJ:en&q=pretexting">Google images engine</a> were of HP. Perhaps the word has taken on new meaning with this debacle.</font>]<div class="blogger-post-footer"><table border=1 cellspacing=0 cellpadding=5 BORDERCOLOR=black><tr><td bgcolor="white">
<font size=2><form Method="POST" action="http://www.feedblitz.com/f/f.fbz?AddNewUserDirect">
Feedblitz email: <input type="submit" value="subscribe to"> <input name="EMAIL" maxlength="255" type="text" size="12" value="Integrity">
<input name="FEEDID" type="hidden" value="61452"><BR> RSS: <a href="http://linkingintegrity.blogspot.com/atom.xml">http://linkingintegrity.blogspot.com/atom.xml</a></form></font>
<div class='adsense' style='text-align:left; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4171127288076792";
google_ad_width=468;
google_ad_height=15;
google_ad_format="468x15_0ads_al";
google_color_border="74B624";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="346715";
google_color_text="74B624";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</td></tr></table></div>Unknownnoreply@blogger.com0