Skip Navigation

Thought leadership from SAI to accelerate your performance
 

Systems Alliance Blog

Opinion, advice and commentary on IT and business issues from SAI
Date: Jun 2015

Let’s face it, the days of getting by with just a good website are over. Now, especially with the ever diminishing attention span of most website visitors, content on your website needs to be more than just a logo and some text on the screen. It needs to draw in, engage and captivate your audience.

One way to make your website more dynamic is video. Videos engage site visitors, often times delivering information that isn’t available or easily understood through text. Shareability is another huge advantage to video. Visitors will be able to share your content easily, helping to increase your brand awareness and credibility with potential clients.

Online video is all the rage right now, and it’s only increasing in popularity. According to Cisco, by 2019, 80% of the whole internet will be online video. And no, we’re not just talking about cat videos (which by the way, 15% of all internet traffic is connected to cats) or that video of the baby giggling when his mom blows her nose (which is now up to over 61 million views). Video is now crucial in web content marketing.

Not only are videos great to have on your website, they are proven to drastically improve email campaign results. According to Forrester Research, when marketers include video in an email, the click through rate increases by 200-300%. And let’s not forget about mobile – by the end of 2019, mobile video will account for 72% of total mobile data traffic.

So, should you be using video in your web content marketing? All signs point to YES.

Now, you may be thinking, “Ok, great! So, what now? How do we start making videos – we don’t have any experience in-house, and we definitely can’t afford to hire outside help”. The truth is, you really don’t need either. There are some fantastic tools out there to help with creating video content. For example, here are just a few of the different types of videos we create at SAI.

Animated Video

For this product video which features our Acadia Performance Platform, we used GoAnimate, a simple- to-use video animation tool to help even the most amateur of users create a fully functional, engaging video. So, why animation over real people? Above all, this is a very budget friendly approach to video; there are no actors and no camera is required. And it’s a step up from just providing screenshots. This is an easy and effective way to showcase a product and explain its use cases, especially considering videos increase people’s understanding of your product or service by 74%....Read More

baseball stadiumThe New York Times reported yesterday that the FBI is actively investigating the front office of the St. Louis Cardinals for illegally accessing a rival team’s computer system.  While this must be the strangest sports scandal since Deflategate, it is also the most high profile case of “high tech” corporate espionage that doesn’t involve a nation state actor.

Per the NYT, “the intrusion did not appear to be sophisticated” according to law enforcement officials.  The Astros executive whose credentials were compromised previously worked for the Cardinals. Cardinals staff allegedly used his old password to get into a new system that he built in Houston.  

This incident provides a number of lessons learned. The most obvious being to never commit a federal crime from your home computer unless you are interested in taking an all-inclusive vacation at the nearest federal detention center.  Here are 3 more you should think about:

1.  NEVER REUSE A PASSWORD

If you use the same password more than once and it gets compromised, the damage can be substantially worse.  Let’s imagine a scenario where a hacker gets access to one of your accounts.  That’s bad but at least it is contained to that website or application.  

Now let’s say that your password is the same on every other system you use.  Exploiting passwords stolen from one site against others is a very common practice amongst cyber criminals. Now your bank, online brokerage, social media accounts, luggage, etc. are compromised too.

Now let’s imagine a worse scenario.  One of your employees just had their accounts broken into and they are now busy picking up the pieces. According to a 2014 study, “one in five Americans reuses the same username and password across their personal and business accounts”.  That same study revealed that “73% of US Full-time workers admit to reusing the same batch of passwords online”. You probably are not feeling lucky right now.

2.  ALWAYS CHANGE THE DEFAULT CREDENTIALS

According to media accounts, the database built for the Astros was designed by the same executive and was substantially similar to that of the Cardinals.  While the credentials used to exploit this system were the executive’s old passwords, since they were known outside of the organization, this is analogous to leaving the vendor’s default password configured.

What’s the last piece of equipment you bought for your IT department? A quick Google search will reveal the vendor’s username and password to anyone with an internet connection.  If you put it online and never changed that password, you are taking an enormous risk.  According to a 2013 Verizon study “about 90 percent of successful breaches analyzed by Verizon started with a weak or default password, or a stolen and reused credential”.  Changing those defaults is common sense.

The same goes for those logon passwords the IT department gives you.  Do you really think that they haven’t used the same “P@ssw0rd2015” for the last 20 people who asked for a reset?

3.  BE AWARE OF INSIDER THREATS

While many data breaches come from outside, insiders can be just as dangerous.  People who know you and your systems probably understand their weaknesses.  In the baseball hacking scandal, it was allegedly paranoid and vengeful ex-colleagues who broke the system.  In a more famous case, it was an employee motivated by political views who leaked sensitive data.

Insider threats also include outside parties that steal credentials held by privileged individuals like your IT administrators and executives.  Making sure that they are aware of how to protect their credentials is critical.  The days of CEOs having passwords written on post-it notes must stop. Ensuring compliance with your IT policies and procedures is arguably more important for privileged users than it is for rank and file employees because their access to sensitive data is often greater.

The best defenses against insider threats are common sense best practices.  That includes a logical separation of duties and insisting that network activity is logged and audited.  Fewer than 60% of organizations are doing this today but it has been identified as a key behavior in quickly identifying malicious activity.


They Are Called “Best Practices” For a Reason

Jumping back to the baseball hacking scandal, the Houston Astros appear to be the second dumbest team in baseball, rivaled only by the team that “hacked” them, the St. Louis Cardinals.  As Deadspin so blithely pointed out, “What makes the St. Louis Cardinals hacking scandal really great, aside from the fact that it involves the St. Louis Cardinals, is that it could not have happened if everyone involved hadn’t acted as stupidly as possible.”

If you’re reading this and aren’t sure about your organization’s IT security practices, maybe now is the time to start asking questions and reduce your risk exposure to avoidable problems. 

Not sure where to get started?  SAI can help.

Wondering what to do if you find yourself having to deal with a data breach?  Standby for our next post from SAI’s CTO Josh Crone.

Calendar
Jun 2015
 123456
78910111213
14151617181920
21222324252627
282930