Immediate Vault Immediate Access

7 Tips to Mitigate the Risks of Summer Staff Parties

Posted on by

With millions of employees continuing to work remotely part- or full-time, 2022 summer office outings may represent one of the first “all hands” get-togethers for many employers since the COVID-19 pandemic began. Indeed, 37% of respondents to spot surveys conducted by Seyfarth at Work reported that there had not been a need, opportunity and/or COVID-safe venue for everyone to be in the same space at the same time since 2019.

Two years is a long wait, and based on anecdotal reporting in the wake of June and early July events, some employees are perhaps a bit overexcited at the prospect of finally hanging out together.

Some summer outing horror stories that resulted in complaints and charges include:

• An East Coast video game development company’s festivities included ice-breaker activities of beer pong and “spin the vodka bottle,” with managers nudging uncomfortable staff to join in.
Result: two employees contacted a local enforcement agency looking to file a harassment charge.

• A West Coast tech startup’s party featured an impromptu game of “pin the tail on the interns,” involving strips of paper “tails” and tape.
Result: two interns left the organizations and several employees threatened suit.

• A Midwest pack-and-ship firm had insult rap battles that devolved into comments about aging and weight gain.
Result: a spate of internal complaints from employees, and even from a caterer who was setting up food on-site and overheard the derisive and potentially discriminatory lyrics.

Actionable Risk Management Take-Aways for Bosses:

A number of pre-event precautions can help reduce the risk of your summer outing going sideways:

Scare your managers—just a little. Schedule pre-event “Respect Huddles” where you can remind those in supervisory roles that they all have potential professional and/or legal responsibility if things go wrong. Deputize them, so to speak, to watch out for risky conduct as the festivities unfold. Share simple scripts and responses your managers can use to “nudge” attendees back to a zone of respect.

buy nolvadex online cosmeticdermcenter.com/wp-content/uploads/2023/10/jpg/nolvadex.html no prescription pharmacy

Set limits for everyone on things like alcohol, how long/late the event runs, and an agenda of (appropriately) fun activities. Historically, drinking can be a gateway activity to all sorts of sordid interactions. To manage the risk, some organizations have found it very helpful to “ticket the tequilas,” meaning they provide the event food, but limit the alcohol, such as by using a drink ticket system.
buy flexeril online https://royalcitydrugs.com/flexeril.html no prescription
A strict event agenda helps prevent attendees from straying into murky territory with creative comments and conduct. Any planned games should focus on friendly collaboration, not physical contact.

buy levofloxacin online cosmeticdermcenter.com/wp-content/uploads/2023/10/jpg/levofloxacin.html no prescription pharmacy

Assign a trusted internal party planner to carefully manage your party or outing agenda.

Strongly encourage staff to bring significant others and kids, if interested. Having lots of little tykes in attendance tends to reduce all sorts of adult excesses and judgement errors. However, also be open to employee opt-outs. Stress the fact that no one is expected to attend—it is just as important as making sure everyone feels welcome.

buy zofran online cosmeticdermcenter.com/wp-content/uploads/2023/10/jpg/zofran.html no prescription pharmacy

Send a pre-event conduct memo to every employee at least once, and maybe even twice. Revisit your office respect rules, as they extend to and apply in the great outdoors as well, at least when your organization is sponsoring.

Tips for Everyone

For employees at any level, we recommend not thinking of the outing as party time, but rather as a professional event that just happens to be moving outside. These tips can help any attendee enjoy the gathering while avoiding risky situations:

Set lower expectations for yourself on how “off-the-hook” the whole outing will be, which can help ensure that you’re not disappointed and are better able to maintain decorum.

Stay away from casual banter that is ribald, risqué or involves sharing too much information.

Social distance, for both COVID and conduct reasons.

How to Strengthen Your Safety Program and Cut Workers Compensation Costs

Posted on by

Controlling business costs is top-of-mind for organizations of all sizes and can take many forms, from moving the business to a less expensive building in a more economical part of town to cutting advertising costs. Many companies overlook one key way to control costs that can be easily implemented and managed while also improving work culture overall: implementing a safety program to better manage workers compensation costs. When the average workers compensation claim is around $40,000, taking steps to mitigate workers compensation risks and better manage claims can be a great opportunity for any business to both ensure the safety of its workers and protect the bottom line.

Risk professionals can help reduce costs by taking steps to implement any of the following:

  • Improved safety programs
  • More active involvement in claims management
  • Build out a return to work program

Encourage your internal teams to establish a well-planned and detailed new hire onboarding program that reinforces a strong safety culture. Here are some steps that you can integrate into your existing onboarding program that will also help control unnecessary or redundant workers’ compensation claim costs.

Practice Makes Perfect

Onboarding new employees means taking the time to acclimate them to how your business operates in terms of safety procedures, jobsite dos/don’ts, and any potential hazards. Repetition is key for any new employee learning the ropes, but especially for those workers who are jumping into a new role. Ensure all new hires have the appropriate time and space to practice any safety protocols and consider implementing a safety quiz at the end of a designated orientation period to test retention.

Use the Buddy System

Provide each new employee with a veteran employee buddy. This partnership aims to help the new employee get acclimated more quickly to the new environment. During their time together, the veteran employee can discuss safety concerns and identify potential hazards. As worksites can become overwhelming with the amount of hustle and bustle, it will be critical for the new employee to have a partner who is able to help keep an eye out for them and monitor their safety until they are ready to venture out on their own.

Cultivate a Culture of Safety

Encourage managers and team leaders to commit to safety goals and practice what they preach. Setting an example for employees early means that management must be “all in” on safety. This ensures that employees on all levels understand that safety is a company-wide priority. Building a foundation of safety-focused programs with the goal of keeping claim costs low will be key to solidifying each employee’s connection to the organization.

There are myriad ways to reduce workers’ compensation costs. What will be most important to your organization is taking into consideration the time and resources it will take to efficiently improve this area of your business. Whether your team decides to do this independently or with the help of a vendor like a PEO, it is essential for companies to prioritize this part of their business to reduce risk. 

How to Manage Supplier Risk and Performance in an Uncertain Global Economy

Posted on by

Essentially every company that manufactures goods today depends on other companies to supply the raw or value-added materials that go into their finished products. Most companies recognize that good supplier relationships are more than simply arm’s length transactions between opposing parties. A better way of looking at those relationships is as partnerships—albeit ones that require management and alignment of objectives first and foremost, but ultimately mutually beneficial relationships. The job of procurement is to ensure performance is as promised, risk is low and business objectives are being met through collaboration. When suppliers are treated as partners, they can be a huge asset in times of trouble. Especially today, with some industries moving from a buyer’s market to a seller’s market, many suppliers can have their pick of customers, especially if some are easier to do business with, foster collaboration, listen to new innovative ideas and, most importantly, pay on time.

Well before the pandemic, leading organizations in every industry have that strong supplier relationships and a reliable supply chain are paramount. It is critical to have full visibility across all your suppliers and knowing everything about them matters, because this may be the difference between meeting customer demand and falling short of it. Suppliers are a source of growth, innovation and efficiency, but if they are not managed holistically, they can be a source of risk, poor performance and noncompliance.

Enterprise technologies are available to holistically manage your suppliers throughout their lifecycle and incorporate all the necessary elements around supplier information-gathering, collaboration, and risk and performance management. Platforms with these capabilities can help risk professionals to: improve visibility across the supply chain (including sub-tiers of suppliers); ensure compliance with regulatory requirements (particularly new ESG regulations around carbon emissions, cybersecurity or diversity reporting); assess supplier viability and risk profiles; and evaluate performance and target improvement areas. Implementing such a system requires considerable advance planning and strategic thought. But following a deliberate series of steps can help you structure a solid program:

  1. Figure out what you want to accomplish with your supplier management program. 
  2. Secure executive buy-in from procurement, supply chain and IT leadership.
  3. Structure a plan to gather complete information about all your suppliers.
  4. Segment your suppliers into relevant groups, identifying the standards and processes each group is required to meet, and potentially establishing processes for each segment.
  5. Communicate goals, objectives and policies to your suppliers, whether it is around a code of ethics or more specific goals per segment.
  6. Create a process to continuously gather information about suppliers using surveys or a supplier portal, including topics like information security practices, certificates, financial updates and generic information updates.
  7. Establish an onboarding process for new suppliers and use third-party data sources to assess them against requirements and goals.
  8. Implement a monitoring program to regularly track key aspects of the supplier’s risk and performance profile. 

Your criteria can evolve over time, so regular reassessments of those criteria and related mitigation measures are always appropriate, but having them well-defined at the start will be a tremendous help in establishing clear expectations. As in any relationship, clarity is key to reducing the friction that can result from misunderstandings.

At the same time, however, issues directly affecting the supplier are only part of a larger risk profile. As we have seen during the pandemic, the transportation of supplies from a vendor’s overseas site to your own facility is also fraught with risks. For example, there are shortages of active piers, forcing ships to anchor for days or weeks before they can unload. Additionally, higher levels of theft and shortages of truck drivers, shipping containers, warehouse space, cargo pallets and inspection officials can all compound delivery delays. Being aware of issues within the supply chain, having visibility of your suppliers’ suppliers, and understanding relationships and dependencies are all key to be able to respond adequately.

Five Strategies to Protect Against Ransomware and Other Cyberattacks

Posted on by

As organizations continue to adapt to remote or hybrid work models, it has never been more vital to have a robust cybersecurity program to better protect against ransomware attacks and other cyberattacks against company systems and personnel. Ransomware attacks have proven a particular risk in recent years, with attacks like the Colonial Pipeline and myriad attacks on health care organizations demonstrating the serious impact of cyberattacks beyond financial risks, affecting everyday life and business operations.

Ransomware and other cyberattacks are always evolving. Attackers are constantly finding new ways to infiltrate environments while trying to stay undetected. Cyberattacks can target many different points in an organization’s ecosystem, including firewall configuration, patch management, network segmentation and defensive technology. The following five strategies can help companies mitigate cyberrisk and respond to threats quickly and efficiently:

1. Strengthen Asset Inventory
You cannot protect what you do not know exists or cannot see. Having an efficient asset management program can significantly increase visibility and rapidly provide detailed information about systems in the event of a cyberattack. Organizations should document system or device types, operating systems and software used. To be more granular and aggressive, consider documenting what ports and service systems use for business functions and use that as a baseline for future firewall rules and network exceptions.

buy naprosyn online www.biop.cz/slimbox/css/gif/naprosyn.html no prescription pharmacy

Having a strong program is key for every organization, but is even more important in remote work environments.

2. Conduct Security Awareness Training
A comprehensive and effective security awareness program for employees benefits the organization at large. An efficient security awareness program extends visibility and cyber threat detection beyond defensive technologies applied in the environment by empowering people to be a critical line of defense. A robust security awareness training program allows employees to assist with the detection of network anomalies, suspicious emails and other potential threats.

3. Assess Antivirus and Endpoint Detection and Response Programs
Traditionally, antivirus programs have helped detect malicious activity. However, the problem with the traditional antivirus approach in modern day cybersecurity is that attackers regularly update their code to obfuscate and bypass signature-based antivirus products. By employing an endpoint detection and response (EDR) product, organizations create an efficient response to detecting malicious programs and activities based on network anomalies rather than signatures alone. If purchasing and implementing an EDR solution is not viable, consider additional layers of defense around the antivirus software. Ultimately, the goal is to increase visibility and the ability to alert upon suspicious activity.

4. Monitor and Detect New Processes
In addition to having inventory on assets, an organization should document legitimate system processes and software. Upon gaining access to an environment, ransomware downloads and executes its installer to infect the victim. Ensuring visibility into your environment can help IT and information security teams to detect programs or processes with behaviors that deviate from the norm. In turn, this allows operations and incident response teams to respond quickly in the event of those anomalies.
One example is Microsoft Windows’ AppLocker, which generates messages and alerts about anomalies such as when an attacker attempts to install an executable outside of the known baselined created. By creating baseline rules, AppLocker will create an 8003 warning message that can be collected and parsed using a security incident and event management (SIEM) product or log aggregator and monitored by the IT or information security team.

5. Network Anomaly Detection
Ransomware moves laterally across the network while infecting systems. This can be done quickly while raising flags or network anomalies such as authenticating to several systems within minutes. It is uncommon for systems or domain administrators to connect to multiple systems rapidly and on a large scale on internal networks. To differentiate between legitimate and potentially malicious activity, network administrators must first document legitimate network connections and known behaviors. This supports anomaly detection by establishing outbound and inbound connectivity from the organization’s servers.

buy symbicort inhaler online www.biop.cz/slimbox/css/gif/symbicort-inhaler.html no prescription pharmacy

Once the legitimate network connection is documented and a baseline is created, you can leverage defensive technologies and monitoring programs to alert when deviations occur. Then, create alerts in firewalls and SIEM solutions to quickly detect and respond to network anomalies.

As cybercriminals become more advanced, cybersecurity programs must also evolve to identify and prevent malicious behavior. By implementing the best practices and strategies mentioned above, organizations can dramatically reduce their exposure to ransomware and other cyberattacks.