2Know Magazine: Sharing KM Knowledge
2Know: Sharing KM Knowledge
July 2020 - Magazine No. 250
July 2020 - Magazine No. 250
Edition:
Guest article: Do you value your assets?

Nearly all of us, when asked that question, think immediately of our apartment, our stocks, our pension, and vehicle. Perhaps some think of their factory, machines, and stock. Few consider their organization's data assets. This review will hopefully clarify that every business's (not exclusively hi-tech organizations) most important asset is its data.

Data can be many things: a customer list or suppliers, patents, thinking, production procedures. But it is much more. Assets include personal, even embarrassing information; information that can present an organization or those heading it in a less-than-positive light. Every factory, safe or vehicle, has a key and alarm to keep it safe. Are your data assets protected by a similar mechanism? The answer is usually: no.

Take John, for example. John heads a communications organization that is currently in the midst of a merge and purchase process with a much larger international organization. John is preparing for the challenges and opportunities this merge may encompass, including cutting down local headquarters so to expand the company, thus making it international.

Unfortunately, John's morning took a totally different turn. An hour into his morning, John gets a call from a journalist asking what he has to answer to the claims that the company acted in conflict of interest in a foreign country while bribing the local company not to take part in any tenders in the country. John then is contacted by the country's largest cable provider claiming John's company has been postponing his cheques for 120 days. This is it, he says. I a m through with your company. An hour later, the CEO of said international organization calls to inquire whether during the due diligence process John's company concealed the fact that their five last bids at government tenders have been rejected on grounds of inadequate corporate governance?

 

This outcome, paraphrasing an actual scenario, was the result of a company worker pairing with a relatively low-level hacker. Using basic tools, such as social engineering and accessing organizational email, they attempted to prevent the merging process which may have harmed the worker's position.

Original documents were planted into company servers, and by simply editing the names of their payment destinations, falsely presented decision makers with these 'transfers'. These documents were sent to journalists via the organizational email of one of the organization's CEOs, complete with a list of facts that fitted the attachments. Through another organizational email, belonging to an accountant, they sent messages to all suppliers stating that 'due to a financial crisis, the company regretfully is pending all payment". The fake tender biddings were sent to the purchasing organization, hidden among authentic documents.

These could all have been prevented by asset charting: strategic files, customer list, supplier list, encrypted data, etc.

In this case, the organization acted quickly. The organization's remaining assets were secured and mapped, while relevant evidence was collected: an in-depth forensic inspection of all computers and email correspondences revealed that this was an inside job. The material was collected as part of a legal process of legal risk hedging and considering further action, including pressing charges against the hackers, and involving the police. Thus, the inspection was kept entirely secret. Meanwhile, company workers were equipped with the right messages and all interfaces through which the fictitious correspondences were fixed.

Not every company would had taken this course of action. Admitting to such an infiltration would be considered a sign of weakness, and as such would usually be dealt with discretely. Besides, most organizations do not possess the technological and legal tools to deal with a cyber crisis. Not only does the secretive handling of this situation ironically prevents exposition, but also there is a limited timeframe during which the company can still response. Once the time is up, the company remains with no solution and substantially harmed. Many a case include a belated call for help due to a ransom demand following a simple email sent to the company. These emails contain a virus which locks all files on the computer a say or two later. All data on organization network is now encrypted, with the perpetrator holding the keys to it. Companies tend to try and solve these cases on their own. They try bargaining with the offender or recreate the data either independently or by hiring a computer support service. These tactics only enhance the infiltration, usually leading to the loss of vast amounts of financial and corporate data. The financial loss is usually immense.

Nowadays, with the coronavirus raging and remote work a necessity, many organizations are being attacked by various hackers using the 'man in the email' technique: they await in the organizational email network after hacking into it. Organization workers contact a legitimate party they know, but on its way, someone intercepts their email, altering its content and sending it back to the sender. These workers are oblivious to the fact that someone is faking both sides of the correspondence or of the illegitimate content they have received. In these cases, hundreds of thousands, sometimes even millions of dollars are stolen by someone who is fooling both sides. Only after the money has already been transferred from account to the other, yet the receiving side has not received its share, do they start asking questions. Both sides are puzzled, and such a case can harm business connections. However, once they contact each other and share copies of their correspondence, they realize that they were victims of a well-crafted scheme. Needless to say, the money has long gone by then.

We recently handled cases in which a quick response to the threat was crucial to preventing the transfer. In some cases, we intercepted transfers and, collaborating with the police and a global network of lawyers to which we belong, successfully intercepted the entire sum. In other cases, some of the sum was already withdrawn while the rest of it was successfully intercepted.

The legal technological interface in these cases is a tiebreaker when facing these adversaries. We highly advise you to seek consult.

 

-Gilad Cohen is a strategic-technological consultant

Rami Tamam of RCTO Law specializes in managing cyber, laundering, and white-collar crises.

 

 

 

 

 

Written By Igal Berman

In today's digital world, everything changes and moves extremely quickly. However, what has not changed is everyone striving for exposure and increasing it. Exposure is important in the digital field, in advertisement, in marketing, and the intra-organizational field. Everyone wants to more customers to be exposed to their content.

This meant that for your video to stick out, it must be unique so to catch users' eye. One way to attract the user is using odd number, since studies show that the human brain pays more attention to them.

 

 So, you might be posting a video explaining how to prepare a document or different ways to improve some work method in the organizational world. This video's title should include an odd number and an apt description. For example, '7 time-saving methods' or '5 creative ways to prepare a document'. This will get the users' attention.

In conclusion, put some thought into the title of the videos you post and use odd numbers.

Written By  Sahar Sade

 

Many products define themselves as Knowledge Management products. While some are well known and frequently used, I wish to focus on some lesser known products.

  • Atlassian: an international organizational software that enables sharing for software development and project management environments. It sells its products online via its website.
  • Attivio: a company providing data analysis tools via an activa AI search engine. This engine provides a software platform which offers an organizational search, Business Intelligence, data storage, process automation and business analysis. It incorporates structured and unstructured content in a single index. Thus, said content may be easily searched, analyzed, and interpreted.
  • Bloomfire: an organization producing internet-based software applications meant to increase virtual knowledge and insight sharing within the organization. The software enables users to create communities in which one can post Q&As, add, or generate new content and search/browse existing content. Its purpose is to increase accessibility to data in the organization to provide workers with the knowledge they may require performing efficiently. The software supports 53 types of file, thus enabling users to upload video and audio files, pictures, slides, and text documents. It showcases automatic video and audio copying features, converting it into searchable text.
  • Broad vision: an international software supplier specializing in self-service internet apps for social organizational software, e-trade, organizational portals, and customer relations management. One of the company's prominent tools is QuickSilver, which enables businesses to create and publish long and complex documents in various formats and languages.
  • Coveo: a platform supporting search technology and modular organizational recommendations which allows users to add an index of data stored in various databases, use machine learning to make content accessible and retrievable via search-blocking interfaces.
  • Empolis Information Management: supplies a smart data management software, a combination of Knowledge Management, content management and service management. Smart data management represents intelligent creating, managing, and processing of all data relevant to the organization regardless of any characteristics such as producer, source, format, application, user location or device. It thus allows users to receive reliable, precise, and relevant information.
  • Fresh Desk: a company supplying organization management solutions. It offers several features, including:
    • A call system which combines elements of email, phone calls, chat, and social network- all in one tool
    • Automation of workflow to fixed or repetitive processes to conserve human resources otherwise applied for manual operation
    • Substantial database, internal searching, community message boards and a support bot allowing organization members to navigate more easily.
    • Preparing personally adapted reports including insight management and lessons learned.

The company also provides users a free trial period for further examination to allow users to try out and/or positively impressed by these products and services.

 

  • Safe Harbor is a company which provides knowledge base management services, specializing in assisting organizations in sorting and organizing knowledge bases and supportive content. They do so by examining and updating knowledgebases continuously, noting any flaw in content and immediately sending any "suspicious" content to be handled by the support crew. Furthermore, they document content such as FAQs, frequent problems, and their solutions for future use
  • Zendesk is a simple tracking, prioritizing and support solution management system. Among its products are a support call management system, knowledge-based self-use guide, direct messaging service, call management software, analysis and report tools, community message board, etc.
  • SABIO GmbH is a company providing Knowledge Management services. One of its advantages is that it offers a free trial period so to try out their services and products. It offers a search engine equipped with smart algorithms which study users' every interaction, constantly improving the search. The results are presented dynamically, based on relevance, exposure, popularity, and tags. Additional filters (e.g. content type) can be used to perform a specific, personalized search.

These tools, among others, are meant to allow organizations and users to effectively manage the organization's knowledge, each in their own way according to their varied expertise. This enables each organization to choose the tool which is most compatible with their needs.

References:


https://www.atlassian.com/ 
https://www.attivio.com/ 
https://bloomfire.com/ 
https://broadvision.com/ 
https://www.coveo.com/en 
https://www.empolis.com/ 
https://enterprise-knowledge.com/ 
https://freshdesk.com/ 
http://safeharbor.com/ 
https://www.zendesk.co.uk/ 
https://www.getsabio.com/ 
https://en.wikipedia.org/wiki/Main_Page 

 

Written by Rom Knowledgeware
Fax 077-5020772 * Tel 077-5020771/3 * Bar Kochva 23 st., Bnei Brak Postal: 67135