Wednesday, July 18, 2018

Web Secret 528: 11 ways to encourage yourself and others to take a break from technology

I recently came across a Forbes article "11 Ways To Encourage Mental Breaks From Technology In The Workplace."

Interestingly, most of the suggestions could be applied to ourselves or our families. As usual, here is the edited version:

1. Create Smartphone Break Areas
Ask people to voluntarily put the smartphone in a box in a certain area of the workplace.

2. Truly Respect Time Off
If an employee is supposed to be off of work, do not send them an email during that time. Don't assume an email is less intrusive than an actual phone call. If you would not call them at that hour, then don't email either.

3. Create Boundaries For Out-Of-Office Communications
Unless a job is billed as 24/7 on-call, maintain boundaries for outside hours communications. Establish cut-off times that are clear and enforceable as nightly deadlines for work outreach.

4. Leave Phones Out Of Meetings
Have a "no smartphone" policy in meetings -- not just team meetings but one-on-one meetings in your office. Leave your phone out of sight, switched off, or put it on silent with no vibration.

5. Clarify The Level Of Priority
Give your team the flexibility of priority awareness. Use the subject line of an email to scale the urgency of an action. Notations like "action by COB today," "before lunch," or "prepare for next staff meeting" give a clear timeline. On the other hand, preceding status updates with FYSA (For Your Situational Awareness) clarifies that no immediate action is required.

6. Promote Self-Care
Implement a wellness program, add yoga and other de-stressing activities, and/or add a quiet zone. Create safe, phone-free zones for employees to unwind and decompress. Senior leaders must demonstrate that they value self-care and allow spaces for employees to do the same. This also means that out-of-office truly means that employees are unavailable during that time.

7. Encourage Employees To Disable Notifications
Getting a mental break at work can be less about getting away from the smartphone and more about diminishing unnecessary sights and sounds. Sound and sight distractions such as email, text and app notifications exponentially increase stress and decrease productivity. If you do nothing more than turn off email "pings" and pop-up windows, you will greatly enhance a sense of focus and calm at work.

8. Take Meetings Outside
If you work near any green space, start taking small groups or one-on-one meetings outside. Find space near a fountain to meet with employees or just walk and talk. Fresh air stimulates greater creative thinking. Walking improves circulation and overall health.

Wednesday, July 11, 2018

WebSecret 527: Happiness in an app

The New York Times recently published an article listing "happiness" apps.

Since we could all use a little happiness, here is what they recommended:

Happy Not Perfect

Designed to bio-hack the brain in five minutes, Step 1 of seven, Check-in, decreases the impact of an emotion just by acknowledging it. Step 2, Breathing, takes you out of fight or flight. Step 3, Journaling, allows you process, digest, and let it go by way of a digital fire ceremony. Step 4, Gratitude, shifts the focus to the positive. In Step 5, a mini Mind Game disrupts thought patterns. Step 6, a Compassion Challenge, boosts self-esteem. Step 7, Vibes, lets you pay it forward. Guided meditations are optional.

Perk: A subscription ($9.99 for one month; $39.99 for six months; $59.99 for a year) provides access to more than 250 meditations and to a gratitude diary and compassion challenge history.

Smiling Mind

Developed by psychologists and educators, Smiling Mind is a free app aiming to make mindfulness accessible to everyone, including children as young as 7. Meditations are offered according to age group and audience, for example Adults, Sport, Mindfulness in the Classroom, Mindfulness in the Workplace. Prompts like “How Do You Feel?” encourage checking in with oneself.

Perk: With Family Sharing, up to six family members can use this app.

Insight Timer

The most popular free meditation app on Android and iOS stores, Insight Timer is home to some 4.5 million meditators and offers guided meditations, talks and podcasts by mindfulness experts, neuroscientists, psychologists and meditation teachers, in 25 languages, on topics including depression and grief.

Perk: Practitioners of all levels seeking community can see how many meditated “with” them, send direct messages and join discussion groups.

Aura

Named the No. 1 New App by Apple in 2017, Aura offers mindfulness meditations, short stories, music, sounds of nature, a gratitude journal and life coaching sessions to soothe stress and anxiety and help users sleep better. The artificial-intelligence-powered program uses questionnaires to personalize and improve the user experience.

Perk: The app is free - however, a subscription ($11.99 for one month; $59.99 for one year; $399 for lifetime) allows unlimited access to meditations of 3 minutes, 7 minutes or 10 minutes.

OM

Wednesday, July 4, 2018

Web Secret 526: individual cybersecurity when traveling

So you have tickets to the FIFA World Cup in Russia.

Lucky you.

Remember when, a few posts ago, I told you that Russia is enemy number one when it comes to cyberwarfare?

This is what Conde Nast Traveler thinks you need to do to safeguard your data if you choose to go (just about anywhere in the world):

If it looks too good to be true, it probably is Free tickets, FIFA lotteries, VIP seating upgrades—chances There is no such thing as a free lunch. Do not reply to, click on or otherwise interact with these offers. Delete, delete, delete.

Protect your devices. If you can, leave the devices you really love at home. Invest in a cheap unlocked phone you can use when you're traveling with a local SIM cards. If you absolutely need to bring a laptop with you when you travel, consider buying a sub-$500 Chromebook, eg: the Asus Flip C302. Bonus: with Chromebooks, everything is stored on Google's cloud, so if it the laptop gets jacked, you won't lose everything.

If you insist on bringing your laptop, make sure everything is backed up in the cloud and on an external hard drive before you leave, and ensure the device is secured with a password that isn't "password123."

Public Wi-Fi networks are basically "Steal my stuff" invitations Avoid public Wi-Fi networks when you can. Even if you think you're somewhere safe, like your hotel lobby, it's not worth the risk. You don't know who else is in that lobby, and you don't even know whether the network you're connecting to is legit, it's not hard for a hacker to create a hotspot with the name "Hotel Free Wi-Fi."

If you absolutely have to connect to one, don't do anything sensitive.

Use a VPN (virtual private network). Think of a virtual private network as a tunnel that encrypts all your data as it passes through and scrambles your location (by changing your IP address), even if you are connected to the internet through a public network.

Two that are recommended by Wired magazine are F-Secure FREEDOME VPN and www.privateinternetaccess.com.

HTTPS is your friend—HTTP is not. If a website starts with "https" it means it's encrypted, making your browsing more secure. If it's missing that "s"—for secure—anyone can snoop on what you're doing. To be safe, install HTTPS Everywhere as an extension into your browser: it automatically switches sites from the door-wide-open http to the far more secure https.

Rent a portable hotspot. Far more secure than public Wi-Fi are portable hotspots, the pocket-sized devices you can rent. They give you a secured individual Wi-Fi connection around the world, so you can connect to the internet without using international data or open Wi-Fi networks. Skyroam (starting at $9 a day) and Roaming Man ($9.99 a day) are two good options; both give you password protected 4G Wi-Fi access in more than 120 countries around the world.

Be safe.

Wednesday, June 27, 2018

Web Secret 525: Virtual reality sexual harassment prevention training

I used to provide corporate training programs on sexual harassment prevention.

The typical audience for one of these training events was at best bored and at worst overtly hostile. The higher the ratio of men to women in the room, the more hostile the group. But I still think I did a good job.

I divided everyone in the room into teams of two. I provided the pairs with 10 vignettes which they had to discuss and decide whether the behavior constituted sexual harassment. This task rapidly defused the anger and made everyone think about harassment - maybe for the first time. After a set amount of time, I brought everybody back together and we discussed each vignette, calling on the teams to share their decision making process and their answers. It was consciousness raising for the participants.

But that type of training is labor intensive and expensive. And quite frankly, not typical of the average training. Most programs are didactic affairs where a lawyer stands in front of a group of co-workers and drones on about case law.

There had to be a better way, and to accomplish that, Morgan Mercer, founded Vantage Point.

As detailed in a recent Wired article, Morgan was at a dinner party in late 2016, when the conversation turned to harassment. Everybody agreed on one point: People can’t identify it and don’t know when to step in. A few mornings later, she woke up with the idea that virtual reality (VR) could help. She taught herself basic programming, and within nine months had secured funding and signed up multiple partners.

The rest of Vantage Point’s plan involved making the simulations as immersive as possible. Here is a typical scenario:

Prepping for a big presentation is stressful, and your boss isn’t making it any better. He’s leering at your coworker Rachel in the middle of a meeting (!), asking if she’s bringing a date to the company dinner (!!). I mean, what do you do? Say something? Take it to HR? Talk to Rachel? The discomfort is the point.

Well done, Morgan.

Wednesday, June 20, 2018

Web Secret 524: Robocalls

I absolutely loathe robocalls.

So imagine how not surprised I was when I came across a New York Times article that confirmed what I already knew: robocalls are proliferating because it is so damn cheap to send them out by the thousands.

Better yet, the Times had a companion article "Robocalls Flooding Your Cellphone? Here’s How to Stop Them."

Let me summarize it for you:

Rule No. 1: Do not answer numbers you don’t know. If you do answer, don’t respond to the invitation to press a number to opt out. That will merely verify that yours is a working number and make you a target for more calls. Turn to the government

Rule No. 2: Turn to technology.Download apps such as Truecaller which will block the calls. YouMail will stop your phone from ringing with calls from suspected robocallers and deliver a message that your number is out of service. Many of these apps are quite pricey. Hiya is free.

Rule No. 3: Turn the tables. The Jolly Roger Telephone Company turns the tables on telemarketers. This program allows a customer to put the phone on mute and patch telemarketing calls to a robot, which understands speech patterns and inflections and works to keep the caller engaged.

The robots string the callers along with vocal fillers like “Uh-huh” and “O.K., O.K.” After several minutes, some will ask the callers to repeat their sales pitch from the beginning, prompting the telemarketers to have angry meltdowns.

Rule No. 4: Watch what you say. One recent scheme involves getting consumers to say “yes” and later using a recording of the response to allow unauthorized charges on the person’s credit card account, the F.C.C. warned in March.

When the caller asks, “Can you hear me?” and the consumer answers “yes,” the caller can gain a voice signature that can later be used to authorize fraudulent charges by telephone.

Best to answer with “I can hear you.”

The future: The callers are evolving. Some have numbers that appear to be from your area code; others employ “imitation of life” software in which the robocall sounds like a live person, complete with coughing, laughing and background noise. This artificial intelligence can be programmed to interact in real time with a consumer.

I'm scared too.

Wednesday, June 13, 2018

Web Secret 523: Cybersecurity - part 5

This is the last in a series of 5 posts about cybersecurity.

Do you ever host or attend conferences or meetings? Rhetorical question.

There are cybersecurity best practices to consider, as I discovered after plowing through "The Cybersecurity Challenge", an article which I summarized for this post.

Registration puts financial information at risk. If you are storing any personally identifiable information and collecting credit card payments, you must comply with the PCI (Payment Card Industry) data security standard. There are companies that can help you with that.

Every assemblage of human beings includes a large mobile devices. It is not unusual for attendees to have a smartphone, a tablet and a laptop.

A large risk facing planners and attendees is the ill-advised use of free or “public” Wi-Fi networks in the destination. A large number of destinations have taken measures to prevent rogue Wi-Fi networks tricking attendees into connecting to them, however it’s still a common threat to take into consideration.

It is a relatively straightforward task for bad guys to generate a Wi-Fi signal that is going to look equal to or better than a real one. And they might even tailor it to your meeting and say, ‘Attention EAPA convention attendees — free Wi-Fi available to you.’ Such a hoax is called a “man in the middle” attack. It means the bad guys now have unfettered access to your computer.

Some experts advise clients to inform meeting attendees they should never use the free Wi-Fi networks in a Starbucks or any other public place.

We’ve gotten people to the point that when they are at a hotel or convention center, they expect free wireless internet. That is what has created the vulnerability that everybody now faces.

The typical meeting attendee, however, is not aware of the risk. And a big part of the problem, is that meeting attendees don’t read their program or background material. And the people running the meeting don’t make announcements telling attendees not to use unofficial free Wi-Fi networks.

Not even the safety of the Wi-Fi network at a hotel or convention center should be taken for granted. You must make sure that the provider is using secure equipment and that it has secure connection from its technology to the internet. You also need to make sure that the people involved in running it have been backgrounded and vetted.

The good news is that there is a simple recommendation to mitigate risk. Before attendees head out to your meeting, send them an email that is about just one thing, online security. It should say, "We are concerned about your cybersecurity, so we are informing you that the official Wi-Fi network for the meeting is named XYZ. That is the only network you should connect to. If you connect to anything else, we cannot promise that you are secure.”

Another option is to make a formal announcement at the meeting. For example, at the beginning of an opening general session.

A more elaborate step is to use a virtual private network, or VPN. A VPN is a computer program that creates encrypted connections. And because of that, it’s much harder for someone to intercept your signal. The technology is widely available and inexpensive today. It can be acquired for just a month to cover the meeting dates, then canceled.

Pay attention, people!

Wednesday, June 6, 2018

Web Secret 522: Cybersecurity - part 4

This is part 4 of a 5 part series on cybersecurity.

What can mental health providers and institutions do to protect themselves from a cyber attack?

Even a one person private practice or a smaller company can implement cyber safeguards.
  1. Become knowledgeable about technology. Mental health clinicians are notoriously tech adverse. However, unless you are living and working off the grid, ignorance is no longer acceptable.
  2. Educate yourself and your employees about the threat of cyber-attacks and ransomware. Education needs to be an ongoing process.
  3. Use two factor authentication and encrypted email for sensitive information. Hushmail is a secure email utility. 
  4. Make sure your website is HTTPS (HTTP Secure), e.g. https://www.mycompany.com. In HTTPS, your website is encrypted by a layer of security and thus is less vulnerable. 
  5. At the Forum, we were told that 95% of malware can be addressed by anti-virus software. So deploy anti-virus and update as needed. 
  6. When Apple or one of the major tech companies you use (e.g. Microsoft) sends you an update patch, download it.
  7. Use complex passwords.
  8. Over and over the experts at Yale talked about the need for “good cyber hygiene.” Establish standards for cyber literacy, and other necessary protocols.
  9. Have a workplace social media policy.
If you aren’t sophisticated about things computer, hire an expert.

As we said good-bye, one attendee said, “and now I go back in my car and drive away while using Waze to find my route and Spotify for entertainment, giving up my privacy and leaving myself wide open to hacking.”