Connect with us

Business News

Despite DocuSign promises, they couldn’t avoid the inevitable

(BUSINESS NEWS) There are no guarantees of safety, no matter how hard a brand works to secure docs.

Published

on

docusign

uh-oh

DocuSign, the leading electronic document-signing company for over a decade, promises to “move business forward securely and reliably” on its website. Last Monday, their promise fell short of reality.

bar

The company announced that in a brazen breach of security, hackers illegally acquired email addresses and contact lists of clients, which were later used to launch damaging phishing attacks. The messages contained a link to a Microsoft Word document containing malware.

Malicious third party

In a statement the company said, “Today we confirmed that a malicious third party had gained temporary access to a separate, non-core communication system used for service-related announcements that contained a list of email addresses.”

The extent of the hack was unspecified by the company, leading to speculation that the reach was deep and widespread.

It was also unclear how many clients fell victim to the phishing attacks.

Nothing pertinent

But DocuSign denied an invasive attack, stressing that only email addresses were compromised. The company statement claimed, “A complete forensic analysis has confirmed that only email addresses were accessed; no names, physical addresses, passwords, social security numbers, credit card data or other information was accessed.”

It seems that secured documents sent by clients through its system for eSignature were not compromised.

But the company feared phishing attacks containing a counterfeit DocuSign branding logo with addresses ending in “docus.com”, a lookalike fake domain would continue to proliferate. The attack lured victims to a wire transfer or accounting invoice declaring “Document Ready for Signature”.

Damage control

In our digital era, huge waves of coordinated phishing attacks, sometimes even state-sponsored, are have become extremely common. So some security experts seemed not too alarmed by the DocuSign breach. Troy Hunt, a security expert told Inc.com, “It’s usually a trivial affair to track down someone’s address because after all, that’s how you get in touch with them!”

However, the eventual phishing attack contained sophisticated malware in the attachment that had the potential to access passwords or even banking credentials.

To its clients, the company struck a tone of extreme caution and instructed to “forward any suspicious emails related to DocuSign to spam@docusign.com, and then delete them from your computer.”

It assured them further by saying, “We took immediate action to prohibit unauthorized access to this system, we have put further security controls in place, and are working with law enforcement agencies.”

DocuSign deals is built on trust.

It has access to extremely confidential documents—from sensitive business contracts to medical documents. Any reports of digital vulnerability might immediately turn clients away from availing their services.

The company seems to be acutely aware of this.

Nearly five years ago, the American Genius ran a story about how many DocuSign clients’ information appeared to have been publicly accessible through Google search.

The company vehemently denied any breach of security back then and explained “it appears that a very small number of DocuSign users have saved their own personal copies of their signed documents to publicly accessible and searchable locations outside of the secure DocuSign Global Network,” essentially shifting any blame on users.

No scapegoat this time

This time around, the company had to admit a third-party caused the breach.

On their website, DocuSign tells clients to “get to ‘yes’ faster” by availing their services that are “more secure than paper.”

On paper, in fact, that’s not true anymore.

#Docusign

Barnil is a Staff Writer at The American Genius. With a Master's Degree in International Relations, Barnil is a Research Assistant at UT, Austin. When he hikes, he falls. When he swims, he sinks. When he drives, others honk. But when he writes, people read.

Business News

Sneak peek at what Gen Z wants from employers

(BUSINESS) Gen Z is up and coming in the workforce. Grab their attention and keep them on board with these tips for employers.

Published

on

gen z

If I had been born one Olympic Games cycle later, I could include myself in Gen Z. Alas, I’m classified as a Millennial, and now that Gen Z is growing up, marketers and businesses are after this fresher generation’s attention.

While there’s no exact start and end date to who counts as Gen Z, demographers and statisticians generally consider this generation as people born between the mid 1990s and mid 2000s.

Also referred to as Post-Millennials, Gen Z is defined by kids who grew up using the internet at a young age, and are comfortable with social media and technology.

Now that the older end of Gen Z is preparing to graduate college, a new demographic is entering the workforce. Employers who were previously scrambling to attract Millennials are now after the freshest crop of recruits.

Bazaarvoice, a social strategy company that connects brands to consumers, weighs in on what Gen Z is looking for when it comes to employment. 73% of their workforce are Millennials, so Bazaarvoice clearly knows how to attract and retain young talent.

Based on their research and experiences, Bazaarvoice dug into what Gen Z wants from companies, and how businesses can work to reach this upcoming group.

Like Millennials, Gen Z are considered digital natives, aka people who were raised using technology rather than acquiring familiarity at an older age. However, this doesn’t mean Gen Z wants the same thing as Millennials in a career.

Gen Z kids grew up during a time of social progress, and tend to value inclusion for all demographics. Equal marriage rights, electing a black president, and more vocal religious diversity were not historical moments for this generation, but rather a normal part of life.

This is the most diverse generation to date, and they expect to see this reflected in their workplace. A commitment to diversity as well as clearly established company values will draw in this new batch of employees.

Companies should consider providing initiatives like matching charitable donations, paid time off for volunteer days, or even volunteer opportunities directly through work. According to Bazaarvoice, “equality is non-negotiable” for Gen Z.

Employers should ensure their hiring practices bring diverse candidates to the recruitment pool with “blind” screening, no gender pay gaps, and a welcoming workplace that celebrates diverse identities.

And make sure to really stick with and clearly communicate these initiatives and values, because Gen Z will certainly put in the research. Expect your Glassdoor, Indeed, LinkedIn, and social media pages to be thoroughly analyzed by this tech-savvy generation. Any indiscretion will be noted.

Your employer brand must be consistent across the board to provide honest expectations to a generation wary of hollow advertisements. Including current employee stories in your promotions aids authenticity since this group prefers recommendations from people, not ads.

Once you’ve got Gen Z’s attention with your company values, you have to match their ambition as well.

Gen Z isn’t going to settle for some low pay, crap benefits position. Since a significant portion owes on student loans for education they’ve acquired to work for you, they’ll hope to be fairly compensated with a competitive salary and decent benefits.

This generation grew up with social media influencers and young CEOs rising to fame, so they’re quite independent and motivated. Gen Zers don’t want to feel like part of the machine, they want to make a real impact even at an entry-level position.

Offer chances for autonomy, personal growth, and continued education to appeal to this incredibly motivated group. Gen Z makes up around a quarter of the population, and employers who put in the effort to reach this group will benefit as more Gen Zers enter the workforce.

Continue Reading

Business News

How to level the gender playing field in tech (and other industries)

(BUSINESS NEWS) One job search site has a reasonable answer to solving the gender gap problem in today’s workforce, and others should take note.

Published

on

gender gap

As an employer, you should be screening employees based on qualifications and preferences, not a candidate’s gender. This seems obvious, but even the most well-meaning employers and recruiters are subject to the curse of implicit bias.

Implicit bias comes into play when unconscious attitudes or stereotypes about someone’s gender, sex, race, ethnicity, age, religion or other identifying features are used to judge that individual’s competency. This is different from known biases, where a person is aware of any stereotypes they may believe, but may choose to not disclose their views.

Major universities including Harvard and Yale teamed up to create Project Implicit, a series of implicit-association tests (IAT) to detect implicit bias through a series of quick associations. Their popular Gender-Career IAT “often reveals a relative link between family and females and between career and males.”

The test has users pair pre-established names of men and women with family and career words. Test takers are prompted in one round to quickly match pre-categorized masculine names with words typically associated with family, while the next may have users pair feminine names with career words.

Based on hesitation and accuracy, users get an interpretation of their potential implicit biases. This comes into play with employee screening, where something as simple as seeing a name on a resume can influence an employer, even in the absence of known biases.

In a Skidmore University study, social psychologist Corrine Moss-Racusin created two identical, fictitious resumes for a lab manager position. The resumes only differed in name, with one fake applicant named Jennifer, the other John.

Different versions were sent out to STEM professors across the country for evaluation. Overall, the “Jennifer” resume received less interest, and was recommended a salary that was on average $4000 less than the identical “John” resume.

Implicit gendered bias was even present in women scientists who participated in reviewing the resumes. In the STEM field, women are underrepresented. Especially in tech, men are disproportionally hired over women.

So what can be done to level the playing field for gender when even a name could make employers think women candidates are less qualified?

Stop looking at names when initially researching a candidate. Okay, I know this is easier said than done and isn’t feasible if you’re screening through normal process of resume submission and in-person hiring events.

But if you use an online source, more platforms are offering solutions for fairer hiring practices that allow you to blind screen employees during initial rounds.

For example, job search site Woo offers anonymity for prospective employees, only revealing a candidate’s name and profile with their permission. During the initial pairing process, skills and background are shared, but other details are not available.

When setting up a talent profile, potential employees fill out a wish list, telling Woo about ideal opportunities, like higher salary, company culture, or desire to work with new technology. Likewise, employers set up their profile to reflect what their different positions can offer.

Using an AI algorithm, Woo calibrates employer with employee preferences to make relevant offers. During this step, user’s identities are hidden until they find an opportunity that matches preferences and actively choose to share their expanded profile with that company.

Woo even adjusts education and work history “so that it’s completely generic and less personal” to provide further identity cloaking. (Bonus: if you’re job hunting on the DL, Woo won’t pair you with current or past employers.)

This means employers can’t apply implicit or explicit bias based on name or profile information that may reveal personal details like gender or race.

Once a user chooses to share this information, employers are free to Google and social media hunt the prospective employee to their heart’s content.

Until then, talent benefits from being seen solely for their skills and experience. This can help level the playing field, especially in the tech industry, which is notoriously skewed towards hiring men.

Major companies like Lyft, Wix, and Microsft are already using Woo, and the service is available to employees in the United States and Israel.

Other job sites should consider scrubbing personal details like gender and name for initial searches and matches when showing results to employers. This can help eliminate bias based on gender and other personal factors.

If you’re seeking a job, you can use Woo for free. Employers can submit info to get contacted by Woo about joining up and staring a better, bias free recruitment process.

Continue Reading

Business News

As soda sales slump, companies consider crazy coffee

(BUSINESS NEWS) Retail trends continue to shift as new generations demand innovation – soda sales are slumping and brands are looking to coffee as the answer.

Published

on

coffee

Since the 1950s, beverage companies have been concerned with the shift of market share from soda to coffee in terms of breakfast and afternoon drink staples. Well now, that fortune has been reversed. According to analysis by the Washington Post, coffee may once again trump the caffeinated drink market, leaving soda manufacturers to question what may come next, while planning a strategy to enter the playing field.

The slump in soda sales are causing some beverage manufacturers and parent companies looking to merge or acquire others in order to hook the consumer throughout the afternoon and into the evening. Considering that in late 2017, Coca-Cola acquired hipster sparkling water favorite Topo Chico, other companies are falling in line to make sure that their reach goes beyond the high fructose corn syrup.

The secretive JAB Holdings, the German parent company of Panera Bread, Keurig, and Stumptown Coffee Roasters, acquired Dr Pepper and Snapple, making this 40+ drink brand company a bigger player than ever in the search for “the new soda.”

So what is going to be the “new soda”? One answer companies may have is the coffee beverages that are certainly similar to their current soda line-up. Outside of Pepsi and Coca Cola, bottling ready-made java drinks on behalf of Starbucks and Pepsi, some brands are really leaning into “soda, but not” for their coffee beverages.

The 2017 National Coffee Drinking Trends Report predicted four of the big trendy brands that soda is up against: regular cold brew, sparkling cold brew, nitro joe on draft, and ready-to-drink coffee products. Stumptown Roasters, underneath the Dr Pepper and Keurig mega brand umbrella, has been producing sparkling cold brew since early 2017, which seems unlikely to change in light of these market trends.

The morning mud appears to be an American drink pastime that isn’t going away, with the millennial and Gen Z market wanting exciting coffee innovations to keep their interest and cash loyalty. Soda companies, in this day and age, are struggling to balance their brand portfolio to make sure that dollar keeps flowing, just like their beverages.

Continue Reading
Advertisement

The
American Genius
News neatly in your inbox

Join thousands of AG fans and SUBSCRIBE to get business and tech news updates, breaking stories, and MORE!

Emerging Stories