In pre-pandemic life, many companies invested heavily in building sprawling campuses where employees would proudly spend their working hours and oftentimes — the better part of their lives. Office parks were filled with restaurants, dry cleaners, gyms, tiny amusement parks, elaborate coffee setups, and bottomless beer kegs. They offered relocation bonuses and dangled massive signing bonuses to lure candidates to their physical locations. When the pandemic hit, these places became time capsules; relics of the past world we lived in that were seldom used. Companies that were opposed to remote employees had to either embrace it immediately — or die.
As it became clear that the pandemic wouldn’t end overnight, many people moved from these locations to lower-cost, less congested areas. As they left the more expensive cities they were once recruited to, many companies began to revamp their pay scales based on an employee’s location. If you moved from San Francisco to a farm in the Midwest, your employer may have adjusted your salary. To the employer, this became another opportunity to cut corners and save a few extra bucks. To the employee, this was — and still is — unfair. An employee still brought the same skills and experience that they were hired for, yet were asked to take a reduction in pay because you moved to a suburban area to improve your family’s quality of life. That’s messed up.
nVisium was a remote-first employer before the pandemic hit, and we have always been opposed to location-based pay scales. As our company has grown from a few people located in the D.C. area to a geographically diverse company of 30-plus, we’ve had to carefully consider how we manage hiring, retention, and growth for our teammates. We hire the best people regardless of where they live — and we pay them what they’re worth. We believe that we pay for the person and the value they bring to the team. A top tier candidate’s skills aren’t diminished because they don’t live in a major city. Why penalize people who don’t love the urban life?
While we have a physical office in the D.C. area, nVisium has always been — and will remain — a remote-first employer. Our consultants have historically traveled minimally, and we’ve emphasized that we want our team to invest in themselves professionally, as well as keep themselves mentally and physically fit. We offer the entire company a monthly reimbursement for fitness, phone, and internet expenses. We do our small part in reducing the carbon footprint generated by our team by reducing unnecessary travel to and from the office. We’ve built an inclusive culture that focuses on maintaining transparency and a healthy level of personal flexibility for our team. We value your work-life balance and your mental health. Your job should enable you to live the life you want. Your job isn’t your life.
In the modern era where location is less important than ever, if you’re looking for the best people available, pay them what they deserve regardless of where they live. And if you don’t, someone else will.
Data breaches and data leaks have taken over cybersecurity headlines for years. It seems that there is a constant flow of people's private, public, and every other kind of information stolen, leaked, sold and more.
Although data breaches and data leaks are often used interchangeably by the media, in reality, they are two very different things.
ARP spoofing — also known as ARP poisoning — is a type of man-in-the-middle attack where an attacker sits between a targeted victim and the router to listen in on their online traffic. This is a form of cyber attack carried out over a local area network (LAN) that involves sending malicious address ARP packets to a default gateway on a LAN in order to change the pairings in its IP to media access control (MAC) address table. Address resolution protocol (ARP) translates IP addresses into MAC addresses. Confused yet? You won't be for long since, by the end of this post, you'll not only understand ARP spoofing, but be able to demonstrate it. And as a result, you'll even learn how to protect yourself against these attacks.
This past year saw no shortages of breaches, ransomware attacks, and revealed vulnerabilities in the news. nVisium’s team of world-class application security experts is regularly featured in the media for our security and industry expertise. Let’s take a look back to some of the most memorable headlines and security incidents that rocked the infosec industry in 2021.
The pandemic and work-from-home shift have had a huge effect on the mental health of those in every industry, but the issue is exacerbated amongst development teams since they have historically always been ‘behind the scenes.’ The element of face-to-face interaction has been blurred or lost completely, furthering feelings of isolation among those already in ‘head-down roles. And the absolute last thing that anyone in any role or industry wants to feel like is just another cog in the machine.
A security champion is a developer with a vested interest in security who helps to amplify the security message at the team level. Security champions don’t need to be security experts; they just need to act as the security heartbeat of the team, keeping their eyes and ears open for potential problems. In turn, once the team is aware of these issues, it can then either ﬁx the issues in development or call in your organization’s security experts to provide guidance.
The internet was shaken by the outage of Facebook earlier this month. Dozens of big-name companies, including countless smaller ones, were affected by this outage. Because of something as simple as a misconfigured Domain Name System (DNS) record, every device with the Facebook app integration started DDoS-ing recursive DNS resolvers — DDoS meaning "Distributed Denial of Service." This, in turn, caused overloading in numerous cases across the board.
Well, it seems the bad guys have won another one with the recent 75 bitcoin ransom payout to unlock the Colonial Pipeline. And despite early indications with the shutdown that other methods would be taken to restore service, it seems that sometimes crime does actually pay. This beg the question of if there are best practices, we should be implementing to take stronger steps towards prevention?
Security should not be a taboo subject for the average business owner, especially when it comes to your information assets. Given that we most live in a knowledge-based economy and every organization relies to some degree on the IT infrastructure, it stands to reason that even a small breach could have catastrophic consequences. So, what should the average business do to protect itself?