For 44 years, Consilex AG has offered its customers highly qualified consulting in organization and information technology. Local experts for local customers has been a guiding principle in the company's development since its founding, the company writes. Thematically, Consilex focuses on project management, requirements engineering, legal engineering and corporate learning. 

Consilex AG also describes itself as progressive in terms of corporate structure and management: lean organization, sociocracy, self-responsibility, entrepreneurial thinking, and home office have been lived practice not just since Corona, but since the company was founded in 1979, according to the company. This is matched by the fact that all of Consilex's certified and other business processes are now completely digitalized.

Now the company is in new hands. As part of the succession plan, the areas of responsibility are divided among the three new owners as follows: Reto Schneider in the role of CEO is responsible for marketing and sales, Stefan Schürch for operations and finance, and Andreas Gerber takes over responsibility for human resources, administrative activities and quality management.

With the certification of its quality and environmental management system according to ISO standards 9001 and 14001, Consilex documents its progressive corporate structure with two standards relevant to customers. The ISO certification is not only a commitment of Consilex to continuously improve its performance towards customers and employees - with the certification the company also expresses its will to make its contribution to sustainable business.

Further information

Since the company OpenAI released its ChatGPT program for general free use at the end of 2022, a hype has arisen around the topic of artificial intelligence (AI). The consulting scene has also recognized the benefits of chat programs such as ChatGPT - and rightly so, because they can be used to quickly and easily generate at least initial drafts of such advertising texts as blog posts, advertising letters or posts for social media, which can then be further edited.

Consultants often have texts written by ChatGPT

Sometimes, however, the consultants' use of ChatGPT takes on strange forms. For example, when we as a PR and marketing agency are asked to write an article for consultants on a current trend topic - such as artificial intelligence, transformation, hybrid teams, sustainability, blended learning, Generation Z, etc. - and place it in print and online media, for example because the consultant in question has just developed a new product on this topic and wants to promote it.

Suppose we then say to the consultant "We'd be happy to do that. But please give us some input beforehand, so that we know your core messages and the direction of your content". Then, not infrequently, a text is sent to us a short time later that was recognizably created by ChatGPT. That is, ideally it consists of some rather general statements, for example on the topic of "Artificial Intelligence" or "Transformation", which we ourselves would have found by googling on the net. However, there is no trace of the consultant's own thoughts in the texts.

Consultants often do not think through issues

Quite often, if we were to offer the texts to trade journals without a new focus in terms of content, they would even be absolute nonsense from their point of view - for example, because they do not reflect the fact that small companies have fewer resources than corporations and that the logistics sector, for example, ticks quite differently from the financial sector, which is why different solutions are also required for many problems. In other words, there is no differentiation in the articles, even though this is precisely where a consultant's expertise can be seen.

Here's an example. A few weeks ago, a personnel consultant specializing in SMEs, who had obviously also read somewhere "The future belongs to AI", asked us to write an article for him on the topic of "AI use in the personnel selection process". After I had asked him to send me some keywords in this regard, I received a text of about 30 lines a short time later. It described a possible AI application in the personnel selection process for applicant pre-selection - without any reference to small and medium-sized enterprises.

The consultant had told me in advance that most of his customers were currently struggling with the following problem: they were receiving a maximum of 1 or 2 applicants, if any, in response to their job postings and therefore, due to a lack of alternatives, they often had to hire applicants who only partially met their requirements in order to retain their ability to work. When I called the consultant and asked what benefit an AI system for pre-selecting applicants would offer SMEs in such a labor market situation, his answer after a moment's thought was: "Actually, none - because if there is only one applicant at the door, then..."

Consultants often regurgitate phrases and clichés

I had a similar experience when we were asked to write an article on the topic of "Intergenerational Collaboration" for a larger consulting firm. The draft text I received suggested the impression: The majority of employees and managers in companies today are still digital immigrants who are at war with IT and have strong emotional reservations about IT solutions, resulting in problems in collaboration with digital natives.

When I then asked the text supplier to what extent this was still true today, since many members of the generations X and Y quoted in the article were already 35 or even 40 years old and had not infrequently been among the top performers in companies for years, his answer was: "You could be right about that. Obviously, however, he had never thought about the extent to which these clichés, which were valid a decade or two ago, are still true today. So they didn't bother him in ChatGPT's draft text either.

Consultants reflect too little: Who are my addressees?

We also gather similar experiences more and more often when we are asked to write new pages for consultants' homepages and articles for their blogs, for example because they have developed a new product or want to be found by their potential customers on the web for a certain keyword that is "in" at the moment. Even then, when we sift through their copy, we often find ourselves asking, "What was the consultant thinking here?" And quite often the answer is, "Nothing, because he just entered some prompts at ChatGPT."

The reason for this: The texts are so banal and general that one senses nothing of independent thinking on the part of the consultant or even of his field and practical experience. The only thing is, why should potential customers who come across the consultant's website while Googling contact him at all? Many consultants obviously don't ask themselves this when they use ChatGPT. They don't ask themselves this any more than they ask themselves when writing articles: Why should a professional journal publish an "expert article" by me, which their editorial staff could also create themselves by entering certain prompts in ChatGPT?

ChatGPT cannot think out of the box

The above lines are not meant to be a vote against the use of the program ChatGPT by consultants of any kind. It is and remains a very helpful tool. What ChatGPT cannot do for consultants, however, is to think (in all its facets such as think-through, think-about, and think laterally) and to develop tailor-made problem solutions for their target customers.

Ultimately, this program can only reproduce a more or less meaningful substrate of the information it finds on the web. It cannot (to use a current consultant buzzword) think "out of the box" and find completely new solutions to problems. That is and remains the job of the consultants (alone or in dialog with their customers).

What applies to the consulting guild naturally also applies to the use of AI in companies. Here, too, there is a danger that users will become lazy and blindly trust the solutions proposed by AI systems instead of asking themselves: To what extent are these goal-oriented?

Qualify for adequate AI deployment

Incidentally, sensitizing and training the employees of the companies in this regard could be a consulting or training offer of the providers in the education and consulting sector. I have not yet found such an offer when googling on the net. However, at the latest after the publication of this article, this is only a question of time - if only because a corresponding reference appears in a text created by ChatGPT for consultants.

To the author:
Bernhard Kuntz is managing director of the marketing and PR agency Die PRofilBerater GmbH, Darmstadt, which specializes in consultants. He is the author of, among others, the books "Selling a Cat in a Bag," "Fat Booty for Trainers and Consultants," and "Why Does Everyone Know Him?" (Internet: www.die-profilberater.de).

A new Data Protection Act (revDSG) will come into force in Germany on September 1. All companies will then be obliged to adapt to the revised regulations, which are aligned with the EU directives. Secjur's founders are very familiar with the EU regulations. In 2018, Niklas Hanitsch and Manuel Stahl founded their start-up for automated compliance, with Simon Pentzien and Sven Moritz joining as co-founders by 2021. Since then, they have won the German Start-up Cup for their solution and convinced venture capital companies and prominent angel investors of their solution for automated compliance. Just in time for the adaptation to the EU data protection law, they launch their business in Switzerland with offices in Bern and Zurich.

Revolutionize compliance with automation

Compliance has become a challenge for companies of all sizes, and the work behind it is often manual, repetitive and expensive. Hamburg-based Secjur has developed its Digital Compliance Office, an AI-based automation platform for compliance processes that can save hundreds of man-hours. Secjur helps companies in diverse industries digitally automate their compliance processes, including data protection, information security, anti-money laundering and whistleblowing. In addition to international corporations such as Siemens and Samsung, customers primarily include SMEs and fast-growing companies such as Tomorrow Bank. "In the coming years, there will be many more compliance challenges, such as the AI regulation. Regulation can help protect consumers' rights and make both the digital and the real world a better place," says lawyer and Chief Innovation Officer Niklas Hanitsch.

Leveraging knowledge in Switzerland

With the new data protection law in Switzerland, Secjur's founders recognize the optimal time to implement their expansion strategy in the DACH region. In addition to the more than 70 employees in Hamburg, Berlin, Regensburg and Munich, around 20 employees will in future look after the Swiss business from Berne and Zurich. "In Germany, we have already easily implemented the General Data Protection Regulation for many hundreds of companies in 2018. With this head start in knowledge and our intelligent platform, we support our Swiss customers in correctly implementing all requirements right from the start." Secjur addresses both corporate groups and SMEs that want to create trust among customers and partners, prevent cybercrime, avoid fines and optimize processes.

Expertise and audits at the touch of a button

Secjur's data protection experts are familiar with the specifics of over 60 industries and identify corresponding risks and compliance challenges. Secjur's data protection solution, Digital Compliance Office, provides a comprehensive overview of all relevant processes and documents and is easy to use even for beginners. The central control of all compliance issues saves time-consuming multiple audits: With over 60 API connections (such as Jira, Slack, Hubspot, Salesforce or Lexoffice), Secjur easily integrates into existing tech stacks. This allows audits to be partially automated - and specific recommendations for action to be generated at the push of a button. For a company with around 50 employees, the audit effort can be reduced from around 14 to 2 hours per week so far, and from around 23 to 2 hours for 250 employees - an immense resource saving. The data is hosted in Germany.

Ambition and prominent investors

"We aim to offer the best and most widely used compliance automation solution in the world," says co-founder Manuel Stahl. The founders' subject matter expertise in the key fields of law, IT, finance and business gives Secjur a distinct advantage. One of Secjur's key investors is the Berlin-based Visionaries Club, which manages a €600 million venture capital fund. The club is supported by a network of founders of companies such as Flixbus, Spotify and Hello Fresh as well as family-run business dynasties such as Swarovski, Miele, Siemens and Stihl. The circle of investors also includes business angels who support Secjur financially and in an advisory capacity. Among them are prominent personalities such as soccer star Mario Götze and Formula 1 World Champion Nico Rosberg.

For individuals interested in learning more about the new data protection law and Secjur's solutions, the company is offering a free webinar on Sept. 4, 2023, at 12 p.m. Learn more at www.secjur.com

The summer vacations are over. Many photos remind of the beautiful experiences and new acquaintances. However, when photos, contacts or other important data are lost, many only realize how important data backups are. Unfortunately, this is too late. The awareness campaign S-U-P-E-R.ch therefore puts the current focus on the "S" like "Backup.

With backups to more cyber security

Backups not only protect data from loss due to broken devices or theft, they are also an important backstop against cyberattacks and extortion attempts. Those who can fall back on their backed-up data are less vulnerable to blackmail by cybercriminals in the event of data encryption. Data backups are therefore an important step towards greater cyber security. Backups should also be kept separate from the network and stored securely so that attackers cannot additionally encrypt the backups. Data backups should be made regularly and integrated into everyday life. This applies to companies, organizations as well as private individuals. Interested parties can find out how to do this on the campaign website S-U-P-E-R.ch.

National data security awareness campaign

From September 1, the NCSC, the SKP and the cantonal and municipal police corps, with the support of iBarry and EBAS, are raising awareness among the Swiss population about the importance of data backups. On the communication media, a possible data loss is visualized with slowly disappearing text, combined with the request to make a backup in time. On the campaign website S-U-P-E-R.ch learning videos convey the most important information. With the knowledge acquired and a little luck, you not only win more cybersecurity, but also a competition prize. The campaign lasts until September 30, 2023. 

Swiss and international cybersecurity experts will meet at the second Global Cyber Conference at the Dolder Grand in Zurich on September 14-15, 2023. The Swiss CISO Awards will also be presented for the first time at the conference.

Focus topic Prioritizing cyber resilience.

The two-day conference, which will focus on prioritizing cyber resilience, will provide a unique platform for networking, knowledge sharing and collaboration to improve cyber resilience, organizers say. The conference program revolves around three sub-themes: Cyber Governance, Cyber Risk Management and Cyber Technologies. Each subtopic will be discussed in depth, providing attendees with comprehensive knowledge and tools needed to address the complex challenges of cybersecurity in today's rapidly evolving digital landscape.

Speakers and participants from Europe, America and Asia will come from top companies such as Booking.com, Council of Europe Development Bank, EDGE Group, eBay, Equifax, ETH Zurich, IMD, Logitech Mars, Mastercard, Migros, Paramount Global, Philips, Pictet Group, Richemont Group, Saudi Arabian Government, Siemens, Spanish Government, SolarWinds, Swisscom, UAE Government, UBS, United Nations, US Army, Virgin Media O2, World Health Organization and many more. The conference will thus become a hub of the cybersecurity network - international attention is thus likely to be assured.

"We are very proud to be able to count on the support of some of the most renowned organizations in the fields of technology, cybersecurity and business, as well as on the academic research leadership of ZHAW Zurich University of Applied Sciences and the St. Gallen School of Computer Science (HSG)," says Samir Aliyev, founder and CEO of the Swiss Cyber Institute, which has just received a Swiss Digital Shapers Award 2023 from Bilanz, Handelszeitung and digitalswitzerland. "In today's digital landscape, cybersecurity resilience has become a critical aspect of business strategy. It is essential for companies to mobilize a collective response to protect critical assets and limit systemic damage. Effective governance foundations are required to manage cyber risks, and enforcement is necessary to increase cyber resilience," emphasizes Samir Aliyev. "With this conference, we aim to provide a networking and learning platform for key decision makers to gain a common understanding of what needs to be done to strengthen cyber resilience."

Appreciate the role of chief information security officers

The inaugural Swiss CISO Awards, for which a panel of experts has been specially assembled, will also highlight the central role of Chief Information Security Officers (CISOs) in securing organizations against evolving cyber threats and recognize the exceptional achievements of Swiss-based security leaders who have dedicated their careers to strengthening the security of their companies or organizations. The awards ceremony will be an integral part of the Global Cyber Conference. A distinguished and expert jury will evaluate the nominations and select the winners.

The Global Cyber Conference is organized by the Swiss Cyber Institute, a cybersecurity education provider. With the goal of promoting cyber resilience, the Institute offers comprehensive training programs, conferences and networking opportunities to empower individuals and organizations in the face of ever-evolving cyber threats. The Swiss Cyber Institute is a course provider registered by the State Secretariat for Education, Research and Innovation SERI for the federal exams in Switzerland. It is also an ISACA Accredited Training Organization (ATO) and ISC2 Official Training Partner. 

For more information and registration details, visit the official Global Cyber Conference website at. https://globalcyberconference.com/.

In medical and analytical technology as well as in pharmaceuticals or pipetting applications, media separation in valves via a chemically resistant elastomer diaphragm that complies with regulations is important in order to prevent contamination of the fluid even during longer periods of use. When larger flow rates or flushing quantities also have to be metered quickly and precisely, the valves are often the weakest link in the chain. Until now, users have had to make compromises here, especially in terms of size, but also in terms of flow rate, permissible temperature or process times.

WhisperValve family expanded

Bürkert Fluid Controls Systems has expanded its WhisperValve series for the above reasons: The new Type 6757 analysis valve now covers the pressure range up to 16 bar and is insensitive to pressure surges, according to the manufacturer. In addition, its design enables switching times of less than 8 ms with a power consumption of less than 4.5 W, making it ideal for battery-powered field devices. The wetted components are selected according to the fluids involved. Therefore, the valve is also suitable for critical reagents or cleaning agents and withstands 90 °C media temperature for up to 30 min, for example in sterilization processes. This also applies to the smaller members of the WhisperValve family Type 6712 and 6724, which are designed for system pressures up to 7 bar. This results in a wide range of applications, from mobile and stationary measuring and analysis devices in medical and laboratory technology, to systems for endoscope cleaning or filling systems, to disinfection devices.

Energy efficient and virtually no heat input

According to the manufacturing company, the pulse variants of the WhisperValve switch back and forth between the switching positions practically silently with only a short current pulse and then also hold them currentless by means of permanent magnets. In this way, both long-term measurements with continuous reagent flow can be implemented in a battery-saving manner and sensitive media can be switched through the valve without heat input. Since energy is only required briefly during the switching process, both the energy consumption and the heat input do not depend on the duty cycle, but only on the switching frequency. The back-pressure-tight, easy-to-flush valves permit fast switching operations with operating noise levels during changeover of just under 20 dB(A) for the medium-sized Type 6724, which is therefore also suitable for use in particularly noise-sensitive areas at the point of care. The operating noise of the small Type 6712 is 36 dB(A), while the maximum noise level of the large Type 6757 is 45 dB(A). The 2/2- or 3/2-way valves of the WhisperValve family are only 7 mm, 9 mm and 18 mm wide and can be easily connected in series or combined to form complete system solutions. The technical functionality within the product family is the same, thus facilitating electrical control and, if necessary, approvals. An electronic expansion module can be used to implement analysis functions, for example feedback on switching positions, unwanted pressures, temperatures or energy consumption. Optional expansion modules also enable boost pulse or soft close functions.

Source and further information

Blockchain technology and associated digital assets are opening up exciting prospects and creating a new vision of money, but at the same time there are serious challenges to existing regulatory and compliance regimes. These have made themselves felt in a number of ways. In the U.S., the Securities and Exchange Commission (SEC) has targeted Binance and Coinbase, the two most powerful exchanges in the cryptocurrency world. The SEC accuses Binance founder Changpeng Zhao of operating a "web of deceit" and brings 13 violations against him and his platform. Binance and Coinbase have made billions of dollars in investments. What triggered the SEC's investigation? 

"House of Cards on Foundation of Deception".

According to the Federal Trade Commission (FTC), more than 46,000 people reported losing more than $1 billion in cryptocurrencies to various scams between January 2021 and June 2022, and that number only includes people who voluntarily shared that information with authorities. The Time.Stamped blog lists the most common crypto scams, such as business opportunities that promise to help you get rich. One common scam involves stealing your cryptocurrency from the exchange, as was the case with FTX founder Sam Bankman-Fried (SBF). Investors seem to know little about how to keep their cryptocurrencies safe. According to the Wall Street Journal, Sam Bankman-Fried "built a house of cards on a foundation of deception" while telling investors it was one of the safest buildings in the crypto world.

With respect to Binance, the SEC alleges that while Binance publicly claimed that Binance.US was a separate, independent trading platform for U.S. investors, Zhao secretly controlled the U.S. company behind the scenes. Among the products Binance.US allegedly illegally offered to its U.S. customers were commodity derivatives.

What is a free market?

Perhaps it is worth revisiting what constitutes a free market. A free market is one that is not controlled by anyone; no individual buyer or seller has the power or authority to influence prices on the exchange. They simply build on the market; therefore, large and very liquid markets are required. One issue besides willful influence by a player, founder, or manager is the size of the market. If bitcoin is independent, it should not drop by 50 % the moment Elon Musk decides to sell the bitcoins accepted and used to pre-fund Tesla orders. The market should digest large orders without influencing the price and be rock solid and liquid so that no single player can influence the price. The Bitcoin example shows that this condition of market size, liquidity and independence of players is not always met.

Compliance issues in the crypto world

Let's get back to the scams. While investor education and increased regulatory scrutiny is a must, we can also question the governance and compliance culture of crypto exchanges. The Global Investigation Review published in September 2022 notes a number of compliance issues and regulatory challenges with cryptocurrencies.

Broadly speaking, there are two main approaches that governments are taking in various combinations: (1) they are trying to fit digital assets into existing regulatory and compliance regimes (the approach that has been taken primarily at the federal level in the United States), and (2) they are creating new laws or amending existing laws to specifically address digital assets (as is the case in countries such as Switzerland and Dubai and in certain states in the United States such as New York).

CIP culture is missing in the crypto world

But what about a compliance and governance culture at the level of the exchanges themselves? An important component of a compliance culture is that employees feel comfortable raising issues and reporting violations without fear of retaliation. It also requires an internal reporting and resolution system to address issues as they arise. This means creating a culture that promotes open and transparent communication and allows employees to voice their concerns. Since cryptocurrencies claim to focus on the value of freedom and take an ecosystem approach, one might assume that this is the industry where a compliance culture can thrive. A compliance culture starts with leadership. The leader must manifest and live the compliance values. There are enough examples to show that this does not happen by itself in the crypto industry. There also seems to be a lack of clear policies, procedures and training. Where is the "speak-up" culture and continuous kaizen improvement in the crypto world? We see it in the community's commitment to the protocols, but it doesn't carry over to corporate behavior and culture.

Let's sit back and think about risk management for a moment. What does this missing link in the corporate culture, this missing compliance culture, mean for cryptocurrency risk management for investors, regulators and, of course, the crypto company itself? The risk that has already occurred for investors and companies is in the $10 billion direction. Perhaps not all, but some of these losses could have been avoided if good business practices such as ISO standards had been applied, if a good example had been set, and if a culture of compliance had been created within the company.

Sources used:

• https://globalinvestigationsreview.com/guide/the-guide-compliance/first-edition/article/compliance-issues-in-cryptocurrency
• Investors club https://emotional-agility.dg1.com/vc4diversity/pages/memberships

Author: 
Karen Wendt is president of SwissFinTechLadies, a group of women actively encouraging women in the FinTech, tech and blockchain ecosystem to take more leadership positions in startups and become shareholders in tech companies. More articles and information here: https://www.presseportal.ch/de/nr/100096065

The five fingers of one hand alone are no longer sufficient to list the arguments in favor of cloud computing: They are already exhausted with the higher flexibility, scalability, availability and security, as well as the cost advantages of cloud resources. In addition, there are the inherent cloud capabilities for disaster recovery and the speed of innovation with which cloud providers continue to develop their platforms. But simply moving to the cloud rarely works. Rather, cloud migration must be carefully planned and implemented if it is not to become a disaster. Cloud service provider Couchbase outlines the most important steps on the way to the cloud:

1. Evaluation: Cloud computing only begins in a few greenfield startups. As a rule, it is built on top of existing systems (legacy), with which it is combined in hybrid structures. The first step evaluates the existing IT infrastructure and decides which applications and workloads are to be moved to the cloud - and which are not.
2. Planning: The migration plan based on this defines the timeline, the budget and the necessary resources for the cloud migration, such as equipment, personnel or the costs for accompanying service providers.
3. Preparation: Before the start of the migration, the systems, applications and data concerned must be made cloud-ready. This includes any necessary security measures, performance tuning, and data backup and recovery.
4. Migration: After these preparatory steps, the actual migration of systems, applications and data to the cloud can begin, accompanied by appropriate performance and validation tests.
5. Integration: Since not all IT services are usually migrated to the cloud, cloud services and the remaining on-premises legacy systems must be brought into productive harmony with each other. This applies above all to data and security management.
6. Optimization: Cloud services have enormous potential for optimization if they are fine-tuned to meet specific requirements. The most important parameters for this are performance, scalability and cost efficiency.
7. Maintenance: Like the legacy systems, the cloud systems must also be constantly maintained after commissioning. At the top of the maintenance list are the monitoring of all services and any updates to systems and applications.

"A well thought-out migration strategy is a critical success factor for cloud projects," explains Paul Salazar, Senior Director Central Europe at Couchbase. "It paves the way for a smooth transition and ensures that the benefits of cloud computing can be realized quickly and efficiently."

Source and further information: Couchbase

In combination with glass or carbon fibers, epoxy resins are used, for example, to manufacture components for aircraft, cars, trains, ships and wind turbines. Such fiber-reinforced epoxy-based plastics have excellent mechanical and thermal properties and are much lighter than metal. Alongside these many advantages, they have one decisive disadvantage: they are not recyclable - at least not yet.

Limits of recyclability 

Empa researchers led by Sabyasachi Gaan have now succeeded in developing an epoxy resin-based plastic. This is said to be fully recyclable, repairable and also flame retardant, as reported in a paper published in the journal Chemical Engineering Journal published article is called. What's more, the favorable thermomechanical properties of epoxy resins are also still guaranteed.

Why is the recyclability of epoxy resins so difficult? Epoxy resins are so-called duromers. This type of plastic consists of closely interlinked polymer chains. These chemical bonds make melting impossible. Once the plastic has cured, it can no longer be deformed. Such duromers contrast with thermoplastics such as PET or polyolefins. Their polymer chains are close together but not bonded. Under the influence of heat, these plastics can be melted and formed into new shapes. However, because of the lack of crosslinking, their mechanical properties at elevated temperatures are generally not as advantageous as those of duromers.

A new type of plastic

The new plastic developed by Empa researchers is actually a duromer. What is new about it, however, is its meltability. This is due to a special functional molecule from the class of phosphonic acid esters. This was introduced into the matrix of the epoxy resin. "We originally synthesized this molecule as a flame retardant," says Empa scientist Wenyu Wu Klingler, who co-invented the technology. However, the bond that the molecule forms with the polymer chains of the epoxy resin is reversible, meaning it can be released under certain conditions. This loosens the crosslinking of the polymer chains so that they can be melted and shaped.

Such materials, also known as vitrimers, have only been known for about ten years and are considered particularly promising. "Today, fiber-reinforced plastics are virtually impossible to recycle, except under extreme conditions that damage the fibers," explains Wu Klingler. "Once they have reached the end of their useful life, they are incinerated or disposed of in landfills. With our plastic, it would be possible for the first time to put them back into the material cycle." Their vision for the future, adds group leader Sabyasachi Gaan, is "a composite material in which the fibers and the plastic matrix can be completely separated and reused." The researcher sees a particular advantage, for example, in carbon-fiber-reinforced plastics, such as those used in the construction of airplanes, trains, boats, cars, bicycles and more. "The production of carbon fibers requires a lot of energy and releases an enormous amount of CO2," he explains. "If we could recycle them, their environmental footprint would be a lot better - and the price a lot lower." In addition, valuable additives such as phosphorus could also be recovered from the polymer matrix in this way.

Customized material

Fiber-reinforced plastics are not the only application for the new epoxy resin. The plastic could also be used for coating wooden floors. There, it could serve as a transparent layer that is flame-retardant on the one hand, but "healable" under the influence of pressure and heat on the other: scratches or other damage could thus be repaired. "We didn't develop a single material for a specific purpose, but rather a toolbox," Gaan explains. "The flame retardancy, recyclability and repairability are all there. We can optimize all other properties depending on the intended use." For example, he says, tile properties are particularly important for the production of fiber-reinforced plastics, while exterior wood coatings must also be weather-resistant.

To pursue these and other applications of the material, the researchers are now looking for industrial partners. The researchers believe that the chances of commercial success are good: the modified epoxy resin is inexpensive and easy to manufacture.

Source: Empa

Fact is: Many users want freedom of choice in terms of operating systems. And for good reason, because current studies In fact, according to research, employees are more productive when they can work on the devices that suit them best. So it's no wonder that companies are becoming more open and want to enable their staff to work with Macs as well. The problem: IT administrators sometimes simply don't (yet) have the Expertise regarding the management of Mac devices.

Macs conquer the corporate world

It is therefore not uncommon for individual employees to already be working with (private) Mac devices that are not, however, under the management of corporate IT. Often, these employees are then given full administrator rights to install required software themselves. But this not only means enormous effort for the employees, it is also fatal in terms of security. If IT is not involved, it can neither install regular software updates, nor does it have an overview of the device status - or even access to the system in the event of an emergency. All of this can open the door to hackers. If the administration is done manually, the workload for administrators increases with the number of Macs. At this point, at the latest, it becomes clear that in order to continue to hold the reins, IT must proactively offer colleagues different technologies, manage them from the outset, and develop a management strategy for macOS devices as well.

UEM: High productivity, low effort

It is obvious that the high and constantly growing number of end devices to be managed can no longer be handled manually. This is because employees often have several devices at the same time, such as computers, mobile devices, tablets or even rugged devices. This is where automated solutions come in, which allow the individual devices to be managed seamlessly across the board and remotely. For example, UEM systems (Unified Endpoint Management): Such platforms make it possible to connect all end devices with the different operating systems like Windows, Android and macOs, iOS or iPadOS to manage and secure against security vulnerabilities. Since the majority of companies already use a UEM system, a new solution is usually not even required.

Management of Macs with the UEM system

Mac devices can also be managed perfectly using UEM systems. This is because as of OS X 10.7, these devices come with an integrated MDM framework (Mobile Device Management Framework) that enables a connection between Mac and UEM system.

There are basically two different types of UEM systems for Mac management. On the one hand, there are the common UEM systems that allow the management of all operating systems - including Mac devices. The other is those that specialize exclusively in the management of Apple devices. While more general UEMs are well-suited for organizations that have a broader footprint and need to manage a wide variety of technologies, the latter provide early access to new Apple features, for example, and allow for the implementation of more specific scenarios.

In particular, however, it is these functions that a UEM system should (also) have for Mac management:

1. Automated and scheduled patch management: This ensures that all Mac computers in the corporate network are always updated with the latest software versions and security patches for macOS, and that the applications used are also up to date.
2. Modern management of old and new hardware: Modern management makes it possible both to integrate new hardware into the corporate network in compliance with guidelines and to register devices that are already in use by users.
3. Asset Management: This provides a stock and inventory overview of existing hardware and software and allows software licenses and warranty information to be managed.
4. Mac configurations: These are particularly helpful because they make it easier to complete repetitive administrative tasks - such as defining who gets which software package or access to resources and functions. For example, administrators can also define stricter security policies for individual teams or situations.
5. Remote access for macOS: Remote access simplifies IT support for employees who work on the move, such as in a home office.

All of this makes it possible to configure Macs so that users can start using them right away - securely, conveniently, and regardless of where they work.

The small difference

Although the basic structure of Mac and Windows systems is fundamentally different, managing the different devices is basically the same. Nevertheless, there are some tools from Apple itself that simplify device management by extending the functionality of the UEM system used. Especially the following ones should be known by administrators when dealing with Mac management:

• Apple Business Manager: Apple Business Manager is an easy-to-use, web-based portal for IT administrators that works with a third-party UEM solution and serves as an interface between UEM and the Mac machine. Part of the Apple Business Manager is the Apple Device Enrollment Program (DEP for short)which makes it possible to place devices under UEM management and roll them out to users without physical contact with IT. When new devices are turned on, predefined configurations are automatically made and required apps are installed. This simplifies the initial setup of Apple devices for IT, while users are quickly up and running. Also part of the Apple Business Manager is the Volume Purchase Program (VPP), which is used to purchase apps in bulk from the App Store for enterprise use - the easy way.
• Apple Global Service Exchange (GSX): The Apple Global Service Exchange (GSX) allows administrators to retrieve device details such as display model name, purchase date and warranty status directly from the UEM console.

Managed service

So there are many ways to successfully deploy Mac devices in the enterprise. But in view of the complexity involved in using different technologies within a company, it can make sense to enlist the help of external specialists. It is important that these specialists act as partners to customers and actively support them in their projects. Managed service providers, for example, have extensive expertise and can support companies in the introduction of Macs, the selection of the right system or the rollout of new functions - or take over these activities completely and thus relieve the IT department. In doing so, they are in close contact with the manufacturers and can, for example, place individual customer challenges in the right place. Especially for IT departments that have not yet dealt with administration with Apple devices, it is helpful to have someone on hand who has the necessary expertise required for smooth implementation of the system and also knows the usual hurdles. After all, if the initial configuration follows best practices, this will save a lot of time later on in ongoing processes.

Conclusion: Move with the times!

It's hard to argue with the fact that companies need to give their employees a say in technology. A suitable UEM system makes it easier for the IT department to avoid dangerous shadow IT, to keep track of all the devices and tools in the company and to ensure their security. This makes it extremely easy for IT administrators to keep up with the times and provide the workforce with the desired operating resources - without sacrificing the necessary security and ease of use. At the same time, the personal work tool of choice also improves employee loyalty to the company.

More information about device management

Apple's 34th Worldwide Developers Conference (WWDC) was held on June 5, 2023. In the English-language report "WWDC 2023 - new device management options for enterprises", interested parties will learn what changes, opportunities and challenges arise in device management for companies as a result of the new features presented, such as hardware. The report is available for free download here: https://ebf.com/resources/wwdc-2023-neue-management-optionen-und-funktionen-fur-unternehmen/

Author:
Surendiran Velauthapillai is an IT expert with 20 years of experience in the IT industry. As Head of IT Services at EBF-EDV Beratung Föllmer GmbH (ebf.com), he is responsible for the areas of internal IT, hosting, consulting and support and is at home in many technologies of the digital working world. 

A Swiss company was recently affected by a cyber attack. Specialists have since evaluated the infected computer. The analyzed information reveals a complex new attack tactic that combines credible phone and email communications to take control of corporate networks and siphon off data. The malware itself was delivered in an extremely unusual way: a caller convinced the attack target to open an email message that contained no text, but was designed as a graphic to resemble an Outlook email message. This triggered the download of a linked malicious Electron app.

"I would like to make a delivery to your location."

The caller told the employee he was a delivery driver with an urgent package for one of the company's locations, but no one was there to receive the package. He asked for a new delivery address at the employee's location. In order to redeliver the package, the employee would have to read him a code that the shipping company would send via email. While the caller was still talking to the employee on the phone, the employee received the announced email message. The e-mail message said that a PDF file attached to the message contained the required code.

This email, written in perfect French, triggered the subsequent chain of attacks. In fact, the entire message was a fake that only looked like an email with a PDF attachment. Both the "attachment" and the text message were actually just static images embedded in the message body. Guided by the scammer on the phone, the employee clicked on the image, which led to the download of the malware.

You knew: Man(n) speaks German

Although the email message was written in French, as mentioned, technical evidence suggests that the attackers already knew that the Swiss target might be German-speaking. Sophos analysts were also able to understand that the attackers may have personally targeted the call recipient and created an elaborate social engineering attack chain. This resulted in the cybercriminals briefly taking control of the employee's computer before he literally pulled the (Ethernet) plug from the compromised computer. The alert man sensed that something was wrong and disconnected the infected computer from the network. Unfortunately, however, not in time before the malicious payload was active.

"This attack was extremely targeted. There was only one person in the office that Friday, and the attackers probably knew that person's identity. The use of an image masquerading as an email is also something we haven't seen before. However, it is clever. Attaching an actual PDF often sets off alarms on systems because they are often used to spread malware, and emails containing PDFs often end up in spam filters," said Andrew Brandt, principal researcher at Sophos.

After infiltrating the network, the criminals used malware to search for a variety of information, including accounting software data, cookies, browsing history, as well as passwords and cryptocurrency wallets. To hide their data exfiltration, the attackers connected the system to Tor (the dark web). The employee who finally smelled a rat and pulled the plug prevented worse consequences for his company.

Skillfully "scammed" and it already goes on

"This type of highly sophisticated attack shows the lengths cybercriminals will go to circumvent defensive tools and gain people's trust. Phishing attacks are extremely effective, and we've seen attackers evolve their social engineering tactics with new technology. Although attackers are more likely to use email these days, that doesn't mean phone calls are outdated. We train employees a lot on email security, but we don't necessarily teach them how to handle unusual phone calls. In this case, the employee reacted quickly and had the presence of mind," Brandt said.

Following the attack on the Swiss company, Sophos X-Ops discovered another attack with the same approach against a company in Australia. Whatever group is behind these attacks is likely still active, and Sophos will monitor the situation.

Source and further information: Sophos