Whistleblower Protection – Spilling The Health And Safety Beans!

Whistleblower Protection – Spilling The Health And Safety Beans!

Copyright (c) 2011 Robert Gray

Employers have a duty to their employees to ensure that there is no risk to their health whilst in the work place. Employers are required to do this by carrying out relevant risk assessments of the work place, ensuring that all machinery and equipment is in good working order and is properly maintained and making sure that the work place as a whole is free from hazards.

Usually if an employee is concerned that something, or somebody, at work is posing a risk to their health, and/or the health of others , they discuss the matter with a senior member of staff, such as a line manager, and the employee’s concerns are discussed in full. It would then be best practice for the employer to fully investigate the employees concerns in order to eliminate any risk that may be posed.

However, in the event that the employee’s concerns are not taken seriously by the employer, or the employer fails to take any adequate steps to rectify the situation, the employee may feel that there is still cause for concern and that the issue needs to be directed elsewhere. The employee may decide to report the matter to, for example, the HSE, police or media who may investigate. ‘The Public Interest Disclosure Act 1998’ provides protection for an employee who reports his concerns – i.e. ‘blows the whistle’ on his employer. The act states that an employee who makes a disclosure about his concerns regarding a safety issue should not be treated detrimentally by his employer. The purpose of the act is allow concerns to be addressed and put right before harm is caused. If the act was not in place employees may feel less protected and therefore may be less likely to ‘blow the whistle’ on what are probably very genuine health and safety concerns.

Examples of whistleblowing include reports of untrained or inadequately trained nurses administering medication to patients, fraudulent expenses claims, inaccurate description of products or misuse of equipment.

It would benefit both the employer and employee if the employer had a ‘whistle blowing policy’ in place. This would address the correct manner in which to raise concerns in the workplace, such as who the employee should report the concerns to and in what manner. This may reduce the need for the matter to be taken elsewhere and will help to preserve the relationship between the employee and employer, and also the employer’s reputation. It is often the case that the employer is the person best placed to rectify any safety issue anyway so if matters can be discussed and investigated without the whistle being blown then this can be to the benefit of all involved.

Top 3 Windows Vista Password Recovery Measures

Top 3 Windows Vista Password Recovery Measures

If you’ve forgotten password on Win Vista and cannot log on your computer again, you need to perform Windows Vista password recovery. But the problem for you is that how can you recover the password and will it be difficult to perform password recovery? Below is a step-by-step guidance for you to recover Windows Vista password with 3 different methods.

Method 1: Perform Windows Vista password recovery with password reset disk

Win Vista allows you to create a password reset disk with a USB flash drive in a few seconds. It can help you reset the login password when you forget it. Just try to recover Windows Vista password as follows if you have a such a disk at hand.

1. Start your computer and get to the Vista login screen.
2. Type a wrong password, and then Reset password link will appear on the Vista login screen.
3. Click Reset password to enter to Password Reset Wizard screen, and then click next.
4. Select the right disk if you have more than one disk, click next.
5. Type in a new password and password hint, click next.
6. Click Finish when you’ve successfully reset the login password.

Method 2: Perform Windows Vista password recovery on safe mode

In addition to reset Vista login password with password reset disk, you can also recover Windows Vista password on safe mode. And the presupposition is that you have can log on computer with another Win Vista administrator account.

1. Press F8 when your Win Vista PC is booting. You will come to the Advanced Boot Options.
2. Select Safe Mode with Command Prompt and press Enter.
3. Enter safe mode with an available admin account. And a command prompt will appear.
4. Type net user in command prompt and press Enter. It will show you all accounts on the Win Vista.
5. Type net user Mike 123456 (Mike is the locked admin account’s name and 123456 is the new password. This depends on the setting of your computer) and press Enter. Now you have successfully created a new password on the locked admin account.
6. Type shutdown -r -t 00 and press Enter.
7. The computer will reboot automatically and then you can log on Win Vista.

Method 3: Perform Windows Vista password recovery with Windows Login Recovery

Windows Login Recovery is efficient Windows password recovery software designed to recover Windows login passwords for any version of Windows, including Windows 7, Vista, XP, 2003, 2000, NT, 2008. It is not necessary for you to reinstall the system when you forgot or lost your Windows login password. But a blank CD/DVD or USB flash drive and an available computer with optical drive is required before starting to perform Win Vista password recovery as below:

1. Download Windows Login Recovery and install it in any available computer.
2. Run the program and insert a blank CD/DVD or USB flash drive into computer. You will see a default path of an ISO image file after running the application.
3. Select CD/DVD or USB drive to burn the ISO image file and click Burn.
4. After burning, insert the CD/DVD or USB drive to your locked computer.
5. Set the locked computer to boot from CD/DVD or USB drive. After setting BIOS to boot from CD/DVD or USB drive, the computer will restart automatically. And then you can recover Windows Vista password under DOS.
6. Choose the installation path of Windows, and enter the ID of the path.
7. All the user names will be displayed for you, and you can select one to remove its password by entering the ID of User Name. And then enter y to confirm your operation.
8. After removing the selected password, you can enter y to continue to reset other passwords, or enter n to finish.
9. After entering n to finish, eject the CD/DVD or USB drive and press any key to restart the computer. Now, you can log on your PC.

How to Create and Remove SQL Server Password

How to Create and Remove SQL Server Password

SQL Server is a Microsoft product used to manage and store information. It uses tables to contain large sets of records for the database. Do you have a SQL server and have you ever used SQL server? Do you know how to create a SQL Server password to protect your data stored on SQL server? What to do if you forget your SQL password? Following it will introduce you how to create a SQL password. And it also tells you how to remove SQL Server password if you forget as password can be easily lost.

How to create a SQL Server password?

As we know, it is an important security measure to set a password for user accounts and in particular the SA account. And it is very easy for you to create a SQL Server password. Just follow the simple instructions.

1. Open the Microsoft SQL Server Management Studio program from the Start menu bar in Windows.
2. Click on the SQL Server instance on which the new user will be created.
3. Right-click the Security folder, point to New, and then click Login.
4. On the General page, enter a name for the new login in the Login name box.
5. Select SQL Server Authentication and enter a password for the login.
6. Select the password policy options that should be applied to the new login. In general, enforcing password policy is the more secure option.
7. Click the OK to complete the creation of the new user.

Sometimes it happens that you ignore or forget the system administrator password. What will you do if you forget SQL password and cannot access to SQL database? The effective way I know is to remove SQL Server password with the help of SQL Server password remover software. MS SQL Server Password Unlocker is one of the good MS SQL password remover tools which can help you remove SQL password in a few seconds.

How to remove SQL password with Windows Password Unlocker?

MS SQL Server Password Unlocker is handy SQL Server password remover software for you to reset SQL password including reset SA password and other user passwords. It can easily remove SQL Server password for Microsoft SQL Server 2000/2005/2008 in a minute. You don’t need to install MS SQL Server on your PC, and the file in master.mdf format is enough for you to remove SQL Server password and set a new one for it.

Step 1. Download and install MS SQL Server Password Unlocker, and run the application.
Step 2. Click Open to import your master.mdf file. All the user names of your MS SQL Server will be displayed.
Step 3. Select an SQL account, click Change password button.
Step 4. Type a new password, and then click OK.

This SQL account password has been reset. You can login with the newly set SQL password. Although it is easy for you to remove SQL Server password with SQL password remover, it is better to keep your SQL password in heart. Or you can also write it down on a paper and keep in a safe place.

An Almost Painless Introduction to Encryption

An Almost Painless Introduction to Encryption

Anybody who doesn’t happen to have a degree in science or math tends to shy away from the subject of encryption. One could hardly blame the layman – it’s heady stuff! But if you’re involved in telecommunications at any level, operating anything from a desktop computer to a mobile phone, you’re confronted with encryption every day. Here is at least a basic understanding of why encryption has to be such a complex science.

The first codes.

Probably the simplest code you might be familiar with is the letter substitution. One of the most common ones is “rotation-13”, also known as the Caesar cypher. In it, you just break the alphabet into two rows, like this:

ABCDEFGHIJKLM
NOPQRSTUVWXYZ

A = N, B = O, and so on with 13 pairs to transfer all 26 letters. It’s called a rotation because you can apply the same method to encode and decode any given text. Letter substitution codes can be any kind of pattern where one letter means another one, and are commonly used on the Internet to hide plot spoilers when describing a movie or hide the punchline to a riddle. They even appear in word puzzle games, such as those printed in the daily newspaper.

As you might guess, letter substitutions are easily cracked on paper, and of course even faster to crack with a computer. In the above rotation-13 example, the key to the code is the two rows of letters. Finding the key to any code results in cracking it.

The reason simple letter substitutions are so easy to break is because one can always use letter-frequency analysis to guess at least half the key. In American-standard English, the twelve most commonly-appearing letters are: “ETAOIN SHRDLU”. Sounds like a magic spell, doesn’t it? Well, you could just take any text encoded by letter-substitution and have a computer count how many times each letter appears. The most common letter will represent “A”, the next “T”, and so on.

So let’s expand the concept!

As an intermediate step to understanding more complex cryptography, let’s see if we can imagine a key that would be harder to discover. What if we used a 3-digit number to represent each letter, but the three digits can appear in any order? E could be 428, 284, 842, and so on. With each letter appearing this way, we could also group the digits randomly to try to hide the pattern. Using this scheme with the key letters in the word “WORD” with W = 123, O = 456, R = 789, and D = 015, we could use any of these sequences:

31-24-65-9-87105
23164-58970-15
2-136547-8951-0

And they could all decode as “WORD”. Our software program would know to ignore the spacing and read the digits in bursts of three, and take the three digits in any order to substitute for the letter in our key table.

But once again, this code is easy to break. Over time, if you had enough sample space (encrypted text) a computer analysis would find a pattern, and once again, where there’s a pattern, there’s a key! But we can still see that it would take much more work to find the pattern, due to the various false leads that you would take if you came upon the encrypted text for the first time without knowing the key.

So cryptography evolves…

Our above two code methods are examples of “stream cyphers”. Stream cyphers encrypt one symbol at a time. Another method is “block cyphers”, which take the symbols in blocks of a set number of characters and encrypt them all at once. Other methods include deterministic hash functions (in which the encrypted text produces a condensed unique ‘key’), asymmetric key cryptography (in which two different keys are used, one to encrypt and one to decrypt), and the one-time pad (in which the plain, unencrypted text is combined with a huge amount of random text, and eliminating the random text is the “key” to decrypting it).

There are many other methods that are used, but by now you’re at least getting the whole point with cryptography: ALL codes can eventually be cracked, but if you have a code algorithm that’s sophisticated enough, it will be practically unbreakable because it would take an eternity to solve it with our present technology.

All of the encryption methods we have now will one day become obsolete, because computers get faster and more powerful all the time. Thus, there is a kind of “arms race” that has gone on since ancient times. We have to keep developing more and more complex algorithms that can stand up to more sophisticated methods of discovering the keys.

What does this mean to the end user?

Just to follow the current conventional wisdom on what the current standard of secure encryption is. Depending on how private your data is (or how paranoid you are!) it is easy to protect confidential data with a variety of available software tools, and a passing knowledge of how they’re used.

Wakefield Employment Solicitor Wins 500,000 Pounds For Prison Guard ‘Whistle-blower’

Wakefield Employment Solicitor Wins 500,000 Pounds For Prison Guard ‘Whistle-blower’

We all remember school days when one child told the teacher about some wrongdoing and was labelled a ‘grass’ or a ‘snitch’ by their classmates; juvenile, cruel and a little ridiculous, but then we can always excuse such behaviour in children. The same behaviour is, however, inexcusable in adults, especially when it is directed at someone who has stood up for a just cause and is receiving horrible treatment as a direct result of their bravery.

This was the case in a recent expose on the state of a Wakefield prison, when a prison officer gave evidence at a disciplinary hearing against a former colleague and unwittingly became the target of much abuse for the violation of a certain tacit code that apparently the officers all work and live by.

After she gave evidence at the tribunal, she began to receive despicable treatment at the hands of her fellow workers, including a wreath being sent to her house, grass cuttings being sent to her by mail and she even saw her young son spat on by a colleague.

After contacting a Wakefield employment solicitor for legal advice as to what to do about the situation, she began mounting a case against her employers and the colleagues that were abusing her.

The outcome of the trial saw the prison officer awarded £500,000 for her damages, a landmark figure in such ‘whistle-blowing’ cases, which will go along way in helping her to recover from such ill-treatment. The court also decreed that external agencies should now take measures to intervene to protect such workers who step up and speak out against injustice in the workplace.

This is an extreme example of whistle-blowing, as a prison is a volatile environment at the best of times; however, wrongdoing can occur in any line of work and all it takes is for people to sit by and do nothing for such ill treatment to prevail. It takes a brave worker to speak out about a fellow colleague, even if the colleague in question is totally in the wrong, yet you must not suffer in silence, or even allow others to suffer while you sit by.

If you feel uncomfortable at work and there is a certain issue that is making you feel unhappy in your position, or if there are any other employment issues that you would like to discuss then you should contact a Liverpool employment solicitor today to see if you can find a solution to your problems.

Operations Security Indicators

Operations Security Indicators

OPSEC Indicators are friendly actions and open sources of information that can be detected or interpreted by adversarial intelligence systems, and combined with other known information to derive friendly critical information.

An indicator has five characteristics: Signature, Associations, Profiles, Contrasts and Exposure.

A signature causes an indicator to be identifiable and stand out. If a signature is unique and stable, it reduces the ambiguity of a particular indicator and reduces the number of additional indicators that must be observed in order to determine the significance. If the indicator’s signature is stable, meaning that the behavior is constant and repeated, an adversary may accurately predict future actions. By varying the pattern of behavior, the signature’s stability can be interrupted and increase the ambiguity of an adversary’s observations.

An association is the relationship that an indicator has to other information or activities. Adversarial Intelligence Analysts spend a considerable amount of time comparing current observations with past observations, which may reveal possible relationships. For example, an observer may note a particular employee report to work after hours. Though previous observation, the Analyst is aware of that employee’s position as an on-call computer forensics analyst. Given the association between those two observations, the Adversarial Intelligence Analyst could conclude that the organization has suffered a computer breach of some sort.

An association can also take the form of a pattern. For instance, if it is observed that field exercises are always preceded by weapons maintenance and vehicle loading, an analyst may be able to accurately predict these exercises. Lastly, an association can take the form of organizational patterns, particularly in military units. The analyst may be aware that a particular unit is comprised of Headquarters Company, a maintenance company and a transportation company. If one of these elements is detected, the presence of the others would be strongly suspected.

A profile is the sum of multiple signatures. In other words, when multiple signatures are detected, the combination therein would be more or less unique to a particular mission or task. For instance, if signatures are detected that indicate that aircraft fueling capacities are in place, as well as air traffic control, personnel and weaponry, a profile can be compiled indicating future air-based operations. If a unique profile is observed, an analyst may be able to accurately determine which type of operation is in progress, minimizing the need for additional observation and analysis.

Contrasts are any differences between the established pattern and current observations. Contrasts are the most reliable indicators because they depend on differences in established and repeated profiles, and need only to be observed rather than understood. A contrast can take many forms; for instance leaving work at a different time or the presence of vehicles or aircraft that were not previously observed. When noting a difference, the analyst will attempt to determine if the change is isolated or widespread, if the change has occurred previously (and has a matching association), if anything significant has occurred since the change and what the change may represent. While a contrast may not “give away the farm”, it may result in increased adversarial observation.

The exposure of an indicator refers to the length of time and the time frame in which the indicator is observed. If an indicator is allowed to be observed for a long period of time, it will be assimilated into the profile and be assigned a meaning. If an indicator is able to be observed for only a short period of time and does not repeat, it is less likely to attract attention. However, if the indicator is observed for short periods of time, but is repeated frequently, it will begin to be seen as a contrast to a normal profile. It is important to note that if an indicator is observed for any length of time in conjunction with a specific activity, it will gain increased importance as a precursor to that activity.

It is important to understand the different classes of OPSEC indicators, and to understand the collection efforts of adversaries. After all, if you don’t know what to protect, how do you know you’re protecting it?

Keep Hackers Off Your Wireless Router

Keep Hackers Off Your Wireless Router
Keep Hackers Off Your Wireless Router

Securing your wireless router is the foremost thing you have to do after you set it up. Other individuals acquiring access to your network is not something you would be glad to experience. This is specially significant if you have precious documents put in in your desktop computer.

Before purchasing a wireless router you are supposed to a short online search about which routers are believed to be best secured. Internet critiques will be really helpful here. After the purchase, associate it with your internet modem and configure it in the following way.

In the address bar of your favorite browser write 192.168.1.1 or 192.168.2.1 if nothing happens when you write the first IP address. This is going to give the configuration settings panel of the router.

Modifying the basic administrator password is a must since many hackers recognise the default passwords. After you change it, save the new password for some other time. This is important because you may to configure your router once more or reset it, and without a password it will be closely out of the question.

The SSID (service set identifier) or the Net name has to be altered too. In order to be capable to retrieve it easy we suggest to change it to your individual or relatives name. Like with the password, not changing the default SSID can leave your network threatened. After you do that, the next thing would be to turn out SSID transmitting. In this way your network won’t be able to send signals so it will practically become hidden to some other individuals.

After that turn on the encryption settings and alter it to WPA2. Take the freshest firmware for your router from the router manufacturer’s website. This way you will detect if there are any glitches and faults that might break the security system of your network. Also take note on the backup configuration of your router, just in case you need to reconfigure it. Adopting these measures will keep the security of your router on a decent level.

Getting the Most Out of Your Whistleblower Program Investment

Getting the Most Out of Your Whistleblower Program Investment

A lot of people question the time and money it takes to develop an effective ethics and compliance program. It’s never made much sense to me, because the costs of noncompliance are much greater. A recent story making news in Canada discusses the wasted money that has been spent on the Public Servants Disclosure Protection Tribunal. I’ll explain the case below, as well as three ways you can make sure your investment in ethics, compliance and whistleblower protection isn’t tossed out the window.

The Public Servants Disclosure Protection Tribunal

Here’s the gist of the current situation facing the Public Servants Disclosure Protection Tribunal, as found in the Vancouver Sun article “Little-known, Little-used Whistleblower Panel Budgets $ 8.1 Million”:

Established in 2007-The goal of the Tribunal is to protect public servants from retaliation after they report misconduct in the government. Since 2007, the Tribunal hasn’t heard a single case. In the past 3 years, Ouimet has received 170 complaints, but her team found no wrongdoing in any of the cases. The Tribunal was supposed to handle cases referred to them by Ouimet’s office- explains the previous point. On October 18th, Canadian federal public sector integrity commissioner, Christiane Ouimet, announced that she was stepping down. At the same time, it was reported that her office was being investigated.

The article also states that:

“Fifty-eight whistleblowers complained to the commissioner’s office since 2007-2008, saying they were mistreated or violated after filing a report. The commissioner launched only four investigations as a consequence of those complaints, and only two have been completed.”

A Waste of Money

In this particular case, the efforts to protect whistleblowers has been considered a watse of money, as no action has been taken and no one has been protected. Here are 3 things you can do to make sure your company protects internal whistleblowers:

1. Investigate Complaints

You’ve already invested time and resources into developing multiple channels for employees to report misconduct. Take these tips seriously. Conduct preliminary investigations into incoming cases to determine whether or not the claims warrant further investigation. If employees feel that you are not listening and acting on their concerns, they will stop reporting misconduct internally, and will likely look to someone outside of the organization to listen- such as the EEOC. Investing in case management software is a wise idea, as cases can be entered in a number of ways and built in alerts help keep investigators on track.

2. Be Proactive

When an employee brings forward a complaint, take action and keep an eye on them to make sure they don’t fall victim to retaliation. I’ve written a few times about the retaliation monitoring program at KPMG. Vicki Sweeney and her team monitor changes in employee performance appraisals, pay raises and other workplace opportunities to make sure that an employee isn’t facing backlash for reporting misconduct. Vicki also advises employees to approach her immediately should they feel they are being retaliated against. When a company takes a proactive approach like this, employees feel confident that they will be supported for raising concerns about workplace misconduct- and not find themselves in trouble for doing the right thing.

3. Education and Promotion

Ongoing education and promotion of your program is necessary to get the message across to your employees. An e-mail and a policy handout once a year won’t cut it. Explain and train employees on the multiple ways they can report misconduct or retaliation and give them to option to remain anonymous. Include all of the information on the first or last page of your code of conduct. Promoting your program keeps ethics, compliance and retaliation in the minds of your employees, and also lets them know that you take their concerns seriously. One of the most important things to remember is that employees need to see you take action and need to know that others and being reprimanded for violating workplace policies. It might be wise to create monthly newsletters and dedicate a section of it to letting employees know what the program has accomplished and action taken against violators- without including names and specific examples.

Unlocking iPhone 4S: Complete Step by Step Procedure & Guidelines

Unlocking iPhone 4S: Complete Step by Step Procedure & Guidelines

With the launch of iPhone 4S in the market, there are many people are looking for ways to unlock the device in order to use network service of their choice. Once you are able to unlock the mobile successfully, you are somewhat hacking the network accessibility by a certain provider. As a result of which one does not have any particular boundation for a network provider and can change from one network to another as and when one feels like.

It is very important that one carries out the unlocking procedure in a correct manner otherwise the mobile might become locked which in turn can cause a lot of frustration for the user concerned. Below given is a complete procedure to unlock iPhone 4S in a step by step manner.

The first and the foremost step in the process to unlock your smartphone is to look for a effective software program. When you get yourself online, there are many companies that offers software in order to unlock iPhone 4S. It is important that you should avoid such programs that are available either free of cost or is very cheap in nature. It is not that those software would not be able to work properly, but it can cause some sort of problems later on. So go for a software that is trusted, genuine and has some sort of price tag on it.

Before selecting the software in order how to unlock iPhone 4S, you need to make sure that the software can be updated in the future. If such kind of thing is not possible, it is best to avoid such software and look for some other that can be easily updated on your smartphone. For better guidance, search for software that offers firmware. Under any circumstances if you get any message to download unlock iPhone 4S software, don’t download any software that offers to unlock your device free of cost. It is so because it might be some sort of scam and you might end up installing virus on your smartphone. It is always recommended to download the unlock iPhone 4S software from a reputable website. Don’t forget that your mobile is very expensive and you got to be extra vigilant when choosing the best software that can unlock your gadget without causing any problems in the future.

Outsmart the Internet Hackers

Outsmart the Internet Hackers

Ten years ago, there were only a handful of wireless Internet hotspots. Today there are hundreds if not thousands. And because they’re made to be easily accessible, they’re wonderlands for evil geeks who can sift through your mail, monitor info you’re transmitting or even access your hard drive. If you log in at a cafe or other public place, follow these rules.

 

Check the name

 

As you search for networks, chances are you’ll see something called ‘Free Public Wi-Fi’. Don’t connect. It could be a trap. Hackers set up networks with friendly, inviting names, hoping unsuspecting users will join. Once you do, you’re compromised. Before you connect to a network, confirm its name with someone – a coffee shop employee.

 

Browse wisely

 

Hackers may still watch you through legitimate networks, so don’t send passwords or credit card info over public Wi-Fi. If you must, do it only on websites with addresses that start with ‘https’. (These are more secure than the usual http sites.)

 

Heed warnings

 

Most error messages are indecipherable – what’s a 404 code, anyway? – but here’s one you must heed: a warning about a site’s certificate being expired or invalid. That’s tech lingo for ‘a hacker may be intercepting everything you do’. If you see this message, check the URL; you may have mistyped it. Try once more, and if the message pops up again, stop what you’re doing, shut down your computer and don’t use that Wi-Fi hotspot. There’s a high risk that the network has been infiltrated.

 

Secure your folders

 

Computers have public folders – often storing your music and photos – and they’re easily made available to anyone using the same network. Make sure you don’t keep anything personal in those folders. To be even more safe, store any private documents on your computer in a password-protected folder, out of the reach of digital intruders.

 

Buy your own network

 

Instead of risking your security on public networks at all, why not travel with your own Internet access? Most telephone companies offer 3G/ HSDPA (wireless broadband Internet).

 

Update security

 

Block gremlins from the start. Keep your antivirus and antispyware programs up to date. These protect you against common attacks. Microsoft offers a free spyware program called Windows Defender.

 

Delete previous network searches

 

Your computer remembers every network it connects to, and it will automatically connect to one it recognizes. The bad guys know that, and create networks with names that have been commonly used before so your computer will choose it. To avoid that, find the list on your computer (the option is often called ‘manage wireless networks’) and clear out anything old.

Information on the black market, underground economy, shadow economy and dark net