Olga Kharif
Bloomberg

Bitcoin and its fellow cryptocurrencies have surged in popularity partly because they’ve offered a way to skirt the government oversight exercised over traditional financial systems. Well, get ready to kiss much of that autonomy goodbye.

On June 21, the Financial Action Task Force — a multi-government effort that develops recommendations for combating money laundering and financing of terrorism that’s followed by about 200 countries including the U.S. — will publish a note to clarify how participating nations should oversee virtual assets, FATF spokeswoman Alexandra Wijmenga-Daniel said in an email. The new rules will apply to businesses working with tokens and cryptocurrencies, such as exchanges and custodians and crypto hedge funds.

Much depends on how the rules — long governing traditional bank wire transfers — will be interpreted and applied by country-specific regulators, but they are “one of the biggest threats to crypto today,” Eric Turner, director of research at crypto researcher Messari Inc., said in an email. “Their recommendation could have a much larger impact than the SEC or any other regulator has had to date.”

The guidelines will require companies ranging from exchanges Coinbase Inc. and Kraken to asset manager Fidelity Investments to collect information about customers initiating transactions of over $1,000 or 1,000 euros, as well as details about the recipients of the funds, and to send that data to the recipient’s service provider along with each transaction.

While that may sound simple, compliance will be costly and technically difficult, said John Roth, chief compliance and ethics officer at Seattle-based exchange Bittrex, which has about $58 million in daily-trading volume. After all, wallet addresses on digital ledgers supporting cryptocurrencies are largely anonymous, so an exchange currently has no way of knowing who the recipient of the funds is.

“It’s either going to require a complete and fundamental restructuring of blockchain technology, or it’s going to require a global parallel system to be sort of constructed among the 200 or so exchanges in the world,” Roth said. “You can imagine difficulties in trying to build something like that.”

A handful of U.S. exchanges are discussing how to set up such a system, said Mary Beth Buchanan, general counsel at San Francisco-based Kraken, which does about $195 million in daily volume.

“Without enhanced technology systems, this is a case of trying to apply 20th-century rules to 21st-century technology,” Buchanan said. “There’s not a technological solution that would allow us to fully comply. We are working with international exchanges to try to come up with a solution.”

The end result could be that many crypto businesses will face increased compliance costs, Buchanan said. Some non-compliant businesses could shut down, said Phil Liu, chief legal officer at Los Angeles-based hedge fund Arca.

“People in crypto like to make a big deal about giving personally identifiable information to the government, but I don’t see a whole lot of disruption for legitimate players if the proposal is enacted,” Liu said in an email.

U.S. exchanges may also lose customers, as instead of going through an exchange or another virtual-asset service provider (VASP), some may simply start trading with others directly, to safeguard their privacy.

“I get why the FATF wants to do this,” Jeff Horowitz, chief compliance officer at San Francisco-based Coinbase, the largest U.S. crypto exchange. “But applying bank regulations to this industry could drive more people to conduct person-to-person transactions, which would result in less transparency for law enforcement. The FATF really needs to consider the many unintended consequences of applying this specific rule to VASPs.”

Just how soon these consequences start to hit home will depend on the individual agencies. Groups like the Financial Industry Regulatory Authority (FINRA) are expected to start to vigorously enforce the rules. Financial Crimes Enforcement Network (FinCEN) recently issued interpretive guidance that looks similar to those being considered by FATF. Some state agencies could follow suit, raising the risk that non-compliant businesses will lose money-transmitter licenses.

If a country doesn’t comply with FATF rules and is placed on its blacklist, “it can essentially lose access to the global financial system,” said Jesse Spiro, head of policy at crypto investigative firm Chainalysis Inc.

The proposed regulations could also impact many of the more than 500 crypto funds that have popped up in the past few years, according to Josh Gnaizda, chief executive officer of CryptoFundResearch. “Trading delays or additional transactional costs as a result of compliance with FATF could significantly chip away at returns.”

After multiple meetings with the crypto industry, the regulators likely know compliance will take time, as the industry mulls new technologies and processes. Some participants are looking at the bright side, as greater oversight could lead to more institutional acceptance of crypto.

“Will it be a potential hardship? Certainly, at least initially,” Chainalysis’s Spiro said. “While it may be a hardship, it seems to be something that’s necessary. The road map at the end of the day after this is less arduous for this industry.”

Copyright 2019 Bloomberg L.P

Jason Gaidola – Stephanie Wiebe
other

As of Saturday, people caught flying drones that weigh between 250 grams and 25 kilograms without a federal licence could face fines of up to $5,000.

There are two different types of licences now offered by Transport Canada: basic and advanced.

The basic category is meant for people who never fly in controlled airspace or within 30 metres horizontally of bystanders. The basic category requires passing a $10 online exam, registering with Transport Canada, marking the drone with its registration number, and carrying the pilot certificate whenever the drone is in use.

The advanced category requires all of the above, plus an in-person flight review and special permission from air traffic controllers whenever flying in controlled air space.

Users must be 14 years of age or older to take the basic exam. They must be 16 or older to take the advanced exam.

Flying drones without a licence could mean fines of $1,000 for recreational users and $5,000 for commercial users.

Winnipeg drone enthusiast Evan Turner says he believes the government regulations “hit it pretty well on.”

“Something that’s over 250 grams can definitely hurt somebody if you’re going fast enough, or cause property damage,” he told CTV Winnipeg.

Calgary-area drone user Chris Healy also likes the regulations, because he no longer needs special permission each time he wants to fly.

“Anyone with proper training and proper licensing can (now) get the perspective of Earth which was usually meant for the purview of pilots or astronauts,” he said.

Drones that weigh under 250 grams are exempt from licensing. Drones that weigh more than 25 kilograms have their own set of rules.

Transport Canada says that drones should be flown where the pilot can see them at all times, below 122 metres, at least 5.6 kilometres away from airports and 1.9 kilometres from heliports.

Transport Canada has a list of drone flight schools on its website.

© 2019 BellMedia

Lightspeed is writing a new chapter in the Canadian tech story

Kevin Carmichael
The Vancouver Sun

The Canadian Establishment needed some new blood. On March 8, it got some, when Montreal-based Lightspeed POS Inc. debuted on the Toronto Stock Exchange.

Lightspeed’s shares closed 20 per cent higher, putting an exclamation point on the most successful initial public offering by a Canadian technology company in almost a decade. The surge pushed Lightspeed’s market value to about $1.7 billion, comfortably unicorn status. It also marked the arrival of Dax Dasilva, the founder and chief executive, as a national figure.

 If you haven’t heard of him yet, you will.

“We’re in a new moment for the company,” Dasilva told me in an interview at the C2 conference in Montreal last week. “I’m in a new moment as a leader and I think that comes with a big responsibility to your tech ecosystem, to our small-business customers, to all of our customers, but also as a thought leader.”

There is something good happening in Canadian tech. But that’s not always a satisfying story, as it lacks protagonists. Shopify Inc. is a legitimate world beater, and probably the only digital-economy company that a casual reader of the Canadian business pages could name.

Lightspeed, which sells point-of-sale software for restaurants and smaller retailers in about 100 countries, will help the narrative.

Dasilva could have exited early like so many other founders. He scrounged money together for seven years and then partnered with venture capitalists to achieve scale. When the VCs wanted out, he negotiated a path to an IPO rather than sell to a bigger company.

He broke with convention again by listing only in Toronto, ignoring warnings that the decision would alienate international investors. Lightspeed raised $240 million, almost twice as much as Ottawa-based Shopify, which was valued at about $1 billion when it listed in Toronto and New York in 2015. Shopify’s market cap is now around $42 billion.

“I’ve had a lot of people in the ecosystem say that our IPO has opened new possibilities to what our tech companies are able to aspire to,” said Dasilva, who will host his first earnings call with analysts and investors on May 30. “We build these companies in Canada and then they evaporate as they get acquired by American or Asian companies,” he said. “I think we’ve reached a stage of maturity with our ecosystems that there’s growth capital available now, not just venture capital, but growth capital.”

A popular subject on the conference circuit these days, whether in Davos at the World Economic Forum, in Washington at the annual meetings of the International Monetary Fund, or in Montreal at C2, is diversity and inclusive growth.

The thinking is that economic and corporate policies must be adjusted to offset capitalism’s tendency to reinforce existing power structures at the exclusion of women and minorities. Grandees say from the stage that failure to change will cause confidence in the economic system to further erode, entrenching political instability. Companies and institutions that continue to populate their executive suites with white men from American and European business schools will suffer from having too many blind spots to keep up in a fast changing world.

It’s an attractive theory, save for one thing: its main advocates tend to be rich and/or powerful white people. They know little to nothing of what they speak.

Dasilva is a believer in the power of diversity, and he is a more authentic spokesman for the cause than many of its advocates in the Canadian liberal elite.

He is the son of Goan parents who fled to Canada as refugees from Idi Amin’s Uganda in 1972. He was born in Vancouver; came out as gay in his teens while attending an all-boys Irish Catholic high school; participated in the protests at Clayoquot Sound that saved the old-growth rainforests from clear cutting; attended the University of British Columbia, where he studied religion and art history while doing computer work on the side; and then moved to Montreal in 2001 at 24 years of age.

In 2005, he started Lightspeed and converted to Judaism. The original Lightspeed team was from the LGBTQ community. As he added people, Dasilva put an emphasis on ensuring he had a mix of backgrounds. He thinks it made the company stronger. You have to work harder to get an idea approved by a diverse table; if you succeed, the idea probably is a good one. All that arguing helped Lightspeed develop a “stronger sense of self,” which helped Dasilva and other executives push back against investors with “strong opinions” about how the company should be run.

“We looked at difference as a teacher,” Dasilva said.

Now, Dasilva plans to do some teaching. Earlier this year, he published Age of Union, a partial memoir that evolves into an explanation of his thinking about leadership, spirituality, and the environment.

He also appears ready to involve himself in economic policy.

Because size is an advantage in tech, and Canada is relatively small, governments will have to be a partner, Dasilva said. So far, they have been, he said, although he urged them to “stay attentive to the fact that we are competing globally for talent.”

I asked Dasilva if he was talking about taxes, a sensitive subject with the current federal government and in his home province. He demurred.

“We have to stay vigilant and we have to find ways to outdo our competition, outdo the U.S.,” Dasilva said.

© 2019 Financial Post, a division of Postmedia Network Inc.

Ian Bailey
The Globe and Mail

Let’s say it’s 2029, and your new smartphone has detected a pattern in the use of your Starbucks app. Every time you have a meeting with your boss, you immediately stress-drink a Venti extra sweet, double-shot caramel macchiato with whipped cream. The phone might just start preordering that drink for you (and paying for it with your credit card) after every meeting with your boss in your calendar.

Some might find this prospect thrilling, and others might find it kind of creepy: a smartphone powered by advances in technology that make it capable not only of storing and presenting information, but using it intuitively to make decisions on behalf of its owner.

Experts agree it’s tough to predict exactly what the smartphone of 2029 will be like. The market will decide the fate of innovations such as folding screens. However, predictions from people who work in the tech sector, academics and industry observers’ coalesce around advances in artificial intelligence.

“The way to think of the smartphone in the next 10 years is as a personal assistant in your pocket, but it will also be, say, a doctor in your pocket, a banker in your pocket, a butler in your pocket,” says Neil Mawston, executive director of the consulting firm Strategy Analytics.

This could lead to more convenience, but at the cost of independence and privacy. What kind of future will come from such anticipatory ability?

“I don’t think there is one future,” said Genevieve Bell, a cultural anthropologist, technologist and futurist at the Australian National University. “I think there will be many.”

For R. David Edelman – a former special assistant to U.S. president Barack Obama who now works for the Massachusetts Institute of Technology – a smartphone with enhanced AI could have dystopian state-control possibilities. He worries that phones already allow pervasive surveillance. In the future, they could be used to impose pariah status on individuals by being required to tattle if their sensors detect users associating with people the state says they should avoid.

“All of the groundwork is there for that to become a reality,” he said.

China is already monitoring its citizens’ behaviour – including online activity – to devise what it calls a “social credit score,” in which people gain or lose points for such conduct as impaired driving, paying fines late or posting fake news on social media. People with reduced scores, reports say, could be blocked from buying plane or train tickets, or public transit.

Edelman says future smartphones might enable a variation: Individuals might have social scores and lose points if they interact with unpopular or dissident individuals. It would isolate the dissidents without imprisoning them. The idea is not far-fetched, he says. “All of the groundwork is there for that to become a reality. The question is whether populations are docile enough to permit that form of political enslavement.”

In a less pessimistic view, smartphones with enhanced sensors, bigger memories and quicker processing abilities could use data that their users input to relieve them of mundane decisions.

For example, cellphones now use mapping apps and the information in the calendars to ask whether the owners need directions to destinations. What if Siri was smart enough in 2019 to see “get milk” on a task list and use the internet, transit and map apps to suggest the quickest, cheapest way to pick up milk on the way home.

“They will keep suggesting things to you, and persuading you of things, and anticipating things,” says Jim Balsillie, the former co-chief-executive at Research in Motion, maker of the Blackberry. “[The phone] says, ‘I know where you are. I know your schedule and where you are going, and, by the way, here’s a couple of things on the way that I think you’ll like.’“

In a sense, the smartphones will reflect their owners, acting on their desires, calculating their present needs based on past conduct.

It’s easy to see how this could enable bad behaviour, such as consuming an expensive, high-calorie coffee at stressful moments without having to decide to do it.

Or, on the other end, a smarter smartphone could nag you about your eating because it has deduced from your food logging, calorie counting and smartwatch data that you’re on a diet. Or you might be with friends at a bar and it will chime in right after you’ve told a witty joke that this is the best possible moment to get your clothes from the robotic dry cleaner.

But Mike Kuniavsky, a principal scientist at the Palo Alto Research Center on information technology, says AI in phones could be used in a more productive, task-oriented way.

Multiple sensors and software could indicate the owner’s child is drawing a dinosaur on the screen. The smartphone, he said, might offer advice: “Let me guide you through some methods to draw a dinosaur. You draw some circles where the joints are.”

For those who fear this goes too far, Kathryn Hume, vice-president at integrate.ai, a Toronto artificial-intelligence startup, offers some solace. While she doubts AI technology will advance enough in a decade to be truly anticipatory, she is confident people will remain in charge.

“Our goals, I presume, will be to use this technology to live the richest life possible,” she said.

But today, the devices have been criticized for tilting the work-life balance, diminishing people’s memory and distracting parents from their children.

“I would imagine that if smartphones became smarter, they might become even more addictive,” says Jean Twenge, a San Diego State University psychological professor who has written about the impact of smartphones on young people who grew up with them.

“They might tell you to walk faster or not to eat salty food, but I bet they’re not going to tell you to put them down, which might be the best advice,” she said.

© Copyright 2019 The Globe and Mail Inc.

REW

When it comes to promoting a listing or growing your client base, it can be hard to figure out where to focus your efforts. Finding the right data and knowing how to use it can make you more efficient in your marketing process.  

We’ve centred on three channels that provide great data. There are more available, depending on who you’re targeting, but we’ve gone with some of the most commonly used.

Google Analytics: Identify Areas Needing Improvement

If you don’t have Google Analytics set up for your site, we encourage you to do it ASAP. There is a lot of data available, and it can definitely become overwhelming, but it helps to know where to concentrate your energy.

Charlie Kiers, a real estate agent and owner/investor with Keller Williams Realty VanCentral, says Google Analytics helps him advise clients about their listing and whether it’s priced right to produce interested buyers.

“It’s a tool for us to show them how their property is being marketed and coming up in searches,” says Kiers, “and it’s a secondary tool if we need to talk price adjustments.”

There are several essential Google Analytics reports to help fine-tune a web-based marketing campaign:

1) “Real-Time > Traffic Sources” reveal the current number of people on your site, the keywords that referred them there and the pages they’re viewing. You can use these keywords more on your site to keep visitors coming across your pages in their searches.

2) “Acquisition> All Traffic > Channels” tells you where your traffic is coming from. Focus efforts on channels that are performing the best. For example, if it’s social, spend more time promoting there.

3) “Audience > Demographics” lays out basic age and gender information of website visitors. This helps you see who your profile or listings are attracting, and can help you with targeting on other platforms.

4) “Audience > Overview” shows you the most relevant information about your site. Keep an eye on your New Visitors to make sure are attracting new customers to your site.

5) “Behaviour > Site Content > Landing Pages” report which pages are generating the most traction. You’ll eventually get an idea which pages to keep, adjust or get rid of, also which listings are doing better than others.

Facebook Data: Dig up New Leads

Facebook is an obvious favourite for agents and with good reason. Facebook provides a lot of great insights for both paid and organic campaigns.

For instance, Kiers says data from one of his Facebook Ads has shown him 69% of the clicks were from women, most were aged 35-64 and 93% came from a mobile device.

 “It’s a work in progress. You’re always continually tweaking ads to see how you can get more people contacting you or coming to look at the listings,” says Kiers.

The better you get with your targeting, the more people you’ll reach for the same spend.

Here are a few Facebook ad options to reach your desired audience:

1) “Location” lets you enter the postal codes of areas around the listing as well as where people tend to live before moving to the area of your listing.

2) “Age” can target the age groups most likely to be able to afford the price of the home you are selling.

3) “Lookalike Audience” is very clever and can find people similar to your past clients. By entering a Lookalike Audience, Facebook does the hard work of segmentation for you. We don’t suggest running this alone, though. Have this group as another target audience, not the only target audience.

4) “Relationship Status > Engaged” is the prime time many people start thinking about home ownership. You could target this group with branded ads as well as listings that are suitable for first-time homebuyers.   

Real Estate Wire (REW) Dashboard: Data on Display

Our agent dashboard presents detailed data to track the performance of your listings and profile. You can boost listings to reach a wider audience, or add extra branding to your presence on REW.

Kiers uses REW for both stats and client leads.

“Clients nowadays are always looking online,” says Kiers. “REW is very good about pushing out listings and getting people to come to their website.”

REW’s dashboard provides insights for real estate agents and clients, including:

1) Pageviews of a listing

2) The number of people who have marked a property as a favourite

3) Inquiries received for a specific property

4) Pageviews for your profile page

5) Inquiries received from your profile page

These numbers can help gauge the popularity of a listing and estimate how many visitors could be expected at open houses.

Tapping into these valuable data sources can help streamline your online marketing, leaving you with more time, money, and the blueprints to successfully close more deals.

© 2019 REW. A Division of Glacier Media

Emanuela Campanella
other

WATCH: Why blockchain is more than Bitcoin. Everything you need to know about the technology

You’ve probably heard it before: blockchain is here to stay, and it’s going to revolutionize the way we track our assets. But what, exactly, is blockchain?

Many mistake the technology for bitcoin. While this was its original purpose, blockchain has evolved beyond the realm of digital currency.

In short, blockchain is a continuously updated record of transactions spread out across a vast network of computers.

The term blockchain is shorthand for a whole suite of distributed ledger technologies that can be programmed to record and track anything of value. Think of it like a database that is decentralized and distributed among a whole network of computers.

“What [blockchain] enables is the exchange and storage of assets in digital form, peer-to-peer, without the need for intermediaries like banks and governments,” explained Alex Tapscott, co-founder of the Blockchain Research Institute.

According to Anthony Di Iorio, founder of blockchain startup Decentral and co-founder of Ethereum, blockchain’s main function is to track digital assets.

“It gives you the ability to prove ownership of part of that [blockchain] ledger so that you have control of it to move that asset from one point of the ledger to another point of the ledger,” said Di Iorio.

Picture sending money without banks, handling land disputes without lawyers and voting without the threat of electoral fraud.

But we already have processes in place that track data and assets. What makes blockchain different?

Let’s talk about data

Blockchain stores information in batches, called blocks, which are connected in a continuous chronological line known as a chain.

If you wanted to change information in a block, you couldn’t directly change that block. Instead, the change would be recorded in a new block, showing that A changed to B at a specific time and date. This plays off the centuries-old method of a financial ledger, which tracks data changes over time.

For example, let’s say there’s a dispute between Bob and his sister, Mary, about who will inherit their grandmother’s rare and precious red diamond that’s been in the family for years.

Since blockchain uses the ledger method, there’s an entry in the ledger showing that their grandmother first owned the diamond in 1930. She gave the diamond to her daughter in 1960 as a wedding gift, and Mary then purchased the diamond from her mother in 2011. Each of these changes is reflected in the ledger.

The fact that Mary is the owner of the diamond can be seen in blockchain’s recorded history. But what if Bob wants the diamond and goes behind everyone’s back, hacking into the system to change the record?

Trust in the technology

Blockchain is decentralized and distributed among a huge network of computers. If you tamper with the information, everyone will be able to see what you’re doing.

With each new record, a new block is created, and each block is linked using something called cryptography. When a block is added to a chain, it is sealed by a cryptographic stamp called a hash — a random string of numbers and letters.

In order to create this stamp, a cryptographic riddle needs to be solved by a block creator, also known as a programmer or a miner. The riddle is very hard — it’s like guessing a 20-digit combination lock. A miner has to invest a lot of time and computer power to solve even one of these combinations.

When the block is done, it goes through something called proof of work. Everyone on the network — Bob, Mary and everyone else — need to verify that the stamp or hash is valid. If so, then the new block is accepted into the blockchain.

“What’s important about this technology is that no single actor on the network can change the content of that ledger without the entire network reaching consensus,” Tapscott said.

But why would someone waste time and energy to confirm this kind of information? Money.

By design, a blockchain is programmed so that when a new block is accepted, it automatically releases cryptocurrency to the miner. And every time there is an action — like a change of ownership to Bob and Mary’s grandmother’s diamond — there is a small transaction fee, which also goes to the miner.

From here on, any changes to the block, such as a change in ownership to the diamond, would create a new block, but the old hash code would always connect to the next subsequent block in the chain.

Blocks are resistant to modification because, in order to hack them, you would not only have to rewrite the code of that individual block but also every other block connected to it, which could be hundreds of thousands. Because the blockchain is distributed among millions of computers, you would also have to rewrite the history of commerce for not only one computer but all of them.

As of now, it is believed that no human is capable of such a hack.

“It takes longer than our universe, and that’s why it’s unbreakable; no hacker can live that long,” said Elena Sinelnikova, founder of CryptoChicks.

No middleman

Blockchain also squeezes out the middleman. Think of a typical business — most require trusted intermediaries, such as lawyers, banks and notaries.

These agents go between two parties and build trust by verifying documents and transactions. For example, a lawyer will review documents and conclude with evidence that yes, Mary is, in fact, the owner of her grandmother’s diamond. Or, for instance, a bank might say no, that credit card transaction for a Rolex watch was not yours.

This method of business has always added a layer of security, but experts say it can be costly and time-consuming.

“It is a far more secure and far more efficient method of moving, storing and managing value than any system we’ve ever devised,” Tapscott said.

If Mary’s ownership information on the diamond was registered in a blockchain, she may not need a lawyer to verify her information against Bob, who is also claiming ownership. Instead, the information lives on the blockchain database — all Mary would have to do is show her brother.

We now know that any information or record added to a blockchain has been verified and encrypted and cannot be tampered with. We also know the blockchain is distributed across many computers and transparent for everyone to see.

Experts say this type of peer-to-peer interaction with our data is changing the way we access, interact and make transactions with one another.

“That is a paradigm shift that is going to have a big influence and impact on basically every single industry in the economy,” Tapscott Early days for blockchain

 

Early days for blockchain

The future understanding and use of blockchain may be similar to our current use and understanding of the internet — we may not know the exact details of how it works, but we all use it.

That’s how experts envision blockchain’s future over the next decade; they expect it will become so ingrained in our day-to-day activities that we’ll simply use it without realizing. The problems blockchain faces right now are also similar to the early days of the internet: before search engines like Google, it was a lot more challenging to get around the world wide web.

It wasn’t so long ago you had to use a phone line to get online — and even low-resolution images took a while to download.

“In the early 1990s, people in the newspaper industry said the internet will never pose a challenge to the newspaper business because it takes a minute to download a webpage and it takes only a second to open a newspaper,” Tapscott said.

“We are seeing the same thing here. People are saying, ‘Well, the usability is not intuitive. My grandmother can’t use it.’ Well, this is 1994 for blockchain.”

Just like the early days of the internet, Tapscott says blockchain has not yet gone through its “digital revolution.”

Blockchain does not have an easy-to-use interface — for now. Already, techies across the world are competing to create a more user-friendly interface that will bring the technology out of its early days and into the mainstream.

© 2018 Global News

Why you should choose to care about online security

other

Reports show that 70 to 90 percent of cyber attacks are against individuals and small and medium businesses (SMBs).

For every small and medium business (SMB) that has not been the target of a cyber attack, one has been. Yes, 50 percent of SMBs have experienced cyber attacks.

And it makes sense. While breaching a major company might reap major rewards for the attacker, security tends to be far more sophisticated. That’s not so much the case with smaller businesses. In fact, Endurance International Group’s 2015 Small Business & CyberSecurity survey shows that 83 percent small business owners manage their cybersecurity efforts rather than have in-house or outsourced IT for the job.

When attacks are successful, and a data breach occurs, the typical cost to repair the damage is more than $36,000. Worse still, as much as 60 percent of small businesses crumble within six months following.

But take note—there is a huge difference between being the target of a cyber attack and being successfully breached. What keeps someone in the former group and out of latter often comes down to simple oversights.

Steps to prevent a cyber attack (or its success)

“Cybersecurity lapses have common trends and problems that can be traced back to laziness, lack of knowledge, and awareness of how common pitfalls can be leveraged against an individual or organization,” explains Morey Haber, VP of Technology at BeyondTrust.

For instance, the National Cyber Security Alliance reports that over 75 percent of employees leave their computers unsecured.

For the safety of yourself, your coworkers, and your customers and clients, read through the following cybersecurity tips. Then, commit to practicing them and help others by passing the advice to your organization.

Stop mixing work and play

Don’t mix work and play. Just don’t. Separate profiles, accounts, storage mediums for work and personal life. Just keep things compartmentalized. Don’t make it easy by being lazy. -Robert Nicholson of Concept Shifts

Delete old login emails

If you never delete the (probably hundreds) of login detail emails from your email account, you have created a gold mine for hackers. All they have to do is get into your email and then they have access to every service or website you’ve used. -Emmanuel Schalit, CEO of Dashlane

Think before you click

Think before you click. Today’s scams look very convincing, coming in the form of voicemails, eFaxes, invoices, social media, ADP theme or from the IRS. -Anurag Sharma, Principal of WithimSmith+Brown’s Cyber & Information Security Services

Be pickier about where you download and install software from

Try to use things like Microsoft Store or the Mac App Store for your desktops and iTunes and Google Play for your mobile devices. Again, this isn’t an absolute. You can more gradually move toward better practices, and each step you take will make you more secure. –Jeffrey Goldberg, Chief Defender Against the Dark Arts at AgileBits, the makers of 1Password

Don’t ignore security updates

We have all seen the nagware to update Adobe and Java, and we click ignore or remind me next month. The same is absolutely true for operating systems and MS Office Updates. [Overcoming] the laziness to apply the patches and reboot is the best method, above anything else, to ensure you are not exploited by a common vulnerability. Although it takes time to apply them, the few minutes it takes is well worth securing your system. -Morey Haber, BeyondTrust

Often just switching to automatic updates where that is available will make the task easier for you and keep you safe…And this isn’t an all or nothing thing. The more things you keep up to date the better, but you will start reducing your risks with each thing you keep up to date. I would recommend starting with your operating system, but look for little improvements where you can. –Jeffrey Goldberg, AgileBits / 1Password

Beware of free USB drives

Don’t ever fall for the free USB device drive—a very popular tradeshow giveaway these days—which when plugged in can easily deliver a malware or virus onto your computer. -Anurag Sharma, WithimSmith+Brown

Raise employee awareness about device theft

Often, IT has no insight into the types of data stored on their devices—devices that are left in taxis, hotel rooms, and stolen at airports. In fact, according to Gartner, one laptop is stolen every 53 seconds in US airports. And hotel safes are as secure as hiding the laptop under your mattress!

Encourage employees to be vigilant about physical device security but have a plan B because mistakes and unfortunate incidents are inevitable. Choose security solutions with geotechnology so you can monitor devices, set geofences, and receive alerts to activities that could mean a device was compromised, lost, or stolen. -Chris Covell, Chief Information Officer at Absolute

Prevent shoulder surfing

Screen guards should be employed to limit the potential for ‘shoulder surfing,’ in which an attacker stands near an employee and notes everything they are displaying on their screen. Better yet, do not allow employees to store sensitive business information on their devices in the first place, if at all possible—this will also protect secret data should the device ever be lost or stolen. -Lee Munson, Security Researcher for Comparitech

Ditch the dated machines

If are you still running Windows XP or Windows Server 2003 within your home or business, all security professionals know they are end-of-life and no longer receiving any maintenance including security patches. So, if the best method to secure your system is applying security patches, and you are still running older systems, then they are wide open for attack with minimal mitigation strategies available to thwart an attack. You, or your business, should consider replacing these systems as soon as possible to ensure they can be maintained properly. Many times this is a combination of laziness and money, but being breached and cleaning up the mess could be much more costly than replacing the systems in the first place. -Morey Haber, BeyondTrust

Limit unnecessary admin privileges

Are you providing everyone in your company unfettered access to all data so when your least technical savvy employee gets hacked, all that data is exposed? -Greg Kelley, CTO of Vestige Digital Investigations

Employees should be able to access only those systems and data that they absolutely need to perform their jobs. So that all activity can be traced to a particular user, each employee should have a unique access ID and should be authenticated using a strong password or passphrase, biometrics, or a token device or smart card. Strong cryptography should be used to render all passwords unreadable during storage and transmission. Physical access to systems and consumer data should also be restricted to prevent employees and building visitors from accessing or removing devices, data, systems, or hardcopies. -Mike Baker, Founder of Mosaic451

Limit remote access

Many businesses leave their firewalls open to outside entry by allowing access for managers working remotely or vendors who routinely perform maintenance on systems…Always change default firewall settings to allow only essential access, and limit remote access to secure methods such as VPN. – Kevin Watson, CEO of Netsurion

Password protect and encrypt sensitive info

This is especially important with regards to data stored on portable devices such as laptops and USB sticks, which can potentially be stolen, or lost. There are many encryption applications that achieve this, however, when choosing there are several aspects to consider:

1. How easy is the application to use? Could the CEO, who doesn’t have any IT skills, use it? If the application is hard to set up and use, it’s not a good solution for a small business.
2. Does the application interrupt the user’s workflow? Is there a wait time every time the user wants to access the encrypted file? If so, employees will do their utmost to avoid using the application.
3. Does the application automatically lock the data when the user stops working on the protected files? If not, this could be a security issue, as users are bound to forget to manually lock their documents.
4. What is the cost? Clearly, small businesses cannot afford an enterprise solution.

-Sandra Styskin, Co-founder & Developer at Safeplicity

Implement a password policy and multi-factor authentication

It’s tempting to use your dog’s name for every password, but it makes you very vulnerable to cyber criminals. Not only do you need to change your passwords often, you should use different passwords for every site, service or app you use. -Emmanuel Schalit, Dashlane

All companies, specifically SMBs, should implement a password policy for all employees and use multi-factor authentication. The password policy should at a minimum require employees to change the passwords every 90 days and they should always use multi-factor authentication to verify identity. The verification of identities when accessing work files and information is critical. I suggest implementing a solution similar to Okta or PingIdentity. -Ray McKenzie, Founder and Principal at Red Beach Advisors

Two-Factor Authentication (2FA), where users are required to put in a second form of information in addition to a password, like a PIN or security question, allows for only the intended user to access accounts. From password protected documents and accessing the network to staff’s personal and company accounts on company desktops, adding 2FA to accounts requiring passwords strengthen security. While sites like Gmail already implement this, many password managers also offer this as an additional feature to sites that don’t. -Kevin Shahbazi, CEO of LogMeOnce

Use a password manager

One of the impossible things that people like me tell the world is that everyone needs to have a unique password for each site. If I use the same password on a dozen different sites and services, then it takes only one of those to be broken into for the attacker to have my password for all of them.

Asking people to remember a different password for each site and service is absurd. Nobody will do that. (Ok, I once met someone with an eidetic memory who actually did do that for more than 70 sites.)  This is what password managers are for. They remember your passwords for you so that you don’t have to. Once you start using a password manager — and doing so will already make things easier for you — you can slowly start chipping away at password reuse. Sure it will be a while before you get to truly having a unique password for each site and service (I still don’t), but each time you change one password on some site to a new and unique one you are making a real improvement in your own security. -Jeffrey Goldberg, AgileBits / 1Password

Learn where you fall in the food chain of cyber security attacks

Banks and the financial sector are the number one targets, hospitals and the healthcare industry are number 2, universities number 3, and so on. There is a lot of online data and statistics on this topic. By understanding where your industry falls on the spectrum, you can understand generally what level of hacker you will be dealing with and the types of cyber attacks that they are capable of. -Regan Marock, CEO of SPC Cybersecurity

Make upkeep the #1 priority

Have you ever heard the phrase, Upkeep is cheaper than replacement? This adage applies closely to cybersecurity. One of the most important things SMBs can do to keep their systems safe is continually update them, perform routine maintenance, and ensure they’re clean. By regularly performing software updates on company devices and continually patching any discovered vulnerabilities, many basic cyber threats can be stopped or lessened significantly. -Stephen Coty, Chief Security Evangelist at Alert Logic

Don’t just take IT’s word for it

Business management must not take we have it handled as an appropriate answer from IT. I had a client come to me once that was told by his IT that their vital data was backed up daily. When the server containing that data crashed, the client said let’s restore the data only to find out that the backups were stored on the same machine! That story is replayed over and over today because organizations do not go through the process of executing a test plan to recover from disaster or hacking. A plan for recovery from hacking (especially ransomware) must be thought out, planned, and tested. -Greg Kelley, Vestige Digital Investigations

Embrace the human element

I will tell you one of the most tragic mistakes companies make regarding data security is to only approach data privacy from the perspective of the company as a whole, which is a very general perspective. The employees of your company don’t understand how data theft and data privacy is relevant to them. Good people can easily leak data, or cause leaks in security by simply being careless or leaving it unprotected. All privacy starts with the employees. -Anthony R. Howard

Know who to contact for help

Contact the right person for help. If you are a victim, if you encounter illegal Internet content (e.g. child exploitation) or if you suspect a computer crime, identity theft or a commercial scam, report this to your local police. If you need help with maintenance or software installation on your computer, consult with an IT professional. -Mark Grabowski, internet law professor at Adelphi University

Laziness is not an excuse for not knowing

Learning to protect ourselves online is just as painful as sitting through a defensive driver’s education class or jury duty. We do it because we have to, and for many, they will do anything they can to get out of a class on cybersecurity. The realization is no one is immune to an attack, and learning how you can be hacked and how to protect yourself is really important, and laziness or boredom is no excuse for skipping the class. -Morey Haber, BeyondTrust

©2018 SaneBox Blog

This technology will change world even with bubbly signs, Kevin Carmichael says.

The Vancouver Sun

The temperature in Montreal was close to freezing on Oct. 18, yet the lineup at the Société québécoise du cannabis store on Ste-Catherine Street wrapped around the block for a second consecutive day.

Irrational exuberance? Or a symbol of all the wealth that suppliers will generate? There surely is some degree of excess when factory farms are likened to Amazon and Google just because they grow marijuana instead of tomatoes.

Cryptocurrencies and blockchains were going to change the world in 2017. Now, it looks like those innovations will be used simply to upgrade the plumbing of the existing financial system. Valuations are correcting as a result. Bet you a Bitcoin that pot is on a similar path.

This brings us to another technology that definitely will change the world, and also has some bubbly characteristics.

If the fun Canadian business story of the moment is cannabis, the serious one is artificial intelligence (AI). When Stephen Poloz, the Bank of Canada governor, devoted a speech to creative destruction last month, he wasn’t thinking about pot. AI will reshape entire industries; tens of thousands of jobs will be taken over by computers, (hopefully) at least as many will be created in the process.

“In the future, AI is going to be as normal and as natural as the electricity in this room right now,” Carolina Bessega, chief scientific officer at Stradigi AI, told me in an interview at the company’s headquarters in Montreal earlier this month. “Nobody is going to talk about it because everyone is going to use it and have it.”

Bessega’s future is coming at us quickly.

Less than five years ago, Stradigi was just another developer of custom software. Then a retail chain asked the company to clean up a very messy inventory system. The job required sorting tens of thousands of items into a single database. It would have taken a human months to do it. So Bessega went to her boss, Basil Bouraropoulos, the chief executive, and said that she might be able to build an AI system that could do the work in a couple of hours. She was right; the gamble worked and the client was happy.

Bouraropoulos, an entrepreneur with a background in coding, refocused his company immediately.

“We didn’t go into AI because it was a bubble, because in 2014 the bubble wasn’t there,” he said. “The bubble really started in 2016.”

Like pot, crypto, and blockchain, there’s some froth around AI too. Thousands of tickets for the annual Neural Information Processing Systems conference, which this year will be held in Montreal during the first week of December, apparently sold out in about 10 minutes. Something called the AI-Powered Supply Chains Supercluster, spanning the “Quebec-Windsor corridor,” won a share of the Trudeau government’s $950-million fund to create innovation hubs, enough to convince some of you that AI must be a loser if it needs Ottawa’s help. One of Bouraropoulos’s challenges is convincing clients that Stradigi is legitimate and not party of the hype.

“You see companies just adding ‘AI’ or ‘dot AI.’ I’ve seen it over and over,” he said. “We’ve even had questions from clients, ‘Are you really an AI company?’ My answer is always, ‘I’d love to have you visit our offices and see that we really have 30 PhD’s sitting in here’.”

I saw the 30 PhD’s; they exist. They soon will be joined by about a dozen more to help Stradigi keep up with a surge in demand, including a new partnership with Seattle-based Cray Inc., the publicly traded maker of supercomputers that generated US$392 million in revenue in 2017. After taking its time, Stradigi is stepping out from under the shadow of Mila, the Montreal-based AI lab founded by Yoshua Bengio, a pioneer of the field.

“They are doing a fantastic job and if you look at their plans for the future, I really see that Canada is going to be the leader in AI,” Bouraropoulos said. “I am very confident saying that, and I’m very confident that we are going to be a huge part of it as well.”

I’m inclined to believe him, because Bouraropoulos and Bessega were rare executives I’ve talked to this year who didn’t complain about a labour shortage. That’s a serious issue in a lot of industries, but not in AI apparently. If talented scientists are lining up to work for companies such as Stradigi, the industry should be able to grow quickly.

Only a couple of years ago, Canada’s best graduates were rushing to the United States. Now, that migration pattern has reversed. That might surprise those who think Canada’s personal tax rates are too high to compete in tech. The cost of living in places such as San Francisco and New York has become so expensive that Canadian cities such as Montreal and Toronto can compete easily, even if the taxes are higher, said Bouraropoulos.

It also helps that the U.S. has become hostile to immigrants. Canada becomes an easy second choice, especially if it means working in the orbit of worldclass researchers such as Bengio.

“For people who are not from the United States, the situation in the United States is not easy,” said Bessega, a native of Venezuela. “That plays in our advantage.”

© 2018 Postmedia Network Inc

other

The latest Facebook breach has bigger implications for business users who represent their organizations on Facebook, or for organizations that have their own Facebook account. This is because the risks of a presence on Facebook can damage your organization’s reputation if you’re not careful. 

In extreme cases, the damage could be worse. This means that there need to be rules for business on Facebook. Here are some examples: 

• Do not assume Facebook is secure. Despite the company’s assurances, its record indicates that any information on Facebook is at risk of public disclosure. This is probably not an issue for most customer service uses, but not for anything beyond that.

• Never believe that your Facebook account can’t be (or won’t be) compromised.

• Don’t expect Facebook to come to your assistance. While the company does make global changes to react to security incidents, helping individual users can be problematic.

With those issues in mind, here are some practices to keep in mind:

• Don’t use your Facebook login anywhere except Facebook. This may mean having to set up a special email address just for Facebook use.

• Don’t use your Facebook password anywhere else. Have your password manager generate a unique password that’s hard to guess, and then have the password manager log you in.

• Don’t fall for those offers to use your Facebook login on other websites. This is where those tokens come into play.

• Use two-factor authentication for your Facebook account (and for your other accounts as well). It’s free, and it can help protect your account against credential theft.

• Make sure you control access to the company account so that you can prevent unauthorized employees or others from posting as if they were speaking for the company.

• Ownership of the company Facebook account belongs to the company. Your social media staffer shouldn’t be able to simply leave and take your followers.

• Require that employees who post on behalf of the company know your social media policy and agree to adhere to it. 

Of course, none of these steps will necessarily protect you if your information is taken in the next breach, but at least you can minimize the damage. For example, if you only use the Facebook login information on Facebook, then it won’t matter if it’s stolen, because the thieves can’t use it elsewhere. But even then, you should change your password from time to time. 

A Lot of Good Reasons to Use Social Networks in Business 

All of this is enough to discourage companies from using Facebook or other social media, but it shouldn’t. Facebook, Twitter and Instagram along with other such sites are effective and efficient ways to reach your customers. Your discussions and interactions with them can also help instruct others who have questions, and you can provide product and service information in a casual, non-threatening way.

But with that in mind, there are a few more rules: 

• Never use Facebook to accept personal information, payment information or anything else that can’t stand being completely public.
• Never use Facebook or other media to make any future-looking statements unless you’ve already issued the press release. If you want an example of how bad that can be, just refer to Elon Musk’s $40 million tweet.
• Never assume your competitors aren’t reading every word of your Facebook page. 

If the Facebook breach has done nothing else, it has demonstrated that there’s a huge potential for security risks there, and you can’t just cruise along thinking that it’s a form of recreation. For your company, Facebook is a totally serious but highly effective tool. 

The social network can be highly effective in providing customer support, provided you use it to make initial contact but then handle the details elsewhere. With Twitter you can take it to a DM. With Facebook, perhaps you can use Messenger. 

Facebook can also be effective in introducing potential customers to your company and all of the things your company cares about. You can demonstrate products, show videos, even set up meetings for your sales department. 

Depending on the type of business you have, Facebook can be your primary face to the world, and it can be very good at that. 

But like all powerful tools, you need to be careful how you use it.

Clients want real estate on-demand

REP

Everyone wants everything. Right now. For centuries, thinkers and philosophers have dreamed of a world where if you could think of something, you could have it—instantly. But now, that’s more than just a vision. Millions around the world simply can’t imagine any other way to live.

And thanks to smartphones, they can get it. With more than 207 million smartphones in the U.S. today, 2 out of 3 people use one. They love the fast, satisfying technology. But even more than that, they love the promise: Getting what you want, with a few touches. Today, not tomorrow.

A successful business is an accelerated business. Spotify, Netflix, Amazon Go, Uber and the entire mobile banking industry have all built their reputations on instant gratification. And now, real estate is joining the party, too—if you’re ready.

We asked 476 real estate agents how on-demand technology has changed client relationships. Results were surprising.

Copyright © 2018 Key Media Pty Ltd