Segurança Cibernética: O Fator Humano e a Proteção Digital Pessoal

Por Everton Martins

Em um mundo onde dados são o novo petróleo e ataques digitais acontecem em segundos, a segurança de uma empresa não se sustenta apenas em firewalls, antivírus ou softwares avançados de detecção e mitigação de intrusão. O comportamento humano exerce um papel crítico, muitas vezes mais decisivo que qualquer tecnologia. Pesquisas de instituições reconhecidas apontam que a maioria dos incidentes de segurança cibernética tem origem em falhas humanas, frequentemente cometidas por usuários comuns, fora do departamento de TI.

Este artigo apresenta dados e estudos que evidenciam como o fator humano é o principal vetor explorado por cibercriminosos, ilustrando com exemplos reais (sem identificar pessoas ou empresas) situações em que erros individuais abriram brechas para ataques. Também reúne orientações práticas de segurança digital pessoal para reduzir riscos e fortalecer a postura de segurança no dia a dia

As recomendações aqui reunidas seguem padrões e guias de referência amplamente reconhecidos, como os do NIST, ENISA e ISACA. O conteúdo é escrito em linguagem clara e acessível, para que todos os colaboradores, mesmo sem formação técnica, compreendam e apliquem as orientações, estimulando mudanças positivas de comportamento e criando uma cultura sólida de proteção de dados.

O Fator Humano: Principal Causa de Incidentes Cibernéticos

Não é exagero dizer que, em segurança digital, o elo mais fraco costuma ser o humano. Pesquisas conduzidas por universidades e órgãos especializados indicam que erros humanos são responsáveis pela grande maioria das violações. Por exemplo, um estudo da Stanford University em parceria com uma empresa de cibersegurança revelou que cerca de 88% de todos os vazamentos de dados resultam de equívocos de funcionários[1]. De forma similar, o relatório Data Breach Investigations Report da Verizon apontou que o “elemento humano” esteve presente em 82% das violações, seja por ataques sociais (como phishing e pretexting), erros ou uso indevido de credenciais[2]. Independentemente do percentual exato, o consenso entre especialistas é claro: a fragilidade humana é o principal fator por trás da maioria dos problemas de segurança cibernética[3].

Por que o foco nos usuários comuns? Porque os invasores sabem que é mais fácil explorar a confiança, o erro ou a distração de uma pessoa do que burlar diretamente sistemas bem protegidos. Funcionários de todas as áreas, não apenas de TI, possuem acesso a informações e recursos valiosos e, muitas vezes, não têm o mesmo treinamento em segurança. Fatores como excesso de confiança, rotina atribulada e falta de conscientização tornam os usuários mais propensos a cair em armadilhas virtuais. Quase 45% dos funcionários admitiram que a distração foi a principal razão para cair em um e-mail de phishing[4], e 57% dos trabalhadores remotos reconheceram ficar mais desatentos quando atuam de casa[4]. Os criminosos se aproveitam disso enviando mensagens convincentes (fingindo ser um chefe ou um serviço conhecido) e explorando nossa tendência natural de ajudar, confiar ou agir rápido sob pressão. Em suma, mesmo as melhores defesas tecnológicas podem ser contornadas se as pessoas não estiverem alertas e bem-preparadas. Um único clique impensado ou uma senha fraca podem abrir as portas para um ataque cibernético bem-sucedido.

Exemplos de Incidentes Originados por Falha Humana

Por trás de cada estatística, há incidentes concretos em que um descuido humano permitiu a ação de atacantes. A seguir, apresentamos quatro cenários exemplares (baseados em casos reais divulgados publicamente) que ilustram como erros individuais serviram de porta de entrada para ataques cibernéticos. (Nota: Os exemplos não mencionam nomes de empresas ou pessoas, focando apenas no mecanismo do ataque e na lição aprendida.)

  1. Phishing por E-mail Enganoso: Um funcionário recebe um e-mail aparentemente legítimo, simulando uma comunicação oficial de uma instituição conhecida ou do departamento de TI. Ao clicar no link fornecido e inserir suas credenciais em um site falsificado, ele entrega involuntariamente sua senha aos criminosos. Em um caso real, o diretor de um hotel clicou em um e-mail que fingia ser da Receita Federal; ao fornecer seus dados de login, os atacantes assumiram o controle de sua conta de e-mail e realizaram transferências bancárias indevidas, causando um prejuízo de mais de US$ 1 milhão[6][7]. Esse exemplo demonstra como o golpe de phishing (fraude via e-mail) é capaz de enganar até mesmo pessoas experientes, ressaltando a importância de verificar cuidadosamente remetentes e links antes de clicar.
  2. Engenharia Social por Telefonema (Vishing ): Nem todo golpe vem por escrito – muitos ataques ocorrem via telefone. Imagine um atendente recebendo uma ligação de alguém que se passa pelo suporte de TI ou por um gerente, alegando urgência para obter uma informação ou redefinir uma senha. Sob pressão e acreditando estar ajudando, o funcionário acaba divulgando dados confidenciais ou executando ações solicitadas pelo golpista. Essas técnicas de engenharia social por voz (conhecidas como vishing) têm um alto índice de sucesso: em testes simulados, cerca de 70% das organizações observaram funcionários revelando informações sensíveis a falsos agentes ao telefone[8]. Esse cenário evidencia a necessidade de procedimentos de verificação (por exemplo, retornar a ligação ao ramal oficial da empresa) e de treinamento para reconhecer abordagens suspeitas, mesmo quando vêm por uma voz amigável do outro lado da linha.
  3. Senha Fraca Facilita a Invasão: Muitas pessoas ainda utilizam senhas óbvias (como “123456” ou combinações baseadas em datas e nomes pessoais). Em um incidente típico, um atacante realiza tentativas automatizadas com listas de senhas comuns (ou executa um ataque de força bruta) e consegue acessar a conta de um usuário porque a senha era trivial. Alternativamente, senhas reutilizadas em vários serviços tornam-se um alvo fácil. Se uma delas vazar na internet, os criminosos rapidamente testam a mesma combinação em outros sistemas. A extensão do problema é alarmante: 81% das violações de dados confirmadas envolvem credenciais fracas, reutilizadas ou comprometidas[9]. Ou seja, uma senha mal escolhida pode derrubar todas as barreiras de segurança, dando ao invasor as “chaves” do sistema sem que ele precise explorar falhas técnicas sofisticadas.
  4. Uso Indevido de Credenciais: Nem sempre os atacantes adivinham ou roubam senhas. Em alguns casos, elas lhes são entregues de bandeja por práticas inseguras. Considere um colaborador que, por conveniência, compartilha sua senha com um colega de trabalho ou deixa anotado o acesso em um papel à vista de todos. Em outra situação comum, o funcionário utiliza a mesma senha corporativa em um site externo (por exemplo, um aplicativo de uso pessoal); se esse site for comprometido, a senha da empresa ficará exposta. Tais descuidos permitem que invasores entrem nos sistemas usando credenciais legítimas, sem disparar alarmes. Infelizmente, esses hábitos não são raros: cerca de 78% das pessoas admitem reutilizar senhas em múltiplas contas[10] e mais de 1 em cada 3 usuários já compartilhou senhas pessoais com terceiros[11]. Essas práticas ampliam drasticamente o risco de invasão. Uma vez de posse de credenciais válidas, os criminosos podem se movimentar dentro da rede da empresa como se fossem usuários autorizados, explorando dados confidenciais e causando danos antes mesmo de serem detectados.

Diretrizes de Segurança Digital Pessoal

A prevenção passa, inevitavelmente, pela conscientização e pela adoção de boas práticas por parte de cada usuário. A seguir, listamos algumas diretrizes fundamentais de segurança digital pessoal, baseadas em recomendações de institutos especializados, para ajudar você, dentro e fora da empresa, a proteger seus dados e reduzir os riscos no dia a dia online:

Em conclusão, a segurança cibernética não é responsabilidade apenas da equipe de TI ou das ferramentas tecnológicas, mas também um compromisso de cada colaborador. Os ataques continuam evoluindo, mas a maioria deles ainda explora comportamentos humanos previsíveis: curiosidade, pressa, complacência ou desconhecimento. A boa notícia é que, munidos de conhecimento e adotando hábitos seguros, os usuários podem se tornar a primeira linha de defesa, não só de seu ambiente de trabalho, mas também de sua vida pessoal em um mundo conectado digitalmente. Portanto, fique atento, desconfie de solicitações inesperadas, siga as práticas recomendadas e incentive seus colegas a fazerem o mesmo. Uma cultura de segurança forte se constrói com pequenas ações diárias de todos nós, reduzindo drasticamente as chances de sucesso dos atacantes.

Referências Utilizadas:

[1] [4] Stanford Research: 88% Of Data Breaches Are Caused By Human Error

https://blog.knowbe4.com/88-percent-of-data-breaches-are-caused-by-human-error

[2] verizon.com

https://www.verizon.com/business/resources/T159/reports/2022-dbir-public-sector-snapshot.pdf

[3] 2021 Volume 5 Exploitable Traits as Vulnerabilities

https://www.isaca.org/resources/isaca-journal/issues/2021/volume-5/exploitable-traits-as-vulnerabilities

[6] [7] National Cybersecurity Alliance Case 4: Hotel CEO Finds Unwelcome Guests in Email Account

https://www.nist.gov/document/case-4-hotel-ceo-finds-unwanted-guests-email-account

[8] 2025 Phishing Statistics: Top Phishing Stats, Insights & Trends – Keepnet

https://keepnetlabs.com/blog/top-phishing-statistics-and-trends-you-must-know

[9] 82 Must-Know Data Breach Statistics [updated 2024]

https://www.varonis.com/blog/data-breach-statistics

[10] 78% of people use the same password across multiple accounts | Security Magazine

https://www.securitymagazine.com/articles/100765-78-of-people-use-the-same-password-across-multiple-accounts

[11] America’s Password Habits | Security.org

https://www.security.org/resources/online-password-strategies/

[12] [13] [14] [16] [18] Tips for secure user authentication | ENISA

https://www.enisa.europa.eu/news/enisa-news/tips-for-secure-user-authentication

[15] Microsoft: Want to thwart account takeover attacks? Use MFA

https://www.welivesecurity.com/2020/03/09/microsoft-99-percent-hacked-accounts-lacked-mfa/

[17] Instantly online-17 golden rules for mobile social networks | ENISA

https://www.enisa.europa.eu/news/enisa-news/instantly-online-17-golden-rules-for-mobile-social-networks

[19] National Cybersecurity Alliance Case 3: Stolen Hospital Laptop Causes Heartburn

https://www.nist.gov/document/case-3-stolen-hospital-laptop-causes-heartburn

[20] Have I been Pwned | haveibeenpwned.com

https://haveibeenpwned.com/

 Inteligência Artificial no Atendimento ao Cliente: aliada ou substituta?

Por Derick Cadete

Você já foi atendido por um robô hoje? Se sim, faz parte de uma revolução que está transformando o atendimento ao cliente em todo o mundo. Aqui na Cesla, essa realidade já é parte do nosso dia a dia.

A Inteligência Artificial (IA) deixou de ser uma promessa futurista para se tornar peça-chave na experiência do cliente. Ela não substitui o humano, mas potencializa o que há de melhor no atendimento.

Como aplicamos a IA no atendimento da Cesla

Quando um cliente entra em contato conosco, a primeira interação geralmente é com nossa assistente virtual. Ela é treinada com base em dados reais de atendimento e atualizada constantemente com as dúvidas mais frequentes dos nossos usuários.

Ela resolve sozinha:

Tudo com a linguagem clara e acolhedora que faz parte do nosso jeito de comunicar.

Benefícios reais (e rápidos)

Desde que implementamos a IA, já colhemos:

Desafios que aprendemos a lidar

Nem tudo são respostas prontas. E a IA ainda tem limitações:

Por isso, nossa abordagem é híbrida: tecnologia + empatia. Aqui, a IA não substitui pessoas, ela trabalha junto com elas.

O que você pode aprender com isso

  1. IA não é sobre cortar custos. É sobre agregar valor.
  2. Comece simples. Automatize o básico, monitore e evolua.
  3. Personalize sua IA. Ela precisa falar como a sua marca fala.
  4. Nunca abra mão do fator humano. Ele ainda é insubstituível.

Na Cesla, IA é ferramenta — não atendimento.

Seguimos evoluindo nosso suporte com base na tecnologia, mas sempre com foco no que mais importa: as pessoas. IA resolve. Humanos acolhem. E juntos, constroem uma experiência melhor.

Design Centrado no Usuário: colocando as pessoas no centro das soluções

Por Fernanda Campiotto

Em diferentes contextos e culturas, o ser humano está – e sempre esteve – cercado de experiências, sejam elas positivas ou não. Essas experiências emergem da interação com outras pessoas, objetos, produtos e serviços. Ao longo do tempo, as dinâmicas culturais, tecnológicas e socioeconômicas foram se transformando, exigindo novas formas de pensar essas interações. É nesse cenário que o design centrado no usuário ganha relevância. Mas afinal, o que isso significa?

O Design Centrado no Usuário (UCD) é uma abordagem que coloca as pessoas no centro de todo o processo de design. Isso significa considerar suas necessidades, motivações, dores e experiências em cada etapa do desenvolvimento de uma solução. Nessa abordagem, a empatia desempenha um papel fundamental desde as fases iniciais de pesquisa até a entrega final, garantindo que o usuário seja de fato compreendido e que suas dificuldades sejam priorizadas. O objetivo é proporcionar experiências significativas e criar produtos ou serviços funcionais, inovadores e realmente relevantes para quem os utiliza. Uma das ferramentas mais utilizadas dentro dessa lógica centrada no usuário é o Design Thinking — uma metodologia colaborativa que apoia o desenvolvimento de soluções e se organiza em cinco etapas principais:

O conjunto dessas etapas possibilita uma compreensão mais profunda do desafio a ser solucionado, pois promove uma imersão significativa no problema. Como resultado, há uma geração mais rica de ideias inovadoras, que resolvem problemas reais e agregam valor de forma mais eficaz.

Adotar uma abordagem que prioriza a melhor experiência do usuário durante sua jornada com um produto ou serviço é essencial. Existem diversas técnicas que podem apoiar esse processo. Aqui na Cesla, sempre que iniciamos um novo projeto — ou quando buscamos aprimorar funcionalidades já existentes — começamos entendendo quem são as pessoas que se beneficiarão das nossas soluções. Para isso, utilizamos entrevistas, questionários, pesquisas qualitativas e quantitativas, além de observações em campo. Essas técnicas nos aproximam dos nossos clientes, fortalecem nossa empatia e nos ajudam a compreender com mais precisão suas necessidades reais.

Ao colocar o ser humano no centro de nossas decisões, não apenas desenvolvemos produtos melhores — mas também fortalecemos conexões reais, geramos mais valor e criamos experiências que fazem sentido. Esse é o compromisso da Cesla em cada projeto.

The Importance of ESG for the Planet and Society

by Caroline Soares
Implementation Analyst

Do you know why ESG is being talked about so much these days? What is ESG anyway?

ESG is the set of environmental, social and governance criteria that should be considered when assessing risks, opportunities and impacts. The aim is to guide activities, businesses and investments in a sustainable manner (ABNT PR 2030).

Today, we are facing the consequences of a past that did not prioritize sustainability. Extreme weather events and the Covid-19 pandemic, which generated a global crisis with severe impacts, have shown the importance of considering environmental, social and governance (ESG) issues.

All organizations affect and are affected by the environment and operate in an increasingly broad and diverse society. To talk about ESG is to address all these spheres.

Environment

In the environmental field, companies and operations around the world are exposed to climate risks, such as the scarcity of natural resources, which threaten the future of generations to come. Incorporating sustainable concepts into business management creates synergy between people, processes and systems, and should be seen as an authentic practice that is consistent with corporate values. Being sustainable means adopting a new way of thinking and conducting business in a way that is ethical, transparent, honest, respectful of human beings and caring for the environment.

How does Cesla help in this process? Here we create respectful and ethical working environments and apply actions in line with those already practiced by our clients and partners with a view to supporting environmentally sustainable practices and creating a working environment that values diversity and respect between people and the community.

Social

In the social sphere, care and investment in workers' health and safety are essential. Many environmental disasters begin with incidents and/or accidents in the workplace. In industry, tools such as Preliminary Risk Analyses (APR) and Work Permits (WP) are used as risk mitigation tools. APRs survey the risks of the activity, while work permits control work in risk areas.

How does Cesla help in this process? Traditionally, these practices generate excessive paper consumption and high costs for companies and, consequently, for the environment. According to the Resource Conservation Alliance, 40% of the trees felled in the world are used to produce paper, contributing to forest degradation and climate change. Research by Gartner Inc. estimates that 3% of companies' profits are spent on paper, printing, document storage and maintenance, in addition to paper waste of around 50%. Our totally paperless projects ensure that all industrial checklist processes are carried out without generating paper and printing. A good example of this is one of our clients. Raízen (Operation EAB), between April 2023 and March 2024 alone, issued more than 427,000 fully electronic work permits in Cesla, eliminating around 2.46 million sheets of paper that would have been printed in this operation.

Governance

In terms of governance, it is crucial to adopt technologies that eliminate excessive use of resources and promote efficiency. This not only reduces environmental impact, but also gives companies more legal certainty, as data is protected by advanced electronic protection and management resources, with passwords and access hierarchies. This eliminates the risk of loss, misplacement and deterioration of documents, as happens with paper.

How does Cesla help in this process? In all the operations using our platform, we have no history of serious accidents involving people and facilities, and this significantly minimizes labor disputes, which generate millions in losses every year.

Conclusion

ESG is not just a passing trend, but an essential strategy for global sustainability. It represents an effective way of mitigating risks and adding value, promoting prosperity and ensuring the future financial health of companies. Integrating ESG principles into business strategies is key to contributing to a more sustainable future for the planet, for society and for all of us.

We at Cesla are committed to the ESG principles, integrating them into our business strategy to contribute to a more sustainable future for the planet, for society and for all of us.

The challenges of financial management in systems development companies

by Paula Ramos
Financial Analyst

Quality financial management is essential in any line of business and is one of the main areas responsible for the business finding continued success and stability. A financially healthy company is better prepared to take advantage of development opportunities and face routine obstacles that arise in the operation. However, software development companies face unique financial adversities and challenges and must adopt a series of measures and requirements. With good financial management, Cesla has achieved satisfactory results, promoting effective cost reduction and increasing the visibility/predictability of the company's real expenses. These strategic actions ensure greater security in the management of planned x committed x effective, increasing confidence in the decision-making of the finance department, but above all guiding the company in its healthy growth, increasing revenues and controlling costs. In this article we will present some important tips for carrying out financial management in a systems development company.

- Developing a financial plan

Making a detailed financial plan is undoubtedly the first step towards efficient financial management. The plan should include a detailed breakdown of income and expenditure, but above all its projections for the coming months or years, which will define the course of action to be taken with regard to the use of budjets.

Our financial sector carries out annual planning with provisions based on data from previous years and the current commercial situation, where they are adjusted on a monthly basis according to changes that may have an impact so that the provisioning is as aligned as possible with reality. 

- Keep a close eye on your finances

Keep strict control of expenses and income, recording all financial transactions. If possible, give preference to a system that can serve you efficiently by simplifying and making visible the challenges and points for improvement. It is important to have a periodic analysis of the entire financial flow, keeping a good overview of fixed costs, possible variations in the business and its main sources of income.

It's important to invest in a good management system so that you can control costs accurately and clearly, helping you to make decisions based on reliable data, making the return on this invested capital more tangible and predictable. 

In our company we use an ERP system (a system responsible for controlling all process and information management and which allows all sectors to be integrated), which helps our finance team to control costs and expenses on a daily basis, and to extract reports with essential data so that we can develop monitoring indicators to help us make decisions.

- Good cash management

Cash management is always a challenge for any company, and it's no different for those in the software development industry. Avoiding potential cash flow problems is essential, so make sure that the control of incoming and outgoing money has a flow of dates that is beneficial to the company's health. In addition, adopt emergency reserve and financial risk management practices. This will certainly make a significant contribution in the event of financial crises, which any corporation is exposed to.

- Have clear and efficient cost control

Controlling costs clearly and efficiently guarantees the profitability of the business. This includes easily identifying opportunities for reduction, possible losses and misplacements, and avoiding waste. Have strict control of fixed and variable costs, where you can see more economical alternatives and analyze the efficiency of processes with suppliers and services used by the company.

- Investments in new technologies

A fundamental aspect for software development companies is undoubtedly the creation of investments in technologies that boost the efficiency and productivity of the business. In addition, be aware of new market trends and new developments in the sector, making provision for possible changes before they take you by surprise.

Our development department is also responsible for analyzing possible investments in new technologies that could bring us productivity gains and greater security in our business so that, together with the financial department, the solutions can be analyzed and implemented at the right time.

- Substantial project management

Projects in the field of systems development can often be particularly complex and involve a variety of costs, ranging from acquiring the relevant technologies and infrastructure to hiring highly qualified teams. It is therefore essential to have cost control for each project that covers its particularities, resulting in accurate data that can be used in realistic budgets without unwanted contingencies.

- Recruiting and retaining talent

In technology companies, human capital is especially valuable, as it is people who drive innovation, the development of products and services, and the achievement of competitive advantages. And in systems development companies, there is also the need to hire and maintain highly qualified teams, which often requires a high cost. Therefore, it is essential to create attractive benefits, have a qualified recruitment team and a collaborative environment that can make a difference in hiring and avoid staff turnover, which can lead to additional costs and impact on the flow of deliveries of ongoing projects.

By investing in the development and well-being of employees, companies will be prepared to face the challenges of the sector and achieve better results. Here at Cesla, our Human Resources team actively works to enhance this, developing humanized management, obtaining continuous feedback from employees and bringing in innovations that can provide a healthy environment for teams.
Without a doubt, financial management in technology companies requires a strategic and adaptable approach. The challenges of the system development company sector require planning and in-depth knowledge of the market, as well as a long-term vision, the ability to respond quickly to changes and careful management of financial resources. Being attentive to new technologies and seeking out innovations on a daily basis offer the niche market solutions that bring productivity and security to operations, with a view to guaranteeing the health and growth of the business. By overcoming these challenges, technology companies have the opportunity to drive innovation, sustainable growth and financial success.

The importance of an effective Help Desk with focus on the best user experience

by Heitor Meloni
Cesla Sustainability Analyst

Currently we have observed a great growth in the technological area, where service areas have evolved to provide a more specialized support. Today we will talk a bit about our Help Desk, or as we like to call it: support team.

What does the Help Desk do?

The Help Desk is a fundamental area not only in our company, but in all companies. It is the department responsible for offering support to users, in our case: of systems and software. This service is especially important when it comes to workplace safety, since employees often have to deal with difficulties and problems that can affect the productivity and safety of the company as a whole.

Aiming to build a support hub offering greater technical knowledge, the Help Desk team was created including professionals from the most diverse technological specialties. This way, we seek to bring together the best support experience for our customers, using customer experience techniques (translation: user experience) and all the software knowledge to follow up on the requests coming from our users. Thus, we perform verifications and several tests in environments with the objective of analyzing and mapping the situation presented.

We are also responsible for the link between the user and the Development team, understanding and taking the demands to the developers in a clear way, seeking to bring an intuitive improvement in the tools usability.

Challenges

At CESLA, we always seek to understand more and more about the area of safety at work and how our support can optimize the time of the safety technicians when dealing with them, always considering the employee's safety as a priority.

Another challenge faced by Help Desk professionals is the need to keep up to date with new technologies and market trends. This requires that these professionals participate in constant training and qualification, so that they can offer quality support to users.

Step by step of our service flow 

The service flow within the Cesla Help Desk team follows these steps:

  1. Opening the call: The customer contacts the support through the available channels such as phone, e-mail or chat. The help desk agent records the customer's information and the reported problem.
  2. Situation diagnosis: The help desk agent analyzes the recorded information to identify what the problem reported by the customer is.
  3. Solution attempt: Based on the diagnosis, the agent tries to solve the customer's problem. To do this, he can search for information in knowledge bases, manuals, or ask for help from other team members.
  4. Escalation: If the solution is not found, the agent forwards the call to a specialist or to the Development team.
  5. Follow-up: After the problem has been solved, the help desk agent follows up with the customer to ensure that the problem has been solved and that the customer is satisfied with the service received.

The service flow within Cesla's Help Desk team seeks to ensure that customers receive the best possible service, with fast and efficient resolution of reported calls.

Our team is always ready to provide quality technical support and solve the demands in a fast and effective way. Do not hesitate to contact us whenever you need us. 

We are here to help you.

Flutter Language

by Felipe Silva
Tech Lead Cesla

Leader in the development of systems for Safety 4.0, Cesla is going through a transformation process and just with this moment, is making adjustments and improvements daily to offer the best possible experience for our customers. Since 2021, Cesla has chosen to adopt the Flutter language as its main development platform for hybrid mobile and web applications. But first, let's put into context what we use, challenges, and why we made this choice.

THE CESLA PLATFORM

Cesla is a platform for the Safety Workplace Safety market with an eye towards Industry 4.0. Our platform was developed by a risk engineering team with over 20 years of experience in the national and international safety and emergency market, based on the "operational pains" experienced daily in the industry, such as excessive paperwork, loss of operational time of those involved, guarding and preservation of documents and constant breaches of compliance(www.cesla.ind.br)

Our solutions enable effective security management in the companies where it operates, contributing significantly to increased productivity and guarantees of compliance, safe behavior, and sustainability.

Our products:

To build these products, we have a technical team with a high knowledge of what best fits between technology and business. Based on structured processes, after the ideation and mapping of what the product will contain ( https://cesla.ind.br/afinal-o-que-e-lean-inception/) we go to the technology choice phase. And for this, we carry out a process of R&D (Research and Development), where we gather our team to evaluate some characteristics of the technologies that best fit to solve a given problem. 

Some of these characteristics are:

We need to find answers to these and other questions to ensure that our technical choice is more assertive.

Here, some of the technologies we use in our products:

IONIC

https://ionicframework.com/

PHP

https://www.php.net/

CHALLENGES

A few years passed and then other challenges arose. From a technical point of view, we were faced with the following:

Part offline operation and the challenges of synchronization with low quality internet;

APIs with other systems

THE FLUTTER

Flutter(https://flutter.dev/) is a tool that allows you to create applications for smartphones (Android and iOS) and other mobile devices. It is developed by Google and allows developers to create applications with a single code base, which means that you can create an application and use it for both iPhone and Android. It also allows you to create attractive and animated user interfaces, making apps more interactive and easy to use. 

In short, Flutter is a tool that helps companies and developers create high-quality, beautiful mobile applications that work on different platforms.

Flutter has gained popularity among developers due to its ease of use, performance, and ability to create user-friendly interfaces.

[A cool video explanation]

Flutter // Programmer's Dictionary

[If you want to learn, why not?]

The First Flutter Class Everyone Should Take

WHO USES FLUTTER

I bet you have some of these applications installed on your cell phone:

THE BENEFITS OF USING FLUTTER IN CESLA

Cesla decided to use Flutter because of its benefits over the other technologies they were already using. One of the main advantages is the speed of development, since Flutter makes it possible to create mobile and web applications using the same code base, thus reducing development time. This was especially important for Cesla, as the company has a large number of ongoing projects and needed a platform that would allow them to develop these projects quickly and efficiently.

Another advantage of Flutter is its ease of maintenance. Cesla was already using other technologies such as React, PHP and Ionic, and the developers reported difficulties in maintaining these systems. With Flutter, these difficulties were practically eliminated, since the platform has a simple and intuitive structure, making the maintenance of the systems easier.

Another benefit obtained by Cesla with the implementation of Flutter is the possibility to integrate systems with IoT (Internet of Things) easier and faster. This was possible due to the fact that Flutter has native support for mobile and web devices, thus facilitating the integration of systems with IoT. This was especially important for the Cesla platform, as the company is always looking for new technologies.

Flutter's performance was also compared positively with other technologies, such as React, PHP and Ionic. Flutter had better screen refresh rates and faster response time than React, and its ease of use and web application development capabilities were superior to PHP. In addition, Flutter was able to offer better performance and IoT integration capabilities than Ionic.

Thus, in addition to the benefits mentioned, Cesla's customers will benefit from more user-friendly and modern systems, and a greater cadence of new features in the products.

CONCLUSION

Today, we are very pleased that the choice of Flutter for new projects directly reflects Cesla's moment of transformation. We will reap many benefits from this choice and we are aware of the possible challenges it may bring.

One thing is for sure: we keep an open mind to constantly learn and evolve.

Software Deployment and its Challenges

by Douglas Santos - Rollout Team and Cleber Candido
CEO Cesla

Contract Closed! Usually we receive this news with great joy here, after all it means that our client saw value in our solutions and decided to invest time and money to implement it. And usually after the contract is closed, we almost immediately get the standard question: How long will we have the solution up and running?


Performing the implementation of a service like this at the client is a milestone for them, mainly because most of them come from decades of management entirely on paper with huge reworks and want to get rid of this as soon as possible. Deploying software at the client is not an easy task: there are several processes and hands that together constitute the success of an assertive implementation. Knowing how to listen and understand are fundamental for the success of an implementation built together.


Knowing the client, gathering the necessary information for modeling according to his reality and needs, strengthening the relationship with the team involved, and the necessary information to actually use what was hired. 


That's when Cesla's Implementation team comes into play, a team of experts responsible for guiding the customer to get the most out of the acquired solutions. Answering the question of how soon we will have the solution running is quite difficult, but aiming to guide the customer from the very first moment, we developed a logical sequence of implementation, which we present below:

1st Step: Kick-off meeting

- In this meeting Cesla's commercial team presents to the external customer and to the internal customer what was sold as a solution, including modules, interfaces between systems, self storage, dual factor, among others.
- We define the product owners from both sides and present the Cesla teams involved (Implementation, Products, and Sustainability).

- We have created a whatsapp group just as the steering committee members of the project.

2nd Step: "As Is" Presentation

- This is the most important moment for both teams: alignment of expectations between the sold and the bought. Here we present a complete operational flow of the contracted module and at this moment we clarify the client's doubts so that he can see how the platform will work and if he needs to revisit his internal procedures and rewrite them, he will already be aware of them. This moment is crucial for the external customer to understand what was hired, demystifying the difference between a SaaS (Software with Service) and a Software House (Software owned by the customer).

3rd Step: Present a work schedule

- In this step we present a macro work schedule with all the project phases per module.

- The client follows through a detailed timeline all the phases of implementation and, in parallel, we present a macro and weekly status report on the progress of the solution implementation.

4th Step: Validate the application in the homologation environment

- After modeling, the client validates the complete flow with all its modeling and embodiments already done. The client is in an approval environment, but already has a feeling of how its interface and operating modes will be.

- After receiving the "agreement" for the model, we begin the training stages, where the so-called "Guardians" will be trained. The guardians will be the users with the most complete access profile and with the highest level of training from the client, and they will be in charge of supporting their local users regarding usability, and only the guardians can call the Cesla team in case of an effective problem with the platform.

In this phase, being present is our main goal: usually our team travels to the various units of our clients, to train them directly at their workplace. We travel to various places inside and outside the country, many hours of travel are added up by this team, whether by plane or car, we go through several cities and hotels. Armed with our PPE (Personal Protective Equipment) and tools, we make friends and get to know every detail of the operation. Even when we do remote deployments, we adapt and carry out the entire training process in advance, with content tailored to each team.


5th Step: Validate the application in the production environment

- After finishing the previous step, the development team prepares the production environment and connects the APIs (interfaces to other software) if any.

- Once again the client is invited to make a complete flow, now already in its official environment

6th Step: "Go live" with the tool

- After the application is validated in the production environment, the customer will send the "go live" acceptance, and at this point a meeting is scheduled that delivers the customer to the support team (Helpdesk), finalizing the participation of the implementation team.

Thus, we try to deliver the best possible experience between the kick-off and the go live, and ease the expectations for the beginning of the platform's use.

The challenges of service delivery in the Industry 4.0 era

by Cleber Candido
CEO Cesla

The outsourcing concepts that arrived here in the 80's and 90's in a distorted way, commonly associated with cheap services and of doubtful quality, had a lot to do with the global competitiveness of industry and commerce, generating in the following decades a negative image of service provision adopted in the country.

Whenever the contractor needed to contract or subcontract any kind of service, there usually comes to mind some possible problems that he would face:

- Unqualified companies;
- Unqualified employees;
- Lack or failure of documentation;
- Divergences between what is purchased versus what is delivered;
- Labor problems with co-responsibility;
- Among others.

Without a doubt, service provision has been advancing and transforming year by year in Brazil. It is a fact that we are still far from ideal, but the new technologies and the debureaucratization of labor relations in Brazil allow that more and more the service provider segment is a strong ally in the execution of tasks that escape from the main core of the industry and commerce that look for them.

The services sector is one of the most important in the Brazilian economy, besides being a great generator of jobs in Brazil, as verified by the Brazilian Institute of Geography and Statistics this year, services represent about 70% of the companies in the country, besides being responsible for 30% of the Gross Domestic Product (GDP)

Furthermore, Sebrae's panel of companies shows that there are about 8.64 million service companies active in Brazil, compared to 6.61 million in commerce, 1.90 million in factories, 1.36 million in civil construction, and 697,000 in agriculture (data for the month of May, 2020). The services sector represents no less than 44.9% of all active companies in the country, and leads in number of businesses when compared to other sectors. 

Approximately 90% of the companies accounted for by Sebrae are micro and small, such as Micro-entrepreneurs (MEIs), Micro-enterprises (ME), and Small Businesses (EPP), allowing us to say without a doubt that service is the front line of the economy.

In the industry it is no different, usually due to the large volume of contractors and subcontractors during the year or in major maintenance stoppages, the risks of losses with storage and preservation of physical documents delivered, control of on-boarding (integration) face-to-face, and management of competencies for execution of high-risk tasks involving work permits, for example, are increased.

Added to this is a low systemic management and the lack and/or failure of communication between business units, making it possible that even if a company provides a low quality service in a particular unit, it can often enter another unit of the group without any barrier, due to the lack of sharing of a performance score of the provider between the contractors.

Another relevant point! A small and timid systemic management is observed in the market related to "third-party or contracted management" companies, which offer document analysis based on time and quantity (batch), not being duly careful with the quality of the document sent. And so, it ends up becoming a point of attention in this type of platform service, and special attention should be given to the quality of certified clouds in high availability, the storage locations of such data, cybersecurity and especially the treatment with the LGPD (General Law of Data Protection) of these partners who offer such integrated services.

But how to face these challenges?

You first need to cut through the red tape and take a really hard look at what documents you are requesting from your service provider. Involving multi-disciplinary teams and asking simple questions such as: Do we really need this type of document for this type of scope?

Investing in efficient technologies is of no use if we still adopt archaic models of requirements simply because he is a service provider. Many times we find ourselves with items required from a service provider that in essence are not required even for the employees themselves who do exactly the same task/function.

Second, to have an assertive document management platform to support them in this challenging daily management, allowing them to streamline processes, protect confidential information, easily locate files, and establish criteria and types of documents based on the risk classification of the activity to be performed. 

Think of friendly solutions that generate performance gains even for your partner (Service Provider), controlling document deadlines efficiently, notifying the client and provider in advance of expiration dates, managing integrations (on-boardings) online or in person, and already interfaced with access controls (gateways) and with electronic work permits, not allowing access to critical activities if they have expired training and ASOs, for example.

In an increasingly fast-paced and technological world, respecting your contracted partner and treating him/her as part of your team as well as using good management tools, besides increasing your company's compliance and security, makes it possible to improve your performance in these processes by making them less bureaucratic and more agile.

Are you familiar with Hive? Our paperless third-party management platform

The Hive, a Cesla module for contractor management based on more than 20 years of experience in industrial routines involving analysis flows and document validation of service providers, being fully integrated with access controls and electronic work permits associating this with a performance score for managing the quality of the service provided.

With Hive it is possible in a totally paperless way - that is, totally digital without the emission of papers - to manage a contracted or subcontracted company and its collaborators, from the moment the service provider receives the service order until the end of its activities in the company, going through the stages of:

-Users and access profiles;
-Viewing dashboards;
-Scope/order creation;
- Order management;
-Document upload;
-Document validation;
-Face-to-face or fully e-learning integration management;
Automatic connection with Cesla's electronic APR-PT module;
-Connection with access controls (turnstiles/doorways), preventing entries with expired documents;
-Score of performance regarding the quality of the service provided.

Challenges of the new HR

by Jaqueline Shima
Talent Acquisiton Cesla

The cultural and technological changes currently experienced allow us to take a more careful look at our working hours, in the search for balance between personal and professional demands. The pandemic and the changes in routines have directly impacted this context, bringing possibilities and methods of flexibility that were unthought of and even previously seen as "impossible".

The Human Resources area had to reinvent itself in the face of these challenges, leaving an operational scope and moving towards more strategic paths. The look that was already focused on people, needed to find an increasingly humanized and empathetic management to understand the individuality of each employee. 

Actions and cultures

In parallel to these changes, Cesla has been designing actions and cultures to develop an affective and comfortable work environment for its employees: from continuous feedbacks, light chats in the 'Coffee with the team', spaces where the employee is open to speak confident that he or she will be heard without prejudices and judgments. 

We created a decision-making committee with OKR management (methodology for defining objectives and results), where 64% are composed of amazing and powerful women. Every month "Enchantment Actions" are held, whose objective is to bring closer and diversify the day to day of the collaborator, getting out of the routine and bringing a more natural, relaxed environment and uniting the teams. In the last few months we had actions such as a Games Championship, SPA Day with workplace exercises, lectures on mental and emotional health, Children's Day...  

New processes are designed together, always focused on the experience and belonging for everyone. Since then, we have achieved great results through an innovative vision and opportunities, based on diversity, which is one of the most important factors for Cesla. 

Technology and Innovation

With all the transformations, the world is not and will not be the same again. We need to reinvent ourselves, innovate, update, and build more digital and integrated models, allowing exchanges and openings. Understanding that we are different and that each one has its own particularity is fundamental to build an environment of psychological safety, humanized and essential for everyone's health. 

The use of technology has become a fundamental tool and a great ally, giving more autonomy and freedom to employees to perform their tasks in the hybrid system, besides bringing people together and connecting organizations in building new areas and partnerships. This has had a positive impact on deliveries, establishing a relationship of trust, totally contrary to a controlling vision. In this way, values that are intertwined bring an effective gain in the achievement of results and consequently, in more satisfied, active, and engaged employees. Let's take good care of them!

And faced with this, the work of HR and Cesla is transformed daily, reinventing and updating itself with a market focused on drawing plans to achieve competitive advantages. And more than that: the HR professional becomes a transforming agent in managing people from the entire network involved in the organization, making the company's culture clearer and awakening a sense of purpose in its employees, wherever they are.