As part of my bid to live a healthier life, I have started to visit the gym regularly. It’s gets me into a good mood before work starts, it adds regularity and routine. It’s a good thing.
As I look around I am impressed by the years of commitment that the other folk have put in.1 I also noticed that some of them would put their weights and platforms and other bits in any convenient space, which is often just in front of the fire door.
It always reminds me of the phrase of a buildings inspector, ‘What time have you booked the fire?’ Obviously, you don’t know when the fire will be, so you should keep the fire exits clear at all times.
Similarly, with website security: you don’t know when the hackers or other disaster will strike. Your best defense is to ensure that your website software is all up-to-date with relevant patches, that you have security software installed and, in case all that fails, you have a backup stretching back six months (with a rapid restore option). You could do all that yourself, or you get us to manage it for you, as part of our ‘safe and secure websites’ package for WordPress. As added security, we have just added ‘noCaptcha re-Captcha’ (no more illegible text to decode, just simple questions and a tick-box) as a security option to both Woo Commerce and our website forms.
1Aside: I remember, when I joined the gym, that they showed me the range of health foods/food supplements that they had. I pointed out that if I could eat myself healthy I would be an Olympic athlete. Being in IT isn’t the best for ones physique.
Some of you may have heard about a massive flaw in the security of the internet.
This is really serious and everyone should be aware of the implications.
Heartbleed is the sort of flaw that gives systems admins huge nightmares.
On vulnerable websites there is a significant possibility that your passwords have been revealed to hackers making use of the bug. Worse than that, if a site has been compromised there is no evidence!
It would be good practice to change all the passwords you use on the internet. Now.
…unless you have evidence that the services you use are not part of the problem.
At Cloud Genius, we have performed a full review of the services we use.
- Services to back up websites/update plug-ins. For clients that subscribe to this services one was not vulnerable, the other service has been secured and we have taken steps necessary to prevent any problems. No action required on your part.
- Website hosting – our provider has informed us that they are vulnerable. Until they update all their systems you may wish to change the password on your account at http://webhost.cloud-genius.com. Once their patching process is complete you should change your password again on the account. We will endeavour to let you know when this is.
- Paypal – our understanding is that Paypal is not affected.
- Teamviewer – our remote control solution of choice is not affected.
- Salesforce – To the best of our knowledge is not affected.
- LastPass – our password management software of choice is not affected. (And helped a lot in fixing services that were affected.)
Here is a list of other networks that were affected – these include people like Google, Yahoo and many others.
This is really serious. Make sure you are not caught out!
One positive – LastPass was able to scan all the services we use, list the affected services and make password changing a doodle! Highly recommended… and much more secure than any other system we have come across.
As a child I came across the saying: Fire is a good servant but a poor master.
I think that saying rings true even more of computers.
Most people seem to be slave to their computers, rather than getting the computers to do the work.
An auto-responder is a great way to put computers to work. As any good person in marketing knows, you have to keep in contact with your ‘prospects’. People rarely buy from you the first time they talk to you. I know marketing gurus who have fantastic systems of sending out emails one after the other, ‘warming’ up the prospect ready for the ‘sales chat’. They reckon that six is the magic number of contacts.
Imagine the computer could do that for you. It is a process, so perfect for automation.
The person signs up to a list. They get a sequence of emails, starting from that day, that address their particular need. If they respond to an email, it comes to you, so you can deal with them personally.
With a bit of creativity you can use this as a service to them. Imagine they want a reminder to do something every day for a week. You can set up a series of emails that go out on the seven days following their sign-up. You check ‘the system’, in this case aWeber to see how far they are through the sequence.
Supposing that on day 3 they make a purchase. The sequence is no longer valid for them. You can make it so that when they sign up for your product they are automatically taken off the old list.
You have an event comes up. You want to send an email to all your lists. You want do avoid duplicates where people are on more than one list. No problem… or you want to send to all people on a particular list UNLESS they have already made a purchase. Easy!
You want emails to go down on particular days before an event, reminding people to book. Simple!
You want to integrate this data into your Salesforce leads. There is a free app for that!
Suddenly you have a lot more time for following up those personal contacts. The rest is on ‘auto’.
For more information about any of this, just contact me!
I am a patient man… for an IT professional. I have been using Google Apps for over two years. I had found it to be reliable and easy to use.
Recently I upgraded my Mac to Mavericks. (For Microsofties, Mavericks is the latest version of the operating system for Macs.) There are lots of features that I love about Mavericks, but it really broke Google Apps email. I keep getting errors, unread mail counts are wrong, email retrieval is erratic – the lot. In the end this comes down to the Google email (IMAP) protocol being non-standard. That’s OK, the old Apple Mail used to work around it, but I do not use the ‘additional functionality’ that Google has plastered onto the standard. And it is the extras that are breaking my email. (For a similar tale of woe, look at how Google broke its synchronisation with Outlook last year.) Apple have delivered a fix, but it does not fix everything and it seems as if Google have reduced the number of concurrent connections allowed, so I keep getting errors. Lots of them. It is driving me nuts!
So, what do I do?
Do I ditch the Macs that I love or the Google Apps that I tolerate and have more than a suspicion are using my emails to make bigger profits? I could just access Google Mail from the web interface, but I am a road warrior – I like to have my emails downloaded for when there is no internet. I could upgrade to Google Apps for business but, with 10 accounts that would cost Cloud Genius £33 pcm + VAT (£792 + VAT over 2 years). Or I could use my own hosting webhost.cloud-genius.com. That will give me proper IMAP compliant email (and it will work with all those mobile devices, too – even Androids). It will allow me to carry over the cloud-genius.com domain, and it comes with free calendars, unlimited email space and storage space. (Actually, as I purchased my domain through webhost.cloud-genius.com it sorts all that out for me.) If I want to use it, there is even a web interface. All this for £39.36+VAT for 10 accounts for 2 years which works out at 16.4p per account per month! The equivalent from Google would cost £792 (that’s £33 x 24 months). That makes Google Apps 20x the price.
It did take half an hour to switch over the accounts. The emails are flowing in nicely, even emails sent from other Google Apps accounts. I now have to decide what to do with my historic emails… import them or archive them. Decisions.
As a bonus, I know that Google will not be reading my emails any more. Calm has returned to the Cloud Genius office. (The webhost.cloud-genius.com email servers use proper SSL encrypted connections, have proper spam filtering and have no affiliation with Google. It also has proper 24×7 phone support on 020 3027 4996 and 99.9% uptime. They also work with Windows, Linux anything – because they stick to the IMAP standard. You can even use POP3, if you really want to.)
Any questions? Drop us a line!
I am writing about this particular scam because it is so plausible. (First, this does not originate from Microsoft, just people purporting to be from Microsoft.)
I have received a phone call. The person on the other end of the phone informs me that I have a problem with my computer. This is causing issues and may cause my computer to be blocked from the internet. Now, as someone who knows the capabilities of malware, this is not beyond the realms of possibility. The main slip-up was that they told me how to access Windows control panel. I did play along for a while before revealing that I do not use Windows.
Here is an article from someone who played along for a little longer before revealing his hand. He was blocked from the internet, because they deleted his network driver!
My expectation was that they would install a Trojan… I had not expected them to be so ‘hands-on’. Other scammers may try other ways to affect your computer. In the most recent call, I asked them who they were calling from – the line went dead.
Do you have experience of this type of scam? Let me know, as I am thinking of writing a tutorial, if enough people are interested.
By the way, the linked blog is from Malwarebytes. I have used their anti-malware software with Windows to great effect.
I could not help but have a chuckle when I saw this article: Kremlin to revert to typewriters. Even the secret services are having difficulty keeping their information to themselves.
To my mind this means that security is not an absolute, but a best effort. Reassuring then, that we use Salesforce, which is regularly audited as secure enough to hold credit card details (in properly designed apps). That I have been trained in security and hold a CompTIA Security+ qualification. In my past I have designed and set up security for financial transactions for boutique banks, private equity companies and hedge funds. We always use strong passwords and store the gateways to our clients’ worlds in securely encrypted stores with two factor authentication. If our computers are stolen, the hard disks are fully encrypted – inaccessible without the correct password. They will be automatically wiped the moment they re-connect to the internet.
Do criminals go after hard targets or easy ones?
What security do your IT companies use? I have seen scary cases where clients’ passwords were stored in unencrypted spreadsheets and databases!
We keep our clients secure, they sleep at night and do great business in the day.