23rd Dec 2019 | Defeating spam, e-Commerce, GDPR, General Information, Passwords, Security and Safety
Let me tell you of an IT company. It had started off small so the director had chosen a favourite password ‘D0neit01‘
This was some time ago, so the fact that it had numbers in made it really secure. It wasn’t particularly long, but it was memorable. Much better than other familiar passwords, like ‘Password01’ or ‘letmein’.
There were five of them working for this company and they were all really good friends. Three directors and two minions. They were working with cleaning companies and whoever would take them on. They realised that their level of service was a cut above everyone else’s, so they realised they could aim higher.
With one of those flashes of inspiration that sometimes hits small companies they realised that they could start working with the finance industry. They already had some contacts in that area of business and, well, those clients had money. It was a sure-fire hit!
Success Breeds Success
A few years later and they had an impressive portfolio of clients. Around a hundred in the bespoke finance industry. Hedge-fund managers, bespoke bankers, investment companies. Their clients loved their high level of service. In part this was because an engineer visiting site knew what the top admin password would be. You’ve guessed it.
By this point about a hundred of their clients were investing more than $1B each. (Yes, 100 x $1,000,000,000 = $0.1T). Which starts to look like a significant part of the UK’s GDP.
Some of the companies demanded ’secure passwords’ with funny characters in. For those companies the password became ‘D0nit01!’. Engineers knew that if the ‘low security’ password didn’t work you could use the high security one. Simples!
One of the managers was tasked with looking for a password manager. This would be able to hold all types of password. It would be able to fill in passwords automatically. You could give different members of the company different levels of access.
It came back with a price-tag of £10,000.
That was a lot of money.
The directors were not convinced that it was necessary.
An Innocent Mistake
One day, one of the directors was logging into a client, let’s call them ‘securefinance’. Their website was ‘securefinance.com’. The director had not noticed that in their speed they had typed ‘securefinance.co’. The website looked EXACTLY like securefinance.com so why would they notice?
Over the coming months they started to notice that some of their clients were failing. In one bad incident a client lost $0.1B in a week! That client immediately started the process of winding down. It was sad – they were a difficult client, but they had been a good payer.
You are probably going to guess what had happened. That fake website had grabbed the entered username and password and was now beginning to use it on lots of websites. They were getting lucky. They were also trying password variations automatically. So they were picking off both the ‘low’ and ‘high’ security clients.
Bad Guys Collaborate
They had also submitted the successful usernames and passwords to a database that is maintained by hackers. (Yes, this really does exist.) So lots of other people were trying these passwords… but they were not using them themselves. They were getting computers infected with ‘malware’ to try them. That IS the job of a lot of malware. If the malware successfully logged in then they would update the database. If the password failed then the bad guys were untraceable. Either way the bad guys win.
By now, clients were getting picked off at an increasing rate.
It was looking very bad.
Several consequencies could have happened, including a significant impact on the UK economy, jail terms and collapse of the IT company. This is based on a true story. The directors were potentially negligent, so could have lost the shirts off their backs.
The Good News
A good password manager is available for FREE. It has greater capabilities than that old software costing more than £10,000.
There is an Enterprise version which has all the granular controls you require for a little bit more.
With a password manager, doesn’t that mean that I am committing all my passwords to a database protected with ONE password? Surely that is a really BAD idea? Yes, it would be UNLESS you set up 2 factor identification. This means that you have a code to type in that is sent to you or generated on an app on your phone in addition to the password. As a hacker will not have both access to your password AND your phone your database is safe. It is also highly encrypted and if you lose your phone or your admin dies there are very secure ways to recover the database.
Here is the manager we use: Lastpass It is not the only one out there, but it is very good. We manage more than 1,500 passwords with it. All our client’s passwords are unique, long and very complicated.
You might not be managing billions of dollars, but you wouldn’t want to lose what you have.
14th Jul 2019 | Accounting, e-Commerce, Finance, Salesforce
Back in 2015, I wrote a short article about Breadwinner and how this amazing product was integrating all of our Xero accounts into Salesforce. It seems to have made our lives so easy for so long. All our contacts in our accounting software match up EXACTLY with our Salesforce contacts. In that time it has been great to see Breadwinner continue to develop and add new features. At the time I said that Breadwinner was so good that it was a reason to purchase Salesforce.
If you were a Netsuite user, you had no such luck. You were left out in the cold with not proper 2-way integrations between your accounts/ERP and your Salesforce. Similarly, getting information from your Stripe account into Salesforce was ‘difficult’.
TODAY, I have heard that all that has changed.
Breadwinner is also launching integrations to connect Salesforce to Stripe, and another one to integrate Netsuite with Salesforce.
Breadwinner has brought out an integration for Netsuite. That has to be big news – your CRM and your Accounts/ERP package talking to each other. Using all the power of Salesforce reporting to give a real insight into how your business is doing.
Stripe talking with your Salesforce has to be big news, too! (But I am still more excited by the Netsuite news.)
So, what are you waiting for? I have always found Breadwinner to be super helpful, so why not find out more from the links.
Salesforce to Stripe, and integrate Netsuite with Salesforce.
25th Dec 2018 | e-Commerce
Wishing everyone a joyous time of year, whether that is Channukah, Christmas, Diwali, Yule or whatever is special to you and those whom you love.
You have probably taken the time to put your feet up… but will your customers?
Many people will be bored on Christmas and start playing with their iPads, iPhones or the old desktop computer lurking in the corner. In other words, just because you have a holiday doesn’t mean that your customers and potential customers do. So make sure they have something to do!
What better than to have them spending money on your Ecommerce website – even better if they are using gift tokens that a friend or relative has bought for them. They can find out if Apple Pay or Google Pay really works on their new devices.
So, happy festivals, may you have lots of rest and a prosperous new year. (While your website works for you in the background.)
All the best,
John
28th Jul 2016 | Consultancy, e-Commerce, General Information, Security and Safety, Web Hosting, Websites, WordPress
How great would it be if you could take credit card payments directly from you website.
It’s not as if you have an online store, but there are just one or two services that you would like to charge for. You could use PayPal, but their fees are 3.4%.
Stripe is a really good credit card processor. (After all, even billion-dollar businesses like Salesforce use them.)
Their fees are as low as 1.4% + 20p per transaction at the basic level. Much cheaper than PayPal.
The downside is that they require a website that meets the standards of TLS 1.2.
Ours do.
We can set you up with a secure website.
If you use our Safe and Secure website service, we will ensure that it meets the security standards of the future.
(BTW we do full e-Commerce websites, too.)
23rd Jun 2016 | Consultancy, e-Commerce, General Information, Salesforce
Do you delight customers? Do they feel better for working with you?
Learn to know your customers and anticipate their needs with a Customer Relationship Management (CRM) system.
At a glance, you can see your potential sales, customer entitlements, emails you have sent… all filed against the right customers.
As a charity there are some really good deals out there from the major CRM companies, Allowing you to better achieve your charitable aims.
Time left to book your place
This half-day course will give you insight into what a CRM is, and how it might help you in your business or non-profit.
Bring a laptop, you will have opportunity to try it out for yourself!
The day will be run by John Dray, CEO of Cloud Genius, who has many years of experience with Salesforce and general IT. The course is sure to be both informative and enjoyable.
The course will run from 9am to 1pm on Monday 18th July 2016 at the Beacon Centre in Llanelli.
The Beacon Centre for Enterprise
Dafen
Llanelli
SA14 8LQ
Click here to be taken to the booking page: Book a place
Places are strictly limited to ensure that attendees get the most from the event.
If you book before 11 July, you will have an opportunity to submit questions that will influence the direction of the course!
We are running this event in conjunction with The Best Of Carmarthenshire, a great organisation that promotes trusted, local businesses. Thank you for your support! As a result, members of The Best Of get a reduction on ticket prices.
21st Jun 2016 | Consultancy, e-Commerce, General Information, Salesforce
Do you ever wonder if you should be doing more to keep your customers happy?
What if you had a way of keeping track of all your customers, suppliers and all your interactions with them?
One excellent tool is a Customer Relationship Management (CRM) system.
If you are a business, it’s a way of keeping track of all your customers and suppliers. You can see your potential sales, appointments, emails you have sent… all filed against the right companies.
If you are a charity or non-profit, it can be a way of keeping track of volunteers, appointments, donations, memberships
…. and so much more.
Time left to book your place
This half-day course will give you insight into what a CRM is, and how it might help you in your business or non-profit.
There will be active demonstrations on live databases. If you bring a laptop, you will have opportunity to try it out for yourself.
The day will be run by John Dray, CEO of Cloud Genius, who has many years of experience with Salesforce and general IT. The course is sure to be both informative and enjoyable.
The course will run from 9am to 1pm on Monday 18th July 2016 at the Beacon Centre in Llanelli.
The Beacon Centre for Enterprise
Dafen
Llanelli
SA14 8LQ
The running order is here: Running order
Click here to be taken to the booking page: Book a place
Places are strictly limited to ensure that attendees get the most from the event.
If you book before 11 July, you will have an opportunity to submit questions that will influence the direction of the course!
We are running this event in conjunction with The Best Of Carmarthenshire, a great organisation that promotes trusted, local businesses. Thank you for your support! As a result, members of The Best Of get a reduction on ticket prices.