A valuable lesson with new web sites

Over the past few weeks we have been creating a new website – www.numberite.co.uk our new Virtual number site.

All went smoothly and launched a few weeks later than we would have liked but launched well….

Great we had loads of visitor, but wait we had no purchases or follow up calls. What was happening?

We were being bombarded with access attempts from all around the world including Russia, China, India, Africa and the USA. After much head scratching we localised the issue to robots or automated sites crawling over the site to find information. Within 1/2 hour we had installed a WordPress plugin that allows us to prevent unauthorised countries from accessing the site. This stopped the high stats and secured the site.

A further issue was found with unwanted use of our Adword allowance, which again required a large number (100+) negative words and phrases to slow this.

So we learned a lesson that the web is not always a friendly place.

Passwords – Tricks and tips

How many times have you used the same password? do you forget your password and have to reset, then cannot remember the security question? Following are a few tricks and tips.

Rather than trying to remember an obscure or irrelevant password we would recommend using a phrase or quote and using letters from this. We also suggest swapping numbers for letters so instead of an “A” use a “4″ or instead of an “S” use a “5″. Some passwords expect symbols so again use an “@” instead of an “A” or a “?” instead of a “T”.

Phases

We sometimes use phrases to remember numbers, such as Pi ie “How I Wish I Could Calculate Pi”, the number of letters in each word are counted to give 3.141592 .

This can also be used for remembering pin numbers, so the pin 1 4 2 4

Could be “ I Have To Call the hospital” so I has 1 letter, HAVE has 4 letters etc.

Another option we could use the 1st letter of each word in the phrase

The Early Bird Catches The Worm”  so T E B C T W  so a simple 6 letter password with no real meaning. So if you can remember the saying you can workout the password.

But how do you use this for multiple passwords? You can add letters after the 6 letters that relate to the site you are visiting so:

Site www.theguardian.co.uk you could take the first 2 letters T and G and add to the end so you end up with T E B C T W T G an 8 letter password or you could substitute the last 2 letters of your original password T W for T G to give you a new password.

We could also substitute numbers for letters, so you could replace the “B” for an “8″ , so you end up with T E 8 C T W T G a nonsense password but means something to you.

Lastly add a double symbols you like such as a % to the end and you end up with TE8CTWTG%% gobbledygook but a good password.

So to write this safely, you could write The early bird catches the work 8 % . This would remind you to substitute the 8 and add the % twice

Yes all sounds confusing, but good in practice and if you write the saying in your note book would anyone be the wiser? You can use your own memorable phrase..

“My holiday in Spain was very relaxing and rejuvenating”,

I hope this helps and keep on with those passwords and remember not to leave your keys laying around.

 

Keeping safe when browsing #2 – Saving passwords and info within your browser

Following is our suggestions for keeping safe on the web

The Scene.

As everyone these days, you use the internet for shopping and banking, but find the constant request for information, passwords, etc really annoying. But to help your browser remembers these for you, what a life saver.

But oh dear!, your computer dies or worse is lost or stolen, how will you remember all the passwords and login’s. Oh! its OK the password is the same for everything and you always use the same email address.

Oh dear! indeed, we hear this nearly every day and find it sad that so much trust is placed on the computer, although we do not use the same rational we use in everyday life.

Using the same password is the most common issue. I always liken this to using the same key in everything you open. If one key is lost someone can open everything you have. So please use different passwords for everything. There will be a later blog on passwords and tricks to remember.

All browsers ask you if it is OK to save your info on there first use and without exception this is accepted, “..anything for an easy life..” and from now on it continues to do so. The issue here is that the passwords, address, email addresses and other confidential info are not usually encrypted or saved in a way it cannot be recovered. Therefore someone with any IT knowledge, and this can be a 7 year old up, can recover all this info within a few seconds. So your bank account, email address and password can be recovered and used without your knowledge. Your shopping sites can be accessed, those appointments can be uncovered and those subscriptions to magazines etc can be made public.

Another consideration, if your PC is compromised with a virus or spyware your data can be collected easily. So make it as difficult as possible.

Scared yet? no? I have spoken to 20+ clients in the past 2 weeks and on everyone, no there were no exceptions, I was able to confirm that their data was not secure and easily accessible.

So to address a few of these problems with a couple of solutions.

Firstly go un-tick the remember password and any other info. If you search for your browser then ” clear data” you will find plenty of sites and info on clearing data and what tick is required to stop being asked. The same with remembering info such as addresses and personal bits of info.

This will sound a little contradictory about saving info, but we would also recommend using favorites for sites you visit regularly. We have found a number of people searching for sites and clicking the first site on display. They then fall fowl to phishing scams from sites that look like the expected site.

Read my blog on passwords and go and change the password on all those accounts that are the same or have not been changed for years.

If we have raised any concerns or you would like to discuss anything raised above, or would like to take the data challenge please email at support@pcsouthwest.co.uk or phone 01392 361999

 

 

XP – If you are still using what you should be doing.

So you are still using XP?

I would seriously recommend you take 10 minutes, sit down, have a coffee and consider why you are doing this. Right a business case for continuing to use against upgrading. Now read the rest of this blog and do the same.

Regarding the risks in not upgrading or replacing, I can appreciate there is a train of thought that says I have been using this for 10 years, why should I change. I also understand there is a financial reason, as upgrading or replacing could be £3-500.

But consider these facts:

1) Microsoft released XP in 2002 and is therefore now 13 years old. It has been patched hundreds of times and is no longer being repaired.

2) Microsoft Windows 7 and 8 are a similar operating system to XP and daily bugs and issues are found and repaired. These repairs are not being made to XP so anyone able to understand the bugs in Win 7 & 8 are able to take advantage of exploits in XP.

3) New versions of programs are not being made as XP compatible. So you may find that upgrading to Sage, QuickBooks or many other programs you depend upon will not work. You will therefore be forced to upgrade to Windows 7 or 8 at the same time as you upgrade the software which will add to the cost and timescale.

4) The same with new hardware, many new devices are no longer being supplied with XP drivers. When or if you printer goes wrong you may find you cannot buy a replacement and will be forced in to upgrading your PC at the same time.

5) Programs based around XP, such as Outlook Express, Internet Explorer 7 & 8, Office 2003 etc are also not supported any longer and again exploits in these programs are no longer being repaired. Does your business depend on these?

OK, if my argument for upgrading is insufficient or you have a critical piece of software or hardware which will not work on XP? Please read on…

Following are the recommendations we are giving to all users of XP:

1 ) Use passwords for all login’s and programs where passwords are available; change regularly, ie weekly.

2 ) Ensure all email and local data is backed up and held securely.

3 ) Reduce access of shared data to only those authorised for access. Archive data not requiring access.

4 ) Change all user accounts from Administrator to a limited one. That includes managers who may like the option to manage changes quickly. Admin access would allow unwanted programs to install.

5 ) Do Not use (disable) Internet Explorer 8 or lower – Use Chrome or Firefox and remove all unwanted plugins. NB some banks may require Internet 10 or higher so you may be stuck.

6 ) Clear Search history, cache and saved settings such as passwords from browsers regularly or on exit.

7 ) Do Not use Outlook Express 6 – Instead use an alternative such as Mozilla Thunderbird. Outlook 2000 or 2003 is no better, Outlook 2007(SP3) or Outlook 2010 will work with XP, 2013 will not.

8 ) Install Malwarebytes Professional – to prevent unwanted exposure to spyware
http://www.pcsouthwest.co.uk/products/anti-malware . This is around £20 for 3 machines for 1 year, ensure it is setup to scan regularly.

9) Install a good antivirus program such as Avast, configured to  scan regularly http://www.pcsouthwest.co.uk/products/anti-virus this is around £25 per PC per year, ensure it is setup to scan regularly

10 ) Ensure the highest levels of Spam control are set at the domain.

11 ) Use anti-spam software such as Spamfighter – http://www.spamfighter.com/

And lastly watch the news for exploits in XP and any warning which may tip you off to upcoming issues.

If you are concerned and would like to discuss your XP use please email at support@pcsouthwest.co.uk or call on 01392 361999

Keeping safe while browsing #1 – Using a VPN

Keeping safe when browsing #1

I hope to put a couple of blogs about keeping safe when browsing but here is one to get started.

The Scene.

You are in a bar or restaurant and need to send an email and check your bank account, they offer free Wifi, you join this and off you surf. A week later you find your bank account empty and you are spamming your friends, but how can these all be linked?

The frightening thing is this is a true story from a client who returned from a weekend to London.

The free Wifi they joined was a phishing address and captured their browsing content and captured their emails, email address and passwords used while surfing.

But how can you stop this from happening to you?

Firstly we would always recommend speaking to a member of staff behind the bar and asking for them to confirm the Wi-Fi name and the day’s password. There are hardly any business which will just allow free access to Wi-Fi and if they do, please ask them to call me as they need to get serious.

This will help ensure the Wi-Fi address is the correct one but to be safe online we also recommend using a VPN. This stands for Virtual Private Network and is a connection you make as soon as you are connected to the Wi-Fi. All traffic is then encrypted over the private network and is therefore not available to be read by anyone locally sniffing traffic.

VPN’s are usually a paid for option and we will add a couple of suggested solutions to this Blog when we can confirm a good one. If your business offers a VPN connection please use this when connecting to open, free or any connection you are unsure about.

Please let me know of any stories and we are always happy to offer solutions.

Next time “XP – If you are still using, what you should be doing”

Email, POP, SMTP, Exchange, but which one should you use? and why!

The past week has been designated as “Freaky Email Week”, why? Well we have had so many unusual problems with email I do not know where to begin, but will rather give you the run down on email use.

Email comes in a number of variants and you may have heard of Webmail, POP, IMAP and Exchange. As a user, you want to view emails, send emails and search them, but there is so much more to consider when choosing what to use. Such as recovering deleted mail, PC failure and spam control.

WEBMAIL

If you have used a Hotmail, Gmail or many other web page accessible email, you have been using Webmail. It is either as a basic email only system ie inbox, sent items etc or with Contacts, calendar, Word etc, designate either, OWA, Hosted Exchange or Outlook (on the web, not to be confused with Outlook the installed program) more on this later. While a great product Webmail is limited in the slow use in using, attaching files and not being able to link to CRM’s or other programs. It is great for an emergency, when someone sends a large email which your mail client wont download or to prove you have the correct password for your mail client.

Pros : There are usually from account at Hotmail and Gmail. Always on if you have an internet connection.

Cons : using a free service such as Hotmail or Gmail could leave you high and dry if the service is hacked or fails, as you likely will have no recourse with the supplier.

POP/IMAP – Downloading

This is where you use an email client program such as Outlook, Outlook Express(old but still used), Mozilla Thunderbird or many others, is used to download your email from the Webmail server on to your PC. By download, I mean emails are retrieved from your Webmail server and held within the Email client and can be viewed when you are not connected to the internet. POP is used where you are just working with emails and will only download from your Inbox and send using the Outbox. With POP, email downloads and removes the email off of the webmail server, but there is a tick in the settings to “Leave on the server”, but usually the mailbox is quite small and can fill quite quickly, so advise using IMAP or Exchange. IMAP is more of a syncing system, which sync’s all mailboxs, contacts and calendasr with your Outlook. This can be used on multiple devices but can give issues and is not usually that well support for recovery of deleted mail. Mail boxes for POP and IMAP are usually around 400Mb so not huge. Considerations with POP/IMAP – firstly setting up within an email client, if you use the automatic settings usually you will get IMAP which will often set you up with multiple personal folder. Using POP you can setup multiple accounts but have email filtered in to one inbox etc. Secondly there is the consideration of backup. This is not an obvious process for most email clients and is usually a manual process, which involves closing the program, finding the data and manually copying to an external drive. In the years I have been supporting clients, I know of very few that backup email manually and usually we setup an automated process, but usually encourage Hosted Exchange.

Pros : POP is usually a cheap service and IMAP allows a form of syncing folders.

Cons : POP downloads your emails and if your PC crashes you lose everything unless you have backed it up. IMAP can give unusual issues with folders syncing across multiple devices.

Exchange (Hosted Exchange) – Syncing

Exchange refers to a server program that acts as an email incoming and outgoing manager. Exchange is either installed on a local, in office server, or is supplied as Hosted Exchange, installed on a web server or cloud server. The cloud based server is taking over from an onsite servers for small to medium businesses, usually less than 20. It is supplied on a per user mailbox with a monthly fee, but gives a number of advantages over Webmail and POP/IMAP. We ask clients to think of Hosted Exchange as a mail server, which will allow you access as either Webmail, use Outlook (2007, 2010, 2013 or Mac 2011) or via a smartphone and allow synchronisation of items of Email, Contacts, Calendar and Tasks across all devices. It also adds sharing of all items ie you can share your contacts to another user on the same domain or can use Public folders to create a shared calendar, such as a “Holiday” diary. The Exchange is fully backed up, therefore should your PC fail, a replacement can be re-setup and all you mailboxes etc would then re-synchronise back to your Outlook. Hosted Exchange can be an add-on to your domain and supplied as a separate service but in most cases you must have your own domain. If you have @gmail or @hotmail, you cannot use this, although @btconnect.com have their own product, confusingly called Outlook.

Yes we promote and sell Hosted Exchange. Yes we use ourselves and would not be without it. Yes we have clients that use all three and we are happy to support them all. 

So in conclusion Webmail is great but limited, POP/IMAP are usable but dated and limited, Hosted Exchange is more costly but has great resilience and use.

 

The fun of Ebay

Having run a company for many years we have built up lots of old surplus equipment which usually end up on Ebay.

This week we sold an item which was lost between being advertised and being sold. It was an old drive which has been sitting around for years and likely ended up in the recycle bin. We ended up with our first Negative feedback in 5 years so all really disappointed. We contacted the buyer, apologised and credited back as soon as we realised but still got a negative. Some people!

Lets hope we can survive this and keep on selling.

Another new Server etc…

Yes we have had another install of a new Microsoft Server 2012 R2 HP Server, but added to this a 4 way bonded ADSL line, a 10 phone Hosted VoIP phone system, a full height network cabinet and 100+ network points and network equipment. So you can imagine we have been busy preparing the server and ordering the equipment.

The office is a new build so everything is new, excluding the 10 PC’s and printers. There are 100+ network points spread over the complete site, which patch back to the new cabinet. Fortunatley we have a contractor running the cables and we only have the patching to do. There are also 2 x 24 Port Gigabit POE switches which will power the phones, WI-FI access points and security camera’s. We have a second ADSL connection dedicated to the phones, but sharing the same network as the PC’s we have fallback to use the bonded ADSL should the line fail.

A quick lesson in POE or Power Over Ethernet. If you have every looked under your desk you will see any number of small cubes of black plastic plugged in to different computer related devices. They covert 240 volts to a low voltage, devices require. More devices are becoming available that can be powered over an Ethernet cable and we have taken advantage of the latest VoIP phones and WI-FI access points to save having to seat them next to mains sockets. The security company being used is also taking advantage of the POE and can run a single Ethernet cable rather than power.

Being in Marsh Barton the site has a slow 6Mb broadband connection and Fibre is not available. We have therefore supplied a 4 way bonded ADSL, which used 4 phone lines and 4 ADSL services and bonds them together us a Cisco router. They now have 24Mbs download and 3.9Mbs upload, so a great improvement. The single ADSL VoIP line is 6 Mbs and will allow around 10 to 12 concurrent calls.

We have installed another Hosted VoIP system with 10 extensions including walkabout phones and a couple of different area code phone numbers. Being VoIP the handsets connect to Ethernet ports and can be moved around the site as required. The client is advertising in London and Bristol and has taken new numbers which are routed through to their Exeter office.

All in all a busy couple of weeks and lots to do.

Microsoft Office, what a headache

Microsoft Office 2013 (and Office 365) has been released a while now and we have installed many copies and even now finding the whole process of registering a real pain.

So what is the issue? The software can be supplied as a Code only version so no CD or DVD which in itself is not an issue. The licence has to be registered against an email address which is not too difficult and then allows the software to be downloaded and installed to the users PC. The issue arises when the user and email address leave the company and a new user and email address are to be used on the PC.

After much “Playing”, we found that to change the email address you visit the Office.com/setup web site re-enter the key of the licence then create a new account which takes over the licence. Trying to change the email address within the account, is a matter of multiple emails and verification, but we have noticed this has stopped working.

So if you are purchasing Office 2013, try to select a package with a DVD, it makes life easier and can save time.

New Server install

Last week we installed a new Microsoft Server 2012 R2 HP Server and new Windows 8.1 PC’s for a client in Marsh Barton.

The brief was to update their old 2003 SBS server with 4 clients to the latest Server 2012 R2, with 8 clients.

The server and workstations were all pre-configured in our workshop so the onsite install and disruption to the client was minimal, only 1 day. We restored data from their online backup in the workshop prior to the install which saved hours on-site waiting for data to transfer.

Email is managed via Hosted Exchange 2013, a cloud based service, which again allowed us to restore Outlook data to PC’s saving hours of waiting around on site.

The client was amazed how quickly the install went and that all was ready for each user to carry on working without disruption of more than 1 hour each.

A new UPS and backup solution was supplied including cartridge and online backup. The client makes great use of remote access, via VPN, and folder redirection of data was a must.

A new 75Mbs fibre broadband was installed upgrading from 4Mbs ADSL so a huge improvement in download and upload speed is noticed. This worked out at £5 per month more than they were already paying.

We are now looking at a VoIP phone system with our sister company Numberite.co.uk