4 plug-ins every WordPress site should have

WordPress Logo

A Content Management Systems (CMS) is a tool that business owners, web developers and others use to build their websites. There are loads to choose from, depending on your specific requirements, and WordPress, Joomla, Drupal, Magento, Umbraco, Squarespace, and Wix are some of the most popular.

If your website uses WordPress(WP) then you find yourself in good company. It’s by far and away the most popular CMS, being used by 32% of all websites. WordPress is popular for a number of reasons, the software is free (but you’ll still need hosting that will cost), it’s pretty easy to use and there are thousands of “themes” (designs and templates) that you can use to define the way your website looks and many of them are free to use. There’s lots of places you can turn to for advice and support and lots of professional developers who can customise your site so that is does exactly what you need.

Customising WordPress

WordPress is not perfect though, it may not do everything that you need. However, it’s an open system which means that if you understand how to write software you can create your own enhancements. You don’t even need to be a software developer to benefit. Somebody, somewhere has probably already had a similar need to yours and written something to do the job. Thousands of people have created additional enhancements and have made their tools available to everyone. These enhancements are called plug-ins. A lot are free whilst others require a payment, although the majority of these are inexpensive.

Plug-Ins

The downside to plug-ins is that each one you use makes your website run a little slower, and with Google beginning to penalise slow sites the speed of your website is something you need to keep an eye on. This means that you shouldn’t just keep adding plug-ins. You should make your choice, install your plug-in, give it a test and if it doesn’t do what you need then uninstall it.

Example of WordPress Menu

Not only should you keep your plug-in count to a minimum but each plug-in MUST be kept up to date. The authors regularly update them, some updates patch security flaws, some improve performance and/or add extra functionality and some updates are required to make sure the plug-in runs with the latest upgrades to WordPress itself – so you need to be regularly checking, unless you have a program that monitors then for you. Best case scenario is that nothing happens, worst case scenarios are that the unpatched plug-in breaks your website or a security hole lets a hacker in .

Three Ss and a B

Security, Speed, Search Engine Optimisation (SEO) & Back-up

Security

WordPress Plug-in Menu

Your WordPress site needs to be secure so that hackers can’t break in and do their hacking thing. Which could be to use your website host malicious software and force it on the computers of all that visit. They might create pages with links to their web pages, or look to capture details identifying visitors to your site. Thankfully, there’s a plug-in that will fortify your WordPress website against attack.

Speed

Your website has to be fast. To stop people drifting away, your pages need to open within 3 seconds. Slower that that and people will not wait. Slower than that and Google may start to penalise your site by pushing it down in their search results pages. There’s a plug-in that will keep WordPress running as fast as possible.

Search Engine Optimisation

In order for your customers to be able to find you in Google (or Bing, or Yahoo or one of the other search engines) the search engines have to be able to understand what it is your website is offering. The discipline that enables the search engines to understand your website and hopefully put your site on Page 1 of the results is called Search Engine Optimisation. There’s a plug-in that makes it easy to search optimize your site – so long as you know what you are doing.

Back-up

Hopefully you regularly back-up your business data. Well, you also should be backing up your website too. If you make an editing mistake and break your site, you can restore a working version, if something else breaks your website then you can restore a working version and if you have a problem with your host then a back-up will make it relatively easy to move your site to a new host. Guess what, there’s a plug-in for that too

So, which are the best plug-ins to use?

I can’t tell you that because there are thousands of the things but I can tell you which are the first ones that I install and configure on every WP website that I work with, in my mind they are essential and should be installed before you even think about developing your WP website

4 free plug-ins every WordPress site should have

WordFence for security

WordFence is a security enhancer. It is an “endpoint” firewall which means it cannot be bypassed, unlike a Cloud Firewall. This means that everybody trying to access the admin area of your site (both you as the site admin and the bad guys – the hackers) have to get past WordFence first.

It defends against “brute force” attacks, where a hacker attempts to guess usernames and passwords and after a certain number of failed attempts (you set the limit) it blocks the attacker, effectively making your website invisible to them. WordFence keeps a blacklist of known hackers (by their IP address) and automatically blocks them. WordFence also sends you an email when one of your plug-ins requires updating, making plug-in management a whole lot easier.

It scans your WP files for malicious software and if you need even more functionality (most users won’t) then the Premium version is just $99

Learn more about WordFence

Updraft Plus – for back-ups

Updraft Plus is a back-up plugin for WP. Now that you have secured your site from external threats you should look to guard yourself from internal problems, accidentally deleted pages, server/host issues, and (in the unlikely event of an intrusion) issues caused by hacking and penetration. It could even be something as simple as a WP, or plug-in, upgrade that breaks your site

To do this you need to be making regular back-ups of your WP installation and your content. Updraft Plus will do this for you. You can set a schedule so if you want an automatic hourly, daily, weekly back-up you just set the plug-in and it does the rest. You can even save your back-up to your Google, Microsoft or one of many other Cloud accounts,

Should you need to restore your WP site, Updraft Plus makes this easy too.

Find out more about Updraft Plus

WP-Rocket – for speed

WP-Rocket is the only plug-in on this list that doesn’t have a free version. However, the cost for a single site won’t break the bank at just $39.

What WP-Rocket will do for your website is make it faster to open on a visitors computer.It uses a number of tools to achieve this. It compresses your site for faster transmission across the internet, it manages images so that the only images downloaded are those that are visible on screen, if allows a web browser to cache key elements of your site so that they don’t have to be reloaded every time a visitor navigates to a different page. You can see everything that WP-Rocket does here.

Yoast – for SEO

In order to stand a chance of being found on the internet, your website needs to be “Search Friendly” which means that Google, Bing, Yahoo, Duck Duck Go etc can find your site, visit all the important pages, understand what’s on offer and (hopefully) put your site on the first page of the search results when someone is looking for your products, goods or services.

However, WordPress doesn’t make it easy and this is where the YOAST plug-in comes in to play. As long as you understand the requirements for effective SEO then the YOAST plug-in makes it easy to implement key SEO requirements.

Find out more about YOAST

So, there you have it, four essential plug-ins for your website before you start working on the design, the look, the feel and your content and if you need more help with your website, no matter what CMS you are using, your SEO or digital marketing then all you have to do is pick up the phone and give me a call on 01793 238020 or send andy@enterprise-oms.co.uk an email

007 in ‘For your GDPR Only’

MI6 headquartersWhen “M” has finished spymastering for the day, or pops out for a cheeky Nandos, we always see M locking the “Top Secret” files away in the office  safe. We know that’s so that no secrets will be discovered, even if an enemy spy (or the tea person) manages to gain access to the empty office.

In business, we need to be like “M”.

In a previous post I looked at Data Protection and the forthcoming General Data Protection Regulations (GDPR). However, I didn’t make it clear that the regulations don’t just apply to digital data stored on your IT systems and network but also apply to paper records too.

Anything that contains personal data, whether paper or digital, falls under the auspices of the Act, including the recordings from your CCTV cameras, phone systems (think “this call may be recorded for training purposes”) and biometric data – such as fingerprint or iris recognition systems used to unlock systems or grant access.

Keyboard with the word 'Privacy' overlaid

This means the files on your desk, the files in your filing cabinet, your paper archives as well as your electronic records, anything that includes personal data.

To start with, you need to ask yourself

  • Who has overall responsibility for the data you have and/or use?
  • What data are you holding, why are you holding it and where is it held?
  • Are your Privacy and Data Use Policies as good as they need to be?
  • How long do you need to keep data & how will you securely destroy it when you no longer need to keep it?
  • Who has legitimate access to it and who else can access it?
  • How secure is your building, your paper records and IT systems?
  • What happens out of normal business hours?
  • Can data be exported and removed without authorisation (to a USB key for example)?
  • Is your network connected to the internet and how secure is your connection?
  • Can your network be accessed remotely – is this secure?
  • Is your electronic data encrypted so, in the event of a breach, data cannot be accessed and used?
  • Can your network prevent unauthorised intrusion (hacking)?
  • How do you manage Subject Access Requests, (when someone requests to see the data you hold about them)?
  • How will you manage a data breach, whether it’s a hack, unauthorised file copy or unauthorised removal of paper records?

So, how can I help?

I can put you in touch with reliable IT companies and trusted partners 

  • Blob figure staring, "James Bond like" down the barrel of a gunthat will be able to inventory all of your IT and data assets.
  • who’ll test your network to see how secure it is and whether hackers are likely to be able to gain access
  • who will secure your network from external threats (hacking) and ensure that your remote access requirements are reliable, easy to use and secure.
  • who will help you secure your data inside the organisation and set things up so that only appropriately authorised employees can access the data they need to do their job and no more.
  • who will secure your network so that it’s almost impossible for data to be copied onto a USB key or external hard drive and removed from the organisation
  • who will put transparent encryption in place which means that it doesn’t slow anything down but is so strong that only GCHQ or the NSA would be likely to crack it.

Take the first step now, by giving me a call on 01793 238020 or emailing andy@enterprise-oms.co.uk to find out how I can help mitigate data security risks and start preparing for GDPR guidelines.

How much did your last cup of coffee cost?

Cybercrime is everywhere these days, in 2016 the cost to the UK was over £1bn with more than 5.5m cyber offences taking place in the UK every year. That’s almost 50% of ALL UK crime.

There’s lots of advice on passwords, I regularly write about them, and other security measures that you can take but did you know that even a trip to your favourite coffee shop could end up being far more expensive than the price you pay for your Triple Grande Decaf Soy Latte Macchiato and blueberry muffin.

Cup of coffee and coffee beansImagine the scene, you’re between meetings and decide to drop into your favourite coffee shop for a cup of coffee, a cake and to tap into their Wi-Fi to read your emails, refresh your knowledge in time for your next meeting or simply to surf the web.

Spoof Wi-Fi Hotspot
Sign fro free wifi hotspot
When you sit down and try to log-on to the Wi-Fi there’s frequently a selection of hot-spots to choose from. How do you know which is the free service provided by the venue and which is a spoof.

It’s very easy to set up a Wi-Fi hot-spot using a mobile phone, Mi-Fi type of device or laptop and allow other users to connect through this free connection. This means that all of the traffic can then be intercepted by the person providing the spoof account – what sort of important information is passed from your laptop through this connection? It could be your details to access your online banking, the log-in to your company network or the necessary information required to access your corporate email account.

Time for a comfort break

Laptop and cup of coffeeThen the urge hits, you look around and see that everybody seems respectable enough so you head off to the toilet thinking that your laptop is safe on the table. After all, nobody would nick in sight of all those customers, staff and CCTV cameras would they?

You’d be wrong. Laptop tracking service provider, Prey, found that areas offering free Wi-Fi were the second most common target for opportunistic laptop thefts – the only riskier place being left in a visible place in your car.

If stolen, it’s not only the inconvenience of replacing the laptop, reinstalling your applications and copying back your data [you do back-up your data don’t you?] it’s the additional costs that aren’t covered by your insurance.

The Ponemon Institute, a US cyber crime consultancy, put the real cost of the loss of a laptop and it’s data at nearly £31,000. This was broken down into £4,000 for the loss of Intellectual Property, forensics and legal bills adding around £1,500 with a staggering £24,500 attributable to the loss of income, customers and competitive advantage associated with a data breach

So, the next time you stop off for a cup of coffee and decide to log-on using their free Wi-Fi, just make sure you know which network that you’re connecting to and that you don’t leave your laptop unattended.

Why worry about Accreditations?

I do a lot of work for an IT support company in Bristol – Bristol IT Company – and at the bottom of their website is a list of badges, icons and logos, there’s a couple of ISO related ones and the rest come from well known (and less well known) brands in the IT sector but why are they there and why should you be concerned?

Bristol IT Company accreditationsWell, ISO’s easy, it’s a way of demonstrating a certain credibility by being assessed every year to ensure that we remain up to scratch. A lot of businesses have ISO9001 which is a quality management certification that demonstrates their commitment to consistently provide products and services that meet the needs of our clients. ISO27001 is an information security standard that demonstrates commitment to information security, both their own and that of clients.

The other accreditations come from manufacturers such as Cisco, Microsoft, Dell, Aruba, Cyberoam, VMWare and Veeam and demonstrate that the Bristol IT Company has the necessary skills to not only supply their equipment but to ensure that it is properly installed, configured and supported.

Why is this important
Let’s take a look at the security of your network – they have 2 vendors that are accredited with in this area, Cisco and Sophos. You can buy some Cisco & Sophos equipment on Amazon at competitive prices, have it delivered pretty much the next day and get it up and running very quickly. This might make you feel secure, after all Cisco are a market leader in networking and security – right?

Is this the right way to do things?
Probably not! Even assuming that you order the most appropriate device for your needs, installing equipment using the default settings could cause you a whole heap of pain.

Most hackers worth their salt know, and understand, these default settings making it really easy for them to penetrate your business’s network. It’s almost like advertising that you’ve installed the best locks in the world but have left a key under the doormat.

Not only that but the default settings are a “one size fits all” option that are unlikely to be best suited to the way your business works and could actually slow your network, and internet connectivity, down if left untouched.

You could probably find hundreds of internet forums where people discuss the settings but which ones are the best for your particular needs? Which ones speed things up without compromising security and which ones increase security without compromising speed and which ones are actually posted by hackers looking to lure you into making your network even more insecure?

Accreditation
That’s where accreditation comes into play. By buying your equipment from an accredited supplier, Bristol IT Company will first of all advise you on the correct product that most closely matches your existing and future needs, possibly saving you money – certainly saving you pain.

They then ensure that your network is made as secure as possible by changing default settings to something much more secure and applying their training, experience and skill to ensure that your network is as secure as it can be by optimising the setup and performance of your kit.

Still think accreditation’s just an icon on a website? Well, give them a call on 01173 700 777 or email andy.poulton@bristolitcompany.com to find out that there’s much more to it than a pretty picture

Are we already at war?

Are we already at war?
This is the first (of two) articles taking a look at the hacking and cybercrime that’s taken place in 2015. Part 2, to be published soon, looks at the simple steps we can take to enhance our security and minimise the threats from cybercrime.

2015
Cost of Cyber Crime in 2014Although we’ve yet to reach the end of 2015, there’s already been an unprecedented number of data breaches and hacks compared to previous years, measured by both the number of breaches and the amount of data exposed.

The graphic on the right shows the estimated cost of cybercrime for 2014. In 2015 the cost has increased by 14% according to the “Cost of Cyber Crime Study: UK“, conducted by the Ponemon Institute and sponsored by HP.

The institute conducted 326 interviews with personnel from 39 UK companies to assess the incidence and cost of cybercrime for businesses. and the latest news is that the very recent TalkTalk hack has cost the company £35m so far

Major data breaches in 2015

FebruaryBillion dollar cyberheist
Up to 100 banks were penetrated and more than $1bn stolen
  US health insurer Anthem
80 million patient and employee records including date of birth, social security
numbers, home and email addresses, employee information and more
May 2015 – BlueCross, US Health Insurance provider
11.2 million names, birth dates, email addresses stolen
    US office of Personnel Management
21.5m US Federal employees confidential data was accessed and presumed
stolen
June 2015Kasperski Labs (yes, the security vendor) was hacked
Technical information was stolen, thought to be industrial espionage by a
sovereign Nation State
July 2015 – Harvard University
One of 8 universities hacked in 2015 but it’s not known what information was
accessed (and stolen)
   Hacking Team
Hacking Team develop spy tools for government agencies and the breach
exposed 1 million emails including those of a sensitive nature from a number
of security agencies around the world
US Army National Guard
850,000 social security numbers, home addresses, names and other
personal information stolen
August – Ashley Madison
32m member’s data stolen and posted on the dark web for sale. The
ramifications are ongoing
September – John Brennan
CIA Director had his personal AOL email account hacked
October – TalkTalk
Major hack of the TalkTalk website and a lot of user data was stolen

In the US it is a legal requirement that all hacked companies make a report to the appropriate government department, however similar legislation has yet to be enacted in Europe so the reported incidents may just be the tip of the iceberg – and that’s assuming that hacked companies know that they’ve been hacked.

So who was behind these hacks and what was their goal?
hacker at laptop?At the time of writing, 4 people had been arrested, and bailed, for the The TalkTalk hack – 3 teenagers and a young adult although no charges have been brought.

Some hacks might be carried out by the stereotypical “spotty teenager in a bedroom” just doing it for fun, however the majority are likely to be carried out by more worrying groups, ranging from organised crime to extort money to government organisations.

The Ashley Madison hack looks to have been for the purpose of extortion, of both Ashley Madison themselves and their members (pay us £xx or we’ll let your friends and family know where you spend your time” etc).

Others will be industrial espionage, companies looking to gain a competitive advantage whilst the remainder might have been carried by departments acting for “state security” and it’s believed, although almost impossible to prove, that the Kasperski, US National Guard, US Office of Personnel Management & Hacking Team hacks were conducted by sovereign Nation States, believed to be North Korea and/or China.

These attacks by non-friendly sovereign nation states on infrastructure may even be attacks seen as acts of war.

Safer Internet DayWhy do hacks occur?
For some, it’s simply for fun, the challenge and the bragging rights.

However, there’s a lot of money to be made from the theft of intellectual property and business sensitive materials, and nations stand to learn a great deal about their friends and enemies. It’s widely believed, for example, that China has been “inside” US military design systems for many years which could explain why their military have made extremely rapid advances with the design and manufacture of new military equipment, including stealth planes, missile defence systems and drones in recent years.

Towards the end of 2015 we’re seeing that China is negotiating two way, anti-hacking, arrangements with a number of major economic partners, including the UK, USA and Germany, theoretically enshrining in law that the countries won’t attempt to hack China and China won’t try to hack them. However, even if the above is true they don’t need to hack any further if they already have access to core systems.

A cynic might also say that history indicates that China may not stick to it’s side of the deal, and even if they do – they can always ask their friends to do it for them.

Protecting your business and yourself.
Although I’ve mentioned high-profile attacks,  SMEs are also at great risk and so in Part Two I’ll be looking at some simple steps that you can take to maximise your security and minimise the risk that you are exposed to.

Has Anti-Virus software reached its “Best Before” date?

CrowbarFor many years, the security mantra has been

  • Mac good – invulnerable to viruses and hacking.
  • Windows bad – very vulnerable to viruses and hacking

 The reason was two-fold, whilst it’s true that the Apple operating system IS harder to infect with a virus, the main reason was popularity (or lack thereof). When 97% of the world was using Windows, why bother writing viruses and other malware for the extreme minority.

The traditional Windows solution was to install an anti-virus program from one of the many vendors and, for real “belt and braces” safety, protect your internet connection with a firewall. Hopefully all would be well and good, so long as you paid your annual anti-virus subscriptions and ensured that the virus definitions were regularly updated so your anti-virus program could identify the threats and keep you safe. (Free anti-virus programs for home users did a similar job, again provided they were kept up to date)

Crypto-LockerSignificantly Increased Risk of Infection

However, the upsurge in Apple popularity over recent years means that Apple devices are also targets of the cyber-criminals. And it’s not just Apple computers and iDevices that are at risk, the virus writers are also targeting Android devices, Microsoft phones and tablets and devices running Linux devices.

Anti-Virus is dead!

Brian DyeLast year, Brian Dye, Senior Vice-President for Information Security at Symantec (the company behind Norton Anti-Virus solutions) said, in an interview with The Wall Street Journal, that “Anti-Virus is dead”. What he meant was that cyber criminals were now able to write malicious software faster than Norton could be updated.

Whilst Norton, and all the other anti-virus programs, are not yet ready for the scrapheap they only detect around 45% of all attacks. As well as that rather disturbing stat, research by FireEye (A cyber-security provider)  indicated that 82% of malware detected by their security solutions stays active for just one hour and 70% of threats surface just once before disappearing and being re-written to avoid detection by the AV companies.

So, what should you be doing?

Security-padlockWell, I’ve said it before, but it’s always worth reiterating, security starts with education. Then you add as many layers of additional protection as you feel necessary, depending on how you use your devices and the level risk you feel you are faced with.

  • Never open an attachment unless you are expecting one and you know, and trust, where it came from.
  • Keep your Anti-Virus software up to date and continue to renew your subscriptions, it may only block 45% but that’s nearly half of all threats stopped before they have a chance to install.
  • Install a security App on your phone and tablet
  • Explore the new offerings from the traditional anti-virus vendors that look to protect your web browsing and protect you against spam, phishing attacks and other cyber crime threats.
  • Be alert for anything that doesn’t feel “right” and if something looks too good to be true – that offer of a full version of Microsoft Office on CD for £50.00 for example – remember, it probably is!
  • Use a different, complex, password for each website that you have to log in to. An App such as LastPass will help you create passwords, securely store them and “auto complete” the log-ins when you log in to those websites. (other password tools are available)
  • Ensure your Social Media accounts privacy settings are set to an appropriate level
  • Look at Bitdefender Safego,a free anti-scam service for Facebook and Twitter
  • Remain cautious when using any internet connected device

When “now” is too late!

Fire Escape SignLast week saw an underground fire in Holborn, London, lead to the cancellation of a number of West End shows, costing theatres thousands in lost revenue.

More than 1,900 homes and businesses were left without electricity when the power had to be cut for safety reasons, directly affecting around 5,000 people who were forced out of their homes and offices whilst the underground fire was brought under control.

A small number of larger businesses were able to continue functioning because they had suitable contingency plans in place to cover precisely this type of eventuality. These were the ones that had back-up generators to ensure a continuity of electricity supply which enabled them to continue their activities whilst all around ground to a halt.

A small explosionSo what provisions have you made for business continuity in the event of an incident that leads to you having to vacate your offices?

Remember, this fire, although disruptive, was not classed as a “major” incident and similar issues could happen almost anywhere, at any time. Would your business cope, could it survive should you have to be evacuated, without warning.

What would be the impact on your business if you couldn’t access your office for hours, days or even weeks?

How do you manage the data and documents that are critical to the survival of your business?

Would your business be able to move seamlessly to a different location, would your key staff be able to work from home or elsewhere?

How do you manage and store the documents that are essential to the running of your business? Are they stored on your laptop/PC, on a server, back-up, in the cloud or a USB stick?

Are your clients and business contacts in a Customer Relationship Management application, on a spreadsheet, on your phone or in your head?

How about your financial records, are they saved in Excel or a dedicated software application?

Bits and BytesThere are many ways to store and manage your essential data, you just have to be sure that you can access the business critical information from a location away from your office.

Companies most reliant on data may have back-up locations, complete with computers and data connectivity that they can move key personnel to, ensuring that service and continuity continues with the shortest of interruptions.

Smaller businesses might have file servers storing their data attached to their network with back-up devices regularly creating copies with the back-ups being taken off-site.

Micro-businesses and sole traders could make effective use external hard-drives, whether attached by USB or shared on a network, automatically cloned to one of the numerous, and inexpensive, cloud data services.

Remember, it’s too late to do anything about business resilience once an incident has started.

The Google “Red screen of Doom”

I had a telephone call from a former client a month or so ago. He was in a bit of a panic because we was suffering from the Google “red screen of doom”. Having been in IT for a while, I’ve been familiar with Microsoft’s “blue screen of death” but this was something that was new to me, or so I thought and so I asked for more information.

He asked me to do a search for his company on Google – which I did – and his company came top of the search results, which was good. What was less good – much less good – was the stark warning, inserted by Google, that “This site may harm your computer” .

This site may harm your computerAha, Google was warning that the website had been hacked and was now serving malware to visitors.

I switched to my Chromebook – which is impervious to all known computer malware – and clicked through to the website – only to be blocked by the “Google red screen of doom”

Google's red screen of doomAlthough there was nothing to buy on my client’s site, it did host a range of technical papers and specification sheets that were vital for his clients and this attack was already having an impact on his business. Action was desperately needed.

The site was originally built 7 years ago and nothing much had changed, including the access data required to log-in to the host. So, I logged in and saw that a number of .js files had newer dates on them than the rest of the content, confirming that the site had been hacked and a small number of files altered so that they could be used to force malware downloads on to the computers of unsuspecting visitors.

The next step was to delete all of the website files, just to be on the safe side, and create a new, simple, home page with contact details and links to the most popular PDFs so that clients would be able to access the information they required.

Next was to see what Google had found by logging in to the Google Webmaster Toolkit account for the website- www.google.com/webmaster.

There were a number of warnings relating to suspicious activity on the site that had gone unread, simply because my client had changed email addresses, was unable to access the original email account and had not updated his Webmaster Tools account with the new address.

Webmaster Tools advised of the type of threat that had been set up on the site and provided other, valuable, information along with a reporting tool that enabled me to advise Google of the actions taken to remove the threat.

Clicking “Send” was quickly followed by a confirmation message from Google that they would look at my message within 18 hours – a time frame that I thought was commendably fast. They were as good as their word and within 18 hours had checked the website to make sure it was clean and had removed all warnings and red screens of doom – my client was back up and running.

However, we didn’t leave it there. The original site was old, used old code and the web hosts weren’t the most responsive – telephone calls to their support line either went unanswered or, when answered, were as much use as the proverbial chocolate teapot and so the decision was made to move the hosting to a more secure provider and to work on a plan to develop a new website.

The moral of this tale is simple. Make sure that you use the Google Webmaster Toolkit!

It’s the only way to let Google know what you’ve done should your site fall victim to an attack, keep your Toolkit account up to date and only use a web host that you know provides good security and a decent level of support.

And please don’t think that you’re immune – small businesses are the most targeted, the presumption being that their security is weaker than measures put in place by larger organisations and there are a number of websites that I keep an eye on that are attacked many times a day. However, being hosted on a secure platform with monitoring in place means that I am kept aware of the threats and can take remedial action, if required, very quickly.

To date, none has been required.

If you are worried by the security of your website, or your IT systems, please give me a call on 01793 238020 or email me, andy@enterprise-oms.co.uk for a confidential, impartial, and free chat about your security concerns

 

 

Chromebook Diaries – The Chromebook has landed

Andy, checking out websites as part of his workMy trusty Toshiba laptop is coming up on 3 years old and is beginning to show its age. Like its owner, it’s heavy, getting slower with age and just looks too chunky.

I have been agonising over its replacement for a while. I was taken with Windows Ultrabooks, great performance, quality screen and fantastic battery life, up to 5 hours but less than engaged by their prices, from £700 up.

I’ve also been looking at the Chromebooks which are basically small laptops with 11.6″ screens, fantastic battery life and running Google’s Chrome operating system rather than Windows. I even wrote about Chromebooks in an earlier post.

Larger screen Chromebooks are now available in in all cases battery life is as long as 9 hours, so all day computing without a charger is a realistic aim and they are impervious to viruses and other forms of malware.

Toshiba Satelite NB10 compact laptopScreen quality is perfectly acceptable but build quality, according to reviews, has been variable. However, since Xmas 2013 more and more manufactures have been releasing models using Intel processors for better performance, compared to the Samsung processors used in older Chromebooks, and manufacturers such as Toshiba and HP have released Chromebooks with larger screens, a 13″ from Toshiba and a 14″ from HP

However, I have been wary of the leap away from Windows and that has held me back, particularly after discovering a Toshiba of a very similar size to the 12″ Chromebooks, with a touch screen and Windows 8 for not a lot more money than a Chromebook, around £300 compared to the typical Chromebook price of £200 to £250.

So, I continued to sit on the fence.

Then Dell released their take on the Chromebook, an 11.6″ screen, excellent battery life, Intel dual core processor, light weight and, more importantly, 4Gb RAM.

With excellent reviews and a keen price, my mind was 90% made up. Then I spotted a great deal on eBay just as the Dell delivery date slipped from days to months, my decision was made and on Tuesday July 8th I picked up my ever so slightly used Dell Chromebook.

How much did your last cup of coffee cost?

HOW MUCH DID YOUR LAST CUP OF COFFEE COST?

By  on May 27, 2014

Coffee - how much did your last one cost?Imagine the scene, you’re between meetings and decide to drop in to your favourite coffee shop for a steaming hot cup of your favourite coffee, a cake and to tap into their Wi-Fi to read your emails, refresh your knowledge in time for your next meeting or simply to surf the web.

Then the urge hits, you look around and see that everybody seems respectable enough so you you head off to the toilet thinking that your laptop is safe on the table. After all, nobody would lift it in sight of all those customers, staff and CCTV cameras would they?

Laptop tracking service provider, Prey, found that areas offering free Wi-Fi were the second most common target for opportunistic laptop thefts – the only riskier place being left  in a visible place in your car.

If stolen, it’s not only the inconvenience of re Laptopplacing the laptop, re-installing your applications and copying back your data [you do back-up your data don’t you?] it’s the additional costs that aren’t covered by your insurance.

The Ponemon Institute, a US cyber crime consultancy, put the real cost of the loss of a laptop and it’s data at nearly £31,000. This was broken down in to £4,000 for the loss of Intellectual Property, forensics and legal bills adding around £1,500 with a staggering £24,500 attributable to the loss of income, customers and competitive advantage associated with a data breach

SPOOF HOTSPOT
When you sit down and try to log-on to the Wi-Fi there’s often a selection of hotspots to choose from. How do you know which is the free service provided by the venue and which is a spoof.

It’s very easy to set up a Wi-Fi hotspot using a mobile phone, Mi-Fi type of device or laptop and allow other users to connect through this free connection. However, all of the traffic can then be intercepted by the person providing the spoof account – what sort of important information is passed from your laptop through this connection? It could be your details to access your online banking, the log-in to your company network or the necessary information required to access your corporate email account.

So, the next time you stop off for a cup of coffee and decide to log-on using their free Wi-Fi, just make sure you know which network that you’re connecting to and that you don’t leave your laptop unattended.