Let’s answer the easy question first, “do I need 2FA”? The simple answer is “yes”, you do need Two Factor Authentication (2FA). Now read on to learn more about what it is, how it works and how it can secure your data and online activity

I’ve written in previous posts about passwords, hacking, identity theft and the threat to our privacy, data and businesses from cyber criminals. As you might imagine, the number of attacks is increasing, as is the sophistication.

Why are Cyber Attacks increasing

Simple! The number of websites that we log-in to continues to increase and
many people use one password across many websites. As you can see from the list on the right a lot of people use passwords that are less than ideal. The cyber criminals know this which makes it a gift for them.

Some people think they are safe because they have 3 passwords. A simple one for common sites where they don’t see a threat (posting comments to newspaper websites for example), a medium one that they use for on-line shopping and Cloud storage sites (DropBox for example) and a really complicated one for their “secure” sites, such as bank access etc.

After all, just trying to remember pWa#eeAS7uNggK49 is a challenge but if you have to remember a different one for every single website it becomes a real challenge. You might jot them down in a notebook or diary but what happens if you loose your book, or just leave it on a train. Not only have you been frozen out of your accounts (until you work your way through all those “forgotten password” routines) but your security has been seriously compromised.

Some people, like me for example, use password manager. These apps create a secure password for ever site that you log in to and make it available across desk-tops, lap-tops, phones and tablets and don’t cost very much at all. But even if you use one how secure are you, actually?

If a site that you use your super strong password on is penetrated and data stolen, your strong password is about as much use (from a security perspective) as the infamous chocolate teapot. And if you have used this super-strong password on more than one site you are at an even greater risk of becoming a victim of data theft. With more than 6,474m email addresses in the wild for cyber criminals to use and 551m passwords stolen in security hacks the criminals job gets ever easier.

Use the Have I been Pwned website to see whether your passwords have been stolen by cyber criminals or nabbed in a data breach and read more about the risk, and how the criminals use this stolen data in a previous post.

What’s the Solution

It’s actually fairly simple. It’s called two factor authentication [2FA] or multi-factor authentication. This is where another layer of authentication is required, beyond your user name and password.

In the early days of 2FA sites would send you a text with an access code so you could only log-in if you had your phone with you [and had a mobile signal]. This extra layer of security hit the cyber-criminals hard, until they realised that intercepting text messages was not particularly difficult if you were tech-savvy so something else was required.

The banks solved this problem by providing you with a device like the one to the right, this one’s from HSBC. At the website you enter your user-name and pass-code as normal, enter a PIN in the device and then enter the displayed number from the device in to your banks website. It may feel like a pain but it really does have a positive effect on the security of your on-line banking. A criminal needs a your user name/password, access to a device as well as your device PIN

Having a device for every website is pretty clunky so Microsoft and Google released authentication apps for Android and iPhones. The way they work is they generate a six digit code, as can be seen in the image on the right, and the website that you are looking to access requests this code after you have entered your user-name and password – as demonstrated in this screen-shot of my LastPass password manager.

All I have to do is launch my Authenticator App and enter the six digit password. For additional security, the code changes every 30 seconds or so

Hardware Security

The final security solution is the physical “Key” such as this one from Yubikey. This is a USB device that simply plugs in to a USB port on your computer and allows you access to secured sites – or even your computer itself.

If you are worried by your security, or need any help with your internet activity, from a new website through social media and on to other online marketing opportunities then just send me an email – andy@enterprise-oms.co.uk or give me a call on 01793 238020

The Deep Dark Web

The “Dark Web” has been in the press frequently over the past couple of years, associated with tales of hacking, the sale of personal information, credit card data, drugs, weapons and other illicit items. However,  there’s been very little by way of explanation as to what the dark web is and how you go there and this item looks to answer that, purely for research purposes of course.

A number of news stories have also referred to the “Deep Web” which has lead to a degree of confusion, as if the media consider the two to be interchangeable.

So, just to clear up any confusion here’s an explanation of the differences between the Deep and the Dark Web.

Let’s start at the top

The “Surface Web” is the web we all know and love, the websites we visit and the sites/pages that we find using Google/Bing/Yahoo and other search engines. And there’s the key, it’s only the parts of the internet that the search engines know about.

Just visit any website and click a few links, you’ll be doing the same thing that the search engines do, visiting websites and following links to find pages that they can present to you when you’re looking for things.

What is The Deep Web

Simply put, the Deep Web is just the area of the internet that is beyond the reach of the major search engines.

As an example, just go to www.britishairways.com and try to find a holiday to the Nautic Hotel between 7th and 14th October in Mallorca without using the search facilities.

It’s not that easy, in fact it you might find it confusing/difficult/impossible. You’re not alone, the search engines do to because they can’t get much further down than the first 3-4 layers. At least this is getting better because Google, Bing and the like are always looking to improve the way they manage such challenges but it’s still a struggle for them.

Websites can use code, called robots.txt, to actually block the search engines from certain pages so that they are difficult to find, deliberately. Websites with members only pages may choose to do this, for example.

As you can see, the Deep Web is neither illicit nor scary, it’s just out of reach of the major search engines.

What is the Dark Web

This is where things get really interesting. The Dark Web is a small portion of the web that is intentionally hidden and encrypted and which cannot be accessed through your typical web browser.

To access the Dark Web you need a specialised web browser that enables you to tap into the the TOR network. TOR, short for ‘The Onion Router’, so called because it uses many layers to both encrypt the data that moves around and to make it almost impossible for the authorities to trace internet activity back to a particular user and location. Great for security and anonymity which is why TOR was originally designed by US Intelligence agencies to enable American spies to securely communicate with their parent organisation and not reveal their location and identity.

The code was officially released to the public in 2004, and it’s still used by human rights groups and the like in repressive and unsafe countries to communicate with the outside world, but like almost everything it has also been subverted by those with criminal tendencies and put to a darker use.

You might recall that a couple of years ago the media was full of stories about a Dark Web website called Silk Road. This was like an eBay for criminals, a place where you could buy illegal items such as drugs & weapons and engage criminals to carry out illegal activities on your behalf, hacking for example.

The Silk Road was eventually closed down by the authorities but similar sites still exist if you know where to look and how to access them.

The first step is to download the TOR software, it’s free and pretty easy to find. However there’s no Dark Web version of Google – you have to know your way around if you want to find the illegal stuff – I don’t and wouldn’t broadcast it even if I did know.

I may not be able to help with your journey to the Dark Web but if your Surface Web needs improving or your Deep Web needs surfacing to make it easy to find, then get in touch, andy@enterprise-oms.co.uk or give me a call- 01793 238020 and I’ll dive in and see what I can do.

The recent “WannaCry” Ransomware attack that hit the NHS (and more than 200,000 other victims across 150 countries) has focused attention on the CryptoCurrency called Bitcoin.

There have been numerous calls to outlaw Bitcoin and other CryptoCurrencies but there’s a lot of mis-understanding and a belief that they are only used to fund criminal activities.

In fact, over the last couple of years there have been numerous articles in the mainstream media about Bitcoin. Most have focused on their use by the criminal fraternity, whether for the payment of Ransomware ransoms to decrypt company data through to the purchasing of illegal weapons and drugs on the Dark Web, including The Silk Road, a dark web site where drugs, weapons and illegal services were traded online – before the site was taken down by the FBI in 2014.

However, Bitcoin, and other digital currencies, are now experiencing a significant uplift in their use for legitimate purposes and we thought that this is an ideal time to send out an explanatory email so that you can be better informed.

We’ll be looking at

• • What is a digital/virtual currency?
  • What is a Bitcoin?What is Distributed Ledger Technology / Blockchain?
  • How do I get digital money?
  • How can I spend digital money?
  • Where do I keep my Bitcoin?
  • How safe/secure is my digital money bank?

What is a digital/virtual currency?

A virtual currency is simply a digital form of money for online transactions. Virtual currencies only exist electronically, there’s no bank notes or coins and no bank deposits, hence their description as a Virtual Currency.

Virtual Currencies bring innovation and benefits to more traditional forms of banking and financial systems. Transactions are much cheaper and faster with international payments being much simplified due to freedom from exchange rate worries and bank transfer fees.

This means there are no currency exchange barriers, digital currencies are genuinely international, unaffected by national boundaries and traditional currency issues and associated exchange rate issues – until you want to exchange them for traditional cash.

The most well known Virtual Currency is Bitcoin although other examples include Dogecoin, Ether, Dash, Litecoin and Stellar.

In the early days, Virtual Currencies were seen as a way to pay for online transactions but these days you can use them as a form of payment in physical stores. There are even Bitcoin ATMs where you can buy and sell Bitcoins from your account – there are 20 in London alone and a total of 60 across the UK

What is a Bitcoin

All digital currencies only exist in the virtual form, being recorded in a public Distributed Ledger which is basically a secure database of digital currencies and which holds a record of every Bitcoin transaction

Bitcoins were one of the earliest forms of virtual currency, first introduced in 2008. In 2013 Bloomberg effectively endorsed the legitimacy of Bitcoin by testing Bitcoin on its trading terminals and later that year the US Federal Reserve gave their apparent blessing, stating that Bitcoin “may hold long-term promise, particularly if the innovations promote a faster, more secure and more efficient payment system” and is the most well known form of Digital Currency. In 2014 our own HMRC classifies Bitcoin as assets or private money which means that no VAT will be charged on the mining of, or exchange of Bitcoin. Later that year, Microsoft started accepting payment made by Bitcoin and a 2015 HMRC report on digital currencies further marked the acceptance of Virtual Currencies by mainstream financial services.

What is the Blockchain

The Blockchain is a database that records all Bitcoin transactions. It’s basically a distributed database, is totally separate from the banking industry and free from central interference.

Transactions are recorded in the form of payer x sends y bitcoins to payee z and payments are verified and validated and added to the Blockchain

How do I get digital money

Believe it or not, it’s possible to make your own, legitimate, Bitcoin through a technique called “mining” which uses high performance computers to carry out sophisticated cryptological processing to effectively make new currency that’s then added to the Blockchain.

However, it’s not as easy at it sounds and most people simply buy their Bitcoins, and other virtual currencies, through more traditional routes – including the Bitcoin ATMs mentioned earlier in this article

How can I spend digital money

You can use Bitcoins to purchase traditional currencies, products and services and you can acquire Bitcoins in a similar manner.

Small amounts of Bitcoin can be traded. They are the millibitcoin (0.001 bitcoin), microbitcoin (0.0000001 bitcoin) and the satoshi which is the smallest amount and named after the inventor (0.00000001 bitcoin)

As noted earlier, transactions follow payer x sends y bitcoins to payee z format. Although transactions on the Blockchain are open to inspection, the reason why Bitcoin is so attractive to criminals is that transactions are pseudonymous. This means that “payer x” is only identified by his or her Bitcoin address.

In 2014, Bitcoin Payment Service Provider (A PayPal for Bitcoin) started accepting Bitcoin payments for tickets and concession sales at the St. Petersburg Bowl in the USA and in 2015 Barclays started to accept Bitcoin, the first UK high street bank to do so. Over 100,000 establishments were accepting payment by Bitcoin by the end of 2015.

You can buy technology from Aria and Dell, pre-owned technology, media and games from CeX around the UK, you can sign up for language courses, buy a beer and a meal in a pub, book theatre tickets, accommodation, home and garden furniture, new windows and much more – full list of UK companies accepting Bitcoin here.

In 2013 a Bitcoin was worth $13 and at the time of writing a Bitcoin would cost $1,033.43 ( £830.81) having peaked in 2017 at $1216.73.

The downside is the lack of protection because virtual currencies lien outside of the established banking regulations, Bitcoin users are not protected by refund rights or chargebacks and transactions are non-reversible.

Where do I keep my Bitcoin?

Your Digital Wallet stores all the information required to transact bitcoins. Although they’re frequently described as a place to hold, or store your Bitcoins, the reality is that Bitcoins ONLY exist in the Blockchain and your Digital Wallet simply stores your credentials to access your Bitcoin holdings. It’s similar to the way your debit card doesn’t store your money but allows you to access your account and arrange for the transfer for funds from your account to that of the seller.

How safe/secure is my digital money bank

Because your Virtual Currency is held centrally, there’s actually nothing to steal, in the conventional sense.

However, your Wallet needs to be secured. You need to use a strong password – and don’t forget it because there’s no password recovery routine. Lose your password and you lose your Bitcoin.You should keep your Wallet backed up, preferably in a number of locations, online, USB etc. Just as you would for your other computer data

So, is traditional money dead?

Far from it, and it’s probably a long way from dying simply because each country likes to have it’s own currency regulations in place and the fear associated with the disruption that Virtual Currencies will cause.

As a result, banks are making it easier for customers to spend their traditional money. We say the introduction of cheques – now on the decline. Credit and payment cards that facilitate the easy transfer of money. Internet banking, making it easier to manage our own funds. Contactless payments speeding up transactions, Apple and Android Pay., facilitating payment by simply tapping your phone on a payment terminal and the migration of these services to Smart Watches. Soon, you’ll have contactless payment capability added to pieces of jewellery (A payment wedding ring anyone?) followed by the embedding of a suitable chip under the skin of a fingertip.
However, as world governments become more centralised, the benefits of Virtual Currencies may begin to outweigh the pressures (and costs involved) to maintain more traditional Fiat based monetary systems and all we can suggest is that you watch this space.

I’ve been a LinkedIn member since August 2005, apparently was one of the first million subscribers and have found it an invaluable tool for network building, staying up to date with, and in contact with, my Connections and even generating enquiries.

LinkedIn History
LinkedIn was started in 2002 by Reid Hoffman with money his stake in PayPal when it was sold to eBay. From that small beginning LinkedIn has become the No.1 business networking site, a Facebook for business if you like and now has more than 440m subscribers.

In 2011, LinkedIn went public (IPO) at $45 per share, raising $350m and valuing the company at $9bn, making it one of the most successful public offerings since Google in 2004.

Linkedin’s share price very quickly doubled and continued to rise, peaking at $269 in early 2015. After that it’s been a bit up and down and fears of a downturn earlier this year saw share prices falling to $101 in February after which there was a recovery to $135 in May

Then, to everyone’s surprise, in June 2016 LinkedIn was bought by Microsoft for $26.2 billion (a significant $61 premium on the share price), in an all cash deal, making it Microsoft’s largest acquisition by a long way

Why did Microsoft buy LinkedIn, where did it see the value and what will it do with this highly respected business networking site?

Although Microsoft and LinkedIn don’t, at first glance, appear natural partners, they are closer than you might think. Under Satya Nadella, Microsoft’s CEO, there has been a strong move away from consumer software and operating systems (Windows) to business and cloud subscription services such as Office 365, enterprise solutions like Microsoft Dynamics and cloud storage – Onedrive and it’s possible that this, allied to the fact that LinkedIn has over 440m active users, helped in the decision making process, that’s just over $59.54 per user.

The addition of Skype (Microsoft owned) to LinkedIn could make the platform even more attractive, allowing voice and video conversations to take place within LinkedIn (possibly limited to LinkedIn subscribers).

Potential Benefits
LinkedIn already has some really basic Customer Relationship Management tools built in to “My Network” which enables you to add Tags to your Connections so that you can search by your own custom categories as well as directly Message groups of contacts.

Now, imagine how much more powerful this would be if there were full CRM functionality.

• Send emails to your Connections with a click with the contents held in the Client account
• Have incoming emails automatically added to client records rather than a simple folder in Outlook.
• Grouping sent and received emails together, in your Contact records
• Click to call via Skype
• Click to Video call via Skype
• Click to open pre-templated documents through Office 365 and have them stored in Contact records

The reality is that the world is their oyster – with a little thought, good programming and over 430m pre-existing accounts there’s a great deal for Microsoft to leverage..

Lynda.com an Outstanding Resource for Learning
It’s also easy to forget that LinkedIn owns lynda.com. An online education provider with more than 3,000 online learning video courses, created by industry experts and covering topics across business and leadership, creative and technology.

A service that was described as “an outstanding resource for video based learning” by PCmag

What happens Now
Although the deal has been approved by both boards and is expected to be finalised by the end of this year it still needs approval from a number of regulatory bodies

Microsoft have said that “LinkedIn” will retain its distinct brand, culture and independence which is good news for fans and users, although analysts at Credit Suisse have said “We recognise that Microsoft will be able to realise several strategic synergies”

A side effect of the sale has pushed Twitter shares 5.5% higher on speculation that it will be next to go, perhaps to Google – which has expressed interest on several occasions in the previous 4 years.

What actually happens is still to be decided but I’ll keep you up to date as, and when more news becomes available.

In the meantime, if you need help with LinkedIn and want to learn how it can really help you grow your business just get in touch for a free chat, give me a call on 01793 238020 or drop me an email at andy@enterprise-oms.co.uk

If you have a SmartPhone and it’s not an iPhone, not a Windows Phone and not a Blackberry then you probably do, and this puts you at serious risk.

Simply put, using a flaw that’s been called “StageFright” hackers could easily steal contact information, personal details, track your location and install malicious apps without your knowledge.

All they have to do is send you an infected MMS, effectively a text message with a picture, and just receiving the message is enough to infect your phone.

Security provider, Lookout, has developed a free test that will check whether your phone is at risk, there are probably other tests but I use, and trust, Lookout which is why I’ve made this recommendation.

If you are vulnerable, Lookout will advise you as to how you can minimise the risk, but you can do this without running the test, if you wish.

Open your Text Message App, go to “Settings” and disable “Auto Retrieve”. You might have to do the same for Google Hangouts and Facebook Messenger too, if you use them.

Now, Google is working hard on a fix but it’s not going to be rolled out for a little while due to a whole range of complexities”

Over the past couple of weeks there’s been quite a lot of chatter in a variety of media channels about two relatively new Apps, called Meerkat and Periscope.

They both do the same thing, enabling you to broadcast live video (streaming) from your iPad or iPhone. Meerkat has an Android App under development and I’m sure Periscope won’t be too far behind with Microsoft and Blackberry probably following later.

One way of thinking about both Apps is as though they offer live video selfies although there’s a lot more to them than that.

Although Meerkat was first to market, Periscope was quickly snapped up by Twitter and so quickly generated a great deal of interest. Both apps are available through the iTunes store and are easy to download.

So, what are they, who are they, how do they work and what do they do?

Once you have downloaded your App and signed in through Twitter – yes, you have to have a Twitter account because that’s where your broadcast is published, all you have to do is to point your camera at your topic of interest and start broadcasting.

As soon as you start broadcasting, a Tweet is sent to all your followers so that they can tune in and watch your stream.

What do people stream?

Business tips, health tips, recipes and cooking, news and updates, views from around the world and TV broadcasts – the recent Pacquiao / Mayweather bout was live streamed by someone pointing their iPhone camera at the TV and causing great angst among the Pay Per View broadcasters because they were charging £20 in the UK whilst App users could watch it for free.

What are the drawbacks

Well, it’s another Social Media channel that you might have to pay attention too, but more importantly there’s the potential cost. If you are streaming on Wi-Fi then you’re OK but if you’re broadcasting on 4G then you might find that you eat through your data allowance pretty quickly and, if you are not careful, even run up some hefty data charges

So, is it a game changer?

It’s really too early to say, the Apps have only been around a couple of months. A lot of tech journalists have used them to stream from major tech shows, product launches and demos, just like live news broadcasts and just like any live broadcast you have to watch it live or miss it.

In my opinion, it’s certainly one-to-watch and if you have any questions, please don’t hesitate to get in touch

We are all familiar with Google as a search engine, in fact for most of us it’s the first place we go online when looking for something, and for many of us it’s our browser’s default home page.

But have you ever looked deeper and worked out how to make Google work harder for you?

Here’s a short list of 17 ways that you can fine tune Google and use it more effectively.

1. Use search operators
Google does a pretty good job of working out what you’re looking for, but the more specific you are the better your results will be.

Using operators does just that, so for example enclosing a phrase in quotation marks  “like this” searches for that specific phrase, adding a minus sign excludes that word (salsa recipe -tomatoes) and using OR gives Google a choice, eg. World Cup location 2014 or 2022.

2. Search a single site
You can restrict your search to a single website by using the site: operator, so for example if you wanted to look for Android content on TechRadar you might type android site:techradar.com

3. Get definitions
The define: operator, as you might expect, gives you definitions so define:search gives you the dictionary definition of search and synonyms such as hunt, look, scout and dig.

4. See what’s on
Fancy a film? Movie times Bristol tells you what’s on in that particular city, and if you use a specific cinema name, such as movie times Cineworld, you’ll see what’s on in that particular cinema.

5. Find similar sites
Here’s another handy operator: Related. This one helps you find pages that are similar to one you already know about, so for example related:techradar.com tells you about sites related to tech Radar..

6. Do sums and currency conversions
You probably already know that Google will carry out sums if you type them in the search box  4*15 gives you 60, 2*2*3*4 gives you 48 but it can also convert units and currencies. Convert 200 USD to £ converts dollars to pounds, and you can also convert measurements such as distance, weight and temperature.

7. Get nutritional information
Some food-related searches will display nutritional information, so looking for chocolate cake will display the calories, nutrients, vitamins and fat in a typical recipe.

Where it gets clever is when you tell Google to compare things, such as compare apples and oranges or compare bacon and tofu.

8. Get essential info, fast
You can quickly check details on Google. Type weather and you’ll see the current conditions and a seven-day forecast; add the name of a town to get the weather report from a different location.

Type flight BA1491 to see the status of a flight, time New York to see the local time in that location, sunrise London to see when the sun’s coming up or GOOG to see Google’s stock information.

9. Search by location
If you type a generic term such as “Italian restaurant”, Google will show you results in and around your current location along with a map showing where they are. If you’d rather be more specific, enter the postal code at the end of your query.

10. Use your voice
If you’re using Chrome, Android or the Google iOS app, you can search by voice: press or click on the microphone icon and tell Google what you’re looking for, provided you have a microphone plugged in of course.

If you have an Android phone running the latest version all you have to do is say “OK Google” when the search bar is visible and you can dictate your search or other commands directly.

11. Filter your image search
Image search often throws up seemingly unrelated pictures, so filter your searches. Some terms produce all kinds of search results, so for example an image search for “heather” brings you plants, Heather Graham and Heather from EastEnders.

Google will offer to filter those results for you, so, for example our search for heather gives us the options “plant”, “flower”, “EastEnders”, “Scottish” and so on.

You can use the Search Tools button to filter by size, colour, type such as photos of people or illustrations, time and whether you can use the photos without payment.

Remember your operators too: heather -graham produces a screen full of Heathers but no Heather Graham.

Finally, if you drag an image to the Google search box it will search for similar images

12. Filter your web search
If you click on Search Tools you’ll see four filtering options: The country, so for example in the UK you can search anywhere or limit your results to UK websites; the date and/or time of publication, ranging from the last hour to the last year; by reading level; and whether Google should use your current location.

13. Find out what links to what
It’s easy to discover who’s linking to your site, or to any other page you want to know about: Just use the link: operator, link:techradar.com tells you who’s linking to us.

14. Find specific files
The filetype: operator enables you to search for specific kinds of file, such as Word documents or PDFs. Google indexes most things, so it’s just a matter of dropping the dot from the file extension and searching for filetype:xml, filetype:svg or filetype:cs. It’s important to note that Google only searches for the file extension, so an XML document that isn’t saved with the .xml extension won’t show up in a filetype:xml search.

15. Translate from one language to another
Now you can quickly offer flowery insults in any language. Need to translate something in a hurry? Just type translate language A language B (where language A is the language you’re translating from and language B the language you’re translating to) and you’ll see a big friendly translator at the top of the page.

16. See what others are searching for
Google Trends shows you what others in your country are searching for, with occasionally puzzling results: at the time of writing the UK is interested in Boris Johnson, FIFA 15 and Vitamin D. Google even provides a screensaver that shows you real-time searches – presumably with filtering to screen out the scary stuff.

17. Uncover Easter eggs
Travel in style, or at least pretend to with Google Maps. If you search for Google in 1998 you’ll see Google as it was when it first launched. It’s not the only Google Easter egg: searching for the “Harlem Shake” in YouTube makes the screen dance while “do a barrel roll” will spin the screen around. In maps, getting directions from Fort Augustus to Urquhart Castle in Scotland enables you to travel by Loch Ness Monster.