How To Protect Your Online Privacy

If you have read my blog recently, you will know that I had my PayPal account hacked a couple of weeks ago. It’s pretty embarrassing for me to get caught out since I have been involved in IT Security for over 10 years, but it shows that if it can happen to me, it can also happen to most of you who are reading my blog. So here are some helpful tips to ensure that you aren't the next one to end up with egg on your face and a hacker in your PayPal account.

The Online Golden Rule That I Broke!

I’m pretty convinced that my password was compromised because I made the schoolboy error of using the same password for PayPal as I had used for another Internet site. That site was probably hacked specifically to get hold of the web site's password file so that the hacker could try the email addresses and passwords on shopping sites such as Amazon and PayPal. When they tried my email address and password in PayPal, they would have thought that they had struck lucky. Fortunately for me, I saw the email payment confirmation from PayPal on my iPad, so I reported the incident to PayPal and changed the password within 20 minutes. Credit goes to PayPal who acted to return my £680 within 48 hours.

How Easily Can Hackers Get Your Passwords?

It is distressingly easy for Internet criminals to get hold of your PayPal / Amazon passwords. All they need to do is get hold of your password for another Internet site and then simply try it on Amazon, PayPal, or any number of other Internet shopping sites. If you are a Twitter user, have you ever seen any emails like this one?

If you have, and you clicked on the link, you probably also gave the bad guys your Twitter password, and if you use your Twitter password for PayPal, Amazon etc. please stop reading this blog post and go and change those passwords now!

The Golden Rule … DON’T RE-USE PASSWORDS!!

You may be careful not to click on “dodgy” links, but that won’t stop the bad guys from hacking one of the web sites that you belong to and getting your password, and don’t think that adding a “!” or a “£” to the start and end of your pet stick insect’s name is sufficient protection either. Password cracking software is pretty sophisticated now and will probably crack it in a few seconds (unless your stick insect is called Sy900$r5%)!

So How Can You Stay Secure Online?

The simple answer is that you need a system to provide you with strong, unique passwords for your online web site logins, and next week I will be happy to share mine with you. Don’t forget to come back next week!

Can Mobile Computing Increase Your Company's Productivity?

This week I am taking a week off! I am delighted to offer up an article by Paul Hillis of Thinkgrid who are one of our cloud computing service partners.

---

You might not have even noticed, but gradually, the IT Systems you use and your workforce are embracing mobile computing. Look at the devices your staff use to communicate, compared with say, 5 years ago – now they will more likely use laptops, tablets, smartphones as opposed to PC’s under their desks. 

Next, take a look at what kind of applications they are using – if they are new applications to your business they are probably much more likely to be web browser based or app based than static applications that can only be accessed in the office.

For quite a lot of organisations, this seems to have just ‘happened’ without any directive or strategy behind it. Often the first step for an organisation becoming mobile in its operation is the MD wants to get his work email on his iPhone, like the rest of the lads at the golf club. However, proactively considering a mobility strategy is something you might want to consider, as there are many benefits to be had, as well as pitfalls that would be best avoided.

The first step in considering such a strategy is looking at your workforce to decide what they do, how they do it and what allowing them to be mobile would bring to the table. It might be the case that if they had the chance, they would happily update that tender they have been working on, or fire off a few emails at the weekend if they had the chance to do so.

The next step is to look at what you need to give them to work effectively in a mobile setting, and if doing so is feasible. It may be that just giving them access to email would give them the ability to do 90% of what they can do when they are in the office, or it may be that they would need to give them access to the complex software and databases to match what they do when they are at their desk.

Allowing your staff to be mobile can potentially bring lots or productivity benefits to your organisations. You can get closer to your customers, give your staff a better work/life balance, attract staff from further afield, plus get staff to put more into their jobs. There are plenty of technologies out there that will allow you to reap these benefits while mitigating the potential risks associated with going mobile too.

No matter where your organisation is on mobility - Whether your organisation is static, singular office, 9-5, or all working from home using cloud applications, tablet and virtual offices, it’s well worth taking a step back and to see if whether your business could become more efficient and more profitable by embracing mobile computing.

Dude - A virus ate my customer's internet connection!

Did you think that viruses were a thing of the past that you don't have to worry about any more? Well here is a story from one of our customers that shows that the Internet really can be a dangerous place even for the most security conscious companies. Understandably, businesses focus on making money rather than IT security. The problem is that when you get a malware infection (which many of you will understand better as viruses), you may not know about it, but that doesn’t mean that they can’t cause problems for your company.

Recently, one of our largest customers was having problems with a web security system that they had bought about a year ago. They have around 2,000 IT users and a sizable internet connection, but something was bringing their system to a grinding halt, and quite a lot of the web connections had very little to do with their line of business!

Since they have a support contract with us we held our hands up to do some investigation as to what was causing the problem, and it soon became obvious that 75% of their network traffic was coming from a single PC which had obviously been infected with malware and was generating huge amounts of network traffic which was clogging up their Internet connection.

The graphs below show you what happened as soon as the infected PC was removed from the network. It’s amazing what one infected PC can do!:

Web connections per hour dropped from 20,000 to 5000.

Blocked connections per hour dropped from 14,000 to 0.

Connections per hour to “malicious” sites dropped from 20,000 to 0.

We will never know how the malware ended up on our client’s PC. They were probably just unlucky and visited a hacked web site that took advantage of a missing security update to infect the PC. What it does demonstrate though is the importance of making sure that your PC’s are kept updated to minimise the likelihood of picking up a malware infection. 

Just imagine the devastating effect that a similar incident could have on your company if you rely on cloud services for your line of business applications. It just goes to show that as you grow more and more reliant on the Internet to run our businesses, you will need to make sure that your security is up to scratch. 

Had Your Paypal Account Hacked? Join The Club!

Last Thursday night I was sitting at home watching the TV when my iPad on the arm of the chair went “Bing”! The email notification said something about a Paypal transaction which (being a cautious sort of chap) I thought was worth checking. I'm used to seeing phishing emails, and Google Apps has a very good spam filter,  so this particular email was worth a second look.

When I opened the email a shiver ran down my spine. It was a notification from Paypal that £689 had been paid from my Paypal account to someone whose email address meant nothing to me. What was worse, this email looked genuine. I immediately fired up my laptop, logged on to Paypal and there it was staring me in the face. £680 had been paid out of my account using the card that I had hooked up to it.

The crafty beggars had timed the transaction to go through just after 10 pm when the Paypal phonelines closed, so I reported the unauthorised transaction through the Resolution Centre. Paypal sent through an email to confirm that my dispute had been registered and I sat back and crossed my fingers.

To their credit, within 2 days I received confirmation from Paypal that my £689 would be credited back, so with a big sigh of relief I was able to think of the lessons I had learnt from the experience.

How was my account hacked?
I’ll never know for sure, but the only two possibilities that make any sense are that:

• I had a password stealing trojan on my PC or
• Another site where I used the same password had been hacked and they tried out all of the usernames and passwords on Paypal.

If you ever have the misfortune of suffering a Paypal hack, you will need to cover both of these options. The only way to make sure that any trojan on your PC is no longer there is to back up your data and re-load your PC from the Windows CD. Is there anyone reading this who doesn’t have the Windows CD for their PC? If so, please go back to wherever you got the PC from and find out how you get one. It’s your ultimate “Get out of jail” card.

You then absolutely must change all of your critical passwords (eBay, Paypal, Amazon etc). It may be a pain, but if you have already been hacked, you have no choice. Paypal force you to change your password as part of their “disputed transaction” process anyway.

One of our engineers quite rightly gave me a hard time about my passwords, and I spent an amount of time this weekend working out a new system. Your Amazon / Paypal etc passwords really should be unique, and you need to avoid standard words and phrases that can be cracked pretty easily anyway. Use something such as the first letters in song lyrics that you can remember together with special characters. Having been stung once, I damned if I’m going to give anyone another chance of nicking my hard earned cash and neither should you. You can see the system that I have now chosen to use here. I hope it helps.

Online CRM Part 4 - Managing your sales opportunities with Workbooks Online

Are you finding it difficult to manage your sales process using Microsoft Outlook, Word or Excel? It’s not that you can’t use these standard tools to organise your sales process, there are just better tools available. If your time is precious to you, then you can work more productively and make life easier for yourself by installing a proper Customer Relationship Management (CRM ) system such as Workbooks Online.

CRM Essentials

For me, there are a number of essential activities that I need to be made as simple as possible:

Company / Contact Search

Any CRM system that doesn’t allow you to find the company or person quickly wouldn’t even make it off the starting blocks. Workbooks provides a search box that allows you to perform a “Google-like” search for whatever it is you are looking for. You are presented with a list of matching search results and you simply click on the right one to go to the record you need.

Recording Notes and Activities
Excel Spreadsheets and Outlook fall short for contact management because they don’t provide a simple-to-use way of recording telephone call and meeting notes. Knowledge is power and your staff will be better informed and provide a better service to your clients and customers if they have access to meeting and conversation notes when talking to your customers. Workbooks allows you to record details of every interaction that your employees have with your clients / customers and make them available to everybody.

Activity Scheduling
A CRM needs to help you to plan your time by allowing you to schedule tasks telephone calls and meetings with your existing and prospective customers and provide you with reminders for these activities. With Workbooks, you can schedule events together with notes to remind you of the purpose of the call / meeting etc. You will be presented with a schedule of reminders of your pending tasks when you log into Workbooks.

Quoting
Whilst you can use Excel / Word Templates to generate quotes, by storing your product / service book within the system, Workbooks simplifies the process of drawing up quotations by eliminating the need to search for product information in separate databases / spreadsheets and pre-populating the quote with the right contact information.

Pipeline Management
Pipeline Management is a critical activity for any business, but without an effective CRM tool, they can take a long time to produce manually. Workbooks automatically provides sales people, managers and business owners with complete visibility of all business opportunities as well as where they are in the deal process.

The video below provides you with a quick overview of how you can use Workbooks CRM to manage your customer / client data:

If your current customer management tools no longer meet your needs, then let us know. We would love to be able to help you to implement the right tools to help you grow your business.