Blog

April 11th, 2014

Security_Apr11_CThe security of your systems and communication, especially those that utilize the Internet should be paramount for any business. Over the past few weeks a massive new security flaw has been uncovered. This flaw, codenamed Heartbleed, could potentially expose all your vital data and communications that flows between your computer and websites online. All businesses and Internet users should be aware of this Heartbleed so that they can take steps to stay safe.

Background info about secure transmission of information on the Web

Most sites on the Internet rely on Secure Sockets Layer (SSL) technology to ensure that information is transmitted securely from a computer to server. SSL and the slightly older Transport Layer Security (TLS) are the main technology used to essentially verify that the site you are trying to access is indeed that site, and not a fake one which could contain malware or any other form of security threat. They essentially ensure that the keys needed to confirm that a site is legitimate and communication can be securely exchanged.

You can tell sites are using SSL/TLS by looking at the URL bar of your browser. If there is a padlock or HTTPS:// before the Web address, the site is likely using SSL or TLS verifications to help ensure that the site is legitimate and communication will be secure. These technologies work well and are an essential part of the modern Internet. The problem is not actually with this technology but with a software library called OpenSSL. This breach is called Heartbleed, and has apparently been open for a number of years now.

About Heartbleed

OpenSSL is an open-source version of SSL and TSL. This means that anyone can use it to gain SSL/TSL encryption for their site, and indeed a rather large percentage of sites on the Internet use this software library. The problem is, there was a small software glitch that can be exploited. This glitch is heartbleed.

Heartbleed is a bug/glitch that allows anyone on the Internet to access and read the memory of systems that are using certain versions of OpenSSL software. People who choose to exploit the bugs in the specific versions of OpenSSL can actually access or 'grab' bits of data that should be secured. This data is often related to the 'handshake' or key that is used to encrypt data which can then be observed and copied, allowing others to see what should be secure information.

The problem with Heartbleed

There are two major problems with this bug. The first being that if an attacker can uncover the SSL handshake used by your computer and the server that hosts the site when you login or transmit data they will be able to see this information. This information usually is made up of your login name, password, text messages, content and even your credit card numbers. In other words, anything that gets transmitted to the site using that version of SSL can be viewed.

Scary right? Well, the second problem is much, much bigger. The hacker won't only be able to see the data you transmit, but how the site receiving it employs the SSL code. If a hacker sees this, they can copy it and use it to create spoof sites that use the same handshake code, tricking your browser into thinking the site is legitimate. These sites could be made to look exactly same as the legitimate site, but may contain malware or even data capture software. It's kind of like a criminal getting the key to your house instead of breaking the window.

But wait, it gets worse. This bug has been present in certain versions of OpenSSL for almost two years which means the sites that have been using the version of OpenSSL may have led to exposure of your data and communication. And any attacks that were carried out can't usually be traced.

Am I affected by this?

What makes this so different from other security glitches is that OpenSSL is used by a large percentage of websites. What this means is that you are likely affected. In fact, a report published by Netcraft cited that 66% of active sites on the Internet used OpenSSL. This software is also used to secure chat systems, Virtual Private Networks, and even some email servers.

We have to make it clear here however: Just because OpenSSL is used by a vast percentage of the Internet, it doesn't mean every site is affected by the glitch.

The latest versions of OpenSSL have already patched this issue and any website using these versions will still be secure. The version with Heartbleed came out in 2011. The issue is while sites may not be using the 2011 version now, they likely did in the past meaning your data could have been at risk. On the other hand, there are still a wide number of sites using this version of OpenSSL.

What should I do?

This is a big issue, regardless of whether a website uses this version of OpenSSL or not. The absolute first thing you should do is go and change your passwords for everything. When we say everything, we mean everything. Make the passwords as different as possible from the old ones and ensure that they are strong.

It can be hard to tell whether your data or communications were or are actually exposed or not, but it is safe to assume that at some time or another it was. Changing your passwords should be the first step to ensuring that you are secure and that the SSL/TSL transmissions are secure. Another thing you should be aware of is what sites are actually using this version of OpenSSL. According to articles on the Web some of the most popular sites have used the version with the bug, or are as of the writing of this article, using it. Here are some of the most popular:

  • Facebook
  • Google
  • Gmail
  • Yahoo
  • Yahoo Mail
  • Instagram
  • Pinterest
  • Amazon Web Services
  • GoDaddy
  • Intuit
It would be a good idea to visit the blogs of each service to see whether they have updated to a new version of OpenSSL. As of the writing of this article, most had actually done so but some were still looking into upgrading. For a full list of sites, check out this Mashable article.

If you have a website that uses SSL/TSL and OpenSSL you should update it to the latest version ASAP. This isn't a large update but it needs to be done properly, so it is best to contact an IT partner like us who can help ensure the upgrade goes smoothly and that all communication is infact secure.

Contact us today to see how we can help ensure that your company is secure.

Published with permission from TechAdvisory.org. Source.

Topic Security
April 10th, 2014

BusinessValue_Apr07_CPretty much every profession has its own language or set of terms that those working in that field quickly master and use on an everyday level with colleagues. However, this can pose problems for those people not involved directly with a specific industry. For example, it can be a challenge for business owners to effectively communicate with Web designers and developers. To make things easier, it can be useful to know some of the more common Web design terms.

Here are 20 of the most used Web design terms that could help you communicate effectively with designers and developers about what you want from your website:

  • Alignment - The position of the various elements on your page. Alignment can be focused on the borders of the page, or positioning of elements based on other elements - e.g., aligning all images to the left side of the page, and making sure the text is aligned to the right of each image.
  • Banner - A form of advertising that is usually at the top of a page and goes from one side to the other. On many sites, the banner also contains links that can be clicked through to reach other pages.
  • Below the fold - The point on the page where viewers will begin to scroll after the page has loaded. Generally you put the most important information above the fold (what the visitor sees first) and supplement information below it.
  • Color wheel - A circle of colors that allows designers to easily pick out primary, secondary, and tertiary colors, as well as complimentary and contrasting colors - e.g., on most wheels red is opposite green because they complement one another.
  • CSS - Cascading Style Sheets allows designers to dictate the look and feel of a page. These are usually codes that dictate the font, color, and layout of a Web page.
  • DPI - Dots Per Inch is the resolution of an image or monitor. The higher the DPI, the higher the resolution or quality of the image.
  • Entry and Exit pages - This indicates where a viewer enters your page from an external source, and where a viewer will usually exit your site from. The vast majority of entry pages are the homepage, so these should be designed to capture and maintain interest. Exit pages can be the homepage, or perhaps a signup form.
  • GIF - Pronounced Jif, is an image format that is best suited for small images with few colors. These can also be animated.
  • Header - This is the absolute top of any page.
  • HTML - Hyper Text Markup Language, is the main language used to write webpages. For example, the bullet points in this article would be written as < ol><li>HTML - Hyper Text ...</li></ol>. Browsers read this code and translate the directions given.
  • JPEG - An image format best suited to pictures and images with a large number of colors. The vast majority of images on the Internet and websites are uploaded in the JPEG format.
  • Lorem Ipsum - Placeholder text is used by developers when creating mockups of pages or layout so they can see how the text will look when the page is finished. This can be any form of text and is usually nonsensical, like 'Lorem Ipsum Dolor'.
  • Orphan - A word or short sentence that appears by itself, below the text on a page. Generally these should be avoided, and can be easily 'adopted' by adjusting spacing between letters and words, or editing content.
  • Parent/Child elements - With HTML and other Web languages there is a relationship between elements (parts of code). Parents dictate elements that will be inherited by other codes (children) that are within the main parent group. For example, if you assign a headline a certain style this style becomes the parent. Any other elements like a bolded word within the headline will be a child. The child will take the same style as the headline and have the added bold format as well.
  • Pixel - The smallest element of any image and your monitor. It is essentially one dot of color. The resolution of images and monitors (how clear the image is) is often displayed in pixels. The higher the number of pixels, the higher the resolution and quality.
  • PNG - An image format that is most commonly used for images that have large amounts of uniform color or transparent backgrounds.
  • Script - A small bit of code that enables browsers to do more than just displaying text. If you've ever watched a video while on a website or downloaded something directly from a page, you have interacted with a script.
  • Watermark - A mark of ownership which is usually applied to the background of images or content. This is used to highlight ownership and deter theft of visual content. If you plan to post images on your site that you create, you might want to consider adding a watermark as protection.
  • White space - Space that surrounds text, images or other parts of the page. It is generally believed that the more white space there is, the easier it is to read content and draw attention to important aspects of a page.
  • Wireframe - A visual representation of a website's layout with directions for visuals, location of content, and style for each page. This is usually constructed before the site is built and is more or less a road map for developers.
Of course, these are just a few of the terms designers and developers use on a regular basis. If you want to understand how to get the best out of your website and technology then we're here to help.
Published with permission from TechAdvisory.org. Source.

April 9th, 2014

SocialMedia_April07_CBusiness customers can be largely visual creatures; judging a company by how it looks. When it comes to social media campaigns if the content of your business posts is not visually appealing you may find it hard to engage your clients. The question is, what tools can you can use to create visual content, especially if you aren't a Photoshop expert or graphic designer.

In this day and age where compelling visuals are possible online, it is extremely important to learn how to create attractive visuals to aid your social media marketing campaigns. You at least need a working knowledge of how to enhance your photos and make them more attention-grabbing. There are a number of free or highly affordable tools out there that can help you do just that.

PIXLR - This advanced photo editor works like Photoshop, only it is easier to use and therefore ideal for beginners. You can create images from scratch or perform advanced image editing. Using fairly simple tools can maximize the potential of images. For quick editing, there’s PIXLR EXPRESS or PIXLR O-MATIC, which are free to use. Visit the PIXLR website to learn more and start use these programs.

PicMonkey’s Online Photo Editor - This photo editor can transform ordinary images into fantastic photographs in just a few clicks. Select the image that you want to modify and add special effects such as fancy text, or simply crop and re-size. The photos edited using PicMonkey can be uploaded on Facebook and other social media platforms. PicMonkey is free to use so you can just go to the website and start editing away. For added frames and special effects there’s a premium version you can upgrade to for USD $33.33 per year.

LiveLuvCreate - This website can be used without any charge and offers a variety of design layouts and graphics. Using this platform you can edit your own images and there are also a ton of images created by users on its library that can help give you inspiration. Among the tools available are borders, filters, and photo effects, as well as fonts, colours, and styles. Visit the website to set up an account and start editing your images today.

Canva - If you want to create your Facebook cover photos from scratch, or if you want to design some blog images, this is a free application that might prove useful. This tool is very convenient and can be used to create business cards, invitations, posters, and presentations. Visit the website today to start creating your own visuals.

Quozio - If you are into quotes, Quozio lets you upload famous and favorite quotes, visualize them, and then share them on your social network. Simply enter an interesting quote and then select a background image. Instead of simply posting what’s on your mind, you can make a quote more attractive and appealing by transforming it into a visual using this free app. Visit the site today to visualize your next quote.

Whether you are posting on Facebook, Twitter, or any other social network, your content cannot come alive without the use of quality graphics and images. If Photoshop does not work for you, these other tools are ideal substitutes for creating appealing graphics for a variety of social media platforms.

Make sure to share your own list of top photo tools for everyone to see! And, if you would like to learn more about leveraging social media in your business, contact us today to see how we can help.

Published with permission from TechAdvisory.org. Source.

Topic Social Media
April 4th, 2014

Security_March31_CComputers must have appropriate protection from malware attacks. Aside from creating annoyances, malware infections can also affect the performance of your computer. Furthermore, the data on your system and confidential information that you use online may also be tracked and used without your knowledge. Because of the severity of the problems that it can cause you need to be very cautious about preventing malware infections, and know how to deal with them properly.

Signs of a malware infection

Before proceeding with the steps on how to respond to malware infections, we first need to learn about the signs and symptoms of a malware infection. These include:
  • Several pop-ups appear even when not browsing the Web.
  • Unusual slowness of the computer and Internet connection.
  • System hangs or freezes.
  • Corrupted programs.
  • Antivirus is disabled.
  • E-mails sent to or from your account which you did not send.
  • High network activity, even when not using large programs or accessing huge data.
  • Redirected access to some sites.

How to respond to a malware infection

In case you experience any of these symptoms, the first thing to do is to ensure that your antivirus and antispyware program is updated. This is to make sure that they detect the latest known threats on their database. You should then run scans to see if an infection is detected. If it is, the programs usually have a way to remove the infection. You then need to follow the steps the program recommends.

If this doesn't work, disconnect the infected computer from the network to prevent the spread of the malware. Furthermore, avoid accessing the Web and using vital information such as bank account and credit card information. Let the technical department or your IT partner handle the concern since they are trained in determining and eradicating system malware infections.

Once the problem has been pinpointed, a tech specialist will go through the process of eliminating the infection. This includes backing up data on the computer and restoring the system to its original state. Depending on the extent of the infection, the computer may need to be wiped clean, or reformatted before restoring backed-up files.

After the whole process, the computer must be tested to ensure that the infection has been totally removed. Moreover, further investigation and studies must also be done to determine where the problem started, as well as to create a strategy as to how to prevent this from happening in the future.

How to prevent a malware attack

Prevention is better than a cure and this definitely applies to malware infections. It’s best to arm yourself with knowledge on how to avoid malware attacks and prevent your systems from being infected.
  1. Ensure that security protection is always updated and that you run system scans on a regular basis.
  2. Avoid downloading attachments or clicking links from unknown sites or senders.
  3. Enable firewall protection.
Malware can hugely affect business operations and the security of private information. One of the best ways to prevent this is to work with an IT partner, like us, who can help recommend and install protection systems. You might want to think about getting help in managing these solutions too, to ensure that your systems are secure at all times.

If you have questions or concerns with regards to malware prevention and resolution, feel free to call us. Our support team is always ready to help.

Published with permission from TechAdvisory.org. Source.

Topic Security
April 2nd, 2014

BusinessValue_Mar31_CA business website is arguably the most important marketing and branding tool today. It is often the first level of interaction customers have with your company and many visitors will decide whether to work with you based solely on how your website is designed. Therefore, you need a website that is designed to engage and meet your visitors' needs. One of the best ways to achieve this is to learn about common mistakes other businesses have made when designing their websites to avoid making the same errors.

The business value of a business website is that it creates a solid online presence and boosts your brand image and market reach. Even if your business is not Internet based, a website can be used to create a certain impression and ultimately contribute to your bottom line. The key is to make sure you create the best impression. Here are six of the most common mistakes businesses make with website design:

Mistake 1: Building for the sake of building

Websites are important and some businesses believe that they should have a website, so they go ahead and simply build one. You should first take steps to define your target market - who is it that you want and expect to visit your website.

Once you have a defined target market you can then take time to build your site for your market. For example, if the majority of your target market uses mobile devices to browse the Web you should take steps to design your site so that it is viewable on mobile devices.

You should also determine what you want visitors to do on your site. Some companies want them to click through to another site, while others want them to sign up. By defining how you want your visitors to interact you can then develop your content and design around this.

Mistake 2: Designing a website that is too busy

It can be tempting to put all of your information on one page or even have a ton of images and videos. The truth is, this can be distracting largely because once someone lands on your page, they won't know how to get around, find the information they want, or even to know what they should do next.

Busy or flashy websites with lots of animations or large amounts of text also usually don't scale all that well. So, when someone looks at your site on a mobile device they will likely find it too hard to navigate and leave, which is counter to what you are trying to achieve.

Instead, aim for a website that is simple and clean. Important information should be quick to find and read and it should be clear who you are, what you have to say, and what you want the visitor to do.

Mistake 3: Lacking call to actions

Most business related websites have a goal as to what they want visitors to do. Maybe it's download an app, call the company, or even sign make a purchase online. It is essential that you lead visitors toward what you want them to do in the most clear and concise way. The best way to do this is through a call to action. These are usually buttons at the bottom of sections or pages that motivate the user to click and follow the instructions on what to do next, be that sign up to something or get in touch.

The best calls to action stand out from the content, drawing the reader's eye and hopefully inspiring them to click. They should also be clearly written, simple, and direct. e.g., 'Call us today!' or 'Download now!'

Mistake 4: Misguided content

It may seem worthwhile to write in-depth content about your products or services but this isn't always the case. People skim read the basics on the Web and it's different than other mediums.

What you should do is condense down your content so that it only states the most important information. Tell the reader what your product or service does and provide a few of the most important benefits. What you are looking to do is develop enough interest so that visitors to your site will click on the call to action and connect with you.

If you have the time and profits, creating a more visual site where you showcase the products or show how you can help in a short video may lead to higher engagement and possibly higher customer conversions. Take a look at the popular software and service sites like Dropbox, Microsoft, and Google. The content is highly visible and simple, yet provides just enough information so the user knows what the service is and what they are expected to do.

Mistake 5: Static content

It can be tempting to invest the time to write a great website, get the content online then just leave it sitting there. The Internet changes and what might have been regarded as great website design and content a couple of years ago may not be seen in the same light today.

It is advisable to periodically update your site's design and content to reflect current trends; making it more modern. Another related aspect of your content is that you need to ensure that your content is up-to-date. If you are hosting a contest and put the information on your site, you should make sure to take it off of your site, or update it when the date passes. It looks a little unprofessional to have content that is still talking about 2012 or even 2013.

Mistake 6: Doing it yourself

The vast majority of small business owners and managers don't have in-depth Web design skills, yet are determined to build their company's website themselves. This can lead to unexpected problems or a website that doesn't meet your needs. We strongly recommend that you work with a qualified designer who can help ensure that your website is designed and built to high standards.

If you are looking to boost your website's design contact us today. We can help!

Published with permission from TechAdvisory.org. Source.

March 27th, 2014

BI_March24_CBusiness Intelligence or BI applications are used by businesses from different fields for their information analysis. These tools help determine what individual businesses may be doing right or wrong, which can help them decide on the best path to take to reach their goals. BI tools are helpful to many businesses. However, some business owners question how these tools can be used in different departments.

There are various BI tools available nowadays that support small to large companies. You can find Business Intelligence tools that fit your company’s size, needs and budget. These applications can be used in different areas of the business:

Marketing Department

A marketing department is responsible for promoting a company’s products, services and brand to increase public awareness. With successful marketing, a business can attract potential clients that can be possibly turned into creating sales revenue. The company can use BI to determine which campaigns are successful or not, as the case may be. Through this, investments can be focused on those campaigns that work whilst avoiding those that have previously failed.

Sales Department

Sales managers and supervisors can also use BI to analyze successful deals, as well as those that they have lost, to see what strategies have worked. The system can also help determine which sales teams hit or exceed set goals in order to analyze what they are doing right. Moreover, this helps determine which products or services are most saleable so these can be pushed further to attain more goals.

Finance Department

BI software makes analyzing, reporting, and managing financial data more convenient. Those who are involved in the process can easily access the information they need through the system. Analysis is easier as the data is organized and accurate. Money in and money out can also be tracked with greater efficiency.

Moreover, these tools often come with features that allow users to create scenarios and determine the possible results from there. This is extremely helpful in deciding on the best action to take as the tool gives you a view of the probable outcome. The success rate is higher if forecasting using a BI tool.

Inventory

Business Intelligence also plays a vital role in inventory tracking of products, items or supplies. For instance, companies in the retail industry can track the movement of products or items from the suppliers to the warehouse and on to their delivery to clients. Any problems encountered in the process can be quickly identified so they can be fixed in time.

Items in demand can also be pinpointed, as well as low stock and overstocks. Items that are low in stock can be ordered immediately, especially if they are in demand, to ensure that the needs of clients are met. This also lets you avoid overstocking, which can be a waste of money when investment is better used for fast moving items.

These are just some of the ways businesses can use BI in their operations. If you have further questions about the topic, do not hesitate to give us a call. We’ll be more than happy to assist you.

Published with permission from TechAdvisory.org. Source.

March 20th, 2014

Security_Mar17_CAny business that employs technology in any aspect will eventually begin to worry about how secure their systems are. In order to ensure security, many companies implement a security strategy. While these strategies are a great way to ensure the security of your business systems and data, there is one element that many business owners forget: The audit.

Auditing and the security security strategy

Auditing your company's security is important, the only problem business owners run across is where and what they should be auditing. The easiest way to do this is to first look at the common elements of developing security strategies.

These elements are: assess, assign, audit. When you develop a plan, or work with an IT partner to develop one, you follow the three steps above, and it may be obvious at the end. In truth however, you should be auditing at each stage of the plan. That means you first need to know what goes on in each stage.

During the assessment phase you or your IT partner will need to look at the existing security you have in place. This includes on every computer and server and also focuses on who has access to what, and what programs are being used. Doing an assessment should give you an overview of how secure your business currently is, along with any weak points that need to be improved.

The assignment phase looks at actually carrying out the changes you identified in the assessment phase. This could include adding improved security measures, deleting unused programs or even updating systems for improved security. The main goal in this phase is to ensure that your systems and networks are secure.

Auditing happens after the changes have been made and aims to ensure that your systems are actually secure and have been implemented properly. Throughout the process you will actually need to continually audit and adjust your strategy.

What exactly should be audited?

When conducting an audit, there are three factors you should focus on:
  1. The state of your security - Changing or introducing a security plan usually begins with an audit of sorts. In order to do this however, you need to know about how your security has changed in between audits. Tracking this state and how it changed in between audits allows you to more efficiently audit how your system is working now and to also implement changes easier. If you don't know how the state of your security has changed in between audits, you could risk implementing ineffective security measures or leaving older solutions open to risk.
  2. The changes made - Auditing the state of your security is important, but you should also be auditing the changes made to your systems. For example, if a new program is installed, or a new firewall is implemented, you will need to audit how well it is working before you can deem your security plan to be fully implemented. Basically, you are looking for any changes made to your system that could influence security while you are implementing a new system. If by auditing at this point, you find that security has been compromised, you will need to go back to the first step and assess why before moving forward.
  3. Who has access to what - There is a good chance that every system you have will not need to be accessed by every employee. It would be a good idea that once a security solution is in place, that you audit who has access to what systems and how often they use them. This stage of the process needs to be proactive and constantly carried out. if you find that access changes or system access needs change, it would be a good idea to adapt your the security strategy; starting with the first stage.
If you are looking for help developing a security strategy for your business, contact us today to see how our managed solutions can help.
Published with permission from TechAdvisory.org. Source.

Topic Security
March 20th, 2014

Hardware_Mar17_CWhether you have a brick-and-mortar or Internet based business, you’ll surely need to print out some documents at one time or another. The question is, do you even have a printer? There are an increasing number of businesses who don't. Considering how everything is setup on the Web nowadays, it kind of makes one wonder what type or printers are being used in the offices these days?

These three printers below are the most common printers found in offices these days.

Multi Function Printers (MFP)

Multi Function Printers are also commonly known as all-in-one printers. With this type of device, your printing, scanning, faxing and photocopying needs are covered! These printers usually come in a variety of sizes with many being small enough to fit onto a small desk.

Aside from the multi function features that MFPs have, these are the common benefits that business owners can gain from this type of printer.

  • They take up less room.
  • They are usually lower in cost. Though it may seem expensive compared to the other types of printers, if you consider buying a fax machine, scanner, photocopier and a printer, you’ll find that buying an MFP is actually a lot more affordable.

Inkjet Printers

Inkjets print documents by spraying ink onto paper, and can usually produce prints with a resolution of 300dpi (dots per inch) with some actually able to print documents as high as 600dpi. This makes them ideal for printing saller images and reports.

What most business owners like about inkjet printers is the fact that they are usually affordable, making them an ideal device for businesses that just want printers. Since most offices (if not all) have computers, you’ll most likely see inkjet printers in the majority of offices. Here are some more benefits that people like about inkjet printers.

  • Fast printing speeds.
  • Can produce really high quality print.
  • Easy to use.
  • They can produce vivid colors.

Laser Printers

If there’s one very notable feature that you’ll love about laser printers, it would be the printer's capability of producing very high quality documents. In fact, laser printers can produce copies with a resolution of 600 dpi - 1200 dpi.

One of the main differences that laser printers have is the fact that they use toner (colored or black powder) instead of the inks that are used in most other printers.

Laser printers offer users many enticing benefits including:

  • Very high resolution.
  • Fast results.
  • High volume printing.
  • No smears at all.

What type of printer should my business get?

If you are looking for a new printer, it can be a little confusing as to which you should get. If you don't have a scanner or fax machine, it would be a good idea to look into a Multi Function Printer. Looking to print smaller or shorter documents or only occasionally? An Inkjet would probably be a better choice. If you need to print on a regular basis, or print in mass quantities a laser printer could be the best choice.

With all the types of printers available in the market, choosing a specific printer to use in your office can be quite confusing. If you need help in choosing which printer to go for, then give us a call and we’ll give you our expert advice on the matter.

Published with permission from TechAdvisory.org. Source.

Topic Hardware
March 19th, 2014

BCP_Marc17_CIsn’t it disturbing how a disaster (whether man made or natural) can devastate your business? While disasters are inevitable, you can mitigate risks and lessen the damage to your business in the event of one through a DRP (Disaster Recovery Plan). While it may not seem important to some businesses, especially if yours has never been faced with a disaster, a DRP would be a good idea.

While there are several facets to a DRP that are going to determine whether it will be effective or not, making sure that you’ve considered these 5 tips is definitely a good start.

1.) Commitment from management

Because the managers are the ones who will coordinate the development of the plan and be the central figures who implement the recovery plan, it’s crucial that they are committed to it and are willing to back it up.

They will also be responsible for setting an allocated budget and manpower to creating the actual plan. That said, it’s very important that they know the concept behind it and how huge of an impact a DRP can have on a business.

2.) A representative on each department should be available when creating a DRP

It’s unthinkable to believe that your DRP is well optimized when you haven’t had a representative from each department coordinate with you while creating the recovery program.

Considering how they themselves are the front line of your organization with the best knowledge about how their department works, it’s a huge plus that you should take advantage of when creating a DRP.

With the representatives on your team, you’ll be able to see things from their perspective and gain first-hand knowledge from those who do the actual work.

3.) Remember to prioritize

In an ideal world, you should be able to restore everything at the same time after a disaster strikes. But since most businesses usually have a limited amount of resources, you will usually have to recover systems one at a time.

Because of this, you need to have a hierarchy or a sense of priority when determining which systems should be recovered first. That way, the most important systems are immediately brought back up while the less important ones are then queued in order of their importance.

4.) Determining your recovery strategies

This is one of the main focal points of a DRP since this phase tackles the actual strategies or steps that you’ll implement to recover your systems.

When determining your actual strategies, it's important that you brainstorm and think about all the options that you have to recovering your systems. Don’t simply stick with the cheapest possible strategy or even the most expensive ones.

You have to remember though that the simplest strategy to implement is probably the best one. That is, as long as the simplest strategy covers the critical aspects of your system recovery.

That said, avoid over complicating your strategies as you might face unnecessary challenges when it comes to the implementation of the recovery strategy.

5.) Do a dry run at least once a year

Your DRP shouldn’t end with the concept alone. No matter how foolproof you think your strategy is, if you haven’t tested it you most likely have missed something important.

It's during the dry run phase that the need for extra steps (or the removal of one) are made even more evident. You can then start polishing your strategies according to how your dry run plays out. It would also be a good year to practice your plan each year and update it accordingly.

These tips will help you ensure that your DRP will remain effective should a disaster occur. If you’re having a hard time figuring out how to go about the process of creating a DRP, then give us a call now and we’ll help you with the process.

Published with permission from TechAdvisory.org. Source.

March 6th, 2014

Security_May03_CAs a business owner or manager you face important security issues on a daily basis to look after business computers and systems. From malware to bugs in software, there is almost always a security issue to be dealt with and it can be an uphill battle dealing with them. But, knowledge is power and knowing about security threats can help you battle them more effectively. One of the latest threats to come to light is a bug in Apple's software that all Apple users should know about.

About the bug

News broke on many security websites mid-February about a potentially critical security flaw in Apple's systems following the company releasing an update to their mobile operating system, iOS.

The update notes released by Apple noted that the patch "provides a fix for SSL connection verification." This is a fairly common update as it is aimed at improving the security of communications between websites and the device. However, security experts found out that without the update attackers who can connect to a network are able to capture sensitive information being sent in banking sessions, email messages, and even chat messages using what's called an SSL/TSL session.

What exactly is SSL/TSL?

Secure Sockets Layer (SSL) and Transport Layer Security (TSL) are used in networks to essentially establish an encrypted link between a server and your computer. They are most commonly used to secure websites and the transmission of data. Take a look at some websites and you may see a padlock on the URL bar, or https:// in the URL. This indicates that the website is using SSL or TSL encryption to protect the data that is being transmitted e.g., your bank account information on a website.

In other words, SSL and TSL are used to ensure that information is exchanged securely over the Internet.

What was the problem and what software was affected?

It was found that there was a bug in the code Apple's software uses to establish a SSL connection which causes the whole SSL system to fail, potentially exposing data that should have been encrypted to anyone connected to the network with the right tools.

According to security experts, this bug has been found to affect devices running older versions of iOS 7, OS X 10.8 and newer, Apple TV, and possibly iOS 6. It is important to note that the bug is only found in Apple's SSL technology. Any app that uses Apple's version of SSL could be affected.

Has Apple solved this?

Luckily, Apple has released updates to all of their devices that should solve this security exploit. If you have not updated your device or computer since the middle of February you could be at risk.

How do I prevent my systems from being affected?

The first thing you should do is to update all Apple related apps and devices, including all mobile devices. If you are unsure about whether your apps are secure enough, try using another app, especially another browser. The reason for this is because browsers like Chrome and Firefox all use a different SSL technology and are unaffected by this bug.

You should also remain vigilant and not connect to any open or public Wi-Fi connections or even secured Internet connections that could be easy to break through. Basically, as long as you update you should be fine. However, it may be worthwhile using another browser if you are really worried about whether you have a secure connection.

If you are looking to learn more about this security flaw, or how you can secure your business from threats like this, contact us today. We can help.

Published with permission from TechAdvisory.org. Source.

Topic Security