Time to Reassess Your Email Provider

If you have your email with your internet service provider (ISP), it might be a good time to take a look at what you’re getting, what you could get, and what you might lose.

First, ISPs provide email as a loss-leader service to keep your internet (and maybe cable TV) business. That internet business is critical to their success because more small businesses, home offices and consumers are using more data to run their businesses or live their lives. They’ve built the infrastructure to connect to your home or office. Now, it’s mostly a matter of adding capacity at a central location and using a few keystrokes to provide you with more internet capacity for whatever you need. As a result, they pay only enough attention to your email to prevent a catastrophic failure.

We saw the ISP-email problem firsthand during the past holiday season. Our client had email from Microsoft Hot Mail, but it was through their ISP. We thought it would be an easy fix, but when the problem escalated, the ISP erroneously blamed our client’s computer. We knew it wasn’t the case because we got right down into the system’s basic commands and identified a back-end issue at the ISP. That’s one place we can’t go.

The ISP didn’t do anything, but somehow, the problem disappeared. We think it was fixed either by a reboot to fix a server problem or by someone who actually saw a problem and fixed it. We’ll never know, but regardless, our client is ready to switch ISPs and their email service.

The switch is a two-step process. The first step is to find a new provider. They abound and offer features and capabilities not found in many of the current ISP-based email programs. Here are some of the more popular and more capable choices:

  • Gmail from Google has a friendly conversation-focused interface, powerful search and top-notch spam and malware filtering, which is critical. It integrates with other Google services, including Google Drive, which lets you send attachments over Gmail’s 25-megabyte limit. You get 15 gigabytes of storage, and it’s free, unless you want to create your own email domain. A downside is Google’s proclivity for collecting personal data, but you get some control through its privacy settings.
  • Outlook.com is a web-based email service that’s separate from Outlook in Office. It’s the successor to Hotmail, with a better interface. It also provides 15 gigabytes of storage and integrates with Microsoft’s online Office tools. Microsoft makes a big deal about not scanning emails to serve you ads, but it does scan them to filter spam and malware.
  • iCloud, Apple’s free email service, integrates with Macs and iPhones and doesn’t contain any ads, though it isn’t as feature rich as other options. It comes with only 5 gigabytes of storage, which is shared with other Apple products. You can buy more storage.
  • Fastmail is a paid service that touts privacy and control. For $3 to $9 per month per user, there are no ads, and you can create an email account at any domain you want, which is great for a small business. It’s a great option if you don’t want to tie yourself to one of the big tech giants.
  • ProtonMail emphasizes privacy with end-to-end encryption. However, it requires a bit more work to setup and requires your recipient to jump through the same hoops. Just remember, though, your security is only as good as the security of the weakest link among all the people you communicate with.

No matter which provider you choose, you’ll need to do a lot of preparation. The most important step is to make sure you bring all the messages you want to save to your new email provider’s service. Some ISPs will delete your address and account as soon as you end your service. Others claim they’ll provide unlimited or generous storage and long-term to lifelong access, but there are no guarantees the messages will be kept or open to your access. If someone accidentally removes your messages from a server or removes your login credentials, you’ll have little or no recourse if you’re no longer a paying customer.

Copying all your old email from your old provider to your new one can be complicated. While we don’t want to say it’s something you can’t do at home, we strongly urge you to let us do it or walk you through the process. We want to make sure you get all the messages you want to keep – AND we can help you set up a forwarding mechanism so that people can still reach you after you make the change. (See Tech DIY: Our Equivalent of Calling the Plumber or Electrician.)

One thing you will need to do on your own is make sure you notify everyone of your email change – and do it with your new email address. That will make it easier for people to change their contact list, and it will add your new email to most autofill functions.

Call us – 973-433-6676 – or email us to discuss the best email options for you and to make an appointment to get you set up with your new email system.

Tech DIY: Our Equivalent of Calling the Plumber or Electrician

I can clean out a drain trap and change a light switch. But when I try to do something more, it usually winds up costing more than if I had called the plumber or electrician in the first place. It’s the same with your technology. There are some things you can do yourself, but there are things you shouldn’t touch.

To continue the plumber and electrician analogies, let’s look at some worst-case scenarios. When you do your own plumbing, you could break a pipe and flood all or part of your house – and maybe damage walls, floors and/or ceilings. But you’ll still have your house. With electricity, you could trip a circuit breaker – or shock or electrocute yourself or cause a short that starts a fire and…

In some ways, doing your IT can result in losing all your data, which is the electronic equivalent of burning down your home. Of course, you can back up your data in a secure, offsite location and replicate your system. You probably don’t have a full-size replica of your home or office stashed somewhere else.

So, what are some things you can do? You can download and set up apps, such as a password manager. You know all your passwords, and you can work your way through the setup process to take advantage of the random-generated passwords that make the apps work best. But if things look like they’re getting complicated, you can always call us for guidance or walk-through help.

What are some things we believe you should never do?

Never do anything that involves your website DNS, and don’t switch from one host company to another by yourself. The DNS info is at the heart of keeping your website on the internet, and one mistake can knock you offline. We can help you recover from a mistake, but in addition to the cost of our service, you’ll also pay the opportunity cost for lost business time. Another thing to keep in mind is that when you switch website hosting companies and something goes wrong, each party will claim it’s the other party’s fault. We can make sure that together we all follow the proper procedures to make the switch as seamlessly as possible.

Router changes are another task you shouldn’t do yourself. The biggest dangers are leaving open a port that can lead to security issues or not setting it up properly to manage other remote desktop capabilities.

Even buying a new computer can have pitfalls. With so many configurations available (processors, RAM, hard drive type and size, etc.), it can be difficult if not impossible to match up the right “package” for your needs.

One client experience illustrates the problems that can arise. Our client asked for help with transferring files from the old computer to the new one and assured us the hard drive had “more than enough space – more than I’d ever use.” It was a 128 GB hard drive, and after transferring app and data files, we had 30 GB of free space. However, the client also had 80 GB of music files to transfer. The problem could be fixed, but a lot of extra cost could have been avoided.

We can help make your technology life easier. Call us – 973-433-6676 – or email us when problems arise or if you want to change, add or reconfigure any part of your system. We can help you with advice or with doing the work you need. As the car mechanic said in that Fram oil filter commercial of many years ago, “You can pay me now or pay me later.” My plumber and electrician tell me the same thing.

Home is Where the Hack Is

Don’t think your home is too small to be a hacker’s target. The recent invasion of a young girl’s bedroom through a camera system has sparked a lawsuit and some hot discussion about who’s at fault. Ultimately, you need to make you cover all the bases, and the Department of Homeland Security offers some help in making sure you know where the bases are.

DHS rightly states what we think is obvious about the two common misconceptions home users share about the security of their networks:

  1. Their home network is too small to be at risk of a cyberattack.
  2. Their devices are “secure enough” right out of the box.

Besides those misconceptions, home networks – no matter how many smart devices or dumb devices they connect – have many moving parts. In addition to cameras and smart speakers, to name just two, our networks include routers, computers, mobile devices and TVs. So, even though you may think you have a strong username and/or password for every device, there’s a possibility you can miss one key setting – or there’s a possibility that someone using your network has the weak link in your security chain that provides outside access.

The DHS checklist, which we summarize below, is a good place to start. It reiterates a lot of actions we’ve told you to take over the years, and it’s a good refresher.

  • Update your software regularly. Besides adding new features and functionality, software updates often include critical patches and security fixes for newly discovered threats and vulnerabilities. (See Understanding Patches and Software Updates.)
  • Remove unnecessary services and software. They can create security holes in a device’s system that could lead to a larger attack surface of your network environment. This is especially true with pre-installed trial software and apps installed on new computers. Remove what you don’t use.
  • Adjust factory-default configurations on software and hardware. They’re intended to reduce the troubleshooting time for customer service. Harden them to reduce vulnerabilities.
  • Change default log-in passwords and usernames. Most network devices are pre-configured with default administrator passwords to simplify setup. They’re not secure. Change them.
  • Use strong and unique passwords. Choose strong passwords and don’t use the same password with multiple accounts. (See Choosing and Protecting Passwords for more information.)
  • Run up-to-date antivirus software. A reputable antivirus software app can automatically detect, quarantine, and remove various types of malware, such as viruses, worms, and ransomware.
  • Install a network firewall. It can block malicious traffic from your home network and alert you to potentially dangerous activity. When properly configured, it can also serve as a barrier for internal threats, preventing unwanted or malicious software from reaching out to the internet. We can help you configure them.
  • Install firewalls on network devices. In addition to a network firewall, consider installing a firewall on all computers connected to your network. We can help you configure them, too.
  • Regularly back up your data. Consider using a third-party backup application, which can simplify and automate the process. Be sure to encrypt your backup to protect the confidentiality and integrity of your information. Data backups are crucial to minimize the impact if that data is lost, corrupted, infected or stolen.
  • Increase wireless security. Follow the steps below to increase the security of your wireless router or ask us for help.
    • Use the strongest encryption protocol available. DHS recommends using the Wi-Fi Protected Access 3 (WPA3) Personal Advanced Encryption Standard (AES) and Temporary Key Integrity Protocol (TKIP), which is currently the most secure router configuration available for home use.
    • Change the router’s default administrator password to deter an attack using default credentials.
    • Change the default service set identifier (SSID), the “network name” that identifies a wireless network. Make it unique and not tied to your identity or location.
    • Disable Wi-Fi Protected Setup (WPS). A design flaw in the WPS specification for PIN authentication significantly reduces the time required for a cyberattacker to brute force an entire PIN.
    • Reduce wireless signal strength to reduce your electronic footprint.
    • Turn the network off when not in use or automatically disable the Wi-Fi at specified times to prevent outside attackers from breaching your home network.
    • Disable Universal Plug and Plan (UPnP) when not needed. Recent large-scale network attacks prove that malware within your network can use UPnP to bypass your router’s firewall to control your devices remotely and spread malware to other devices.
    • Upgrade firmware to enhance product performance, fix flaws, and address security vulnerabilities.
    • Disable remote router management to guard against unauthorized individuals accessing and changing your router’s configuration.
    • Monitor for unknown device connections to monitor for unauthorized devices joining or attempting to join your network. Also see the manufacturer’s website for tips on how to prevent unauthorized devices from connecting to your network.
  • Mitigate Email Threats. Phishing emails continue to be one of the most common and effective initial attacks. They prey on the human element – the weakest component in every network – by persuading a user to click on a link or open an attachment.

All the steps you can take are common sense, but they’re often overlooked in our hurry to get a new product or feature online. The hacker looks to exploit momentary carelessness. We can review your home or office network with a security assessment and help you implement any of the steps in this checklist. Call us – 973-433-6676 – or email us for an appointment.