SSL Certificates for Websites

When it comes to the security of your business website, size does NOT matter. Your business most likely either houses some bit of information about clients or customers or has access to information. That makes you a target for hackers. It also makes you a target for a Google search engine flag to warn that your website may not be secure because your security certificate isn’t current.

Starting July 1, Google will require that websites have current SSL certificates. SSL (Secure Socket Layer) is used to provide an extra layer of security for websites, and it’s added to each individual page on a site. You are most likely familiar with SSL as a computer user. When you go to a secure page for transacting business, you may have noticed that the secure page URL begins with https:address instead of http:address. You’ll also usually notice the image of a padlock.

Google is implementing the requirement for its Chrome browser, which is widely used worldwide. When someone uses the browser to visit a site without an updated SSL certificate, they’ll see the phrase “Not Secure” before your URL in the address bar. Most likely, they’ll leave the page immediately, and that will increase your site’s bounce rate and endanger your inbound leads. The increased bounce rate will hurt your overall Google ratings, and that will affect your Google page ratings on all browsers, such as Firefox, Edge and Safari.

You can see if your certificate is up to date simply by looking to see if your URL starts with https:. If not, it’s an easy problem to fix with the services of website developer. They can help you purchase an SSL certificate through your website’s hosting company and then add the proper code to your pages. The certificate costs between $40 and $100 per year, and the coding can typically be added in two to four hours.

We are more than happy to refer you to one of our partners, Rachel Durkan at Paradigm Marketing and Design. You can email Rachel for specific information about getting your website in compliance. If you have any other questions or concerns about SSL certificates and website security, call us – 973-433-6676 – or email us to talk about them.

Advice from the FBI

If you’re a longtime client or reader of Technology Update, you can say the FBI has either listened to us or validated us with its recent call to restart your routers. Our national law enforcement agency says that routers can be vulnerable to hackers, and one of your best defenses is to restart them. There’s more you can do, but restarting a router is easy to do.

First, let’s look at the restart process, which clears out a lot of junk piles – junk piles that make great hiding places for the bad guys who want to use your network as the entrance to your entire computing world. Rebooting can also help your network’s performance, just like a reboot or restart helps your computer. All you need to do is:

  1. Unplug your router and modem – or combined gateway, which includes your router/modem and VOIP telephone – from the power source. If there is an adapter that plugs into your unit, you can usually do it right there. Do the same for any network switches you might have. If you have batteries for backup power in any equipment, make sure you pull them out.
  2. Wait at least 30 seconds. This is important to help junk clear out, and it signifies your system is offline. Waiting a minute wouldn’t hurt.
  3. Reconnect your system, starting with your modem if it’s a separate unit. If you have a gateway, connect that. If it doesn’t power on automatically, press the power button. Wait at least a minute to give your ISP time to authenticate your connection and assign a public IP address.
  4. Reconnect your router and wait two minutes. This gives your router time to boot back up and gives everything on your network time to get new private IP addresses assigned by the DHCP service in your router. If you removed the power from any switches or other network hardware, now is the time to power those back on. Just give them a minute or so, too. If you have several devices, be sure to power them on from the outside-in, based on your network map.

If you don’t understand anything in the fourth step, it’s a good idea to call us for help. We can follow the map and help you test everything on your network to make sure it’s all working properly. You can also reset your modem if you are concerned about security and/or performance, and that’s something we can help you with, too. Call us – 973-433-6676 – or email us with questions or to set up an appointment.

Save Your Vacation with Additional Storage Capacity

OK, I’m as the frugal as the next guy – maybe even more frugal than most. But not spending a buck or three per month to store all your vacation images in the cloud can be penny wise and pound foolish.

Let’s begin this discussion with one certainty: No matter how much your vacation costs, you’ll never be able to replicate the exact conditions or scene that you photographed or videoed. That makes your photo or video priceless.

Automatically sending your photos and videos to a cloud-based storage facility is the best insurance you can have, and for most people, spending $0.99 to $2.99 per month will take care of all your needs. We’ll talk mostly about Apple’s storage plans because more and more of you are using your iPhones (and sometimes iPads) as your primary camera and video recorder.

iPhone users typically get 5 GB of storage space in the cloud for free. That’s for a lot of photos and videos for many. For the most part, nobody pays attention to storage until you get that nasty little notice on your phone that your storage is full. The notice usually refers to your available iCloud storage, and when it’s all full, the camera basically stops recording new photos or videos until you have sufficient space. However, you can remedy that by buying extra storage space on the spot, as long as you have internet access. If you don’t know your Apple password, you can always reset it.

Your least expensive option is get 50 GB (10 times the free storage) for $0.99 per month. Two other plans are 200 GB for $2.99 per month or 2 TB for $9.99 per month. That last one may be overkill but put it in perspective. If you can travel the world and want to keep your memories safe – or share them with anyone at any time – a little less than $120 per year is a cost-effective option.

Apple and iPhones are not the only options. Android users can tap into Google Photos with Google Drive, which gives you 15 GB of free storage to use across Google Drive, Gmail, and Google Photos. You can also use Google Photos with a computer or iPhone/iPad. You can get 100 GB for $1.99 per month or $19.99 per year or 1 TB for $9.99 per month or $99 per year. Amazon offers all its customers 5 GB of photo storage free and unlimited storage to it Prime customers.

There are also numerous websites that offer storage and the ability to share with family and friends. In addition to storage and sharing, they offer you and registered family members and friends the ability to buy photos, photo books, coffee mugs, etc. Some also will sell your photos online. Some of the better-known websites include Flickr, Shutterfly and Photobucket.

Camera technology is also keeping pace with the online world. Whether you have a compact point-and-shoot camera or a professional DSLR, manufacturers are adding wireless capabilities, so you can upload photos and videos directly to the cloud or store copies on your mobile device, though they can cut those file sizes to 2 MB. Also, be aware that when you delete photo and video files from your devices, you may also be deleting them, too, from your cloud storage. Check for settings that keep the files in the cloud, and if you can’t set that up, be careful about what you delete – though many of the servers keep your files for 30 days.

Every year, we get calls to try to recover photos and videos. Sometimes, recovery is not possible. But it is possible to prevent the problem. Call us – 973-433-6676 – or email us to help you select the best available storage program for your needs or to help set up your storage. It could save your vacation.

Reboot Your Thinking About Restarts

Restarting your Windows-based computer clears out a lot of electronic junk and improves performance. The only problem is that you may not be restarting – or rebooting – your computer when think you are. We had one client go 73 days without performing an actual restart on a computer, which meant we needed a lot of time to clear out all the junk and reset the system.

One of the most common misconceptions we’ve found about restarting is that people think that simply turning on a computer after it’s been sleeping is a restart. To human logic, that makes good sense. To a modern computer, it’s all wrong. When you select the “sleep” option to close a session at your computer, you’re putting it into a state of hibernation. Your PC will seem like it’s completely off, but it saves a hibernation file to boot back to where you were before going to sleep.

When you tap your keyboard to wake up your computer, you’re using Microsoft’s “fast startup” feature to launch the hibernation file that essentially restores your system to where it was before going to sleep. The combination of sleep and fast startup get you up and running faster to use your computer, and it also helps various software and hardware vendors update your system while it’s not in use. Whatever electronic junk your computer has been holding is still there.

Fast startup also helps your computer get up and running faster from a complete shutdown. In a sense, shutting down your computer puts it into a stage of hibernation if fast startup is enabled, so you’re not getting a complete restart, which is necessary for clearing out the electronic junk. In our experience, fast startup is the root of all evil in a lot of problems we’re finding that can be solved by a restart.

All of this leaves you with two options. The first is simple: restart your computer once a week. It’s sort of like flossing your teeth; it’s another thing to remember, and it’s time-consuming. But it will keep your system clean and maintain a higher level of performance. To restart make sure you have saved all work files and application settings by properly closing out of everything. Then, just click the Windows icon at the bottom of your screen, click the power icon and click Restart.

The other option is to disable fast start. You can do that by doing a search for Control Panel, and then clicking on Power Options. On the left side of your screen, click on “Choose what the power buttons do.” Then, uncheck “Turn on fast startup.” Doing that will give you a complete restart when you power up from a shutdown. It can also be helpful when working with a speedy solid-state drive (SSD).

Along with restarts from a shutdown, we’ve found that clients using a laptop as a second computer have another set of problems. When their computers are out of action for an extended period of time, the startup routine when they power on induces a search for all sorts of system and application updates. In the case of Windows updates, the computer looks at when the last update was installed and then initiates a sequence of consecutive updates. That’s necessary because unless Microsoft issues a Service Pack that consolidates several updates, the latest update is typically an addition to a previous update. If you missed three updates, for example, your computer goes back to the first of that sequence and goes through three update procedures.

That entire process can take up a lot of time, and we usually get a call in the middle of it all because it seems like the computer isn’t functioning properly. The easiest way to solve that problem is to turn a computer once a week. It will look for updates as part of its boot-up, and the need to download and install only one Windows update or just a few recent updates for apps will get your second computer operational faster.

Just remember, though, if you’ve turned off the “fast startup” feature for a computer that’s been powered down, you’ll need to make sure you check for updates.

If you have any questions about restarts and power-ups, call us – 973-433-6676 – or email us. We can walk you through the process to set up the options that will be best for you or work with you remotely to set them up.

Size Matters for Computer Performance

Small mechanical hard drives can be a major cause of poor computer performance. We could add small thinking as a cause, too. It may be time to “right-size” your approach. We’re conscious of price and performance, but we tend to think more about the present price when buying a new computer and not looking ahead to future performance issues.

In too many cases, small drives are the result of being penny wise and pound foolish. A small drive, one in the range of 128 GB, may seem like it has a lot of storage capacity, but it’s really not sufficient for today’s use. Word files, Excel spreadsheets and PowerPoint presentations take up more and more space, and then we have all of those pictures we store. It’s easy to forget that the more megapixels our cameras can use, the bigger the files become. In addition to larger data files, our application files get bigger, too, as we add more capabilities and speed.

We also tend to hold our computers for many years, putting even more pressure on those under-sized hard drives. With less room for the hard drive to move data files around, your computer gets slower as we pack on years of data and apps. The restricted storage space on the hard drive is one factor that shortens a computer’s service life. The other major factor is that it can take 20 to 30 seconds at startup or restart for a computer to be functional, and that’s intolerable for most users.

On new computers, we consider a 256 GB hard drive as the standard unit. It gives most users enough room for the drive to manipulate files. When factory-installed, it’s not that much more money, and it will give you the opportunity to get more life out of your computer.

You can replace a 128 GB with a 256 GB unit, and that will cost $150 to $175 for the hard drive plus the labor to back up and reinstall all of the software – as well as to physically replace the drive. However, it’s still considerably cheaper than replacing a solid business-use computer, which can run $750 to $1,500.

Better still, Windows 10 users can replace a small hard drive with a solid-state drive (SSD). SSDs are electronic, not mechanical. They don’t require space to physically move data, which means they don’t need to be as large to hold and use a similar amount of data. The lack of moving mechanical parts also makes them faster. We don’t consider this a viable option for Windows 7 users because it would take way too much time to get all of the OS updates and prepare the system for the reinstallation of applications and data files.

In practical terms, you don’t need as large a hard drive if you install an SSD on a Windows 10 computer. In fact, you could downsize from a 500 GB mechanical drive and have the same usable capacity on a 256 GB SSD. And, you’ll get better speed. On an older business-grade laptop, such as a Dell Latitude 5550, you could essentially get a machine that’s “like new” for half the price of a new one. Conceivably, it could add three or four years of service life to a two-year-old system.

If you’re running out of room on your hard drive, running out of patience with your computer’s performance, or both, we can help you find the best solution for your specific need. Call us – 973-433-6676 – or email us to talk about it.

Who Really Sent That Email?

We’re seeing a pattern in security problems caused by “fake emails.” Although the pattern is not restricted to business emails, they seem to show up more frequently in offices. Here’s what’s happening.

Just like good marketers, email spoofers and hackers have noticed that Wednesdays and Thursdays are “light days” for email traffic. If someone who’s not overwhelmed by email gets no messages (OK, this might be theoretical), it doesn’t raise eyebrows because they’re not accustomed to a huge number of messages. When traffic gets back to its normal level on Friday, nobody bats an eye or says anything. That leaves the hackers free to move about.

What we’ve found when that happens is that a hacker has created a rule to move email messages to a place where they can do their dirty work. One of their tricks is to change a log-in to a fake website that looks like one you frequently visit. When your password is not accepted, you have them send you a link to change your password. When you sign into the fake site with the real password, they can use it to update your info on the real site and keep all of the function for themselves.

That “password” scenario is the one that seems to be most common way for hackers to gain their access, and as in most cases, the cybercriminals count on the fact that you’ll be too busy to notice anything unusual – and that you won’t say anything until well after the fact.

While offices – even SOHO businesses – seem more susceptible to this type of attack, anyone can be a victim. Here are a couple of telltale signs that you might be under attack.

The first is that you get an email that directs you to a website that you can’t log into because your password is invalid. If you use a “master password” application, that should tip you off right away. If you enter passwords for your sites and have them written down in a safe place, consult your records. If you can’t enter a password that you firmly believe is correct, that should be a tipoff, too.

The second telltale sign is that people got messages that looked like they were coming from their office’s email system. To see if something like that is a fake message, you have to find the IP address for the computer. If it didn’t come from your computer system, that could be the tipoff, but not always. In one case we had to solve, a New Jersey company was victimized by a New York IP address, but that didn’t raise any concerns at first because the company does a lot of business with New York IP addresses.

We can use a number of tools to help pin down the IP address from where the email originated, and the earlier we can get on the case, the better the chances of resolving your issue. If you want us to look at a message, you need to follow this procedure:

  1. Drag the message from your email inbox to your desktop. You’ll see it as an envelope.
  2. Email us that envelope as an attachment.

If you are convinced you have a threatening email, call us right away – 973-433-6676 – so that we can ask you a few “yes or no” questions and help you take appropriate steps before the consequences get really costly. If your questions aren’t urgent, email us for answers or to set up an appointment to talk. Email security problems will only get worse as time goes on.

The Not-So-Hidden Costs of Free Apps

Facebook is free. You can get a free Starbucks app that gives you savings. You can use any number of free navigation apps, such as Waze or Google Maps. They may be free of fees, but they have costs, but they have costs, and that may be at the practical heart of privacy.

Our purpose here is not to get into the specifics of how you can delete apps like Facebook from your computers and devices. You can find a lot of those steps within the apps themselves. Nor is our purpose here about whether you should delete those apps. Facebook continues to come under fire – and to fire back – as the news changes every day.

In our opinion, the issue of Facebook and Cambridge Analytica, which brought a lot of this discussion to a head, happened in 2015. Facebook shared data with Cambridge Analytica under an agreement, but when the agreement was terminated, the data wasn’t deleted. In some ways, we are now looking at several issues, so let’s separate them. I did download all of my personal information that Facebook has about me, and some of it was scary. The scariest part was that they have all of my contact information, and I could see the names of all the people who may have requested to “friend” me but did not accept.

In a way, all of the info didn’t surprise me, and we should all note that Google probably has more information about all of us than Facebook. Like it or not, our likes and dislikes, which are all reflected in what we say on Facebook and in Google product reviews, to name a few, plus all the searches we do and websites we visit all become valuable information for advertisers who want to focus on those who are most likely to buy a product. John Wannamaker, the Philadelphia-based department store owner, said some 150 years ago that he knew only half his advertising dollars were working; he just didn’t know which half. Today’s analytics help businesses and political campaigns make their dollars work more efficiently.

That’s where “free” comes in. We like free apps, free things and being free to express opinions. But it has a cost: whatever level of privacy you are willing to give up. Yes, those “terms and conditions” and “privacy statements” are long and difficult to read, but we all know the drill. In return for being able to use their apps and be eligible for certain perks, we give them the ability to track our locations and share information with their business partners. If anything, the Facebook fiasco has raised our awareness of what goes on behind the scenes, and we may be less willing to give everyone unlimited access to our preferences and whereabouts when given the opportunity.

Another related issue is the Internet of Things, or IoT. All the “smart” home systems, including the smart speakers from Amazon, Google and Apple, collect data based on the info you request, the songs you play and even the merchandise you buy using their systems. Two things we don’t know are: 1.) Do they collect information even when you haven’t activated them? 2.) Who has access to the information they collect?

Moving forward, I am not going to drop out of Facebook. But we can all download the info Facebook has collected on us and look at the apps and advertisers we are tied into through Facebook. We can delete those we don’t want.

Looking at all the data collected about us and figuring out what to delete or hide can be a daunting task, but we can help. Call us – 973-433-6676 – or email us to make an appointment to review whatever information you can collect from the apps you use. We’ll do the best we can to find that happy medium between convenience and security. But even if you decide to drop off the internet and just pay cash for bills and goods and services, your privacy still cannot be ensured.

Don’t Go to the Dark (Web) Side

The story of the hacking frenzy would be incomplete without mentioning the dark web. Some adventurous souls might think they can just drop in for a quick visit to see what’s it like and leave, but two thoughts come to mind: Trying to leave the Hotel California and a lamb sauntering into a lions’ den. Resist the temptation to take a peek.

Trying to poke around the dark web just for grins is the equivalent of going to a bad neighborhood at 2 a.m. just for sake of seeing what it’s like. It’s the place where stolen information, such as driver’s license numbers, credit card numbers, health records and the like are bought and sold. It’s no place for thrill seekers.

Yes, there are websites that will provide you with information on how to get to the dark web, and privacy is critical. Those who trade illicit information guard their privacy very tightly, and they use special VPNs (virtual private networks) to make sure they minimize detection by other criminals or law enforcement officials. And, you also want to minimize your exposure to other criminals who won’t think twice about stealing info and money from you.

Cybercriminals using the dark web never use any common ISPs (internet service providers) or browsers. That’s like walking into the bad neighborhood wearing a bright-colored reflective jacket. Rather, the dark web relies on special browsers designed to be undetectable. Users are advised to disconnect and/or disable recording devices such as microphones and cameras.

Dark web transactions are generally done using Bitcoin or some other form of cryptocurrency that makes it difficult, if not impossible, to trace the hands through which money passes. Users of the dark web generally use multiple aliases and anonymous email addresses to hide their identities and locations.

Criminals on the dark web know that other criminals and law enforcement agencies are marshaling all the tools they can to crack the dark webs, and the sophistication on both sides is constantly evolving. If you suspect some members of your family or employees might be thinking about taking a little peek at the dark web, let them know it can be an extremely dangerous undertaking. Once anyone wanders in, they’re prey for hardened criminals, and it’s unlikely they can wander back out.

If you’re concerned about whether someone in your home or office may have compromised your system’s security in some way, call us – 973-433-6676 – or email us for a security audit. If there’s something going on, we can take steps to mitigate the effects.

Spoofs and Email Management

Spoofing email addresses is so common that you might as well accept the fact that you have to scrutinize every message you get. With our switch to a new Office 365 management portal, many clients have been getting emails allegedly from Microsoft, and some are more obvious spoofs than others. It might be time to look at your email management processes.

Hackers use spoofing as a way to get into your computer or network. They are relying on your carelessness to click a link that allows them to introduce some sort of malware that will give them access to your critical personal or corporate data and your address book or contact list. Once they get in there, they can replicate the same message that snared you and hope they get lucky with a few more careless people.

To clean out the malware, we need to isolate the message to see what the hacker is spreading through your system. We’ve received a number of calls from clients in the past few weeks about problems with spoofing, and our issue has been the size of clients’ email folders. Simply put, when there are 100,000 messages stored in the inbox, finding the spoofed message that caused the problem can be extremely time-consuming.

In all likelihood, you’ve run into a similar problem when trying to find a specific message. Outlook gives you some search parameters for finding any message you may have saved, but because of the way most people search, you get a lot more possibilities, and that still slows down your search. And, of course, the more messages you have stored in one place, the longer it takes your program and you to find the message you want.

Setting up an email management system can make your searches more efficient, and it can also help you or any IT support team isolate a message that might be causing a problem with your system. Again, Outlook has a few tools, but you might want to start by creating a system of subfolders within your inbox. For example, I file all emails by client, and within each client, I file them by the year. That makes it easy to get to a place to find a message I want to retrieve. It’s similar to the way most of you would set up folders for documents, photos and videos, and business records.

Of course, that system is only as good as the effort you put into moving messages to folders. If you suffer from a severe case of email overload, you may want to consider an archiving program that works on the back end of your email program. It can be especially helpful for a business, particularly where employees deal with multiple people from the same organization. For as little as $3 per month, it can set up and execute a system that even isolates people within a company, making it easier for you or anyone in your organization to get to a specific message to resolve any kind of problem – customer service or malware.

While home users may not be concerned with customer service issues, there are times when you need to find a message to resolve a problem, and good organization can make a busy life a little less hectic. We can help you set up set up Outlook folders or find and set up an archiving system that works best for your needs. Give us a call – 973-433-6676 – or email us to discuss your email management issues and explore the most appropriate solutions.

Safe Travels, Safe Wi-Fi

It’s getting near spring-break time, and summer vacations will soon follow. You may have seen the reports about wi-fi issues and data security. One of the biggest problems you face is how easy it is to log onto a “fake” wi-fi network – a network that is neither part or your hotel’s system nor secure. But if you pay attention and follow a few simple tips, you can safely stream your favorite content and handle some routine email tasks.

The first and most obvious thing to do is make sure you understand your hotel’s or resort’s log-in information when you check in. Get the proper names of any network that the hotel makes available for you. Then, when you try to log in when you get to your room or sit down at the pool, you can pick out that network from the many that will display when your computers or devices search for the network. Don’t be surprised to see several networks that have spellings or character-and-number sequences that are similar to the networks you were given at check-in.

When you go to log in to the network you’ve selected, you’ll likely be asked for your name and room number. Tip No. 1, don’t enter a correct room number or even a correct name. Misspell your name, if you want. If the network lets you in, then you are not on a legitimate network. If you are denied access with your incorrect info, you should feel confident the network is OK.

Depending on the property’s size and network setup, you may be required to log onto multiple networks. Follow the log-in test for each network. And, most important, make sure everyone in your family or travel group follows that procedure because the breach of one computer or device could compromise everyone in the group.

Also, be aware of network names and connections as you float around. You or one of your family members could inadvertently wind up on an open, unsecured network that can be used to breach your computers or devices to steal information. Tip No. 2, you might want to consider disconnecting from the network when you finish your online session.

Tip No. 3, don’t use a wi-fi network conduct online business, such as credit-card purchases or accessing your bank accounts. You should also avoid wi-fi for logging onto sites related to your health or finances. Instead, use your cellular network. It’s much safer. That may require you to make some additional arrangements with your cellular carrier or to buy and install a SIM card with a data plan for service. However, it’s well worth the time and expense.

Personally, when I travel, I “hotspot” my computer in connection with my cell phone number. It can be expensive (though that’s a relative term), but it removes me from the wi-fi network. So far, hackers have not breached the cellular networks.

Just as a related point, if you are going to depend more on cellular data, make sure you have a plan that will cover your use, and make sure everyone who uses your plan knows its limits. If you’re streaming a lot of video content or gaming, data gets sucked up faster than you can imagine, and charges for exceeding your plan’s limits can be steep.

We can help you prepare for an internet-safe trip or make sure your systems are secure whenever you go remote near your home or office. Call us – 973-433-6676 – or email us to set up an appointment to look at your systems (we can do a lot remotely) and answer your questions.