Cybercriminal attacks are getting more and more sophisticated. If your business's site doesn't have an SSL certificate you are putting your reputation and your site's visitors at risk. In this blog, we will be covering:
If your business's website doesn't have an SSL certificate, we can help. Book a call today.
SSL Certificates are a vital part of internet security, especially when your business needs to have an online presence. SSL certificates secure your domain, providing your online visitor's security, which is paramount. You need to create a secure environment that makes clients and potential customers confident in your business. Position your business as a trusted and secure resource- an SSL certificate helps you do that in two essential ways:
As technology advances, so does the sophistication of cybercriminals attacks. We have seen business's websites spoofed or redirected which causes a lot of grief for the business, their clients, and their potential clients. In fact, as a result, Google Chrome and other browsers will now penalise (and potentially block) any website that does not have an SSL certificate. Check to make sure your URL begins with https:// not just http://. The S indicated that the website does have an SSL certificate. If you don't have one, we can help you get one- book a call with us today.
Not all SSL Certificates are equal. There are essentially 2 types of SSL Certificate generally available now:
SSL certificates can only now be purchased for 1 year periods, so make sure to renew it every year.
There are definitely cheaper options out there for SSL certificates. However, you do get what you pay for.
As we outlined above, SSL certificates are not all the same. Having a cheaper SSL usually provides minimum encryption and trust, and is considered the bare minimum when it comes to protecting your website and it's visitors. The more expensive the SSL the more protection it provides. We can help you weigh your options and find the right provider for your business.
We have put together a checklist to help you decide on the best SSL provider for you:
1. Do they properly validate the identity of the SSL purchaser? This is a manual, slower process to ensure that the purchaser of the "www.CONTOSO.com.au" SSL certificate actually is CONTOSO and not an imposter. They also include your business name on the certificate. Cheaper providers simply do not have the infrastructure for this important step, or they skip it or do a very basic check = Lower Trust = the main reason for a cheaper price.
2. Is there a warranty offered to users of your internet services? Warranty is an insurance for an end-user against loss of money when they make a payment on an SSL-secured site. This is very important for e-commerce sites but is also important if personal data is being submitted to the secure site. e.g. GoDaddy offers only a limit of $1000 to end users against loss of money when submitting a payment on an SSL-secured site. = Lower Trust Our preferred provider comes with a $1 million warranty.
3. Are you buying the SSL from a registered Trusted Certificate Authority or just a wholesaler? Is the provider simply a mass wholesaler of other people's SSL's or do they directly stand behind it and offer the service themselves? Trusted Certificate Authorities are organisations that have earnt trust globally (and by all web browsers) to safely and securely provide secure identities. There are only 8 actual Trusted Certificate Authorities in the world. Our preferred provider is one of these Trusted Authorities and offers 24X7 support.
4. What Level of Encryption is provided? What level of encryption is provided to protect the data in transit over the public internet- 128-bit / 256-bit? This encryption means how easy is it for a hacker to grab the sensitive information. The standard now is 256-bit - which is a lot harder to hack.
5. Is the SSL Certificate guaranteed to Work on All Devices? Has the certificate been verified to work on all devices that may connect? e.g. smartphones and tablets? Some providers do not - though this is becoming less common.
As an internationally ISO27001 accredited organisation, Sensible Business Solutions takes security very seriously.
We have to go out of our way to ensure the systems and suppliers we deal with have best practices in place, offer business-grade support, etc. The choice is up to you - but we will always be able to help you with the systems we recommend.
If you need more assistance, give us a call, we're happy to lend our expertise to your organisation.
2020 has already proven itself to be a tough year, particularly here “Down Under” in Sydney, Australia. We’ve dealt with widespread and devastating bushfires, floods, and now the global pandemic of the COVID-19 strain of the coronavirus. Not just businesses, but entire nations are being shut down to contain the virus and minimise the death toll.
Many organisations may be forced to lay off employees to survive, or shut down entirely, which will hurt both the business and the employees. There’s a way for your organisation to continue operating amidst this crisis, and keep people employed, which is good for everyone involved.
Fortunately, there is a way to do that for many industries. Remote work has been a growing trend worldwide, and has now become a necessity. Social distancing recommendations given to us by our governments and the World Health Organisation disallow communal gatherings in the name of safety : in-person workspaces may be next. The answer, then, is to work from home. Facilitating a remote workforce gives more flexibility to both the business and the employee, and it keeps both safe in this time of crisis. Many companies may not have the infrastructure built up for this yet, but we’ve been helping organisations improve their technology for over 35 years; and is something we can help you with.
Modern IT Best Practices make a huge difference in how a company will respond to this crisis. We’ve noticed that the organisations that follow seven specific practices are adapting to the current climate much more smoothly than others. The 7 modern IT practices are:
If you examine your organisation, how many of those seven things do you do or have done?
We can help you get these policies in place, and adapt to the current reality. Swift action might be the thing that minimises the damage to, or outright saves, your business in this trying time. Schedule an introductory chat via our calendar.
Yesterday, the Australian Parliament enacted the Privacy Amendment (Notifiable Data Breaches) Bill 2016.
This means that Australian organisations will now have to publicly disclose any data breaches.
Penalties for non-disclosure range from $360,000 for responsible individuals to $1.8 million for organisations.
Forget the fines, if the world found out you were responsible for a data breach, what would that do to your business reputation? Are you the responsible person?
Just about all Australian businesses and non-profit organisations:
Any day - as soon as the new law is signed by the Governor General.
A breach occurs where there has been unauthorised access to, or unauthorised disclosure of, personal information about one or more individuals
AND this event could allow serious harm to an individual :
You’ll need to disclose what information was involved. This could include personal details, credit card information, credit eligibility information, and tax file numbers.
You’ll also need to advise the customers what they should do to protect themselves.
Penalties per non-disclosure range from $360,000 for individuals to $1.8 million for organisations.
If you need help with this, contact your professional Business Technology Adviser who should have the systems ready now to prepare and protect you.
If you require any assistance, call us to arrange a Data Security Audit at 1300-SENSIBLE (736-742) or email : email@example.com
Emma loved tweaking photos on her Android phone.
She’d heard rave reviews from her friends with iPhones about Prisma, a new iOS app for image editing. So when she heard Prisma would soon be released for Android, she logged in to the Google Play Store to see if it was there yet.
To her surprise, she found one that looked just like what her friends were describing. Delighted, she downloaded and started using it. Meanwhile, the app—a fake—was busy installing a Trojan horse on her phone.
When she got to work the next day, she connected her phone into the company wi-fi network as usual. The malware jumped from her phone to the network. Yet no one knew. Not yet, but that was about to change…
Now, this isn’t necessarily a true story (at least, not one we’ve heard of—yet…), but it absolutely could have been. And similar situations are unfolding as you read this. Yes, possibly even at your company…
Fake apps exploded onto iTunes and Google Play last November, just in time for Christmas shopping. Apple “cleaned up” iTunes in an effort to quell users’ concerns, but hackers still find workarounds. Unfortunately, these fake apps pose a real threat to the security of your network. Especially if your company has anything but the strictest BYOD (bring your own device) policies in place. And the more your network’s users socialise and shop on their smartphones, the greater the risk of a damaging breach on your network.
Fake apps look just like real apps. They masquerade as apps from legitimate merchants of all stripes, from retail chains like Iconic and Footlocker, to luxury purveyors such as Christian Dior. Some of the more malicious apps give criminals access to confidential information on the victim’s device. Worse yet, they may install a Trojan horse on that device that can infect your company’s network next time the user logs in.
So what can you do?
First, keep yourself from being fooled. Anyone can easily be tricked unless you know what to look for. Take the following advice to heart and share it with your team:
Beware of Fake Apps!
In case you weren’t aware, one of the latest and most dangerous Internet scams is fake apps. Scammers create apps that look and behave like a real app from a legitimate store. These fake apps can infect your phone or tablet and steal confidential information, including bank account and credit card details. They may also secretly install on your device malicious code that can spread, including to your company network.
Take a moment and reflect on these nine tips before downloading any app:
Most importantly, get professional help to keep your network safe. It really is a jungle out there. New cyberscams, malware and other types of network security threats are cropping up every day. You have more important things to do than to try and keep up with them all.
Also, ask your IT professional about implementing a best practice BYOD policy for your organisation.
You wouldn't have known, but we had our own fire disaster last week!
Early last Tuesday, we received a call that a fire was blazing in our building. Naturally we rushed down there but like all the occupants, we were not allowed access to our office at all. Later, that day we found out a tenant on the floor below us had an electrical failure in their computer room which was the start of the whole disaster.
Thankfully, there were no personal injuries, and only damage to a few units (not ours). However, many businesses did suffer. The fire department rightly blocked off access due to the poisonous fumes, not to mention that the power was cut off for most of the day. Outside, hundreds of people milled around wondering what do next. Comments overhead were:
"All my files are there - I need to get to them !"
"I need to finish something urgently for a client - now what ?"
"This is costing me a fortune - my staff can't do anything productive. I can't even get remote access.."
Privately,we smiled - We never ceased normal business operations at all !
We Had No Downtime
Our Business Continuity Plan kicked in and we didn't miss a beat! In fact, I don't think most of our clients even knew this had occurred.
We lost no sales, we missed no service calls, we continued to deliver the same service, we lost no data and there was minimal impact on the organisational productivity. We dod not lose a single cent.
How is this possible?
Over the previous months, you’ve probably heard about new technology trends like virtual assistants, smartphones, and automation technologies. Some of these IT solutions may even be placed on top of your business priority list. However, with fires and power outages just around the corner, disaster recovery and business continuity plans should always have a place on your annual budget.
Business Continuity isn’t a huge investment
A common misconception about disaster recovery is that it’s a large, bank-breaking investment and that only large enterprises can afford it. Expensive secondary data centres, networks, and server maintenance usually come into mind when a business owner is confronted with the idea of Business Continuity or Disaster Recovery. And while that may have been true in the past, establishing a strong disaster recovery plan today is as simple -- and as cheap -- as going to a cloud-based disaster recovery provider and paying for the data and services that your business needs. Subscription pricing models are actually incredibly low, meaning you can have minimal downtime while still having enough to invest in new tech.
Onsite backups just won’t cut it
Although you might feel secure with a manual backup server down the hall, it is still susceptible to local disasters and, ultimately, does very little in minimising company downtime - especially if you can't get access to your office. When disaster recovery solutions are hosted in the right cloud you don't have to restore critical data or applications - they are already available.
Business disasters can be man-made, too
Even if your workplace is nowhere near frequent disaster zones, cyber attacks and negligent employees can leave the same impact on your business as any natural disaster can. Setting a weak password, clicking on a suspicious link, or connecting to unsecured channels is enough to shut down a 5-, 10-, or even 50-year-old business in mere minutes.
Sure, installing adequate network security is a critical strategy against malicious actors, but last year’s barrage of data breaches suggests that having a Plan B is a must. A suitable business continuity and disaster recovery plan ensures that your data’s integrity is intact and your business can keep going, no matter the malware, worm, or denial-of-service attack.
Downtime will cost you
A business without a Business Continuity plan might come out unscathed after a brief power outage or small fire, but why risk the potential damages? Either way, downtime will cost your business. First, there’s the general loss of productivity. Every time your employees aren’t connected to the network, money goes down the drain. Then there’s the cost of corrupted company data, damaged hardware, and the inevitable customer backlash. Add all those variables together, and you end up with a business-crippling fee.
You might even have insurance, but that doesn't help if your clients go to your competition because you couldn't deliver service when they wanted.
Smaller businesses usually have "less fat" to weather such instances - it is even more important that they protect themselves,
So, if you want 2017 to be the best year for your business, make the smart choice and proactively take part in creating your company’s business continuity plan. Your business will be in a better position financially with it rather than without it..
Keep your business safe, recover from any disaster, and contact us today if you need assistance. Also, get a hold our free guide :
“Never before in the history of humankind have people across the world been subjected to extortion on a massive scale as they are today.” That’s what The Evolution of Ransomware, a study by California-based cybersecurity firm Symantec, reported recently.
If you have any illusions that your company is safe from cyber-attack in 2017, consider just a few findings stated in a recent report by the Herjavec Group, a global information security firm:
Clearly, your company’s information and financial well-being are at greater risk than ever in 2017. And you cannot count on the federal or state government or local police to protect your interests. That’s why I STRONGLY SUGGEST that you implement the following resolutions starting TODAY.
Resolution #1: Tune up your backup and recovery system. The #1 antidote to a ransomware attack is more frequent and up-to-date backup copies of all your data and software. Yet managing backups takes more than just storing a daily copy of your data. For one thing, if your business is at all typical, the amount of data you store grows by 35% or more PER YEAR. If your data management budget doesn’t expand likewise, expect trouble. What about important data stored in cloud solutions like dropbox?
Resolution #2: Harness the power of the cloud—but watch your back. Huge productivity gains and reduced costs can be achieved by making full use of the cloud. Yet it’s a double-edged sword. Any oversight in security practices can lead to a breach. Here are two things you can do to harness the cloud safely:
Resolution #3: Set and enforce a strict Mobile Device Policy. As BYOD becomes the norm, mobile devices open gaping holes in your network’s defences. Don’t miss any of these three crucial steps:
Resolution #4: Ensure you have the latest Security Technology Layers in place. The fact is that attacks are becoming more sophisticated every month. Do this at least:
Free Network And Security Audit Resolves Your Biggest Data Security Problems and Makes Your Systems Run Like A Fancy Swiss Watch
Ever asked yourself why some business owners and CEOs seem so blithely unconcerned about data protection? Don’t let their ignorance lull you into a false sense of security. If you’ve read this far, you are smart enough to be concerned. Contact us today at 1300-SENSIBLE (736-742) or firstname.lastname@example.org and we’ll send one of our top network security experts over for a FREE Network and Security Audit. It’s your best first step to a safe and prosperous 2017.
“We live in a world where information equals power. With the influx of online file-sharing solutions, distributing information has become easier than ever. As a result, it is now easier for information to fall into the wrong hands intentionally or unintentionally.” -Terri McClure TechTarget.
Bring-your-own-device (BYOD) policies and an increasingly mobile workforce are putting new pressures on IT and changing the requirements for how workers want (and need) to access corporate data.
Dropbox has become the predominant leader for mobile file access. Unfortunately, what works for family pictures does not work with corporate files. In most cases, Dropbox’s quick to install, easy-to-use, consumer-grade services present unacceptable security, legal and business risk in a business environment.
Here are the top 5 reasons we now recommend only SensibleSync for businesses .
If you would like more information on SensibleSync :
Phone: 1300-SENSIBLE (736-742)
Setting up meetings might seem like a trivial task, but it eats away at your productivity a few minutes at a time. Online Appointment scheduling software can help you track and schedule meetings with colleagues and customers much easier. Just send your clients a link to your booking page and they can book appointments online. Say goodbye to phone and email tag for finding the perfect meeting times.
Many of these programs synchronise with programs such as Google Calendar and Microsoft Outlook.
More advanced appointment scheduling solutions offer additional functionality. For example, some provide online forms that customers can use to request or cancel appointments, handle multiple timezones, link with automation systems like Zapier or even accept payments.
When starting a business, servers and networking equipment can be a significant expense. To reduce this burden, many businesses are turning to cloud computing. Cloud computing provides a number of benefits including improved scalability, cheaper support, and automated backups. As a result, you have more time and energy to spend on other business needs. Here is an overview of what cloud computing has to offer.
What Is Cloud Computing?
In cloud computing, a program or application runs on a network of remote servers hosted on the Internet. Unlike applications on personal computers, these programs and applications can run from anywhere in the world. Cloud computing relies on dynamically scaled resources which makes it both efficient and affordable for smaller businesses.
The Advantages Of Cloud Computing
One of the biggest advantages of cloud computing is the flexibility it offers in terms of scaling server resources. A major concern when purchasing computing equipment is whether or not the purchase will scale as your business grows. If you buy equipment that only covers current needs, you'll likely need to buy additional equipment in the future. Most network engineers tell you to buy extra equipment up front so you can be sure to avoid any scaling issues. However this extra equipment can cost thousands, so most business owners are averse to making such investments if they can avoid it.
With cloud computing, you pay only for the resources you use, and as you grow you can scale up the available resources as you need them. Cloud computing lets you scale resources up or down, so costs can scale with your business revenue. Many businesses have seasonal spikes, so you pay more only when necessary and reduce costs during slow months.
A good cloud computing hosting service also offers full support, regardless of the time of day. This support is paid for out of your monthly bill. Hiring personnel to handle problems with in-house equipment would be much more expensive. For instance, if you have an e-commerce store, you'll be out thousands of dollars if your hardware fails in the middle of the night. With cloud computing, the hosting service automatically monitors and restarts your servers at all hours, for no additional fee.
Another benefit of cloud computing is that you get immediate access to all the premium services and features that used to be affordable only by larger enterprises. You can now compete on an even playing field - the internet has no idea how big or small you really are.
Cloud computing can offer automated backups. Backups are a saving grace in the event of a server crash or catastrophic incident, but managing them is difficult. You not only need to remember to make backups regularly, but you must store them in a safe place. Most cloud computing hosting services avoid these types of issues entirely. First, almost all cloud computing platforms offer some type of built in backup automation solution. Second, the host has plenty of space where you can store your backups. Finally, cloud computing hosts make it easy to rely on these backups when disaster strikes. The better ones even offer automatic failover and business continuity options if you want.
Finally, the better cloud computing hosting services also offer the ability to run all of your business applications, on any device from any location. They can also offer full integration with all of your web apps and even subscription services like Google Docs, Office 365 and Amazon Web Services.
Many small businesses have a volatile first few years, especially on the technology front. Fortunately, cloud computing can reduce costs and keep your startup running smoothly around-the-clock. There are several cloud computing hosts to choose from, so do your homework.
Even a single second of downtime at your business can cause a ripple effect that sees operations become unhinged. While most Business Continuity Plans (BCPs) take into account longer power outages, short ones can be just as dangerous to your company. An Oakley Greenwood report showed that 58.9% of outages in NSW were for less than 2 hours. It is important that you and your employees be prepared should a power outage strike. We’ve prepared some information to help you do just that.
Power outages are one of the only disasters that can strike just about anywhere in Australia. If you are in Blacktown, chances are tropical cyclones are not going to be an issue and i
A US Department of Energy report noted that power outages cost businesses nearly $150 billion in 2014 and added that increasing demand for energy coupled with an aging infrastructure could see the number of blackouts increase. When a power failure disrupts IT systems, 1/3 of companies lose AU$18,500-$465,000 per incident. While weather-related events are the most common cause of power outages in Australia, it is far from the only thing that can disrupt energy service.
Since this is a problem that will continue to plague businesses, especially those ones that are unprepared, it’s important to be ready should a blackout strike. Here are a few things you should consider when it comes to power outages.
The most notable issue a business faces when a power outage occurs is an inability to work. Employees often will sit around unable to do anything until the power is turned back on. Once the power does return, additional time is needed to safely turn everything back on and to check if all your files are still there.
There are also numerous indirect consequences that your business may face either during or after a power outage. These include a loss of revenue from potential sales, a decrease in customer satisfaction and a drop in your company’s reputation. The more your company is prepared for a power outage, the better continuity you will see and the less damage will be done. While it may be impossible to completely avoid issues caused by blackouts, you can minimize their impact.
One of the biggest sources of frustration for employees during a blackout is losing files they had been working on. Autosave features do help prevent this but sometimes you’ll still lose that one important note or sentence you didn’t have the chance to save. Uninterruptible power supplies (UPS) are one way to buy your employees a little extra time should the power go out. You're able to plug your computer into these devices and they will operate as a battery when the power goes out. The life of these power stations is anywhere from ten minutes to an hour for some models which should give you enough time to save your work and properly shutdown your computer.
If you want to stay in business during a power outage, a standby commercial generator can help. These normally run on petrol or natural gas and immediately switch on as soon as your main power supply goes out.
If you aren’t concerned about the lights but want to keep your employees productive, equipping them with 4G enabled laptops and tablets with the right cloud vendor will let them continue to work on files and even your database systems that have been saved and stored or running virtually in the cloud. The better cloud systems will even enable you to send employees home or some other location (where power is available) and work one everything exactly as if they were in the office.
Regardless of what your company's plans are during a power outage, you will need to test them on a regular basis to ensure everything runs smoothly when the real thing does happen. If you utilise a UPS or standby generator, you will want to test these out every six months at the very least to make sure they function properly. If your business has special plans for what employees need to do during a power outage, you should run a practice drill on a yearly basis to ensure everyone is up to speed on their duties. You should also document what steps everyone should take - so nothing is forgotten in the panic of responding to the outage.
They key to business continuity is preparation. Let our team of experts help prepare your business for anything thrown its way in 2016 and beyond.