Google, your search against my professionalism – will it save you money?

3D Businessmen Inside Gear. Business ConceptGoogle!   How many times have we said or heard someone else say:

“Why don’t you Google it?”

“Google told me that….”

“I can fix this problem—I read an article about it on Google!”

These lines are often spoken by someone who tried to save time, money or effort by reading an article instead of consulting an expert. And whether it’s a broken computer, a backed-up sink or the weird-looking bald patch your dog has suddenly developed, when people put their faith in Google there’s usually an unspoken postscript: “I tried to do it the way Google said, and it didn’t work.”

I have been working in IT security for 30 years. I’ve come to see that computer technology is one of the areas where people are most likely to turn to the internet for help. I am not knocking Google—my team uses it regularly to resolve complex and confusing issues with technology.

We also understand that 99.9% of the articles are CRAP.

Well, maybe that was phrased a little too harshly. How about this—80% are CRAP.

Your search for a solution can put you in touch with a lot of people claiming to be “experts.”   Some of them even are experts, and may have put a few good ideas into writing. Those search results do not equate to the huge number of hours that a professional will have spent in their chosen profession.

Google does not show me how to fight a civil action in court, but a high-paid lawyer will.

Google does not make your tax records easier to understand, but a good accountant will.

Google does not make changing that engine part any more understandable, but a mechanic does.

With 20% of all google searches being for new content, there’s no Google search you can do that will capture every exact specific of your court case, tax documents or computer problem.

What Google does, is make you realise that you do not know everything. It helps you understand that a professional—the person who wrote the article—is better qualified to do it.

When the sink backs up or the car starts making a funny noise, go ahead and Google. Yes, you can muddle through, and maybe get the right outcome!

But if that first “easy” solution doesn’t work, don’t keep trying more. The cost in time and money of continually tinkering with high-priced possessions are more than what you’d pay to get your problem solved once and for all.

If you want it done right, Google it, find an article about it—and then talk to the person who wrote the article.

Roger Smith is the CEO of R & I ICT Consulting Services, Amazon #1 selling author on Cybercrime, author of the Digital Security Toolbox and author of the SME Digital Security Framework.   Rapid Restart Appliance Creator.   He is a Speaker, Author, Teacher and Educator on cybercrime and how to protect yourself from the digital world. 

(Video) Lets discuss Cloud, Mobility and IOT

Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd, Amazon #1 author on Cybercrime and founder of the SME Security Framework | Speaker | Consultant | Trainer discusses –  Cloud, mobility and IOT

[Beginning of transcript]

Hello. My name is Roger. Today, I’d like to discuss the Cloud internet things and mobility for small and medium businesses. And it’s now the catch-phrase and soon to be followed by things like 3-D printing, because Cloud IOT, mobility, BOYD ( bring your own device) helped changed the face of business in the last five years.

They changed business in two ways: they made it cost efficient to use in some of of the systems because you’re negating from operational expenses of viable hardware and software to a capital . . . try again, you go to a capital expense viable hardware and software and making it all work to an operational requirement. So, you’re paying as a monthly fee, just like you’re paying your telephone bill and your electricity.

And the cloud is made to happen and the cloud is making it happen across the board, worldwide now. Someone in Somali can run a multinational business just as long as they have an internet connection. But the internet affairs is a lot of things that we really factor in. The air-conditioner over there, depending on how complex it is, will have some component of internet things.

You see, the internet things will compromise to a level where the refrigerator will send out 10,000 spam emails or a television has been taking photos of what is happening in the world. And then, there is of course the utilization of both of these components that makes the mobility of your workforce a really important factor in having your business because you are now in that level where he can say to a person, “Here’s your tablet and everything you need on it is now ready to go”.

But as I said, 3-D printing is going to be something that is going to be revolutionized in the manufacturing business because they are going to be able to take a design, get printed and get delivered to you in a matter of days, something that we haven’t been able to do for a long, long, time.

So, what we’re looking at with cloud IOT mobility is the industrial revolution part-2, that we haven’t quite come up in another year on what we are going to call it again because we are still in the middle of it.

Thank you.

[End of transcript]

(Video) How to Protect Your Money and Cards within an SME from cybercrime

Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd and Amazon #1 author on Cybercrime asks how small and medium business and not for profit organisations are securing the information about money and cards from cybercrime.

[Start of transcript]

Hello, my name is Roger. How do you protect the money and your card information within your organization?

Small or medium business not for profit organizations have a requirement to A. Collect money otherwise they get broke and B. To secure the information concerning that money and how it’s being collected and diversified and the banks getting the information.

But on top of that, if you’re running an e-commerce site for instance, then the information that people are putting into that page in the digital world is really important because the criminals are targeting that as well. So if you take payments from the internet or the digital world, or you run a system , how do you make sure that that information is always secure?

Now this is a major target for the cyber criminals because they know that most people, when they set up a website or set up an e-commerce site or accept credit card and PayPal information that they haven’t set it up because they might not know quite what’s going on, they’re not fully understanding what is required of protecting that information.

But on top of that, if you’ve got an e-commerce site, you need a payment gateway. Now that payment gateway is literally the gateway between your site and the bank. And you have to make sure that as you’re accessing that gateway it is in a secure fashion.

The other way you can accept money is through PayPal, or if you’re on places like EBay where they have a platform store, which actually points to a payment gateway.

So what do you need to do to make sure you’re protecting the information? Well, you got to make sure that you’re receiving information from your potential customers and clients and the moment it goes into their computer nobody else can reach into your system. The only way to do that is with a high level encryption component and this is where SSL and TLS comes into it. SSL encrypts all the information and the only people who understand what’s going on are the computer that’s sending it and the one that’s receiving it at the other end.

So protecting that information against cybercrime is also very critical when you’ve got the information itself. So you’ve collected the information and now you want to store it somewhere. Again, you’ve got to make sure that you’re storing that information in such a fashion that you cannot be hacked.

Thank you very much.

[end of transcript]

 

(Video) What is managed web filtering?

Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd and Amazon #1 author on Cybercrime discusses managed web filtering

[Start of transcript]

Hello, my name is Roger. What is managed web filtering? Well, we all know that everybody likes to access the internet, whether it’s on a tablet, on a mobile phone, laptop, computer, even on the server when you need to download updates and things like that. You always need to access the digital world in some way.

But the trouble is, the bad guys know how we all access the internet, and they are always willing to put little traps and systems in place so they can actually get information out of you or infect your computers.

Now what I mean by that is there are, websites are created, and we all have websites. Websites are not created equally. Some are high-end, high-processing, e-commerce sites that are secure and locked down, and everything is really hunky dory.

But at the other end of the scale, there’s people who put together a WordPress website, who doesn’t worry about security, doesn’t worry about patching or widgets, making sure all the plugins are working, making sure the plugins are all patched up.

Now if this website, the one that was done in WordPress, gets hacked, now there are a number of ways they can do things to you. They can hack your website and take it down. Bang, there goes your website. Or they can just deface it. We were here, stuff you. Great.

The worst one they can do is they can actually infect it so that all of the visitors coming to your site will actually be asked to download now or then. Now when that happens, what happens is you need a system in place that will protect you from that happening to you. Now how do you do that?

Well there’s a number of products around that allow you to protect the way you surf the internet. And by that protection, it will come up and go, don’t go to this website, because it’s infected, or it may go to something that says when you log on to the website, something is wrong.

And that is really important for business. Because you get malware on your PC or your laptop, or your tablet, or your phone, then the bad guys have access to that information. What people don’t understand is it can happen to anybody’s website.

It takes, it can happen at the lowest level with your web-hoster, hosting company, has been hacked, and the server with all of those websites on it are now vulnerable. Or you could be a major news site.

There’s been times where places like ninemsn have been not so much hacked, but the information for things that run their ads have been infected, which then infects the people who come to it.

The other way that you get infected is through Ethernet. So this is a process that the bad guys call water holing, because everybody has to go there to get information. The biggest one that we’ve ever seen was when they infected a site that looks after human resources. So everybody had to go there, work out their leave, and every time they went there they got infected.

But, on top of that, if you get an infection from a website, that you, and you haven’t been protecting yourself in such a way as it will come up and tell you that you’ve got a chance of being infected by the website, then you have a problem with your own technology itself. Because it is no longer yours. It has spyware, it has malware. It may even have things like drive-by malware that encrypts all the information on your system. You don’t want to be in that situation.

On top of that, people also believe that if you go to pornographic sites that you’re going to get infected. To tell you the truth, pornographic sites are probably the securest internet websites on the internet and have ads. And there’s something, because the pornographic sites need people to come to them all the time. And yes, it’s huge business, it’s really a lot of money that they get.

So, you need to have some way to protect yourself, and that is where a managed web filter will come into. That managed web filter will sit on the desktop, or the laptop, or the tablet and phone, and actually intercept the information before it gets to your technology itself, and will protect you. And because it’s a managed web filtering, it’s like any other cloud product, it is a monthly fee.

Thank you.

[End of transcript]

How to secure your mobile device!

Mobile devices are the way we now do business.   From checking email, surfing the web to  connecting on social media and creating reports, we are always on, always connected, always busy.

Smart devices, phones and tablets, are critical to having an edge over your competition.  They hold a large amount of data that most people do not consider important – until we lose it.   We realise, too late, that we have lost some very important information.

Using mobile devices means that we can work from anywhere at anytime, if we want to that is.    The lines between work, business and our personal lives are blurring especially if you are a business owner or a manager of a small or medium business (SMB)

The risk requirements for both BYOD and business supplied devices is very important to ensuring the rest of the business is secure.

With so much happening on our mobile devices, how do we protect them from both the physical world as well as the digital world.

Think about these ideas that you need to deploy to protect your physical device.

  • Never leave it alone.   In some places your phone can be stolen right out of your hand while you are talking on it – In NY this is called apple picking.   In most places, the simple act of leaving your device on a table while you pick up your coffee is the only opportunity that the bad guys need.
  • When it is not being used – lock it.   Using a simple 4 number code, a decent password or biometrics ensures that the information on your device is secure for the initial attempt at access.   Change the settings to 3 attempts or 5 attempts before it is locked for x minutes will ensure that you have time to remote wipe the device.
  • Back it up – you never know when something bad is going to happen to your phone.   From a theft to dropping it in the toilet, if it happens how are you going to gain access to your precious data – your contacts for instance.

That is the physical side, what about digital protection:

  • Passwords – Yes we hate them, but in today’s digital world it is one of the only things that keeps the bad guys out.   All passwords should be 8 or more characters, use complex and complicated features (capitals, numbers and symbols), not be a dictionary based word, be easy to remember and be unique for each site.    That’s the reason we ignore those requirements and use the same one for everything.
  • If passwords are a problem then get a password manager or a single sign on (SSO) system.   This will ensure that you can use complex passwords and not have to worry about them.   SSO can also be deployed by an organisation to protect their social media and infrastructure requirements.   If a device is compromised, just delete the access to your business systems.
  • Run Anti-Virus / Anti-Malware.   Most people think that the operating systems of android and apple are secure.   This could not be further from the truth.   Although apple is a little more secure, malware is not always targeted at operating systems.   It is targeted at sub systems like Java, flash and adobe.   That is why all devices need AV as a real time protection system as well as a regular scan to pick up malware that may have disguised itself in the installation process.
  • Only install legitimate software.   Software that is in the app store (Apple) and the Google store (Android) have been vetted to a level to ensure that they do not include malicious code.   Some systems sneak through but they are quickly weeded out.   Applications directly downloaded from websites are especially prone to infection and do not have this protection.

Managing business risk is critical to the resilience of the business.   Make sure that your road warriors have the resources available and needed to work but that they are also safe, secure and protect your business..

Roger Smith is the CEO of R & I ICT Consulting Services, Amazon #1 selling author on Cybercrime, author of the Digital Security Toolbox and author of the SME Digital Security Framework.   He is a Speaker, Author, Teacher and educator on cybercrime and how to protect yourself from the digital world.

MANAGED SERVICES – TAKING OWNERSHIP OF YOUR PROBLEMS

3D Small People - AngryIn business the greatest threat to the information and data within your business is the speed to which you and your staff have access. Problems like everyone’s email not working are a big decision, but it is easy to delegate the repair to either internal teams or external companies. When things go wrong you want them fixed NOW and fixed FAST.

What about the niggly things?  Your user wants to print to the third tray on the printer and cannot, your receptionist wants to send out a letter but the mail merge database is no longer connected.

As a business owner or management level executive you don’t want to triage the problems.  Most of the time the management or staff does not have the time or the expertise to look at and resolve the problem, and often the person with the problem is told to “get over it”.   This is not a good state of affairs.   The problem then festers and grows till it does have a major impact on the business.

The best solution for these problems is to get them fixed.   How can you do that without additional cost to the business?   What you then have is a catch 22 situation.

Wouldn’t it be better just to contact your support company and know that it is all covered under the managed services agreement?
The business world is full of computer support and managed services companies that want your money, now don’t get me wrong we are a managed services company, and a good one at that, just ask our clients.   The difference between the other MSP’s and us is that we take ownership of any and all of your technical problems.

So what is the benefit of being one of our clients?

If you have signed up for out 5Nines support program, especially the platinum plan – trouble free technology – then all of your problems are our problems. Your problems are our problems, we take ownership of any problems or complaints that are generated by your staff during working hours that are related to computers, printers, internet, and email… practically anything.

Unfortunately we have no control over the coffee in the lunch room but for a taste of the problems we will fix:

• My mail is not working = our problem;   solution – remote in or send technician onsite;     Cost to you $0 (covered as part of the Service Level Agreement (SLA)).
• How do I create a mail merge document in word 2003 or 2007 = our problem;  Solution – remote in and talk user through problem and show what needs to be done;               Cost to you $0 (covered under the SLA)
• Helpdesk has noticed that one of the computers is reacting sluggishly = our problem; Solution – remote in and fix problem and then report to management;                  Cost to you $0
• System reports problem with a service on the server = our problem – Solution – dispatch technician;          Cost to you $0
• My computer is not working = our problem; Solution – dispatch a technician with a “loaner computer” then replace and repair;               Cost to you $0

The SLA dictates when they will be seen and response times to problems associated with your network.   They are an agreement between you and the MSP to ensure that you and your technology is protected 24/7.

Service levels should relate to items like these but they also depend on a triage process to ensure that a small problem is not related to a bigger unidentified problem .

• Server crash  = our problem – Technician onsite within 60 Minutes;           Cost to you $0
• Workstation Crash = our problem – Technician onsite within 60 Minutes;           Cost to you $0
• Service down = our problem – Technician working on the problem remotely within 30 Minutes;       Cost to you $0
• Printer problem = our problem – Within 4 hours;          Cost to you $0
• User problem = our problem – Next business day;        Cost to you $0

Finally, for any business there needs to be metrics that are measured and reported on. This is also true about your managed service provider. Daily, weekly and monthly reports on the condition of your infrastructure are important for decision making. To improve your business and ensure that the technology is correct and directed at your business, a quarterly report and meeting should also be included as a standard for your managed service.

As you can see not all managed service providers are the same and it is a case of choosing the right one for your business. R & I ICT Consulting Services can help manage and solve these important IT decisions and leave you with more time to get on with the day to day running of your business.