Category: Hints and tips for you

Now here is a hot topic and I honestly don’t see it changing any time soon, if ever.

The biggest threat to your business is the threat of a cyberattack, every business is a target and with organized crime organisations driving the increasing events of cyber-attack it is not going to go away.

In a recent ACSC Survey, it is estimated that over $300 million is lost to cybercrime every year, the true figure is likely to be much higher as many crimes are not reported.

Someone is a victim of Cybercrime at least every 10 minutes.

So, who are these victims?

In the survey, it covers sole traders to businesses that employ up to 200 people, the attacks are across the board, and no one is too small or too big to be targeted, don’t think that we don’t turn over enough to be a target, regardless of your business income whether it is less than $50k a year or several million dollars you are still on the radar to be attacked.

That the facts and figures but it’s ok it won’t happen to me, sorry but if that is how you think it’s time to wake up.

Here are some common fallacies:

We have a good firewall, no one can get into our systems

It’s ok, all my programs are in the cloud I don’t have to worry

We don’t need to worry we are too small

My anti-virus will stop it

To these I would say, firewalls are great, but most cyberattacks are made against people, not systems (firewalls), the attackers know that firewalls are almost impossible to get through, but people are easy to trick and will often give access to systems without realizing the threat.

If all your programs are in the cloud all an attacker needs to get is your username and password, I know you are careful but again the person is the weakest link.

No one is too small, just look at the statistics, if you have something of value you are a target.

Your antivirus will not stop you from inadvertently giving away your details, email phishing attacks are used, and unfortunately, they work far too often.

Be aware that we are constantly being tested or attacked with phishing emails, these are trying to get you to give a threat agent your user name and password, so any email that you receive that is asking you to enter your user details needs to be treated with care if you don’t know the sender I would just delete it if it’s genuine the sender will be back in touch (so far this has never happened for me). Also, consider two-factor authentication for your emails, it just gives another layer of security.

Oh, and it’s not just the phishing emails, it’s the constant bombardment of phone calls, you know the ones “I’m ringing from Microsoft, there is a problem with your computer give me access to fix it” NO STOP, do not let them in, Microsoft will not call you unless you have called them first.

Yes, you have backups, but they are only useful if you can restore from them, if you back up to a drive connected to your computer this is there only to make you feel good, in reality, if your computer gets infected with a ransomware attack it will encrypt the backup drive too. Backups that are either on a network file store that requires authentication or some form of off-site solution are better.

The real secret is to trust no one, if you have an issue with your computers, you choose who helps you to fix the problem, make sure it is someone that you trust and has your best interests at heart.

Most businesses have little or no budget for Cyber Security, yet it is most probably the biggest threat to the future of your business. Make sure you are getting the correct advice on what you should be doing to protect your business, don’t just do what “old mate” at the pub reckons you should do.

If you suffer a cyberattack the likelihood, is you will suffer a financial loss that could end your business, if you survive the attack and can continue to trade you may have lost both business reputation and standing. You are also five times more likely to suffer another cyber-attack after you have suffered one.

The question we often get is why should we do updates? it’s either that or we have that client that says I never do updates my machine works fine….

So those updates on your computer are usually either “Patches” or “Service Packs” to address issues with your software, sometimes they may be updated versions of your software.

So I know they always want to be installed at the most inconvenient time, but there is good reasoning behind the necessity for them.

So here are four reasons to run updates

Help to Reduce Vulnerabilities.

This is most probably the most important one, security updates are critical to reducing the risk of cyberattacks, the updates are there to protect against known vulnerabilities and malicious attacks that have been identified by your software vendor, they want you to have the best experience using their software possible and therefore want to protect you.

Using your computer without applying these patches is a bit like leaving the front door open and your keys wallet on the table, it’s almost like giving an open invitation to the criminals to come and take your sensitive data or hold it for ransom.

Fix bugs in software.

Things that make your software crash or other glitches that can be frustrating and time-consuming, software providers recognize this and release these updates to get you on the most stable and current version of their software, they are also aware that if they look after you by doing this you will be a more loyal customer so for them it is also about giving you the best user experience.

Often it is where the software developers have uncovered issues with their software often from user reports or due to common issues, never be afraid to contact your software provider if you are having a problem with their product, they may have the solution.

Ensure compatibility

I heard this described as not being like a dinosaur in the technology age.

With the never-ending improvements in technology, we need to try and keep current so our systems are compatible with the organisations, businesses, and other individuals we interact with.

Keep the playing field level don’t insist on using an old, slow, and outdated computer that is struggling to perform the tasks you have to do, look at the benefits of upgrading.

Stay ahead of the Competition

Ok, so you are happy with all of the above, what else?

How about just staying ahead of the game (or the competition), why not be the innovator or market leader by keeping your systems at the top of their game, making your business the most efficient to deal with by leveraging the most up to date technology and systems.

So, updates are there for a reason, I know they can be a pain when there are installed and it’s true they can sometimes, very rarely break your system, but if they do there is always an easy fix.

The best advice we can give is Update, Update, Update, there is always a good reason.

I am constantly amazed by the number of businesses that do not have their own domain name, they trade on free email accounts and have no real website, ok they may have a Facebook page but not much else.

So why should you have a domain name, what does it do for your business?

For years I have been working with small business owners helping them with their technology solutions so they can present a professional front for their business, one of the first things I always suggest is to register a domain for your business, it makes you look like a much bigger business than you may actually be and it does not cost a fortune. Using your Bigpond, Hotmail or Gmail email address just makes you look cheap, as a potential client I would be questioning how committed you are as a business owner.

To put it into perspective a domain name costs around $50.00 per year with maybe $150.00 a year for email hosting, ok you may have to pay someone to set it up for you so maybe another $200.00, so for around $400.00 a year you can go from that bloke down the road that’s doing things on the cheap to someone that looks professional and gives the impression of being a big business.

Take it a stage further add a simple website that shows what you do and you can add some testimonials from clients that you have carried out work for and you suddenly look like a big business, again the cost of this is not massive, $150.00 a year for website hosting, and for a simple Website a one of cost around $1000.00-$2000.00.

For a relatively small investment, you have now in your client’s eyes become a much bigger business, you will be viewed in a different light by your competitors and other people in your industry.

The most common objection to registering and using a domain name for emails is “I have been using this one for years and everyone knows it”, ok so you redirect the emails to the new account and send an email out to everyone to let them know about your new address, you could also announce your new website and maybe even include some other marketing to promote your business. I know you are already so busy you don’t need any more work, but it’s always good to reconnect with your old clients.

The other good thing about registering your domain name using the .com.au or the new .au domains is it identifies you as an Australian business and if you have a web page it will help you rank higher in web searches.

So I would urge you to think about registering a domain for your business, rob@robthetradie.com.au or rob@robthetradie.au look so much better than robthetradie@outlook.com

If you would like to discuss your options we are happy to sit down with you and look at how we can help, our aim is to help you be the best business you can be.

I was chatting to a friend, and they were talking about how their email password for work had to be changed every 28 days and this was causing some of their colleague’s issues as they were shift workers and sometimes their shift pattern may mean they did not work for up to a two week period. The two issues were they may have forgotten the password because they had to change it so often or because they had been away for so long they were not able to reset the password when they logged in as there was a small window to do this and so had to contact IT support for a password change (sounded like a long call and wait)
Whilst I understand that some businesses like to have users change passwords on a regular basis and conform to a set of paraments like minimum length, a combination of upper case and lower case letters, numbers, symbols, and not repeating the last number of passwords used I wonder if this is the best path to take.

Having worked in this sort of environment you get used to people needing password resets as they cannot remember the last password after a weekend (must have been a good one). This in turn reduces productivity. It also encourages people to write their passwords down, often in the back of their desk diary or on sticky notes on their desk, where is the security there, I can remember having to look at a user’s PC and not knowing the password but being able to access by just checking around their desk or even under their keyboard in some cases.

For several years now, the big players in the market have been recommending that we create secure strong passwords for each account and not change them unless we think that they have been compromised.

The reason for this is they have recognized that users suffer from password fatigue, changing your password every 28 or even 60 days becomes an issue when you have to conform to rules like no repeat of the last six passwords, minimum of eight characters, etc.

So, if you make passwords strong, increase the time period between changes, or better still do not require the password to be changed unless it is believed to be compromised, add multi-factor authentication to the account, encourage people to use unique passwords for each website or service, using a password manager can help with this.

So what would I recommend?

A password of 12 characters long but longer is better

A mix of uppercase letters, lowercase letters, numbers, and symbols

Different from your other passwords

Something easy to remember whilst still being difficult for someone else to guess, a good way is to use a memorable phrase but adapt to suit the password requirements like “M4ryH4daL!ttleLam8”

Remember an eight-character password in lower case will be broken by a computer instantly, add an upper case and a number and it takes 1 hour, make it then characters and add a symbol and it will take 5 years

Makes you think !

So, you know when you have been working on that file and you go save and put it in your company folders on a server or storage drive and it takes the first line of text as the file name….

Then later you go back and look for that file or try to move it and you get some sort of error, something to do with file path or length!!!

Well, here is an explanation of what is happening from our Mr. Whiffin:

Hi Bob,

I have mentioned this in the past but most likely not directly to yourself.  Windows and many devices do have a limitation to the number of characters in filenames/paths.  Just in case anyone doesn’t understand what a path is, it is referring to the location that a particular file is in.  Let’s say for example that you have a file inside of the documents folder called “Word Document 1.docx” on your local workstation and your windows username is just “user”.  The filename in this case is called “Word Document 1.docx” and is only 20 characters but the file path is referring to the entire location of this file which in this example would be “C:\Users\User\Documents\Word Document 1.docx” and the length of this is 44 characters.

The reason that you are experiencing the error above is because of the length of folder/file names that are being used by staff initially on the NAS.  For example, if someone decides to make a folder under live projects, business name, followed by an address for example this path is going to reach this limit very quickly.  Then when a new word document is created to save into this folder, word has this habit of choosing its own name based off the first sentence of the document and people just accept it.  For example, say I am the customer at The Computer Workshop Group and I’m wanting to save a document under our address in your live projects where the document starts with “Hi David, the guys can start working on your job in one months’ time and the cost is going to be X amount of dollars.  If you need further information about this, please let us know.”  In this example if I am to use the default filename that word generates the full path here will be “S:\Live Projects\The Computer Workshop Group\361 Bayswater Road, Garbutt\Hi David, the guys can start working on your job in one months’ time and the cost is going to be X amount of dollars.docx” and the path length is 194 characters.

If you’re experiencing these issues then the solution is that folder paths, filenames need to be reduced or abbreviated.  Unfortunately, there is no easy workaround to this and it’s just something that everyone needs to be aware of.  It’s most likely that there are many folders that are nested deep within each other and likely long folder names.

Hope this makes sense.  You should be able to resolve the problem by renaming some of the folders/files beneath the file you were trying to open but WARNING be careful what folders you are renaming because if you went and renamed the Live Projects folder to just LP for example then everything inside of this folder needs to be uploaded to OneDrive again which is a huge amount of data and also if someone tries to open a file from their recently opened files or shortcuts from their desktop to the NAS they will be trying to access the old folder name.

Just try to understand the above and then maybe give us a call before you change anything.

Kind Regards,

David Whiffin | Senior Technician

Hope this helps if not please feel free to give us a call