Archive for September 2018

Protecting your Privacy Online

Protecting your Privacy Online

Maintaining your privacy while using the internet has become more challenging over the years. The recent Facebook privacy scandal made that abundantly clear, with users shocked at how much information had been recorded about them. While it’s almost impossible to enjoy the internet and leave zero digital footprints, there are things you can do to hide your online activities – some more effective than others.

1. Get a virtual private network (VPN)

A fancy name that means that an encrypted connection is created between your computer and the VPN company, so that when you visit a website, the website can only see the VPN company computer – not yours. VPNs aren’t just for business and downloaders now, they’ve gone mainstream and are even advertised on national TV (such as NordVPN advertisments).

The other computer could be in another city or another country, which is why some people use VPN’s to watch movies and programs that you do not get in the UK, as you can get extra content in other countries and can access that extra content if the VPN computer is in that country (although this is usually frowned upon by providers such as Netflix who actively try to block it).

You essentially run around the internet pretending to be another computer in another location. Since your connection is encrypted, even your broadband company can’t see what you’re doing online, making your usage anonymous.

The downsides: Because your internet usage has to route through another computer first, your browsing and download speed could be affected. Some (not all) can be tricky to set up and not all VPNs offer the same privacy levels (the better ones tend to be more expensive). Some websites may even block visits from people using VPNs, so you may end up switching it on/off as required.

2. Go Incognito, InPrivate or Private Window

Most browsers have a private browsing mode, each called something different. For example, Google Chrome calls it ‘incognito’, Microsoft calls it ‘InPrivate’ and Firefox calls it ‘Private Window’. Before you take the name at face value, it’s a good idea to talk about how they define ‘private’.

Unlike a VPN where you can dance around the internet anonymously, private browsing simply means it won’t show up in your browser history, or what you entered into forms. This feature is free, so you always have the option to use it, and it’s actually more helpful than you might think. Common uses include price shopping to reset sale timers, access local-only pricing and overriding usage limits on certain sites.

Some sites use cookies to control your free trials and private browsing can help you get around that.

While private browsing can help keep your internet usage under wraps, it’s not a magic bullet to cover all possibilities. Many people believe they’re invisible AND invulnerable while private browsing, a mistake they end up paying for.

The downsides: It can’t pre-fill saved passwords and it won’t help you type in the website name even if you’ve been there before.

3. Always think about who’s watching

While you might be naturally careful when using a public computer, have you thought about who’s watching what you do on your work computer? Some workplaces have employee monitoring software that tracks all sorts of data, including taking screenshots of your desktop. It helps them create rules about computer usage but it may also provide them with evidence you’ve been breaking those rules.

Stepping out to the internet cafe can be even more risky, as people can install keyloggers that record every keystroke, including your credit card numbers and logins. You’ll never know your activities are being recorded, even if you use private browsing.

The downsides: Being aware of who may be watching? None.

Awareness of the risks and the possibility of being watched ensures you’re more likely to use the internet safely.

Whatever you choose to do to protect your privacy, you’ll still need solid anti-virus and password habits to protect against threat, and to be a smart internet user who avoids suspect websites. Consider the options above as privacy-enhancing measures, not one-stop solutions.

Need help with your online privacy? Give us a call on 01455 209505.

How to Securely Dispose of Old Computers

How to Securely Dispose of Old Computers

Getting a computer can be exciting, but what happens to the old ones? Depending on the age, some people sell them, others throw them out. That’s the easy part – the problem is the sensitive data on them. There are passwords, account numbers, license keys, customer details, medical information, tax returns, browser history…. the works.

Whether it’s for home use or business use, laptops, tablets or desktop hard drives contain a treasure trove of sensitive information that cybercriminals would love to get their hands on. Unfortunately, hitting ‘delete’ on your files doesn’t actually make them disappear, nor does waving a strong magnet over the drive. These mistakes have cost businesses millions over the years.

Why hitting ‘delete’ doesn’t help

Data on a hard drive works like a book with an index page. Every time data is written, it pops a quick entry into the index so that when you need it again, it knows where to look. The index is used for files you create as well as system files you can’t even see. Sensible, right?

Except that if you delete a file it isn’t physically deleted – it’s more like changing the index to say that nothing is on page 10 and you can write something else there when you’re ready. But if you ignore the index and manually go to page 10, you’ll find that the information is still there – the file exists until it has been written over.

The only thing that is deleted is the index reference, not the file itself.

Re-using the computer

Most people are unaware that specialized data cleanup is necessary if the computer is to be reused.

A 2016 experiment proved just how dangerous the situation can be when 200 used ex-business hard drives were purchased and 67% held unwiped, unencrypted sensitive data, including sales projection spreadsheets, CRM records, and product inventories. Frighteningly, they didn’t need any special hacking skills to get this data, it was all right there and helpfully labelled.

It’s also not surprising that with simple data recovery tools, people have also been able to access British NHS medical records and defence data, all waiting patiently on a discarded hard drive.

Wiping data before re-use or selling

Data on a hard drive can only be securely deleted if the area on the drive that contains the data, has been overwritten enough. There are specialist tools available to ‘deep-read’ a drive, so the success of overwriting a drive depends on how effectively it has been overwritten.

For example the US Defence Department requires a drive to be overwritten a number of times, including using random characters, (not just ones and zeros as some programs use) before they class the drive as securely wiped.

There are software tools you can get to do it yourself, as well as dedicated security firms, but your best option is to choose an IT business you know and trust as some software does not clear the hard drive sufficiently. With that in mind, a methodical approach is required to ensure not a single drive is left untreated as you don’t want to leave data behind, or even clues that a motivated person could extrapolate any private information from.

We can migrate any needed data, backup the information then securely wipe or destroy the hard drives for you.

Data when disposing of a computer

When we supply new computers to homes or businesses, we copy the data from the old computer and transfer it into the new one, so things like documents, photos, even internet browser favourites are in the same place on the new machine, ready to use. But the old hard drive is still there, containing all the private data that you don’t want to allow into the wrong hands, so what is the best thing to do?

We give the customer a choice. We hand the customer the old hard drive so that they can either keep the drive securely at home, or at their business – not only can they be sure that the information is still secure but this has the added benefit of having a backup copy available, should it be needed.

Alternatively, they can simply destroy the drive and the rest of the old computer can just go for recycling. Computers need to be recycled as they contain metals such as lead, mercury and cadmium which is not intended for landfill or incineration. Also there are metals (including rare and precious metals) which can be recovered.

You don’t even need special equipment to destroy it, either smash the drive or use some other method of physically destroying it, such as drilling – just be very careful! If the drive is a mechanical one with spinning platters, once damaged beyond repair it is highly likely that no-one could get to your data.

Whether you are passing on, selling or just throwing away your old computer, always bear in mind that the hard drive inside it contains important and sensitive data, so you do need to make a decision about what to do with the drive.

Need help with your old hard drives? Give us a call on 01455 209505.

How to Avoid Email Overload

How to Avoid Email Overload

Email has allowed us to send and receive messages more easily than ever before. While this is a good thing, it can also lead to problems. We regularly see people that receive dozens or even hundreds of emails in a day. At this point, it can feel like you’re wasting your entire day dealing with those incoming messages.

Even worse, it makes it difficult to find important messages in your Inbox. You can quickly become overloaded with emails, especially as it is estimated that over 70% of global email is actually ‘Spam’ emails.

So how can we deal with this overload? The first step is to reduce the number of emails you receive overall and then do what few people do – manage what you keep in your Inbox! There are a few ways to do this.

Don’t just delete Spam emails – mark them as Spam first.

We have found that most people just delete spam emails when they receive them, which is the wrong thing to do, as you need to mark them as spam to get them rerouted or blocked altogether. If you don’t, emails from that address will just keep on coming.

Whether you are using an email program or just getting your email through a web browser, if you get a spam email, mark it as spam. That way your email program will automatically put it straight into your ‘Junk’ email folder and your email company will do the same if you are using an internet browser.

Restrict who you give your email address to.

Many people have at least two email addresses – one for everyday use for family and friends and one that they use just for giving to companies that they do business with. For instance, it can be useful to give a separate email address when buying things, such as at shops or online, because that way your personal (or business) email address doesn’t get so cluttered with commercial emails trying to sell you something.

Don’t forget that many companies also sell on your email address to their ‘selected partners’ that you have never dealt with before, so you may get even more emails from companies you have never even heard of.

It’s important to think carefully about who you give your email address to. For example, if you enter a lot of contests, this often automatically subscribes you to several email campaigns. If you type your email into every popup box asking for it, these add up. Reduce who you give your email to.

Unsubscribe

Go through your Inbox and unsubscribe to newsletters that you never read. If you haven’t opened one of their emails in months, chances are that you’re probably not going to start to any time soon. Similarly, if you are getting emails that you are not interested in any more, unsubscribe – it should only take seconds to do.

Turn off notifications from social networks such as Facebook, Twitter, and Pinterest – if you like emails from these networks, then at least adjust the settings so they email you highlights once a week or month rather than allowing them to spam your Inbox several times per day.

Do you need that notification?

If you receive emails that contain information that you can find elsewhere, switch those notifications off. For instance, you might run an e-commerce website that sends an email for every sale. If your website already has a record of this, you don’t need it in two places.

Make sure not to use your email as a to-do list. When you need to remember to do something, put that on a list elsewhere such as an online calendar, to help clear up your Inbox. If this is a hard habit to break, at least make a folder for things you need to do and move emails there and out of your general Inbox.

Change your email habits

Change your own email sending habits. If a topic is complex and will require a lot of back and forth conversation, consider discussing it in person or over the phone. Sending fewer emails will reduce how many you receive in return. Remember that you don’t need to respond to every email you receive. A response indicates a willingness to continue to conversation.

Resist the urge to send messages with a single word like “Thanks!” or “Ok” and you’ll notice others will stop sending you similar, unnecessary messages. When sending group emails, you can also remind others not to use “reply all” unless it’s information relevant to the entire group.

Start clearing emails out

This is the big one, that everyone just keeps putting off!

Start emptying out your Inbox and getting rid of any old emails you don’t need to keep. Using the word “need” is deliberate – you have to be selective about the emails that you keep. Delete old calendar invites, advertisements, or any emails where the problem has already been resolved. Respond to any messages that can be answered within only a few minutes.

Archive messages where you can so they are not clogging up your main Inbox – you can search and find these later if necessary – this has an added bonus because it can actually speed up Outlook if your archive folder is not open all the time. Put other emails into folders based on the type of email and the priority level.

From now on, all of this can be automated. You can have receipts automatically go into a receipt folder, calendar invites go into another, etc. A cluttered inbox can lead to your mind feeling just as cluttered so free up your Inbox to create more time for yourself. Let email overload become something of the past.

If you need help with your emails, give us a call on 01455 209505.

Why You Need 2-Factor Authentication

Why you need 2-Factor Authentication

You hear about hacks all the time, whether its major websites who have had data leaks containing email and passwords, or computers getting infected and login details for bank accounts and credit cards being obtained. In the worst cases, identity theft occurs because it is an easy crime to commit with a high reward.

Why Passwords are Not Enough Anymore

In 2018, the passwords you used to trust to keep the bad guys out of your accounts, are simply not enough anymore. Cyber attackers now use methods such as ‘phishing’ (pretending to be trustworthy), ‘pharming’ (redirecting to a fake website), and keylogging (monitoring keyboard strokes) to steal your password. Some have the power to test billions of password combinations.

If you’re like the majority of people, you use the same password for several websites. That means anybody who has figured out that password has access to everything you’ve logged into with it. In a time when it is extremely easy to look up what a person named their first pet or high school mascot thanks to social media, such security questions aren’t much help.

Consider how a jewellery store operates. They don’t simply keep their valuables locked away with one key. There are alarms ready to be triggered, motion detectors, and sometimes even bars on the windows. Your data is valuable, just like jewellery. You need more than one line of defence to protect it.

What is 2-Factor Authentication?

In the computer world, your second line of defence after your username and password combination is called “2-factor authentication.” 2-factor authentication is a way to double check a person’s identity by sending a text or email code to confirm that the person logging in, is the genuine person. No code – no login.

It is sometimes referred to as ‘multiple-step’ or ‘multi-factor’ verification, depending on the company using it.

This can be enabled every time a person logs in or just under certain circumstances. For example, signing in from a new device or different country might trigger 2-factor authentication.

Many of the services you may already use, such as Facebook, Gmail, and more, have 2-factor authentication options already. If your bank has ever sent you a special code through text or email to enter before logging in, you’ve already used a type of 2-factor authentication. They can also be in the form of a smartphone app or a physical electronic dongle.

2-factor authentication is absolutely crucial for online banking, email, and online shopping such as Amazon or PayPal. It’s also a must-have for cloud storage accounts (like Dropbox or Sync), password managers, communications apps, and productivity apps. This is especially true if you frequently use the same passwords for different websites and apps.

When should I use it?

Clearly, as much as possible. Some may consider 2-factor authentication unnecessary for social networks, but these are actually very important to keep safe. For ease, a lot of websites and apps allow you to sign up through your Facebook or Twitter account so you need to keep these networks safe, so that somebody with your password can’t suddenly get into every account you have linked.

The point of using 2-factor authentication is to make hackers’ lives harder and prevent them from getting into your accounts. If they have captured your login username and password, they still need a second device to get in, especially when the computer or phone they are using has never logged into your account before. This makes it significantly more difficult for anybody to breach your account.

Plus, if you receive a notification with a special code to enter for logging in, and you weren’t trying to log into that account, you have a good signal that somebody else was trying to get in. That means it’s time to change that password and be grateful you had 2-factor authentication.

It’s unfortunate that there is currently an abundance of skilled hackers ready to take advantage of those unprepared. Luckily, you can still stop them -even if they have your login information at hand. 2-factor authentication is one of the easiest methods to keep your accounts safe.

If you want help in securing your accounts, give us a call on 01455 209505.