The Risk of Abandoned Domain names

One of the first things we all do is business owners is ponder our business name and what our domain name will be.

As our business evolves, sometimes we upgrade our business name, and our website. However, before you abandon your old website there are a few things that you need to know.

When you set up your Web presence, you select a domain name, and it’s part of all your URLs (FYI: URL stands for uniform resource locator).

For example, you are an accountant who specialises in small businesses in Whangarei, so you pick the domain name beancounter.co.nz for your business. Your emails come from Chiefbeancounter@beancounter.co.nz. From there you start building web traffic for your thriving accountancy firm.

You may even think ahead and purchase some similar domain names such as beancounter.com, or some similar names to redirect traffic and avoid losing customers to misspellings or typos.

The domain name is the basis of your business and is the foundation from where you grow. As you build the business, you may expand to new offerings and provide additional services that are beyond the scope of what you started with. For example, maybe you now also offer business counsulting so you need a more generic and umbrella type of term.

Before you abandon your old domain name  – WAIT!

Why domain names get abandoned:

  • If you have multiple domains, that can be a lot of small renewals to track and pay. Along the way, a domain renewal can easily get overlooked. So, the domain name is abandoned.
  • Domain names can also get abandoned as a result of a business rebranding or company restructuring.
  • You may decide a domain is no longer worth continued renewals.

The security risk of abandoning a domain name:

 After you stop paying for your domain name and after a certain grace period, anyone can buy that abandoned domain name.

Whilst on the face of it that doesn’t sound that bad, I mean you’ve moved on from just being a bean counter and you want to expand. You didn’t want that old domain anymore…right?

Heres the problem, you just don’t know who might snatch up your old online calling card. Bad actors buy up abandoned domain names and re-register them with catch-all emails.

What’s a catch-all email? Well, remember Cheifbeancounter@beancounter.co.nz? That was you. But maybe you also had distinct emails for accounts, sales, support, office, Mary and James. All of these were going through Beancounter.co.nz.  If someone emails someone at the previous domain owner’s business, it goes instead to the new owner. Having seized control of your old site, they gain access to all incoming emails, and they could see information you don’t want them to see.

The bad actor could also access online services once used by mary@beancounter.co.nz. All they would need to do is reset the password to hijack that account.

Security researchers have seen criminals claim abandoned domains to:

  • access confidential email correspondence;
  • access personal information of former clients and current or former employees;
  • hijack personal user accounts (e.g. LinkedIn, Facebook, etc.) linked to old domain e-mail addresses.

What to do with domain names:

Especially if you use a domain name for email, don’t let the renewal expire. We didn’t even mention pirates who look for business websites that have lapsed so they can charge exorbitant ransoms to return that domain.

When you move to a new domain address, communicate the change with all your clients and vendors. Close any cloud-based user accounts registered with the old domain email address. Also, unsubscribe from email notifications that might share sensitive data.

What to do next:

Not sure about your domain name registrations, renewals, and what’s set to expire? We can help you with this. We will make sure you don’t abandon domain names, and ensure you close any associated accounts properly to protect your security. Contact our team here.

Top IT Tips for 2022

Top IT Tips for 2022

A New Year is a definitely a chance to kick things off the way you mean to go on.

For Northland businesses, we have compiled some key IT tips that can help your business to thrive.

#1. The Remote mobile working office is here to stay:

If Covid has taught us all one thing, it is the need for flexibility around how we work. Agility is fast becoming one of the key differentiators of a business’s success. Creating easy ways for your team to communicate by enabling an all-in-one solution for communication, collaboration, will ensure that you stay connected and productive.

#2. Security, security, security!

We know we say it all the time, but Cyber threats aren’t going anywhere. Keep the focus on security in 2022, as every business, no matter the size is at risk. Don’t risk losing time and money to a data breach or ransomware, instead talk to your IT company about the following:

  • Getting a cybersecurity audit done.
  • Securing all email.
  • Have notifications for remote workers to know when they are connecting to unsafe networks.
  • Put a disaster recovery plan in place.
  • Ensure backups of all data are secure.
  • Implement a password management system.
  • Prohibit third-party apps on work devices.

#3. Make sure I.T is in the 2022 budget

In this era, I.T is an area where you don’t want to be taking shortcuts. Budgeting for your I.T is a wise move to ensure that you have continuously upgraded internet access, software and hardware upgrades as required. Unreliable internet service can cause downtime that has a run on effect with productivity, and can even lose your business valuable clients. Skimping on your I.T budget can lead to much bigger costs further down the road.

#4. Safe and Professional Email addresses

This might sound basic, but if you haven’t already shifted to a professional email, 2022 is the time to do this. Using a gmail account or similar doesn’t make a professional first impression, and more importantly is a security risk. We can easily help you to upgrade to reliable business-grade emails. Our team at @Computer can easily help you to navigate this.

#5. Audit your Equipment

Taking time to do an audit of your current technology, and how it is performing can identify any potential problems and streamline processes. There are still some supply issues with computer hardware, so make sure you are aware of what your business is likely to need in 2022, including any new employees, plus upgraded equipment, so you can plan ahead. If you can give us as much notice as possible, we can make sure that we do our best to source what you require.

#6. Partner up with a managed service provider

Now is also a good time to hire a managed service provider. Partnering with an IT professional helps you make good technology decisions that can ultimately save you a lot of money. Getting advice from industry experts who understand the increasingly complex world of technology, security, and optimizing IT resources is an investment that ends up being a lot more economical then having the ambulance at the bottom of the hill.

Don’t worry if all of this feels overwhelming, our team at @Computer can offer you many options to help you have a stress free year with IT in 2022. If you would like further information, please feel free to contact us here.

Cyber Insurance – Do you need it?

Cyber Security is a very real threat to businesses in New Zealand these days. Here we look at Cyber Insurance, what it is, what the laws are, and why you need it.

Why do you need Cyber Insurance?

Cyber attacks on businesses in Northland are increasing in both sophistication and frequency.

High profile companies like Air New Zealand partner Travelex, Fisher & Paykel Appliances, Toll Group, Garmin, Canon, Honda, BlueScope Steel, Lion, transport giant Toll Group, Twitter, MetService and most recently even the NZX, are just some of the organisations to have been targeted by cyber criminals.

However it is not just the big companies, many small businesses here in Northland are also being targeted.

It really is a matter of ‘when not if’.

What is Cyber insurance?

Cyber insurance is designed to fill the gap that traditional insurance policies don’t cover, minimising the impact of cyber incidents by providing cover for your own loss and third party costs. It provides your business with a structured crisis response plan and assists with returning to ‘business as usual’.

Won’t my general liability policy cover cyber liability?

General liability insurance covers bodily injuries and property damage resulting from your products, services or operations. Cyber insurance is often excluded from a general liability policy.

It pays to check your current policies and ask questions. You may find that your other business cover won’t respond to a cyber or data breach claim.

The law has changed:

The new Privacy Act 2020 which came into effect on 1 December 2020 means that all businesses now have legal requirements surrounding

The new Act requires mandatory data breach reporting if it’s reasonable to believe that the breach would cause serious harm to an individual. For example: If you’re engaging with a service provider to hold your clients’ personal data, for example a cloud-based CRM system, you remain responsible for the security and use of that personal information. If a Cyber breach were to occur, you would be held liable.

What does Cyber Insurance cover?

Ensuring business continuity and safeguarding your business from Business Interruption will enable you to return to the same financial position you were in before a Cyber event.

  • The benefits of Cyber Insurance will depend on the type of policy you take out but can include:
  • Access to a dedicated and experienced team of experts if an attack occurs
  • Protection from loss where you are legally liable to others
  • Cover for your financial loss if your business is interrupted due to a Cyber event.

Things to look out for in your Cyber Insurance policy:

  • Business Interruption: Look for a policy that covers the costs of any business interruption as you can lose time and money trying to get your business back up and running after a cyber attack.
  • Hacker Theft Cover: A plan that covers compensation for loss incurred, including theft or destruction of stored data, hardware, or cyber extortion from employees.
  • Restoration costs: Compensation for expenses incurred to research, replace, restore, or recollect digital assets during the period of restoration.
  • Public Relations: Reimbursement for any costs involved with public relations.
  • Network Extortion: Indemnity for the amount paid to avoid, defend, preclude or resolve a network extortion attempt
  • Data Forensic Expenses: Costs incurred to investigate, examine and analyse a computer network
  • Third-Party Liability: Indemnity for the sums claimed and incurred defending claims in relation to alleged privacy breaches, network security wrongful acts or media and social media wrongful acts.

What is the likely cost of Cyber Insurance?

Like most insurance, premiums vary by insurer, the type of cover selected and your risk profile. As an estimate a policy with $100,000 cover could cost as little as $600 per annum.

All businesses need a security plan to protect their business and they should consider a Cyber Insurance policy as an essential part of this plan.

What else can you do in the war against Cybercrime?

There are basic things that you can do to ensure good Cyber security. In this recent blog we share some top tips for your company.

Top tips to avoid cyber security threats:

CERT NZ has a number of useful and practical resources for businesses on keeping systems and data safe from cyber security attacks, including cyber security risk assessments for business, cyber security awareness for staff, phishing scams and your business and protecting your business online.

CERT NZ offers the following tips for simple, practical steps for businesses:

1. Install software updates

2. Implement two-factor authentication (2FA)

3. Back up your data

4. Set up logs

5. Create a plan for when things go wrong

6. Update your default credentials

7. Choose the right cloud services for your business

8. Only collect the data you really need

9. Secure your devices

10. Secure your network

11. Manually check financial details

For more info and links click here:

So in Summary….

Cyber Security is a very real issue facing business owners these days. If you would like to discuss your individual needs, we provide security assessments to ensure that your business has the best protection.

Please feel free to reach out to us at reception@computer.co.nz

Upgrading to improve productivity & Security:

It’s hard to know where to start when prioritising the upgrade of hardware. Here are the top things we see that businesses could upgrade to improve productivity and add security.

Upgrading those ‘old school’ phones

First, let’s start with those traditional landline phones. Sure, they’ve done their job well for decades, but switching to Voice over Internet Protocol (VoIP) has many advantages. Don’t overlook the benefits of:

  • streamlining voice and data services to save on bills and long distance;
  • employees using VoIP communications wherever they have access to an internet connection;
  • accessing features such as call waiting, screening, recording, auto attendant, and voicemail transcription;
  • gaining greater flexibility to scale up and down as needed so you don’t need to pay for phone lines you don’t need;
  • integrating calls with customer relationship management software for better data insights.

Saving, Sharing, and Revising Documents

Next up, those filing cabinets. For one, they may be an eyesore, plus, they’re taking up valuable real estate in your space. Today, many printers allow you to scan many pages at once and easily scan documents into content management software.

Moving to online document management also opens you up to many productivity gains. The software often supports optical character recognition (OCR), which makes scanned content searchable. Plus, the documents are available online, where and when employees need them. This is helpful in remote or hybrid work setups, but it also helps ensure you have a backup of critical documents if disaster strikes.

If you’re still filing documents in cabinets, you may have paper-based processes, too. Forms and folders get passed around for different people to sign off at various stages. This makes it easy for workflow to bottleneck or, worse, for documentation to get lost in the physical shuffle from place to place.

In a step up from this, a business might at least move documents around via email attachments. Everyone gets a chance to see the document and make comments. Then, some poor soul takes all responses and correlates them for the next round of revisions.

Replace these old-school approaches with online business tools built to enable collaboration. Microsoft 365, for example, allows people to work on documents at the same time. There are no more worries about version control, and everyone can track the file’s progress.

Enabling Remote/Hybrid Work

Cloud-based collaboration software not only helps with document exchange. Microsoft 365 also allows users to communicate efficiently via the Teams channels. They can also start video meetings, share screens, and co-work on files and PowerPoints. Plus, integrating Outlook contacts and calendars helps efficiency and scheduling.

All this helps support employees working remotely or coming into the office only some of the time. With online documents and databases, everyone can get work done without coming on-site. Plus, VoIP business calls forward directly to phones or laptops for seamless communication.

Put Away the Post-its, Too

One last thing we’d love to see people replace in their offices? Those Post-its with handwritten passwords stuck to the bottom of computer monitors or oh-so-stealthily under the paperclip organizer in their top desk drawers.

We all have many passwords, and we understand the impulse to write them down, but a safer strategy is to use a password manager. A password manager stores, generates, and manages passwords in an encrypted database. A password management solution – such as Keeper, LastPass, or LogMeOnce – is more cyber secure than that sticky notes.

Feel free to reach out here to discuss any questions you may have about your individual business needs.

Written by Gill Brown

Cyber Security: Expect the best – prepare for the worst!

Cyber Security – “It will never happen to me!”

“Expect the best –  prepare for the worst”

Paul* runs a medium sized business in Northland.  He honestly never thought that he would be the victim of a cyber-attack. After huge expense, and lost productivity, he now speaks to anyone that he can about the importance of sorting out cyber security.

“I just wish that I had taken the time to get it sorted, as it’s so simple and yet it had such an impact on our business, costing us money in lost productivity”

Whilst we don’t want to scare anyone, cyber security is a huge concern for our clients right across Northland. Here are some recent statistics:

The weekly average number of ransomware attacks detected in June of 2021 was more than 149,000. A year prior, it was only 14,000 – making an increase of 966%!

(Source: Fortinet’s FortiGuard Labs 1H 2021 Global Threat Landscape Report)

Most companies now recognise the urgency around sorting out cyber security, however, these are still some common objections that we hear:

Top Four Reasons New Zealand businesses don’t sort out their Cyber Security:

  1. It’s just not a priority.
  2. It will never happen to me, as it only happens to large overseas companies.  
  3. It costs too much money.
  4. I don’t know where to start.

#1. It’s not a priority:

“It’s just not a priority for me right now, and I don’t have time to deal with all of that!”

Believe us when we say, we hear this often from Northland companies. We totally get it. You are doing a thousand things, time is precious, and cyber security just feels like another overwhelming ‘thing’ to take care of.

Many of our clients have felt the same way. What they have found however, is that the time it requires to be on the front foot and take care of security is far less time than it takes to sort out issues caused by attacks.

In fact, we often hear from clients who wish that their I.T provider had warned them, nagged them, and actually made them sort it out!

By the time they have had an attack, they come to us with days, weeks, and even months of lost productivity, plus the costs of having to sort the issues out.

“There was this horrible moment when I realized there was absolutely nothing I could do”

Amy Pascal, the former co-chairman of Sony Pictures on the cyber-attack on the studio that revealed her private emails.

#2. It will never happen to me:

“I’m putting my head in the sand and covering my ears singing lalalalala.  Cyber security attacks only happen to big companies – and definitely not here in little old New Zealand.”

We all want to think the best about life, and positivity is wonderful. But sometimes it is best to ‘expect the best, but prepare for the worst’. 

We know you are a great person, you work hard, and you live in New Zealand. However, Cyber-attacks do not discern where you live, what industry you work in, or how nice a person you are.

Cyber-attacks prey on those that are overly trusting, can’t be bothered, and think that it will never happen to them.

“If you spend more on coffee than on IT security, you will be hacked. What’s more, you deserve to be hacked.”

Richard Clarke – White House Cybersecurity Advisor 1992-2003

#3. It costs too much money:

“Sorting out my security costs too much”

Let’s break this down a little. What are the actual costs of a Cyber-Security attack?

  • In the UK, the average cost of all the cyber security breaches these businesses have experienced in the past 12 months is estimated to be £8,460.
  • For medium and large firms combined, this average cost is higher, at £13,400
  • 35% of businesses report being negatively impacted because they require new post-breach measures, have staff time diverted or suffer wider business disruption.

(DCMS Cyber Security Breaches Survey 2021).

Plus, there are the other costs like:

  • Loss of reputation
  • Loss of productivity – meaning clients may have to go elsewhere for a while until you get sorted out. They may not come back.
  • Loss of good faith and trust in your company especially if you are involved in confidential information.

The cost of taking the most prudent and essential steps might be a lot less than you think. By getting a couple of things done, many businesses could significantly increase their level of safety.

#4. I don’t know where to start…

“I’m confused, overwhelmed and have no idea where to start!”

We hear this often from clients and we absolutely understand how overwhelming it can all feel.

Here at the ITA, we have years of experience of looking after cyber security for many different companies, across varying sectors. 

The first step is for us to make a time to sit down with you for a complimentary chat, specific to your business.

This is a great starting point in order for you to get an overview.

Once we’ve discussed your individual needs, we can devise a plan together, working out what your priorities are specific to your business, any legal requirements surrounding security, and a budget and time-frame to instigate this plan.

Too easy!

Contact us here to make a time to have a complimentary chat about your own security requirements.

(*Name changed for confidentiality)

Feel free to reach out here to discuss any questions you may have about your individual business needs.

Written by I.T Alliance

Cyber Security – The Risks and what you can do…

Ransomware threats are on the rise globally, and Cyber Security is the buzzword, even here in Whangarei, and Northland.

Not only is there a very real threat present for businesses large or small, it is also now your responsibility to ensure that you have clear protocols and guidelines around data and cyber security. 

It is no longer a question of IF you need to sort out your security, it is a question of WHEN. 

Cyber Security is a team sport

Just like the All Blacks don’t get a try because of one player, Cyber Security is a team effort. That means that the whole team needs to know the game plan, needs to understand the role they play, and what they need to do to help you win at Cyber Security. 

How to train your team:

Here are some ways to increase ownership of Cyber Security across the whole company, and help everyone to come on board with fighting against potential hackers. 

  • Create an IT policy handbook for your company and discuss this as part of the hiring process. This will allow for accountability to be set up front. 
  • Run regular training programs on security. 
  • Regularly remind employees to update and upgrade technology. 
  • Monitor applications downloaded onto work devices. 
  • Have a clear policy for people bringing in their own devices.
  • Train your employees to recognize phishing emails and other scam.
  • Add multi-factor authentication to remote access.
  • Help them understand the risks associated with using unsecured wireless networks or unencrypted devices.
  • Limit Access: Configure credentials so that employees can access only what’s needed to do their job. One employee may need to read certain files but have no need to edit them. 
  • Encourage staff to only collect the data that is really required. 
  • Remind everyone to be very careful about sharing sensitive data.
  • Manually check financial details

Let’s start with the House-Keeping

Whilst some of these things may seem very obvious, the threat to our security can sometimes be closer to home than we expect.  Maybe it’s not the anonymous Russian cyber-criminal that you need to worry about, but Sam the office gossip, who can’t help having a peek at the boss’s computer after hours. 

Remember if anyone can get into your computer, and your computer is linked to the network, they can potentially access files on another computer, and access sensitive information and emails. 

Internal Physical Security Check:

  1. Do you take precautions and make sure that you lock the office door?
  2. Does your computer have a screen-saver that automatically comes on when you jump up for your fifth coffee of the day?
  3. Does your computer have a password? If so, is it complex and known only to you? Note: Using your dog’s name, when you talk about your dog all the time, might not be the best idea. 
  4. Is your drive encrypted?

External Security:

  • Are you using 2FA (Two factor authentication): 2FA is a fantastic way to ensure that it is much more difficult for people to access your data. 
  • LastPass: This is a great centralized tool to manage your passwords. Teach your staff about the importance of strong passwords, and changing them regularly. 
  • Backup your data: Make sure you have your data backed up both in the cloud or on an external server. 
  • Password protected files: This creates an additional layer of security both internally and externally. 
  • Safe-Links: Safe-links check every attachment that comes to your computer and download it in a sandbox to ensure it is safe before it comes to your computer. 
  • Install regular software updates.
  • Update your default credentials 
  • Use firewalls and email filtering
  • Is the WIFI secure? Or can anyone driving past easily jump on to your company’s Wi-Fi?

Have your Plan B sorted:

Whilst nothing is foolproof at the moment, limiting your risks will ensure that you also limit downtime and help you to get your system functioning again as quickly as possible.

Reach out and contact us here about what is required for your company, and what is the best way to create backups. Using different storage types and having at least one off-site is often advantageous. 

Whilst Cyber-Security can feel overwhelming, we here at @Computer can help you to formulate a plan, create a checklist of what is required first, and help you to win the battle against cyber threats. 

Feel free to reach out here to discuss any questions you may have about your individual business needs.

Written by I.T Alliance

Remote support – What are the benefits?

At @Computers we know how our Northland businesses rely on speedy support. We offer our customers  remote support which includes: updates, maintenance and a complete managed service to ensure minimum disruption to your work.

If you’ve ever had a sudden computer problem, you know it can be very stressful. So much of our day-to-day life requires having access to a working computer. Read more about how one click on a phishing email can cause all sorts of disruption to your business.

Benefits of Remote Support

#1. Speed

If remote repair is a possibility, our team at @Computer can connect via the Internet and have you operational in no time. You might also choose to just leave it turned on in the morning and go to work as normal, while the tech logs in to conduct the repair, ready for your return. Without this option, you’d need to juggle time in your diary to drop the system off as most in-store techs only work 9-5.

#2. Convenience

You get to skip the unpleasant tasks of unplugging the PC, untangling the cables and carting it into the repair store. Even then, once repaired, you’d still be privileged with carrying it back home and playing a game of which-plug-goes-where?

Computers may be getting smaller, but they’re still heavy and fiddly! Laptops are designed to be moved around often and it may not be a problem to stop at the repair store, but traveling with a desktop PC requires a little more effort and a lot more inconvenience.

Negatives of Remote Support:

#1. Limited Repair Options

A remote connection can only repair certain software problems, not hardware problems. It’s impossible for the technician to swap out a failed part remotely, and unless you’re confident in your own repair skills, guided physical repair isn’t viable either.

Occasionally the problem will also be outside the computer, perhaps a troublesome peripheral or connection. Your technician may be able to walk you through correcting some of these minor problems yourself, but most invariably require a physical call-out or taking your computer in-store.

#2. Connection speed

A slow or unstable connection will make a remote repair take longer and increase the difficulty of the task. The extended time impacts the cost for the call, and in extreme cases, can negate any benefits of skipping the physical inspection. Your connection needs to allow the technician to see real-time responses as if they were sitting there in person.

#3. Accessibility

If your computer won’t start or can’t connect to the Internet at all, your technician can’t log in. This includes seeing a ‘blue screen of death’, boot failure and Windows load failure. As much as they’d like to help you, being able to log in to your system is a vital step in the remote repair process.

The winner is….Remote Support!

Remote support and repair is the ideal situation, purely for speed and convenience. As a bonus, in the event the remote repair is unsuccessful, it also means your tech now has a better idea of the problem and can speed up any on-site or in-store repairs.  Remote support is the best option for many repairs and gets your computer working again with minimal disruption and lowest cost.

To find out more about how we can support your Northland business, plus any other IT issues please call us or email us here to book a 1:1 free, no obligation appointment.